cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2378
Views
0
Helpful
2
Replies

Interpreting 'debug ip packet detail' command output

dphilgence
Level 1
Level 1

Hello all,

My company recently added a Proxim wireless device to our network as a backup link to a remote location. We are using a 3560 layer 3 switch with OSPF turned on. I get dropped packets when I connect the PROXIM's ethernet interface to the routed port of the 3560. But it works fine when I use another switch to connect both devices.

I am trying to determine why packets are dropping when the PROXIM is directly connected. I ran a ping and used the 'debug ip packet detail' here is a small sample of the output:

May 14 23:53:37.634:     IP:tableid=0, s=xx.xx.xxx.x (local), d=xxx.xxx.xxx.xxx, len 1600, local feature, Redirection cli(6), rtype 0, forus FALSE, sendself FALSE, mtu 0

May 14 23:53:37.634:     IP:tableid=0, s=xx.xx.xxx.x (local), d=xxx.xxx.xxx.xxx, len 1600, local feature, Clustering cli(6), rtype 0, forus FALSE, sendself FALSE, mtu 0

May 14 23:53:37.634:     IP:tableid=0, s=xx.xx.xxx.x (local), d=xxx.xxx.xxx.xxx, len 1600 (GigabitEthernet0/1), output feature, Check hwidb(63), rtype 1, forus FALSE, sendself FALSE, mtu 0

Are there any documents that would help me decipher some of this output? i have seached through this site and through Google and cannot find anything that would be useful.

Thanks in advance

2 Replies 2

Calin C.
Level 5
Level 5

http://www.cisco.com/en/US/docs/ios/12_0/debug/command/reference/dipdrp.html#wp4599

There is a sample output for debug ip packet detail , but as you can see that traffic si TCP and ICMP and the fields are explained.

The issue is that each traffic is different so the output of this command will be different. I don't know if you can find like a table with all possible outputs and values.

What kind of traffic were you doing when this output came out? This doesn't look like regular traffic, more like control traffic.

Yes, something in tabular form or some type of glossary would be nice.

I created an access-list to allow ICMP packets between the routed port of the switch and the wireless device. I then sent a 1600 byte PING using the IP address of the routed port as the source and the IP address of the wireless device as the destination. I then ran the debug command on the access-list. I was trying to understand what was happening when the packets dropped. Some clues may lay in the output of the command, but I don't understand what some of the fields in the output mean.

I am still searching though. Thanks for the reply.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco