Difference between revisions of "Capturing packets on juniper switches"
(Created page with "<yambe:breadcrumb self="Capturing packets on juniper switches">Switch configuration notes|Switch configuration notes</yambe:breadcrumb> =Capturing packets on juniper switches=...") |
m |
||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[Switch configuration notes]] > [[Capturing packets on juniper switches]] | |||
'''Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs. If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods'''. For complete capture including switched/routed traffic refer [[Analyzing traffic on juniper switches]] | '''Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs. If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods'''. For complete capture including switched/routed traffic refer [[Analyzing traffic on juniper switches]] | ||
Line 22: | Line 21: | ||
[[Main Page|Home]] > [[Switch configuration notes]] > [[Capturing packets on juniper switches]] |
Latest revision as of 02:46, 28 March 2022
Home > Switch configuration notes > Capturing packets on juniper switches
Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs. If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods. For complete capture including switched/routed traffic refer Analyzing traffic on juniper switches
To capture packets on juniper switches there are two options:
- tcpdump
- For this we need to start shell using 'start shell sh' followed by root access using 'su -' to be able to run tcpdump. tcpdump options and syntax are exactly same as the Linux tcpdump command. See https://kb.juniper.net/InfoCenter/index?page=content&id=KB23313
- monitor traffic
- Using this we can capture traffic received / sent from interface. This has options similar to tcpdump but for this we dont need to go to shell and get root access. See https://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=73549 for example on how to use monitor traffic interface command.
There are also mentions of options such as 'set forwarding-options packet-capture' at documentation at https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/analyze-network-traffic-by-using-packet-capture.html
However while working with a few switches we could not get any packet-capture within forwarding-options. Also trying
set interface <interface-name-1> unit 0 family inet sampling input output
followed by 'commit check' led to many error messages.
Home > Switch configuration notes > Capturing packets on juniper switches