Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
659
Views
0
Helpful
7
Replies

Debugging help

dan_track
Level 1
Level 1

‎10-16-2006 01:40 AM - edited ‎03-05-2019 12:15 PM

Hi

I'm trying to find where my routing is going wrong. To understand it I'm trying to use the debug command, although I'm having no luck. I'm looking for packets from 10.222.6.36 to 192.168.16.21. Can someone please show me how to do this?

Thanks

Dan

Labels:
0 Helpful
7 Replies 7

ankbhasi
Cisco Employee
Cisco Employee

‎10-16-2006 02:05 AM

Hi Dan,

You can configure an extended ACL with source as 10.222.6.36 and destination as 192.168.16.21 and call that ACL in debug ip packet

debug ip packet

HTH

Ankur

0 Helpful

royalblues
Level 10
Level 10
In response to ankbhasi

‎10-16-2006 02:21 AM

Also make sure that you disable fast switching as fast switched packets are not sent to debug

Narayan

0 Helpful

dan_track
Level 1
Level 1
In response to royalblues

‎10-16-2006 02:32 AM

Hi

What is fast-switching, and will it affect my network? Also how do I disable it?

Thanks

Dan

0 Helpful

dan_track
Level 1
Level 1
In response to ankbhasi

‎10-16-2006 02:24 AM

Hi

Thanks for the info. How do I create a an extended ACL. My router only allows me to do the following:

conf t

ip access-list extended 219 ?

It won't allow me to enter any thing else?

Thanks

Dan

0 Helpful

dan_track
Level 1
Level 1
In response to ankbhasi

‎10-16-2006 02:42 AM

Hi

Just as an update I found that the ip access-list command is for something else and that there is an access-list command.

I ran the following:

access-list 119 permit ip 10.222.6.36 0.0.0.0 192.168.16.0 0.0.0.255

Then I ran:

debug ip packet 119

then:

term mon

but I didn't get any output. What else needs to be done for this to work?

Thanks

Dan

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to dan_track

‎10-16-2006 05:30 AM

Dan

As another post pointed out packets that are fast switched (or cef switched) are not seen by debug. Fast switching (and cef switching) are enabled by default. To disable them you would configure no ip route-cache on the inbound and the outbound interfaces.

You asked a very perceptive question when you asked about the impact of turning off fast switching (or cef switching). Turning these off will force every packet to be process switched. This will drive up the load on the CPU and certainly has the liklihood of impacting performance of your router.

Depending on what you are looking for there might be an alternative that would not have the performance impact. If you were to configure this:

access-list 119 permit ip host 10.222.6.36 192.168.16.0 0.0.0.255 log

access-list 119 permit ip any any

(note the added parameter log at the end of the first statement) and apply the access list to the interfaces it would create log messages if it saw any of the traffic. This would confirm the existance of the traffic which seems to be what you were trying to do with debug ip packet.

HTH

Rick

HTH

Rick
0 Helpful

mheusinger
Level 10
Level 10
In response to Richard Burts

‎10-16-2006 05:45 AM

Hi,

before attempting to understand IP routing through the use of debugging I would rather have a look at the IP routing table. As already denoted, debugging might have a dramatic effect on CPU load of the router and might even lead to a reboot.

Can you provide more information on the specific problem you are trying to address? What is the config and routing table looking like?

Regards, Martin

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card