 |
Note: To verify established sessions, make sure to enter the show security flow session command while the ping command is sending and receiving packets. |
Verify if, in this example configuration, sessions are established when traffic is transmitted to interfaces within the Intranet.
To verify if selective stateless packet-based services are working, you check if Intranet traffic bypasses flow-based forwarding and no sessions are established. To verify if sessions are established, you perform the following tasks:
|
Note: To verify established sessions, make sure to enter the show security flow session command while the ping command is sending and receiving packets. |
user@R0> ping 10.2.1.2PING 10.2.1.2 (10.2.1.2): 56 data bytes 64 bytes from 10.2.1.2: icmp_seq=0 ttl=63 time=2.208 ms 64 bytes from 10.2.1.2: icmp_seq=1 ttl=63 time=2.568 ms 64 bytes from 10.2.1.2: icmp_seq=2 ttl=63 time=2.573 ms 64 bytes from 10.2.1.2: icmp_seq=3 ttl=63 time=2.310 ms 64 bytes from 10.2.1.2: icmp_seq=4 ttl=63 time=1.566 ms 64 bytes from 10.2.1.2: icmp_seq=5 ttl=63 time=1.569 ms ...
user@R1>show security flow session0 sessions displayed
The output shows traffic transmitting from R0 to R3 and no sessions are established. In this example, you applied the bypass-flow-filter with the packet-mode action modifier on interfaces Internal 1 and Internal 2 for your company’s Intranet traffic. This output verifies that the traffic between the two interfaces is correctly bypassing flow-based forwarding and hence no sessions are established.
For more information about the show security flow session command, see the JUNOS Software CLI Reference.
For information about the ping command, see the JUNOS Software Administration Guide or the JUNOS System Basics Configuration Guide.