Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Purple

3550 debug ip packet

We are trying to debug ip packet on a 3550 and we are getting very little showing up in term mon . We are using a access list to capture conversation to one address . For some reason we are not seeing all the packets , we have turned off any kind of route caching , cef , and standard fast switching on the interfaces and we still are not seeing anything from out side the box . If we ping from directly on the 3550 out to the device we see the packets , if we ping from outside the 3550 we never see the packets . Anybody have any ideas on why we aren't seeing the packets ?

6 REPLIES
Gold

Re: 3550 debug ip packet

Is'nt the 3550 MLS switched, or hardware switched in some way? You'd have to turn off the hardware based switching, rather than CEF, to force everything to process based switching--and the box may not even be able to handle the traffic load using process based switching.

Russ.W

Bronze

Re: 3550 debug ip packet

I believe 3550's are hardware CEF -- I'm not aware of a command that will turn off hardware switching. Note that "debug ip packet" isn't listed here: http://www.cisco.com/en/US/products/hw/switches/ps646/products_command_reference_chapter09186a00801cdf02.html

Re: 3550 debug ip packet

Cisco 3550 does CEF in hardware. Most Cisco documents denotes that CEF cannot be disabled on a 3550, because its the core process that helps in MLS.

Purple

Re: 3550 debug ip packet

Yeah this is correct statement as I tried to turn CEf off and comes back and tells you can't do this on this platform . So I don't think this function will work correctly on this platform .

New Member

Re: 3550 debug ip packet

The 3550 is cef-based mls. So IP traffic through the switch is done in HW. You see it when you ping from the 3550 because this is punted to CPU. I don't recommend disabling it ... that is, if it allows you to. Plus, you'd be shooting urself in the foot for performance numbers. Why not SPAN the vlan or port that you are trying to T/S.

Purple

Re: 3550 debug ip packet

It is not something we would leave turned off , we were trying to look at some packets at a remote site where we do not have access to a sniffer where we could span the specific ports . Anyway it doesn't allow you to turn off CEF anyway . Thanks for everyones replies . Have a good holiday season .

220
Views
0
Helpful
6
Replies