When troubleshooting complex operational problems, customer packets can be examined as they traverse the network.The interactive traffic monitoring tool provides the capability to capture and mirror traffic based on a 5 tuple match criteria. This can assist in identifying and debugging reachability issues.
This tool initiates an interactive traffic monitoring session that dynamically injects the specified match criteria into all sub-interface capture-filter ACL lists. Traffic matching the input criteria is mirrored to a destination where it is displayed and can be monitored.
The user specifies the 5 tuple match criteria using an input command. The agent then dynamically creates an ACL entry with the match criteria. Each matching packet is sent to the interactive monitor function running on the CPM. Matching packets are sent to the CPM and displayed until the traffic monitor command is exited. Upon exiting, the dynamically created capture-filter entries are removed.
Traffic monitoring is initiated with the tools system traffic-monitor CLI command. When the command starts, matching packets are sent to the CPM and displayed until the traffic monitor command is exited. To exit the command manually, press Ctrl+C.
For example, to view BGP traffic from a specific peer, specify the source IP address of the peer, set TCP as the protocol, and set the src-port or dest-port to the BGP peering port.
The following conditions apply:
The interactive traffic-monitor command initiates a monitoring session that dynamically injects the specified match criteria into all sub-interface input ACL lists. Traffic matching this entry is mirrored to the specified monitoring destination.
Use this command to configure the traffic monitoring session:
tools system traffic-monitor [source-address <ip-addr/len>] [destination-address <ip-addr/len>] [protocol <proto-val>] [source-port <value | range>] [destination-port <value | range>] [verbose] [output-file <file-name>] [hex-output]
Traffic monitoring command parameters are described in Table 3.
Command / parameter | Description |
tools system traffic-monitor | Initiates an interactive monitor session |
source-address <ip-addr/len> | Source IP address (IPv4 or IPv6) prefix and netmask length value. For example: 10.10.11.0/24 |
destination-address <ip-addr/len> | Destination IP address (IPv4 or IPv6) prefix and netmask length value. For example: 10.10.20.0/24 |
protocol <proto-val> | Specifies the protocol type value to match (required if either port values are specified) |
source-port <value | range> | Source port integer value or port range in the format of port1..port2 |
destination-port <value | range> | Destination port integer value or port range in the format of port1..port2 |
verbose | Displays detailed output |
output-file <filename> | Directs output to a file |
hex-output | Displays output in hex format |
Example:
To manually terminate the command, press Ctrl+C.
When terminated, any dynamically created traffic monitoring policies are automatically removed from all ingress interfaces.
Refer to the SR Linux Data Model Reference for details on the traffic monitoring command and other troubleshooting commands.