[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Using CLI Diagnostic Commands

Because the CLI is a superset of the J-Web interface, you can perform certain tasks only through the CLI. For an overview of the CLI operational mode commands, along with instructions for filtering command output, see CLI Diagnostic Commands Overview.

This section contains the following topics:

Pinging Hosts from the CLI

Use the CLI ping command to verify that a host can be reached over the network. This command is useful for diagnosing host and network connectivity problems. The device sends a series of ICMP echo (ping) requests to a specified host and receives ICMP echo responses.

Alternatively, you can use the J-Web interface. (See Using the J-Web Ping Host Tool.)

Enter the ping command with the following syntax. Table 204 describes the ping command options.

user@host> ping host <interface source-interface> <bypass-routing> <count number> <do-not-fragment> <inet | inet6> <interval seconds> <loose-source [hosts]> <no-resolve> <pattern string> <rapid> <record-route> <routing-instance routing-instance-name> <size bytes> <source source-address> <strict> <strict-source [hosts]> <tos number> <ttl number> <wait seconds> <detail> <verbose>

To quit the ping command, press Ctrl-C.

Table 204: CLI ping Command Options

Option	Description
host	Pings the hostname or IP address you specify.
interface source-interface	(Optional) Sends the ping requests on the interface you specify. If you do not include this option, ping requests are sent on all interfaces.
bypass-routing	(Optional) Bypasses the routing tables and sends the ping requests only to hosts on directly attached interfaces. If the host is not on a directly attached interface, an error message is returned. Use this option to ping a local system through an interface that has no route through it.
countnumber	(Optional) Limits the number of ping requests to send. Specify a count from 1 through 2,000,000,000. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.
do-not-fragment	(Optional) Sets the Don't Fragment (DF) bit in the IP header of the ping request packet.
inet	(Optional) Forces the ping requests to an IPv4 destination.
inet6	(Optional) Forces the ping requests to an IPv6 destination.
interval seconds	(Optional) Sets the interval between ping requests, in seconds. Specify an interval from 0.1 through 10,000. The default value is 1 second.
loose-source [hosts]	(Optional) For IPv4, sets the loose source routing option in the IP header of the ping request packet.
no-resolve	(Optional) Suppresses the display of the hostnames of the hops along the path.
pattern string	(Optional) Includes the hexadecimal string you specify, in the ping request packet.
rapid	(Optional) Sends ping requests rapidly. The results are reported in a single message, not in individual messages for each ping request. By default, five ping requests are sent before the results are reported. To change the number of requests, include the count option.
record-route	(Optional) For IPv4, sets the record route option in the IP header of the ping request packet. The path of the ping request packet is recorded within the packet and displayed on the screen.
routing-instance routing-instance-name	(Optional) Uses the routing instance you specify for the ping request.
size bytes	(Optional) Sets the size of the ping request packet. Specify a size from 0 through 65,468. The default value is 56 bytes, which is effectively 64 bytes because 8 bytes of ICMP header data are added to the packet.
source source-address	(Optional) Uses the source address that you specify, in the ping request packet.
strict	(Optional) For IPv4, sets the strict source routing option in the IP header of the ping request packet.
strict-source [hosts]	(Optional) For IPv4, sets the strict source routing option in the IP header of the ping request packet, and uses the list of hosts you specify for routing the packet.
tos number	(Optional) Sets the type-of-service (TOS) value in the IP header of the ping request packet. Specify a value from 0 through 255.
ttl number	(Optional) Sets the time-to-live (TTL) value for the ping request packet. Specify a value from 0 through 255.
wait seconds	(Optional) Sets the maximum time to wait after sending the last ping request packet. If you do not specify this option, the default delay is 10 seconds. If you use this option without the count option, the J Series device uses a default count of 5 packets.
detail	(Optional) Displays the interface on which the ping response was received.
verbose	(Optional) Displays detailed output.

Following is sample output from a ping command:

user@host> ping host3 count 4

PING host3.site.net (176.26.232.111): 56 data bytes 64 bytes from 176.26.232.111: icmp_seq=0 ttl=122 time=0.661 ms 64 bytes from 176.26.232.111: icmp_seq=1 ttl=122 time=0.619 ms 64 bytes from 176.26.232.111: icmp_seq=2 ttl=122 time=0.621 ms 64 bytes from 176.26.232.111: icmp_seq=3 ttl=122 time=0.634 ms  --- host3.site.net ping statistics --- 4 packets transmitted, 4 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.619/0.634/0.661/0.017 ms

The fields in the display are the same as those displayed by the J-Web ping host diagnostic tool. For information, see Ping Host Results and Output Summary.

Checking MPLS Connections from the CLI

Use the ping mpls commands to diagnose the state of LSPs, Layer 2 and Layer 3 VPNs, and Layer 2 circuits. When you issue a command from a J Series device operating as the inbound node at the entry point of an LSP or VPN, the router sends probe packets into the LSP or VPN. Based on how the LSP or VPN outbound node at the remote endpoint of the connection replies to the probes, you can determine the connectivity of the LSP or VPN.

Each probe is an echo request sent to the LSP or VPN exit point as an MPLS packet with a UDP payload. If the outbound node receives the echo request, it checks the contents of the probe and returns a value in the UDP payload of the response packet. If the J Series device receives the response packet, it reports a successful ping response. Responses that take longer than 2 seconds are identified as failed probes.

Alternatively, you can use the J-Web ping MPLS tool. For more information, see Checking MPLS Connections from the J-Web Interface.

Before using ping mpls commands in your network, read Ping MPLS Preparation.

The ping mpls commands diagnose the connectivity of MPLS and VPN networks in the following ways:

Pinging RSVP-Signaled LSPs and LDP-Signaled LSPs

Enter the ping mpls command with the following syntax. Table 205 describes the ping mpls command options.

user@host> ping mpls (ldp fec | lsp-end-point prefix-name | rsvp lsp-name) <exp forwarding-class> <count number> <source source-address> <detail>

To quit the ping mpls command, press Ctrl-C.

Alternatively, you can use the J-Web interface. (See Checking MPLS Connections from the J-Web Interface.)

Table 205: CLI ping mpls ldp and ping mpls lsp-end-point Command Options

Option	Description
ldp fec	Pings an LDP-signaled LSP identified by the forwarding equivalence class (FEC) prefix and length.
lsp-end-point prefix-name	Pings an LSP endpoint using either an LDP FEC or a RSVP LSP endpoint address.
rsvp lsp-name	Pings an RSVP-signaled LSP identified by the specified LSP name.
exp forwarding-class	(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.
countnumber	(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.
source source-address	(Optional) Uses the source address that you specify, in the ping request packet.
detail	(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

Following is sample output from a ping mpls command:

user@host> ping mpls rsvp count 5

!!xxx
--- lsping statistics ---
5 packets transmitted, 2 packets received, 60% packet loss
3 packets received with error status, not counted as received.

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool. For information, see Ping MPLS Results and Output.

Pinging Layer 3 VPNs

Enter the ping mpls l3vpn command with the following syntax. Table 206 describes the ping mpls l3vpn command options.

user@host> ping mpls l3vpn prefix prefix-name  <l3vpn-name> <bottom-label-ttl> <exp forwarding-class> <count number> <source source-address> <detail>

To quit the ping mpls l3vpn command, press Ctrl-C.

Alternatively, you can use the J-Web interface. (See Checking MPLS Connections from the J-Web Interface.)

Table 206: CLI ping mpls l3vpn Command Options

Option	Description
l3vpn prefix prefix-name	Pings the remote host specified by the prefix to verify that the prefix is present in the PE router's VPN routing and forwarding (VRF) table. This option does not test the connectivity between a PE router and a CE router.
l3vpn-name	(Optional) Layer 3 VPN name.
bottom-label-ttl	(Optional) Displays the time-to-live (TTL) value for the bottom label in the MPLS label stack.
exp forwarding-class	(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.
countnumber	(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.
source source-address	(Optional) Uses the source address that you specify, in the ping request packet.
detail	(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

Following is sample output from a ping mpls l3vpn command:

user@host> ping mpls l3vpn vpn1 prefix
                  10.255.245.122/32

!!!!!
--- lsping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool. For information, see Ping MPLS Results and Output.

Pinging Layer 2 VPNs

Enter the ping mpls l2vpn command with the following syntax. Table 207 describes the ping mpls l2vpn command options.

user@host> ping mpls l2vpn interface interface-name | instance l2vpn-instance-name local-site-id local-site-id-number remote-site-id remote-site-id-number <bottom-label-ttl> <exp forwarding-class> <count number> <source source-address> <detail>

To quit the ping mpls l2vpn command, press Ctrl-C.

Alternatively, you can use the J-Web interface. (See Checking MPLS Connections from the J-Web Interface.)

Table 207: CLI ping mpls l2vpn Command Options

Option	Description
l2vpn interface interface-name	Sends ping requests out the specified interface configured for the Layer 2 VPN on the outbound (egress) PE router.
l2vpn instance l2vpn-instance-name local-site-id local-site-id-number remote-site-id remote-site-id-number	Pings on a combination of the Layer 2 VPN routing instance name, the local site identifier, and the remote site identifier, testing the integrity of the Layer 2 VPN circuit (specified by the identifiers) between the inbound (ingress) and outbound PE routers.
bottom-label-ttl	(Optional) Displays the time-to-live (TTL) value for the bottom label in the MPLS label stack.
exp forwarding-class	(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.
countnumber	(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.
source source-address	(Optional) Uses the source address that you specify, in the ping request packet.
detail	(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

Following is sample output from a ping mpls l2vpn command:

user@host> ping mpls l2vpn instance
                  vpn1 remote-site-id 1 local-site-id 2 detail

Request for seq 1, to interface 68, labels <800001, 100176>
Reply for seq 1, return code: Egress-ok
Request for seq 2, to interface 68, labels <800001, 100176>
Reply for seq 2, return code: Egress-ok
Request for seq 3, to interface 68, labels <800001, 100176>
Reply for seq 3, return code: Egress-ok
Request for seq 4, to interface 68, labels <800001, 100176>
Reply for seq 4, return code: Egress-ok
Request for seq 5, to interface 68, labels <800001, 100176>
Reply for seq 5, return code: Egress-ok

--- lsping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool. For information, see Ping MPLS Results and Output.

Pinging Layer 2 Circuits

Enter the ping mpls l2circuit command with the following syntax. Table 208 describes the ping mpls l2circuit command options.

user@host> ping mpls l2circuit (interface interface-name | virtual-circuit neighbor prefix-name virtual-circuit-id) <exp forwarding-class> <count number> <source source-address> <detail>

To quit the ping mpls l2circuit command, press Ctrl-C.

Alternatively, you can use the J-Web interface. (See Checking MPLS Connections from the J-Web Interface.)

Table 208: CLI ping mpls l2circuit Command Options

Option	Description
l2circuit interface interface-name	Sends ping requests out the specified interface configured for the Layer 2 circuit on the outbound PE router.
l2circuit virtual-circuit neighbor prefix-name virtual-circuit-id	Pings on a combination of the IPv4 prefix and the virtual circuit identifier on the outbound PE router, testing the integrity of the Layer 2 circuit between the inbound and outbound PE routers.
exp forwarding-class	(Optional) Specifies the value of the forwarding class to be used in the MPLS ping packets.
countnumber	(Optional) Limits the number of ping requests to send. Specify a count from 0 through 1,000,000. The default value is 5. If you do not specify a count, ping requests are continuously sent until you press Ctrl-C.
source source-address	(Optional) Uses the source address that you specify, in the ping request packet.
detail	(Optional) Displays detailed output about the echo requests sent and received. Detailed output includes the MPLS labels used for each request and the return codes for each request.

Following is sample output from a ping mpls l2circuit command:

user@host> ping mpls l2circuit interface
                  fe-1/0/0.0

Request for seq 1, to interface 69, labels <100000, 100208>
Reply for seq 1, return code: Egress-ok, time: 0.439 ms

The fields in the display are the same as those displayed by the J-Web ping MPLS diagnostic tool. For information, see Ping MPLS Results and Output.

Tracing Unicast Routes from the CLI

Use the CLI traceroute command to display a list of routers between the device and a specified destination host. This command is useful for diagnosing a point of failure in the path from the device to the destination host, and addressing network traffic latency and throughput problems.

The device generates the list of routers by sending a series of ICMP traceroute packets in which the time-to-live (TTL) value in the messages sent to each successive router is incremented by 1. (The TTL value of the first traceroute packet is set to 1.) In this manner, each router along the path to the destination host replies with a Time Exceeded packet from which the source IP address can be obtained.

Alternatively, you can use the J-Web interface. (See Tracing Unicast Routes from the J-Web Interface .)

The traceroute monitor command combines ping and traceroute functionality to display real-time monitoring information about each router between the J Series device and a specified destination host.

This section contains the following topics. For more information about traceroute commands, see the JUNOS System Basics and Services Command Reference.

Using the traceroute Command

To display a list of routers between the device and a specified destination host, enter the traceroute command with the following syntax. Table 209 describes the traceroute command options.

user@host> traceroute host <interface interface-name> <as-number-lookup> <bypass-routing> <gateway address> <inet | inet6> <no-resolve> <routing-instance routing-instance-name> <source source-address> <tos number> <ttl number> <wait seconds>

To quit the traceroute command, press Ctrl-C.

Table 209: CLI traceroute Command Options

Option	Description
host	Sends traceroute packets to the hostname or IP address you specify.
interface interface-name	(Optional) Sends the traceroute packets on the interface you specify. If you do not include this option, traceroute packets are sent on all interfaces.
as-number-lookup	(Optional) Displays the autonomous system (AS) number of each intermediate hop between the device and the destination host.
bypass-routing	(Optional) Bypasses the routing tables and sends the traceroute packets only to hosts on directly attached interfaces. If the host is not on a directly attached interface, an error message is returned. Use this option to display a route to a local system through an interface that has no route through it.
gateway address	(Optional) Uses the gateway you specify to route through.
inet	(Optional) Forces the traceroute packets to an IPv4 destination.
inet6	(Optional) Forces the traceroute packets to an IPv6 destination.
no-resolve	(Optional) Suppresses the display of the hostnames of the hops along the path.
routing-instance routing-instance-name	(Optional) Uses the routing instance you specify for the traceroute.
source address	(Optional) Uses the source address that you specify, in the traceroute packet.
tos number	(Optional) Sets the type-of-service (TOS) value in the IP header of the traceroute packet. Specify a value from 0 through 255.
ttl number	(Optional) Sets the time-to-live (TTL) value for the traceroute packet. Specify a hop count from 0 through 128.
wait seconds	(Optional) Sets the maximum time to wait for a response.

Following is sample output from a traceroute command:

user@host> traceroute host2

traceroute to 173.24.232.66 (172.24.230.41), 30 hops max, 40 byte packets  1  173.18.42.253 (173.18.42.253)  0.482 ms  0.346 ms  0.318 ms  2  host4.site1.net (173.18.253.5)  0.401 ms  0.435 ms  0.359 ms  3  host5.site1.net (173.18.253.5)  0.401 ms  0.360 ms  0.357 ms  4  173.24.232.65 (173.24.232.65)  0.420 ms  0.456 ms  0.378 ms  5  173.24.232.66 (173.24.232.66)  0.830 ms  0.779 ms  0.834 ms

The fields in the display are the same as those displayed by the J-Web traceroute diagnostic tool. For information, see Traceroute Results and Output Summary.

Using the traceroute monitor Command

To display real-time monitoring information about each router between the J Series device and a specified destination host, enter the traceroute monitor command with the following syntax. Table 210 describes the traceroute monitor command options.

user@host> traceroute monitor host <count number> <inet | inet6> <interval seconds> <no-resolve> <size bytes><source source-address> <summary>

To quit the traceroute monitor command, press Q.

Table 210: CLI traceroute monitor Command Options

Option	Description
host	Sends traceroute packets to the hostname or IP address you specify.
count number	(Optional) Limits the number of ping requests, in packets, to send in summary mode. If you do not specify a count, ping requests are continuously sent until you press Q.
inet	(Optional) Forces the traceroute packets to an IPv4 destination.
inet6	(Optional) Forces the traceroute packets to an IPv6 destination.
interval seconds	(Optional) Sets the interval between ping requests, in seconds. The default value is 1 second.
no-resolve	(Optional) Suppresses the display of the hostnames of the hops along the path.
size bytes	(Optional) Sets the size of the ping request packet. The size can be from 0 through 65468 bytes. The default packet size is 64 bytes.
source address	(Optional) Uses the source address that you specify, in the traceroute packet.
summary	(Optional) Displays the summary traceroute information.

Following is sample output from a traceroute monitor command:

user@host> traceroute
                  monitor host2

                                                        My traceroute  [v0.69]
 host (0.0.0.0)(tos=0x0 psize=64 bitpattern=0x00)                                                          Wed Mar 14 23:14:11 2007
 Keys:  Help   Display mode   Restart statistics   Order of fields   quit
                                                                                            Packets               Pings
  Host                                                                                    Loss%   Snt   Last   Avg  Best  Wrst StDev
  1. 173.24.232.66                                                                         0.0%     5    9.4   8.6   4.8   9.9   2.1
  2. 173.24.232.66                                                                         0.0%     5    7.9  17.2   7.9  29.4  11.0
  3. 173.24.232.66                                                                         0.0%     5    9.9   9.3   8.7   9.9   0.5
  4. 173.24.232.66                                                                         0.0%     5    9.9   9.8   9.5  10.0   0.2

Table 211 summarizes the output fields of the display.

Table 211: CLI traceroute monitor Command Output Summary

Field	Description
host	Hostname or IP address of the J Series device issuing the traceroute monitor command.
psizesize	Size of ping request packet, in bytes.
Keys
Help	Displays the help for the CLI commands. Press H to display the help.
Display mode	Toggles the display mode. Press D to toggle the display mode
Restart statistics	Restarts the traceroute monitor command. Press R to restart the traceroute monitor command.
Order of fields	Sets the order of the displayed fields. Press O to set the order of the displayed fields.
quit	Quits the traceroute monitor command. Press Q to quit the traceroute monitor command.
Packets
number	Number of the hop (router) along the route to the final destination host.
Host	Hostname or IP address of the router at each hop.
Loss%	Percent of packet loss. The number of ping responses divided by the number of ping requests, specified as a percentage.
Pings
Snt	Number of ping requests sent to the router at this hop.
Last	Most recent round-trip time, in milliseconds, to the router at this hop.
Avg	Average round-trip time, in milliseconds, to the router at this hop.
Best	Shortest round-trip time, in milliseconds, to the router at this hop.
Wrst	Longest round-trip time, in milliseconds, to the router at this hop.
StDev	Standard deviation of round-trip times, in milliseconds, to the router at this hop.

Tracing Multicast Routes from the CLI

Use CLI mtrace commands to trace information about multicast paths. The mtrace from-source command displays information about a multicast path from a source to the J Series device. The mtrace monitor command monitors and displays multicast trace operations.

This section contains the following topics. For more information about mtrace commands, see the JUNOS System Basics and Services Command Reference.

Using the mtrace from-source Command

To display information about a multicast path from a source to the J Series device, enter the mtrace from-source command with the following syntax. Table 212 describes the mtrace from-source command options.

user@host> mtrace from-source source host <extra-hops number> <group address> <interval seconds> <max-hops number> <max-queries number> <response host> <routing-instance routing-instance-name> <ttl number> <wait-time seconds> <loop> <multicast-response | unicast-response> <no-resolve> <no-router-alert> <brief | detail>

Table 212: CLI mtrace from-source Command Options

Option	Description
source host	Traces the path to the specified hostname or IP address.
extra-hops number	(Optional) Sets the number of extra hops to trace past nonresponsive routers. Specify a value from 0 through 255.
group address	(Optional) Traces the path for the specified group address. The default value is 0.0.0.0.
interval seconds	(Optional) Sets the interval between statistics gathering. The default value is 10.
max-hops number	(Optional) Sets the maximum number of hops to trace toward the source. Specify a value from 0 through 255. The default value is 32.
max-queries number	(Optional) Sets the maximum number of query attempts for any hop. Specify a value from 1 through 32. The default value is 3.
response host	(Optional) Sends the response packets to the specified hostname or IP address. By default, the response packets are sent to the J Series device.
routing-instance routing-instance-name	(Optional) Traces the routing instance you specify.
ttl number	(Optional) Sets the time-to-live (TTL) value in the IP header of the query packets. Specify a hop count from 0 through 255. The default value for local queries to the all routers multicast group is 1. Otherwise, the default value is 127.
wait-time seconds	(Optional) Sets the time to wait for a response packet. The default value is 3 seconds.
loop	(Optional) Loops indefinitely, displaying rate and loss statistics. To quit the mtrace command, press Ctrl-C.
multicast-response	(Optional) Forces the responses to use multicast.
unicast-response	(Optional) Forces the response packets to use unicast.
no-resolve	(Optional) Does not display hostnames.
no-router-alert	(Optional) Does not use the router alert IP option in the IP header.
brief	(Optional) Does not display packet rates and losses.
detail	(Optional) Displays packet rates and losses if a group address is specified.

Following is sample output from the mtrace from-source command:

user@host> mtrace from-source source
                  192.1.4.1 group 224.1.1.1

Mtrace from 192.1.4.1 to 192.1.30.2 via group 224.1.1.1 Querying full reverse path... * *    0  ? (192.1.30.2)  -1  ? (192.1.30.1)  PIM  thresh^ 1    -2  routerC.mycompany.net (192.1.40.2)  PIM  thresh^ 1    -3  hostA.mycompany.net (192.1.4.1) Round trip time 22 ms; total ttl of 2 required.  Waiting to accumulate statistics...Results after 10 seconds:    Source        Response Dest    Overall     Packet Statistics For Traffic From 192.1.4.1  192.1.30.2       Packet      192.1.4.1 To 224.1.1.1      v       __/  rtt   16 ms     Rate       Lost/Sent = Pct  Rate 192.168.195.37  192.1.40.2      routerC.mycompany.net       v     ^      ttl    2                      0/0    = --    0 pps 192.1.40.1      192.1.30.1      ?                    v      \__   ttl    3                      ?/0            0 pps 192.1.30.2      192.1.30.2   Receiver      Query Source

Each line of the trace display is usually in the following format (depending on the options selected and the responses from the routers along the path):

hop-number host (ip-address) protocolttl

Table 213 summarizes the output fields of the display.

Note: The packet statistics gathered from Juniper Networks routers and routing nodes are always displayed as 0.

Table 213: CLI mtrace from-source Command Output Summary

Field	Description
hop-number	Number of the hop (router) along the path.
host	Hostname, if available, or IP address of the router. If the no-resolve option was entered in the command, the hostname is not displayed.
ip-address	IP address of the router.
protocol	Protocol used.
ttl	TTL threshold.
Round trip time milliseconds ms	Total time between the sending of the query packet and the receiving of the response packet.
total ttl of number required	Total number of hops required to reach the source.
Source	Source IP address of the response packet.
Response Dest	Response destination IP address.
Overall	Average packet rate for all traffic at each hop.
Packet Statistics For Traffic From	Number of packets lost, number of packets sent, percentage of packets lost, and average packet rate at each hop.
Receiver	IP address receiving the multicast packets.
Query Source	IP address of the host sending the query packets.

Using the mtrace monitor Command

To monitor and display multicast trace operations, enter the mtrace monitor command:

user@host> mtrace monitor

Mtrace query at Apr 21 16:00:54 by 192.1.30.2, resp to 224.0.1.32, qid 2a83aa packet from 192.1.30.2 to 224.0.0.2 from 192.1.30.2 to 192.1.4.1 via group 224.1.1.1 (mxhop=60)  Mtrace query at Apr 21 16:00:57 by 192.1.30.2, resp to 224.0.1.32, qid 25dc17 packet from 192.1.30.2 to 224.0.0.2 from 192.1.30.2 to 192.1.4.1 via group 224.1.1.1 (mxhop=60)  Mtrace query at Apr 21 16:01:00 by 192.1.30.2, resp to same, qid 20e046 packet from 192.1.30.2 to 224.0.0.2 from 192.1.30.2 to 192.1.4.1 via group 224.1.1.1 (mxhop=60)  Mtrace query at Apr 21 16:01:10 by 192.1.30.2, resp to same, qid 1d25ad packet from 192.1.30.2 to 224.0.0.2 from 192.1.30.2 to 192.1.4.1 via group 224.1.1.1 (mxhop=60)

This example displays only mtrace queries. When the device captures an mtrace response, the display is similar, but the complete mtrace response is also displayed—exactly as it is displayed in mtrace from-source command output.

Table 214 summarizes the output fields of the display.

Table 214: CLI mtrace monitor Command Output Summary

Field	Description
Mtrace operation-type at time-of-day	operation-type—Type of multicast trace operation: query or response. time-of-day—Date and time the multicast trace query or response was captured.
by	IP address of the host issuing the query.
resp to address	address—Response destination address.
qid qid	qid—Query ID number.
packet from source to destination	source—IP address of the source of the query or response. destination—IP address of the destination of the query or response.
from source to destination	source—IP address of the multicast source. destination—IP address of the multicast destination.
via group address	address—Group address being traced.
mxhop=number	number—Maximum hop setting.

Displaying Log and Trace Files from the CLI

You can enter the monitor start command to display real-time additions to system logs and trace files:

user@host> monitor start filename

When the device adds a record to the file specified by filename, the record is displayed on the screen. For example, if you have configured a system log file named system-log (by including the syslog statement at the [edit system] hierarchy level), you can enter the monitor start system-log command to display the records added to the system log.

To display a list of files that are being monitored, enter the monitor list command. To stop the display of records for a specified file, enter the monitor stop filename command.

Monitoring Interfaces and Traffic from the CLI

This section contains the following topics:

Using the monitor interface Command

Use the CLI monitor interface command to display real-time traffic, error, alarm, and filter statistics about a physical or logical interface. Enter the command with the following syntax:

user@host> monitor interface (interface-name | traffic)

Replace interface-name with the name of a physical or logical interface. If you specify the traffic option, statistics for all active interfaces are displayed.

The real-time statistics are updated every second. The Current delta and Delta columns display the amount the statistics counters have changed since the monitor interface command was entered or since you cleared the delta counters. Table 215 and Table 216 list the keys you use to control the display using the interface-name and traffic options. (The keys are not case sensitive.)

Table 215: CLI monitor interface Output Control Keys

Key	Action
c	Clears (returns to 0) the delta counters in the Current delta column. The statistics counters are not cleared.
f	Freezes the display, halting the update of the statistics and delta counters.
i	Displays information about a different interface. You are prompted for the name of a specific interface.
n	Displays information about the next interface. The device scrolls through the physical and logical interfaces in the same order in which they are displayed by the show interfaces terse command.
q or ESC	Quits the command and returns to the command prompt.
t	Thaws the display, resuming the update of the statistics and delta counters.

Table 216: CLI monitor interface traffic Output Control Keys

Key	Action
b	Displays the statistics in units of bytes and bytes per second (bps).
c	Clears (returns to 0) the delta counters in the Delta column. The statistics counters are not cleared.
d	Displays the Delta column instead of the rate column—in bps or packets per second (pps).
p	Displays the statistics in units of packets and packets per second (pps).
q or ESC	Quits the command and returns to the command prompt.
r	Displays the rate column—in bps and pps—instead of the Delta column.

Following are sample displays from the monitor interface command:

user@host> monitor interface fe-0/0/0

host1                             Seconds: 11                  Time: 16:47:49                                                                Delay: 0/0/0 Interface: fe-0/0/0, Enabled, Link is Up Encapsulation: Ethernet, Speed: 100mbps Traffic statistics:                                           Current delta   Input bytes:                  381588589                           [11583]   Output bytes:                   9707279                            [6542]   Input packets:                  4064553                             [145]   Output packets:                   66683                              [25] Error statistics:   Input errors:                         0                               [0]   Input drops:                          0                               [0]   Input framing errors:                 0                               [0]   Carrier transitions:                  0                               [0]   Output errors:                        0                               [0]   Output drops:                         0                               [0]

Note: The output fields displayed when you enter the monitor interface interface-name command are determined by the interface you specify.

user@host> monitor interface traffic

Interface    Link  Input packets        (pps)     Output packets        (pps)  fe-0/0/0      Up          42334          (5)              23306          (3)  fe-0/0/1      Up      587525876      (12252)          589621478      (12891)

Using the monitor traffic Command

Use the CLI monitor traffic command to display packet headers transmitted through network interfaces.

Note: Using the monitor traffic command can degrade system performance. We recommend that you use filtering options—such as count and matching—to minimize the impact to packet throughput on the system.

Enter the monitor traffic command with the following syntax. Table 217 describes the monitor traffic command options.

user@host> monitor traffic <absolute-sequence> <count number> <interface interface-name>
               <layer2-headers> <matching
                  "expression"> <no-domain-names> <no-promiscuous> <no-resolve> <no-timestamp> <print-ascii> <print-hex> <size bytes> <brief | detail | extensive>

To quit the monitor traffic command and return to the command prompt, press Ctrl-C.

If you want to capture and view packet headers using the J-Web interface, see Capturing and Viewing Packets with the J-Web Interface.

Table 217: CLI monitor traffic Command Options

Option	Description
absolute-sequence	(Optional) Displays the absolute TCP sequence numbers.
count number	(Optional) Displays the specified number of packet headers. Specify a value from 0 through 100,000. The command quits and exits to the command prompt after this number is reached.
interface interface-name	(Optional) Displays packet headers for traffic on the specified interface. If an interface is not specified, the lowest numbered interface is monitored.
layer2-headers	(Optional) Displays the link-layer packet header on each line.
matching "expression"	(Optional) Displays packet headers that match an expression enclosed in quotation marks (" "). Table 218 through Table 220 list match conditions, logical operators, and arithmetic, binary, and relational operators you can use in the expression.
no-domain-names	(Optional) Suppresses the display of the domain name portion of the hostname.
no-promiscuous	(Optional) Specifies not to place the monitored interface in promiscuous mode. In promiscuous mode, the interface reads every packet that reaches it. In nonpromiscuous mode, the interface reads only the packets addressed to it.
no-resolve	(Optional) Suppresses the display of hostnames.
no-timestamp	(Optional) Suppresses the display of packet header timestamps.
print-ascii	(Optional) Displays each packet header in ASCII format.
print-hex	(Optional) Displays each packet header, except link-layer headers, in hexadecimal format.
size bytes	(Optional) Displays the number of bytes for each packet that you specify. If a packet header exceeds this size, the displayed packet header is truncated. The default value is 96.
brief	(Optional) Displays minimum packet header information. This is the default.
detail	(Optional) Displays packet header information in moderate detail. For some protocols, you must also use the size option to see detailed information.
extensive	(Optional) Displays the most extensive level of packet header information. For some protocols, you must also use the size option to see extensive information.

To limit the packet header information displayed by the monitor traffic command, include the matching "expression" option. An expression consists of one or more match conditions listed in Table 218, enclosed in quotation marks (" "). You can combine match conditions by using the logical operators listed in Table 219 (shown in order of highest to lowest precedence).

For example, to display TCP or UDP packet headers, enter the following command:

user@host> monitor traffic matching
                  “tcp || udp”

To compare the following types of expressions, use the relational operators listed in Table 220 (listed from highest to lowest precedence):

Arithmetic—Expressions that use the arithmetic operators listed in Table 220.
Binary—Expressions that use the binary operators listed in Table 220.
Packet data accessor—Expressions that use the following syntax:

protocol [byte-offset <size>]

Replace protocol with any protocol in Table 218. Replace byte-offset with the byte offset, from the beginning of the packet header, to use for the comparison. The optional size parameter represents the number of bytes examined in the packet header—1, 2, or 4 bytes.

For example, the following command displays all multicast traffic:

user@host> monitor traffic matching “ether[0] & 1 !=0”

Table 218: CLI monitor traffic Match Conditions

Match Condition	Description
Entity Type
host [address \| hostname]	Matches packet headers that contain the specified address or hostname. You can preprend any of the following protocol match conditions, followed by a space, to host: arp, ip, rarp, or any of the Directional match conditions.
network address	Matches packet headers with source or destination addresses containing the specified network address.
network address mask mask	Matches packet headers containing the specified network address and subnet mask.
port [port-number \| port-name]	Matches packet headers containing the specified source or destination TCP or UDP port number or port name.
Directional	Directional match conditions can be prepended to any Entity Type match conditions, followed by a space.
destination	Matches packet headers containing the specified destination.
source	Matches packet headers containing the specified source.
source and destination	Matches packet headers containing the specified source and destination.
source or destination	Matches packet headers containing the specified source or destination.
Packet Length
less bytes	Matches packets with lengths less than or equal to the specified value, in bytes.
greater bytes	Matches packets with lengths greater than or equal to the specified value, in bytes.
Protocol
arp	Matches all ARP packets.
ether	Matches all Ethernet frames.
ether [broadcast \| multicast]	Matches broadcast or multicast Ethernet frames. This match condition can be prepended with source or destination.
ether protocol [address \| (\arp \| \ip \| \rarp)	Matches Ethernet frames with the specified address or protocol type. The arguments arp, ip, and rarp are also independent match conditions, so they must be preceded with a backslash (\) when used in the ether protocol match condition.
icmp	Matches all ICMP packets.
ip	Matches all IP packets.
ip [broadcast \| multicast]	Matches broadcast or multicast IP packets.
ip protocol [address \| (\icmp \| igrp \| \tcp \| \udp)]	Matches IP packets with the specified address or protocol type. The arguments icmp, tcp, and udp are also independent match conditions, so they must be preceded with a backslash (\) when used in the ip protocol match condition.
isis	Matches all IS-IS routing messages.
rarp	Matches all RARP packets.
tcp	Matches all TCP packets.
udp	Matches all UDP packets.

Table 219: CLI monitor traffic Logical Operators

Logical Operator	Description
!	Logical NOT. If the first condition does not match, the next condition is evaluated.
&&	Logical AND. If the first condition matches, the next condition is evaluated. If the first condition does not match, the next condition is skipped.
\|\|	Logical OR. If the first condition matches, the next condition is skipped. If the first condition does not match, the next condition is evaluated.
()	Group operators to override default precedence order. Parentheses are special characters, each of which must be preceded by a backslash (\).

Table 220: CLI monitor traffic Arithmetic, Binary, and Relational Operators

Operator	Description
Arithmetic Operator
+	Addition operator.
–	Subtraction operator.
/	Division operator.
Binary Operator
&	Bitwise AND.
*	Bitwise exclusive OR.
\|	Bitwise inclusive OR.
Relational Operator
<=	A match occurs if the first expression is less than or equal to the second.
>=	A match occurs if the first expression is greater than or equal to the second.
<	A match occurs if the first expression is less than the second.
>	A match occurs if the first expression is greater than the second.
=	A match occurs if the first expression is equal to the second.
!=	A match occurs if the first expression is not equal to the second.

Following is sample output from the monitor traffic command:

user@host> monitor traffic count 4 matching
                  “arp” detail

Listening on fe-0/0/0, capture size 96 bytes  15:04:16.276780  In arp who-has 193.1.1.1 tell host1.site2.net 15:04:16.376848  In arp who-has host2.site2.net tell host1.site2.net 15:04:16.376887  In arp who-has 193.1.1.2 tell host1.site2.net 15:04:16.601923  In arp who-has 193.1.1.3 tell host1.site2.net

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]