The display firewall l2-multicast session table command displays the session table of Layer 2 IP multicast packets.
display firewall l2-multicast [ ipv6 ] session table [ verbose ] [ vsys vsys-name | all-systems ] [ source-zone source-zone-name | source-port source-port-num | destination-port destination-port-num | protocol { tcp | udp | sctp | icmp | protocol-id } | vlan vlan-id | interface { interfacename | interfacetype interfacenum } | source-ip source-ip-address | destination-ip destination-ip-address | slot slot-id cpu cpu-id ] *
Parameter |
Description |
Value |
|---|---|---|
ipv6 |
Indicates IPv6 packet sessions. |
- |
verbose |
Displays session table details. |
- |
vsys vsys-name |
Specifies the virtual system of sessions. |
The virtual system must already exist. |
all-systems |
Indicates the sessions of all systems. |
- |
source-zone source-zone-name |
Specifies the source security zone of sessions. |
- |
source-port source-port-num |
Specifies the source port of sessions. |
- |
destination-port destination-port-num |
Specifies the destination port of sessions. |
- |
protocol { tcp | udp | sctp | icmp | protocol-id } |
Specifies the protocol of sessions.
|
The protocol-id value is an integer ranging from 0 to 255. |
vlan vlan-id |
Specifies the VLAN ID of sessions. |
The VLAN ID must exist. |
interface { interfacename | interfacetype interfacenum } |
Specifies the inbound interface of sessions.
|
- |
source-ip source-ip-address |
Specifies the source IP address of sessions. |
- |
destination-ip destination-ip-address |
Specifies the destination IP address of sessions. |
- |
slot slot-id |
Specifies the slot ID of the SPU. Only the USG6635E/6655E, USG6680E and USG6712E/6716E support this parameter. |
- |
cpu cpu-id |
Specifies the CPU ID. Only the USG6635E/6655E, USG6680E and USG6712E/6716E support this parameter. |
- |
A session table contains a maximum of 20,000 sessions. Each session records up to 16 outbound interfaces. The device checks specification-exceeding packets based on security policies to determine whether to permit them.
# Display detailed session information about Layer 2 IPv4 multicast packets.
<sysname> display firewall l2-multicast session table verbose Current Total Sessions : 1 Slot: 12 CPU: 0 udp VPN: public --> public TTL: 00:02:00 Left: 00:02:00 Recv Interface: GigabitEthernet0/0/1 In-zone: trust --> Packets: 3853 bytes: 231,180 10.1.1.8:333 --> 10.2.2.10:333 Send port number: 1 Send interface list : GigabitEthernet0/0/2 zone:trust Tag-flag:Tag
Item |
Description |
|---|---|
Current Total Sessions |
Number of sessions |
Slot: 12 CPU: 0 |
Slot ID and CPU ID |
udp |
Protocol type |
VPN: public --> public |
VPN instance name and direction (source to destination) |
TTL |
Time to live of a session |
Recv Interface |
Inbound interface of packets |
In-zone |
Security zone of an inbound interface |
--> Packets: 3853 bytes: 231,180 |
Numbers of packets (including fragments) and bytes in the outbound direction of a session |
10.1.1.8:333 --> 10.2.2.10:333 |
Session table information |
Send port number |
Number of outbound interfaces |
Send interface list |
List of outbound interfaces |
GigabitEthernet0/0/2 zone:trust Tag-flag:Tag |
Outbound interface, security zone of the outbound interface, and VLAN tag of packets |