CiscoDebug command important information

This section describes some basic guiding principles for using the debugging functions provided by the CiscoIOS (r) platform, as well as examples of correct use of the debugippacket command and conditional debugging. Note: This document does not describe how to use and explain specific debug commands and outputs. For more information about specific debug commands, see

This section describes some basic guiding principles for using the debugging functions provided on the Cisco IOS (r) platform, as well as examples of correct use of the debug ip packet command and conditional debugging. Note: This document does not describe how to use and explain specific debug commands and outputs. For more information about specific debug commands, see

This section describes some basic guiding principles for using the debugging functions provided on the Cisco IOS (r) platform and the correct use of the debug ip packet.CommandAnd conditional debugging examples.

Note: For how to use and explain specific debugCommandAnd output, which is not described in this article. Specific debugCommandOfInformationRefer to the corresponding Cisco debugCommandReferences.

Debug Privileged EXECCommandProvides diagnostics for various Internet events.InformationThese events generally involve Protocol Status and network behavior.

Prerequisites:

Through the control panel, aux, and vty portsVro.

Basic IOS configuration problems.

IOS debuggingCommandOutput.

Caution when using debugCommand. When solving specific problems, it is generally recommended that you use theseCommand.

When the interconnected network is under high load, enabling the debugging function will interrupt the operation of the router. Therefore, if the log function is enabled, access to the server may experience intermittent interruption when the log message on the control panel port is overloaded.

Start debugCommandAlways consider this beforeCommandThe output and time consumed. For example, if you have configured a basic rateInterface(BRI), the debug isdn q931 may not cause harm to the system. However, if you perform the same debugging on the AS5800 with all E1 configurations, many inputs may be generated, causing the system to "Suspend" or stop responding.

Before debugging, run the show processes cpuCommandTo view the CPU load. Check whether there is sufficient CPU before commissioning.InformationFor more information, see the document "solving the high CPU utilization problem of Cisco routers. For example, if a Cisco 7200 router with an ATM interface is used for bridging, a large number of CPUs may be used to restart the router based on the number of configured sub-interfaces. this is because: For each virtual circuit (VC), the Bridge Protocol Data Unit (BPDU) data packet must be generated. In this caseImportantEnabling the debugging function within the specified time may increase the CPU usage and cause the system to be suspended or the network to be disconnected.

Note: during debugging, especially when a large number of debugging operations are performed, no router prompt appears. However, in most cases, you can use no debug all or undebug allCommandTo stop debugging. More security usage debuggingInformationFor more information, see "Get debugging output.

In addition to the above points, you must also understand the impact of debugging on the platform stability and consider which interface to connect to the router. The following sections provide some guiding principles in this regard.

After obtaining the debugging output, the router can display the debugging output of various interfaces, including the control panel, aux, and vty ports. The router can also record the log messages sent to the internal buffer to the external unix syslog server. The following describes how to use and pay attention to each method:

Control Panel Port

If you connect to the control panel under normal configuration, no additional work is required. Debugging output should be displayed automatically. However, you must ensure that the logging console level is set as required and that the log function is not provided by the no logging consoleCommandDisabled. For moreInformationFor more information, see "use DebugCommand.

Warning excessive debugging on the vro Control Panel port may cause the vro to be suspended. This is because the router automatically assigns priority to the control panel output before performing other router functions. If the router handles large debugging output sent to the control panel port, the router may be suspended. Therefore, if too many debugging outputs appear, use the vty (telnet) port or log buffer to obtain the debugging output. The following provides moreInformation.

Note: by default, the log function on the control panel port is enabled. Even if some other ports or methods (such as Aux, vty, or buffer) are used to capture the output, the control panel Port usually needs to process the debug output. Therefore, we recommend that you always enable the no logging console.CommandAnd use other methods to capture debugging output. If you need to use the control panel, temporarily set the logging console to enabled.

Aux port

If the connection is performed through the Auxiliary port, type terminal monitorCommand. Verify that no logging on the vroCommandWhether it is disabled.

Note: If you use the Aux port to monitor the vro, always Note: When the vro is restarted, The Aux port does not display the startup sequence output. To view the startup sequence, connect to the control panel port.

VTY Port

If you want to connect through the Auxiliary port or remote login, type terminal monitorCommandAnd verify that no logging onCommandWhether it is in unused status.

SetInformationRecord to internal buffer

The default log device is the control panel. Unless other devices are specified, all messages are displayed on the control panel. ToInformationLog on to the internal buffer, use the log buffer router configurationCommand.

ThisCommandThe syntax is as follows:

Logging buffered no logging buffered

Logging bufferedCommandCopy log messages to the internal buffer instead of writing them in the control panel. The buffer has the cyclic feature. New Messages overwrite old messages. To display the messages recorded in the buffer, use the show logging privilege EXECCommand. The displayed 1st messages are the oldest messages in the buffer. You can specify the buffer size andInformationOfImportantLevel.

Tip: ensure that the device has sufficient available memory before entering the buffer size. Use show proc mem IOSCommandTo view available memory.

Use no logging bufferedCommandTo disable the buffer and write messages to the control panel (by default ).

SetInformationRecord to UNIX Syslog Server

ToInformationLog to the syslog server host, use the log router configurationCommand. ThisCommandThe syntax is as follows:

Logging No logging

Use loggingCommandDetermine the syslog server host to receive log messages. The parameter is the IP address of the host. By publishing this CommandTo create a list of syslog servers that receive log messages.

Use no loggingCommandTo delete a syslog server with the specified address in the syslogs list.

For more information about setting syslog serversInformationFor more information, see "use debugging ".Command"Document.

Other preparations before debugging install the terminal simulator software (for example, HyperTerminal) to capture the debugging output to the file. For example, in HyperTerminal, click Transfer, CaptureText, and select the appropriate option. For moreInformationFor more information, see capture text output in Hyperterminal. For other terminal simulator software, see the software documentation.

Use the following service time tagCommandTo enable msec timestamps: router (config) # service timestamps debug datetime msec router (config) # service timestamps log datetime msec.CommandAdd the time tag in the mmm dd hh: MM: SS format to the debugging to display the date and time based on the system clock. If no system clock is set, the date and time are preceded by an asterisk (*), indicating that the date and time may be incorrect.

Generally, a reasonable way is to configure the millisecond time mark, because more advanced accuracy can be achieved when you view the debugging output. The millisecond time mark provides better instructions for Interconnected debugging events. However, it is worth noting that a large number of output ports on the control panelInformation, May not be associated with the actual timing of the event. For example, If debug x25 all is enabled in the box marked with 200 VC and the output is logged to the buffer (no logging console and logging bufferedCommand), The time mark displayed by the debug output (within the buffer range) may not be the accurate time when the data packet passes through the interface. Therefore, do not use the msec time tag to prove the performance, but you can use this time tag to obtain the relative time of the event occurrence.Information.

Stop debugging to stop debugging, use no debug all or undebug allCommand. Use show debugCommandTo verify whether debugging has been disabled.

Note that the no logging console and terminal no monitor can only make the output not on the control panel, Aux or vty, but cannot stop debugging, and therefore use up router resources.

Use the debug ip packetCommandUse the debug ip packetCommandWhich can generate related data packetsInformationThis type of data packet is not quickly converted by the router. However, the output size of each data packet is extended, and the router is in the suspended state. Therefore, as described in this article, only use the debug ip packet under the strictest control.

The best way to limit the output of the debug ip packet is to create an access list with the debugging link. Only packets meeting the access list standards need to use the debug ip packet. This access list does not have to be applied on all interfaces, but it is very suitable for debugging operations.

Before using debugging ip packet, note: by default, the vro performs fast switching or performs CEF switching under specific configurations. That is to say, if these methods are available, no data package is provided to the processor. Therefore, debugging does not display any content. To display debugging content, you must use no ip route-cache (applicable to single-point packet sending) or no ip mroute-cache (applicable to multicast packets) to prohibit fast exchange on the vro. This method applies to the interface of the transmission service. Use show ip routeCommandTo verify this situation.

Warning for vrouters that process a large number of data packets, enabling fast switch on the vro increases CPU utilization, so that the device is in the "suspended" status and the peering connection is lost.

For vrouters that run Multi-Protocol Label (MPLS) switching, do not disable fast switching on the vro. MPLS is used with CEF. Therefore, disabling quick exchange on interfaces can cause serious consequences.

The following is an example scheme: the access list configured on router_122 is:

Access-list 105 permit icmp host 10.10.2 host 13.1.1.1

Access-list 105 permit icmp host 13.1.1.1 host 10.10.10.2

This access list allows all Internet Control Message Protocol (ICMP) packets to be transmitted from the host router_121 (IP Address: 10.10.10.2) to the host router_123 (IP Address: 13.1.1.1) and to other directions. It is very important to allow data packets to be transmitted to any direction.ImportantOtherwise, the router may discard the returned ICMP packet.

Only the quick exchange on router_122 is deleted below. Therefore, from the perspective of IOS intercepting data packets, you can only see debugging of the data packets transmitted to this interface. Through debugging, this type of data packet will appear "d = ". because fast exchange on other interfaces has not been disabled, the returned packet will not use the debug ip packet. the following output shows the process of disabling quick exchange:

Router_122 (config) # interface virtual-template 1
Router_122 (config-if) # no ip route-cache
Router_122 (config-if) # end
Now you must activate the debug ip packet through the previously defined access list (access list 105.

Router_122 # debug ip packet detail 105
The IP packet debugging is on (detailed) for access list 105
Router_122 #
00: 10: 01: IP: s = 13.1.1.1 (seri_3/0), d = 10.10.10.2 (Virtual-Access1 ),
G = 10.10.10.2, len 100, forward

00: 10: 01: ICMP type = 0, code = 0
! -- ICMP packet from 13.1.1.1 to 10.10.10.2
! -- This package is displayed because
! -- It meets the source and target requirements in access list 105.
00: 10: 01: IP: s = 13.1.1.1 (seri_3/0), d = 10.10.10.2 (Virtual-Access1 ),
G = 10.10.10.2, len 100, forward
00: 10: 01: ICMP type = 0, code = 0
00: 10: 01: IP: s = 13.1.1.1 (seri_3/0), d = 10.10.10.2 (Virtual-Access1 ),
G = 10.10.10.2, len 100, forward
00: 10: 01: ICMP type = 0, code = 0

Delete the route entry on other interfaces (router_122. That is to say, all data packets on these two interfaces are now switched by group (as required by the debug ip packet ):

Router_122 (config) # interface serial 3/0
Router_122 (config-if) # no ip route-cache
Router_122 (config-if) # end

Router_122 #
00: 11: 57: IP: s = 10.10.10.2 (Virtual-Access1), d = 13.1.1.1
(Seri_3/0), g = 172.16.1.6, len 100, forward
00: 11: 57: ICMP type = 8, code = 0
! -- ICMP packets from 10.10.10.2 to 13.1.1.1 (send back)
00: 11: 57: IP: s = 13.1.1.1 (seri_3/0), d = 10.10.10.2 (Virtual-Access1 ),
G = 10.10.10.2, len 100, forward
00: 11: 57: ICMP type = 0, code = 0
! -- ICMP return packet from 13.1.1.1 to 10.10.10.2 (send and reply)
00: 11: 57: IP: s = 10.10.10.2 (Virtual-Access1), d = 13.1.1.1 (seri_3/0 ),
G = 172.16.1.6, len 100, forward
00: 11: 57: ICMP type = 8, code = 0
00: 11: 57: IP: s = 13.1.1.1 (seri_3/0), d = 10.10.10.2 (Virtual-Access1 ),
G = 10.10.10.2, len 100, forward
00: 11: 57: ICMP type = 0, code = 0

Note: the output of the debug ip packet does not display any packets that do not conform to the access list standard. More information about this processInformationFor more information about Ping and Traceroute, seeCommand.

For more information about how to create an access listInformationSee the document "Configure IP address access list.

Conditional debugging

When conditional debugging is enabled, the router generates debugging messages for packets sent or received on the router of a specific interface. For packets sent or transmitted through different interfaces, the router does not generate debugging output. More about conditional debuggingInformationFor more information, see "Conditional debugging triggered.

The following describes simple applications with conditional debugging. Consider the following situation: the router (trabol) shown below has two interfaces running HDLC (Serial Port 0 and Serial Port 3 ).

Now, the common debug serial interfaceCommandTo observe the HDLC active on all ports.Information. In this way, we can see the active standbys on these two interfaces.Information.

Traxbol # debug serial interface
Serial network interface debugging is on
Traxbol #
* Mar 8 09:42:34. 851: Serial0: HDLC myseq 28, mineseen 28 *, yourseen 41, line up
! -- Enable HDLC on Serial 0
* Mar 8 09:42:34. 855: seri_3: HDLC myseq 26, mineseen 26 *, yourseen 27, line up
! -- The HDLC on Serial 3 is active
* Mar 8 09:42:44. 851: Serial0: HDLC myseq 29, mineseen 29 *, yourseen 42, line up
* Mar 8 09:42:44. 855: seri_3: HDLC myseq 27, mineseen 27 *, yourseen 28, line up

Now conditional debugging on string Interface 3 is enabled. That is to say, only debugging of string Interface 3 is displayed. Therefore, use the debug interface Command.

Traxbol # debug interface serial 3
Condition 1 set
Show debug condition CommandTo verify whether conditional debugging is enabled. Note that string Interface 3 is activated.
Traxbol # show debug condition
Condition 1: interface Se3 (1 flags triggered)
Flags: Se3
Traxbol #
Note that only debugging of string Interface 3 is displayed:
* Mar 8 09:43:04. 855: seri_3: HDLC myseq 29, mineseen 29 *, yourseen 30, line up
* Mar 8 09:43:14. 855: seri_3: HDLC myseq 30, mineseen 30 *, yourseen 31, line up
To cancel conditional debugging, use the undebug interface Command. You are advised to disable debugging before closing a conditional trigger (for example, using undebug all ). In this way, debugging output flood occurs when conditions are deleted.
Traxbol # undebug interface serial 3
This condition is the last interface condition set.
Removing all conditions may cause a flood of debugging
Messages to result, unless specific debugging flags
Are first removed.
Proceed with removal? [Yes/no]: y
Condition 1 has been removed
Traxbol #
Now we can see the debugging of two string interfaces 0 and string Interface 3.

* Mar 8 09:43:34. 927: seri_3: HDLC myseq 32, mineseen 32 *, yourseen 33, line up
* Mar 8 09:43:44. 923: Serial0: HDLC myseq 35, mineseen 35 *, yourseen 48, line up

Warning some debugging operations are conditional. In this example, atm debugging is used. Through ATM debugging, You can explicitly specify the debugging-enabled interface, instead of enabling debugging on All atm interfaces and specifying a condition.

The following describes how to limit the ATM packet debugging to a subinterface:

Arielle-nrp2 # debug atm packet interface atm 0/0/0.1
! -- Note that we explicitly specify the sub-interface to be used for debugging.
ATM packets debugging is on
Displaying packets on interface ATM0/0/0.1 only
Arielle-nrp2 #
* Dec 21 10:16:51. 891: ATM0/0/0.1 (O ):
VCD: 0x1 VPI: 0x1 VCI: 0x21 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2 TYPE: 0007 Length: 0x278
* Dec 21 10:16:51. 891: 0000 FFFF 0010 7BB9 BDC4 0800 4500 025C 01FE
0000 FF11 61C8 0A30
* Dec 21 10:16:51. 891: 4B9B FFFF 0044 0043 0248 0000 0101 0600 23B7
0000 8000 0000 0000
* Dec 21 10:16:51. 891: 0000 0000 0000 0000 0000 0000 0010 7BB9 BDC3 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 891: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 891: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 891: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 891: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 895: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000 0000
* Dec 21 10:16:51. 895:
Arielle-nrp2 #
When trying to enable the atm debugging on all ports (through applicable conditions), if there are a large number of ATM sub-interfaces on the router, the router may be in the "suspended" status. The following example illustrates the incorrect method of atm debugging.


In this case, you can see that the application is a condition, but you can also see that this application does not work, and you can still see the packets sent by other interfaces. In this lab practice solution, there are only two interfaces and a small number of businesses. If the number of interfaces is large, the debugging output of all interfaces is quite high, and the router can be suspended.

Arielle-nrp2 # show debugging condition
Condition 1: interface AT0/0/0.1 (1 flags triggered)
Flags: AT0/0/0.1
! -- Specify the interface conditions.

Arielle-nrp2 # debug atm packet
ATM packets debugging is on
Displaying all ATM packets
Arielle-nrp2 #
* Dec 21 10:22:06. 727: ATM0/0/0.2 (O ):
! -- Check the debugging from the ATM0/0/0/. 2 interface,
! -- Although the condition only specifies AT0/0/0.1

VCD: 0x2 VPI: 0x5 VCI: 0x37 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2
TYPE: 000E Length: 0x2F
* Dec 21 10:22:06. 727: 0000 0000 0180 0000 running B B9BD C400 0000 0080 0000 running B B9BD
C48008000014
* Dec 21 10:22:06. 727: 0002 000F 0000
* Dec 21 10:22:06. 727: un
* Dec 21 10:22:08. 727: ATM0/0/0.2 (O ):
VCD: 0x2 VPI: 0x5 VCI: 0x37 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2
TYPE: 000E Length: 0x2F
* Dec 21 10:22:08. 727: 0000 0000 0180 0000 running B B9BD C400 0000 0080 0000 running B B9BD
C480 0800 0014
* Dec 21 10:22:08. 727: 0002 000F 0000
* Dec 21 10:22:08. 727: ll
* Dec 21 10:22:10. 727: ATM0/0/0.2 (O ):
VCD: 0x2 VPI: 0x5 VCI: 0x37 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2
TYPE: 000E Length: 0x2F
* Dec 21 10:22:10. 727: 0000 0000 0080 0000 running B B9BD C400 0000 0080 0000 running B B9BD
C480 0800 0014
* Dec 21 10:22:10. 727: 0002 000F 0000
* Dec 21 10:22:10. 727:
* Dec 21 10:22:12. 727: ATM0/0/0.2 (O ):
VCD: 0x2 VPI: 0x5 VCI: 0x37 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2
TYPE: 000E Length: 0x2F
* Dec 21 10:22:12. 727: 0000 0000 0080 0000 running B B9BD C400 0000 0080 0000 running B B9BD
C480 0800 0014
* Dec 21 10:22:12. 727: 0002 000F 0000
* Dec 21 10:22:12. 727:
* Dec 21 10:22:13. 931: ATM0/0/0.1 (O ):
! -- You can also view the debugging of the ATM0/0/0.1 interface as needed.
VCD: 0x1 VPI: 0x1 VCI: 0x21 DM: 0x100 SAP: aaaa ctl: 03 OUI: 0080C2 TYPE: 0007 Length: 0x278
* Dec 21 10:22:13. 931: 0000 FFFF 0010 7BB9 BDC4 0800 4500 025C 027F 0000
FF11 6147 0A30
* Dec 21 10:22:13. 931: 4B9B FFFF 0044 0043 0248 0000 0101 001A 0600 4481
8000 0000 0000
* Dec 21 10:22:13. 931: 0000 0000 0000 0000 0000 0000 0010 7BB9 BDC3 0000 0000 0000
0000 0000 0000
* Dec 21 10:22:13. 931: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000
* Dec 21 10:22:13. 931: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000
* Dec 21 10:22:13. 931: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000
* Dec 21 10:22:13. 931: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000
* Dec 21 10:22:13. 935: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
0000 0000 0000

Cisco for linux
Zhang sir ccie r & S v4.0 video set Linux Forum Cisco Huawei Network Technology
Http://bbs.net527.cn/forum-26-1.html
Http://www.net527.cn/a/luyoujiaohuan/index.html

Http://linux.net527.cn/index.html