Diagnose debug flow trace for FPC and management board activity
The diagnose debug flow trace
output from the FortiGate-6000 management board CLI now displays debug data for the management board and for all of the FPCs. Each line of output begins with the name of the component that produced the output. For example:
diagnose debug enable [FPC06] id=20085 trace_id=2 func=resolve_ip6_tuple_fast line=4190 msg="vd-vlan:0 received a packet(proto=6, 3ff5::100:10001->4ff5::13:80) from vlan-port1." [FPC07] id=20085 trace_id=2 func=resolve_ip6_tuple_fast line=4190 msg="vd-vlan:0 received a packet(proto=6, 3ff5::100:10000->4ff5::11:80) from vlan-port1." [FPC06] id=20085 trace_id=2 func=resolve_ip6_tuple line=4307 msg="allocate a new session-000eb730" [FPC07] id=20085 trace_id=2 func=resolve_ip6_tuple line=4307 msg="allocate a new session-000eb722" [FPC06] id=20085 trace_id=2 func=vf_ip6_route_input line=1125 msg="find a route: gw-4ff5::13 via vlan-port2 err 0 flags 01000001"
Running FortiGate-6000 diagnose debug flow trace
commands from an individual FPC CLI shows traffic processed by that FPC only. For example:
diagnose debug enable
[FPC02] id=20085 trace_id=2 func=resolve_ip6_tuple_fast line=4190 msg="vd-vlan:0 received a packet(proto=6, 3ff5::100:10001->4ff5::28:80) from vlan-port1." [FPC02] id=20085 trace_id=2 func=resolve_ip6_tuple line=4307 msg="allocate a new session-000f00fb" [FPC02] id=20085 trace_id=2 func=vf_ip6_route_input line=1125 msg="find a route: gw-4ff5::28 via vlan-port2 err 0 flags 01000001" [FPC02] id=20085 trace_id=2 func=fw6_forward_handler line=345 msg="Check policy between vlan-port1 -> vlan-port2"