request support information

Syntax

Syntax (ACX Series Router)

Syntax (EX Series Switch)

Syntax (MX Series Router)

Syntax (PTX Series Router)

Syntax (QFX Series Switches for Junos OS Evolved)

Syntax (SRX Series Firewalls)

Description

Display all configuration data for the system, including data hidden with the apply-flags omit command. Issue this command before contacting customer support, and then include the command output in your support request. Output from this command varies somewhat, depending on which platform you issue the command from. However, the command always executes a series of show commands, with the appropriate information for your device automatically included.

The output from this command could be very long (thousands of lines of output). You might often want to redirect the output to a file (such as /var/log/rsi.log), as follows:

The default file path for QFX Series switches with Junos OS Evolved files is /var/tmp.

Options

brief	(Optional) Display brief information for the command output. Without this option, display of the output can take a long time to complete.
archive	Display a compressed archive file (tar.gz) in the /var/tmp/rsi directory containing all output from the `request support information` command.
cos	Display detailed information for Class of Service (Cos).
dot1x	Display detailed dot1x status report. Note: If you are logged in as a root user, this option skips any user interaction.
evpn-mpls	(Optional) Display system information including in-depth EVPN control plane and Packet Forwarding Engine (PFE) status for EVPN-MPLS fabric configurations. The output includes: EVPN instance, database, and routing information for EVPN route types (including EVPN Type 5 IP prefix routes). EVPN multicast and multicast snooping information.
evpn-vxlan	(Optional) Display system information including in-depth EVPN control plane and PFE status for EVPN-VXLAN fabric configurations. The output includes: EVPN instance, database, routing (including EVPN Type 5 IP prefix routes), multicast and multicast snooping information. Ethernet switching, flooding, and VXLAN tunnel endpoint (VTEP) status and next hop information. (Starting in Junos OS and Junos OS Evolved Releases 22.4R2 and 23.1R1) Additional debugging information for EVPN-VXLAN multicast and multicast snooping, including command outputs for optimized intersubnet multicast (OISM) and assisted replication (AR) features. Note: If you are logged in as a root user, this option skips any user interaction.
ipsec-vpn	(Optional) Display detailed system information for IPsec VPN.
all-members	(EX Series switches and MX Series routers) (Optional) Display system information for all members of the Virtual Chassis configuration.
local	(EX Series switches and MX Series routers) (Optional) Display system information for the local Virtual Chassis member.
l3-debug	Display detailed information for L3 switching.
member `member-id`	(EX Series switches and MX Series routers) (Optional) Display system information for the specified member of the Virtual Chassis configuration. On EX Series switches, replace `member-id` with a value appropriate for that Virtual Chassis configuration. On MX Series routers, replace `member-id` with a value of 0 or 1.
secure-gateway	(SRX5400, SRX5600, and SRX5800 devices) (Optional) Display system information for secure gateway deployment scenarios.
security-components `component`	(SRX Series) (Optional) Display information on security components. `alg`— Display detailed security report for Application Layer Gateway (ALG). `apbr`— Display detailed security report for Advanced policy-based routing (APBR). `appid`— Display detailed security report for application identification (AppID). `application-firewall`— Display detailed security report for application firewall (AppFW). `appqoe`— Display detailed security report for application quality of experience (AppQoE). `appqos`— Display detailed security report for application quality of service (AppQoS). `ha`— Display detailed security report for firewall system with chassis cluster. `idp`— Display detailed security report for intrusion detection and prevention (IDP). `ipsec-vpn`— Display detailed security report for IPsec VPN. `macsec`— Display detailed security report for MACsec. `nat`— Display detailed security report for NAT. `packet-flow`— Display detailed security report for packet flow. `perf`— Display detailed security report for system performance. `skyatp`— Display detailed security report for Juniper Advanced Threat Prevention Cloud (Juniper ATP Cloud). `sslfp`— Display detailed security report for ssl proxy. `system`— Display detailed security report for firewall system. `utm`— Display detailed security report for Content Security. `web-proxy`— Display detailed security report for web proxy.
node	(SRX5400, SRX5600, and SRX5800 devices) (Optional) Display detailed system status report for all nodes or a specific node. `node-id`—Display detailed system status report for a specific node. Replace `node-id` with a value of 0 or 1. `all`—Display detailed system status report for all nodes. `local`—Display detailed system status report for the local node. `primary`—Display detailed system status report for the primary node.
with-logs	Display a compressed archive file (tar.gz) containing all output from the `request support information` command and log files located in the /var/log directory. Note: The compressed archive file (tar.gz) contains log files located only in the /var/log directory, not in the /var/log/trace directory.
with-components	Display a compressed archive file (tar.gz) containing output from the component specific `request support information` commands along with output from the generic `request support information` command and log files located in the /var/log directory. `bbe-debug`—BBE specific RSI commands including Routing Engine CLI and Routing Engine vty CLI. `bfd-debug/`—Include BFD, linecard related bfd specific information. `cfm-debug`—Include CFM specific information. `cos-debug`—Include COS specific information. `dcd-debug`—Include dcd-debug specific report and logs. `erp-debug`—Include ERP support RSI information. `fabric-debug`—Include fabric-debug specific report and logs. `firewall-debug`—Include Firewall specific information. `global-data-shared-memory-debug`—Include global data shared memory specific information. `ha-debug`—Include GRES, ISSU, and NSR information. `ipsec-debug`—Include ipsec-debug specific report and logs. `jnu-debug`—Collect JNU debug information. `l2-debug`—Include Layer 2 support RSI information. `l3-debug`—Include L3 specific information. `lacp-debug`—Include LACP specific information. `lag-debug`—Include LAG debug commands. `ldp-debug`—Include LDP specific information. `lfm-debug`—Include LFM specific information. `macsec-debug`—MACSEC support RSI information. `mclag-debug`—nclude mclag-debug specific report and logs. `mvpn-debug`—Collect MVPN debug information. `netstack-debug`—Include Layer 3/Layer 4, netkey, and NTP debug commands. `netstack-infra-debug`—Includes junos netstack infra and ifstate debug commands. `pcep-debug`—Include PCEP specific information. `pfe-debug`—Include DPP PFE support RSI information. `ppmd-debug`—Include PPMD, ppman specific information. `stp-debug`—Include STP support RSI information. `timing-debug`—Include timing specific information. `ui-debug`—Include Manageability specific information. `vrrp-debug`—Include VRRP debug specific report and logs.
with-options	Display a compressed archive file (tar.gz) containing output from the component specific `request support information` command with a specific parameter. This command provides flexibility in gathering system information and allows you to customize the output based on your requirements.

Additional Information

The show commands issued as a result of this command vary depending on which platform you issue the command from. Output is always appropriate for the device. For example, Table 1 lists the show commands that are called when you issue request support information on an MX Series router.

Table 1: Sample show Commands Called by the request support information command on an MX Series Router
`show chassis alarms no-forwarding`	`show interfaces extensive no-forwarding`
`show chassis environment no-forwarding`	`show krt queue`
`show chassis fabric degradation`	`show krt state`
`show chassis fabric destinations`	`show pfe statistics error`
`show chassis fabric fpcs`	`show pfe statistics traffic`
`show chassis fabric plane`	`show route summary`
`show chassis fabric reachability`	`show system boot-messages no-forwarding`
`show chassis fabric summary`	`show system buffer no-forwarding`
`show chassis fpc`	`show system commit`
`show chassis fpc detail`	`show system core-dumps no-forwarding`
`show chassis firmware no-forwarding`	`show system processes extensive no-forwarding`
`show chassis hardware detail no-forwarding`	`show system queues no-forwarding`
`show chassis hardware extensive no-forwarding`	`show system statistics no-forwarding`
`show pfe statistics traffic`	`show system storage no-forwarding`
`show chassis power`	`show system uptime no-forwarding`
`show chassis routing-engine no-forwarding`	`show system virtual-memory no-forwarding`
`show configuration \| except SECRET-DATA`	`show version detail no-forwarding`

Note:

The no-forwarding option ensures that all mgd processes associated with the show command are properly halted if you break into the output (Ctrl+C) while the command is still running.

Show command show interfaces extensive no-forwarding is not supported for request support information brief command.

Table 2 lists the show commands that are called when you issue request support information ipsec-vpn on a MX Series Router.

Table 2: Sample show commands called by the request support information ipsec-vpn command on an MX Series Router
`show version no-forwarding \| no-more`	`show services ipsec-vpn ipsec statistics \| no-more`
`show system uptime no-forwarding \| no-more`	`show security pki local-certificate detail no-forwarding`
`show system core-dumps no-forwarding \| no-more`	`show security pki local-certificate system-generated detail no-forwarding`
`show system processes extensive no-forwarding \| grep ike`	`show security pki ca-certificate detail no-forwarding`
`show system processes extensive no-forwarding \| grep kmd`	`show security pki crl detail no-forwarding`
`show chassis fpc pic-status`	`show security pki certificate-request detail no-forwarding`
`show chassis cluster status`	`show security pki statistics no-forwarding \| no-more`
`show chassis cluster interfaces`	`show ipsec memory-usage \| no-more`
`show chassis cluster information`	`show services sessions analysis \| no-more`
`show configuration \| no-more`	`show services sessions extensive \| no-more`
`show route forwarding-table \| no-more`	`show pfe statistics traffic \| no-more`
`show interfaces extensive \| no-more`	`show pfe statistics exceptions \| no-more`
`show services ipsec-vpn ike security-associations detail \| no-more`	`show pfe statistics error \| no-more`
`show services ipsec-vpn ike statistics \| no-more`	`show extension-provider system processes extensive \| match mspmand`
`show services ipsec-vpn ipsec security-associations detail \| no-more`	`show services service-sets statistics packet-drops \| no-more`
`plugin ipsec show stats all`	`plugin ipsec show sadb detail`
`plugin ipsec show rules all`	`plugin ipsec show rules no-sa`
`plugin ipsec show sa-trigger-seqno`	`plugin ipsec show invalid-spi brief`
`plugin ipsec show invalid-spi history`	`show msp pkt-cntrs terse`
`show msp pkt-cntrs`	`show msp plugins pkt-cntrs`
`show msp service-sets`	`show msp service-sets summary`
`show msp service-sets mem-usage`	`show msp ip-stats`
`show msp mem usage`	`show msp mem ocwm jnx-msp-shm-data mum`
`show msp mem ocwm jnx-msp-shm-data mum objcache`	`show msp stats ctrl`
`show msp cpu-throttle`	`show svcs-xlp intf counters`
`show svcs-xlp exceptions`	`show svcs-xlp exceptions detail`
`show svcs-xlp cpu stats`	`show svcs-xlp fifo`
`show svcs-xlp poe stats`	`show svcs-xlp jbuf-stats`
`plugin ha show ckpt`	`plugin ha show ha-pvt-obj stats`
`plugin ha show info-ha-plugin`	`plugin ha show stats`
`plugin ha show udp`	`plugin ha show mtu`
`plugin ha show junos-sync stats`	`plugin ha show junos-sync stats aggregation`
`plugin ha show junos-sync stats history`

Starting in Release 20.2R1, Junos OS introduces ipsec-vpn option to the existing request support information command. The request support information ipsec-vpn command displays all the configurations, states, and statistics at Routing Engine and Service Card level. This new option helps in debugging IPsec-VPN related issues. The information collection is streamlined and reduces the output file size.

Table 3 lists the show commands that are called when you issue request support information on an EX Series 9200 switch. The table does not include the no-forwarding option, which is used for purposes of the request support information, itself.

Table 3: Sample show Commands Called by the request support information command on an EX Series 9200 Switch
`show chassis alarms`	`show interfaces extensive`
`show chassis environment`
`show chassis firmware`	`show pfe statistics traffic`
show chassis fpcdetail	`show spanning-tree bridge detail`
`show chassis hardware detail`	`show spanning-tree interface`
`show chassis routing-engine`
`show configuration \| except SECRET-DATA \| display omit`	`show system boot-messages`
show dhcp-security binding	`show system queues`
show dhcp-security ipv6 binding	`show system processes extensive`
	`show system queues`
`show ethernet-switching interface detail`	`show system statistics`
`show ethernet-switching table`	`show vlans extensive`
	`show vrrp summary`

Table 4 lists the show commands that are called when you issue request support information on SRX Series Firewalls.

Table 4: Sample show Commands Called by the request support information command on SRX Series Firewalls
`show pfe statistics traffic`	`show interfaces queue`
`show chassis environment no-forwarding`	`show security monitoring fpc 0`
`show chassis fpc detail`	`show system license`
`show system storage no-forwarding`	`show security policies hit-count no-forwarding`
`show system virtual-memory no-forwarding`	`show security policies information no-forwarding`
`show system buffer no-forwarding`	`show security dns-cache`
`show system queues no-forwarding`	`show security flow statistics`
`show chassis hardware extensive no-forwarding`	`show security flow status`
`show krt queue`	`show security flow session summary no-forwarding`
`show route summary`	`show security utm anti-virus status`
`show version no-forwarding`	`show system processes extensive no-forwarding`
`show system uptime no-forwarding`	`show chassis fpc pic-status`
`show system core-dumps no-forwarding`	`show chassis cluster status`
`show chassis cluster interfaces`	`show chassis cluster information`
`show route forwarding-table`	`show interfaces extensive`
`show security pki local-certificate detail no-forwarding`	`show security pki local-certificate system-generated detail no-forwarding`
`show security pki ca-certificate detail no-forwarding`	`show security pki crl detail no-forwarding`
`show security pki certificate-request detail no-forwarding`	`show security pki statistics no-forwarding`
`show security internal-security-association no-forwarding`	`show security ike security-associations detail no-forwarding`
`show security ike active-peer stats no-forwarding`	`show security ike stats no-forwarding`
`show security ipsec security-associations detail no-forwarding`	`show security ipsec statistics no-forwarding`
`show security ipsec tunnel-distribution no-forwarding`	`show security ipsec tunnel-distribution summary no-forwarding`
`show security ipsec next-hop-tunnels no-forwarding`	`show security ipsec tunnel-events-statistics no-forwarding`
`show security ipsec inactive-tunnels no-forwarding`	`show pfe statistics traffic`
`show usp ipsec sa`	`show usp ipsec pmi-sa`
`show usp ipsec global-stat`	`show usp ipsec pkt-stat`
`show usp ipsec stat`	`show usp ipsec spd table`
`show usp ipsec spd stats`	`show usp ipsec traffic-selector stats`
`show usp ipsec traffic-selector pkt-stats`	`show usp ipsec tunnel-distribution`
`show usp ipsec nsp-tunnel-table`	`show usp ipsec nhtb`
`show usp ipsec ager stats`	`show talus number stats all`
`show talus number drop-pkt`	`show talus number queue-bp`
`show jspec talus number registers cntr fi_bp number`	`show jspec talus number registers cntr fi_bp number`
`show jspec talus number registers cntr fi_bp number`	`show jspec talus number registers cntr fi_bp number`
`show jspec talus number registers cntr fo_free number`	`show jspec talus number registers cntr fo_free number`
`show jspec talus number registers cntr fo_free number`	`show jspec talus number registers cntr fo_free number`
`show jspec talus number registers cntr ing_eop number`	`show jspec talus number registers cntr ing_eop number`
`show jspec talus number registers cntr ing_eop number`	`show jspec talus number registers cntr ing_eop number`
`show security nat destination pool all`	`show security nat destination pool all all-logical-systems-tenants`
`show security nat destination rule all`	`show security nat destination summary`
`show security nat destination summary no-forwarding all-logical-systems-tenants`	`show security nat interface-nat-ports no-forwarding all-logical-systems-tenants`
`show security nat resource-usage source-pool all`	`show security nat source deterministic`
`show security nat source paired-address all-logical-systems-tenants`	`show security nat source persistent-nat-table all all-logical-systems-tenants`
`show security nat source persistent-nat-table summary`	`show security nat source pool all`
`show security nat source pool all all-logical-systems-tenants`	`show security nat source port-block all-logical-systems-tenants`
`show security nat source rule all`	`show security nat source summary`
`show security nat source summary no-forwarding all-logical-systems-tenants`	`show security nat static rule all no-forwarding all-logical-systems-tenants`

Starting in Junos OS Release 15.1X49-D110, on SRX5400, SRX5600, and SRX5800 devices, a new option secure-gateway is added to the existing request support information command. This new option displays all the required information that is relevant for secure gateway deployment scenarios. In Junos OS Release 15.1X49-D100 and earlier, request support information displays the information about all features that might not be relevant for secure gateway deployments.

Starting in Junos OS Release 20.2R1, we’ve introduced the CLI ipsec-vpn option to the existing request support information security-components command. This new option displays all the configuration, states, and statistics information necessary for debugging IPsec VPN related issues.

Required Privilege Level

maintenance, view, and view-configuration

Output Fields

For information about output fields, see the description for the specific command-–listed in the output– in which you are interested.

Sample Output

request support information | save
request support information security-components nat (SRX Series Firewall)
request support information (SRX Series Firewall)
request support information ipsec-vpn (MX Series Router)

request support information | save

request support information security-components nat (SRX Series Firewall)

request support information (SRX Series Firewall)

request support information ipsec-vpn (MX Series Router)

Release Information

Command introduced before Junos OS Release 7.4.

Option brief introduced in Junos OS Release 13.2.

Option secure-gateway introduced in Junos OS Release 15.1X49-D110 for SRX5400, SRX5600, and SRX5800 devices.

Options security-components and ipsec-vpn introduced in Junos OS Release 20.2R1.

Options evpn-mpls and evpn-vxlan introduced in Junos OS and Junos OS Evolved Releases 21.2R3, 21.4R2, 21.4R3, and 22.2R1.

Additional EVPN multicast debug information added to evpn-vxlan option output in Junos OS and Junos OS Evolved Releases 22.4R2 and 23.1R1.

Options archive, with-logs, with-components, and with-options introduced in Junos OS and Junos OS Evolved Release 24.2R1.

Option timing-debug added to with-components option to include timing specific information output in Junos OS Evolved Releases 24.4R1.

Option nat introduced in Junos OS Release 25.1R1.

Options cos and l3-debug introduced in Junos OS Evolved Release 25.2R1 for QFX Series Switches.

ON THIS PAGE