01-03-2012 07:04 AM - edited 03-07-2019 04:08 AM
Hey, I was trying to debug some ping packets but I am having a diffucult time. I've been able to do this before but for some reason it's not working.
I have done the following configuration.
access-list 111 permit icmp host a.a.a.a host z.z.z.z
debug ip packet 111 detail
Now, I know for a fact that ping connectivity works, but I just can't see the debugs of it. I'm pretty sure I'm typing the correct
debug configuration commands?
I put the configuration on the core switch of the destination I'm trying to ping.
Solved! Go to Solution.
01-03-2012 07:48 AM
Hi,
you won't see any debug for packets that are not processed switched( not locally generated or destined to the device you have the debug going on.
and secondly by default if you're connected to a terminal line you must enable terminal monitor and send the logs to the terminal with the logging monitor debug command.
Please rate if helpful.
Regards.
Alain
01-03-2012 07:32 AM
CAn you check the ACL counter hits ? do you see the counter increase ?
just curious to know if the ACL is working because the debug is based on the ACL.
-Vijay
01-03-2012 07:45 AM
When I do a 'show access-list 111' I don't see any hits. All I see is the ACL statement.
01-03-2012 07:48 AM
Hi,
you won't see any debug for packets that are not processed switched( not locally generated or destined to the device you have the debug going on.
and secondly by default if you're connected to a terminal line you must enable terminal monitor and send the logs to the terminal with the logging monitor debug command.
Please rate if helpful.
Regards.
Alain
01-03-2012 08:21 AM
Cadet, is this because the core switch is technically a pass-through router so to speak, and doesn't actually generate the packet itself?
01-03-2012 08:24 AM
I think I know what you mean. Technically you can only debug the source and destination because they actually process this via software and not hardware. The intermediate devics technically use whatever switching method via hardware *unless process switch* and you can't debug hardware switching?
01-03-2012 08:40 AM
that is correct! switches handle transit traffic in hw, while debugs are configured at software level in IOS which will never see the transit traffic pass.
On the contrary if you ping with options you will see the packets showing up in debugs as IP options are not handled in hardware but in software.
regards,
Riccardo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide