Hi,

I trying to tcpdump or monitor, if you prefered,  one interface on my J2320 version 9.1 butI do not see any traffic.

I'm currently configuring the snmp on my J2320 but it doesn't work

So I began to sniff .... 

I do not see any traffic.

I wondered if I correctly configured my traffic monitor, so I've tryed to sniff a ping. No more result....

I do not understand why cause I was sniffing traffic going to the J2320.

does any one have an answer ... an idear ?

regards

Saruhand

Hi,

Do You see any differences between sniffing on the whole interface and just the specific unit?

I mean, assuming You want to sniff the 10th unit of ge-0/0/0 interface, do both commands bring the same effect?:

>   monitor traffic interface ge-0/0/0 no-resolve

>   monitor traffic interface ge-0/0/0.10 no-resolve

 I added the 'no-resolve' option to eliminate any DNS issues.

Thanks,

Have a nice day,

G.

no, I do both but I do not see any traffic comming to the Jseries.

regards

I have the same issue.

I have e1 interface (frame-relay encapsulation) faced to the Internet.

When I'm trying to ping it's address with standard ping command (from FreeBSD box) then I see no ICMP traffic in monitor traffic interface output. But when I'm tracing it's address with mtr or ping -R command then I see incoming ICMP packets.

It seems that "monitor traffic interface" command does not match ICMP echo requests without record route flag set.

Monitor traffic would only show traffic to and from the RE side of the router. That means you would see ARP, routing protocols, etc. But ICMP echos and echo replies actually stay within the PFE side of the router. So you would not see that in monitor traffic. If you want to see transit traffic then you should instead use packet-capture. This is documented in the JUNOS for J-Series Administration Guide.

-Richard

Thanks, packet capturing works for me on E1-interfaces. But what's about VLAN-subinterfaces? I've tried to configure packet capture as follows:

minotaur@cr1-igo.ki# show forwarding-options
packet-capture {
    file filename pcap files 10 size 2k world-readable;
}

[edit]
minotaur@cr1-igo.ki# show interfaces ge-0/0/0 unit 150
vlan-id 150;
family inet {
    sampling {
        input;
        output;
    }
    address 10.2.0.1/24;
}

 It does not work. How to see traffic on VLAN-subinterfaces? Thanks.

The packet capture feature on J-series is not currently supported on Gigabit Ethernet interfaces.

Regards,

Ben

Packet capture is supported on GE interfaces on J-Series. Rather than using sampling input output configuration on family inet, try instead to use firewall filters with action of sample and apply that to the interface instead. That is also discussed in the documentation for packet captures.

-Richard