Home
Certification Preparation
Cisco
CCNP
CCNP Service Provider
Access lists for debugging
Nocturnal
I've been having fun playing with ppp and reading debugs on my lab routers. Let's say I want to debug the ppp negotiation on a particular interface without crashing a production router. I know you need to create an access list, but no-one I ask seems to know the procedure.
Let's say I want to debug ppp negotiations on serial0/1. I know to set the logging to level 7 for debugging, but how to I set up the filter and where do I apply it?
Find more posts tagged with
Comments
Yankee
Why would you do all that? Just debug the ppp negotiation and watch the results. I have done it many times on production routers while troubleshooting ISDN issues.
Yankee
Nocturnal
There are two reasons why I'd want to do it. The first is to focus on one particular session. The second is to minimize CPU utilization.
I realize that debug ppp negotiation is pretty focused, but I want to be able to extract the exact information I'm looking for and I know there's a way to do it. I've read stuff on Cisco's website that recommends it but I haven't been able to locate the procedure.
There must be some way to set up a focused policy/filter-list that only writes to the log what I want to see.
If I can't get the information here, I'll share when I find out.
Yankee
Go for it, but the purpose of watching the negotiation is to see at what layer it fails and to my knowledge this is best done with a debug. Most of your real world problems will be with authentication, so you will likely be looking at that soon enough.
Yankee
Nocturnal
The sequence is this:
2620#debug ppp packet
PPP packet display debugging is on
2620#debug condition interface serial0/1
Condition 1 set
This command sequence only captures ppp negotiations on serial0/1.
This comes in handy on 10000 and 12000 series routers with multiple T3 interfaces when you only want to capture what's going on with one T1 channel, such as Serial6/0/0/3:0 or a fractional such as Serial3/0/1/24:13.
Yankee
I believe "debug ppp packet" shows all ppp packets being sent and received. You probably want to use "debug ppp neg" on that 2620.
Yankee
keenon
use "debug ppp events" it should show all ppp related transactions
Yankee
I prefer being specific when debugging as I usually have an idea what I am looking for.
Yankee
Nocturnal
Sorry for the confusion. I should have used "debug ppp negotiation" in my example. The point I was trying to make is that you can narrow the focus even further with the "debug condition" command.
tunerX
By what identifying information are you going to separate the different ppp negotiations that are taking place. If the the information is something that is not configurable in an access list then you will never get the information.
Yankee
He ain't gonna find much in the ppp negotiation that he can catch on an access list which is why I said "go for it". He seemed dead set on trying it, so I figured he needed to learn it by himself.
To my knowledge access-list troubleshooting is best used when trying to find out where specific traffic is being dropped if it is not working as expected.
Yankee
forbesl
Yup,
Although logging level 7 is called "debugging" it really isn't as detailed as a true debug. It really won't show you want you need to know about your ppp negotiations or packets.
darkuser
hth
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122debug/
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
