Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2991
Views
0
Helpful
2
Replies

IOS XR debugging on line vty

Go to solution
feableee123
Level 1
Level 1

‎04-25-2013 08:59 AM

Hello,

How can I debug icmp packets with acl.

e.g config from IOS:

debug ip packet 100

access-list 100 permit icmp host x.x.x.x  host y.y.y.y

how it look like in IOS XR ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
smilstea
Cisco Employee
Cisco Employee

‎04-25-2013 07:56 PM

Hi,

There are a number of things to look for when debugging ICMP or traffic drops in general.

Here are the ACLs that I use when troubleshooting traffic drops to ensure connectivity.

Router(config)# Ipv4 access-list PING-IN

Router(config-ipv4-acl)# Permit icmp host remote_ip_address host local_ip_address echo-reply log

Router(config-ipv4-acl)# Permit ipv4 any any

Router(config)# Int

Router(config-int)# Ipv4 access-group PING-IN ingress hardware-count interface-statistics

Router(config)# Ipv4 access-list PING-OUT

Router(config-ipv4-acl)# Permit icmp host local_ip_address host remote_ip_address echo-reply log

Router(config-ipv4-acl)# Permit ipv4 any any

Router(config)# Int

Router(config-int)# Ipv4 access-group PING-OUT egress hardware-count interface-statistics

These are a few of the commands that I use to check for drops. There are more and many are dependent on the platform, but this should help you with what you are trying to do.

‘show ipv4 traffic | i echo’

‘show lpts pifib hardware entry statistics loc <>’

‘show interface

'show controller stat

‘show access-list PING-IN hardware ingress loc <>’

‘show access-list PING-OUT hardware egress loc <>’

HTH,

Sam Milstead

CSE - XR TAC

View solution in original post

0 Helpful
2 Replies 2

Go to solution
smilstea
Cisco Employee
Cisco Employee

‎04-25-2013 07:56 PM

Hi,

There are a number of things to look for when debugging ICMP or traffic drops in general.

Here are the ACLs that I use when troubleshooting traffic drops to ensure connectivity.

Router(config)# Ipv4 access-list PING-IN

Router(config-ipv4-acl)# Permit icmp host remote_ip_address host local_ip_address echo-reply log

Router(config-ipv4-acl)# Permit ipv4 any any

Router(config)# Int

Router(config-int)# Ipv4 access-group PING-IN ingress hardware-count interface-statistics

Router(config)# Ipv4 access-list PING-OUT

Router(config-ipv4-acl)# Permit icmp host local_ip_address host remote_ip_address echo-reply log

Router(config-ipv4-acl)# Permit ipv4 any any

Router(config)# Int

Router(config-int)# Ipv4 access-group PING-OUT egress hardware-count interface-statistics

These are a few of the commands that I use to check for drops. There are more and many are dependent on the platform, but this should help you with what you are trying to do.

‘show ipv4 traffic | i echo’

‘show lpts pifib hardware entry statistics loc <>’

‘show interface

'show controller stat

‘show access-list PING-IN hardware ingress loc <>’

‘show access-list PING-OUT hardware egress loc <>’

HTH,

Sam Milstead

CSE - XR TAC

0 Helpful

Go to solution
feableee123
Level 1
Level 1

‎04-27-2013 12:50 AM

Thanks, You help me a lot.

0 Helpful
Customers Also Viewed These Support Documents