10-16-2006 01:40 AM - edited 03-05-2019 12:15 PM
Hi
I'm trying to find where my routing is going wrong. To understand it I'm trying to use the debug command, although I'm having no luck. I'm looking for packets from 10.222.6.36 to 192.168.16.21. Can someone please show me how to do this?
Thanks
Dan
10-16-2006 02:05 AM
Hi Dan,
You can configure an extended ACL with source as 10.222.6.36 and destination as 192.168.16.21 and call that ACL in debug ip packet
debug ip packet
HTH
Ankur
10-16-2006 02:21 AM
Also make sure that you disable fast switching as fast switched packets are not sent to debug
Narayan
10-16-2006 02:32 AM
Hi
What is fast-switching, and will it affect my network? Also how do I disable it?
Thanks
Dan
10-16-2006 02:24 AM
Hi
Thanks for the info. How do I create a an extended ACL. My router only allows me to do the following:
conf t
ip access-list extended 219 ?
It won't allow me to enter any thing else?
Thanks
Dan
10-16-2006 02:42 AM
Hi
Just as an update I found that the ip access-list command is for something else and that there is an access-list command.
I ran the following:
access-list 119 permit ip 10.222.6.36 0.0.0.0 192.168.16.0 0.0.0.255
Then I ran:
debug ip packet 119
then:
term mon
but I didn't get any output. What else needs to be done for this to work?
Thanks
Dan
10-16-2006 05:30 AM
Dan
As another post pointed out packets that are fast switched (or cef switched) are not seen by debug. Fast switching (and cef switching) are enabled by default. To disable them you would configure no ip route-cache on the inbound and the outbound interfaces.
You asked a very perceptive question when you asked about the impact of turning off fast switching (or cef switching). Turning these off will force every packet to be process switched. This will drive up the load on the CPU and certainly has the liklihood of impacting performance of your router.
Depending on what you are looking for there might be an alternative that would not have the performance impact. If you were to configure this:
access-list 119 permit ip host 10.222.6.36 192.168.16.0 0.0.0.255 log
access-list 119 permit ip any any
(note the added parameter log at the end of the first statement) and apply the access list to the interfaces it would create log messages if it saw any of the traffic. This would confirm the existance of the traffic which seems to be what you were trying to do with debug ip packet.
HTH
Rick
10-16-2006 05:45 AM
Hi,
before attempting to understand IP routing through the use of debugging I would rather have a look at the IP routing table. As already denoted, debugging might have a dramatic effect on CPU load of the router and might even lead to a reboot.
Can you provide more information on the specific problem you are trying to address? What is the config and routing table looking like?
Regards, Martin
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide