Technical Documentation

Tracing Address-Assignment Pool Processes

The Junos OS trace operations feature tracks address-assignment pool operations and records events in a log file. By default, the tracing operation is inactive. To trace address-assignment pool processes, you specify flags in the traceoptions statement at the [edit system processes general-authentication-service] hierarchy level. The default tracing behavior is the following:

  • Important events are logged in a file called authd located in the /var/log directory. You cannot change the directory (/var/log) in which trace files are located.
  • When the file authd reaches 128 kilobytes (KB), it is renamed authd.0, then authd.1, and so on, until there are three trace files. Then the oldest trace file (authd.2). is overwritten. For more information about how log files are created, see the Junos System Log Messages Reference.
  • Log files can be accessed only by the user who configures the tracing operation.

The address-assignment pool tracing operations are described in the following sections:

Configuring the Address-Assignment Pool Trace Log Filename

By default, the name of the file that records trace output for address-assignment pools is authd. You can specify a different name by including the file statement at the [edit system processes general-authentication-service] hierarchy level:

To configure the filename for address-assignment pool tracing operations:

  • Specify the name of the file used for the trace output.
    [edit system processes general-authentication-service traceoptions]user@host# set file aap_logfile_1

Configuring the Number and Size of Address-Assignment Pool Processes Log Files

By default, when the trace file reaches 128 kilobytes (KB) in size, it is renamed filename.0, then filename.1, and so on, until there are three trace files. Then the oldest trace file (filename.2) is overwritten.

You can optionally configure the maximum file size to be from 10 KB through 1 gigabyte (GB). You can also specify the number of trace files to be from 2 through 1000.

For example, you can set the maximum file size to 2 MB, and the maximum number of files to 20. When the file that receives the output of the tracing operation (filename) reaches 2 MB, filename is renamed filename.0, and a new file called filename is created. When the new filename reaches 2 MB, filename.0 is renamed filename.1 and filename is renamed filename.0. This process repeats until there are 20 trace files. Then the oldest file (filename.19) is overwritten by the newest file (filename.0).

To configure the number and size of trace files:

  • Specify the name, number, and size of the file used for the trace output, by including the files and size options with the traceoptions statement.
    [edit system processes general-authentication-service traceoptions]user@host# set file aap_logfile_1 files 20 size 2097152

Configuring Access to the Log File

By default, log files can be accessed only by the user who configures the tracing operation. You can allow all users to read the log file and you can explicitly set the default behavior of the log file.

To specify that all users can read the log file:

  • Configure the log file to be world-readable.
    [edit system processes general-authentication-service traceoptions]user@host# set file aap_logfile_1 world-readable

To explicitly set the default behavior, in which the log file can only be read by the user who configured tracing:

  • Configure the log file to be no-world-readable.
    [edit system processes general-authentication-service traceoptions]user@host# set file aap_logfile_1 no-world-readable

Configuring a Regular Expression for Lines to Be Logged

By default, the trace operation output includes all lines relevant to the logged events. You can refine the output by including regular expressions (regex) that will be matched.

To configure regular expressions to match:

  • Configure the regular expression.
    [edit system processes general-authentication-service traceoptions]user@host# set file aap_logfile_1 match regex

Configuring the Trace Operation

By default, only important events are logged. You can specify which trace operations are logged by including specific tracing flags. The following table describes the flags that you can include.

Flag

Description

address-assignment

All address-assignment pool events

all

All tracing operations

configuration

Configuration events

framework

Authentication framework events

ldap

LDAP authentication events

local-authentication

Local authentication events

radius

RADIUS authentication events

To configure the flags for the event to be logged:

  • Configure the flags.
[edit system processes general-authentication-service traceoptions]user@host# set flag address-assignment

Published: 2010-07-13

Help
|
My Account
|
Log Out