Related Documentation
Understanding Data Path Debugging for SRX Series Devices
With the data path debugging feature, you can trace and debug (capture packets) at different data points along the processing path. The events available in the packet-processing path are: NP ingress, load-balancing thread (LBT), jexec, packet-ordering thread (POT), and NP egress. You can also enable flow module trace if the security flow trace flag for a certain module is set.
At each event, you can specify any of the four actions (count, packet dump, packet summary, and trace). Data path debugging provides filters to define what packets to capture, and only the matched packets are traced. The packet filter can filter out packets based on logical interface, protocol, source IP address prefix, source port, destination IP address prefix, and destination port.
To enable end-to-end debugging, you must perform the following steps:
- Define the capture file and specify the maximum capture size.
- Define the packet filter to trace only a certain type of traffic based on the requirement.
- Define the action profile specifying the location on the processing path from where to capture the packets (for example, LBT or NP ingress).
- Enable the data path debugging.
- Capture traffic.
- Disable data path debugging.
- View or analyze the report.
 | Note: The packet-filtering behavior for the port and interface options is as follows:
|
