09-11-2002 11:16 PM - edited 02-20-2020 09:18 PM
Hello,
i have the following Problem:
I have greated an ACL.
When I debug this ACL (debug ip packet 101 detail), i see very much
Multicast Traffic.
This is on a Catalyst 3550 EMI.
If i debug the same ACL on a Router, i only see Traffic for this ACL.
What should i do to see only the ACL Traffic on the catalyst without
the Multicast Traffic.
Can i stop Multicast Traffic on the Catalyst, because I don`t need it.
Thanks
Lorenz
09-12-2002 04:52 AM
When multicast fast switching is enabled (like unicast routing), debug messages are not logged. If you want to log debug messages, disable fast switching. Try ip mroute-cache.
If not, can you post the acl.
Hope it helps.
Steve
09-13-2002 04:19 AM
Hello Steve,
thanks for your Help, but this is not the Reason.
I have tested the same Procedure on a Cisco Router and there i only
the Output from the ACL saw.
Here is my ACL
permit icmp any any (16 matches)
permit tcp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq domain
permit udp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq domain
permit udp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq 3299
permit tcp xxx.xxx.xxx.xxx 0.0.0.16 host xxx.xxx.xxx.xxx eq 3299
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 3299
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 3299
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 22
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 22
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 3299
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 443
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx range 4029 4034
permit udp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx range 4029 4034
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx range 4019 4024
permit udp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx range 4019 4024
permit tcp host xxx.xxx.xxx.xxx host xxx.xxx.xxx.xxx eq 8080
deny ip xxx.xxx.xxx.xxx 0.0.0.16 any
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq domain
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq www
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq www
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq www
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx eq www
deny ip xxx.xxx.xxx.xxx 0.0.0.255 any
deny ip xxx.xxx.xxx.xxx 0.0.0.255 any
deny ip xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx
deny ip xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 xxx.xxx.xxx.xxx 0.0.0.255 eq 3299
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 xxx.xxx.xxx.xxx 0.0.0.255 eq 3299
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 eq lpd xxx.xxx.xxx.xxx 0.0.0.255 gt 700
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 eq lpd xxx.xxx.xxx.xxx 0.0.0.255 gt 700
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4019 4024
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4029 4034
permit udp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4019 4024
permit udp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4029 4034
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4019 4024
permit tcp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4029 4034
permit udp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4019 4024
permit udp xxx.xxx.xxx.xxx 0.0.0.255 host xxx.xxx.xxx.xxx range 4029 4034
permit ip xxx.xxx.xxx.xxx 0.0.0.255 xxx.xxx.xxx.xxx 0.15.255.255
permit ip xxx.xxx.xxx.xxx 0.0.0.255 xxx.xxx.xxx.xxx 0.15.255.255
deny ip xxx.xxx.xxx.xxx 0.0.0.255 any
deny ip xxx.xxx.xxx.xxx 0.0.0.255 any (15 matches)
Below is the Output from the debug command : debug ip packet 110 detail
01:29:20: datagramsize=66, IP 0: s=xxx.xxx.121.3 (Vlan5), d=224.0.0.2, totlen 48,
fragment 0, fo 0, rcvd 2
01:29:20: UDP src=1985, dst=1985
01:29:20: datagramsize=64, IP 0: s=xxx.xxx.135.41 (local), d=224.0.0.2 (Vlan8), t
otlen 48, fragment 0, fo 0, sending broad/multicast
01:29:20: UDP src=1985, dst=1985
01:29:20: datagramsize=62, IP 0: s=xxx.xxx.135.41 (local), d=224.0.0.2 (Vlan8), t
otlen 48, fragment 0, fo 0, sending full packet
01:29:20: UDP src=1985, dst=1985
01:29:20: datagramsize=66,u IP 0: s=xxx.xxx.120.3 (Vlan4), d=224.0.0.2, totlen 48
, fragment 0, fo 0, rcvd 2
01:29:20: UDP src=1985, dst=1985
01:29:21: datagramsize=48, IP 0: s=xxx.xxx.120.2 (local), d=224.0.0.2 (Vlan4), to
tlen 48, fragment 0, fo 0, sending broad/multicast
01:29:21: UDP src=1985, dst=1985
01:29:21: datagramsize=62, IP 0: s=xxx.xxx.120.2 (local), d=224.0.0.2 (Vlan4), to
tlen 48, fragment 0, fo 0, sending full packet
01:29:21: UDP src=1985, dst=1985
I hope this Information us helpfull for you.
Nice Weekend
Lorenz
09-13-2002 01:17 PM
UDP port 1985 is HSRP and the destination address of HSRP hello packets is the all routers multicast address (224.0.0.2). The source address is the router's primary IP address assigned to the interface.
Fast-switched packets do not generate messages.
I will try and find out why this is getting logged.
Have a great weekend.
Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide