[c-nsp] tcpdump-style debugging on 6500/7600

[Andriy Bilous]

Just that you know there is 'debug condition interface' command which will
limit the output of your debugs to the interface in interest. What Peter
suggests suits you better though.



On Thu, Mar 14, 2013 at 5:38 PM, "Rolf Hanßen" <nsp at rhanssen.de> wrote:

> Hi,
>
> I saw there was already a discussion concerning that topic, but 5 years
> old:
> http://www.gossamer-threads.com/lists/cisco/nsp/78543
> Is there maybe some new tcpdump-style debugging feature available to
> provide such functions beside the suggested "debug ip packet"?
>
> I am looking for such situations:
>
> 1) I like to view traffic on a certain physical interface or switched
> vlan. I would like to see all packets and not a specific protocol or IP
> range.
> As far as I see I cannot specify an interface in an ACL but the "debug ip
> packet" only allows ACLs for filtering as far as I see.
>
> 2) I like to debug an IP connection and limit to a certain amount of
> packets (like "show me the next 20 packets from/to host x.x.x.x").
> Can you tell me what bandwidth or pps I have to take into consideration to
> avoid overload ?
>
> To understand better what I do before typing it in on a 10G+ box:
> "debug ip packet ..." redirects the packets to the Management CPU and
> everything filtered with an ACL leads into only packets matching ALC are
> forwarded to the CPU, everything else is handled by the DFC/CFC+PFC only
> like usual.
> Correct ?
>
> Im looking for a way that works without exporting stuff to another box and
> low risk to overload CPU (live environment).
> Hardware in my case are several Sup720-3B, Sup720-3BXL or Sup2T with 67xx
> linecards.
> If there are special software revisions needed, please let me know.
>
> kind regards
> Rolf Hanßen
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>