Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
11322
Views
4
Helpful
6
Replies

Debugging ping on Switch/Router

Go to solution
JohnTylerPearce
Level 7
Level 7

‎01-03-2012 07:04 AM - edited ‎03-07-2019 04:08 AM

Hey, I was trying to debug some ping packets but I am having a diffucult time. I've been able to do this before but for some reason it's not working.

I have done the following configuration.

access-list 111 permit icmp host a.a.a.a host z.z.z.z

debug ip packet 111 detail

Now, I know for a fact that ping connectivity works, but I just can't see the debugs of it. I'm pretty sure I'm typing the correct

debug configuration commands?

I put the configuration on the core switch of the destination I'm trying to ping.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎01-03-2012 07:48 AM

Hi,

you won't see any debug for packets that are not processed switched( not locally generated or destined to the device you have the debug going on.

and secondly by default if you're connected to a terminal line you must enable terminal monitor and send the logs to the terminal with the logging monitor debug command.

Please rate if helpful.

Regards.

Alain

Don't forget to rate helpful posts.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
viswamin
Cisco Employee
Cisco Employee

‎01-03-2012 07:32 AM

CAn you check the ACL counter hits ? do you see the counter increase ?

just curious to know if the ACL is working because the debug is based on the ACL.

-Vijay

0 Helpful

Go to solution
JohnTylerPearce
Level 7
Level 7
In response to viswamin

‎01-03-2012 07:45 AM

When I do a 'show access-list 111' I don't see any hits. All I see is the ACL statement.

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni

‎01-03-2012 07:48 AM

Hi,

you won't see any debug for packets that are not processed switched( not locally generated or destined to the device you have the debug going on.

and secondly by default if you're connected to a terminal line you must enable terminal monitor and send the logs to the terminal with the logging monitor debug command.

Please rate if helpful.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

Go to solution
JohnTylerPearce
Level 7
Level 7
In response to cadet alain

‎01-03-2012 08:21 AM

Cadet, is this because the core switch is technically a pass-through router so to speak, and doesn't actually generate the packet itself?

0 Helpful

Go to solution
JohnTylerPearce
Level 7
Level 7
In response to JohnTylerPearce

‎01-03-2012 08:24 AM

I think I know what you mean. Technically you can only debug the source and destination because they actually process this via software and not hardware. The intermediate devics technically use whatever switching method via hardware *unless process switch* and you can't debug hardware switching?

0 Helpful

Go to solution
rsimoni
Cisco Employee
Cisco Employee
In response to JohnTylerPearce

‎01-03-2012 08:40 AM

that is correct! switches handle transit traffic in hw, while debugs are configured at software level in IOS which will never see the transit traffic pass.

On the contrary if you ping with options you will see the packets showing up in debugs as IP options are not handled in hardware but in software.

regards,

Riccardo

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card