Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Debug Ethernet level information on Cisco Routers

Hello,

Is there any way (for example using debug commands)to see Ethernet level information in incoming Ethernet frames.

For example I have Fast Ethernet interface in my router. I would like to debug, what information is receiving this interface.

Debug ip packet details show only information starting from IP level (e.g Source IP, Destination IP, protocol type).

But I would like to see Ethernet level information (e.g. Destination MAC, Source MAC).

Is the any way to do this from the Router CLI interface?

Cisco IOS 12.4.

This is pure theoretical question. Other solutions to solve this problem are known for me (for. example to configure mirror SPAN port on switch to which Router is connected and debug Information with PC Ethereal).

Best Regards,

Tomas Chmelevski

8 REPLIES

Re: Debug Ethernet level information on Cisco Routers

I wish there was a way of doing this ... it would make my life so much simpler. If I could know the MAC address of the packets that are being denied by my access-list, I could track them down. I have searched and found nothing. :-(

Kevin Dorrell

Luxembourg

Hall of Fame Super Silver

Re: Debug Ethernet level information on Cisco Routers

Kevin

The MAC of packets which are denied by ACL is not difficult. Try using log-input in your ACL instead of just log.

As far as a debug or other thing that would do a layer 2 capture type function Ethereal (now wireshark) and other type of packet capture software is the best option for this.

Give it a try and let us know how it works.

HTH

Rick

Re: Debug Ethernet level information on Cisco Routers

Thanks Rick, I didn't know about that. I'll give it a try.

Kevin Dorrell

Luxembourg

Re: Debug Ethernet level information on Cisco Routers

Rick,

Thanks you, that was really really useful. I have already tracked down two rogue configurations with it.

Strangely, it didn't work at first, and I was about to write back and say there was a problem using it on the incoming ACL on an SVI. At first, the log message looked exactly the same as it did before. I had configured it by editing the (named extended) ACL on the fly using line numbers. I guess it didn't get loaded to the ASIC immediately.

Thanks again.

Kevin Dorrell

Luxembourg

Hall of Fame Super Silver

Re: Debug Ethernet level information on Cisco Routers

Kevin

I am glad that it is working and doing what you need. It is odd that it took some time before it started to work. About how long was the delay before it began working?

HTH

Rick

Re: Debug Ethernet level information on Cisco Routers

Rick,

Sorry, I have just been through the syslog, (which logs tha config changes as well as the access-list drops) and I must have been imagining it. I think I got confused with some hits on some lines where I had left the log without the -input.

It's almost the weekend!

Kevin Dorrell

Luxembourg

Purple

Re: Debug Ethernet level information on Cisco Routers

If you get the ip's then all you to do to get the mac is look at the arp tables.

Re: Debug Ethernet level information on Cisco Routers

Sorry, cancelled posting

1701
Views
5
Helpful
8
Replies