debugging a traffic of a specific IP on cisco routers

Unanswered Question
May 13th, 2008
User Badges:

Hello,

if i need to debug the traffic of only one ip address on a cisco router , how can i do this??

i know that an access list may be used , but please clarify the method for me?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amritpatek Mon, 05/19/2008 - 09:03
User Badges:
  • Silver, 250 points or more

DEBUG TRAFFIC BASED ON AN ACCESS LIST:

The debug procedure is the following:

PLEASE make sure to use this commands very carefully. If there's a lot of traffic between

hosts you may crash the router.

1) Turn "on" process switching under both interfaces in the router.

Router(config)#interface

Router(config-if)#no ip route-cache

Router(config)#interface

Router(config-if)#no ip route-cache


2) Create an access-list. Define specific traffic you want to monitorbetween hosts. For

example:

Router(config)#access-list 199 permit tcp host x.x.x.x eq host y.y.y.y


Router(config)#access-list 199 permit tcp host y.y.y.y eq host x.x.x.x



3) If you are in a telnet session into the router turn "terminal monitor" on.

Router#term mon

If you are in a console session into the router, then the "logging console" command.

Router(config)#logging console


4)Finally the debug command.

Router#debug ip packet 199 detail

Where 199 is the access-list # we created.


5)Use the "un all" command to turn it off.

Router#un all


Here is a link also where you can find this procedure.

Using the Debug command.


http://www.cisco.com/warp/public/63/ping_traceroute.html#usingdbg


If you turn on "process switching" on only one interface, you will only be able to debug

traffic on that particular interface as well.


Actions

This Discussion