inspect flow-detail
Table of Contents
Expand all | Collapse all
-
-
- clear app-engine
- clear app-map dynamic
- clear app-probe prefix
- clear connection
- clear device account-login
- clear dhcplease
- clear dhcprelay stat
- clear flow and clear flows
- clear flow-arp
- clear qos-bwc queue-snapshot
- clear routing
- clear routing multicast statistics
- clear routing ospf
- clear routing peer-ip
- clear switch mac-address-entries
- clear user-id agent statistics
-
- arping interface
- curl
- ping
- ping6
- debug bounce interface
- debug bw-test src-interface
- debug cellular stats
- debug controller reachability
- debug flow
- debug ipfix
- debug log agent eal file log
- debug logging facility
- debug logs dump
- debug logs follow
- debug logs tail
- debug poe interface
- debug process
- debug reboot
- debug routing multicast log
- debug routing multicast pimd
- debug servicelink logging
- debug tcpproxy
- debug time sync
- debug performance-policy
- dig dns
- dig6
- file export
- file remove
- file space available
- file tailf log
- file view log
- ssh6 interface
- ssh interface
- tcpdump
- tcpping
- traceroute
- traceroute6
-
- dump appdef config
- dump appdef version
- dump app-engine
- dump app-l4-prefix table
- dump app-probe config
- dump app-probe flow
- dump app-probe prefix
- dump app-probe status
- dump auth config
- dump auth status
- dump banner config
- dump bfd status
- dump bypass-pair config
- dump cellular config
- dump cellular stats
- dump cellular status
- dump cgnxinfra status
- dump cgnxinfra status live
- dump cgnxinfra status store
- dump config network
- dump config security
- dump controller cipher
- dump controller status
- dump device accessconfig
- dump device conntrack count
- dump device date
- dump device info
- dump device status
- dump dhcp-relay config
- dump dhcprelay stat
- dump dhcp-server config
- dump dhcp-server status
- dump dhcpstat
- dump dnsservice config all
- dump dpdk cpu
- dump dpdk interface
- dump dpdk port status
- dump dpdk stats
- dump flow
- dump flow count-summary
- dump interface config
- dump interface status
- dump interface status interface details
- dump interface status interface module
- dump ipfix config collector-contexts
- dump ipfix config derived-exporters
- dump ipfix config filter-contexts
- dump ipfix config ipfix-overrides
- dump ipfix config prefix-filters
- dump ipfix config profiles
- dump ipfix config templates
- dump lldp
- dump lldp config
- dump lldp info
- dump lldp stats
- dump lldp status
- dump log-agent eal conn
- dump log-agent eal response-time
- dump log-agent eal stats
- dump log-agent config
- dump log-agent iot snmp config
- dump log-agent iot snmp device discovery stats
- dump log-agent ip mac bindings
- dump log-agent neighbor discovery stats
- dump log-agent status
- dump ml7 mctd counters
- dump ml7 mctd session
- dump ml7 mctd version
- dump nat counters
- dump nat summary
- dump network-policy config policy-rules
- dump network-policy config policy-sets
- dump network-policy config policy-stacks
- dump network-policy config prefix-filters
- dump overview
- dump performance-policy config policy-rules
- dump performance-policy config policy-sets
- dump performance-policy config policy-set-stacks
- dump performance-policy config threshold-profile
- dump poe system config
- dump poe system status
- dump priority-policy config policy-rules
- dump priority-policy config policy-sets
- dump priority-policy config policy-stacks
- dump priority-policy config prefix-filters
- dump probe config
- dump probe profile
- dump radius config
- dump radius statistics
- dump radius status
- dump reachability-probe config
- dump qos-bwc config
- dump reachability-probe status
- dump routing aspath-list
- dump routing cache
- dump routing communitylist
- dump routing multicast config
- dump routing multicast igmp
- dump routing multicast interface
- dump routing multicast internal vif-entries
- dump routing multicast mroute
- dump routing multicast pim
- dump routing multicast sources
- dump routing multicast statistics
- dump routing multicast status
- dump routing ospf
- dump routing peer advertised routes
- dump routing peer config
- dump routing peer neighbor
- dump routing peer received-routes
- dump routing peer routes
- dump routing peer route-via
- dump routing peer status
- dump routing peer route-json
- dump routing prefixlist
- dump routing prefix-reachability
- dump routing route
- dump routing routemap
- dump routing running-config
- dump routing summary
- dump routing static-route reachability-status
- dump routing static-route config
- dump security-policy config policy-rules
- dump security-policy config policy-set
- dump security-policy config policy-set-stack
- dump security-policy config prefix-filters
- dump security-policy config zones
- dump sensor type
- dump sensor type summary
- dump serviceendpoints
- dump servicelink summary
- dump servicelink stats
- dump servicelink status
- dump site config
- dump snmpagent config
- dump snmpagent status
- dump software status
- dump spoke-ha config
- dump spoke-ha status
- dump standingalarms
- dump static-arp config
- dump static host config
- dump static routes
- dump support details
- dump-support
- dump switch fdb vlan-id
- dump switch port status
- dump switch vlan-db
- dump syslog config
- dump syslog-rtr stats
- dump syslog status
- dump time config
- dump time log
- dump time status
- dump troubleshoot message
- dump user-id agent config
- dump user-id agent statistics
- dump user-id agent status
- dump user-id agent summary
- dump user-id groupidx
- dump user-id group-mapping
- dump user-id ip-user-mapping
- dump user-id statistics
- dump user-id status
- dump user-id summary
- dump user-id useridx
- dump vlan member
- dump vpn count
- dump vpn ka all
- dump vpn ka summary
- dump vpn ka VpnID
- dump vpn status
- dump vpn summary
- dump vrf
- dump waninterface config
- dump waninterface summary
-
- inspect app-flow-table
- inspect app-l4-prefix lookup
- inspect app-map
- inspect certificate
- inspect certificate device
- inspect cgnxinfra role
- inspect connection
- inspect dhcplease
- inspect dhcp6lease
- inspect dpdk ip-rules
- inspect dpdk vrf
- inspect fib
- inspect fib-leak
- inspect flow-arp
- inspect flow brief
- inspect flow-detail
- inspect flow internal
- inspect interface stats
- inspect ipfix exporter-stats
- inspect ipfix collector-stats
- inspect ipfix app-table
- inspect ipfix wan-path-info
- inspect ipfix interface-info
- inspect ip-rules
- inspect ipv6-rules
- inspect lqm stats
- inspect memory summary
- inspect network-policy conflicts
- inspect network-policy dropped
- inspect network-policy hits policy-rules
- inspect network-policy lookup
- inspect performance-policy fec status
- inspect policy-manager status
- inspect policy-mix lookup-flow
- inspect priority-policy conflicts
- inspect priority-policy dropped
- inspect priority-policy hits default-rule-dscp
- inspect priority-policy hits policy-rules
- inspect priority-policy lookup
- inspect performance-policy incidents
- inspect performance-policy lookup
- inspect performance-policy hits analytics
- inspect process status
- inspect qos-bwc debug-state
- inspect qos-bwc queue-history
- inspect qos-bwc queue-snapshot
- inspect routing multicast fc site-iface
- inspect routing multicast interface
- inspect routing multicast mroute
- inspect security-policy lookup
- inspect security-policy size
- inspect switch mac-address-table
- inspect system arp
- inspect system ipv6-neighbor
- inspect system vrf
- inspect vrf
- inspect wanpaths
-
inspect flow-detail
Use the inspect flow-detail command
to inspect the details on active flows and to debug current flows
matching the user-specified options. It displays existing flows
and their path, and whether the path is in established or initialized
state.
Command
inspect flow-detail (all | [prot-nm=( udp | tcp | icmp ) |prot-no=0-255] | srcv4=src-ipv4 | srcv6=src-ipv6 | srcport=src-port | dstv4=dst-ipv4 | dstv6=dst-ipv6 | dstport=dst-port )
Options
| srcv4 | Enter the source IP address. |
| dstv4 | Enter the destination IP address. |
| srcv6 | Enter the source IP address. Release 6.2.1 |
| dstv6 | Enter the destination IP address. Release 6.2.1 |
| srcport | Enter the source port. |
| dstport | Enter the destination port. |
| prot-nm | Tab to select UDP, TCP, or ICMP. |
| prot-no | Enter a protocol number ranging from 0 - 255. |
Command Notes
| Role | Super, Read Only |
| Related Commands | — |
| Introduced in | Release 4.4.1 |
Example
inspect flow detail VRF SRC DST SPORT DPORT PROTOCOL START-TIME APP-ID NET-POLICY PRI-POLICY SEC-POLICY SEC-ACTION WANPATH-ID PATH yellow 192.168.7.100 192.168.20.100 8 0 1 2023-10-10 04:22:57 unknown enterprise-default 1696395771321023828 lan_to_public_vpn TRAFFIC: xact PRIORITY: 2 DSCP: -- STATE: ESTABLISHED IDLE: 20 IFACE: v-eth6 RX_VRF: yellow (965) FWD_VRF: yellow (965) LEAK_VRF: Global (0) NET-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: 1681410079845017228 UG-INFO: any PRI-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: 1681410079905017328 UG-INFO: any SEC-RULE-IDS: none
inspect flow detail SRC DST SPORT DPORT PROTOCOL START-TIME APP-ID NET-POLICY PRI-POLICY SEC-POLICY SEC-ACTION WANPATH-ID PATH 30.1.1.2 10.1.1.2 8 0 1 2022-12-15 09:09:21 ping match icmp test default user allow any other user ALLOW 1665475784156002328 unknown_flow_path TRAFFIC: xact PRIORITY: 3 DSCP: -- STATE: INIT IDLE: 20 IFACE: NET-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: none UG-INFO: 158622979242302240[CN=engineering,DC=sdwanamsteltest,DC=onmicrosoft,DC=com] PRI-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: none UG-INFO: 1674636535551001928[sdwanamsteltest\edward@sdwanamsteltest.onmicrosoft.com] SEC-RULE-IDS: 1667810313551011228
inspect flow detail dstv6=2103::13 srcv6=2201:100::2 SRC DST SPORT DPORT PROTOCOL START-TIME APP-ID NET-POLICY PRI-POLICY SEC-POLICY SEC-ACTION WANPATH-ID PATH 2201:100::2 2103::13 128 0 58 2023-03-30 10:20:56 ipv6-icmp-base default default -- N/A 1670476802377011228 lan_to_l3_private_direct TRAFFIC: xact PRIORITY: 3 DSCP: -- STATE: ESTABLISHED IDLE: 20 IFACE: v-eth1 NET-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: none UG-INFO: any PRI-POLICY:: NCTX-ID: none SPF-ID: none DPF-ID: none UG-INFO: any SEC-RULE-IDS: none