Global debugging
When configuring a Cisco router, the boundaries between global and interface commands are obvious. In this case, we use "Global" to identify commands that cannot be used for interface debugging or specific transmission media types and Protocol debugging. For example, in vrouters 2500, you can use Debugging commands to analyze the Cisco Discovery Protocol (CDP ). We remotely log on to the vrotelnet through telnet. By default, the output of the DEBUG command is sent to the console. If it is in a telnet session, we can use the terminal monitor command to view the output.
Interface debugging
The debug serial interface command is a debugging command directly related to the router interface and transmission media type. In the following example, the serial interface is encapsulated by HDLC. End-to-End HDLC keeps Active packets exchanged every 10 seconds. This indicates that the link operation is normal and the Layer 2 operation is normal. The show interface serial0 command indicates that the line protocol is started normally. Use the undebug all command to disable all debugging tasks.
YH-Router#debug serial interfaceSerial network interface debugging is on YH-Router# Jun 1 21:54:55 PDT:Serial0: HDLC myseq 171093, mineseen 171093*, yourseen 1256540,line up Jun 1 21:55:05 PDT:Serial0: HDLC myseq 171094, mineseen 171094*, yourseen 1256541,line up Jun 1 21:54:15 PDT:Serial0: HDLC myseq 171095, mineseen 171095*, yourseen 1256542,line up YH-Router#undebug all All possible debugging has been turned off |
Protocol debugging
The following are two examples of protocol debugging. Both examples are related to the IP protocol. Of course, the DEBUG command applies to all other protocols.
The first example (as shown below) shows ARP debugging. ARP Debugging starts, then clears the ARP cache, and generates ARP requests and responses. First, we use the command to clear all ARP caches on the vro. Therefore, each LAN segment connected to the vro。 generates an ARP packet. Because we do not need to generate too many ARP packets, the selected router is connected to only one Ethernet segment.
YH-Router#debug arpARP packet debugging is on YH-Router#clear arp YH-Router# *Jun 1 21:57:36 PDT: IP ARP: sent req src 171.136.10.1 00e0.1eb9.bbcd dst 171.136.10.34 00a0.24d1.5823 Ethernet0 *Jun 1 21:57:36 PDT: IP ARP: sent req src 171.136.10.1 00e0.1eb9.bbcd dst 171.136.10.10 0080.5f06.ca3d Ethernet0 ...... *Jun 1 21:57:36 PDT: IP ARP: rcvd req src 171.136.10.10 0080.5f06.ca3d, dst 171.136.10.1 Ethernet0 *Jun 1 21:57:36 PDT: IP ARP: creating entry for IP address:171.136.10.10,hw: 0080.5f06.ca3d ...... |
The second example (as shown below) shows ip rip debugging. The vro table is not cleared at the beginning of the debugging. Because the vro performs a RIP update every 30 seconds, you do not need to update it forcibly. Similar to the first example, all debugging tasks should be disabled after sufficient information is obtained.
YH-Router#debug ip rip events RIP event debugging is on YH-Router# NOV 27 13:55:45 PST: RIP: sending v1 update to 255.255.255.255 via TokenRing1/0 (165.48.65.136) NOV 27 13:55:45 PST: RIP: Update contains 25 routes NOV 27 13:55:45 PST: RIP: Update queued NOV 27 13:55:45 PST: RIP: Update contains 6 routes NOV 27 13:55:45 PST: RIP: Update queued NOV 27 13:55:45 PST: RIP: Update sent via TokenRing1/0 ...... YH-Router#undeb all All possible debugging has been turned off |
Ping Command
Ping is the most commonly used troubleshooting command. It consists of a group of ICMP response request packets. If the network runs normally, a group of response packets will be returned. ICMP messages are transmitted using IP data packets. Therefore, when an ICMP response message is received, the connections below Layer 3 are working normally.
Cisco's ping command not only supports the IP protocol, but also supports most other desktop protocols, such as ping commands for IPX and AppleTalk protocols. First, let's take a look at the execution of ping commands supporting the IP protocol in user EXEC mode, and then discuss the many powerful functions of the extended ping command in privileged mode.
User Execution Mode
A simple ip ping operation can be performed in user mode or in privileged mode. Under normal circumstances, the command will send back five response requests. The five exclamation points indicate that all requests have successfully received the response. The output also contains the maximum, minimum, and average round-trip time information.
Every "!" Indicates that an echo response is successfully accepted. If it is not "!" The reason why the echo response is not received:
! Response received · Request timeout U destination inaccessible P protocol not reachable N Network inaccessible Q source Suppression M cannot be segmented ? Unknown Message Type |
The ipx ping ipx command can only be executed on routers running IOS v 8.2 and later versions. In user mode, IPX ping is generally only used to test the Cisco router interface. In privileged mode, you can ping a specific NOVELL workstation. The command format is "ping ipx IPX address ".
Appletale ping the command to use Apple Echo Protocol (AEP) to confirm the connectivity between AppleTalk nodes. Note that the current Cisco router only supports the Apple Echo Protocol for Ethernet interfaces. The command format is "ping apple Appletalk address ".
Privileged Execution Mode
In privileged mode, the extended ping command applies to any Desktop Protocol. It contains more functional attributes, so you can obtain more detailed information. Through this information, we can analyze the causes of network performance degradation, not just service loss. The execution method of the extended ping command is also ping. Then the router prompts different attributes.
Use extended ip ping as follows:
YH-Router#ping Protocol [ip]: Target IP address: 165.48.183.12 Repeat count [5]: 10 Datagram size [100]: 1600 Timeout in seconds [2]: Extended commands [n]: y Source address or interface: 165.48.48.3 Type of service [0]: Set DF bit in IP header? [no]: Data pattern [0xABCD]: Loose, Srict, Record, Timestamp, Verbose[none]: Sweep range of sizes [n]: Type escape sequence to abort. Sending 10, 1600-byte ICMP Echoes to 165.58.183.12, timeout is 2 seconds: !!!!!!!!!! Success rate is 100 percent (10/10), round-trip min/avg/max = 36/39/48 ms |
First, we will discuss various available attributes of ping in privileged mode. The default values of each attribute are displayed in brackets.
Protocol to be tested.
Target address: The Target address of the test.
Repeat count indicates the number of times of repeated ping if intermittent failure occurs or the response time is too slow.
Datatesize if the message is suspected to be lost due to long delay or segment failure, the packet size can be increased. For example, we can use a 1600-byte message to force segmentation.
Timeout can be increased if it is suspected that the Timeout is due to slow response rather than packet loss.
Extended commands answered "OK" to obtain the Extended attributes.
Source address must be the address of the router interface.
Type of service is a property defined by RFC 791 TOS. The default value is 0.
Set DF bit in IP header? By setting the DF bit to disable segmentation, even if the packet exceeds the MTU defined by the router, segmentation is prohibited.
Data pattern [0 xABCD] can test the line noise by changing the Data mode.
Loose, Strict, Record, Timestamp, and Verbose [none] are all attributes of the IP packet header. Generally, only the Record attribute and Verbose attribute are used. Other attributes are rarely used. Record can be used to Record the address of each hop of a message. The Verbose attribute specifies the response time of each response ..
Sweep range of sizes [n] This attribute is mainly used to test faults such as the loss of large packets, slow processing speed, or failed segmentation.
Extend ipx ping the extended IPX ping also allows you to modify parameters, such as the packet size and number of duplicates. Another enhancement attribute of ping in user mode is the NovellStandard echo attribute. With this attribute, You can ping the workstation that loads IPX. If this attribute is disabled, the Novell IPX devices do not respond to ping because they do not support the Cisco proprietary IPX ping protocol. You can modify the properties of devices to make them support this feature.
Extended appletalk ping: the EXTENDED AppleTalk ping command is used to enhance the ping in user mode, which is similar to the extended ipx ping command. You can also select Verbose and other attributes like the IP address and IPX extended ping.
Trace command
The trace command provides information about each hop from the router to the destination address. It is implemented by controlling the TTL field of IP packets. The ICMP Response Request packet whose TTL is equal to 1 will be sent first. The first vro in the path will discard the message and send a message that identifies the error message. An error message is usually an ICMP timeout message, indicating the next hop of the packet to reach the path smoothly or the port cannot reach the message, indicating that the message has been received by the destination address but cannot be transferred to the IP protocol stack.
To obtain the round-trip delay time information, trace sends three packets and displays the average delay time. Add the TTL field of the packet to 1 and send three packets. These packets will arrive at the second vro in the path and return a timeout error or a port inaccessible message. This method is used repeatedly to increase the value of the TTL field of the message until the Response Message of the target address is received.
In some cases, using the trace command may cause a fault. Because IOS has a bug related to the trace command. Information about these bugs can be obtained from CCO. Another problem is that some target sites do not respond to ICMP port inaccessible messages. When the command output displays a series of asterisks (*), such sites may be encountered. The user can interrupt command execution by using the Ctrl-Shift-6.
The output of a simple trace command in user execution mode is shown below. The distance to the destination is 3 hops. The Response Message of the three packets whose TTL value is 1 is an ICMP timeout error, and the IP addresses of the returned packets are two. Because vro1 1 and vro2 2 are in the same CIDR Block and the distance between them and vro3 3 is a hop, these vrouters respond to the report.
Router3 # trace 171.144.1.39 Type escape sequence to abort. Tracing the route to Router9 (171.144.1.39) 1 Router2 (165.48.48.2) 0 msec Router2 (165.48.48.2) 0 msec Router1 (165.48.48.1) 0 msec 2 165.48.48.129 12 msec Router6 (165.48.49.129) 12 msec 12 msec 3 Router4 (171.133.1.2) 12 msec 12 msec Router9 (171.144.1.39) 12 msec 12 msec Router3 The following lists the different characters in the output of the IP trace command and their meanings: The round-trip delay (in milliseconds) of XY msec before receiving the Response Message) * Message timeout ? The message type cannot be identified. U port inaccessible P protocol not reachable N Network inaccessible H host inaccessible Q icmp Source Suppression |
In privileged mode, extended Trace can be used to extend many attributes of the ping command. Special attributes of the extended trace command include:
Numeric display by default, the output of the trace command includes both the IP address and the corresponding DNS domain name. If you do not need to display the DNS domain name, you can use this attribute.
The default value of Probe count is 3, which can be adjusted as needed.
TTL value can be changed between the maximum and minimum TTL values.
Port number is a very useful property that enables engineering and technical personnel to track specific transport layer ports. Therefore, you can not only check the IP connectivity between the source end and the target end, but also check whether the high-level service is accessible.
Another problem related to the trace command is that if multiple paths reach the destination, the source address of the returned message may be different. In this case, you need to carefully compare the delay time of different returned packets. If you still cannot obtain clear results, you can remotely access one or more routers in the path and use the trace command to access the Source and Destination addresses.(