Config Router

  • Google Sheets
  • CCNA Online training
    • CCNA
  • CISCO Lab Guides
    • CCNA Security Lab Manual With Solutions
    • CCNP Route Lab Manual with Solutions
    • CCNP Switch Lab Manual with Solutions
  • Juniper
  • Linux
  • DevOps Tutorials
  • Python Array
You are here: Home / Juniper / How to do a packet capture of monitor traffic interface

How to do a packet capture of monitor traffic interface

May 27, 2016 by James Palmer

monitor traffic interface <interface-name> displays the packet send/received by Routing Engine in that interface.

For example, in below output we can see the STP packets received and LLDP packets send out of the interface ge-0/0/0.

************************************************************************************************************************************************************
root> monitor traffic interface ge-0/0/0
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on ge-0/0/0, capture size 96 bytes
19:17:08.407884 In STP 802.1w, Rapid STP, Flags [Learn, Forward], bridge-id 8000.2c:6b:f5:3e:74:81.8201, length 43
19:17:10.667486 Out [|LLDP]
************************************************************************************************************************************************************

Note :that monitor traffic interface can be used only for kernel traffic. For transit traffic we have to rely on port mirroring

We can capture the output of Monitor traffic interface in a packet capture. This can be helpful in troubleshooting

To collect the output of monitor traffic interface as a packet capture use the following syntax monitor traffic interface <interface-name> write-file <location to which file needs to be saved/Name of file>

************************************************************************************************************************************************************************************************
For example:

root> monitor traffic interface ge-0/0/0 write-file /var/tmp/TEST.pcap
Address resolution is ON. Use <no-resolve> to avoid any reverse lookup delay.
Address resolution timeout is 4s.
Listening on ge-0/0/0, capture size 9100 bytes
^C
46 packets received by filter
0 packets dropped by kernel 

To stop the capture press cntrl+c

File is saved in /var/tmp as specified above

root> file list /var/tmp/ detail | match TEST
-rw-r--r-- 1 root field 5628 Mar 26 19:27 TEST.pcap 
**************************************************************************************************************************************************************

Related

Filed Under: Juniper Tagged With: LLDP, LLDP Packets, monitor traffic interface, packet capture, STP, STP Packets

Recent Posts

  • How do I give user access to Jenkins?
  • What is docker volume command?
  • What is the date format in Unix?
  • What is the difference between ARG and ENV Docker?
  • What is rsync command Linux?
  • How to Add Music to Snapchat 2021 Android? | How to Search, Add, Share Songs on Snapchat Story?
  • How to Enable Snapchat Notifications for Android & iPhone? | Steps to Turn on Snapchat Bitmoji Notification
  • Easy Methods to Fix Snapchat Camera Not Working Black Screen Issue | Reasons & Troubleshooting Tips to Solve Snapchat Camera Problems
  • Detailed Procedure for How to Update Snapchat on iOS 14 for Free
  • What is Snapchat Spotlight Feature? How to Make a Spotlight on Snapchat?
  • Snapchat Hack Tutorial 2021: Can I hack a Snapchat Account without them knowing?

Copyright © 2023 · News Pro Theme on Genesis Framework · WordPress · Log in