Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3072
Views
0
Helpful
2
Replies

Logging packets dropped between EPG's

Go to solution
cooperb01
Level 1
Level 1

‎11-11-2014 03:23 AM - edited ‎03-01-2019 04:47 AM

Hi

 

Is it possible to have an historical view of what traffic has been permitted and denied between EPG's?

 

This would be very useful for troubleshooting. For example, my Netscaler probes (tcp port 80) to a web server are failing and the cause of issue could be either web service is not enabled on server or the contract between Netscaler and server is dropping the traffic. It would be good to confirm from a log that the traffic is being dropped/accepted by the contract.

 

Thanks

Ben

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dpita
Cisco Employee
Cisco Employee

‎11-11-2014 04:48 AM

Hello,

Yes there is a way to check what contracts/filters have been hit by a packet between EPGs and yes you can tell if it has hit the implicit deny between two EPGs. On the other hand, the most you would be able to determine is that you have counters incrementing for a particular rule/contract. As far as i know there is no logging of every packet that goes inter-EGP. Its just a show command on the switch to see which rules/contracts have incrementing counters. 

show zoning-rules - use this command to find the right rule ID by using your EPG PCTags

show system internal policy-mgr stats | grep <context segment id> - use this command to see incrementing counters. 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
dpita
Cisco Employee
Cisco Employee

‎11-11-2014 04:48 AM

Hello,

Yes there is a way to check what contracts/filters have been hit by a packet between EPGs and yes you can tell if it has hit the implicit deny between two EPGs. On the other hand, the most you would be able to determine is that you have counters incrementing for a particular rule/contract. As far as i know there is no logging of every packet that goes inter-EGP. Its just a show command on the switch to see which rules/contracts have incrementing counters. 

show zoning-rules - use this command to find the right rule ID by using your EPG PCTags

show system internal policy-mgr stats | grep <context segment id> - use this command to see incrementing counters. 

0 Helpful

Go to solution
cooperb01
Level 1
Level 1
In response to dpita

‎11-11-2014 06:59 AM

Thanks.

Its a shame we can not see more specific flows:- e.g. src-ip -> dst-ip on http permit

Ben

 

 

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License