close

keyboard_arrow_left

Table of Contents Expand all

list Table of Contents

show security advance-policy-based-routing statistics

date_range 19-Nov-23

Syntax

content_copy zoom_out_map
show security advance-policy-based-routing statistics

Description

Displays the statistics counter for the APBR.

You can use this command to understand the details on traffic handling with APBR such as:

Sessions processed for the application-based routing.
The number of times the application traffic matches the APBR profile and APBR is applied for the session.
The number of times AppID is consulted to identify application traffic.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show security advance-policy-based-routing statistics command. Output fields are listed in the approximate order in which they appear.

Table 1: show security advance-policy-based-routing statistics
Field Name	Field Description
`Session Processed`	The number of sessions processed for the application-based routing.
`ASC Success`	The number of times the presence of an entry in the application system cache (ASC) is found.
`Rule match success`	The number of times the application traffic matches the APBR profile.
`Route modified`	The number of times the APBR is applied for the session.
`AppID Requested`	The number of times AppID is consulted to identify application traffic.

Table 2 lists the output fields for the show security advance-policy-based-routing statistics command for midstream support. Output fields are listed in the approximate order in which they appear.

Table 2: show security advance-policy-based-routing statistics (Advanced Policy-Based Routing Midstream Support)
Field Name	Field Description
`Session Processed`	The number of sessions processed for the application-based routing.
`AppID cache hits`	The number of times the presence of an entry in the application system cache (ASC) is found.
`AppID Requested`	The number of times AppID was consulted to identify application traffic.
`Rule matches`	The number of times the application traffic matches the APBR profile.
`Route changed on cache hits`	The number of times the APBR is applied for the session.
`Route changed midstream`	Number of times a route is changed for a session.
`Zone mismatch`	No of times a zone for an interface is changed in the middle of a session.
`Drop on zone mismatch`	Number of times a session is terminated because of change of zone in the middle of the session.

Table 3 lists the output fields for the show security advance-policy-based-routing statistics command starting in Junos OS Release 19.3R1 and later releases. Output fields are listed in the approximate order in which they appear.

Table 3: show security advance-policy-based-routing statistics
Field Name	Field Description
`Session Processed`	The number of sessions processed for the application-based routing.
`App rule hit on cache hit`	The number of times a rule with a matching entry in the application system cache (ASC) is found.
`App rule hit on HTTP Proxy/ALG`	The number of times a rule matching with the application obtained from ALG or secure Web (HTTP) proxy is found.
`Midstream disabled rule hit on cache hit`	The number of times a rule with a disabled midstream has matching entry in the ASC.
`URL cat rule hit on cache hit`	The number of times a rule with defined URL categories in ASC is found.
`DSCP rule hit on first packet`	The number of times the rule with defined DSCP value is matched for the first session.
`App and DSCP hit on first packet`	The number of times the rule with defined DSCP value and application is matched for the first session.
`App rule hit midstream`	The number of times a route is changed in the middle of a session because of the rule with defined application is matched.
`URL cat rule hit midstream`	The number of times a route is changed in the middle of a session because of the rule with defined URL categories is matched.
`App and DSCP rule hit midstream`	The number of times the rule with DSCP value and application is matched for the midstream session.
`Midstream disabled rule hit midstream`	The number of times a route remains unchanged in the middle of a session after rule with defined application is matched.
`DSCP rule hit midstream`	The number of times the rule with DSCP value is matched for the midstream session.
`Route changed on cache hits`	Number of times a route is changed for a session because of the APBR applied for the session.
`Route changed on HTTP Proxy/ALG`	Number of times a route is changed because of the rule match for secure Web (HTTP) proxy or ALG applied for the session.
`Route changed midstream`	Number of times a route is changed in the middle of a session because of the APBR applied for the session.
`Zone mismatch`	No of times a zone for an interface is changed in the middle of a session.
`Drop on zone mismatch`	Number of times a session is terminated because of change of zone in the middle of the session.
`Next hop not found`	Number of times a session is terminated because next-hop IP address was not reachable.
`Application Services Bypass`	The number of times the application services are bypassed for the session.

Sample Output

show security advance-policy-based-routing statistics
show security advance-policy-based-routing statistics (Midstream Support)
show security advance-policy-based-routing statistics (Changed Options from Junos OS Release 18.4R1)
show security advance-policy-based-routing statistics (Changed Options from Junos OS Release 19.1R1)
show security advance-policy-based-routing statistics (Changed Options from Junos OS Release 19.3R1)
show security advance-policy-based-routing statistics (Changed Options from Junos OS Release 19.4R1)