Security

last person joined: 8 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  "monitor traffic" command is not working as espected on my MX960.

    Posted 08-17-2013 15:37

    Hi guys , as tittle says.

    Can not perform packet filtering on my MX960.

    I need to check for an especific packet going through my router so im trying with "monitor traffic" command, getting the following result:

     

    On management interface fxp0:

    Works great, I can see real time traffic and also apply filter rules like my old tcpdump.

     

    On my production interfaces ge or xe (1 and 10 gbps interfaces):

    Filter rules don't match anything ... not even a simple icmp packet.

    When use "monitor traffic" command, without any filter rule (to see all the packets), there is almost zero packets ... even when I know the traffic on the interface is 800mbps.

     

     

    Was wondering if I need to enable something on those interfaces ?

    Any comment would be great, thanks.

    Leo.

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     



  • 2.  RE: "monitor traffic" command is not working as espected on my MX960.
    Best Answer

    Posted 08-22-2013 21:58

    Hi,

     

    From my experience, the "monitor traffic" CLI command can only sniff the packets from/to your RE, so your interfaces most likely have almost 100% transit traffic (Forwarding Plane only) which won't get sniffed by the command.

     

    To check this you might want to run rapid ping through the interface (with your RE's address as source) while running the commands