- Downloads
- Troubleshooting Tools Overview
- Related Topics
- IDP Processes Reference
Troubleshooting Tools Overview
The best troubleshooting tips and troubleshooting workflows are published in the Juniper Networks Technical Assistance Center (JTAC) knowledge base at http://kb.juniper.net. For example, http://kb.juniper.net/index?page=content&id=KB9777 provides a workflow for diagnosing dropped traffic.
Table 1 provides a summary of IDP troubleshooting tools.
Table 1: IDP Troubleshooting Tools
Tool | Description |
|---|---|
tech-support | The tech-support utility runs the following commands in the background and saves the output to a zipped temporary file you can e-mail to JTAC:
If you want to view the contents of the zip files, use the bunzip2 command. |
tcpdump | The tcpdump utility captures traffic and saves it to a file. For example, to perform a packet capture and save SMTP packets on interface eth1 to a file, use the following command: tcpdump -i eth1 -s 0 -w /tmp/smtp.pcap
tcp port 25 For more information, see Using tcpdump to Capture Packets. |
scio ccap all | In some cases, packet captures might be helpful to reproduce an issue so that it can be analyzed and resolved. The following command captures all services and contexts from all sessions: scio ccap allIDP8200 has multiple IDP engines. For IDP8200, scio ccap all returns data for idpengine_0. To capture data from other engines, use the -c option and specify the engine number (0 through 5). For example, scio -c 1 ccap all returns data for idpengine_1, scio -c 2 ccap all returns data for idpengine_2, and so forth. Note: The scio ccap all command captures the same contexts as Profiler. You cannot use scio ccap all when Profiler is running. |
scio pcap | You can use scio pcap to replay traffic that was previously captured by tools like tcpdump and scio ccap. For examples of using scio ccap and scio pcap, see the IDP Custom Attack Object Reference and Examples Guide. Note: You can not use scio pcap on a host where virtual routers are configured in a mix of sniffer and transparent mode (mixed mode). |
tcpreplay | You can use tcpreplay to edit and replay network traffic that was previously captured by tools like tcpdump and scio ccap. Refer to the Linux man pages for details. |
ethtool | You can use ethtool to query and configure network interfaces. Refer to the Linux man pages for details. Note: Interface management with mii-tool is not supported. |
IDP debug build | In some cases, JTAC might recommend you run a special build of the IDP kernel to generate debugging information that can be used to determine the root cause of an issue. |
Reimaging | If necessary, you can revert to the factory image of the IDP device. For information, see the installation guide for your IDP appliance. |
