Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Monitoring Switch Control Traffic




This topic applies only to the J-Web Application package.

Use the packet capture feature when you need to quickly capture and analyze switch control traffic on a switch. The packet capture feature allows you to capture traffic destined for or originating from the Routing Engine.


To use the packet capture feature in the J-Web interface, select Troubleshoot > Packet Capture.

To use the packet capture feature in the CLI, enter the following CLI command:

monitor traffic


You can use the packet capture feature to compose expressions with various matching criteria to specify the packets that you want to capture. You can decode and view the captured packets in the J-Web interface as they are captured. The packet capture feature does not capture transient traffic.

Table 88: Packet Capture Field Summary



Your Action


Specifies the interface on which the packets are captured. If you select default, packets on the Ethernet management port 0, are captured.

From the list, select an interface—for example, ge-0/0/0.

Detail level

Specifies the extent of details to be displayed for the packet headers.

  • Brief—Displays the minimum packet header information. This is the default.

  • Detail—Displays packet header information in moderate detail.

  • Extensive—Displays the maximum packet header information.

From the list, select Detail.


Specifies the number of packets to be captured. Values range from 1 to 1000. Default is 10. Packet capture stops capturing packets after this number is reached.

From the list, select the number of packets to be captured—for example, 10.


Specifies the addresses to be matched for capturing the packets using a combination of the following parameters:

  • Direction—Matches the packet headers for IP address, hostname, or network address of the source, destination or both.

  • Type—Specifies if packet headers are matched for host address or network address.

You can add multiple entries to refine the match criteria for addresses.

Select address-matching criteria. For example:

  1. From the Direction list, select source.
  2. From the Type list, select host.
  3. In the Address box, type
  4. Click Add.


Matches the protocol for which packets are captured. You can choose to capture TCP, UDP, or ICMP packets or a combination of TCP, UDP, and ICMP packets.

From the list, select a protocol—for example, tcp.


Matches packet headers containing the specified source or destination TCP or UDP port number or port name.

Select a direction and a port. For example:

  • From the Type list, select src.

  • In the Port box, type 23.

Advanced Options

Absolute TCP Sequence

Specifies that absolute TCP sequence numbers are to be displayed for the packet headers.

To display absolute TCP sequence numbers in the packet headers, select this check box.

Layer 2 Headers

Specifies that link-layer packet headers are to be displayed.

To include link-layer packet headers while capturing packets, select this check box.


Specifies not to place the interface in promiscuous mode, so that the interface reads only packets addressed to it. In promiscuous mode, the interface reads every packet that reaches it.

To read all packets that reach the interface, select this check box.

Display Hex

Specifies that packet headers, except link-layer headers, are to be displayed in hexadecimal format.

To display the packet headers in hexadecimal format, select this check box.

Display ASCII and Hex

Specifies that packet headers are to be displayed in hexadecimal and ASCII format.

To display the packet headers in ASCII and hexadecimal formats, select this check box.

Header Expression

Specifies the match condition for the packets to be captured. The match conditions you specify for Addresses, Protocols, and Ports are displayed in expression format in this field.

You can enter match conditions directly in this field in expression format or modify the expression composed from the match conditions you specified for Addresses, Protocols, and Ports. If you change the match conditions specified for Addresses, Protocols, and Ports again, packet capture overwrites your changes with the new match conditions.

Packet Size

Specifies the number of bytes to be displayed for each packet. If a packet header exceeds this size, the display is truncated for the packet header. The default value is 96 bytes.

Type the number of bytes you want to capture for each packet header—for example, 256.

Don't Resolve Addresses

Specifies that IP addresses are not to be resolved into hostnames in the packet headers displayed.

To prevent packet capture from resolving IP addresses to hostnames, select this check box.

No Timestamp

Suppresses the display of packet header timestamps.

To stop displaying timestamps in the captured packet headers, select this check box.

Write Packet Capture File

Writes the captured packets to a file in PCAP format in /var/tmp. The files are named with the prefix jweb-pcap and the extension .pcap. If you select this option, the decoded packet headers are not displayed on the packet capture page.

To decode and display the packet headers on the J-Web page, clear this check box.