SR Linux troubleshooting tools
This chapter describes the troubleshooting and diagnostic tools available on SR Linux, including BFD support, sFlow support, traffic monitoring, and packet-tracing functions.
BFD support
Bidirectional Forwarding Detection (BFD) is a lightweight mechanism used to monitor the liveliness of a remote neighbor. Because of this lightweight nature, BFD can send and receive messages at a much higher rate than other control plane hello mechanisms. This attribute allows connection failures to be detected faster than other hello mechanisms.
SR Linux supports BFD asynchronous mode, where BFD control packets are sent between two systems to activate and maintain BFD neighbor sessions between them.
BFD can be configured to monitor connectivity for the following:
BGP peers
Next-hops for static routes
OSPF adjacencies
IS-IS adjacencies
Micro-BFD, where BFD sessions are established for individual members of a LAG, is also supported. If the BFD session for one of the links indicates a connection failure, the link is taken out of service from the perspective of the LAG.
See the ‟BFD” chapter in the SR Linux Configuration Basics Guide for configuration information.
sFlow support
The SR Linux supports sFlow version 5 behavior and formats. sFlow is used to monitor data traffic flows traversing different points in a network. The sFlow functionality uses an sFlow agent and an sFlow collector. The agent is software that runs on a network element and samples and reports flow headers and statistics. The collector is software that typically runs on a remote server and receives the flow headers and statistics from one or more sFlow agents.
On the SR Linux, sFlow samples flow data and reports the samples to configured sFlow collectors. Up to eight sFlow collectors can be configured. When sFlow is enabled on an interface, the sFlow agent streams interface statistics to the configured sFlow collectors.
See the ‟sFlow” chapter of the SR Linux Troubleshooting Toolkit for configuration information and examples.
Interactive traffic monitoring tool
SR Linux features an interactive traffic monitoring tool that samples packets entering the system on any interface matching a set of parameters, and streams the header details either to the current login session or to a specified output file.
When the traffic monitoring tool is activated, mirroring policies are dynamically populated on all ingress ports, and matching packets are sent to the CPM for display. Header information for the matching packets is displayed in either tcpdump format or hex format, depending on the options chosen.
When the traffic monitoring tool is deactivated, the mirroring policies are automatically removed from all ingress interfaces.
See the ‟Interactive traffic monitoring” chapter of the SR Linux Troubleshooting Toolkit guide for usage information.
Packet-trace tool
SR Linux includes a packet-trace tool that reports the forwarding behavior of a probe packet. The probe packet is injected into a specified interface forwarding context, and the packet-trace tool records the forwarding destination or egress port for the probe packet, as well as any matched ACL records or reasons for discarding the packet. The probe packet can be specified in Scapy format, base64 format, or pcap file format.See the ‟Packet-trace tool” chapter of the SR Linux Troubleshooting Toolkit guide for usage information.
Traffic mirroring to remote and local destinations
Traffic mirroring sends copies of IPv4 and IPv6 packets from a designated source to a designated destination.
The source for the mirrored traffic can be an interface (port), a subinterface (VLAN), a LAG, or an ACL filter. The mirrored traffic can be copied to a local destination, such as a locally-attached traffic analyser (local mirroring), or encapsulated into a tunnel toward a remote destination (remote mirroring).
See the SR Linux Configuration Basics Guide, section "Mirroring", for usage information and configuration examples.