Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Current »




what to trace?
configuration
config
[edit security flow]
Netbox@SRX300-1-RL102# show
traceoptions {
    file selfpolicy size 1m;
    flag session;
    packet-filter term1 {
        source-prefix 192.168.200.1/32;
        destination-prefix 192.168.200.2/32;
    }
    packet-filter term2 {
        source-prefix 192.168.200.2/32;
        destination-prefix 192.168.200.1/32;
    }
}


set security flow traceoptions file selfpolicy
set security flow traceoptions file size 1m
set security flow traceoptions flag basic-datapath
set security flow traceoptions packet-filter term1 source-prefix 192.168.200.1/32
set security flow traceoptions packet-filter term1 destination-prefix 192.168.200.2/32
set security flow traceoptions packet-filter term2 source-prefix 192.168.200.2/32
set security flow traceoptions packet-filter term2 destination-prefix 192.168.200.1/32
flag options
flag option
Netbox@SRX300-1-RL102# set traceoptions flag ?
Possible completions:
  all                  All events
  basic-datapath       Basic packet flow
  fragmentation        Ip fragmentation and reassembly events
  high-availability    Flow high-availability information
  host-traffic         Flow host-traffic information
  multicast            Multicast flow information
  route                Route lookup information
  session              Session creation and deletion events
  session-scan         Session scan information
  tcp-basic            TCP packet flow
  tunnel               Tunnel information
show log
show log
[edit security flow]
Netbox@SRX300-1-RL102# run show log selfpolicy
Jul 30 11:59:14 SRX300-1-RL102 clear-log[81116]: logfile cleared
Jul 30 11:59:24 11:59:24.681252:CID-0:RT:refresh nat 0x93bb4b0(9742) timeout to 75

Jul 30 11:59:24 11:59:24.693169:CID-0:RT:set nat 0x93bb4b0(9742) timeout const to 1

Jul 30 11:59:24 11:59:24.693169:CID-0:RT: set_nat_timeout 1 on session 9742

Jul 30 11:59:24 11:59:24.693169:CID-0:RT:refresh nat 0x93bb4b0(9742) timeout to 1

Jul 30 11:59:24 11:59:24.693169:CID-0:RT:refresh nat 0x93bb4b0(9742) timeout to 75

Jul 30 11:59:24 11:59:24.693169:CID-0:RT:skipping refresh for non refreshable session 0x93bb4b0(9742)

Jul 30 11:59:27 11:59:26.958128:CID-0:RT:Installing pending sess (19976) in ager

Jul 30 11:59:27 11:59:26.958128:CID-0:RT:First path alloc and instl pending session, natp=0x99826d0, id=19976

Jul 30 11:59:27 11:59:26.958128:CID-0:RT:updating pending sess (19976) in ager

Jul 30 11:59:27 11:59:26.958128:CID-0:RT:first path session installation succeeded


  • No labels