show security flow session family
Syntax
show security flow session family (inet | inet6) [brief | extensive | summary]
Description
Display filtered summary of information about existing sessions, including types of sessions, active and failed sessions, and the maximum allowed number of sessions.
Options
inet—Display details summary of IPv4 sessions.inet6—Display details summary of IPv6 sessions.brief | extensive | summary–Display the specified level of output.
Required Privilege Level
view
Output Fields
Table 1 lists the output fields for
the show security flow session family command. Output fields
are listed in the approximate order in which they appear.
Field Name |
Field Description |
|---|---|
|
Number that identifies the session. Use this ID to get more information about the session. |
|
Policy that permitted the traffic. |
|
Idle timeout after which the session expires. |
|
Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
|
Reverse flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, port sequence, FIN sequence, FIN state, packets and bytes). |
|
Total number of sessions. |
|
Session status. |
|
Internal flag depicting the state of the session, used for debugging purposes. |
|
Name and ID of the policy that the first packet of the session matched. |
|
The name of the source pool where NAT is used. |
|
Name of the application. |
|
Maximum session timeout. |
|
Remaining time for the session unless traffic exists in the session. |
|
Session state. |
|
Time when the session was created, offset from the system start time. |
|
Number of unicast sessions. |
|
Number of multicast sessions. |
|
Number of failed sessions. |
|
Number of sessions in use.
|
|
Number of maximum sessions. |
Sample Output
- show security flow session family inet
- show security flow session family inet brief
- show security flow session family inet extensive
- show security flow session family inet summary
show security flow session family inet
root> show security flow session family inet Flow Sessions on FPC10 PIC1: Total sessions: 0 Flow Sessions on FPC10 PIC2: Session ID: 420000107, Policy name: default-policy-00/2, Timeout: 4, Valid In: 203.0.113.0/3 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000202 Out: 203.0.113.4/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000202 Total sessions: 1 Flow Sessions on FPC10 PIC3: Session ID: 430000115, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000110 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000110 Session ID: 430000117, Policy name: default-policy-00/2, Timeout: 4, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000111 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000111 Total sessions: 2
show security flow session family inet brief
root> show security flow session family inet brief Flow Sessions on FPC10 PIC1: Total sessions: 0 Flow Sessions on FPC10 PIC2: Session ID: 420000115, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/3 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000206 Out: 203.0.113.4/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000206 Session ID: 420000117, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 420000207 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 420000207 Total sessions: 2 Flow Sessions on FPC10 PIC3: Session ID: 430000119, Policy name: default-policy-00/2, Timeout: 2, Valid In: 203.0.113.0/4 --> 203.0.113.5/24;icmp, If: ge-7/1/0.0, Pkts: 1, Bytes: 84, CP Session ID: 430000112 Out: 203.0.113.5/24 --> 203.0.113.6/24;icmp, If: .local..0, Pkts: 1, Bytes: 84, CP Session ID: 430000112 Total sessions: 1
show security flow session family inet extensive
root> show security flow session family inet extensive
Flow Sessions on FPC10 PIC1:
Session ID: 410000111, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 4
Session State: Valid
Start time: 76455, Duration: 0
In: 203.0.113.0/24 --> 203.0.113.1/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 203.0.113.10, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 410000242
Out: 203.0.113.1/24 --> 203.0.113.10/4;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 410000242
Total sessions: 1
Flow Sessions on FPC10 PIC2:
Session ID: 420000123, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 2
Session State: Valid
Start time: 76454, Duration: 2
In: 203.0.113.10/24 --> 203.0.113.11/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 20010, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 420000210
Out: 203.0.113.11/24 --> 203.0.113.12/24;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 420000210
Total sessions: 1
Flow Sessions on FPC10 PIC3:
Session ID: 430000131, Status: Normal
Flags: 0x80400040/0x0/0x2800023
Policy name: default-policy-00/2
Source NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 4, Current timeout: 4
Session State: Valid
Start time: 76421, Duration: 1
In: 203.0.113.10/24 --> 203.0.113.11/24;icmp,
Interface: ge-7/1/0.0,
Session token: 0x6, Flag: 0xc0000021
Route: 0xa0010, Gateway: 203.0.113.10, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 430000118
Out: 203.0.113.12/24 --> 203.0.113.13/24;icmp,
Interface: .local..0,
Session token: 0x2, Flag: 0x40000030
Route: 0xfffb0006, Gateway: 203.0.113.1, Tunnel: 0
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 84
CP Session ID: 430000118
Total sessions: 1show security flow session family inet summary
root> show security flow session family inet summary Flow Sessions on FPC10 PIC1: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4 Flow Sessions on FPC10 PIC2: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4 Flow Sessions on FPC10 PIC3: Valid sessions: 2 Pending sessions: 0 Invalidated sessions: 2 Sessions in other states: 0 Total sessions: 4
Release Information
Command introduced in Junos OS Release 10.2.