SRX

last person joined: 16 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  traceoptions or logging for jdhcp

    Posted 11-27-2015 14:35

    Short story: I have SRX220, getting IP from ISP with DHCP. Software 12.1X46-D35.1. I would like to log IP addresses (and timestamp) what I get from ISP for WAN address.

     

    system {
    }
    services {
        ssh;
        dhcp-local-server {
            group DHCP {
                interface vlan.0;
            }
        }
    }
interfaces {
    ge-0/0/0 {
        unit 0 {
            family inet {
                dhcp-client {
                    update-server;
                }
            }
        }
    }

    Where are the traceoptions? If I put them under system services dhcp, commit will fail with

     Incompatible with 'system services dhcp-local-server group'
[edit interfaces ge-0/0/0 unit 0 family inet]
  'dhcp-client'

     



  • 2.  RE: traceoptions or logging for jdhcp
    Best Answer

    Posted 11-27-2015 21:19

    I think this is what you are looking for :

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB26900&actp=search

     

    set system processes dhcp-service traceoptions file JDHCPDEBUG
set system processes dhcp-service traceoptions file size 20m
set system processes dhcp-service traceoptions file files 5
set system processes dhcp-service traceoptions flag all

     

    Though I would review the flag used in the debug and go with the minimum required.



  • 3.  RE: traceoptions or logging for jdhcp

    Posted 11-29-2015 13:54

    Thank you elkadiki, tried different levels (not all) but couldn't hit the correct level yet. So I made match condition for the file:

     

    set system processes dhcp-service traceoptions file jdhcp-client-ge0
set system processes dhcp-service traceoptions file size 2m
set system processes dhcp-service traceoptions file files 5
set system processes dhcp-service traceoptions file match "Added new IFA: ifa name ge-0/0/0"
set system processes dhcp-service traceoptions flag all

    Seems to provide quite clean log:

     

    Nov 29 23:48:32 jdhcpd_ifam_handler: Added new IFA: ifa name ge-0/0/0, family INET, sub 0, addr 91.157.xxx.xxx
Nov 29 23:49:10 jdhcpd_ifam_handler: Added new IFA: ifa name ge-0/0/0, family INET, sub 0, addr 91.157.xxx.xxx


  • 4.  RE: traceoptions or logging for jdhcp

    Posted 12-03-2015 18:14

    That is the best way to do it, even with Syslog that is how I filter the types of messages I require ( only way actually ) . I read this and thought you might be interested in it if you have a syslog server for your network devices :

     

    http://www.saidvandeklundert.nl/juniper-syslog-logging.php

     

    To quote :

     

     

    Remote logging for traceoptions.

     

    One last thing I wanted to go over is the fact that you can send traceoptions towards your syslog server as well. The configuration knob for this cannot be found in the [system syslog ] stanza, it's hidden elsewhere. The following configuration command will transfer output from all activated traces to your syslog server:

     

    set system tracing destination-override syslog host 10.0.0.13

     

    This configuration statement has a system-wide effect. As soon as it is applied, all of the output of your currently activated traces will be send towards the syslog server instead of a local file. You can still choose to store some traces locally. You'll have to configure the 'no-remote-trace' to do so. For example, suppose you are logging all traceoptions to a syslog server but you do not want this to happen for the dhcp-relay traceoptions. If that is the case, you have to add the following to those traceoptions;

     

     

    set forwarding-options dhcp-relay traceoptions no-remote-trace