Cisco IOS Debug Command Reference, Release 12.2
Commands: debug ip dvmrp through debug ip pim
Download this chapter
Commands: debug ip dvmrp through debug ip pimCommands: debug ip dvmrp through debug ip pim
Download the complete book
Book-level PDF: Cisco IOS Debug Command Reference, Release 12.2Book-level PDF: Cisco IOS Debug Command Reference, Release 12.2 (PDF - 9 MB)
give_us_feedback

Table Of Contents

debug ip dvmrp

debug ip eigrp

debug ip error

debug ip ftp

debug ip http authentication

debug ip http ezsetup

debug ip http ssi

debug ip http token

debug ip http transaction

debug ip http url

debug ip icmp

debug ip igmp

debug ip igrp events

debug ip igrp transactions

debug ip inspect

debug ip mbgp dampening

debug ip mbgp updates

debug ip mcache

debug ip mds ipc

debug ip mds mevent

debug ip mds mpacket

debug ip mds process

debug ip mhbeat

debug ip mobile

debug ip mobile advertise

debug ip mobile host

debug ip mpacket

debug ip mrm

debug ip mrouting

debug ip msdp

debug ip msdp resets

debug ip nat

debug ip ospf events

debug ip ospf mpls traffic-eng advertisements

debug ip ospf packet

debug ip ospf spf statistic

debug ip packet

debug ip pgm host

debug ip pgm router

debug ip pim


debug ip dvmrp

To display information on Distance Vector Multiprotocol Routing Protocol (DVMRP) packets received and sent, use the debug ip dvmrp privileged EXEC command. The no form of this command disables debugging output.

debug ip dvmrp [detail [access-list] [in | out]]

no debug ip dvmrp [detail [access-list] [in | out]]

Syntax Description

detail

(Optional) Enables a more detailed level of output and displays packet contents.

access-list

(Optional) Causes the debug ip dvmrp command to restrict output to one access list.

in

(Optional) Causes the debug ip dvmrp command to output packets received in DVMRP reports.

out

(Optional) Causes the debug ip dvmrp command to output packets sent in DVMRP reports.


Usage Guidelines

Use the debug ip dvmrp detail command with care. This command generates a substantial amount of output and can interrupt other activity on the router when it is invoked.

Examples

The following is sample output from the debug ip dvmrp command: 

Router# debug ip dvmrp


DVMRP: Received Report on Ethernet0 from 172.19.244.10

DVMRP: Received Report on Ethernet0 from 172.19.244.11

DVMRP: Building Report for Ethernet0 224.0.0.4

DVMRP: Send Report on Ethernet0 to 224.0.0.4

DVMRP: Sending IGMP Reports for known groups on Ethernet0

DVMRP: Received Report on Ethernet0 from 172.19.244.10

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Building Report for Tunnel0 224.0.0.4

DVMRP: Send Report on Tunnel0 to 192.168.199.254

DVMRP: Send Report on Tunnel0 to 192.168.199.254

DVMRP: Send Report on Tunnel0 to 192.168.199.254

DVMRP: Send Report on Tunnel0 to 192.168.199.254

DVMRP: Radix tree walk suspension

DVMRP: Send Report on Tunnel0 to 192.168.199.254

The following lines show that the router received DVMRP routing information and placed it in the mroute table: 

DVMRP: Received Report on Ethernet0 from 172.19.244.10

DVMRP: Received Report on Ethernet0 from 172.19.244.11

The following lines show that the router is creating a report to send to another DVMRP router: 

DVMRP: Building Report for Ethernet0 224.0.0.4

DVMRP: Send Report on Ethernet0 to 224.0.0.4

Table 71 provides a list of internet multicast addresses supported for host IP implementations.

Table 71 Internet Multicast Addresses 

Address
Description
RFC

224.0.0.0

Base address (reserved)

RFC 1112

224.0.0.1

All systems on this subnet

RFC 1112

224.0.0.2

All routers on this subnet

 

224.0.0.3

Unassigned

 

224.0.0.4

DVMRP routers

RFC 1075

224.0.0.5

OSPFIGP all routers

RFC 1583


The following lines show that a protocol update report has been sent to all known multicast groups. Hosts use IGMP reports to communicate with routers and to request to join a multicast group. In this case, the router is sending an IGMP report for every known group to the host, which is running mrouted. The host the responds as though the router was a host on the LAN segment that wants to receive multicast packets for the group. 

DVMRP: Sending IGMP Reports for known groups on Ethernet0

The following is sample output from the debug ip dvmrp detail command: 

Router# debug ip dvmrp detail 


DVMRP: Sending IGMP Reports for known groups on Ethernet0

DVMRP: Advertise group 224.2.224.2 on Ethernet0

DVMRP: Advertise group 224.2.193.34 on Ethernet0

DVMRP: Advertise group 224.2.231.6 on Ethernet0

DVMRP: Received Report on Tunnel0 from 192.168.199.254

DVMRP: Origin 150.166.53.0/24, metric 13, distance 0

DVMRP: Origin 150.166.54.0/24, metric 13, distance 0

DVMRP: Origin 150.166.55.0/24, metric 13, distance 0

DVMRP: Origin 150.166.56.0/24, metric 13, distance 0

DVMRP: Origin 150.166.92.0/24, metric 12, distance 0

DVMRP: Origin 150.166.100.0/24, metric 12, distance 0

DVMRP: Origin 150.166.101.0/24, metric 12, distance 0

DVMRP: Origin 150.166.142.0/24, metric 8, distance 0

DVMRP: Origin 150.166.200.0/24, metric 12, distance 0

DVMRP: Origin 150.166.237.0/24, metric 12, distance 0

DVMRP: Origin 150.203.5.0/24, metric 8, distance 0

The following lines show that this group is available to the DVMRP router. The mrouted process on the host will forward the source and multicast information for this group through the DVMRP cloud to other members. 

DVMRP: Advertise group 224.2.224.2 on Ethernet0

The following lines show the DVMRP route information: 

DVMRP: Origin 150.166.53.0/24, metric 13, distance 0

DVMRP: Origin 150.166.54.0/24, metric 13, distance 0

The metric is the number of hops the route has covered, and the distance is the administrative distance.

debug ip eigrp

To display information on Enhanced Interior Gateway Routing Protocol (EIGRP) packets, use the debug ip eigrp privileged EXEC command. The no form of this command disables debugging output.

debug ip eigrp

no debug ip eigrp

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

This command helps you analyze the packets that are sent and received on an interface. Because the debug ip eigrp command generates a substantial amount of output, only use it when traffic on the network is light.

Examples

The following is sample output from the debug ip eigrp command: 

Router# debug ip eigrp


IP-EIGRP: Processing incoming UPDATE packet

IP-EIGRP: Ext 192.168.3.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960

IP-EIGRP: Ext 192.168.0.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960

IP-EIGRP: Ext 192.168.3.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960

IP-EIGRP: 172.69.43.0 255.255.255.0, - do advertise out Ethernet0/1

IP-EIGRP: Ext 172.69.43.0 255.255.255.0 metric 371200 - 256000 115200

IP-EIGRP: 192.135.246.0 255.255.255.0, - do advertise out Ethernet0/1

IP-EIGRP: Ext 192.135.246.0 255.255.255.0 metric 46310656 - 45714176 596480

IP-EIGRP: 172.69.40.0 255.255.255.0, - do advertise out Ethernet0/1

IP-EIGRP: Ext 172.69.40.0 255.255.255.0 metric 2272256 - 1657856 614400

IP-EIGRP: 192.135.245.0 255.255.255.0, - do advertise out Ethernet0/1

IP-EIGRP: Ext 192.135.245.0 255.255.255.0 metric 40622080 - 40000000 622080

IP-EIGRP: 192.135.244.0 255.255.255.0, - do advertise out Ethernet0/1

Table 72 describes the significant fields shown in the display.

Table 72 debug ip eigrp Field Descriptions

Field
Description

IP-EIGRP:

Indicates EIGRP packet information.

Ext

Indicates that the following address is an external destination rather than an internal destination, which would be labeled as Int.

M

Displays the computed metric, which includes SM and the cost between this router and the neighbor. The first number is the composite metric. The next two numbers are the inverse bandwidth and the delay, respectively.

SM

Displays the metric as reported by the neighbor.


debug ip error

To display IP errors, use the debug ip error command in privileged EXEC mode. To disable debugging errors, use the no form of this command.

debug ip error access-list-number [detail] [dump]

no debug ip error

Syntax Description

access-list-number

(Optional) The IP access list number that you can specify. If the datagram is not permitted by that access list, the related debugging output (or IP error) is suppressed. Standard, extended, and expanded access lists are supported. The range of standard and extended access lists is from 1 to 199. The range of expanded access lists is from 1300 to 2699.

detail

(Optional) Displays detailed IP error debugging information.

dump

(Hidden) Displays IP error debugging information along with raw packet data in hexadecimal and ASCII forms. This keyword can be enabled with individual access lists and also with the detail keyword.

Note The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. See the caution notes below, in the usage guidelines, for more specific information.


Defaults

No default behavior or values

Command Modes

Privileged EXEC

Usage Guidelines

This command is used for IP error debugging. The output displays IP errors which are locally detected by this router.

Caution Enabling this command will generate output only if IP errors occur. However, if the router starts to receive many packets that contain errors, substantial output may be generated and severely affect system performance. This command should be used with caution in production networks. It should only be enabled when traffic on the IP network is low, so other activity on the system is not adversely affected. Enabling the detail and dump keywords use the highest level of system resources of the available configuration options for this command, so a high level of caution should be applied when enabling either of these keywords.
Caution The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. Because of the risk of using significant CPU utilization, the dump keyword is hidden from the user and cannot be seen using the "?" prompt. The length of the displayed packet information may exceed the actual packet length and include additional padding bytes that do not belong to the IP packet. Also note that the beginning of a packet may start at different locations in the dump output depending on the specific router, interface type, and packet header processing that may have occurred before the output is displayed.

Examples

The following is sample output from the debug ip error command: 

debug ip error 


IP packet errors debugging is on


04:04:45:IP:s=10.8.8.1 (Ethernet0/1), d=10.1.1.1, len 28, dispose ip.hopcount

The IP error in the above output was caused when the router attempted to forward a packet with a time-to-live (TTL) value of 0. The "ip.hopcount" traffic counter is incremented when a packet is dropped because of an error. This error is also displayed in the output of the show ip traffic command by the "bad hop count" traffic counter.

Table 73 describes the significant fields shown in the display.

Table 73 debug ip error Field Descriptions 

Field
Description

IP:s=10.8.8.1 (Ethernet0/1)

The packet source IP address and interface.

d=10.1.1.1, len 28

The packet destination IP address and prefix length.

dispose ip.hopcount

This traffic counter increments when an IP packet is dropped because of an error.


The following is sample output from the debug ip error command enabled with the detail keyword: 

debug ip error detail

IP packet errors debugging is on (detailed)

1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.1.1.1, len 28, dispose udp.noport

1d08h: UDP src=41921, dst=33434

1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.2.2.2, len 28, dispose ip.hopcount 

1d08h:    UDP src=33691, dst=33434

The detailed output includes layer 4 information in addition to the standard output. The IP error in the above output was caused when the router received a UDP packet when no application was listening to the UDP port. The "udp.noport" traffic counter is incremented when the router drops a UDP packet because of this error. This error is also displayed in the output of the show ip traffic command by the "no port" traffic counter under "UDP statistics."

Table 74 describes the significant fields shown in the display.

Table 74 debug ip error detail Field Descriptions 

Field
Description

IP:s=10.0.19.100 (Ethernet0/1)

The IP packet source IP address and interface.

d=10.1.1.1, len 28

The IP packet destination and prefix length.

dispose udp.noport

The traffic counter that is incremented when a UDP packet is dropped because of this error.


The following is sample output from the debug ip error command enabled with the detail and dump keywords: 

debug ip error detail dump


IP packet errors debugging is on (detailed) (dump)


1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.1.1.1, len 28, dispose udp.noport

1d08h:    UDP src=37936, dst=33434

03D72360:                      0001 42AD4242            ..B-BB

03D72370:0002FCA5 DC390800 4500001C 30130000  ..|%\9..E...0...

03D72380:01116159 0A001364 0A010101 9430829A  ..aY...d.....0..

03D72390:0008C0AD                             ..@-            


1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.2.2.2, len 28, dispose ip.hopcount

1d08h:    UDP src=41352, dst=33434

03C01600:                      0001 42AD4242            ..B-BB

03C01610:0002FCA5 DC390800 4500001C 302A0000  ..|%\9..E...0*..

03C01620:01116040 0A001364 0A020202 A188829A  ..`@...d....!...

03C01630:0008B253                             ..2S

Note The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. See the caution in the usage guidelines section of this command reference page for more specific information.

The output from the debug ip error command, when the dump keyword is enabled, provides raw packet data in hexadecimal and ASCII forms. This addtional output is displayed in addition to the standard output. The dump keyword can be used with all of the available configuration options of this command.

Table 75 describes the standard output fields shown in the display.

Table 75 debug ip error detail dump Field Descriptions 

Field
Description

IP:s=10.0.19.100 (Ethernet0/1)

The IP packet source IP address and interface.

d=10.1.1.1, len 28

The IP packet destination and prefix length.

dispose udp.noport

The traffic counter that is incremented when a UDP packet is dropped because of this error.


Related Commands

Command
Description

show ip traffic

Displays statistics about IP traffic.


debug ip ftp

To activate the debugging option to track the transactions submitted during an FTP session, use the debug ip ftp privileged EXEC command. To disable debugging output, use the no form of this command.

debug ip ftp

no debug ip ftp

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

The debug ip ftp command is useful for debugging problems associated with FTP.

Examples

The following is an example of the debug ip ftp command: 

Router# debug ip ftp


FTP transactions debugging is on

The following is sample output from the debug ip ftp command: 

FTP: 220 ProFTPD 1.2.0pre8 Server (DFW Nostrum FTP Server) [defiant.dfw.nostrum.com]

Dec 27 22:12:09.133: FTP: ---> USER router

Dec 27 22:12:09.133: FTP: 331 Password required for router.

Dec 27 22:12:09.137: FTP: ---> PASS WQHK5JY2

Dec 27 22:12:09.153: FTP: 230 Anonymous access granted, restrictions apply.

Dec 27 22:12:09.153: FTP: ---> TYPE I

Dec 27 22:12:09.157: FTP: 200 Type set to I.

Dec 27 22:12:09.157: FTP: ---> PASV

.

.

.

.

.

.

.

.

.

.

.

.

.

.

Dec 27 22:12:09.173: FTP: ---> QUIT

Dec 27 22:12:09.181: FTP: 221 Goodbye.


debug ip http authentication

To troubleshoot HTTP authentication problems, use privileged EXEC command. The no form of this command disables debugging output.

debug ip http authentication

no debug ip http authentication

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

The debug ip http authentication command displays the authentication method the router attempted and authentication-specific status messages.

Examples

The following is sample output from the debug ip http authentication command: 

Router# debug ip http authentication


Authentication for url `/' `/' level 15 privless `/'

Authentication username = `local15' priv-level = 15 auth-type = local

Table 76 describes the significant fields shown in the display.

Table 76 debug ip http authentication Command Descriptions

Field
Description

Authentication for url

Provides information about the URL in different forms.

Authentication username

Identifies the user.

priv-level

Indicates the user privilege level.

auth-type

Indicates the authentication method.


debug ip http ezsetup

To display the configuration changes that occur during the EZ Setup process, use the debug ip http ezsetup privileged EXEC command. The no form of this command disables debugging output.

debug ip http ezsetup

no debug ip http ezsetup

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the debug ip http ezsetup command to verify the EZ Setup actions without changing the configuration of the router.

EZ Setup is a form you fill out to perform basic router configuration from most HTML browsers.

Examples

The following is sample output from the debug ip http ezsetup that shows the configuration changes for the router when the EZ Setup form has been submitted: 

Router# debug ip http ezsetup


service timestamps debug

service timestamps log

service password-encryption

!

hostname router-name

!

enable secret router-pw

line vty 0 4

password router-pw

!

interface ethernet 0

 ip address 172.69.52.9 255.255.255.0

 no shutdown

 ip helper-address 172.31.2.132

ip name-server 172.31.2.132

isdn switch-type basic-5ess

username Remote-name password Remote-chap

interface bri 0

 ip unnumbered ethernet 0

 encapsulation ppp

 no shutdown

 dialer map ip 192.168.254.254 speed 56 name Remote-name Remote-number

 isdn spid1 spid1

 isdn spid2 spid2

 ppp authentication chap callin

 dialer-group 1

!

ip classless

access-list 101 deny udp any any eq snmp

access-list 101 deny udp any any eq ntp

access-list 101 permit ip any any

dialer-list 1 list 101

ip route 0.0.0.0 0.0.0.0 192.168.254.254

ip route 192.168.254.254 255.255.255.255 bri 0

logging buffered

snmp-server community public RO

ip http server

ip classless

ip subnet-zero

!

end

Related Commands

Command
Description

debug ip http token

Displays individual tokens parsed by the HTTP server.

debug ip http transaction

Displays HTTP server transaction processing.

debug ip http url

Displays the URLs accessed from the router.


debug ip http ssi

To display information about the HTML SSI EXEC command or HTML SSI ECHO command, use the debug ip http ssi privileged EXEC command. The no form of this command disables debugging output.

debug ip http ssi

no debug ip http ssi

Syntax Description

This command has no arguments or keywords.

Examples

The following is sample output from the debug ip http ssi command: 

Router# debug ip http ssi


HTML: filtered command `exec cmd="show users"'

HTML: SSI command `exec'

HTML: SSI tag `cmd' = "show users"

HTML: Executing CLI `show users' in mode `exec' done

The following line shows the contents of the SSI EXEC command: 

HTML: filtered command `exec cmd="show users"'

The following line indicates the type of SSI command that was requested: 

HTML: SSI command `exec'

The following line shows the argument show users assigned to the tag cmd: 

HTML: SSI tag 'cmd' = "show users"

The following line indicates that the

show users command is being executed in EXEC mode: 

HTML: Executing CLI `show users' in mode `exec' done

debug ip http token

To display individual tokens parsed by the HTTP server, use the debug ip http token privileged EXEC command. The no form of this command disables debugging output.

debug ip http token

no debug ip http token

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the debug ip http token command to display low-level HTTP server parsings. To display high-level HTTP server parsings, use the debug ip http transaction command.

Examples

The following is part of a sample output from the debug ip http token command. In this example, the browser accessed the router's home page http://router-name/. The output gives the token parsed by the HTTP server and its length. 

Router# debug ip http token


HTTP: token len 3: 'GET'

HTTP: token len 1: ' '

HTTP: token len 1: '/'

HTTP: token len 1: ' '

HTTP: token len 4: 'HTTP'

HTTP: token len 1: '/'

HTTP: token len 1: '1'

HTTP: token len 1: '.'

HTTP: token len 1: '0'

HTTP: token len 2: '\15\12'

HTTP: token len 7: 'Referer'

HTTP: token len 1: ':'

HTTP: token len 1: ' '

HTTP: token len 4: 'http'

HTTP: token len 1: ':'

HTTP: token len 1: '/'

HTTP: token len 1: '/'

HTTP: token len 3: 'www'

HTTP: token len 1: '.'

HTTP: token len 3: 'thesite'

HTTP: token len 1: '.'

HTTP: token len 3: 'com'

HTTP: token len 1: '/'

HTTP: token len 2: '\15\12'

HTTP: token len 10: 'Connection'

HTTP: token len 1: ':'

HTTP: token len 1: ' '

HTTP: token len 4: 'Keep'

HTTP: token len 1: '-'

HTTP: token len 5: 'Alive'

HTTP: token len 2: '\15\12'

HTTP: token len 4: 'User'

HTTP: token len 1: '-'

HTTP: token len 5: 'Agent'

HTTP: token len 1: ':'

HTTP: token len 1: ' '

HTTP: token len 7: 'Mozilla'

HTTP: token len 1: '/'

HTTP: token len 1: '2'

HTTP: token len 1: '.'

.

.

.

Related Commands

Command
Description

debug ip http ezsetup

Displays the configuration changes that occur during the EZ Setup process.

debug ip http transaction

Displays HTTP server transaction processing.

debug ip http url

Displays the URLs accessed from the router.


debug ip http transaction

To display HTTP server transaction processing, use the debug ip http transaction privileged EXEC command. The no form of this command disables debugging output.

debug ip http transaction

no debug ip http transaction

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the debug ip http transaction command to display what the HTTP server is parsing at a high level. To display what the HTTP server is parsing at a low level, use the debug ip http token command.

Examples

The following is sample output from the debug ip http transaction command. In this example, the browser accessed the router's home page http://router-name/. 

Router# debug ip http transaction


HTTP: parsed uri '/'

HTTP: client version 1.0

HTTP: parsed extension Referer

HTTP: parsed line http://www.company.com/

HTTP: parsed extension Connection

HTTP: parsed line Keep-Alive

HTTP: parsed extension User-Agent

HTTP: parsed line Mozilla/2.01 (X11; I; FreeBSD 2.1.0-RELEASE i386)

HTTP: parsed extension Host

HTTP: parsed line router-name

HTTP: parsed extension Accept

HTTP: parsed line image/gif, image/x-xbitmap, image/jpeg, image/

HTTP: parsed extension Authorization

HTTP: parsed authorization type Basic

HTTP: received GET ''

Table 77 lists describes some of the fields in the output.

Table 77 debug ip http transaction Field Descriptions 

Field
Description

HTTP: parsed uri '/'

Uniform resource identifier that is requested.

HTTP: client version 1.0

Client HTTP version.

HTTP: parsed extension Referer

HTTP extension.

HTTP: parsed line http://www.company.com/

Value of HTTP extension.

HTTP: received GET ''

HTTP request method.


Related Commands

Command
Description

debug ip http ezsetup

Displays the configuration changes that occur during the EZ Setup process.

debug ip http token

Displays individual tokens parsed by the HTTP server.

debug ip http url

Shows the URLs accessed from the router.


debug ip http url

To show the URLs accessed from the router, use the debug ip http url privileged EXEC command. The no form of this command disables debugging output.

debug ip http url

no debug ip http url

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

Use the debug ip http url command to keep track of the URLs that are accessed and to determine from which hosts the URLs are accessed.

Examples

The following output is from the debug ip http url command. In this example, the HTTP server accessed the URLs and /exec. The output shows the URL being requested and the IP address of the host requesting the URL. 

Router# debug ip http url 


HTTP: processing URL '/' from host 172.31.2.141

HTTP: processing URL '/exec' from host 172.31.2.141

Related Commands

Command
Description

debug ip http ezsetup

Displays the configuration changes that occur during the EZ Setup process.

debug ip http token

Displays individual tokens parsed by the HTTP server.

debug ip http transaction

Displays HTTP server transaction processing.


debug ip icmp

To display information on Internal Control Message Protocol (ICMP) transactions, use the debug ip icmp privileged EXEC command. The no form of this command disables debugging output.

debug ip icmp

no debug ip icmp

Syntax Description

This command has no arguments or keywords.

Usage Guidelines

This command helps you determine whether the router is sending or receiving ICMP messages. Use it, for example, when you are troubleshooting an end-to-end connection problem.

Note For more information about the fields in debug ip icmp command output, refer to RFC-792, Internet Control Message Protocol; Appendix I of RFC-950, Internet Standard Subnetting Procedure; and RFC-1256, ICMP Router Discovery Messages.

Examples

The following is sample output from the debug ip icmp command: 

Router# debug ip icmp


ICMP: rcvd type 3, code 1, from 10.95.192.4

ICMP: src 10.56.0.202, dst 172.69.16.1, echo reply

ICMP: dst (10.120.1.0) port unreachable rcv from 10.120.1.15

ICMP: src 172.69.12.35, dst 172.69.20.7, echo reply

ICMP: dst (255.255.255.255) protocol unreachable rcv from 10.31.7.21

ICMP: dst (10.120.1.0) port unreachable rcv from 10.120.1.15

ICMP: dst (255.255.255.255) protocol unreachable rcv from 10.31.7.21

ICMP: dst (10.120.1.0) port unreachable rcv from 10.120.1.15

ICMP: src 10.56.0.202, dst 172.69.16.1, echo reply

ICMP: dst (10.120.1.0) port unreachable rcv from 10.120.1.15

ICMP: dst (255.255.255.255) protocol unreachable rcv from 10.31.7.21

ICMP: dst (10.120.1.0) port unreachable rcv from 10.120.1.15

Table 78 describes the significant fields shown in the display.

Table 78 debug ip icmp Field Descriptions 

Field
Description

ICMP:

Indication that this message describes an ICMP packet.

rcvd type 3

The type field can be one of the following:

0—Echo Reply

3—Destination Unreachable

4—Source Quench

5—Redirect

8—Echo

9—Router Discovery Protocol Advertisement

10—Router Discovery Protocol Solicitations

11—Time Exceeded

12—Parameter Problem

13—Timestamp

14—Timestamp Reply

15—Information Request

16—Information Reply

17—Mask Request

18—Mask Reply

code 1

This field is a code. The meaning of the code depends upon the type field value, as follows:

Echo and Echo Reply—The code field is always zero.

Destination Unreachable—The code field can have the following values:

—0—Network unreachable

—1—Host unreachable

—2—Protocol unreachable

—3—Port unreachable

—4—Fragmentation needed and DF bit set

—5—Source route failed

Source Quench—The code field is always 0.

Redirect—The code field can have the following values:

—0—Redirect datagrams for the network

—1—Redirect datagrams for the host

—2—Redirect datagrams for the command mode of service and network

—3—Redirect datagrams for the command mode of service and host

Router Discovery Protocol Advertisements and Solicitations—The code field is always zero.

 

Time Exceeded—The code field can have the following values:

—0—Time to live exceeded in transit

—1—Fragment reassembly time exceeded

Parameter Problem—The code field can have the following values:

—0—General problem

—1—Option is missing

—2—Option missing, no room to add

Timestamp and Timestamp Reply—The code field is always zero.

Information Request and Information Reply—The code field is always zero.

Mask Request and Mask Reply—The code field is always zero.

from 10.95.192.4

Source address of the ICMP packet.


Table 79 describes the significant fields in the second line of the display.

Table 79 debug ip icmp Field Descriptions 

Field
Description

ICMP:

Indicates that this message describes an ICMP packet.

src 10.56.10.202

Address of the sender of the echo.

dst 172.69.16.1

Address of the receiving router.

echo reply

Indicates that the router received an echo reply.


Other messages that the debug ip icmp command can generate follow.

When an IP router or host sends out an ICMP mask request, the following message is generated when the router sends a mask reply: 

ICMP: sending mask reply (255.255.255.0) to 172.69.80.23 via Ethernet0

The following two lines are examples of the two forms of this message. The first form is generated when a mask reply comes in after the router sends out a mask request. The second form occurs when the router receives a mask reply with a nonmatching sequence and ID. Refer to Appendix I of RFC 950, Internet Standard Subnetting Procedures, for details. 

ICMP: mask reply 255.255.255.0 from 172.69.80.31

ICMP: unexpected mask reply 255.255.255.0 from 172.69.80.32

The following output indicates that the router sent a redirect packet to the host at address 172.69.80.31, instructing that host to use the gateway at address 172.69.80.23 in order to reach the host at destination address 172.69.1.111: 

ICMP: redirect sent to 172.69.80.31 for dest 172.69.1.111 use gw 172.69.80.23

The following message indicates that the router received a redirect packet from the host at address 172.69.80.23, instructing the router to use the gateway at address 172.69.80.28 in order to reach the host at destination address 172.69.81.34: 

ICMP: redirect rcvd from 172.69.80.23 -- for 172.69.81.34 use gw 172.69.80.28

The following message is displayed when the router sends an ICMP packet to the source address (172.69.94.31 in this case), indicating that the destination address (172.69.13.33 in this case) is unreachable: 

ICMP: dst (172.69.13.33) host unreachable sent to 172.69.94.31

The following message is displayed when the router receives an ICMP packet from an intermediate address (172.69.98.32 in this case), indicating that the destination address (172.69.13.33 in this case) is unreachable: 

ICMP: dst (172.69.13.33) host unreachable rcv from 172.69.98.32

Depending on the code received (as Table 78 describes), any of the unreachable messages can have any of the following "strings" instead of the "host" string in the message: 

net

protocol

port

frag. needed and DF set

source route failed

prohibited

The following message is displayed when the TTL in the IP header reaches zero and a time exceed ICMP message is sent. The fields are self-explanatory. 

ICMP: time exceeded (time to live) send to 10.95.1.4 (dest was 172.69.1.111)

The following message is generated when parameters in the IP header are corrupted in some way and the parameter problem ICMP message is sent. The fields are self-explanatory. 

ICMP: parameter problem sent to 128.121.1.50 (dest was 172.69.1.111)

Based on the preceding information, the remaining output can be easily understood: 

ICMP: parameter problem rcvd 172.69.80.32

ICMP: source quench rcvd 172.69.80.32

ICMP: source quench sent to 128.121.1.50 (dest was 172.69.1.111)

ICMP: sending time stamp reply to 172.69.80.45

ICMP: sending info reply to 172.69.80.12

ICMP: rdp advert rcvd type 9, code 0, from 172.69.80.23

ICMP: rdp solicit rcvd type 10, code 0, from 172.69.80.43

debug ip igmp

To display Internet Group Management Protocol (IGMP) packets received and sent, and IGMP-host related events, use the debug ip igmp privileged EXEC command. To disable debugging output, use the no form of this command.

debug ip igmp

no debug ip igmp

Syntax Description

This command has no arguments or keywords.

Defaults

None

Command History

Release
Modification

10.2

This command was introduced.

12.1(3)T

Additional fields were added to the output of this command to support the Source Specific Multicast (SSM) feature.


Usage Guidelines

This command helps discover whether the IGMP processes are functioning. In general, if IGMP is not working, the router process never discovers that another host is on the network that is configured to receive multicast packets. In dense mode, this situation will result in packets being delivered intermittently (a few every 3 minutes). In sparse mode, packets will never be delivered.

Use this command in conjunction with the debug ip pim and debug ip mrouting commands to observe additional multicast activity and to learn the status of the multicast routing process, or why packets are forwarded out of particular interfaces.

Examples

The following is sample output from the debug ip igmp command: 

Router# debug ip igmp


IGMP: Received Host-Query from 172.69.37.33 (Ethernet1) 

IGMP: Received Host-Report from 172.69.37.192 (Ethernet1) for 224.0.255.1 

IGMP: Received Host-Report from 172.69.37.57 (Ethernet1) for 224.2.127.255 

IGMP: Received Host-Report from 172.69.37.33 (Ethernet1) for 225.2.2.2

The messages displayed by the debug ip igmp command show query and report activity received from other routers and multicast group addresses.

The following is sample output from the debug ip igmp command when SSM is enabled. Because IGMP Version 3 lite (IGMP v3lite) requires the host to send IGMP Version 2 (IGMPv2) packets, IGMPv2 host reports also will be displayed in response to the router IGMPv2 queries. If SSM is disabled, the word "ignored" will be displayed in the debug ip igmp command output. 

IGMP:Received v3-lite Report from 10.0.119.142 (Ethernet3/3), group count 1

IGMP:Received v3 Group Record from 10.0.119.142 (Ethernet3/3) for 232.10.10.10

IGMP:Update source 1.1.1.1

IGMP:Send v2 Query on Ethernet3/3 to 224.0.0.1

IGMP:Received v2 Report from 10.0.119.142 (Ethernet3/3) for 232.10.10.10

IGMP:Update source 1.1.1.1

Related Commands

Command
Description

debug ip mrm

Displays MRM control packet activity.

debug ip pim

Displays PIM packets received and sent, and PIM-related events.


debug ip igrp events

To display summary information on Interior Gateway Routing Protocol (IGRP) routing messages that indicate the source and destination of each update, and the number of routes in each update, use the debug ip igrp events privileged EXEC command. The no form of this command disables debugging output.

debug ip igrp events [ip-address]

no debug ip igrp events [ip-address]

Syntax Description

ip-address

(Optional) The IP address of an IGRP neighbor.


Usage Guidelines

If the IP address of an IGRP neighbor is specified, the resulting debug ip igrp events output includes messages describing updates from that neighbor and updates that the router broadcasts toward that neighbor. Messages are not generated for each route.

This command is particularly useful when there are many networks in your routing table. In this case, using debug ip igrp transactions could flood the console and make the router unusable. Use debug ip igrp events instead to display summary routing information.

Examples

The following is sample output from the debug ip igrp events command:

This shows that the router has sent two updates to the broadcast address 255.255.255.255. The router also received two updates. Three lines of output describe each of these updates.

The first line indicates whether the router sent or received the update packet, the source or destination address, and the interface through which the update was sent or received. If the update was sent, the IP address assigned to this interface is shown (in parentheses). 

IGRP: sending update to 255.255.255.255 via Ethernet1 (160.89.33.8)

The second line summarizes the number and types of routes described in the update: 

IGRP: Update contains 26 interior, 40 system, and 3 exterior routes.

The third line indicates the total number of routes described in the update: 

IGRP: Total routes in update: 69

debug ip igrp transactions

To display transaction information on Interior Gateway Routing Protocol (IGRP) routing transactions, use the debug ip igrp transactions privileged EXEC command. The no form of this command disables debugging output.

debug ip igrp transactions [ip-address]

no debug ip igrp transactions [ip-address]

Syntax Description

ip-address

(Optional) The IP address of an IGRP neighbor.


Usage Guidelines

If the IP address of an IGRP neighbor is specified, the resulting debug ip igrp transactions output includes messages describing updates from that neighbor and updates that the router broadcasts toward that neighbor.

When many networks are in your routing table, the debug ip igrp transactions command can flood the console and make the router unusable. In this case, use the debug ip igrp events command instead to display summary routing information.

Examples

The following is sample output from the debug ip igrp transactions command:

The output shows that the router being debugged has received updates from two other routers on the network. The router at source address 160.89.80.240 sent information about ten destinations in the update; the router at source address 160.89.80.28 sent information about three destinations in its update. The router being debugged also sent updates—in both cases to the broadcast address 255.255.255.255 as the destination address.

On the second line the first field refers to the type of destination information: "subnet" (interior), "network" (system), or "exterior" (exterior). The second field is the Internet address of the destination network. The third field is the metric stored in the routing table and the metric advertised by the neighbor sending the information. "Metric... inaccessible" usually means that the neighbor router has put the destination in a hold down state.

The entries show that the router is sending updates that are similar, except that the numbers in parentheses are the source addresses used in the IP header. A metric of 16777215 is inaccessible.

Other examples of output that the debug ip igrp transactions command can produce follow.

The following entry indicates that the routing table was updated and shows the new edition number (97 in this case) to be used in the next IGRP update: 

IGRP: edition is now 97

Entries such as the following occur on startup or when some event occurs such as an interface making a transition or a user manually clearing the routing table: 

IGRP: broadcasting request on Ethernet0

IGRP: broadcasting request on Ethernet1

The following type of entry can result when routing updates become corrupted between sending and receiving routers: 

IGRP: bad checksum from 172.69.64.43

An entry such as the following should never appear. If it does, the receiving router has a bug in the software or a problem with the hardware. In either case, contact your technical support representative. 

IGRP: system 45 from 172.69.64.234, should be system 109

debug ip inspect

To display messages about Context-Based Access Control (CBAC) events, use the debug ip inspect privileged EXEC command. The no form of this command disables debugging output.

debug ip inspect {function-trace | object-creation | object-deletion | events | timers | protocol | detailed}

no debug ip inspect detailed

Syntax Description

function-trace

Displays messages about software functions called by CBAC.

object-creation

Display messages about software objects being created by CBAC. Object creation corresponds to the beginning of CBAC-inspected sessions.

object-deletion

Displays messages about software objects being deleted by CBAC. Object deletion corresponds to the closing of CBAC-inspected sessions.

events

Displays messages about CBAC software events, including information about CBAC packet processing.

timers

Displays messages about CBAC timer events such as when a CBAC idle timeout is reached.

protocol

Displays messages about CBAC-inspected protocol events, including details about the packets of the protocol. Table 3 provides a list of protocol keywords.

detailed

Causes detailed information to be displayed for all the other enabled CBAC debugging. Use this form of the command in conjunction with other CBAC debugging commands.


Table 80 Protocol Keywords for the debug ip inspect Command 

Application Protocol
protocol keyword

Transport-layer protocols

 

TCP

tcp

UDP

udp

Application-layer protocols

 

CU-SeeMe

cuseeme

FTP commands and responses

ftp-cmd

FTP tokens (enables tracing of the FTP tokens parsed)

ftp-tokens

  H.323 (version 1 and version 2)

h323