show services sessions (Next Gen Services)
Syntax
show services sessions <brief | extensive | terse> <application-protocol protocol> <count> <destination-port destination-port> <destination-prefix destination-prefix> <interface interface-name> <limit number> <protocol protocol> <service-set service-set> <source-port source-port> <source-prefix source-prefix> <utilization>
Description
Display session information.
On MX Series routers (with interchassis redundancy configured),
the idle timeout for every flow is displayed in the show services
session extensive and show services flows extensive commands.
Options
| none | Display standard information about all sessions. |
| brief | extensive | terse | (Optional) Display the specified level of output. |
| application-protocol protocol | (Optional) Display information about one of the following application protocols:
Note:
You can use the |
| count | (Optional) Display a count of the matching entries. |
| destination-port destination-port | (Optional) Display information for the specified destination port. The range of values is from 0 to 65,535. |
| destination-prefix destination-prefix | (Optional) Display information for the specified destination prefix. |
| interface interface-name | (Optional) Display information about the specified services interface. |
| limit number | (Optional) Maximum number of entries to display. |
| protocol protocol | (Optional) Display information about one of the following IP types:
|
| service-set service-set | (Optional) Display information for the specified service set. |
| source-port source-port | (Optional) Display information for the specified source port. The range of values is from 0 to 65,535. |
| source-prefix source-prefix | (Optional) Display information for the specified source prefix. |
| utilization | (Optional) Display statistical details about session utilization. |
Required Privilege Level
view
Output Fields
Table 1 lists the output fields for the show services sessions command. Output fields are listed in the approximate order in which
they appear.
Field Name |
Field Description |
Level of Output |
|---|---|---|
|
Name of the services interface. |
|
|
Session ID that uniquely identifies the session. |
All levels |
|
Name of the application. |
|
Flags |
Session flag for the ALG:
|
All levels |
IP Action |
Flag indicating whether IP action has been set for the session. |
All levels |
|
Flag indicating whether the session has been offloaded to the Packet Forwarding Engine. |
All levels |
|
Flag indicating whether the session is uni-directional. |
|
|
Name of a service set. Individual empty service sets are not displayed. |
|
|
Number of sessions. |
|
Sample Output
- show services sessions
- show services sessions brief
- show services sessions extensive
- show services sessions terse
- show services sessions analysis
- show services sessions application-protocol
- show services sessions count
- show services sessions destination-port
- show services sessions destination-prefix
- show services sessions interface
- show services sessions protocol
- show services sessions service-set
- show services sessions source-port
- show services sessions source-prefix
show services sessions
user@host> show services sessions
Session ID: 536870913, Service-set: vms-sset10, Policy name: default-service-set-policy/32779, Timeout: 26, Valid
Logical system: root-logical-system
In: DSLITE 2002:2010::1401:4/1 --> 2002:2010::1401:1/1;ipip, Conn Tag: 0x0, If: vms-2/0/0.16391, Pkts: 1, Bytes: 110,
Out: DSLITE 2002:2010::1401:1/1 --> 2002:2010::1401:4/1;ipip, Conn Tag: 0x0, If: vms-2/0/0.0, Pkts: 0, Bytes: 0,
Session ID: 536870914, Service-set: vms-sset10, Policy name: default-service-set-policy/32779, Timeout: 26, Valid
Logical system: root-logical-system
Softwire 2002:2010::1401:4 -> 2002:2010::1401:1
In: 30.1.0.101/1024 --> 30.2.0.101/1024;udp, Conn Tag: 0x0, If: vms-2/0/0.16391, Pkts: 1, Bytes: 70,
Out: 30.2.0.101/1024 --> 50.0.12.1/1024;udp, Conn Tag: 0x0, If: vms-2/0/0.0, Pkts: 0, Bytes: 0,
Total sessions: 2
show services sessions brief
The output for the show services flows brief command
is identical to that for the show services sessions command.
For sample output, see show services sessions.
show services sessions extensive
user@host> show services sessions extensive
Session ID: 536870917, Service-set: vms-sset10, Status: Normal
Flags: 0x40/0x0/0x4000/0x2000103
Policy name: default-service-set-policy/32779
Source NAT pool: Null, Destination NAT pool: Null
Dynamic application: junos:UNKNOWN,
Encryption: Unknown
Application traffic control rule-set: INVALID, Rule: INVALID
Maximum timeout: 30, Current timeout: 28
Session State: Valid
Logical system: root-logical-system
Start time: 1878, Duration: 2
In: DSLITE 2002:2010::1401:4/1 --> 2002:2010::1401:1/1;ipip,
Conn Tag: 0x0, Interface: vms-2/0/0.16391,
Session token: 0xfcc, Flag: 0x400023
Route: 0x0, Gateway: 2002:2010::1401:4, Tunnel ID: 0, Tunnel type: None
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 1, Bytes: 110
Out: DSLITE 2002:2010::1401:1/1 --> 2002:2010::1401:4/1;ipip,
Conn Tag: 0x0, Interface: vms-2/0/0.0,
Session token: 0x4fcc, Flag: 0x400022
Route: 0x0, Gateway: 2002:2010::1401:1, Tunnel ID: 0, Tunnel type: None
Port sequence: 0, FIN sequence: 0,
FIN state: 0,
Pkts: 0, Bytes: 0
Total sessions: 1
show services sessions terse
user@router> show services sessions terse vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 33 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 31
show services sessions analysis
user@router>show services sessions analysis
vms-1/0/0
Interface: vms-1/0/0
Session Analysis Statistics:
Total sessions Active :0
Total TCP Sessions Active :0
Tcp sessions from gate :0
Tunneled TCP sessions :0
Regular TCP sessions :0
IPv4 active Session :0
IPv6 active Session :0
Total UDP sessions Active :0
UDP sessions from gate :0
Tunneled UDP sessions :0
Regular UDP sessions :0
IPv4 active Session :0
IPv6 active Session :0
Total Other sessions Active :0
IPv4 active Session :0
IPv6 active Session :0
Created sessions per Second :0
Deleted sessions per Second :0
Peak Total sessions Active :0
Peak Total TCP sessions Active :0
Peak Total UDP sessions Active :0
Peak Total Other sessions Active :0
Peak Created Sessions per Second :0
Peak Deleted Sessions per Second :0
Packets received :0
Packets transmitted :0
Slow path forward :0
Slow path discard :0
Session Rate Data:
Number of Samples: 638051
Session Rate Distribution(sec)
Session Operation :Creation
400000+ :0
350001 - 400000 :0
300001 - 350000 :0
250001 - 300000 :0
200001 - 250000 :0
150001 - 200000 :0
50001 - 150000 :0
40001 - 50000 :0
30001 - 40000 :0
20001 - 30000 :0
10001 - 20000 :0
1001 - 10000 :0
1 - 1000 :0
0 :638051
Session Operation :Deletion
400000+ :0
350001 - 400000 :0
300001 - 350000 :0
250001 - 300000 :0
200001 - 250000 :0
150001 - 200000 :0
50001 - 150000 :0
40001 - 50000 :0
30001 - 40000 :0
20001 - 30000 :0
10001 - 20000 :0
1001 - 10000 :0
1 - 1000 :0
0 :638051
Session Lifetime Distribution(sec):
TCP UDP HTTP
240+ :0 0 0
120 - 240 :0 0 0
60 - 120 :0 0 0
30 - 60 :0 0 0
15 - 30 :0 0 0
5 - 15 :0 0 0
1 - 5 :0 0 0
0 - 1 :0 0 0
show services sessions application-protocol
This command has the same output for the rpc, dce-rpc, rpc-portmap and dce-rpc-portmap ALGs.
user@router> show services sessions application-protocol dce-rpc Interface name: vms-1/1/0 Session: 8, ALG: portmapper, Flags: 0x1800, IP Action: no, Offload: no UDP 192.168.203.198:1019 ->192.168.203.194:2049 Forward I 4 UDP 192.168.203.194:2049 ->192.168.203.198:1019 Forward O 4 Session: 7, ALG: portmapper, Flags: 0x1800, IP Action: no, Offload: no UDP 192.168.203.198:954 ->192.168.203.194:613 Forward I 1 UDP 192.168.203.194:613 ->192.168.203.198:954 Forward O 1 Session: 6, ALG: portmapper, Flags: 0x1800, IP Action: no, Offload: no UDP 192.168.203.198:53836 ->192.168.203.194:613 Forward I 1 UDP 192.168.203.194:613 ->192.168.203.198:53836 Forward O 1 Session: 5, ALG: portmapper, Flags: 0x1000, IP Action: no, Offload: no UDP 192.168.203.198:59813 ->192.168.203.194:111 Forward I 1 UDP 192.168.203.194:111 ->192.168.203.198:59813 Forward O 1 Session: 4, ALG: portmapper, Flags: 0x1800, IP Action: no, Offload: no UDP 192.168.203.198:36595 ->192.168.203.194:2049 Forward I 1 UDP 192.168.203.194:2049 ->192.168.203.198:36595 Forward O 1 Session: 3, ALG: portmapper, Flags: 0x1000, IP Action: no, Offload: no UDP 192.168.203.198:56050 ->192.168.203.194:111 Forward I 1 UDP 192.168.203.194:111 ->192.168.203.198:56050 Forward O 1 user@router> show services sessions application-protocol dns Interface name: vms-2/0/0 Session: 293, ALG: 16, Flags: 0x0040, IP Action: no, Offload: no UDP 198.51.100.2:43677 -> 203.0.113.10:53 Forward I 1 UDP 203.0.113.10:53 -> 192.0.2.1:43677 Forward O 1 Session: 53, ALG: 16, Flags: 0x0040, IP Action: no, Offload: no UDP 198.51.100.2:37494 -> 203.0.113.10:53 Forward I 1 UDP 203.0.113.10:53 -> 192.0.2.1:37494 Forward O 1 Session: 66, ALG: 16, Flags: 0x0040, IP Action: no, Offload: no UDP 198.51.100.2:48161 -> 203.0.113.10:53 Forward I 1 UDP 203.0.113.10:53 -> 192.0.2.1:48161 Forward O 1 Session: 17, ALG: 16, Flags: 0x0040, IP Action: no, Offload: no UDP 198.51.100.2:38908 -> 203.0.113.10:53 Forward I 1 UDP 203.0.113.10:53 -> 192.0.2.1:38908 Forward O 1 Session: 42, ALG: 16, Flags: 0x0040, IP Action: no, Offload: no UDP 198.51.100.2:58189 -> 203.0.113.10:53 Forward I 1 UDP 203.0.113.10:53 -> 192.0.2.1:58189 Forward O 1 user@router> show services sessions application-protocol ftp Interface name: vms-4/1/0 Session: 1, ALG: 1, Flags: 0x0040, IP Action: no, Offload: no TCP 192.0.2.129:32843 -> 198.51.100.129:21 Forward I 26 TCP 198.51.100.129:21 -> 192.0.2.0:32843 Forward O 30 user@router> show services sessions application-protocol ike-esp-nat Service Set: ss_ipv4, Session: 33554435, ALG: ike-esp-nat, Flags: 0x0800, IP Action: no, Offload: no, Asymmetric: no ESP 198.51.100.2:4689 -> 203.0.113.1:62108 Forward O 2199 ESP 192.0.2.2:62108 -> 198.51.100.2:4689 Forward I 0 Service Set: ss_ipv4, Session: 33554434, ALG: ike-esp-nat, Flags: 0x0800, IP Action: no, Offload: no, Asymmetric: no ESP 192.0.2.2:44179 -> 198.51.100.2:43809 Forward I 2199 ESP 198.51.100.2:43809 -> 203.0.113.1:44179 Forward O 0 Service Set: ss_ipv4, Session: 33554433, ALG: ike-esp-nat, Flags: 0x0000, IP Action: no, Offload: no, Asymmetric: no UDP 192.0.2.2:500 -> 198.51.100.2:500 Forward I 8 UDP 198.51.100.2:500 -> 203.0.113.1:57730 Forward O user@router> show services sessions application-protocol pptp Interface name: vms-2/0/0 Session: 3, ALG: pptp, Flags: 0x2800, IP Action: no, Offload: no, Asymmetric: no GRE 203.0.113.138:0 -> 203.0.113.138:0 Forward O 21 GRE 192.0.2.794:0 -> 203.0.113.138:0:65000 Forward I 0 Session: 2, ALG: pptp, Flags: 0x2800, IP Action: no, Offload: no, Asymmetric: no GRE 192.0.2.794:0 -> 203.0.113.138:0:49913 Forward I 88 GRE 203.0.113.138:0:49913 -> 192.0.2.794:65001 Forward O 0 Session: 1, ALG: pptp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 192.0.2.794:1511 -> 203.0.113.138:0:1723 Forward I 13 TCP 203.0.113.138:0:1723 -> 192.0.2.794:1511 Forward O 12 user@router> show services sessions application-protocol rtsp Interface name: vms-0/1/0 Session: 13, ALG: rtsp, Flags: 0x0800, IP Action: no, Offload: no UDP 203.0.113.66:5004 -> 198.51.100.66:3989 Forward O 152 UDP 198.51.100.66:3989 -> 192.0.2.161:5004 Forward I 0 Session: 9, ALG: rtsp, Flags: 0x0800, IP Action: no, Offload: no UDP 203.0.113.66:5004 -> 198.51.100.66:3986 Forward O 3 UDP 198.51.100.66:3986 -> 192.0.2.161:5004 Forward I 0 user@router> show services sessions application-protocol rsh Interface name: vms-2/0/0 Session: 3, ALG: 2, Flags: 0x0840, IP Action: no, Offload: no TCP 203.0.113.10:1023 -> 198.51.100.2:1020 Forward O 4 TCP 198.51.100.2:1020 -> 203.0.113.10:1023 Forward I 3 Session: 1, ALG: 2, Flags: 0x0040, IP Action: no, Offload: no TCP 198.51.100.2:1021 -> 203.0.113.10:514 Forward I 1331 TCP 203.0.113.10:514 -> 198.51.100.2:1021 Forward O 2485 user@router> show services sessions application-protocol sip Interface name: vms-2/0/0 Session: 4, ALG: sip, Flags: 0x0800, IP Action: no, Offload: no UDP 198.51.100.130:6000 -> 192.0.2.129:12682 Forward I 246 UDP 192.0.2.129:12682 -> 198.51.100.162:6000 Forward O 0 Session: 1, ALG: sip, Flags: 0x0000, IP Action: no, Offload: no UDP 198.51.100.130:5060 -> 192.0.2.130:5060 Forward I 10 UDP 192.0.2.130:5060 -> 198.51.100.162:5060 Forward O 9 user@router> show services sessions application-protocol sql Interface name: vms-2/0/0 Session: 3934, ALG: sqlnet, Flags: 0x0800, IP Action: no, Offload: no TCP 198.51.100.2:39754 -> 203.0.113.138:0:1408 Forward I 26 TCP 203.0.113.138:0:1408 -> 192.0.2.1:39754 Forward O 23 user@router> show services sessions application-protocol talk Interface name: vms-0/2/0 Session: 4, ALG: 65, Flags: 0x0800, IP Action: no, Offload: no TCP 203.0.113.162:36888 -> 192.0.2.2:33294 Forward O 4 TCP 192.0.2.1:33294 -> 203.0.113.162:36888 Forward I 3 Session: 7, ALG: 65, Flags: 0x0800, IP Action: no, Offload: no UDP 203.0.113.162:1165 -> 192.0.2.2:518 Forward O 1 UDP 192.0.2.2:518 -> 203.0.113.162:1165 Forward I 1 Session: 8, ALG: 65, Flags: 0x0000, IP Action: no, Offload: no UDP 192.0.2.2:1509 -> 203.0.113.162:518 Forward I 3 UDP 203.0.113.162:518 -> 192.0.2.2:1509 Forward O 3 Session: 6, ALG: 0, Flags: 0x0000, IP Action: no, Offload: no UDP 192.0.2.1:123 -> 192.0.2.2:123 Forward O 4
show services sessions count
user@host> show services sessions count Interface Service set Valid Invalid Pending Other state vms-0/2/0 ss1_interface_style1 1 0 0 0
show services sessions destination-port
user@router> show services sessions destination-port 21 vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 25 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 24
show services sessions destination-prefix
user@router> show services sessions destination-prefix 10.1.1.2 vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 25 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 24
show services sessions interface
user@router> show services sessions interface vms-1/1/0 vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 30 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 29
show services sessions protocol
user@router> show services sessions protocol tcp vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 30 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 29
show services sessions service-set
user@router> show services sessions service-set ss1_interface_style1 Session ID: 3, Service-set: ss1_interface_style1, Policy name: R11/7, Timeout: 30, Valid In: 20.1.1.2/48102 --> 30.1.1.2/22;tcp, Conn Tag: 0x0, If: vms-0/2/0.16387, Pkts: 70, Bytes: 6257, Out: 30.1.1.2/22 --> 44.0.0.3/29071;tcp, Conn Tag: 0x0, If: vms-0/2/0.0, Pkts: 59, Bytes: 8193, Total sessions: 1
show services sessions source-port
user@router> show services sessions source-port 21 vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 33 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 31
show services sessions source-prefix
user@router> show services sessions source-prefix 10.2.2.2 vms-1/1/0 Session: 1, ALG: ftp, Flags: 0x2000, IP Action: no, Offload: no, Asymmetric: no TCP 10.2.2.2:52138 -> 10.1.1.2:21 Forward I 33 TCP 10.1.1.2:21 -> 10.2.2.2:52138 Forward O 31
Release Information
Command introduced in Junos OS Release 19.3R2 on MX Series for Next Gen Services for CGNAT 6rd softwires running inline on the MPC card and specifying the si-1/0/0 interface naming convention.Support added in Junos OS Release 20.2R1 for Next Gen Services CGNAT DS-Lite softwires on the MX-SPC3 security services card .