SRX

last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  traffic capture bug?

    Posted 03-26-2015 06:58

    Hi

     

    I issue the "monitor interface reth3" command and I see the counters incease (both in and out) when I ping the interface IP from the internet.

     

    Then I use "monitor traffic interface reth3 no-resolve" but I do NOT see my packets, why not?



  • 2.  RE: traffic capture bug?

     
    Posted 03-26-2015 08:52
    Hi,
    Monitor traffic interface command will only show traffic destined to routing engine,like routing protocols ospf, bgp etc.
    ICMP is handled by PFE/Dataplane on srx and thats why its not displayed under monitor traffic command.


  • 3.  RE: traffic capture bug?

    Posted 03-27-2015 05:07

    Hi

     

    On a Cisco ASA it is possible to capture packets at an interface before any processing, is this not possible with Juniper devices?



  • 4.  RE: traffic capture bug?
    Best Answer

     
    Posted 03-27-2015 05:24

    We can do that using packet-capturing option on branch srx devices and datapath debug on high end srx devices.

    Below KBs explains the configuration.

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB11709

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB21563