排查Host-bound流量案例时,更常用 的是使用命令monitor traffic interface命令:
常用配置示例命令:
-
Match an IP address: monitor traffic interface ge-0/0/x matching "host 10.130.38.94"
-
Match a network: monitor traffic interface ge-0/0/x matching "net 10.1.1.0/24"
-
Match a port: monitor traffic interface ge-0/0/x matching "port 22"
-
Match TCP port 179: monitor traffic interface ge-0/0/x matching "tcp port 179"
-
Match UDP port 646: monitor traffic interface ge-0/0/x matching "udp port 646"
-
Match ARP: monitor traffic interface ge-0/0/x matching arp
-
Match OSPF: monitor traffic interface ge-0/0/x no-resolve matching "ip proto 89"
-
Match "not tcp port 3128" and match "tcp port 23": monitor traffic interface ge-0/0/x matching "not tcp port 3128 and tcp port 23"
-
Match ISIS packets: monitor traffic interface xe-5/0/0.1 matching iso
-
Match MPLS packets: monitor traffic interface xe-5/0/0.1 matching mpls
-
Match IPv6 packets: monitor traffic interface xe-5/0/0.1 matching ip6
-
Match packets sent to a particular destination: monitor traffic interface xe-5/0/0.1 matching "dst host 172.16.1.1"
-
Match packets coming from a particular source: monitor traffic interface xe-5/0/0.1 matching "src host 192.168.1.1"
-
Match packets with a specific source MAC address: monitor traffic interface xe-5/0/0.1 matching "ether src b0:a8:6e:70:fb:39"
-
Match ICMPv4 packets from/for a specific address: monitor traffic interface ge-0/0/0.0 matching "icmp && host 172.16.1.2"
-
Match ICMPv6 packets: monitor traffic interface xe-5/0/0.1 matching icmp6
-
Match LDP packets, along with a specific address: monitor traffic interface ae5.0 matching "tcp && port 646 && host 192.168.2.2"
