Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

DEBUG

debug ip packet with ACL no output displayed on cisco 7600 routers

What could be the issue??

5 REPLIES
Hall of Fame Super Gold

Re: DEBUG

Mohammad

There are several things that might cause this issue. I suggest that you check on these things:

- did you issue the command terminal monitor before running the debug? If you are accessing the router remotely (telnet or SSH) then terminal monitor will send a copy of log messages to your session. If you do not enter terminal monitor then no copy of the debug output goes to your session.

- did you change the severity level of output going to the monitor logging? You can check this by looking at the output at the beginning of the show log command.

- did you try looking in the output of show log for the debug output? This can be helpful if you forgot to use terminal monitor.

- is it possible that no IP packets matched the conditions in your access list. Perhaps you can post the access list so we can check it.

HTH

Rick

New Member

Re: DEBUG

I already checked all as suggested?Shall I disable ip cef and fast switchig to get debug output.As one of cisco doc says to get debug ip packet ACL you should enable process switching?

See the link

http://www.cisco.com/en/US/tech/tk801/tk379/technologies_tech_note09186a008017874c.shtml

Hall of Fame Super Gold

Re: DEBUG

Mohammad

Yes you should enable process switching. (and remember to enable cef again after debug is completed)

HTH

Rick

New Member

Re: DEBUG

Isn't going to be destructive if I disable cef when I am running MPLS.Is there no other way?

Re: DEBUG

Hi Mohammed,

Why don't you use the "debug ip cef packet" command:

Router#debug ip cef packet all ?

input Apply to ingress traffic

output Apply to egress traffic

Router#debug ip cef packet all in

Router#debug ip cef packet all input ?

<1-199> IP access list (standard or extended)

<1300-2699> IP expanded access list (standard or extended)

rate rate limit

Router#debug ip cef packet all input r

Router#debug ip cef packet all input rate ?

<0-100> msg/s, 0 not rate limited

You can replace the "all" with whichever interface you want, and please be as specific as you can using specific interface, ACL and rate if we are talking about an in production router.

BR,

Mohammed Mahmoud.

219
Views
0
Helpful
5
Replies
CreatePlease to create content