Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Capturing traffic in router.

Hi all,

Id like to ask how I can capture traffic

in Cisco routers? Something like in Cisco PIX firewalls. It is very nice in Cisco PIXs when I can troubleshoot outgoing and incoming traffic throught some interface of PIX.

Any idea?

BR

jl

4 REPLIES
Hall of Fame Super Silver

Re: Capturing traffic in router.

JL

The packet capture in the PIX and ASA is a very helpful feature. Probably the closest thing on a router would be debug ip packet. This command will capture and display each IP packet that the router processes.

I have 2 cautions about using debug ip packet:

- if you need to capture packets you need to make sure that the router CPU is processing the packet. Therefore you may need to force the appropriate interfaces to process switch. Be aware that this will impact performance of the router.

- the debug ip packet tends to produce a lot of output and can impact performance of the router there are several things that you can do to reduce the impact of this debug:

-- do not send the debug output to the console port. Probably the least impact is sending the output to logging buffered or to terminal monitor.

-- use the debug with an access list to limit the data that it will report. You could do something like this:

access-list 199 permit ip any host 192.168.11.3

access-list 199 permit ip host 192.168.11.3 any

debug ip packet 199

This will display only traffic to and from the host 192.168.11.3

I believe this is as close as the router comes. But note that it is not as effective as the capture on PIX and ASA.

HTH

Rick

New Member

Re: Capturing traffic in router.

Rick,

the packet capture in the PIX and ASA is a very helpful feature -it is. And Im looking for something like this to know if my packets go inside/outside one interface and inside/outside other interface.

Any idea?

BR

jl

Hall of Fame Super Silver

Re: Capturing traffic in router.

JL

As I already said the closest solution that I know of for IOS router is debug ip packet. It is not quite the same but it is as close as I know of for IOS.

HTH

Rick

Bronze

Re: Capturing traffic in router.

Hello,

R u looking at capturing some specific classes of traffic in the router?

u can do so by using the ip nbar protocol-discovery command.

This will capture d traffic for an interface

including b/w consuming once like share ware traffic morpheus,kaaza et al.

U can view d output by sh ip nbar protocol-discovery command with many options to view in finer details like traffic counts etc.

Hope this helps/clarifies u .

Please do rate the post so tht it helps each one of us to give useful/proper outputs .

thnk u.

403
Views
7
Helpful
4
Replies