Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3698
Views
20
Helpful
10
Replies

How to View Transmit/Receive Packets for a Particular IP on a Switch

John Robinson IV
Level 1
Level 1

‎09-15-2022 07:25 AM

Hello! I am looking for a command that would allow me to view traffic that goes to or coming from a specific IP on a switch.

Scenario: Ping does not work (it is blocked), but I need to see if traffic to a particular IP is working. Is there a show and/or debug command that would show me the traffic to/from a particular IP on a Catalyst 9300 switch?

OR

Is there way to see what traffic is on a particular Switchport (outside of doing a wireshark capture on that port). In other words, is there a way to take a quick glance? Thank you

Labels:
10 Replies 10

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎09-15-2022 07:30 AM - edited ‎09-15-2022 09:08 AM

Some later Cisco switches support embedded packet capture.

https://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-embedded-packet-capture/116045-productconfig-epc-00.html

John Robinson IV
Level 1
Level 1
In response to Joseph W. Doherty

‎09-15-2022 07:59 AM

I'll take a look into this feature. The link doesn't work but I will research this. Is there a way to tell what devices this works on specifically?

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to John Robinson IV

‎09-15-2022 09:09 AM

Try my referenced link now (somehow, I missed the last character when I copied and pasted it).

0 Helpful

John Robinson IV
Level 1
Level 1
In response to Joseph W. Doherty

‎09-15-2022 11:50 AM

Thank you! 

0 Helpful

MHM Cisco World
VIP
VIP

‎09-15-2022 07:31 AM

I am out of home now, but I have fast answer 

Go and make ping with 100 repeat 

Do

Show ip interface 

Chech input packet count

This first and easy counter you can check.

0 Helpful

John Robinson IV
Level 1
Level 1
In response to MHM Cisco World

‎09-15-2022 07:54 AM

Thank you! In this case I'd like to see the specifics of the packets not just how many packets have transpired. I'd like to be able to see what the packet source and destination IPs and ports are, if possible.

0 Helpful

MHM Cisco World
VIP
VIP
In response to John Robinson IV

‎09-15-2022 08:10 AM

hfhfghfghfghfghf.png

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKARC-3190.pdf

use capture BUT friend disable capture after finish it effect the CPU.

John Robinson IV
Level 1
Level 1
In response to MHM Cisco World

‎09-15-2022 11:53 AM

Thanks so much I'll be trying this out soon!

 

0 Helpful

Seb Rupik
VIP Alumni
VIP Alumni

‎09-15-2022 08:19 AM

Hi there,

You could create a simple ACL (permit tcp/udp any any log) and apply it to the interface. The log statement will ensure all flows are recorded in your logs. You may need to adjust your log level to ensure they appear.

 

cheers,

Seb.

John Robinson IV
Level 1
Level 1
In response to Seb Rupik

‎09-15-2022 11:52 AM

This is helpful! Thank you!

0 Helpful
Top