debugging a traffic of a specific IP on cisco routers

amino1982 · ‎05-13-2008

Hello,

if i need to debug the traffic of only one ip address on a cisco router , how can i do this??

i know that an access list may be used , but please clarify the method for me?

amritpatek · ‎05-19-2008

DEBUG TRAFFIC BASED ON AN ACCESS LIST:

The debug procedure is the following:

PLEASE make sure to use this commands very carefully. If there's a lot of traffic between

hosts you may crash the router.

1) Turn "on" process switching under both interfaces in the router.

Router(config)#interface

Router(config-if)#no ip route-cache

Router(config)#interface

Router(config-if)#no ip route-cache

2) Create an access-list. Define specific traffic you want to monitorbetween hosts. For

example:

Router(config)#access-list 199 permit tcp host x.x.x.x eq host y.y.y.y

Router(config)#access-list 199 permit tcp host y.y.y.y eq host x.x.x.x

3) If you are in a telnet session into the router turn "terminal monitor" on.

Router#term mon

If you are in a console session into the router, then the "logging console" command.

Router(config)#logging console

4)Finally the debug command.

Router#debug ip packet 199 detail

Where 199 is the access-list # we created.

5)Use the "un all" command to turn it off.

Router#un all

Here is a link also where you can find this procedure.

Using the Debug command.

If you turn on "process switching" on only one interface, you will only be able to debug

traffic on that particular interface as well.

amino1982 · ‎08-17-2008

Thank You for your help