The Packet-Trace feature provides a detailed understanding of how data packets are processed by the Cisco IOS XE platform, and thus helps customers to diagnose issues and troubleshoot them more efficiently. This module provides information about how to use the Packet-Trace feature.
Finding Feature Information
Your software release might not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the “Feature Information for Packet Trace” section.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn
. An account on Cisco.com is not required.
The Packet-Trace feature provides three levels of inspection for packets: accounting, summary, and path data. Each level provides a detailed view of packet processing at the cost of some packet processing capability. However, Packet Trace limits inspection to packets that match the debug platform condition statements, and is a viable option even under heavy-traffic situations in customer environments.
Table 1-1 explains the three levels of inspection provided by packet trace.
Table 1-1 Packet-Trace Level
Packet-Trace accounting provides a count of packets that enter and leave the network processor. Packet-Trace accounting is a lightweight performance activity, and runs continuously until it is disabled.
At the summary level of packet trace, data is collected for a finite number of packets. Packet-Trace summary tracks the input and output interfaces, the final packet state, and punt, drop, or inject packets, if any. Collecting summary data adds to additional performance compared to normal packet processing, and can help to isolate a troublesome interface.
The packet-trace path data level provides the greatest level of detail in packet trace. Data is collected for a finite number of packets. Packet-Trace path data captures data, including a conditional debugging ID that is useful to correlate with feature debugs, a timestamp, and also feature-specific path-trace data.
Path data also has two optional capabilities: packet copy and Feature Invocation Array (FIA) trace. The packet-copy option enables you to copy input and output packets at various layers of the packet (layer 2, layer 3 or layer 4). The FIA- trace option tracks every feature entry invoked during packet processing and helps you to know what is happening during packet processing.
Note Collecting path data consumes more packet-processing resources, and the optional capabilities incrementally affect packet performance. Therefore, path-data level should be used in limited capacity or in situations where packet performance change is acceptable.
Usage Guidelines for Configuring Packet Trace
Consider the following best practices while configuring the Packet-Trace feature:
Use of ingress conditions when using the Packet-Trace feature is recommended for a more comprehensive view of packets.
Packet-trace configuration requires data-plane memory. On systems where data-plane memory is constrained, carefully consider how you will select the packet-trace values. A close approximation of the amount of memory consumed by packet trace is provided by the following equation:
memory required = (statistics overhead) + number of packets * (summary size + data size + packet copy size).
When the Packet-Trace feature is enabled, a small, fixed amount of memory is allocated for statistics. Similarly, when per-packet data is captured, a small, fixed amount of memory is required for each packet for summary data. However, as shown by the equation, you can significantly influence the amount of memory consumed by the number of packets you select to trace, and whether you collect path data and copies of packets.
Configuring Packet Trace
Perform the following steps to configure the Packet-Trace feature.
Note The amount of memory consumed by the Packet-Trace feature is affected by the packet-trace configuration. You should carefully select the size of per-packet path data and copy buffers and the number of packets to be traced in order to avoid interrupting normal services. You can check the current data-plane DRAM memory consumption by using the show platform hardware qfp active infrastructure exmem statistics command. See the “Configuration Examples for Packet Trace” section for more information about configuring packet trace.
Collects summary data for a specified number of packets. Captures feature path data by the default, and optionally performs FIA trace.
—Specifies the maximum number of packets maintained at a given time.
—Provides detailed level of data capture, including summary data, feature-specific data. Also displays each feature entry visited during packet processing.
—Enables the capture of summary data with minimal details.
—Saves the data of the most recently traced packets.
—Specifies the size of data buffers for storing feature and FIA trace data for each packet in bytes. When very heavy packet processing is performed on packets, users can increase the size of the data buffers if necessary. The default value is 2048.
Enables copying of ingress or egress packets or both. Also, optionally, allows specifying the layer of the packet in which the packet copy should start. If the specified layer does not exist for the packet, the default behavior is to copy the packet at layer 2.
—Specifies the maximum number of octets to copy. Default value is 64.
Specifies the matching criteria for tracing packets. Provides the ability to filter by protocol, IP address and subnet mask, access control list (ACL), interface, and direction.
debug platform packet-trace drop [code
Router# debug platform packet-trace drop
Captures only the data for dropped packets, and provides the option to capture data for a specific global drop code. This command can be used with or without platform conditions.
When this command is used without platform debug conditions, all the drop events in the system will be traced and packet trace will only capture the data available at the moment of the drop.
When this command is used with platform debug conditions, packet-trace data is collected for all the packets classified as a match, but the collected data is preserved only for packets that meet the drop criteria.
—Specifies the drop code to trace.
debug platform condition start
Router# debug platform condition start
Enables the specified matching criteria and starts packet tracing.
debug platform condition stop
Router# debug platform condition start
Deactivates the condition and stops packet tracing.
This example describes how to configure packet trace and display the results. In this example, incoming packets to Gigabit Ethernet interface 0/0/2 are traced, and FIA-trace data is captured for the first 128 packets. Also, the input packets are copied. The
show platform packet-trace packet 0
command displays the summary data and each feature entry visited during packet processing for packet 0.
This example provides a scenario in which packet trace is used to troubleshoot packet drops for a NAT configuration on a Cisco ASR 1006 Router. This example shows how you can effectively utilize the level of detail provided by the Packet-Trace feature to gather information about an issue, isolate the issue, and then find a solution.
In this scenario, you can detect that there are issues, but are not sure where to start troubleshooting. You should, therefore, consider accessing the Packet-Trace summary for a number of incoming packets.
Router# show platform packet-trace summary | include DROP
403 Gi0/0/0 --- DROP 064.NatIn2Out
781 Gi0/0/0 --- DROP 064.NatIn2Out
1708 Gi0/0/0 --- DROP 064.NatIn2Out
The output shows that packets are dropped due to NAT configuration on Gigabit Ethernet interface 0/0/0, which enables you to understand that an issue is occurring on a specific interface. Using this information, you can limit which packets to trace, reduce the number of packets for data capture, and increase the level of inspection.
command output, you can see that there is some traffic that cannot be configured for Port Address Translation (PAT). Hence, you should modify the ACL to spare this traffic from NAT configuration, or disable the service for that kind of traffic. From the copy of the incoming packet, you can see that the protocol is UDP, and the destination port is DNS, and that you should turn off the DNS Application Layer Gateway (ALG).
Cisco IOS commands
Cisco IOS Master Commands List, All Releases
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at this URL:
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.
Table 1-4 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn
. An account on Cisco.com is not required.
NoteTable 1-4 lists only the software releases that support a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Table 1-4 Feature Information for Packet Trace
Cisco IOS XE 3.10
In Cisco IOS XE Release 3.10, the Packet-Trace feature was introduced on the Cisco ASR 1000 Series Router. The Packet-Trace feature provides information about how data packets are processed by the Cisco IOS XE platform.
The following commands were introduced or modified: