JUNOS tracing and logging operations allow you to track events that occur in the router—both normal router operations and error conditions—and to track the packets that are generated by or passed through the router.
The results of tracing and logging operations are placed in files in the /var/log directory on the router.
Logging operations use a system logging mechanism similar to the UNIX syslogd
Primary syslog file is /var/log/messages
Most daemons also write to individual log files
You configure additional logs at the operations by using the syslog statement at the [edit system] hierarchy level
When you configure system logging, you can direct messages to one or more destinations by including the appropriate statement at the [edit system syslog] hierarchy level:
- To a named file in a local file system, by including the file statement.
- To the terminal session of one or more specific users (or all users) when they are logged in to the routing platform, by including the user statement.
- To the routing platform console, by including the console statement.
- To a remote machine that is running the syslogd utility or to the other Routing Engine on the routing platform, by including the host statement.
Each system log message belongs to a facility, which is a group of messages that are either generated by the same software process or concern a similar condition or activity (such as authentication attempts).
- To log the messages belonging to one or more facilities to a particular destination, specify each facility name as a separate statement within the set of statements for the destination
JUNOS TRACING OPTIONS:
Tracing operations record more detailed messages about the operation of routing protocols, such as the various types of routing protocol packets sent and received, and routing policy actions.
You configure tracing operations using the traceoptions statement.
set traceoptions file filename
- files (default 10)
- size (default 128k)
- world-readable
set traceoptions flag
- What do you want to look at?
- Various options
monitor start filename
- like Unix tail –f
- multiple people can view log files at same time
Example:
[edit]
doug@PBR# edit protocols bgp
[edit protocols bgp]
doug@PBR# set traceoptions file bgp.log
[edit protocols bgp]
doug@PBR# set traceoptions flag ?
all Trace everything
aspath
damping
General Trace general events
keepalive
Normal Trace normal events
open Trace BGP open packets
Packets Trace all BGP protocol packets
Issue real time commands
monitor interface <interface>
monitor traffic interface
May need to set terminal type
set cli terminal vt100
TCPdump - easy to envoke.....
doug@PBR> monitor traffic interface e1-0/0/0.0 no-resolve
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Listening on e1-0/0/0.0, capture size 96 bytes
03:03:58.025661 Out IP 10.12.0.1 > 224.0.0.13: 10.12.0.1 > 224.0.0.13:PIMv2, Hello (0), length: 34
03:03:58.237360 In IS-IS, p2p IIH, src-id 1921.6800.1223, length 58
03:03:58.269134 Out LCP, Echo-Request (0x09), id 197, length 10
03:03:58.270687 In LCP, Echo-Reply (0x0a), id 197, length 10
03:03:59.089303 Out IP 10.12.0.1.646 > 224.0.0.2.646: LDP, Label-Space-ID: 192.168.1.222:0, pdu-length: 38
03:03:59.555743 Out IP 10.12.0.1 > 224.0.0.1: igmp query v2
doug@PBR> start shell
% su
root@PBR% tcpdump -ni e1-0/0/0.0
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Listening on e1-0/0/0.0, capture size 96 bytes
03:06:47.943726 In IP 10.12.0.2 > 224.0.0.13: 10.12.0.2 > 224.0.0.13:PIMv2, Hello (0), length: 34
03:06:48.563343 In LCP, Echo-Request (0x09), id 168, length 10
03:06:48.563388 Out LCP, Echo-Reply (0x0a), id 168, length 10
03:06:49.603895 In IP 10.12.0.2.646 > 224.0.0.2.646: LDP, Label-Space-ID: 192.168.1.223:0, pdu-length: 38
03:06:50.200510 Out IS-IS, p2p IIH, src-id 1921.6800.1222, length 58
hopefully this help you to use traceoption/logging operations for your need...
thanks
Raheel Anwar