Thursday, February 2, 2012

Debug command in Cisco devices

You can only debug what the router process in software  but not hardware. Hardware processing can not be debuged because it is actually not processed but instead forwarded by a hardware controller by cisco CEF.

Only the source and destination of the data can debug it because they processed it in software

If you want your router to see the data then you will have to force it to process the packets in software
you can do this by entering these commands under the interfaces where data is passing through

int e0/1
no ip route-cache

no ip cef

All packets will be processed by the router software.. and so any debug matching the data will be displayed. For example, you can now configure this on the router: 

(config)access-list 100 permit icmp any any log-input
#debug ip packet 100 detail

R2#debug ip packet 100 detail 
IP packet debugging is on (detailed) for access list 100
*Feb  2 12:06:28.063: %SEC-6-IPACCESSLOGDP: list 100 permitted icmp (Ethernet1/3 ) -> (0/0), 1 packet  *Feb  2 12:06:28.063: IP: s= (Ethernet1/3), d=, len 100, input feature*Feb  2 12:06:28.063:     ICMP type=8, code=0, MCI Check(64), rtype 0, forus FALSE, sendself FALSE, mtu 0*Feb  2 12:06:28.063: IP: tableid=0, s= (Ethernet1/3), d= (Serial2/0), routed via RIB*Feb  2 12:06:28.063: IP: s= (Ethernet1/3), d= (Serial2/0), g=, len 100, forward*Feb  2 12:06:28.063:     ICMP type=8, code=0*Feb  2 12:06:28.063: IP: s= (Ethernet1/3), d= (Serial2/0), len 100, sending full packet*Feb  2 12:06:28.063:     ICMP type=8, code=0*Feb  2 12:06:28.075: IP: s= (Serial2/0), d=, len 100, input feature*Feb  2 12:06:28.075:     ICMP type=0, code=0, MCI Check(64), rtype 0, forus FALSE, sendself FALSE, mtu 0*Feb  2 12:06:28.075: IP: tableid=0, s= (Serial2/0), d= (Ethernet1/3), routed via RIB*Feb  2 12:06:28.075: IP: s= (Serial2/0), d= (Ethernet1/3), g=, len 100, forward

No comments:

Post a Comment