Difference between revisions of "How to perform firewall flow filter debugging"
From Tech-Wiki
(Created page with "Category:Juniper Networks The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten. The buffer size is configur...") |
|||
Line 1: | Line 1: | ||
[[Category:Juniper Networks]] | [[Category:Juniper Networks]] | ||
− | The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten. The buffer size is configurable. To change the size, use the following commands: | + | The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten.<br />The buffer size is configurable.<br /> |
+ | To change the size, use the following commands: | ||
set db size 4096 | set db size 4096 | ||
set console dbuf | set console dbuf |
Revision as of 05:54, 7 March 2012
The debug buffer is a circular buffer, once the buffer has reached the size limit, the oldest data will be overwritten.
The buffer size is configurable.
To change the size, use the following commands:
set db size 4096 set console dbuf clear db
To set-up the flow filter:
get ffilter set ffilter src-ip / dst-ip ... (see the CLI-help for more ffilter options) (same row = AND, more rows = OR) debug flow basic
Reproduce the issue. The timestamp resolution of the output is in tenths of a second. Stop the ffilter and then display the output with the following commands:
undebug all get dbuf stream or get dbuf stream > tftp <host> <name-of-file>