Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

show security flow session tunnel

 

Syntax

Release Information

Command introduced in Junos OS Release 8.5; Filter and view options introduced in Junos OS Release 10.2. Fragmentation counters options introduced in Junos OS Release 15.1X49-90.

Note

Only show security flow session tunnel extensive and show security flow session tunnel summary provide fragmentation counters output.

Description

Display information about all tunnel sessions.

Options

none—Display the brief (default) level of output.

brief | extensive | summaryDisplay the specified level of output.

Required Privilege Level

view

List of Sample Output

show security flow session tunnel

show security flow session tunnel brief

show security flow session tunnel extensive

show security flow session tunnel summary extensive (with fragmentation counters output)

show security flow session tunnel summary

show security flow session tunnel summary (with fragmentation counters output)

Output Fields

Table 1 lists the output fields for the show security flow session tunnel command. Output fields are listed in the approximate order in which they appear.

Table 1: show security flow session tunnel Output Fields

Field Name

Field Description

Session ID

Number that identifies the session. You can use this ID to get additional information about the session.

Policy name

Policy that permitted the traffic. NA (Not Applicable) for a tunnel session.

Source NAT pool

The name of the source pool where NAT is used.

Timeout

Idle timeout after which the session expires. NA (Not Applicable) for a tunnel session.

In

Incoming flow (source and destination IP addresses, application protocol, interface, session token, route, gateway, tunnel, encapsulation and authentication header fragments generated, inner IPv4 fragments generated, inner IPv6 fragments generated, port sequence, FIN sequence, FIN state, packets and bytes).

Total sessions

Total number of sessions.

Status

Session status.

Flags

Internal flag depicting the state of the session, used for debugging purposes.

Source NAT pool

The name of the source pool where NAT is used.

Application

Name of the application.

Maximum timeout

Maximum session timeout.

Current timeout

Remaining time for the session unless traffic exists in the session.

Encryption

Encryption traffic name.

Session State

Session state.

Start time

Time when the session was created, offset from the system start time.

Session token

Internal token derived from the virtual routing instance.

Route

Internal next hop of the route to be used by the flow.

Valid sessions

Number of valid sessions.

Pending sessions

Number of pending sessions.

Invalidated sessions

Number of invalidated sessions.

Sessions in other states

Number of sessions in other states.

ESP/AH frag Rx: number, Generated: number

For IPsec tunnels, the number of Encapsulating Security Payload (ESP) or Authentication Header (AH) fragments that were received and the number that were generated.

Inner IPv4 frag Rx: number, Tx: number, Generated: number

For tunnels with IPv4 fragments, the number of fragments associated with the tunnel that were received, transmitted, and generated.

Inner IPv6 frag Rx: number, Tx: number, Generated: number

For tunnels with IPv6 fragments, the number of fragments associated with the tunnel that were received, transmitted, and generated.

Sample Output

show security flow session tunnel

root> show security flow session tunnel

show security flow session tunnel brief

root> show security flow session tunnel brief

show security flow session tunnel extensive

root> show security flow session tunnel extensive

show security flow session tunnel summary extensive (with fragmentation counters output)

root> show security flow session tunnel extensive

show security flow session tunnel summary

root> show security flow session tunnel summary

show security flow session tunnel summary (with fragmentation counters output)

root> show security flow session tunnel summary