Difference between revisions of "Capturing packets on juniper switches"

From Notes_Wiki
(Created page with "<yambe:breadcrumb self="Capturing packets on juniper switches">Switch configuration notes|Switch configuration notes</yambe:breadcrumb> =Capturing packets on juniper switches=...")
 
m
 
Line 1: Line 1:
<yambe:breadcrumb self="Capturing packets on juniper switches">Switch configuration notes|Switch configuration notes</yambe:breadcrumb>
[[Main Page|Home]] > [[Switch configuration notes]] > [[Capturing packets on juniper switches]]
=Capturing packets on juniper switches=


'''Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs.  If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods'''.  For complete capture including switched/routed traffic refer [[Analyzing traffic on juniper switches]]
'''Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs.  If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods'''.  For complete capture including switched/routed traffic refer [[Analyzing traffic on juniper switches]]
Line 22: Line 21:




<yambe:breadcrumb self="Capturing packets on juniper switches">Switch configuration notes|Switch configuration notes</yambe:breadcrumb>
[[Main Page|Home]] > [[Switch configuration notes]] > [[Capturing packets on juniper switches]]

Latest revision as of 02:46, 28 March 2022

Home > Switch configuration notes > Capturing packets on juniper switches

Note that below mentioned options only capture packets sent / to from Juniper switch interface IPs. If a packet is traversing (switched / routed) via the switch without being explictly addressed to switch, then such traffic is not captured via below methods. For complete capture including switched/routed traffic refer Analyzing traffic on juniper switches


To capture packets on juniper switches there are two options:

tcpdump
For this we need to start shell using 'start shell sh' followed by root access using 'su -' to be able to run tcpdump. tcpdump options and syntax are exactly same as the Linux tcpdump command. See https://kb.juniper.net/InfoCenter/index?page=content&id=KB23313
monitor traffic
Using this we can capture traffic received / sent from interface. This has options similar to tcpdump but for this we dont need to go to shell and get root access. See https://community.juniper.net/communities/community-home/digestviewer/viewthread?MID=73549 for example on how to use monitor traffic interface command.


There are also mentions of options such as 'set forwarding-options packet-capture' at documentation at https://www.juniper.net/documentation/us/en/software/junos/network-mgmt/topics/topic-map/analyze-network-traffic-by-using-packet-capture.html

However while working with a few switches we could not get any packet-capture within forwarding-options. Also trying

set interface <interface-name-1> unit 0 family inet sampling input output

followed by 'commit check' led to many error messages.



Home > Switch configuration notes > Capturing packets on juniper switches