Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Traffic Capture on Cisco ASR 1002 Routers

Hi,

I have to set up a traffic capture on my Cisco ASR 1002 router. The router is under 12.2(33)XNB2, RELEASE SOFTWARE (fc2) version.

My configuration is like below:

BB-1(config)#monitor session 1 type local

BB-1(config-mon-local)#source interface gigabitEthernet 0/0/0

BB-1(config-mon-local)#destination interface gigabitEthernet 0/0/3

It doesn't work. No packet seems to be captured on my traffic Sniffer plugged in Gi0/0/3.

Thanks for you help,

Regards,

Ju

  • WAN Routing and Switching
6 REPLIES
New Member

Re: Traffic Capture on Cisco ASR 1002 Routers

I haven't tried it on the ASR yet. Maybe zone security gets in the way?

At any rate, depending on what you need it for, "debug ip packet #ACL" works for debugging. Not the same thing I know.

New Member

Re: Traffic Capture on Cisco ASR 1002 Routers

Thank you for your solution, but it's not really what I'm looking for. I want to capture all L2 and L3 packets between Provider Switch and my ASR router.

I hope someone else can help me.

New Member

Re: Traffic Capture on Cisco ASR 1002 Routers

I tried to set this up also on my ASR 1002 Version 12.2(33)XNE and all I can seem to capture is the odd ethernet frame that Wireshark identifies as a DEC DNA Remote Console frame.

My monitor session config looks like this:

Session 1
---------
Type                   : Local Session
Status                 : Admin Enabled
Source Ports           :
    Both               : Gi0/0/0
Destination Ports      : Gi0/1/0

interface configs looks like this:

interface GigabitEthernet0/0/0
description SSH FEED
bandwidth 50000
ip address 10.1.2.3 255.255.255.248
ip access-group EXTERNAL-FIREWALL in
no ip redirects
ip nat outside
ip virtual-reassembly
ip route-cache same-interface
ip policy route-map IPSEC-ROUTEMAP
no negotiation auto
crypto map GENERIC
end

interface GigabitEthernet0/1/0
no ip address
negotiation auto
end

Any ideas as to why I'm not capturing any of the traffic I expect to see leaving Gi0/0/0 .

Thanks.

John

New Member

Re: Traffic Capture on Cisco ASR 1002 Routers

I dunno, the devel team is too busy adding support for VTP over MPLS with VRF-aware QinQ DPI pruning?  :-)

I still haven't tried monitor sessions on mine, but I do note there is a "debug monitor" command, in case you hadn't noticed it.

New Member

Re: Traffic Capture on Cisco ASR 1002 Routers

Thanks... didn't know about the "debug monitor" command so I tried it and guess what?? It revealed nothing. Nada. No surprise there.

Hall of Fame Super Gold

Re: Traffic Capture on Cisco ASR 1002 Routers

It works a little different on the ASR

on IOS:

debug platform hardware qfp active feature ipsec datapath trace
debug platform hardware qfp active feature ipsec datapath info


RP console -- telnet to fp console (telnet fp0-0)

fp console:

tail -f cpp_cp_F0-0.log

(Thanks Trent!!)

3843
Views
0
Helpful
6
Replies