Debug - Cisco Catalyst 3650

Blog Debug - Cisco Catalyst 3650

Debug - Cisco Catalyst 3650

Commandes

Debug ICMP :

debug ip icmp

Debug ARP :

debug arp

Voir les toutes les requêtes ARP :

sh monitor event-trace arp all

.Mar 9 11:18:38.316: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.90 IF: VlanXXX OP: req
.Mar 9 11:18:38.319: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.122 IF: VlanXXX OP: req
.Mar 9 11:18:38.323: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.40 IF: VlanXXX OP: req
.Mar 9 11:18:38.347: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.106 IF: VlanXXX OP: req
.Mar 9 11:18:38.347: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.26 IF: VlanXXX OP: req
.Mar 9 11:18:38.359: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.56 IF: VlanXXX OP: req
.Mar 9 11:18:38.384: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.24 IF: VlanXXX OP: req
.Mar 9 11:18:38.401: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.57 IF: VlanXXX OP: req
.Mar 9 11:18:38.403: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.74 IF: VlanXXX OP: req
.Mar 9 11:18:38.408: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.42 IF: VlanXXX OP: req
.Mar 9 11:18:38.431: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.155 IF: VlanXXX OP: req
.Mar 9 11:18:38.698: RCV PKT: S: XXX.XX.XX.18 T: XXX.XX.XX.17 IF: VlanXXX OP: req
.Mar 9 11:18:39.062: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.61 IF: VlanXXX OP: req
.Mar 9 11:18:39.063: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.79 IF: VlanXXX OP: req
.Mar 9 11:18:39.063: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.29 IF: VlanXXX OP: req
.Mar 9 11:18:39.063: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.170 IF: VlanXXX OP: req
.Mar 9 11:18:39.443: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.11 IF: VlanXXX OP: req
.Mar 9 11:18:39.473: RCV PKT: S: XXX.XX.XX.252 T: XXX.XX.XX.125 IF: VlanXXX OP: req

Voir les informations d'une requête ARP :

sh ip arp XXX.XXX.XX.XX

Protocol Address Age (min) Hardware Addr Type Interface
Internet XXX.XXX.XX.XX 0 b40c.25e0.4042 ARPA Vlan302

Équivalent d'un "traceroute" pour voir le chemin :

sh ip route XXX.XX.XXX.XX

Routing entry for XXX.XX.XXX.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:

directly connected, via Vlan201
Route metric is 0, traffic share count is 1

Capture des paquets sur le port Gi1/0/1 (1er port du switch) :

monitor capture CL interface GigabitEthernet 1/0/1 both
monitor capture CL match ipv4 any any
monitor capture CL limit duration 60
monitor capture CL file location flash:TRACE_LOG.cap
monitor capture CL start display brief

Starting the packet display ........ Press Ctrl + Shift + 6 to exit

1 0.000000 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX Syslog 117 LOCAL7.INFO: 212: .Mar 9 14:19:03.564: %BUFCAP-6-ENABLE: Capture Point CL enabled.
2 0.004043 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 182 Server: Encrypted packet (len=128)
3 0.006420 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 64 59221 b^F^R 22 [ACK] Seq=1 Ack=129 Win=65024 Len=0
4 0.254624 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 78 44423 b^F^R 6515 [SYN] Seq=0 Win=27600 Len=0 MSS=1380 SACK_PERM=1 TSval=1233534474 TSecr=0 WS=128
5 0.254807 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 78 42510 b^F^R 6516 [SYN] Seq=0 Win=27600 Len=0 MSS=1380 SACK_PERM=1 TSval=1233534474 TSecr=0 WS=128
6 0.254930 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 64 6515 b^F^R 44423 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
7 0.255049 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 64 6516 b^F^R 42510 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
8 1.141241 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 394 Server: Encrypted packet (len=324)
9 1.141429 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 314 Server: Encrypted packet (len=244)
10 1.141583 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 1046 Server: Encrypted packet (len=976)
11 1.141726 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 394 Server: Encrypted packet (len=324)
12 1.141855 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 314 Server: Encrypted packet (len=244)
13 1.141973 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 186 Server: Encrypted packet (len=116)
14 1.142089 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 250 Server: Encrypted packet (len=180)
15 1.142208 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 250 Server: Encrypted packet (len=180)
16 1.142485 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 250 Server: Encrypted packet (len=180)
17 1.142632 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 250 Server: Encrypted packet (len=180)
18 1.142754 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 250 Server: Encrypted packet (len=180)
19 1.145016 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=325 Win=7140 Len=0 TSval=278913953 TSecr=503314189
20 1.145144 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=569 Win=7140 Len=0 TSval=278913953 TSecr=503314189
21 1.145278 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 1438 Server: Encrypted packet (len=1368)
22 1.145414 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 1438 Server: Encrypted packet (len=1368)
23 1.145589 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 1438 Server: Encrypted packet (len=1368)
24 1.145757 XXX.XX.XXX.XXX -> XXX.XX.XXX.XXX SSH 1438 Server: Encrypted packet (len=1368)

Capture des paquets sur le port Gi1/0/1 (1er port du switch) uniquement pour l'IP source 172.5.0.3 a destination de 172.5.0.25 :

monitor capture CL interface GigabitEthernet 1/0/1 both
monitor capture CL match ipv4 host 172.5.0.3 host 172.5.0.25
monitor capture CL limit duration 60
monitor capture CL file location flash:TRACE_LOG.cap
monitor capture CL start display brief

1 0.000000 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1 Win=7140 Len=0 TSval=279040587 TSecr=503820729
2 0.000185 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=181 Win=7140 Len=0 TSval=279040588 TSecr=503820729
3 0.000305 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=505 Win=7140 Len=0 TSval=279040588 TSecr=503820729
4 0.001946 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=685 Win=7140 Len=0 TSval=279040588 TSecr=503820729
5 0.002234 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=865 Win=7140 Len=0 TSval=279040588 TSecr=503820729
6 0.003070 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1045 Win=7140 Len=0 TSval=279040588 TSecr=503820729
7 0.003651 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1225 Win=7140 Len=0 TSval=279040588 TSecr=503820729
8 0.003789 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1405 Win=7140 Len=0 TSval=279040588 TSecr=503820729
9 0.003948 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1585 Win=7140 Len=0 TSval=279040588 TSecr=503820729
10 0.004211 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=1765 Win=7140 Len=0 TSval=279040589 TSecr=503820730
11 0.005091 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=3133 Win=7140 Len=0 TSval=279040589 TSecr=503820732
12 0.005569 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=4501 Win=7140 Len=0 TSval=279040589 TSecr=503820732
13 0.005700 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=4725 Win=7140 Len=0 TSval=279040589 TSecr=503820733
14 0.054192 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=5161 Win=7140 Len=0 TSval=279040601 TSecr=503820784
15 0.156761 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=6141 Win=7140 Len=0 TSval=279040627 TSecr=503820887
16 0.160563 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=7509 Win=7140 Len=0 TSval=279040628 TSecr=503820890
17 0.161755 172.5.0.3 -> 172.5.0.25 TCP 70 42348 b^F^R 22 [ACK] Seq=1 Ack=10289 Win=7140 Len=0 TSval=279040628 TSecr=503820890

Article précédent Article suivant

Debug - Cisco Catalyst 3650

Debug - Cisco Catalyst 3650

Commandes

Qui je-suis ?

Tags populaires

Archives