More options for the command are explained here: This information is otherwise available from "show interfaces extensive" that gives this information per interface along with a ton of other things. "monitor interface traffic" shows the real-time statistics of input/output packet counts/rates on interface(s) in an easy to read format. look at interface traffic stats or use firewall filter to count packets that match your criteria. If you don't need to look at every packet and it's contents, there may be simpler ways to achieve your goal like some posts have mentioned here i.e. Time of Log: 09:44:40 UTC, Filter: pfe, Filter action: accept, Name of interface: ge-0/0/0.0Ģ) On an EX4200/4500, following command gives a real time sample of a few packets forwarded at that time:Ĭprod -A fpc0 -c "show shim packet-descriptor device 1 summary" Name of protocol: ICMP, Packet Length: 84, Source address: 10.10.10.10, Destination address: 10.10.10.1 Time of Log: 09:44:41 UTC, Filter: pfe, Filter action: accept, Name of interface: ge-0/0/0.0 Set firewall family ethernet-switching filter pkt-capture term pkt-log then show firewall log detail For some link layers, such as SLIP and the cooked Linux capture mode used for the any device and. Set firewall family ethernet-switching filter pkt-capture term pkt-log from source-mac-address aa:bb:cc:dd:ee:ff/48 If there is no dir qualifier, src or dst is assumed. Set interfaces ge-0/0/0 unit 0 family ethernet-switching filter input pkt-capture Please note this punts the packet to CPU and will take CPU cycles, so should be used with proper match criteria and with caution on a production device. Couple of examples:ġ) Configure a firewall filter with action as "log" and then use "show firewall log" to see the packet header data.
#Wireshark display filter lldp mac#
I0f that's not feasible, there will be more complicated ways to dig further into packets at the hardware level but that will need caution. The VSI discovery protocol (VDP) is NOT a TLV in the LLDP sense but rather a protocol. Hence you'll find most people offer port mirroring. It isn't going to be simple on any vendor switches to get that kind of a capture as far as I know, let alone Juniper. What is the exact goal we are trying to achieve while looking at transit traffic? Do you really need to look at every packet's contents? Capturing packets that are transit for the switch means intercepting the data path of traffic that is switched via the forwarding engine hardware which is meant to happen quickly.
0 kommentar(er)
