You are troubleshooting an SRX240 acting as a NAT translator for transit traffic. Traffic is
dropping at the SRX240 in your network. Which three tools would you use to troubleshoot
the issue? (Choose three.)
A.
monitor interface traffic
B.
show security flow session
C.
monitor traffic interface
D.
debug flow basic
E.
security flow traceoptions
BE are correct…but shouldn’t it be C instead of A ..because its monitor traffic interface not monitor interface traffic…..AJSEC Chapter 9-37
0
0
monitor interface: Display real-time statistics about interfaces, updating the statistics every second. Check for and display common interface failures, such as SONET/SDH and T3 alarms, loopbacks detected, and increases in framing errors.
monitor traffic: With ‘monitor traffic’ command you can capture packet same as with TCPdump realtime in your session remote (console, ssh, telnet).
0
0
Guys it’s transit traffic. So answers are correct. Monitor traffic interface is for self traffic.
0
0
Not sure if A or C. Interface traffic will show me statistics, which won’t be very helpfull. Traffic interface otherwise will show me details about everything that is crossing that interface. I’d go with B,C and E.
0
0
I believe it will be monitor Interface God willing , because bellow link explain how we can use monitor interface with tranist traffic to get statistics :
http://www.juniper.net/documentation/en_US/junos13.2/topics/reference/command-summary/monitor-interface.html
however in monitor traffic there is nothing to deal with transit traffic :
http://www.juniper.net/documentation/en_US/junos15.1/topics/reference/command-summary/monitor-traffic.html
so it will be A,B and E GOD willing
BR
Kosairy fro BARQsys đ
0
0
E:
In the SRX, the primary method of capturing this information is through the âset security flow traceoptions basic-datapathâ, and there is also the ability to filter only certain packets for advanced debugging using the âset security flow traceoptions packet-filterâ.
B:
If the packet matches an existing session, then the SRX will not include all debugging information in that output. It will display the basics and refer to the session ID to cross reference. You can still examine the session table to track this session with the âshow security flow sessionâ command.
C:
Additionally, a monitored packet capture of âself-trafficâ only (e.g. Dynamic Routing Protocol messages, ARP, management traffic, ICMP to Routing Engine) can be done using the âmonitor traffic interfaceâ command. This is supported on both SRX Branch and High-end SRX devices. For more information, see KB15779 â SRX Getting Started â Troubleshooting Commands.
0
0
ABE
0
0