| Description | This article describes the command 'diagnose netlink device list' which helps to display all the interface counters of the FortiGate device at once in real-time. |
| Scope | To check if any rapid increase in any drop counter or to check/verify if the packets counter is increasing during troubleshooting, in case there is a suspicion, that no packets are coming to the device. |
The command 'diag netlink device list', will allow the user to see all the counters of all interfaces at once.
There are chances where slowness is encountered, or CPU is high and the traffic in interfaces is less, it can be verified using this information. Another scenario would be packet drop.
If there is a huge increase in misc counters it could be burst traffic in the network. If there are huge packets with CRC errors, the err counter might increase.
The next step would be to check why the downstream device is sending such packets to FortiGate.
The bytes in the output refer to the amount of bytes arrived at the interface from the time the device is UP. The packets stand for packets that arrive at the interface, from the time the device is UP, and similarly for the frames.
FIFO stands for first come first out packet. err for error and drop for packets dropped by the device on the interface.
Execute the command multiple times to verify if bytes, packets, or err are increasing. This might help to identify if the downstream device sending a packet but nothing is visible in the FortiGate sniffer. Or if a high err counter increase is observed, for example, misc could create latency or high CPU, etc. |
