Junos
Reply
Contributor
Minotaur
Posts: 44
Registered: ‎11-11-2008
0

Re: JUNOS 9.0 and Monitoring Traffic

Thanks Richard, packet capture with filters works on GE-interfaces and on VLAN-subinterfaces.

But they don't work for  GRE-interfaces. Now I have following configuration:

 

minotaur@cr1-kur.ki> show configuration interfaces gr-0/0/0 unit 0
description "Tunnel: Sarny";
tunnel {
source 91.200.195.6;
destination 91.211.132.102;
}
family inet {
filter {
input PCAP;
}
address 10.250.0.1/30;
}

minotaur@cr1-kur.ki> show configuration firewall filter PCAP
term capture {
from {
protocol icmp;
}
then {
sample;
accept;
}
}
term DEFAULT {
then accept;
}

 

 minotaur@cr1-kur.ki> show configuration forwarding-options packet-capture
file filename pcap files 3 size 2m world-readable;

 But pcap-files for gr-interface do not appear in /var/tmp directory. Traffic sampling commands on gr-interface also don't work.

 How to debug taffic on gr-interfaces? Thanks.

 

-- Alexander

Distinguished Expert
rkim
Posts: 755
Registered: ‎11-06-2007
0

Re: JUNOS 9.0 and Monitoring Traffic

No, packet captures do not work on GRE interfaces themselves. Packet-captures only work on physical type interfaces. To capture GRE traffic you would perform packet-capture on whatever physical interface terminates the GRE tunnel. Since GRE traffic is not normally encrypted you would be able to see the encapsulated packet within the GRE packet.

 

-Richard

Contributor
Minotaur
Posts: 44
Registered: ‎11-11-2008

Re: JUNOS 9.0 and Monitoring Traffic

Thanks, all issues with traffic monitoring and capturing became much more clear for me.

I wish to add short notice about tunnel interfaces to those who want just to monitor traffic, not to capture.  Filter can be modified to log matched packet to syslog and then to accept it:

 

minotaur@cr1-kur.ki> show configuration firewall filter Monitor-ICMP term Monitor { from { protocol icmp; } then { syslog; accept; } } term DEFAULT { then accept; }

 


 

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.