Home > Technical > Cisco > Cisco – Limit output of debug ip command

Cisco – Limit output of debug ip command

The best way to limit the output of debug ip packet is to create an access-list that is linked to the debug. Only packets that match the access-list criteria will be subject to debug ip packet. This access-list does not need to be applied on any interface because it’s applied to the debug process.

Before using debug ip packet, note that the router is doing fast-switching by default, or may be doing CEF switching if configured to do so. This means that, once those techniques are in place, the packet is not provided to the processor, hence the debugging does not show anything. For this to work, you need to disable fast-switching on the router with no ip route-cache (for unicast packets) or no ip mroute-cache (for multicast packets). This should be applied on the interfaces where the traffic is supposed to flow. Verify this with the show ip route command.

Warning

  • Disabling fast-switching on a router that handles a large number of packets can cause CPU utilization to spike so that the box hangs or loses its connection to its peers.
  • Do not disable fast-switching on a router running Multi Protocol Label Switching (MPLS). MPLS is used in conjunction with CEF. Therefore, disabling fast-switching on the interface can have disastrous effect.

Example

conf t
access-list 101 permit ip any host 192.168.1.1
int gi0/0
no ip route-cache

do term mon
do debug ip packet 101 detail
do unde all

int gi0/0
ip route-cache
no access-list 101 permit ip any host 10.10.20.100
end

Copyright © 2012-2017 Yared Consulting Inc. All Rights Reserved. | Privacy Policy | Terms & Conditions