RE: debug command [7:4966]
If you want to see packets that are actually going through the router you can use the debug ip packet command with the dump option. The dump option is hidden and use it at your own risk. You'll also need to disable any route caching that the router maybe doing. If you don't you'll only see packets that are process switched. Remember turning off route caching can create high CPU utilization. In a production environment you should never use the debug ip packet command without using an access-list with it. Well it may not be a real Sniffer but it's better than nothing if it's all you have ;) Brian Dennis, CCIE #2210 (RS)(ISP/Dial) CCSI #98640 5G Networks, Inc. [EMAIL PROTECTED] (925) 260-2724 R1(config)#access-list 150 permit icmp any any R1(config)#^Z R1#deb ip pack 150 dump IP packet debugging is on (dump) for access list 150 R1# IP: s=172.16.1.50 (local), d=172.16.1.4 (Ethernet0), len 74, sending 04015510: 0C3D9FCA 00609771...=.J.`.q 04015520: 5B930800 453C 1CBF FF0144AB [...E.. R1# IP: s=172.16.1.50 (local), d=172.16.1.4 (Ethernet0), len 74, sending 0401C740:.. 0401C750: 0C3D9FCA 00609771 5B930800 453C .=.J.`.q[...E.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, May 18, 2001 1:17 PM To: [EMAIL PROTECTED] Subject: Re: debug command [7:4966] My guess it that the debug ip udp command will let you look at UDP packets generated by the router but not UDP packets forwarded by the router. You wouldn't want to slow down the router and ask it to look above the IP layer to see if it's a UDP packet and then display it on the console if it were. Try generating DNS queries from the router. And get a Sniffer! The router isn't a protocol analyzer. ;-) Priscilla At 06:47 AM 5/18/01, Dwayne Saunders wrote: Hi all, this might be a stupid question but when you use the debug ip udp on a rsm blade of a catalyst 5500 what output would you expect to see. dns on one side mail server on the other. I am getting no output at all when I do a domain lookup from the mail server to the dns is this correct or am I meant to see that traffic log to the console D'Wayne Saunders CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5096t=4966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: debug command [7:4966]
Thank you as this is all I have ( not allowed to install sniffer on secure network), it worked for the purpose that I needed D'Wayne Saunders -Original Message- From: Brian Dennis [mailto:[EMAIL PROTECTED]] Sent: Saturday, 19 May 2001 16:32 To: [EMAIL PROTECTED] Subject: RE: debug command [7:4966] If you want to see packets that are actually going through the router you can use the debug ip packet command with the dump option. The dump option is hidden and use it at your own risk. You'll also need to disable any route caching that the router maybe doing. If you don't you'll only see packets that are process switched. Remember turning off route caching can create high CPU utilization. In a production environment you should never use the debug ip packet command without using an access-list with it. Well it may not be a real Sniffer but it's better than nothing if it's all you have ;) Brian Dennis, CCIE #2210 (RS)(ISP/Dial) CCSI #98640 5G Networks, Inc. [EMAIL PROTECTED] (925) 260-2724 R1(config)#access-list 150 permit icmp any any R1(config)#^Z R1#deb ip pack 150 dump IP packet debugging is on (dump) for access list 150 R1# IP: s=172.16.1.50 (local), d=172.16.1.4 (Ethernet0), len 74, sending 04015510: 0C3D9FCA 00609771...=.J.`.q 04015520: 5B930800 453C 1CBF FF0144AB [...E.. R1# IP: s=172.16.1.50 (local), d=172.16.1.4 (Ethernet0), len 74, sending 0401C740:.. 0401C750: 0C3D9FCA 00609771 5B930800 453C .=.J.`.q[...E.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Priscilla Oppenheimer Sent: Friday, May 18, 2001 1:17 PM To: [EMAIL PROTECTED] Subject: Re: debug command [7:4966] My guess it that the debug ip udp command will let you look at UDP packets generated by the router but not UDP packets forwarded by the router. You wouldn't want to slow down the router and ask it to look above the IP layer to see if it's a UDP packet and then display it on the console if it were. Try generating DNS queries from the router. And get a Sniffer! The router isn't a protocol analyzer. ;-) Priscilla At 06:47 AM 5/18/01, Dwayne Saunders wrote: Hi all, this might be a stupid question but when you use the debug ip udp on a rsm blade of a catalyst 5500 what output would you expect to see. dns on one side mail server on the other. I am getting no output at all when I do a domain lookup from the mail server to the dns is this correct or am I meant to see that traffic log to the console D'Wayne Saunders CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5103t=4966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
debug command [7:4966]
Hi all, this might be a stupid question but when you use the debug ip udp on a rsm blade of a catalyst 5500 what output would you expect to see. dns on one side mail server on the other. I am getting no output at all when I do a domain lookup from the mail server to the dns is this correct or am I meant to see that traffic log to the console D'Wayne Saunders CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4966t=4966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: debug command [7:4966]
My guess it that the debug ip udp command will let you look at UDP packets generated by the router but not UDP packets forwarded by the router. You wouldn't want to slow down the router and ask it to look above the IP layer to see if it's a UDP packet and then display it on the console if it were. Try generating DNS queries from the router. And get a Sniffer! The router isn't a protocol analyzer. ;-) Priscilla At 06:47 AM 5/18/01, Dwayne Saunders wrote: Hi all, this might be a stupid question but when you use the debug ip udp on a rsm blade of a catalyst 5500 what output would you expect to see. dns on one side mail server on the other. I am getting no output at all when I do a domain lookup from the mail server to the dns is this correct or am I meant to see that traffic log to the console D'Wayne Saunders CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5059t=4966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: debug command [7:4966]
Keep in mind also that fast switching is probably enabled on your RSM, which will not allow you to see most packets routed through the router with commands such as 'debug ip packet'. -brad At 04:17 PM 05/18/2001 -0400, Priscilla Oppenheimer wrote: My guess it that the debug ip udp command will let you look at UDP packets generated by the router but not UDP packets forwarded by the router. You wouldn't want to slow down the router and ask it to look above the IP layer to see if it's a UDP packet and then display it on the console if it were. Try generating DNS queries from the router. And get a Sniffer! The router isn't a protocol analyzer. ;-) Priscilla At 06:47 AM 5/18/01, Dwayne Saunders wrote: Hi all, this might be a stupid question but when you use the debug ip udp on a rsm blade of a catalyst 5500 what output would you expect to see. dns on one side mail server on the other. I am getting no output at all when I do a domain lookup from the mail server to the dns is this correct or am I meant to see that traffic log to the console D'Wayne Saunders CCNA FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Priscilla Oppenheimer http://www.priscilla.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5090t=4966 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
