Config Guide Routing Icmp
Config Guide Routing Icmp
Junos OS
Published
2020-12-17
ii
Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in
the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks
are the property of their respective owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right
to change, modify, transfer, or otherwise revise this publication without notice.
®
Junos OS ICMP Router Discovery Protocol User Guide
Copyright © 2020 Juniper Networks, Inc. All rights reserved.
The information in this document is current as of the date on the title page.
Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related
limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.
The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with)
Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement
(“EULA”) posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you
agree to the terms and conditions of that EULA.
iii
Table of Contents
About the Documentation | vi
Documentation Feedback | xi
1 Overview
ICMP Router Discovery Overview | 14
6 Configuration Statements
address (Protocols Router Discovery) | 61
advertise | 62
broadcast | 63
dns-server-address | 65
extended-echo | 66
ignore | 66
ineligible | 67
router-discovery | 75
7 Operational Commands
monitor interface | 81
monitor start | 98
ping | 101
probe | 109
traceroute | 121
vi
IN THIS SECTION
Documentation Feedback | xi
Use this guide to configure, monitor and troubleshoot the ICMP Router Discovery protocol on Juniper
Networks devices.
®
To obtain the most current version of all Juniper Networks technical documentation, see the product
documentation page on the Juniper Networks website at https://www.juniper.net/documentation/.
If the information in the latest release notes differs from the information in the documentation, follow the
product Release Notes.
Juniper Networks Books publishes books by Juniper Networks engineers and subject matter experts.
These books go beyond the technical documentation to explore the nuances of network architecture,
deployment, and administration. The current list can be viewed at https://www.juniper.net/books.
If you want to use the examples in this manual, you can use the load merge or the load merge relative
command. These commands cause the software to merge the incoming configuration into the current
candidate configuration. The example does not become active until you commit the candidate configuration.
If the example configuration contains the top level of the hierarchy (or multiple hierarchies), the example
is a full example. In this case, use the load merge command.
vii
If the example configuration does not start at the top level of the hierarchy, the example is a snippet. In
this case, use the load merge relative command. These procedures are described in the following sections.
1. From the HTML or PDF version of the manual, copy a configuration example into a text file, save the
file with a name, and copy the file to a directory on your routing platform.
For example, copy the following configuration to a file and name the file ex-script.conf. Copy the
ex-script.conf file to the /var/tmp directory on your routing platform.
system {
scripts {
commit {
file ex-script.xsl;
}
}
}
interfaces {
fxp0 {
disable;
unit 0 {
family inet {
address 10.0.0.1/24;
}
}
}
}
2. Merge the contents of the file into your routing platform configuration by issuing the load merge
configuration mode command:
[edit]
user@host# load merge /var/tmp/ex-script.conf
load complete
viii
Merging a Snippet
1. From the HTML or PDF version of the manual, copy a configuration snippet into a text file, save the
file with a name, and copy the file to a directory on your routing platform.
For example, copy the following snippet to a file and name the file ex-script-snippet.conf. Copy the
ex-script-snippet.conf file to the /var/tmp directory on your routing platform.
commit {
file ex-script-snippet.xsl; }
2. Move to the hierarchy level that is relevant for this snippet by issuing the following configuration mode
command:
[edit]
user@host# edit system scripts
[edit system scripts]
3. Merge the contents of the file into your routing platform configuration by issuing the load merge
relative configuration mode command:
For more information about the load command, see CLI Explorer.
Documentation Conventions
Laser warning Alerts you to the risk of personal injury from a laser.
Table 2 on page ix defines the text and syntax conventions used in this guide.
Bold text like this Represents text that you type. To enter configuration mode, type
the configure command:
user@host> configure
Fixed-width text like this Represents output that appears on user@host> show chassis alarms
the terminal screen.
No alarms currently active
Italic text like this • Introduces or emphasizes important • A policy term is a named structure
new terms. that defines match conditions and
• Identifies guide names. actions.
Italic text like this Represents variables (options for Configure the machine’s domain
which you substitute a value) in name:
commands or configuration
[edit]
statements.
root@# set system domain-name
domain-name
Text like this Represents names of configuration • To configure a stub area, include
statements, commands, files, and the stub statement at the [edit
directories; configuration hierarchy protocols ospf area area-id]
levels; or labels on routing platform hierarchy level.
components. • The console port is labeled
CONSOLE.
< > (angle brackets) Encloses optional keywords or stub <default-metric metric>;
variables.
# (pound sign) Indicates a comment specified on the rsvp { # Required for dynamic MPLS
same line as the configuration only
statement to which it applies.
[ ] (square brackets) Encloses a variable for which you can community name members [
substitute one or more values. community-ids ]
GUI Conventions
xi
Bold text like this Represents graphical user interface • In the Logical Interfaces box, select
(GUI) items you click or select. All Interfaces.
• To cancel the configuration, click
Cancel.
> (bold right angle bracket) Separates levels in a hierarchy of In the configuration editor hierarchy,
menu selections. select Protocols>Ospf.
Documentation Feedback
We encourage you to provide feedback so that we can improve our documentation. You can use either
of the following methods:
• Online feedback system—Click TechLibrary Feedback, on the lower right of any page on the Juniper
Networks TechLibrary site, and do one of the following:
• Click the thumbs-up icon if the information on the page was helpful to you.
• Click the thumbs-down icon if the information on the page was not helpful to you or if you have
suggestions for improvement, and use the pop-up form to provide feedback.
Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC).
If you are a customer with an active Juniper Care or Partner Support Services support contract, or are
xii
covered under warranty, and need post-sales technical support, you can access our tools and resources
online or open a case with JTAC.
• JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User
Guide located at https://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.
• JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week,
365 days a year.
For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called
the Customer Support Center (CSC) that provides you with the following features:
• Find solutions and answer questions using our Knowledge Base: https://kb.juniper.net/
To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool:
https://entitlementsearch.juniper.net/entitlementsearch/
You can create a service request with JTAC on the Web or by telephone.
• Visit https://myjuniper.juniper.net.
Overview
IN THIS SECTION
Router discovery uses Internet Control Message Protocol (ICMP) router advertisements and router
solicitation messages to allow a host to discover the addresses of operational routers on the subnet. Hosts
must discover routers before they can send IP datagrams outside their subnet. Router discovery allows a
host to discover the addresses of operational routers on the subnet.
Router discovery uses Internet Control Message Protocol (ICMP) router advertisements and router
solicitation messages to allow a host to discover the addresses of operational routers on the subnet. Hosts
must discover routers before they can send IP datagrams outside their subnet.
®
Router discovery allows a host to discover the addresses of operational routers on the subnet. The Junos
operating system (Junos OS) implementation of router discovery supports server mode only.
Each router periodically multicasts a router advertisement from each of its multicast interfaces, announcing
the IP address of that interface. Hosts listen for advertisements to discover the addresses of their
neighboring routers. When a host starts, it can send a multicast router solicitation to ask for immediate
advertisements.
The router discovery messages do not constitute a routing protocol. They enable hosts to discover the
existence of neighboring routers, but do not determine which router is best to reach a particular destination.
The router discovery server distributes information about the addresses of all routers on directly connected
networks and about their preferences for becoming the default router. (A host sends a packet to the default
router if the host does not have a route to a destination in its routing table.) The server does this by
periodically sending router advertisement packets out each interface on which router discovery is enabled.
In addition to containing the router addresses, these packets also announce the existence of the server
itself.
15
The server can either transmit broadcast or multicast router advertisement packets. Multicast packets are
sent to 224.0.0.1, which is the all-hosts multicast address. When packets are sent to the all-hosts multicast
address, or when an interface is configured for the limited-broadcast address 255.255.255.255, all IP
addresses configured on the physical interface are included in the router advertisement. When the packets
are being sent to a network or subnet broadcast address, only the address associated with that network
or subnet is included in the router advertisement.
When the routing protocol process first starts on the server router, the server sends router advertisement
packets every few seconds. Then, the server sends these packets less frequently, commonly every
10 minutes.
The server responds to router solicitation packets it receives from a client. The response is sent unicast
unless a router advertisement packet is due to be sent out momentarily.
NOTE: Junos OS does not support the ICMP router solicitation message with the source address
as 0.0.0.0.
Router advertisement messages include a preference level and a lifetime field for each advertised router
address.
The preference level specifies the router’s preference to become the default router. When a host chooses
a default router address, it chooses the address with the highest preference. You can configure the
preference level by including the priority statement.
The lifetime field indicates the maximum length of time that the advertised addresses are to be considered
valid by hosts in the absence of further advertisements. You can configure the advertising rate by including
the max-advertisement-interval and min-advertisement-interval statements, and you can configure the
lifetime by including the lifetime statement. .
RELATED DOCUMENTATION
Example: Configuring the ICMP Protocol for Discovering Gateways to Other Networks | 19
16
Junos OS substantially supports the following RFCs, which define standards for the Internet Control
Message Protocol (ICMP for IP version 4 [IPv4]) and neighbor discovery (for IP version 6 [IPv6]).
• RFC 2463, Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification
• RFC 4443, Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification
The ICMP Router Discovery Protocol (IRDP) enables hosts to locate routers on the local subnet and use
them as a gateway to reach other networks. Junos OS supports running IRDP in server mode, meaning
that router discovery packets are generated. Junos OS does not support IRDP in client mode running as
a host sending router solicitation messages. IRDP is specified in RFC 1256, ICMP Router Discovery Messages.
For a host to participate on an internetwork, it needs connectivity to at least one router on the local
network. One way to ensure that this is the case is to manually configure each host with the address of a
local router as its default router (also called a gateway). This method is time-consuming to set up, difficult
to maintain, and inflexible.
When you enable the Dynamic Host Configuration Protocol (DHCP) on a host, you do not need to configure
the default router. DHCP uses a method called router discovery to automatically discover local routers,
and learn other information about them.
The information provided includes the router’s address (or addresses, if it has more than one) and how
long the host should retain information about the router. Router advertisement messages are sent
periodically. Hosts listen for these messages. When an advertisement is received, the host processes it
and adds the information about the router to its routing table. A host that has no manually configured
routing information has no connectivity to routers when it first powers on. Instead of waiting for the next
Router Advertisement message, the host sends a router solicitation message on its local network. This
prompts any router that receives this message to immediately send an extra router advertisement message
directly to that host.
By default, router discovery is disabled on Junos OS routing devices. When router discovery is enabled,
the default behavior is to advertise all interfaces. If the router supports multicast, all the IPv4 Layer 3
interfaces are advertised through multicast. Otherwise, all the IPv4 Layer 3 interfaces are advertised
through broadcast.
RELATED DOCUMENTATION
Example: Configuring the ICMP Protocol for Discovering Gateways to Other Networks | 19
19
IN THIS SECTION
Requirements | 19
Overview | 19
Configuration | 21
Verification | 24
This example shows how to configure Internet Control Message Protocol (ICMP) router advertisements
to allow IPv4 hosts to discover the addresses of operational routers on the subnet. Hosts must discover
routers before they can send IP datagrams outside their subnet.
Requirements
This example assumes that a server or a client computer on the local network supports RFC 1256, ICMP
Router Discovery Messages.
Overview
Before a host is able to send a message to a host outside its own subnet, it must be able to identify the
address of the immediate router. This is typically done through reading a configuration file upon startup,
and on some multicast networks by listening to routing protocol traffic. When a server or a client computer
on the local network that supports RFC 1256 needs to locate a default gateway (router), the server or
client computer uses ICMP to send a router solicitation. Hosts that support RFC 1256 send an ICMP router
discovery message on the multicast address 224.0.0.2. Routers on the local network that support RFC
1256 immediately respond with a router advertisement.
The all-routers IP multicast address, 224.0.0.2, is the local IP broadcast address that IPv4 reserved. IPv4
multicast addresses in the range 224.0.0.0/24 (from 224.0.0.0 to 224.0.0.255) are reserved for the local
subnet.
20
The ICMP Router Discovery Protocol (IRDP) uses router advertisements as well as router solicitation
messages to allow hosts to learn the IP addresses of the router that is attached to the immediate network.
When a host is started, it sends router solicitation messages to check for the address of the immediate
router.
NOTE: Not all hosts perform router discovery using the method specified in RFC 1256. If the
host has DHCP enabled, it might not use ICMP router discovery. The performance of router
discovery is one of the DHCP options that is defined in RFC 1541, Dynamic Host Configuration
Protocol. This option specifies whether the client solicits routers using the ICMP router discovery
method specified in RFC 1256. A value of 1 indicates that the client performs router discovery.
A value of 0 indicates that the client does not.
To configure the router to be a router discovery server, you must include at least the following statement
in the configuration. All other router discovery configuration statements are optional.
[edit]
protocols {
router-discovery;
}
To configure a router as a server for ICMP router discovery, you can include the following statements in
the configuration:
[edit]
protocols {
router-discovery {
disable;
address address {
(advertise | ignore);
(broadcast | multicast);
(ineligible | priority number);
}
interface interface-name {
lifetime seconds;
max-advertisement-interval seconds;
min-advertisement-interval seconds;
}
traceoptions {
file filename <files number> <size size> <world-readable | no-world-readable>;
21
Source
Host
Network 1
R1 R2
Network 2
Destination
Host
g041231
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any
line breaks, change any details necessary to match your network configuration, and then copy and paste
the commands into the CLI at the [edit] hierarchy level.
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information
about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
This example shows multiple loopback interface addresses to simulate attached networks.
[edit interfaces]
user@R1# set ge-1/2/0 unit 6 description to-R2
user@R1# set ge-1/2/0 unit 6 family inet address 10.0.0.6/24
[edit protocols]
user@R1# set router-discovery
6. (Optional) Set the IRDP period for which advertisements are valid.
7. (Optional) Configure the router to include the 10.0.0.6 IP address in IRDP advertisements to the all-hosts
multicast address (224.0.0.1).
If the router supports IP multicast, and if the interface supports IP multicast, multicast is the default.
Otherwise, the addresses are included in broadcast router advertisement packets.
This preference is set relative to the preferences of other router addresses on the same subnet.
Results
From configuration mode, confirm your configuration by entering the show interfaces and show protocols
commands. If the output does not display the intended configuration, repeat the configuration instructions
in this example to correct it.
address 10.0.0.6 {
multicast;
priority 900;
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Purpose
Verify that the expected interfaces are sending messages.
Action
From operational mode, enter the show log icmp-log command.
Meaning
The log output shows that the preference was set to 900 for IP address 10.0.0.6 and that messages are
being sent on the ge-1/2/0.6 interface.
RELATED DOCUMENTATION
To access any location on the Internet, the domain name system (DNS) server plays a pivotal role in
resolving the domain name into its associated IP address. The DNS resolution service can also be provided
by the DHCP server. The routing protocol process (rpd) of routers generates router advertisements to
facilitate IPv6 hosts in autoconfiguration and in learning network information. For IPv6 stateless
autoconfiguration, DNS configuration is provided by router advertisements. The router advertisement-based
DNS configuration is useful in networks where an IPv6 host’s address is autoconfigured through an IPv6
stateless address and where there is no existing DHCPv6 infrastructure.
Depending on their configuration, DNS servers can be classified into the following types:
DNS servers can resolve either recursive or nonrecursive queries. For a recursive query by a DNS client,
the DNS server returns either the IP address associated with the domain name or an error. A recursive
query does not return a referral. For a nonrecursive query, the DNS server returns the IP address of the
domain name or an error or a referral to another DNS server which might have the resolution of the query.
For IPv6 hosts, a maximum of three recursive DNS server addresses can be configured along with their
respective lifetimes. The default value of the lifetime of the configured recursive DNS server addresses is
1800 seconds. The configured IPv6 host uses the specified recursive DNS server address for DNS resolution
where the IPv6 host’s address is autoconfigured through an IPv6 stateless address and where there is no
DHCPv6 infrastructure available.
RELATED DOCUMENTATION
dns-server-address | 65
lifetime | 69
Configuring a Recursive DNS Server Address for IPv6 Hosts | 28
Example: Configuring Recursive DNS Server Addresses for IPv6 Hosts | 29
For IPv6 hosts, a maximum of three recursive DNS server addresses can be configured along with their
respective lifetimes. The configured IPv6 host uses the specified recursive DNS server address for DNS
resolution where the IPv6 host’s address is autoconfigured through an IPv6 stateless address and where
there is no DHCPv6 infrastructure available.
To configure a recursive DNS server address on IPv6 hosts, follow these steps:
1. Configure the recursive DNS server address for the IPv6 host.
For example, to assign IPv6 address abcd:1::1 as the recursive dns server address to interface fe-1/0/1:
2. Configure the lifetime to specify the time in seconds for which the recursive DNS server address remains
valid.
For example, to specify a lifetime of 60 seconds for the recursive DNS server address:
The default value of the lifetime of the configured recursive DNS server address is 1800 seconds.
29
RELATED DOCUMENTATION
dns-server-address | 65
lifetime | 69
Understanding Recursive DNS Servers for IPv6 | 27
Example: Configuring Recursive DNS Server Addresses for IPv6 Hosts | 29
IN THIS SECTION
Requirements | 29
Overview | 30
Configuration | 30
Verification | 33
This example shows how to configure the recursive DNS server address of an IPv6 host. The recursive
DNS server address is included in the router advertisement that is sent to the neighboring devices.
Requirements
Overview
The example includes two routers that are directly connected. Configure IPv6 on the directly connected
interfaces. Enable router advertisement on the interfaces and configure the recursive DNS server addresses
and their lifetimes on the interfaces. This example verifies that the router advertisement sent to the
neighboring device includes the configured recursive DNS server addresses.
Topology
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any
line breaks, change any details necessary to match your network configuration, and then copy and paste
the commands into the CLI at the [edit] hierarchy level.
Router R0
Router R1
Step-by-Step Procedure
The following example requires that you navigate various levels in the configuration hierarchy. For
information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
NOTE: Repeat this procedure for Router R1, modifying the appropriate interface names,
addresses, and any other parameters for the router.
[edit interfaces]
user@R0# set fe-0/1/3 unit 0 family inet6 address 2001:DB8::1/64
[edit interfaces]
user@R0# set lo0 unit 0 family inet6 address 1::1/128
The router sends advertisements to neighbors after the specified time interval. In this example, Router
R0 sends router advertisements to Router R1 after a minimum interval of 3 seconds and a maximum
interval of 4 seconds.
4. Configure the recursive DNS addresses and their lifetimes on the interface.
Results
From configuration mode, confirm your configuration by entering the show interfaces and show protocols
commands. If the output does not display the intended configuration, repeat the instructions in this example
to correct the configuration.
dns-server-address abcd:1::3 {
lifetime 300;
}
}
}
user@R0# commit
Verification
Verifying That the Router Advertisement Includes the Recursive DNS Server Address
Purpose
Verify that the router advertisement on Router R1 includes the recursive DNS server address configured
on Router R0.
Action
From operational mode on Router R1, enter the show ipv6 router-advertisement command.
Interface: fe-1/3/0.0
Advertisements sent: 18, last sent 00:00:02 ago
Solicits received: 0
Advertisements received: 18
Advertisement from fe80::214:f6ff:fe22:5422, heard 00:00:02 ago
Managed: 0
Other configuration: 0
Reachable time: 0 ms
Default lifetime: 12 sec
Retransmit timer: 0 ms
Current hop limit: 64
RDNSS address: abcd:1::1
Lifetime: 100 sec
RDNSS address: abcd:1::2
Lifetime: 200 sec
34
Meaning
The recursive DNS server address and the configured lifetime are included in the router advertisements
on Router R1.
RELATED DOCUMENTATION
Traceroute is a tool for displaying the route taken by a packet from an IP network on their way to a given
host. When a traceroute is performed the packets are always sent out of the interface that is the NH for
the active route and there is no option to bypass it.
When a traceroute is performed, packets are sent out of active interface even if we specify an inactive
interface. From Junos OS Release 17.4R1 onwards, you can configure traceroute to send out packets
through an inactive next-hop by specifying the traceroute next-hop address to a destination through an
inactive next hop.
RELATED DOCUMENTATION
traceroute | 121
IN THIS SECTION
Requirements | 36
Overview | 37
Configuration | 37
Verification | 41
This example shows how to list and view files that are created when you enable global routing trace
operations.
Requirements
Overview
To configure global routing protocol tracing, include the traceoptions statement at the [edit routing-options]
hierarchy level:
traceoptions {
file filename <files number> <size size> <world-readable | no-world-readable>;
flag flag <disable>;
}
The flags in a traceoptions flag statement are identifiers. When you use the set command to configure a
flag, any flags that might already be set are not modified. In the following example, setting the timer tracing
flag has no effect on the already configured task flag. Use the delete command to delete a particular flag.
This example shows how to configure and view a trace file that tracks changes in the routing table. The
steps can be adapted to apply to trace operations for any Junos OS hierarchy level that supports trace
operations.
TIP: To view a list of hierarchy levels that support tracing operations, enter the help apropos
traceoptions command in configuration mode.
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any
line breaks, change any details necessary to match your network configuration, and then copy and paste
the commands into the CLI at the [edit] hierarchy level.
38
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information
about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.
[edit]
user@host# commit
Step-by-Step Procedure
39
/var/log:
...
routing-table-changes
...
4. View the tracing operations in real time by running the monitor start command with an optional match
condition.
40
6. Halt the monitor command by pressing Enter and typing monitor stop.
[Enter]
user@host> monitor stop
7. When you are finished troubleshooting, consider deactivating trace logging to avoid any unnecessary
impact to system resources.
When configuration is deactivated, it appears in the configuration with the inactive tag.
[edit routing-options]
user@host# deactivate traceoptions
user@host# commit
[edit routing-options]
user@host# show
inactive: traceoptions {
file routing-table-changes size 10m files 10;
flag route;
41
}
static {
inactive: route 1.1.1.2/32 next-hop 10.0.45.6;
}
[edit routing-options]
user@host# activate traceoptions
user@host# commit
Results
From configuration mode, confirm your configuration by entering the show routing-options command. If
the output does not display the intended configuration, repeat the instructions in this example to correct
the configuration.
Verification
Purpose
Make sure that events are being written to the log file.
Action
The Probe command helps to capture the interface details such as probe packet statistics, and interface
state (active/inactive), irrespective of whether the network family address configured is IPv4 or IPv6 on
the probed interfaces.
RFC 8335, PROBE: A Utility for Probing Interfaces, describes the Probe utility. Probe is a network diagnostic
tool similar to Ping that can be used to query the status of a probed interface on a node. The Probe
command require bidirectional connectivity between the probing interface and the proxy interface. The
proxy interface can reside on the same node as the probed interface, or it can reside on a node to which
the probed interface is directly connected. Probe uses ICMP Extended Echo/Reply messages for
communication between the probing interface and the proxy interface. This utility helps in scenarios where
bidirectional connectivity between the probing and probed interfaces is lacking. For instance, if the probed
interface is an unnumbered interface, or if the probed interface is assigned a different address family. In
both cases you can use the Probe command to confirm if the probed interface is reachable from the proxy.
The proxy interface learns details about the probed interface by inspecting its local ARP and NDP entries.
43
The first figure shows R0 as the probing node, R1 as the proxy node, and R2 as the probed node. In the
second figure the R1 node functions in both the proxy and probed node roles:
To enable the probe command, configure the extended-echo configuration statement at the [edit system]
hierarchy level on the proxy node.
[edit]
user@host# set system extended-echo
NOTE: You do not need to enable the extended-echo configuration statement on the probing
or probed nodes.
You can probe using the remote address of the probed device when the proxy and probed nodes are not
the same. That is, when the proxy and the probed nodes are two different nodes. The proxy interface
learns the details of the probed interface from its local ARP or NDP entries associated with the probed
node.
You can also probe using the following three options when the proxy and probed nodes are same:
NOTE: 1. You can probe for information with any one of these mandatory options. That is,
by-remote-address, by-address, by-name, or by-index.
2. You can probe using the IPv4 or IPv6 address to query for the status of the IPv4 address.
Likewise, you can probe using the IPv4 or IPv6 address to query for the status of the IPv6 address.
Purpose
Use case 1: Probing when the proxy interface and the probed interface reside on two different nodes
(proxy node (R1) and the probed node (R2)). Consider R0 as the probing node, R1 as the proxy node, and
R2 as the probed node and change the details of the interfaces and IP addresses to match your network
configuration. In this case, you can probe using by-remote-address option only.
Action
Example 1: From operational mode, probe for the status of the IP address 10.0.12.2 of the probed node
(R2) using the by-remote-address option with the proxy IP address 10.0.1.10 of the proxy node (R1).
In this case, the proxy node provides the status of the probed interface based on the information associated
with its local ARP and NDP entries. Use the count argument to control the number of probe request that
are sent.
NOTE:
• In this example, the target address (10.0.12.2) is defined on the probed node. As a result, you
can see a positive result, which confirms that the IP address is reachable on the probed node.
• When you probe using the by-remote-address option, you can only determine if the probed
interface is reachable. That is, if the probed interface is in reachable state, then by default, the
probe packet statistics such as active, IPv4, and IPv6 are set to zero (0).
Meaning
The proxy IP address (10.0.1.10) displays the status of the probed IP address (10.0.12.2). The output is
verified with the following probe packet statistics:
• active=0 is set to zero and ignored upon receipt when you probe using the by-remote-address option.
• IPv4=0 and IPv6=0 by default when you probe using the by-remote-address.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
• ttl is the IPv4 time to live value, which default to the maximum value.
Example 2: From operational mode, probe for the status of the IP address 10.0.12.22 of the probed node
(R2) using the by-remote-address option with the proxy IP address 10.0.1.10 of the proxy node (R1).
As in Example 1, the proxy node provides the status of the probed interface based on the information
associated with its local ARP and NDP entries. Use the count argument to control the number of probe
request that are sent.
NOTE:
• In this example the target address (10.0.12.22) is not defined on the probed node. As a result,
you expect to see a negative result, which confirms the IP address is not active on the probed
node.
• When you probe using the by-remote-address option, you can only determine if the probed
interface is reachable. That is, if the probed interface is in reachable state, then by default, the
probe packet statistics such as active, IPv4, and IPv6 are set to zero (0).
Meaning
The proxy IP address (10.0.1.10) displays the status of the probed IP address (10.0.12.22). The output is
verified with the following probe packet statistics:
• code=3 indicates that there is no such entry in the ARP table. This is expected in this example because
the probed IP address is not defined on either the proxy or probed nodes.
• state=0 is a required setting when the code bit is set to a non-zero state and the probed interface does
not reside on the proxy node. Here, the probed IP address resides on the probed node, and the code bit
is set to a 3.
• active=0 is set to zero and ignored upon receipt when you probe using the by-remote-address option.
• IPv4=0 and IPv6=0 by default when you probe using the by-remote-address.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
• ttl is the IPv4 time to live value, which default to the maximum value.
Purpose
Use Case 2: Probing when proxy node and the probed node are the same. Consider R0 as the probing
node, R1 as the proxy and the probed node. Change the details of the interfaces and IP addresses to match
your network configuration.
Query for the status of the probed IP address through the proxy IP address
Action
From operational mode, probe for the status of the probed IP address 10.0.12.1 using the by-address
option with the proxy IP address 10.0.1.10 at the proxy node (R1). The count argument is used to set the
number of probe requests to 1.
Meaning
The proxy IP address, 10.0.1.10 displays the status of the probed IP address, 10.0.12.1. The output is
verified with the following probe packet statistics:
• state=0 indicates that the probed interface is active and resides on the proxy node.
• IPv4=1 and IPv6=1 indicates that both IPv4 and IPv6 addresses are configured and available on the
probed node.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
• ttl is the IP time to live value, which is set to the maximum hop count..
Purpose
Use Case 3: Query for the status of the IPv4 or IPv6 address using the interface index of the probed
interface. (Probing when the proxy node and the probed node are the same. Consider R0 as the probing
node, R1 as the proxy and the probed node. Change the details of the interfaces and IP addresses to match
your network configuration.)
Action
From operational mode, probe for the status of the IPv4 or IPv6 address using the by-index option to
specify the interface index of the probed interface. The count 2 argument causes 2 probe request to be
generated. In this example the R1 node functions as both the proxy and probed nodes.
Meaning
The proxy IP address, 10.0.1.10 displays the status of the probed interface using the Logical interface
index-id, 333. The output is verified with the following probe packet statistics:
48
• state=0 indicates that the probed interface is active and resides on the proxy node.
• IPv4=1 and IPv6=1 indicates that IPv4 and IPv6 addresses are configured on the probed node.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
Purpose
Use Case 4: Query the proxy interface for information about the probed interface that reside on the
proxy node. (Probing when the proxy node and the probed node are the same. Consider R0 as the probing
node, R1 as the proxy and the probed node. Change the details of the interfaces and IP addresses to match
your network configuration.)
Action
From operational mode, probe for the status of the probed IP address using the by-address option while
specifying the proxy node by its IPv6 address. The count argument is used to set the probe count to 1.
Meaning
The proxy IP address, 2001:db8:1::11 displays the status of the probed IP address, 10.0.12.1 that resides
on the proxy device. The output is verified with the following probe packet statistics:
• code=0 indicates that the probe request completes with out error.
• state=0 indicates that the probed interface is active and resides on the proxy node.
• IPv4=1 and IPv6=1 indicates that both IPv4 and IPv6 addresses are configured on the probed interface.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
Purpose
Use case 5: Query for the status of the probed interface using the interface name. (Probing when the
proxy node and the probed node are the same. Consider R0 as the probing node, R1 as the proxy and the
probed node. Change the details of the interfaces and IP addresses to match your network configuration.)
Action
From operational mode, probe for the status of the probed interface using the interface name ge-0/0/1.0
using the IPv6 address of the proxy node 2001:db8:1::11.
Meaning
The proxy node with IPv6 address, 2001:db8:1::11 returns the status of the specified interface ge-0/0/1.0.
The output is verified with the following probe packet statistics:
• state=0 indicates that the probed interface is active on the proxy node.
• IPv4=1 and IPv6=1 indicates that the IPv4 and IPv6 addresses are available on the probed interface.
• time=milliseconds ms indicates the time taken to receive the reply after the request is transmitted.
SEE ALSO
extended-echo | 66
probe | 109
5 CHAPTER
Solution
2. Isolating the Causes of a Network Problem on page 54 show < configuration | interfaces | protocols | route
>
4. Evaluating the Solution to Check Whether the Network show route (ip-address | hostname)
Problem Is Resolved on page 57 ping (ip-address | hostname) count 3
traceroute (ip-address | hostname)
By applying the standard four-step process illustrated in Figure 3 on page 51, you can isolate a failed node
in the network. Note that the functionality described in this section is not supported in versions 15.1X49,
15.1X49-D30, or 15.1X49-D40.
Before you embark on the four-step process, however, it is important that you are prepared for the
inevitable problems that occur on all networks. While you might find a solution to a problem by simply
trying a variety of actions, you can reach an appropriate solution more quickly if you are systematic in your
approach to the maintenance and monitoring of your network. To prepare for problems on your network,
understand how the network functions under normal conditions, have records of baseline network activity,
and carefully observe the behavior of your network during a problem situation.
Figure 4 on page 52 shows the network topology used in this topic to illustrate the process of diagnosing
problems in a network.
AS 65001 AS 65002
Aggregate Routes:
100.100.1.0/24
100.100.2.0/24
100.100.3.0/24
lo0: .1 100.100.4.0/24 lo0: .2 lo0: .3
so-0/0/0–.12.2 so-0/0/1–.23.1
R1 R2 R3
so-0/0/0–.12.1 so-0/0/1–.23.2
so-0/0/1–.15.2
so-0/0/2–.26.2 so-0/0/3–.36.2
R5 R6
I-BGP
Key:
so-0/0/X: 10.1.x.x/30 E-BGP
lo0: 10.0.0.x/32
The network in Figure 4 on page 52 consists of two autonomous systems (ASs). AS 65001 includes two
routers, and AS 65002 includes three routers. The border router (R1) in AS 65001 announces aggregated
prefixes 100.100/24 to the AS 65002 network. The problem in this network is that R6 does not have
access to R5 because of a loop between R2 and R6.
To isolate a failed connection in your network, follow the steps in these topics:
• Evaluating the Solution to Check Whether the Network Problem Is Resolved on page 57
Solution
To identify the symptoms of a problem on your network, start at one end of your network and follow the
routes to the other end, entering all or one of the following Junos OS command-line interfaces (CLI)
operational mode commands:
Sample Output
^C
--- 10.0.0.5 ping statistics ---
3 packets transmitted, 0 packets received, 100% packet loss
54
Meaning
The sample output shows an unsuccessful ping command in which the packets are being rejected because
the time to live is exceeded. The output for the show route command shows the interface (10.1.26.1) that
you can examine further for possible problems. The traceroute command shows the loop between 10.1.26.1
(R2) and 10.1.26.2 (R6), as indicated by the continuous repetition of the two interface addresses.
Solution
To isolate the cause of a particular problem, enter one or all of the following Junos OS CLI operational
mode command:
user@host> show < configuration | bgp | interfaces | isis | ospf | route >
Your particular problem may require the use of more than just the commands listed above. See the
appropriate command reference for a more exhaustive list of commonly used operational mode commands.
55
Sample Output
Meaning
The sample output shows that all interfaces on R6 are up. The output from R2 shows that a static route
[Static/5] configured on R2 points to R6 (10.1.26.2) and is the preferred route to R5 because of its low
preference value. However, the route is looping from R2 to R6, as indicated by the missing reference to
R5 (10.1.15.2).
Description: The appropriate action depends on the type of problem you have isolated. In this example,
a static route configured on R2 is deleted from the [routing-options] hierarchy level. Other appropriate
actions might include the following:
Solution
• Check the local router’s configuration and edit it if appropriate.
To resolve the problem in this example, enter the following Junos OS CLI commands:
[edit]
user@R2# delete routing-options static route destination-prefix
user@R2# commit and-quit
user@R2# show route destination-prefix
Sample Output
[edit]
user@R2# delete routing-options static route 10.0.0.5/32
[edit]
user@R2# commit and-quit
commit complete
Exiting configuration mode
Meaning
The sample output shows the static route deleted from the [routing-options] hierarchy and the new
configuration committed. The output for the show route command now shows the BGP route as the
preferred route, as indicated by the asterisk (*).
57
Solution
To evaluate the solution, enter the following Junos OS CLI commands:
Sample Output
Meaning
The sample output shows that there is now a connection between R6 and R5. The show route command
shows that the BGP route to R5 is preferred, as indicated by the asterisk (*). The ping command is successful
and the traceroute command shows that the path from R6 to R5 is through R2 (10.1.26.1), and then
through R1 (10.1.12.1).
6 CHAPTER
Configuration Statements
advertise | 62
broadcast | 63
dns-server-address | 65
extended-echo | 66
ignore | 66
ineligible | 67
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify the IP addresses to include in router advertisement packets.
Options
address—IP address. To specify more than one address, specify multiple addresses or include multiple
address statements.
RELATED DOCUMENTATION
advertise
Syntax
(advertise | ignore);
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify whether the server should advertise the IP address in its router advertisement packets:
Default
advertise
RELATED DOCUMENTATION
broadcast
Syntax
(broadcast | multicast);
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify when the server should include the IP addresses in router advertisement packets. On the same
physical interfaces, some addresses might be included only in multicast packets, while others might be
included only in broadcast packets.
If you specify broadcast, the server includes the addresses in router advertisement packets only if the
packets are broadcast.
Default
multicast if the router supports IP multicast; broadcast if the router does not support IP multicast.
RELATED DOCUMENTATION
disable;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Disable router discovery.
Default
The configured object is enabled (operational) unless explicitly disabled.
RELATED DOCUMENTATION
dns-server-address
Syntax
dns-server-address address {
lifetime seconds;
}
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 14.1.
Description
Specify the recursive DNS server address that the device must use to resolve DNS names. The recursive
DNS server address is the 128-bit IPv6 address of the recursive DNS server. You can configure a maximum
of three recursive DNS server addresses at the interface level.
RELATED DOCUMENTATION
extended-echo
Syntax
extended-echo;
Hierarchy Level
[edit system]
Release Information
Statement introduced in Junos OS Release 20.3R1.
Description
Configure ICMP extended echo to enable the probe command. On enabling this statement on the proxy
node, you can query for the status of the probed interface. The ICMP extended echo and ICMP extended
reply messages are used for the communication between the probing interface and the probed interface
through the proxy interface.
Default
Extended echo is disabled unless explicitly enabled.
RELATED DOCUMENTATION
ignore
See
advertise
67
ineligible
Syntax
ineligible;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify that the address can never become the default router.
RELATED DOCUMENTATION
interface interface-name {
lifetime seconds;
max-advertisement-interval seconds;
min-advertisement-interval seconds;
}
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify physical interfaces on which to configure timers for router advertisement messages.
Options
interface-name—Name of an interface. Specify the full interface name, including the physical and logical
address components. To configure all interfaces, specify all.
RELATED DOCUMENTATION
lifetime seconds;
Hierarchy Level
Release Information
Statement introduced in Junos OS Release 14.1.
Description
Specify the maximum time in seconds for which the recursive DNS server address remains valid. The device
can use the specified recursive DNS server address for DNS name resolution until the time specified by
this statement.
seconds– Maximum time for which the recursive DNS server address remains valid.
Options
Range: 0 through 4294967295 seconds
Default: 1800 seconds
Values: 0 indicates that the advertised recursive DNS server address is no longer valid and that this recursive
DNS server address entry can be deleted. 4294967295 seconds indicates an infinite lifetime and a persistent
entry in the device for this recursive DNS server address.
RELATED DOCUMENTATION
lifetime seconds;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify how long the addresses sent by the server in its router advertisement packets are valid. This time
must be long enough so that another router advertisement packet is sent before the lifetime has expired.
The lifetime value is placed in the advertisement lifetime field of the router advertisement packet. If this
amount of time passes and the host has not received a router advertisement from the server, the router
marks the advertised addresses as invalid.
Options
seconds—Lifetime value. A value of 0 indicates that one or more addresses are no longer valid.
Range: Three times the value set by the max-advertisement-interval statement through 2 hours, 30 minutes
(9000 seconds)
Default: 1800 seconds (30 minutes, which is three times the default value for the max-advertisement-interval
statement)
RELATED DOCUMENTATION
max-advertisement-interval seconds;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify the maximum time the router waits before sending periodic router advertisement packets out the
interface. These packets are broadcast or multicast, depending on how the address corresponding to this
physical interface is configured.
Options
seconds—Maximum time between router advertisement packets.
Range: 4 through 1800 seconds
Default: 600 seconds (10 minutes)
RELATED DOCUMENTATION
min-advertisement-interval seconds;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify the minimum time the router waits before sending router advertisement packets out the interface
in response to router solicitation packets it receives from a client. These packets are broadcast or multicast,
depending on how the address corresponding to this physical interface is configured.
Options
seconds—Minimum time between router advertisement packets.
Range: 3 seconds through 1800 seconds
Default: 400 seconds (0.75 times the default value for the max-advertisement-interval statement)
RELATED DOCUMENTATION
(multicast | broadcast);
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify when the server should include the IP addresses in router advertisement packets. On the same
physical interfaces, some addresses might be included only in multicast packets, while others might be
included only in broadcast packets.
If you specify multicast, the server includes the addresses in router advertisement packets only if the
packets are multicast. If the router supports IP multicast, and if the interface supports IP multicast, multicast
is the default. Otherwise, the addresses are included in broadcast router advertisement packets. If the
router does not support IP multicast, the addresses are not included.
Default
multicast if the router supports IP multicast; broadcast if the router does not support IP multicast.
RELATED DOCUMENTATION
priority number;
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Specify the preference of the address to become a default router. This preference is set relative to the
preferences of other router addresses on the same subnet.
Options
number—Preference of the addresses for becoming the default router. A higher value indicates that the
address has a greater preference for becoming the default router.
Range: 0 through 0x80000000
Default: 0 (This address has the least chance of becoming the default router.)
RELATED DOCUMENTATION
router-discovery
Syntax
router-discovery {
disable;
address address {
(advertise | ignore);
(broadcast | multicast);
(ineligible | priority number);
}
interface interface-name {
lifetime seconds;
max-advertisement-interval seconds;
min-advertisement-interval seconds;
}
traceoptions {
file filename <files number> <size size> <world-readable | no-world-readable>;
flag flag <flag-modifier> <disable>;
}
}
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Enable ICMP router discovery (server mode) on the router.
Default
Router discovery is disabled on the router. When router discovery is enabled, the default behavior is to
advertise all interfaces. If the router supports multicast, all the IPv4 Layer 3 interfaces are advertised
through multicast. Otherwise, all the IPv4 Layer 3 interfaces are advertised through broadcast.
RELATED DOCUMENTATION
traceoptions {
file filename <files number> <size size> <world-readable | no-world-readable>;
flag flag <flag-modifier> <disable>;
}
Hierarchy Level
Release Information
Statement introduced before Junos OS Release 7.4.
Description
Configure ICMP protocol-level tracing options.
To specify more than one tracing operation, include multiple flag statements.
Default
The default ICMP protocol-level tracing options are inherited from the routing protocols traceoptions
statement included at the [edit routing-options] hierarchy level.
Options
disable—(Optional) Disable the tracing operation. One use of this option is to disable a single operation
when you have defined a broad group of tracing operations, such as all.
file filename—Name of the file to receive the output of the tracing operation. Enclose the name within
quotation marks. All files are placed in the directory /var/log. We recommend that you place ICMP tracing
output in the file icmp-log.
files number—(Optional) Maximum number of trace files. When a trace file named trace-file reaches its
maximum size, it is renamed trace-file.0, then trace-file.1, and so on, until the maximum number of trace
files is reached. Then, the oldest trace file is overwritten.
If you specify a maximum number of files, you also must specify a maximum file size with the size option.
Range: 2 through 1000 files
Default: 2 files
flag flag—Tracing operation to perform. To specify more than one tracing operation, include multiple flag
statements.
78
Default: If you do not specify this option, only unusual or abnormal operations are traced.
• state—State transitions
• timer—Timer usage
flag-modifier—(Optional) Modifier for the tracing flag. You can specify one or more of these modifiers:
size size—(Optional) Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB).
When a trace file named trace-file reaches this size, it is renamed trace-file.0. When the trace-file again
reaches its maximum size, trace-file.0 is renamed trace-file.1 and trace-file is renamed trace-file.0. This
renaming scheme continues until the maximum number of trace files is reached. Then, the oldest trace file
is overwritten.
If you specify a maximum file size, you also must specify a maximum number of trace files with the files
option.
Syntax: xk to specify KB, xm to specify MB, or xg to specify GB
Range: 10 KB through the maximum file size supported on your system
Default: 1 MB
RELATED DOCUMENTATION
Operational Commands
monitor interface | 81
monitor start | 98
ping | 101
probe | 109
traceroute | 121
81
monitor interface
Syntax
monitor interface
<interface-name | traffic <detail>>
Release Information
Command introduced before Junos OS Release 7.4.
Description
Display real-time statistics about interfaces, updating the statistics every second. Check for and display
common interface failures, such as SONET/SDH and T3 alarms, loopbacks detected, and increases in
framing errors.
NOTE: On Junos OS Evolved, you can use the monitor interface command over SSH sessions,
but console and Telnet sessions are not supported.
Options
none—Display real-time statistics for all interfaces.
traffic—(Optional) Display traffic data for all active interfaces. In a TX Matrix or TX Matrix Plus router,
display real-time statistics for the physical interfaces on the specified LCC only.
Additional Information
The output of this command shows how much each field has changed since you started the command or
since you cleared the counters by pressing the c key. For a description of the statistical information provided
in the output of this command, see the show interfaces extensive command for a particular interface type
in the CLI Explorer. To control the output of the monitor interface command while it is running, use the
keys listed in Table 4 on page 82. The keys are not case-sensitive.
82
Table 4: Output Control Keys for the monitor interface interface-name Command
Key Action
c Clears (returns to zero) the delta counters since monitor interface was started. This does not clear
the accumulative counter. To clear the accumulative counter, use the clear interfaces interval
command.
f Freezes the display, halting the display of updated statistics and delta counters.
i Displays information about a different interface. The command prompts you for the name of a
specific interface.
n Displays information about the next interface. The monitor interface command displays the physical
or logical interfaces in the same order as the show interfaces terse command.
t Thaws the display, resuming the update of the statistics and delta counters.
To control the output of the monitor interface traffic command while it is running, use the keys listed in
Table 5 on page 82. The keys are not case-sensitive.
Table 5: Output Control Keys for the monitor interface traffic Command
Key Action
b Displays the statistics in units of bytes and bits per second (bps).
c Clears (return to 0) the delta counters in the Current Delta column. The statistics counters are
not cleared.
d Displays the Current Delta column (instead of the rate column) in bps or packets per second
(pps).
p Displays the statistics in units of packets and packets per second (pps).
r Displays the rate column (instead of the Current Delta column) in bps and pps.
Output Fields
Table 6 on page 83 describes the output fields for the monitor interface command. Output fields are listed
in the approximate order in which they appear.
Seconds How long the monitor interface command has been running or how long All levels
since you last cleared the counters.
Delay x/y/z Time difference between when the statistics were displayed and the actual All levels
clock time.
Interface Short description of the interface, including its name, status, and All levels
encapsulation.
Current delta Cumulative number for the counter in question since the time shown in All levels
the Seconds field, which is the time since you started the command or
last cleared the counters.
84
Local Statistics (Logical interfaces only) Number and rate of bytes and packets destined All levels
to the router or switch through the specified interface. When a burst of
traffic is received, the value in the output packet rate field might briefly
exceed the peak cell rate. It usually takes less than 1 second for this
counter to stabilize.
Remote Statistics (Logical interfaces only) Statistics for traffic transiting the router or switch. All levels
When a burst of traffic is received, the value in the output packet rate
field might briefly exceed the peak cell rate. It usually takes less than 1
second for this counter to stabilize.
Traffic statistics Total number of bytes and packets received and transmitted on the All levels
interface. These statistics are the sum of the local and remote statistics.
When a burst of traffic is received, the value in the output packet rate
field might briefly exceed the peak cell rate. It usually takes less than 1
second for this counter to stabilize.
Description With the traffic option, displays the interface description configured at detail
the [edit interfaces interface-name] hierarchy level.
Input Errors Sum of incoming frame aborts and FCS errors. All levels
Input Drops Number of packets dropped by the input queue of the I/O Manager ASIC. All levels
If the interface is saturated, this number increments once for every packet
that is dropped by the ASIC's RED mechanism.
85
Input Framing Number of packets received with an invalid frame checksum (FCS). All levels
errors
Policed discards Number of frames that the incoming packet match code discarded because All levels
they were not recognized or not of interest. Usually, this field reports
protocols that the Junos OS does not handle.
L3 incompletes Number of incoming packets discarded because they failed Layer 3 (usually All levels
IPv4) sanity checks of the header. For example, a frame with less than 20
bytes of available IP header is discarded. L3 incomplete errors can be
ignored by configuring the ignore-l3-incompletes statement.
L2 channel errors Number of times the software did not find a valid logical interface for an All levels
incoming frame.
L2 mismatch Number of malformed or short packets that caused the incoming packet All levels
timeouts handler to discard the frame as unreadable.
Sample Output
monitor interface (Physical)
user@host> monitor interface so-0/0/0
monitor interface (MX480 Router with MPC5E and 10-Gigabit Ethernet OTN Interface)
user@host> monitor interface xe-0/0/3
monitor interface (MX480 Router with MPC5E and 100-Gigabit Ethernet Interface)
user@host> monitor interface et-2/1/0
monitor interface (MX2010 Router with MPC6E and 10-Gigabit Ethernet OTN Interface)
user@host> monitor interface xe-6/1/0
monitor interface (MX2010 Router with MPC6E and 100-Gigabit Ethernet OTN Interface)
user@host> monitor interface et-9/0/0
monitor interface (MX2020 Router with MPC6E and 10-Gigabit Ethernet OTN Interface)
user@host> monitor interface xe-3/0/0
Interface warnings:
o Outstanding LINK alarm
switch Seconds: 74
Time: 16:03:02
monitor start
Syntax
Release Information
Command introduced before Junos OS Release 7.4.
Description
Start displaying the system log or trace file and additional entries being added to those files.
Options
filename—Specific log or trace file.
Additional Information
Log files are generated by the routing protocol process or by system logging. The log files generated by
system logging are configured with the syslog statement at the [edit system] hierarchy level and the options
statement at the [edit routing-options] hierarchy level. The trace files generated by the routing protocol
process are configured with traceoptions statements at the [edit routing-options], [edit interfaces], and
[edit protocols protocol] hierarchy levels.
NOTE: To monitor a log file within a logical system, issue the monitor start
logical-system-name/filename command.
RELATED DOCUMENTATION
monitor list
monitor stop | 100
Output Fields
Table 7 on page 99 describes the output fields for the monitor start command. Output fields are listed in
the approximate order in which they appear.
99
***filename *** Name of the file from which entries are being displayed. This
line is displayed initially and when the command switches
between log files.
Sample Output
monitor start
user@host> monitor start system-log
*** system-log***
Jul 20 15:07:34 hang sshd[5845]: log: Generating 768 bit RSA key.
Jul 20 15:07:35 hang sshd[5845]: log: RSA key generation complete.
Jul 20 15:07:35 hang sshd[5845]: log: Connection from 204.69.248.180 port 912
Jul 20 15:07:37 hang sshd[5845]: log: RSA authentication for root accepted.
Jul 20 15:07:37 hang sshd[5845]: log: ROOT LOGIN as 'root' from host.example.com
Jul 20 15:07:37 hang sshd[5845]: log: Closing connection to 204.69.248.180
100
monitor stop
Syntax
Release Information
Command introduced before Junos OS Release 7.4.
Description
Stop displaying the system log or trace file.
Options
filename—Specific log or trace file.
Additional Information
Log files are generated by the routing protocol process or by system logging. The log files generated by
system logging are those configured with the syslog statement at the [edit system] hierarchy level and
the options statement at the [edit routing-options] hierarchy level. The trace files generated by the routing
protocol process are those configured with traceoptions statements at the [edit routing-options], [edit
interfaces], and [edit protocols protocol] hierarchy levels.
RELATED DOCUMENTATION
monitor list
monitor start | 98
Output Fields
This command produces no output.
Sample Output
monitor stop
user@host> monitor stop
101
ping
List of Syntax
Syntax on page 101
Syntax (QFX Series) on page 101
Syntax (Junos OS Evolved) on page 102
Syntax
ping host
<bypass-routing>
<ce-ip destination-ip-address instance routing-instance-name source-ip source-ip-address>
<count requests>
<do-not-fragment>
<inet | inet6>
<interface source-interface>
<interval seconds>
<no-resolve>
<pattern string>
<rapid>
<record-route>
<routing-instance routing-instance-name>
<logical-system logical-system-name>
<tenant tenant-name>
<size bytes>
<source source-address>
<tos type-of-service>
<ttl value>
<verbose>
<wait seconds>
ping host
<bypass-routing>
<count requests>
<detail>
<do-not-fragment>
<inet>
<interface source-interface>
<interval seconds>
<logical-system logical-system-name>
<loose-source value>
102
<mac-address mac-address>
<no-resolve>
<pattern string>
<rapid>
<record-route>
<routing-instance routing-instance-name>
<size bytes>
<source source-address>
<strict>
< strict-source value>
<tos type-of-service>
<ttl value>
<verbose>
<wait seconds>
ping host
<bypass-routing>
<ce-ip destination-ip-address instance routing-instance-name source-ip source-ip-address>
<count requests>
<do-not-fragment>
<inet | inet6>
<interface source-interface>
<interval seconds>
<no-resolve>
<pattern string>
<rapid>
<record-route>
<routing-instance routing-instance-name>
<size bytes>
<source source-address>
<tos type-of-service>
<ttl value>
<verbose>
<wait seconds>
Release Information
Command introduced before Junos OS Release 7.4.
ce-ip option introduced in Junos OS Release 17.3 for MX Series routers with MPC and MIC interfaces.
The following options are deprecated for Junos OS Evolved Release 18.3R1: detail, logical-system,
loose-source, mac-address, strict, strict-source, and vpls.
The command tenant option is introduced in Junos OS Release 19.2R1 for SRX Series.
103
Description
Check host reachability and network connectivity. The ping command sends Internet Control Message
Protocol (ICMP) ECHO_REQUEST messages to elicit ICMP ECHO_RESPONSE messages from the specified
host. Press Ctrl+c to interrupt a ping command.
Options
host—IP address or hostname of the remote system to ping.
bypass-routing—(Optional) Bypass the normal routing tables and send ping requests directly to a system
on an attached network. If the system is not on a directly attached network, an error is returned. Use
this option to ping a local system through an interface that has no route through it.
instance routing-instance-name—Name of the VPLS or EVPN routing instance. The command output
displays the connectivity information of the CE device based on the configured routing instance type.
count requests—(Optional) Number of ping requests to send. The range of values is 1 through 2,000,000,000.
The default value is an unlimited number of requests.
detail—(Optional) This option is not supported for Junos OS Evolved Release 18.3R1. Include in the output
the interface on which the ping reply was received.
do-not-fragment—(Optional) Set the do-not-fragment (DF) flag in the IP header of the ping packets.
For Junos OS Evolved Release 18.3R1, IPv6 ping does not have do-not-fragment support. The ping
command is identified as IPv6 Ping when destination is IPv6 address or inet6 option is used.
NOTE: In Junos OS Release 11.1 and later, when issuing the ping command for an IPv6 route
with the do-not-fragment option, the maximum ping packet size is calculated by subtracting
48 bytes (40 bytes for the IPV6 header and 8 bytes for the ICMP header) from the MTU.
Therefore, if the ping packet size (including the 48-byte header) is greater than the MTU, the
ping operation might fail.
104
interval seconds—(Optional) How often to send ping requests. The range of values, in seconds, is 1 through
infinity. The default value is 1.
logical-system logical-system-name—(Optional) Name of logical system from which to send the ping
requests.
Alternatively, enter the set cli logical-system logical-system-name command and then run the ping
command. To return to the main router or switch, enter the clear cli logical-system command.
tenant tenant-name—(Optional) Name of tenant system from which to send the ping requests.
loose-source value—(Optional) Intermediate loose source route entry (IPv4). Open a set of values.
mac-address mac-address—(Optional) Ping the physical or hardware address of the remote system you
are trying to reach.
no-resolve—(Optional) Do not attempt to determine the hostname that corresponds to the IP address.
pattern string—(Optional) Specify a hexadecimal fill pattern to include in the ping packet.
rapid—(Optional) Send ping requests rapidly. The results are reported in a single message, not in individual
messages for each ping request. By default, five ping requests are sent before the results are reported.
To change the number of requests, include the count option.
routing-instance routing-instance-name—(Optional) Name of the routing instance for the ping attempt.
For Junos OS Evolved, the routing-instance option supports only mgmt_junos.
size bytes—(Optional) Size of ping request packets. The range of values, in bytes, is 0 through 65,468. The
default value is 56, which is effectively 64 bytes because 8 bytes of ICMP header data are added to
the packet.
source source-address—(Optional) IP address of the outgoing interface. This address is sent in the IP source
address field of the ping request. If this option is not specified, the default address is usually the
loopback interface (lo.0).
strict-source value—(Optional) Intermediate strict source route entry (IPv4). Open a set of values.
tos type-of-service—(Optional) Set the type-of-service (ToS) field in the IP header of the ping packets. The
range of values is 0 through 255.
105
If the device configuration includes the dscp-code-point value statement at the [edit class-of-service
host-outbound-traffic] hierarchy level, the configured DSCP value overrides the value specified in
this command option. In this case, the ToS field of ICMP echo request packets sent on behalf of this
command carries the DSCP value specified in the dscp-code-point configuration statement instead
of the value you specify in this command option.
ttl value—(Optional) Time-to-live (TTL) value to include in the ping request (IPv6). The range of values is
0 through 255.
wait seconds—(Optional) Maximum wait time, in seconds, after the final packet is sent. If this option is not
specified, the default delay is 10 seconds. If this option is used without the count option, a default
count of 5 packets is used.
RELATED DOCUMENTATION
Output Fields
When you enter this command, you are provided feedback on the status of your request. An exclamation
point (!) indicates that an echo reply was received. A period (.) indicates that an echo reply was not received
within the timeout period. An x indicates that an echo reply was received with an error code. These packets
are not counted in the received packets count. They are accounted for separately.
When pinging a nonexistant route, the display output of ping command does not print the number of
packets sent or received or the packet loss.
106
Sample Output
ping ce-ip <destination-ip-address> instance <routing-instance-name> source-ip <source-ip-address>
(EVPN)
user@host> ping ce-ip 10.0.0.4 instance foo source-ip 127.0.0.1
! -> PE2|foo|vpls|ge-0/0/2.100|12:23:ab:98:34:02
! -> PE2|foo|vpls|ge-0/0/2.100|12:23:ab:98:34:02
! -> PE2|foo|vpls|ge-0/0/2.100|12:23:ab:98:34:02
! -> PE2|foo|vpls|ge-0/0/2.100|12:23:ab:98:34:02
! -> PE2|foo|vpls|ge-0/0/2.100|12:23:ab:98:34:02
--- ce-ip ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
ping hostname
user@host> ping device1.example.com
Aug 02 12:56:56 [INFO ] Step 2: Host and Transit ping has to fail
Aug 02 12:56:56 [TRACE] [R0 evo-ptx-b] [cmd] run ping 40.0.0.2 rapid count 50 size
500
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] PING 40.0.0.2 (40.0.0.2): 500 data bytes
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] ping: sendto: No route to host
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] .ping: sendto: No route to host
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] ping: sendto: No route to host
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] .ping: .sendto: No route to host
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] ping: sendto: No route to host
ug 02 12:57:21 [TRACE] [R0 evo-ptx-b] ..
Aug 02 12:57:21 [TRACE] [R0 evo-ptx-b] --- 40.0.0.2 ping statistics ---
108
probe
Syntax
probe <proxy-ip-address-or-hostname>
<by-address>
<by-index>
<by-name>
<by-remote-address>
<count>
<detail>
<inet>
<inet6>
<interface>
<interval>
<logical-system>
<routing-instance>
<source>
<tos>
<ttl>
<wait>
Release Information
Command introduced in Junos OS Release 20.3R1.
Description
Query the status of the probed interface.
Options
by-address—(Optional) Probe a local interface by address.
interface interface-name—(Optional) Specify the source interface to send the probe requests.
interval seconds—(Optional) Specify the time interval between the probe requests.
Default: 1 second
logical-system logical-system-name—(Optional) Specify the name of the logical system used to send the
probe requests.
routing-instance routing-instance-name—(Optional) Specify the routing instance for the probe attempt.
tos type-of-service—(Optional) Specify the type-of-service (ToS) field in the IP header of the probe packets.
Range: 0 through 255
ttl value—(Optional) Specify the time-to-live (TTL) value for IPv4 packets and hop-limit value for IPv6
packets for the number of hops/devices to cross.
Range: 0 through 255
wait seconds—(Optional) Specify the maximum wait time in seconds after the final packet is sent. If this
option is not specified, the default delay is 10 seconds.
Default: 10 seconds
RELATED DOCUMENTATION
Output Fields
Table 1 lists the output fields for the probe command. The output fields are listed in the appropriate order
in which they appear.
ttl Time to live value (maximum IPv6 hop-limit-value) of the packets sent—0 none
to 255.
code ICMP code values where—0 indicates No Error, 1 indicates Malformed All levels
Query, 2 indicates No Such Interface, 3 indicates No Such Table Entry, and
4 indicates Multiple Interfaces Satisfy Query.
state State values are—0 indicates Reserved, 1 indicates Incomplete, 2 indicates All levels
Reachable, 3 indicates Stale, 4 indicates Delay, 5 indicates Probe, and 6
indicates Failed.
active Inactive/active state (0 indicates inactive state and 1 indicates active state) All levels
of the IPv4 or IPv6 address configured.
time Time taken time taken to receive the reply after the request is transmitted All levels
in milliseconds (ms).
Sample Output
Probing Proxy IP Address Using Interface Names of the Probed Interface that Resides in the Proxy Node
user@host> probe 2001:db8:1::10 by-name ge-0/0/1.0 count 1
IPv6=1 time=4.750 ms
--- 2001:db8:1::10 probe6 statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/std-dev = 0.231/0.231/0.231/0.000 ms
Probing Proxy IP Address Using Interface-index of the Probed Interface that Resides in the Proxy Node
user@host> probe 10.0.1.10 by-index 333 count 2
Probing Proxy IP Address Using IPv4 or IPv6 Address Configured in the Probed Interface on the Proxy
Node
user@host> probe 2001:db8:1::11 by-address 10.0.12.1 count 1
Probing the Proxy IP Address Configured on the Proxy Node for Information About the Probed IP Address
Configured on the Probed Node
user@host> probe 10.0.1.10 by-remote-address 10.0.12.22 count 1
Probing the Proxy IP Address for Information About the Probed Interface
user@host> probe 10.0.1.10 by-address 10.0.12.21 count 1
Probing the Proxy IP Address for Information About the Probed Interface Details Using the Probed
Interface Name That Resides on the Proxy Node
user@host> probe 2001:db8:1::11 by-name ge-0/0/1.0 detail
show log
List of Syntax
Syntax on page 114
Syntax (QFX Series and OCX Series) on page 114
Syntax (TX Matrix Router) on page 114
Syntax
show log
<filename | user <username>>
show log
<all-lcc | lcc number | scc>
<filename | user <username>>
Release Information
Command introduced before Junos OS Release 7.4.
Option device-type (device-id | device-alias) is introduced in Junos OS Release 13.1 for the QFX Series.
Description
List log files, display log file contents, or display information about users who have logged in to the router
or switch.
Options
none—List all log files.
<all-lcc | lcc number | scc>—(Routing matrix only)(Optional) Display logging information about all T640
routers (or line-card chassis) or a specific T640 router (replace number with a value from 0 through 3)
connected to a TX Matrix router. Or, display logging information about the TX Matrix router (or
switch-card chassis).
device-type—(QFabric system only) (Optional) Display log messages for only one of the following device
types:
• infrastructure-device—Display logs for the logical components of the QFabric system infrastructure,
including the diagnostic Routing Engine, fabric control Routing Engine, fabric manager Routing
Engine, and the default network Node group and its backup (NW-NG-0 and NW-NG-0-backup).
NOTE: If you specify the device-type optional parameter, you must also specify either the
device-id or device-alias optional parameter.
(device-id | device-alias)—If a device type is specified, display logs for a device of that type. Specify either
the device ID or the device alias (if configured).
filename—(Optional) Display the log messages in the specified log file. For the routing matrix, the filename
must include the chassis information.
NOTE: The filename parameter is mandatory for the QFabric system. If you did not configure
a syslog filename, specify the default filename of messages.
user <username>—(Optional) Display logging information about users who have recently logged in to the
router or switch. If you include username, display logging information about the specified user.
RELATED DOCUMENTATION
116
syslog (System)
Sample Output
show log
user@host> show log
total 57518
-rw-r--r-- 1 root bin 211663 Oct 1 19:44 dcd
-rw-r--r-- 1 root bin 999947 Oct 1 19:41 dcd.0
-rw-r--r-- 1 root bin 999994 Oct 1 17:48 dcd.1
-rw-r--r-- 1 root bin 238815 Oct 1 19:44 rpd
-rw-r--r-- 1 root bin 1049098 Oct 1 18:00 rpd.0
-rw-r--r-- 1 root bin 1061095 Oct 1 12:13 rpd.1
-rw-r--r-- 1 root bin 1052026 Oct 1 06:08 rpd.2
-rw-r--r-- 1 root bin 1056309 Sep 30 18:21 rpd.3
-rw-r--r-- 1 root bin 1056371 Sep 30 14:36 rpd.4
-rw-r--r-- 1 root bin 1056301 Sep 30 10:50 rpd.5
-rw-r--r-- 1 root bin 1056350 Sep 30 07:04 rpd.6
-rw-r--r-- 1 root bin 1048876 Sep 30 03:21 rpd.7
-rw-rw-r-- 1 root bin 19656 Oct 1 19:37 wtmp
43
Oct 1 18:00:19 KRT recv len 144 V9 seq 151 op chnge Type ifdev devindex 44
Oct 1 18:00:19 KRT recv len 144 V9 seq 152 op chnge Type ifdev devindex 45
Oct 1 18:00:19 KRT recv len 144 V9 seq 153 op chnge Type ifdev devindex 46
Oct 1 18:00:19 KRT recv len 1272 V9 seq 154 op chnge Type ifdev devindex 47
...
Nov 7 13:21:47
13:21:47.217744:CID-0:THREAD_ID-05:LSYS_ID-32:RT:<192.0.2.0/0->198.51.100.0/9011;1,0x0>
:
flow_process_pkt: (thd 5): flow_ctxt type 0, common flag 0x0, mbuf 0x4882b600,
rtbl7
traceroute
List of Syntax
Syntax on page 121
Syntax (QFX Series and OCX Series) on page 121
Syntax
traceroute
<host>
<as-number-lookup>
<bypass-routing>
<ce-ip ip address>
<clns>
<ethernet host>
<gateway address>
<inet>
<inet6>
<interface interface-name>
<logical-system logical-system-name>
<monitor host>
<mpls (ldp FEC address | rsvp label-switched-path-name | bgp FEC address)>
<next-hop next-hop address>
<no-resolve host>
<overlay>
<port>
<propagate-ttl host>
<routing-instance routing-instance-name>
<tenant tenant-name>
<source source-address>
<tos value>
<ttl value>
<wait seconds>
traceroute
<host>
<as-number-lookup>
<bypass-routing>
<gateway address>
<inet>
<inet6>
122
<interface interface-name>
<monitor host>
<mpls (ldp FEC address | rsvp label-switched-path-name | bgp FEC address)>
<next-hop next-hop address>
<no-resolve host>
<overlay>
<port>
<propagate-ttl host>
<routing-instance routing-instance-name>
<source source-address>
<tos value>
<ttl value>
<wait seconds>
Release Information
Command introduced before Junos OS Release 7.4.
mpls option introduced in Junos OS Release 9.2.
propagate-ttl option introduced in Junos OS Release 12.1.
Support for IPv6 traceroute with as-number-lookup introduced with Junos OS Release 18.3R1.
The command tenant option is introduced in Junos OS Release 19.2R1 for the SRX Series.
The following options are deprecated in Junos OS Evolved Release 18.3R1: logical-system and propagate-ttl.
Description
Display the route that packets take to a specified network host. Use traceroute as a debugging tool to
locate points of failure in a network.
Options
host—IP address or name of remote host.
as-number-lookup—(Optional) Display the autonomous system (AS) number of each intermediate hop on
the path from the host to the destination.
bypass-routing—(Optional) Bypass the normal routing tables and send requests directly to a system on an
attached network. If the system is not on a directly attached network, an error is returned. Use this
option to display a route to a local system through an interface that has no route through it.
ce-ip IPv4 or IPv6 address—(MX Series routers with MPC and MIC interfaces only) (Optional) Check the
route to a customer edge (CE) IP address in a virtual private LAN service (VPLS) and Ethernet VPN
(EVPN) network.
ethernet host—(Optional) Trace the route to an Ethernet host using unicast MAC address.
gateway address—(Optional) Address of a router or switch through which the route transits.
123
logical-system (all | logical-system-name)—(Optional) This option is not supported for Junos OS Evolved
Release 18.3R1. Perform this operation on all logical systems or on a particular logical system.
monitor host—(Optional) Display real-time monitoring information for the specified host.
mpls (ldp FEC address | rsvp label-switched-path name)—(Optional) See traceroute mpls ldp and traceroute
mpls rsvp.
no-resolve—(Optional) Do not attempt to determine the hostname that corresponds to the IP address.
propagate-ttl—(Optional) On the PE routing device, use this option to view locally generated Routing
Engine transit traffic. This is applicable for MPLS L3VPN traffic only.
Use for troubleshooting, when you want to view hop-by-hop information from the local provider
router to the remote provider router, when TTL decrementing is disabled on the core network using
the no-proagate-ttl configuration statement.
NOTE: Using propagate-ttl with traceroute on the CE router does not show hop-by-hop
information.
routing-instance routing-instance-name—(Optional) Name of the routing instance for the traceroute attempt.
tos value—(Optional) Value to include in the IP type-of-service (ToS) field. The range of values is 0 through
255.
ttl value—(Optional) Maximum time-to-live value to include in the traceroute request. The range of values
is 0 through 128.
wait seconds—(Optional) Maximum time to wait for a response to the traceroute request.
network
RELATED DOCUMENTATION
traceroute monitor
Output Fields
Table 9 on page 124 describes the output fields for the traceroute command. Output fields are listed in the
approximate order in which they appear.
number-of-hops Number of hops from the source to the named router or switch.
Sample Output
traceroute
user@host> traceroute santacruz
traceroute no-resolve
user@host> traceroute santacruz no-resolve
traceroute propogate-ttl
user@host> traceroute propagate-ttl 100.200.2.2 routing-instance VPN-A