Expand all | Collapse all

Checking mac table of a Juniper router

  • 1.  Checking mac table of a Juniper router

    Posted 01-16-2019 08:46

    Hi All,


    Could you please advise how can I check the mac address table of a Juniper router? For example SRX100,200 or 300 series.


    I am asking because the main article I find here is about checking mac on switches (and all commands bring no results or give errors) however I just want to see all mac entries learned on a router which doesn't perform switching funcions between multiple vlans and is used for example for internet access or VPN.


    > show ethernet-switching table

    warning: ethernet-switching subsystem not running - not needed by configuration.


    "sh arp" is useless because it works on layer 3 and I need to acquire layer 2 information.


    show bridge ... - all sub-commands return zero mac addresses even tho the service is working and having traffic!


    For comparison if it's a Cisco 'sh mac address-table' or 'sh mac-address-table' (depending on platform) always returns the needed information. 


  • 2.  RE: Checking mac table of a Juniper router

    Posted 01-16-2019 14:27

    MAC learning is a switching function. If your srx is not configured for ethernet switching you will not have a MAC table. You will have an ARP table that performs MAC<->IP mapping.


    Below is an example of an SRX in switching mode that does have a MAC table.


    test@test> show chassis hardware 
    Hardware inventory:
    Item             Version  Part number  Serial number     Description
    Chassis                                xxxxxxxxxxx      SRX1500
    test@test> show ethernet-switching table 
    Ethernet switching table : 1 entries, 1 learned
    Routing instance : default-switch
        Vlan                MAC                 MAC         Age    Logical                NH        RTR 
        name                address             flags              interface              Index     ID
        100                 00:0c:bd:01:81:1f   D             -   ge-0/0/8.0             0         0       
    test@test> show configuration | snipped 
    set protocols l2-learning global-mode switching
    set interfaces ge-0/0/8 unit 0 family ethernet-switching interface-mode access
    set interfaces ge-0/0/8 unit 0 family ethernet-switching vlan members 100
    set vlans vlan100 vlan-id 100
    set vlans vlan100 l3-interface irb.100


  • 3.  RE: Checking mac table of a Juniper router

    Posted 01-26-2019 14:57

    Thanks for the explanation however I am still confused about something.


    In order to troubleshoot a simple layer 2 issue on a Juniper do I always have to enable ether-channel on the interface? 

    For example if I want to prove that there is issue with my service provider I need to show them that I am not learning any mac addresses on the WAN interface so I will have to change it's configuration. 


    Since the Juniper is performing layer 3 functions I would expect it to also store the mac addresses in a table (not arp table!) somewhere in it's memory. 

  • 4.  RE: Checking mac table of a Juniper router

    Posted 01-26-2019 15:04

    For that situation you would just use the interface level command

    show arp interface ge-0/0/0.0


    This shows the arp entries associated with that layer 3 interface and update in real time as changes occur.  We use this all the time as a service provider to verify we see the connected mac addresses of client connected routers of firewalls.


  • 5.  RE: Checking mac table of a Juniper router

    Posted 01-26-2019 16:18

    If your interface is configured as layer 3, your device will not maintain a list of MAC addresses outside of your subnet and you will not populate an ethernet table, even if one exists. The only reason your router cares about MAC addresses in a layer 3 context is so it knows where to send either routed (to next-hop) or same-subnet packets to. These are stored in the ARP table.  If there is a ip mismatch between you and your carrier then their IP and MAC will not show up in your ARP table.


    Therefore: If you want to analyze traffic that you are receiving from your carrier in an effort to troubleshoot then you should either:


    1. Mirror that port and capture traffic with wireshark, or

    2. Configure interface-level packet-capturing (https://www.juniper.net/documentation/en_US/junos/topics/concept/security-packet-capture-overview.html) and look at the capture offline

    3. As you mentioned, configure your interface as layer 2 to see if your carrier's MAC address shows up. This requires that your device supports ethernet switching and that they are actively sending traffic. 


    Your Cisco router will also not have a mac table unless it has a switching module. Perhaps you are thinking of a layer 3 switch. It's certainly possible that Cisco will helpfully add ARP entries to the MAC table but Juniper does not do this.



    Router>show hardware 
    Cisco IOS Software, C1900 Software (C1900-UNIVERSALK9-M), Version 15.0(1)M6, RELEASE SOFTWARE (fc1)
    Router#sho interfaces gi0/0
    GigabitEthernet0/0 is down, line protocol is up 
      Hardware is CN Gigabit Ethernet, address is 0007.1124.f200 (bia 0007.1124.f200)
      Internet address is
    Router>show ?
      login           Display Secure Login Configurations and State
    management Display the management applications mdf Show the names of configured EMM menus memory Memory statistics microcode show configured microcode for downloadable hardware modemcap Show Modem Capabilities database monitor Monitoring different system events mtm MTM network-clocks Network clocks information ... Router>show