Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[ScreenOS] When to use 'snoop' and 'debug flow'

0

0

Article ID: KB5967 KB Last Updated: 29 May 2019Version: 7.0
Summary:
This article provides information on when to use the snoop and debug flow commands.
Symptoms:
Environment:
  • Snoop
  • Debug Flow
  • Troubleshooting tools

Symptoms and errors:

Troubleshooting how packet flows through the firewall.
Solution:

Snoop:

Snoop provides a layer 2 through layer 4 view of the packet, as it comes in and out of the Juniper firewall interface. You can filter a packet, based on the source and/or destination IP, source and/or destination port, protocol, and Ethernet type; including VLAN tags and ARPs. Snoop can capture information, such as frag flags, sequence number, acknowledgment number, TTL, and TOS bit, source and destination IP and port information, as well as ARP request and reply information.

For more information on using Snoop, refer to KB5411 - How do you use Snoop for troubleshooting?


Debug:

On the other hand, Debug Flow provides information about the packet as it traverses through the interfaces of the firewall device. This will take you through the entire flow of the packet inside the firewall.  It also provides policy id, session id, source and destination IP and port information, and next hop routes; or where the packet actually came from.

For more information on using Debug, refer to KB5536 - How do I capture debugging (debug flow) information?
Modification History:
2019-05-22: Content reviewed for accuracy

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search