Tracing on Juniper – Explained

Another way to monitor what is happening to your Juniper router is to use the Tracing.

Tracing is similar to debugging if you come from the Cisco world. What tracing does, it shows us directly and live what is happening on our Juniper router. Of course, tracing takes load on the Juniper hardware resources, so you should use it with caution, and you should trace one thing at a time.

In in the previous lesson, I gave you the example of the broken leg to make the topic easier to be understood, I will use the same example also here 😊

With tracing, it is like someone got a broken leg and he went to the doctor who directly put him under the surgery and looked directly what is broken on his leg then fixed it. Same on the trace, you see what is happening directly on the Juniper router then you can take an immediate action to fix it.

As the syslog, tracing are stored in /var/log directory. You can also send them to a server if you want.

Let’s apply a LAB now to see how tracing works.

I will do tracing on OSPF even though that I don’t have OSPF protocol enabled on my router. If you do not know what OSPF protocol is, it is a dynamic routing protocol that you can use to allow the router to dynamically learn routes from other routers that have OSPF protocol enabled on them. Don’t worry about it, just OSPF is here to show you how tracing works.

root@Juniper# edit protocols ospf

[edit protocols ospf]

root@Juniper# set ?

Possible completions:

+ apply-groups         Groups from which to inherit configuration data

+ apply-groups-except  Don’t inherit configuration data from these groups

> area                 Configure an OSPF area

> backup-spf-options   Configure options for backup SPF

> database-protection  Configure database protection attributes

disable              Disable OSPF

+ export               Export policy

external-preference  Preference of external routes

> graceful-restart     Configure graceful restart attributes

+ import               Import policy (for external routes or setting priority)

no-nssa-abr          Disable full NSSA functionality at ABR

no-rfc-1583          Disable RFC1583 compatibility

> overload             Set the overload mode (repel transit traffic)

preference           Preference of internal routes

prefix-export-limit  Maximum number of prefixes that can be exported

reference-bandwidth  Bandwidth for calculating metric defaults

rib-group            Routing table group for importing OSPF routes

> spf-options          Configure options for SPF

> topology             Topology parameters

> traceoptions         Trace options for OSPF

> traffic-engineering  Configure traffic engineering attributes

You can see from the OSPF hierarchy level, I can use “traceoptions” command to trace things in OSPF routing protocol.

Let’s go the traceoptions and see what we have there:

root@Juniper# edit traceoptions

[edit protocols ospf traceoptions]

root@Juniper# set ?

Possible completions:

+ apply-groups         Groups from which to inherit configuration data

+ apply-groups-except  Don’t inherit configuration data from these groups

> file                 Trace file options

> flag                 Tracing parameters

I see clearly that I can use the file and the flag.

File is where to save the trace file, and flag is to mention what you wish to trace in OSPF exactly. For example, you can trace the hello packets or LSA updates or authentication etc.…

Let’s do the file part:

[edit protocols ospf traceoptions]

root@Juniper# set file OSPF-TRACE size ?

Possible completions:

<size>               Maximum trace file size (10240..4294967295)

[edit protocols ospf traceoptions]

root@Juniper# set file OSPF-TRACE size 64000 ?

Possible completions:

<[Enter]>            Execute this command

files                Maximum number of trace files (2..1000)

no-world-readable    Don’t allow any user to read the log file

world-readable       Allow any user to read the log file

|                    Pipe through a command

[edit protocols ospf traceoptions]

root@Juniper# set file OSPF-TRACE size 64000 world-readable

[edit protocols ospf traceoptions]

root@Juniper# show

file OSPF-TRACE size 64000 world-readable;

[edit protocols ospf traceoptions]


I have said to the Juniper router to save the tracing to a file called OSPF-TRACE and give the file a size of 64 KB and allow the file to be readable by any user on Juniper.

Now I want to mention to the router that I want to trace only the Hello Packets in OSPF. This should be done from the Flag as the following:

[edit protocols ospf traceoptions]

root@Juniper# set flag ?

Possible completions:

all                  Trace everything

database-description  Trace database description packets

error                Trace errored packets

event                Trace OSPF state machine events

flooding             Trace LSA flooding

general              Trace general events

graceful-restart     Trace graceful restart

hello                Trace hello packets

ldp-synchronization  Trace synchronization between OSPF and LDP

lsa-ack              Trace LSA acknowledgment packets

lsa-analysis         Trace LSA analysis

lsa-request          Trace LSA request packets

lsa-update           Trace LSA update packets

normal               Trace normal events

nsr-synchronization  Trace NSR synchronization events

on-demand            Trace demand circuit extensions

packet-dump          Dump the contents of selected packet types

packets              Trace all OSPF packets

policy               Trace policy processing

restart-signaling    Trace restart signaling

route                Trace routing information

spf                  Trace SPF calculations

[edit protocols ospf traceoptions]

root@Juniper# set flag hello

[edit protocols ospf traceoptions]

root@Juniper# commit

As you see, under the flag you can choose plenty of things to be traced, but I have just chosen the hello packets to be traced. I have also committed the configuration.

I would like now to see where the file has been created:

root@Juniper> show log ?

Possible completions:

<[Enter]>            Execute this command

<filename>           Name of log file

OSPF-TRACE           Size: 67, Last changed: Feb 08 15:58:07

I can see it under the “show log” command.

Let’s open it and see what will happen:

root@Juniper> show log OSPF-TRACE

Feb  8 15:57:51 trace_on: Tracing to “/var/log/OSPF-TRACE” started


The tracing has started now, meaning if I had OSPF configured, then I could trace the hello packets and see them live on my command line.

This is all what I wanted to show you in this lesson, hope you enjoyed it and see you in the upcoming one 😊

Course Content


Submit a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.