Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


show security advance-policy-based-routing detail



Display a summary of all APBR policies configured on the device.

You can use this command to understand the details of an APBR policy such as:

  • Name, status, zone-context of the APBR policy.

  • The number of times traffic matches the APBR policy and the APBR profile is applied for a session.

You can use the show security advance-policy-based-routing detail command only when you have configured advanced policy-based routing (APBR) profile with the APBR policy. You might not get the accurate results if you have an APBR profile attached the security zone.



Display the number of configured APBR policies.

  • Range: 1 to 65535


Display a detailed view of all of the APBR policies configured on the device.


Display specific zone details applicable to the APBR policy.


Displaythe logical system name.


Display information about the default root-logical-system.


Display the policy from the given position.

  • Range: 1 to 65535

Required Privilege Level


Output Fields

Table 1 lists the output fields for the show security advance-policy-based-routing detail command. Output fields are listed in the approximate order in which they appear.

Table 1: show security advance-policy-based-routing statistics

Field Name

Field Description

Policy name

Name of the APBR policy


Status of the policy (enabled or disabled)

Policy type

Type of the policy.


An internal number associated with the policy.

Sequence number

Number of the policy within a given context. For example, three policies that are applicable in a from-zone A-to-zone B context might be ordered with sequence numbers 1, 2, and 3. Also, in a from-zone C-to-zone D context, four policies might have sequence numbers 1, 2, 3, and 4.

From zone

The zone on which APBR profile is applied to.

Source addresses

The names and corresponding IP addresses of the source addresses for a policy. Address sets are resolved to their individual address name-IP address pairs.

Destination addresses

The names and corresponding IP addresses of the destination addresses (or address sets) for a policy as entered in the destination zone’s address book. A packet’s destination address must match one of these addresses for the policy to apply to it.


Name of a preconfigured or custom application, or any if no application is specified.


If an ALG is associated with the session, the name of the ALG. Otherwise, 0.


Protocol name or numeric value of the traffic.

Inactivity timeout

Elapsed time without activity after which the application is terminated.

Source port range

Range of matching source ports defined in the policy.

Destination port range

Range of matching destination ports defined in the policy.


Name of the APBR profile

Source identities

User details specified in the source-identity field of the named policy.

Scheduler name

Name of the scheduler associated with APBR policy.

Sample Output

show security advance-policy-based-routing statistics

Sample Output

show security advanced-policy-based-routing detail (Junos OS Release 19.1R1)

Release Information

Command introduced in Junos OS Release 15.1X49-D60. The option scheduler is added in Junos OS Release 18.4R1.