Does anybody have an idea why i get massive discards between a SRX 300 and a HP (1910, 1810) switch ?
I have the same setup on multiple locations and on all these locations the same issue occurs.
When a port on the SRX is directly connected to for example a Vmware hypervisor there ar no discards at all
Packet Forwarding Engine hardware discard statistics:
Timeout : 0
Truncated key : 0
Bits to test : 0
Data error : 0
Stack underflow : 0
Stack overflow : 0
Normal discard : 36055623
Extended discard : 0
Invalid interface : 0
Info cell drops : 0
Fabric drops : 0
Few expamples of traffic that will be logged as discards are:- packets destined to IP that SRX doesn't know how to route (including multicast)
- packets destined to IP that SRX have static route with discard action
- packets matching firewall filter with discard action- packets with TTL=1- pecket destined to martian IP address (show route martians)
Do you have any firewall filter configured with action discard?
Also, check if you have a static route with discard?
Check the KB here: https://kb.juniper.net/InfoCenter/index?page=content&id=KB9262
I usually see these with policiers. This will give you the name of any configured policier with hits.
Or with firewall filters as mentioned above: