show security policies lookup-intact-on-commit
Syntax
show security policies lookup-intact-on-commit [ eligibility | status ]
Description
Displays the information about the
lookup-intact-on-commit configuration
status on all forwarding planes on the device. The output also
displays eligibility of the device based on the option.
Options
| eligibility |
Display the eligibility of the device to enable the (lookup-intact-on-commit) configuration. The command checks the memory and platform requirements of the device and displays the eligibility information along with the system memory availability. The device is eligible only if it has enough free space (20% of total memory) after accommodating the required memory utilization of this feature. |
| status |
Display the activation status of the configuration (lookup-intact-on- commit) on all the forwarding planes of the device. The output shows the details per forwarding plane. To activate the (lookup-intact-on-commit) option on the forwarding plane(s), you must restart all the forwarding planes and the forwarding plane(s) on the chassis cluster pair. |
Required Privilege Level
view
Output Fields
Table lists the output fields for the show security policies
lookup-intact-on-commit command. Output fields are
listed in the approximate order in which they appear.
|
Field Name |
Field Description |
|---|---|
|
|
Displays the forwarding plane name along with Layer2 chassis cluster node information. This output is shown for the (status and eligibility) options |
|
|
Displays the forwarding plane configuration activation status. This output is shown for the (status) option. The output displays one of the following status related to the :
|
|
|
Displays the memory eligibility of the system per FPC. This output indicates if the particular FPC is eligible for configuring the set security policies lookup-intact-on-commit configuration. The field displays the verdict based on forwarding plane inputs as Eligible (or) Ineligible with Kernel heap free (%) after validating the required memory for the feature. |
Sample Output
- show security policies lookup-intact-on-commit status
- show security policies lookup-intact-on-commit eligibility
- show security policies lookup-intact-on-commit eligibility (Chassis Cluster)
show security policies lookup-intact-on-commit status
user@host> show security policies lookup-intact-on-commit status FPC NAME Status master Not Configured
show security policies lookup-intact-on-commit eligibility
user@host> show security policies lookup-intact-on-commit eligibility
FPC NAME Eligibility
master Eligible, kernel heap free:34%, is more than threshold
Eligible, user heap free:15%, is more than threshold
show security policies lookup-intact-on-commit eligibility (Chassis Cluster)
user@host> show security policies lookup-intact-on-commit eligibility
node0:
--------------------------------------------------------------------------
FPC NAME Eligibility
node0.fpc0 Eligible, kernel heap free:58%, is more than threshold
Eligible, user heap free:3%, is more than threshold
node1.fpc0 Eligible, kernel heap free:58%, is more than threshold
Eligible, user heap free:3%, is more than threshold
Release Information
Command introduced in Junos OS Release 24.4R1