05-17-2009 11:52 PM - edited 03-06-2019 05:46 AM
Hello
I used debug ip packet 1501. In access-list 1501 i have one of my externalip (EXTIP1). I received:
May 18 09:44:52: IP: s=EXTIP1 (Vlan201), d=EXTIP2, len 84, input feature, Access List(21), rtype 0, forus FALSE, sendself FALSE, mtu 0
sorry for duplicate :(
What does this logs mean ? What does forus=FALSE and sendself=FALSE mean ?
Thanx
05-18-2009 03:58 AM
Hello Maciej,
sendself false should mean the packet is not destined to any ip address on the device.
forus false
my guess is that this is specific of multilayer switches.
Actually debug command reference for 12.4 don't report these codes
http://www.cisco.com/en/US/docs/ios/debug/command/reference/db_i1.html#wp1016852
to understand the meaning from context you should provide more lines.
Is the packet forwarded or denied by ACL 21 ?
Hope to help
Giuseppe
05-18-2009 04:45 AM
Hello
I do not have ACL 21 ! I do not understeand this log. It's 6509 switch, the packet is received from access port(L2) and routed to ACE. BUT: it's not typical packet.
Typical packes are not seen by debug ip packet (this one is always switched thru software?).
The packet is not typical because it's translated from ipv6 (nat-pt) and it has: L3 id=0, L3 flags = Don't frag, L4 options(SACK permit, window scale x2, timestamps). The packet is actually routed to ACE but ACE behaves very strangely - it responds with SYN/ACK with incorrect L3 CRC. 6509 do not see this returning packet.
All other traffic works fine on this 6509+ACE - only ipv4 translated from ipv6. What could be wrong ?
Thanx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide