flow session and aging

Owned by Jean-luc KRIKER
Last updated: Oct 30, 2020
2 min read






show security flow session summary

summary
jcluser@vSRX1> show security flow session summary
Unicast-sessions: 1
Multicast-sessions: 0
Failed-sessions: 0
Sessions-in-use: 1
  Valid sessions: 1
  Pending sessions: 0
  Invalidated sessions: 0
  Sessions in other states: 0
Maximum-sessions: 524288

show security flow session

show sec flow session
[edit security flow aging]
root# run show security flow session
Session ID: 639, Policy name: self-traffic-policy/1, Timeout: 1800, Valid
In: 192.168.70.1/58084 --> 192.168.70.21/22;tcp, If: ge-0/0/2.0, Pkts: 625, Bytes: 40076
Out: 192.168.70.21/22 --> 192.168.70.1/58084;tcp, If: .local..0, Pkts: 375, Bytes: 35161

Session ID: 640, Policy name: self-traffic-policy/1, Timeout: 1256, Valid
In: 192.168.70.1/58086 --> 192.168.70.21/22;tcp, If: ge-0/0/2.0, Pkts: 20, Bytes: 2412
Out: 192.168.70.21/22 --> 192.168.70.1/58086;tcp, If: .local..0, Pkts: 18, Bytes: 4369
Total sessions: 2



jcluser@vSRX1> show security flow session
Session ID: 7, Policy name: default-permit/4, Timeout: 1622, Valid
  In: 10.100.12.2/55497 --> 10.100.11.2/22;tcp, Conn Tag: 0x0, If: ge-0/0/1.0, Pkts: 37, Bytes: 4701,
  Out: 10.100.11.2/22 --> 10.100.12.2/55497;tcp, Conn Tag: 0x0, If: ge-0/0/0.0, Pkts: 33, Bytes: 5041,
Total sessions: 1

show security flow session

extensive
jcluser@vSRX1> show security flow session extensive
Session ID: 7, Status: Normal
Flags: 0x40/0x0/0x0/0x8003
Policy name: default-permit/4
Source NAT pool: Null, Application: junos-ssh/22
Dynamic application: junos:UNKNOWN,
Encryption:  Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 1800, Current timeout: 1766
Session State: Valid
Start time: 7383, Duration: 1719
   In: 10.100.12.2/55497 --> 10.100.11.2/22;tcp,
  Conn Tag: 0x0, Interface: ge-0/0/1.0,
    Session token: 0x7, Flag: 0x1021
    Route: 0xd0010, Gateway: 10.100.12.2, Tunnel: 0
    Port sequence: 0, FIN sequence: 0,
    FIN state: 0,
    Pkts: 35, Bytes: 4553
   Out: 10.100.11.2/22 --> 10.100.12.2/55497;tcp,
  Conn Tag: 0x0, Interface: ge-0/0/0.0,
    Session token: 0x7, Flag: 0x1020
    Route: 0xb0010, Gateway: 10.100.11.2, Tunnel: 0
    Port sequence: 0, FIN sequence: 0,
    FIN state: 0,
    Pkts: 32, Bytes: 4953
Total sessions: 1