Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

traceoptions (Security IPsec)

Syntax

Hierarchy Level

Description

CAUTION:

Enabling tracing can adversely impact scale and performance and may increase security risk. We strongly recommend using the trace, tracing, or traceoptions commands only under the guidance of a JTAC support engineer. After collecting the debug information, immediately disable tracing to minimize risk and restore normal system performance.

Configure IPsec tracing options. Trace operations track IPsec events and record them in a log file in the /var/log directory.

Trace operations are written to the trace file /var/log/kmd.

Options

  • flag—To specify more than one trace operation, include multiple flag statements.

    • all—Trace with all flags enabled

    • next-hop-tunnel-binding—Trace next-hop tunnel binding events

    • packet-drops—Trace packet drop activity

    • packet-processing—Trace data packet processing events

    • security-associations—Trace security association (SA) management events

Required Privilege Level

trace—To view this statement in the configuration.

trace-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 8.5.

Related Documentation