Cisco IOS Debug Command Reference - debug h225 asn1 through debug ip ftp [Support]

Table Of Contents

debug h225

debug h225 asn1

debug h225 events

debug h245 asn1

debug h245 events

debug h245 srtp

debug h323-annexg

debug hccp timing

debug hpi

debug http client

debug http client cookie

debug hw-module all upgrade

debug hw-module subslot

debug hw-module subslot commands

debug hw-module subslot errors

debug hw-module subslot events

debug hw-module subslot interrupts

debug hw-module subslot ipcshim

debug hw-module subslot oir

debug hw-module subslot periodic

debug iapp

debug idmgr

debug if-mgr efp-ext

debug ima

debug interface

debug interface counters exceptions

debug interface counters protocol memory

debug interface states

debug interface (vasi)

debug ip access-list hash-generation

debug ip access-list intstats

debug ip access-list turboacl

debug ip admission consent

debug ip admission eapoudp

debug ip auth-proxy

debug ip auth-proxy ezvpn

debug ip bgp

debug ip bgp groups

debug ip bgp igp-metric ignore

debug ip bgp import

debug ip bgp range

debug ip bgp sso

debug ip bgp updates

debug ip bgp vpnv4 checkpoint

debug ip bgp vpnv4 nsf

debug ip bgp vpnv4 unicast

debug ip bgp vpnv6 unicast

debug ip casa affinities

debug ip casa packets

debug ip casa wildcards

debug ip cef

debug ip cef accounting non-recursive

debug ip cef fragmentation

debug ip cef hash

debug ip cef rrhash

debug ip cef subblock

debug ip cef table

debug ip ddns update

debug ip dfp agent

debug ip dhcp server

debug ip dhcp server redundancy

debug ip dhcp server snmp

debug ip dns name-list

debug ip dns view

debug ip dns view-list

debug ip drp

debug ip dvmrp

debug ip eigrp

debug ip eigrp notifications

debug ip error

debug ip flow cache

debug ip flow export

debug ip ftp

debug h225

To display additional information about the actual contents of H.225 Registration, Admission, and Status Protocol (RAS) messages, use the debug h225 command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug h225 {asn1 | events}
no debug h225
Syntax Description

asn1

Indicates that only the Abstract Syntax Notation One (ASN.1) contents of any H.225 message sent or received will be displayed.

events

Indicates that key Q.931 events that occur when placing an H.323 call from one gateway to another will be displayed.

Defaults

Disabled

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

11.3(6)NA2

This command was introduced.

12.2(2)XB1

This command was implemented on the Cisco AS5850.

12.2(11)T

This command was integrated into Cisco IOS Release 12.2(11)T.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Both versions of the debug h225 command display information about H.225 messages. H.225 messages are used to exchange RAS information between gateways and gatekeepers as well as to exchange Q.931 information between gateways.

The debug h225 events command displays key Q.931 events that occur when placing an H.323 call from one gateway to another. Q.931 events are carried in H.225 messages. This command enables you to monitor Q.931 state changes such as setup, alert, connected, and released.

Note Although the debug information includes the hexadecimal output of the entire H.225 message, only the key state changes are decoded.

The debug h225 asn1 command displays the ASN.1 contents of any H.225 message sent or received that contains ASN.1 content. Not all H.225 messages contain ASN.1 content. Some messages contain both Q.931 information and ASN.1 information; if you enter this command, only ASN.1 information will be displayed.

Examples

The following sample output for the debug h225 events command shows a call being placed from gateway GW13 to gateway GW14. Before the call was placed, the gateway exchanged RAS messages with the gatekeeper. Because RAS messages do not contain Q.931 information, these messages do not appear in this output.
Router# debug h225 events
H.225 Event Messages debugging is on
Router#
*Mar  2 02:47:14.689:      H225Lib::h225TConn:connect in progress on socket [2]
*Mar  2 02:47:14.689:      H225Lib::h225TConn:Q.931 Call State is initialized to be
[Null].
*Mar  2 02:47:14.697:Hex representation of the SETUP TPKT to 
send.0300004D080200DC05040380C0A36C0991313323313333303070099131342331343330307E00260500800
60008914A000102004B1F5E5D8990006C0000000005BF7454000C0700000000000000
*Mar  2 02:47:14.701:
*Mar  2 02:47:14.701:      H225Lib::h225SetupRequest:Q.931 SETUP sent from socket [2]
*Mar  2 02:47:14.701:      H225Lib::h225SetupRequest:Q.931 Call State changed to 
[Call Initiated].
*Mar  2 02:47:14.729:Hex representation of the received
TPKT03000021080280DC013401017E0012050340060008914A000100000109350E2B28
*Mar  2 02:47:14.729:
*Mar  2 02:47:14.729:      H225Lib::h225RecvData:Q.931 ALERTING received from socket [2]
*Mar  2 02:47:14.729:      H225Lib::h225RecvData:Q.931 Call State changed to 
[Call Delivered].
*Mar  2 02:47:17.565:Hex representation of the received 
TPKT03000034080280DC07040380C0A37E0023050240060008914A0001000109350E2B2802004B1F5E5D899000
6C0000000005BF7454
*Mar  2 02:47:17.569:
*Mar  2 02:47:17.569:      H225Lib::h225RecvData:Q.931 CONNECT received from socket [2]
*Mar  2 02:47:17.569:      H225Lib::h225RecvData:Q.931 Call State changed to [Active].
*Mar  2 02:47:23.273:Hex representation of the received
TPKT0300001A080280DC5A080280107E000A050500060008914A0001
*Mar  2 02:47:23.273:
*Mar  2 02:47:23.273:      H225Lib::h225RecvData:Q.931 RELEASE COMPLETE received from 
socket [2]
*Mar  2 02:47:23.273:      H225Lib::h225RecvData:Q.931 Call State changed to [Null].
*Mar  2 02:47:23.293:Hex representation of the RELEASE COMPLETE TPKT 
to send.0300001A080200DC5A080280107E000A050500060008914A0001
*Mar  2 02:47:23.293:
*Mar  2 02:47:23.293:      H225Lib::h225TerminateRequest:Q.931 RELEASE COMPLETE sent from
socket [2]. Call state changed to [Null].
*Mar  2 02:47:23.293:      H225Lib::h225TClose:TCP connection from socket [2] closed
The following output shows the same call being placed from gateway GW13 to gateway GW14 using the debug h225 asn1 command. The output is very long, but you can track the following information:

•The admission request to the gatekeeper.

•The admission confirmation from the gatekeeper.

•The ASN.1 portion of the H.225/Q.931 setup message from the calling gateway to the called gateway.

•The ASN.1 portion of the H.225/Q.931 setup response from the called gateway, indicating that the call has proceeded to alerting state.

•The ASN.1 portion of the H.225/Q.931 message from the called gateway, indicating that the call has been connected.

•The ASN.1 portion of the H.225/Q.931 message from the called gateway, indicating that the call has been released.

•The ANS.1 portion of the H.225 RAS message from the calling gateway to the gatekeeper, informing it that the call has been disengaged.

•The ASN.1 portion of the H.225 RAS message from the gatekeeper to the calling gateway, confirming the disengage request.

•The ASN.1 portion of the H.225/Q.931 release complete message sent from the called gateway to the calling gateway.
Router# debug h225 asn1
H.225 ASN1 Messages debugging is on
Router#
value RasMessage ::= admissionRequest :
*Mar  2 02:48:18.445:  {
*Mar  2 02:48:18.445:    requestSeqNum 03320,
*Mar  2 02:48:18.445:    callType pointToPoint :NULL,
*Mar  2 02:48:18.445:    callModel direct :NULL,
*Mar  2 02:48:18.445:    endpointIdentifier "60D6BA4C00000001",
*Mar  2 02:48:18.445:    destinationInfo 
*Mar  2 02:48:18.445:    {
*Mar  2 02:48:18.445:      e164 :"14#14300"
*Mar  2 02:48:18.445:    },
*Mar  2 02:48:18.449:    srcInfo 
*Mar  2 02:48:18.449:    {
*Mar  2 02:48:18.449:      e164 :"13#13300"
*Mar  2 02:48:18.449:    },
*Mar  2 02:48:18.449:    bandWidth 0640,
*Mar  2 02:48:18.449:    callReferenceValue 0224,
*Mar  2 02:48:18.449:    conferenceID '4B1F5E5D899000720000000005C067A4'H,
*Mar  2 02:48:18.449:    activeMC FALSE,
*Mar  2 02:48:18.449:    answerCall FALSE
*Mar  2 02:48:18.449:  }
*Mar  2 02:48:18.449:25800CF7 00F00036 00300044 00360042 00410034 00430030 00300030
00300030
00300030 00310103 80470476 33010380 46046633 40028000 E04B1F5E 5D899000
72000000 0005C067 A400
29000CF7 40028000 0109350E 06B80077 
value RasMessage ::= admissionConfirm :
*Mar  2 02:48:18.469:  {
*Mar  2 02:48:18.469:    requestSeqNum 03320,
*Mar  2 02:48:18.469:    bandWidth 0640,
*Mar  2 02:48:18.469:    callModel direct :NULL,
*Mar  2 02:48:18.469:    destCallSignalAddress ipAddress :
*Mar  2 02:48:18.469:      {
*Mar  2 02:48:18.469:        ip '0109350E'H,
*Mar  2 02:48:18.469:        port 01720
*Mar  2 02:48:18.469:      },
*Mar  2 02:48:18.469:    irrFrequency 0120
*Mar  2 02:48:18.473:  }
*Mar  2 02:48:18.473:value H323-UserInformation ::= 
*Mar  2 02:48:18.481:{
*Mar  2 02:48:18.481:  h323-uu-pdu 
*Mar  2 02:48:18.481:  {
*Mar  2 02:48:18.481:    h323-message-body setup :
*Mar  2 02:48:18.481:      {
*Mar  2 02:48:18.481:        protocolIdentifier { 0 0 8 2250 0 1 },
*Mar  2 02:48:18.481:        sourceInfo 
*Mar  2 02:48:18.481:        {
*Mar  2 02:48:18.481:          terminal 
*Mar  2 02:48:18.481:          {
*Mar  2 02:48:18.481:          },
*Mar  2 02:48:18.481:          mc FALSE,
*Mar  2 02:48:18.481:          undefinedNode FALSE
*Mar  2 02:48:18.481:        },
*Mar  2 02:48:18.481:        activeMC FALSE,
*Mar  2 02:48:18.481:        conferenceID '4B1F5E5D899000720000000005C067A4'H,
*Mar  2 02:48:18.481:        conferenceGoal create :NULL,
*Mar  2 02:48:18.485:        callType pointToPoint :NULL,
*Mar  2 02:48:18.485:        sourceCallSignalAddress ipAddress :
*Mar  2 02:48:18.485:          {
*Mar  2 02:48:18.485:            ip '00000000'H,
*Mar  2 02:48:18.485:            port 00
*Mar  2 02:48:18.485:          }
*Mar  2 02:48:18.485:      }
*Mar  2 02:48:18.485:  }
*Mar  2 02:48:18.485:}
*Mar  2 02:48:18.485:00800600 08914A00 0102004B 1F5E5D89 90007200 00000005 C067A400
0C070000
00000000 00
value H323-UserInformation ::= 
*Mar  2 02:48:18.525:{
*Mar  2 02:48:18.525:  h323-uu-pdu 
*Mar  2 02:48:18.525:  {
*Mar  2 02:48:18.525:    h323-message-body alerting :
*Mar  2 02:48:18.525:      {
*Mar  2 02:48:18.525:        protocolIdentifier { 0 0 8 2250 0 1 },
*Mar  2 02:48:18.525:        destinationInfo 
*Mar  2 02:48:18.525:        {
*Mar  2 02:48:18.525:          mc FALSE,
*Mar  2 02:48:18.525:          undefinedNode FALSE
*Mar  2 02:48:18.525:        },
*Mar  2 02:48:18.525:        h245Address ipAddress :
*Mar  2 02:48:18.525:          {
*Mar  2 02:48:18.525:            ip '0109350E'H,
*Mar  2 02:48:18.525:            port 011050
*Mar  2 02:48:18.525:          }
*Mar  2 02:48:18.525:      }
*Mar  2 02:48:18.525:  }
*Mar  2 02:48:18.525:}
*Mar  2 02:48:18.525:value H323-UserInformation ::= 
*Mar  2 02:48:22.753:{
*Mar  2 02:48:22.753:  h323-uu-pdu 
*Mar  2 02:48:22.753:  {
*Mar  2 02:48:22.753:    h323-message-body connect :
*Mar  2 02:48:22.753:      {
*Mar  2 02:48:22.753:        protocolIdentifier { 0 0 8 2250 0 1 },
*Mar  2 02:48:22.753:        h245Address ipAddress :
*Mar  2 02:48:22.753:          {
*Mar  2 02:48:22.753:            ip '0109350E'H,
*Mar  2 02:48:22.753:            port 011050
*Mar  2 02:48:22.753:          },
*Mar  2 02:48:22.753:        destinationInfo 
*Mar  2 02:48:22.753:        {
*Mar  2 02:48:22.753:          terminal 
*Mar  2 02:48:22.753:          {
*Mar  2 02:48:22.753:          },
*Mar  2 02:48:22.757:          mc FALSE,
*Mar  2 02:48:22.757:          undefinedNode FALSE
*Mar  2 02:48:22.757:        },
*Mar  2 02:48:22.757:        conferenceID '4B1F5E5D899000720000000005C067A4'H
*Mar  2 02:48:22.757:      }
*Mar  2 02:48:22.757:  }
*Mar  2 02:48:22.757:}
*Mar  2 02:48:22.757:value H323-UserInformation ::= 
*Mar  2 02:48:27.109:{
*Mar  2 02:48:27.109:  h323-uu-pdu 
*Mar  2 02:48:27.109:  {
*Mar  2 02:48:27.109:    h323-message-body releaseComplete :
*Mar  2 02:48:27.109:      {
*Mar  2 02:48:27.109:        protocolIdentifier { 0 0 8 2250 0 1 }
*Mar  2 02:48:27.109:      }
*Mar  2 02:48:27.109:  }
*Mar  2 02:48:27.109:}
*Mar  2 02:48:27.109:value RasMessage ::= disengageRequest :
*Mar  2 02:48:27.117:  {
*Mar  2 02:48:27.117:    requestSeqNum 03321,
*Mar  2 02:48:27.117:    endpointIdentifier "60D6BA4C00000001",
*Mar  2 02:48:27.117:    conferenceID '4B1F5E5D899000720000000005C067A4'H,
*Mar  2 02:48:27.121:    callReferenceValue 0224,
*Mar  2 02:48:27.121:    disengageReason normalDrop :NULL
*Mar  2 02:48:27.121:  }
*Mar  2 02:48:27.121:3C0CF81E 00360030 00440036 00420041 00340043 00300030 00300030
00300030
00300031 4B1F5E5D 89900072 00000000 05C067A4 00E020
400CF8
value RasMessage ::= disengageConfirm :
*Mar  2 02:48:27.133:  {
*Mar  2 02:48:27.133:    requestSeqNum 03321
*Mar  2 02:48:27.133:  }
*Mar  2 02:48:27.133:value H323-UserInformation ::= 
*Mar  2 02:48:27.133:{
*Mar  2 02:48:27.133:  h323-uu-pdu 
*Mar  2 02:48:27.133:  {
*Mar  2 02:48:27.133:    h323-message-body releaseComplete :
*Mar  2 02:48:27.133:      {
*Mar  2 02:48:27.133:        protocolIdentifier { 0 0 8 2250 0 1 }
*Mar  2 02:48:27.133:      }
*Mar  2 02:48:27.133:  }
*Mar  2 02:48:27.133:}
*Mar  2 02:48:27.133:05000600 08914A00 01
debug h225 asn1

To display ASN1 contents of RAS and Q.931 messages, use the debug h255 asn1 privileged EXEC command. The no form of this command disables debugging output.

debug h255 asn1
no debug h255 asn1
Syntax Description

This command has no arguments or keywords.

Command History

Release

Modification

11.3(2)NA

This command was introduced.

12.0(3)T

This command was modified.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Caution This command slows down the system considerably. Connections may time out.

Examples

Example 1

The following output shows two proxy call scenarios. A trace is collected on the gatekeeper with ASN1 turned on. The call is being established.
Router# debug h225 asn1
H.225 ASN1 Messages debugging is on
Router#24800006 03C00030 00300036 00380041 00450037 00430030 00300030 00300030
00300030 00310140 0F007000 74006500 6C003200 33004000 7A006F00 6E006500
32002E00 63006F00 6D020180 AAAA4006 00700074 0065006C 00320031 0033401E
0000015F C8490FB4 B9D111BF AF0060B0 00E94500 
value RasMessage ::= admissionRequest : 
  {
    requestSeqNum 7,
    callType pointToPoint : NULL,
    endpointIdentifier "0068AE7C00000001",
    destinationInfo 
    {
      h323-ID : "ptel23@zone2.com"
    },
    srcInfo 
    {
      e164 : "7777",
      h323-ID : "ptel213"
    },
    bandWidth 7680,
    callReferenceValue 1,
    conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
    activeMC FALSE,
    answerCall FALSE
  }
value RasMessage ::= admissionConfirm : 
  {
    requestSeqNum 7,
    bandWidth 7680,
    callModel direct : NULL,
    destCallSignalAddress ipAddress : 
      {
        ip '65000001'H,
        port 1720
      },
    irrFrequency 30
  }
29000006 401E0000 65000001 06B8001D 
2480001D 03C00030 00300036 00380041 00390036 00300030 00300030 00300030
00300030 00320140 0F007000 74006500 6C003200 33004000 7A006F00 6E006500
32002E00 63006F00 6D014006 00700074 0065006C 00320031 00334002 8000015F
C8490FB4 B9D111BF AF0060B0 00E94540 
value RasMessage ::= admissionRequest : 
  {
    requestSeqNum 30,
    callType pointToPoint : NULL,
    endpointIdentifier "0068A96000000002",
    destinationInfo 
    {
      h323-ID : "ptel23@zone2.com"
    },
    srcInfo 
    {
      h323-ID : "ptel213"
    },
    bandWidth 640,
    callReferenceValue 1,
    conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
    activeMC FALSE,
    answerCall TRUE
  }
value ACFnonStandardInfo ::= 
{
  srcTerminalAlias 
  {
    e164 : "7777",
    h323-ID : "ptel213"
  },
  dstTerminalAlias 
  {
    h323-ID : "ptel23@zone2.com"
  },
  dstProxyAlias 
  {
    h323-ID : "px2"
  },
  dstProxySignalAddress 
  {
    ip '66000001'H,
    port 1720
  }
}
C00203AA AA800600 70007400 65006C00 32003100 3301800F 00700074 0065006C
00320033 0040007A 006F006E 00650032 002E0063 006F006D 01800200 70007800
32660000 0106B8
value RasMessage ::= admissionConfirm : 
  {
    requestSeqNum 30,
    bandWidth 7680,
    callModel direct : NULL,
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    irrFrequency 30,
    nonStandardData 
    {
      nonStandardIdentifier h221NonStandard : 
        {
          t35CountryCode 181,
          t35Extension 0,
          manufacturerCode 18
        },
      data
'C00203AAAA8006007000740065006C00320031003301800F007000740065006C003200 ...'H
    }
  }
2980001D 401E0000 66000001 06B8001D 40B50000 1247C002 03AAAA80 06007000
74006500 6C003200 31003301 800F0070 00740065 006C0032 00330040 007A006F
006E0065 0032002E 0063006F 006D0180 02007000 78003266 00000106 B8
24C0001E 03C00030 00300036 00380041 00390036 00300030 00300030 00300030
00300030 00320140 0F007000 74006500 6C003200 33004000 7A006F00 6E006500
32002E00 63006F00 6D006600 000106B8 020180AA AA400600 70007400 65006C00
32003100 33401E00 00435FC8 490FB4B9 D111BFAF 0060B000 E94500
value RasMessage ::= admissionRequest : 
  {
    requestSeqNum 31,
    callType pointToPoint : NULL,
    endpointIdentifier "0068A96000000002",
    destinationInfo 
    {
      h323-ID : "ptel23@zone2.com"
    },
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    srcInfo 
    {
      e164 : "7777",
      h323-ID : "ptel213"
    },
    bandWidth 7680,
    callReferenceValue 67,
    conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
    activeMC FALSE,
    answerCall FALSE
  }
value RasMessage ::= admissionConfirm : 
  {
    requestSeqNum 31,
    bandWidth 7680,
    callModel direct : NULL,
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    irrFrequency 30
  }
Example 2

The following output shows two proxy call scenarios. A trace is collected on the source proxy with ASN1 turned on. The call is being torn down
Router# debug h225 asn1
H.225 ASN1 Messages debugging is on
Router#
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body setup : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        sourceAddress 
        {
          h323-ID : "ptel213"
        },
        sourceInfo 
        {
          terminal 
          {
          },
          mc FALSE,
          undefinedNode FALSE
        },
        destinationAddress 
        {
          h323-ID : "ptel23@zone2.com"
        },
        activeMC FALSE,
        conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
        conferenceGoal create : NULL,
        callType pointToPoint : NULL,
        sourceCallSignalAddress ipAddress : 
          {
            ip '3200000C'H,
            port 1720
          }
      }
  }
}
value RasMessage ::= admissionRequest : 
  {
    requestSeqNum 30,
    callType pointToPoint : NULL,
    endpointIdentifier "0068A96000000002",
    destinationInfo 
    {
      h323-ID : "ptel23@zone2.com"
    },
    srcInfo 
    {
      h323-ID : "ptel213"
    },
    bandWidth 640,
    callReferenceValue 1,
    conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
    activeMC FALSE,
    answerCall TRUE
  }
2480001D 03C00030 00300036 00380041 00390036 00300030 00300030 00300030
00300030 00320140 0F007000 74006500 6C003200 33004000 7A006F00 6E006500
32002E00 63006F00 6D014006 00700074 0065006C 00320031 00334002 8000015F
C8490FB4 B9D111BF AF0060B0 00E94540 
2980001D 401E0000 66000001 06B8001D 40B50000 1247C002 03AAAA80 06007000
74006500 6C003200 31003301 800F0070 00740065 006C0032 00330040 007A006F
006E0065 0032002E 0063006F 006D0180 02007000 78003266 00000106 B8
value RasMessage ::= admissionConfirm : 
  {
    requestSeqNum 30,
    bandWidth 7680,
    callModel direct : NULL,
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    irrFrequency 30,
    nonStandardData 
    {
      nonStandardIdentifier h221NonStandard : 
        {
          t35CountryCode 181,
          t35Extension 0,
          manufacturerCode 18
        },
      data
'C00203AAAA8006007000740065006C00320031003301800F007000740065006C003200 ...'H
    }
  }
C00203AA AA800600 70007400 65006C00 32003100 3301800F 00700074 0065006C
00320033 0040007A 006F006E 00650032 002E0063 006F006D 01800200 70007800
32660000 0106B8
value ACFnonStandardInfo ::= 
{
  srcTerminalAlias 
  {
    e164 : "7777",
    h323-ID : "ptel213"
  },
  dstTerminalAlias 
  {
    h323-ID : "ptel23@zone2.com"
  },
  dstProxyAlias 
  {
    h323-ID : "px2"
  },
  dstProxySignalAddress 
  {
    ip '66000001'H,
    port 1720
  }
}
value RasMessage ::= admissionRequest : 
  {
    requestSeqNum 31,
    callType pointToPoint : NULL,
    endpointIdentifier "0068A96000000002",
    destinationInfo 
    {
      h323-ID : "ptel23@zone2.com"
    },
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    srcInfo 
    {
      e164 : "7777",
      h323-ID : "ptel213"
    },
    bandWidth 7680,
    callReferenceValue 67,
    conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
    activeMC FALSE,
    answerCall FALSE
  }
24C0001E 03C00030 00300036 00380041 00390036 00300030 00300030 00300030
00300030 00320140 0F007000 74006500 6C003200 33004000 7A006F00 6E006500
32002E00 63006F00 6D006600 000106B8 020180AA AA400600 70007400 65006C00
32003100 33401E00 00435FC8 490FB4B9 D111BFAF 0060B000 E94500
2900001E 401E0000 66000001 06B8001D 
value RasMessage ::= admissionConfirm : 
  {
    requestSeqNum 31,
    bandWidth 7680,
    callModel direct : NULL,
    destCallSignalAddress ipAddress : 
      {
        ip '66000001'H,
        port 1720
      },
    irrFrequency 30
  }
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body callProceeding : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        destinationInfo 
        {
          gateway 
          {
            protocol 
            {
              h323 : 
                {
                }
            }
          },
          mc FALSE,
          undefinedNode FALSE
        }
      }
  }
}
01000600 08914A00 01088001 2800
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body setup : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        sourceAddress 
        {
          h323-ID : "ptel213"
        },
        sourceInfo 
        {
          vendor 
          {
            vendor 
            {
              t35CountryCode 181,
              t35Extension 0,
              manufacturerCode 18
            }
          },
          gateway 
          {
            protocol 
            {
              h323 : 
                {
                }
            }
          },
          mc FALSE,
          undefinedNode FALSE
        },
        destinationAddress 
        {
          h323-ID : "ptel23@zone2.com"
        },
        destCallSignalAddress ipAddress : 
          {
            ip '66000001'H,
            port 1720
          },
        activeMC FALSE,
        conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H,
        conferenceGoal create : NULL,
        callType pointToPoint : NULL,
        sourceCallSignalAddress ipAddress : 
          {
            ip '65000001'H,
            port 1720
          },
        remoteExtensionAddress h323-ID : "ptel23@zone2.com"
      }
  }
}
00B80600 08914A00 01014006 00700074 0065006C 00320031 00332800 B5000012
40012800 01400F00 70007400 65006C00 32003300 40007A00 6F006E00 65003200
2E006300 6F006D00 66000001 06B8005F C8490FB4 B9D111BF AF0060B0 00E94500
0E070065 00000106 B822400F 00700074 0065006C 00320033 0040007A 006F006E
00650032 002E0063 006F006D 
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body callProceeding : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        destinationInfo 
        {
          gateway 
          {
            protocol 
            {
              h323 : 
                {
                }
            }
          },
          mc FALSE,
          undefinedNode FALSE
        }
      }
  }
}
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body alerting : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        destinationInfo 
        {
          mc FALSE,
          undefinedNode FALSE
        }
      }
  }
}
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body alerting : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        destinationInfo 
        {
          mc FALSE,
          undefinedNode FALSE
        }
      }
  }
}
03000600 08914A00 010000
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body connect : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        h245Address ipAddress : 
          {
            ip '66000001'H,
            port 11011
          },
        destinationInfo 
        {
          gateway 
          {
            protocol 
            {
              h323 : 
                {
                }
            }
          },
          mc FALSE,
          undefinedNode FALSE
        },
        conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H
      }
  }
}
value H323-UserInformation ::= 
{
  h323-uu-pdu 
  {
    h323-message-body connect : 
      {
        protocolIdentifier { 0 0 8 2250 0 1 },
        h245Address ipAddress : 
          {
            ip '65000001'H,
            port 11007
          },
        destinationInfo 
        {
          gateway 
          {
            protocol 
            {
              h323 : 
                {
                }
            }
          },
          mc FALSE,
          undefinedNode FALSE
        },
        conferenceID '5FC8490FB4B9D111BFAF0060B000E945'H
      }
  }
}
02400600 08914A00 01006500 00012AFF 08800128 005FC849 0FB4B9D1 11BFAF00
60B000E9 45
Example 3

The following output shows two proxy call scenarios. A trace is collected on a destination router where both destination proxy and destination Gatekeeper coexist. Both RAS and H.225 traces are enabled for one complete call.
px2#      
      RASLib::RASRecvData: successfully rcvd message of length 80 from 40.0.0.33:1585
      RASLib::RASRecvData: LRQ rcvd from [40.0.0.33:1585] on sock [6880372]
      RASlib::ras_sendto: msg length 111 sent to 40.0.0.33
      RASLib::RASSendLCF: LCF sent to 40.0.0.33
      H225Lib::h225TAccept: TCP connection accepted from 101.0.0.1:11002 on
socket [2]
      H225Lib::h225TAccept: Q.931 Call State is initialized to be [Null].
Hex representation of the received TPKT
030000A60802008005040488988CA56C0591373737377E008D0500B8060008914A000101400
6007000740065006C0032003100332800B50000124001280001400F007000740065006C00320
0330040007A006F006E00650032002E0063006F006D006600000106B8003DC8490FB4B9D111B
FAF0060B000E945000E07006500000106B822400F007000740065006C003200330040007A006
F006E00650032002E0063006F006D
      H225Lib::h225RecvData: Q.931 SETUP received from socket [2]
      H225Lib::h225RecvData: State changed to [Call Present].
      RASlib::ras_sendto: msg length 119 sent to 102.0.0.1
      RASLib::RASSendARQ: ARQ sent to 102.0.0.1
      RASLib::RASRecvData: successfully rcvd message of length 119 from 102.0.0.1:24999
      RASLib::RASRecvData: ARQ rcvd from [102.0.0.1:24999] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 16 sent to 70.0.0.31
      RASLib::RASSendACF: ACF sent to 70.0.0.31
      RASLib::RASRecvData: successfully rcvd message of length 16 from 102.0.0.1:1719
      RASLib::RASRecvData: ACF rcvd from [102.0.0.1:1719] on sock [0x67E6A4]
      RASlib::ras_sendto: msg length 119 sent to 102.0.0.1
      RASLib::RASSendARQ: ARQ sent to 102.0.0.1
      RASLib::RASRecvData: successfully rcvd message of length 119 from 102.0.0.1:24999
      RASLib::RASRecvData: ARQ rcvd from [102.0.0.1:24999] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 16 sent to 70.0.0.31
      RASLib::RASSendACF: ACF sent to 70.0.0.31
      RASLib::RASRecvData: successfully rcvd message of length 16 from 102.0.0.1:1719
      RASLib::RASRecvData: ACF rcvd from [102.0.0.1:1719] on sock [0x67E6A4]
Hex representation of the CALL PROCEEDING TPKT to send.
0300001B08028080027E000F050100060008914A00010880012800
      H225Lib::h225CallProcRequest: Q.931 CALL PROCEEDING sent from socket
[2]. Call state remains unchanged (Q.931 FSM simplified for H.225.0)
      H225Lib::h225TConn: connect in progress on socket [4]
      H225Lib::h225TConn: Q.931 Call State is initialized to be [Null].
Hex representation of the SETUP TPKT to send.
030000A50802008005040388C0A56C0591373737377E008D0500B8060008914A00010140060
07000740065006C0032003100332800B50000124001280001400F007000740065006C0032003
30040007A006F006E00650032002E0063006F006D005A00000D06B8003DC8490FB4B9D111BFA
F0060B000E945000E07006600000106B822400F007000740065006C003200330040007A006F0
06E00650032002E0063006F006D
      H225Lib::h225SetupRequest: Q.931 SETUP sent from socket [4]
      H225Lib::h225SetupRequest: Q.931 Call State changed to [Call Initiated].
      RASLib::RASRecvData: successfully rcvd message of length 123 from 90.0.0.13:1700
      RASLib::RASRecvData: ARQ rcvd from [90.0.0.13:1700] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 16 sent to 90.0.0.13
      RASLib::RASSendACF: ACF sent to 90.0.0.13
Hex representation of the received TPKT
0300001808028080027E000C050100060008914A00010200
      H225Lib::h225RecvData: Q.931 CALL PROCEEDING received from socket [4]
Hex representation of the received TPKT
0300001808028080017E000C050300060008914A00010200
      H225Lib::h225RecvData: Q.931 ALERTING received from socket [4]
      H225Lib::h225RecvData: Q.931 Call State changed to [Call Delivered].
Hex representation of the ALERTING TPKT to send.
0300001808028080017E000C050300060008914A00010000
      H225Lib::h225AlertRequest: Q.931 ALERTING sent from socket [2]. Call
state changed to [Call Received].
Hex representation of the received TPKT
0300003508028080070404889886A57E0023050240060008914A0001005A00000D06A402003
DC8490FB4B9D111BFAF0060B000E945
      H225Lib::h225RecvData: Q.931 CONNECT received from socket [4]
      H225Lib::h225RecvData: Q.931 Call State changed to [Active].
Hex representation of the CONNECT TPKT to send.
030000370802808007040388C0A57E0026050240060008914A000100660000012AFC0880012
8003DC8490FB4B9D111BFAF0060B000E945
      H225Lib::h225SetupResponse: Q.931 CONNECT sent from socket [2]
      H225Lib::h225SetupResponse: Q.931 Call State changed to [Active].
      RASlib::ras_sendto: msg length 108 sent to 102.0.0.1
      RASLib::RASSendIRR: IRR sent to 102.0.0.1
      RASLib::RASRecvData: successfully rcvd message of length 108 from 102.0.0.1:24999
      RASLib::RASRecvData: IRR rcvd from [102.0.0.1:24999] on sock [0x68FC74]
      RASLib::RASRecvData: successfully rcvd message of length 101 from 90.0.0.13:1700
      RASLib::RASRecvData: IRR rcvd from [90.0.0.13:1700] on sock [0x68FC74]
Hex representation of the received TPKT
0300001A080280805A080280107E000A050500060008914A0001
      H225Lib::h225RecvData: Q.931 RELEASE COMPLETE received from socket [2]
      H225Lib::h225RecvData: Q.931 Call State changed to [Null].
      RASlib::ras_sendto: msg length 55 sent to 102.0.0.1
      RASLib::RASSendDRQ: DRQ sent to 102.0.0.1
      H225Lib::h225RecvData: no connection on socket [2]
      RASLib::RASRecvData: successfully rcvd message of length 55 from 102.0.0.1:24999
      RASLib::RASRecvData: DRQ rcvd from [102.0.0.1:24999] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 3 sent to 70.0.0.31
      RASLib::RASSendDCF: DCF sent to 70.0.0.31
Hex representation of the RELEASE COMPLETE TPKT to send.
0300001A080280805A080280107E000A050500060008914A0001
      H225Lib::h225TerminateRequest: Q.931 RELEASE COMPLETE sent from socket [2]. Call 
state changed to [Null].
      H225Lib::h225TClose: TCP connection from socket [2] closed
      RASlib::ras_sendto: msg length 55 sent to 102.0.0.1
      RASLib::RASSendDRQ: DRQ sent to 102.0.0.1
      RASLib::RASRecvData: successfully rcvd message of length 3 from 102.0.0.1:1719
      RASLib::RASRecvData: DCF rcvd from [102.0.0.1:1719] on sock [0x67E6A4]
      RASLib::RASRecvData: successfully rcvd message of length 55 from 102.0.0.1:24999
      RASLib::RASRecvData: DRQ rcvd from [102.0.0.1:24999] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 3 sent to 70.0.0.31
      RASLib::RASSendDCF: DCF sent to 70.0.0.31
      RASLib::RASRecvData: successfully rcvd message of length 3 from 102.0.0.1:1719
      RASLib::RASRecvData: DCF rcvd from [102.0.0.1:1719] on sock [0x67E6A4]
Hex representation of the RELEASE COMPLETE TPKT to send.
0300001A080280805A080280107E000A050500060008914A0001
      H225Lib::h225TerminateRequest: Q.931 RELEASE COMPLETE sent from socket [4]. Call 
state changed to [Null].
      H225Lib::h225TClose: TCP connection from socket [4] closed
      RASLib::RASRecvData: successfully rcvd message of length 55 from 90.0.0.13:1700
      RASLib::RASRecvData: DRQ rcvd from [90.0.0.13:1700] on sock [0x68FC74]
      RASlib::ras_sendto: msg length 3 sent to 90.0.0.13
      RASLib::RASSendDCF: DCF sent to 90.0.0.13
debug h225 events

To display Q.931 events, use the debug h225 events privileged EXEC command. The no form of this command disables debugging output.

debug h225 events
no debug h255 events
Syntax Description

This command has no arguments or keywords.

Command History

Release

Modification

11.3(2)NA

This command was introduced.

12.0(3)T

This command was modified.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following are sample output from the debug h225 events command.

Example 1

The following output shows two proxy call scenarios. A trace is collected on the source proxy with H.225 turned on. The call is being established.
Router# debug h225 events
H.225 Event Messages debugging is on
Router#  H225Lib::h225TAccept: TCP connection accepted from 50.0.0.12:1701 on
socket [2]
      H225Lib::h225TAccept: Q.931 Call State is initialized to be [Null].
Hex representation of the received TPKT
0300007408020001050404889886A56C0580373737377E005B0500B0060008914A000101400
6007000740065006C003200310033020001400F007000740065006C003200330040007A006F0
06E00650032002E0063006F006D004EC8490FB4B9D111BFAF0060B000E945000C07003200000
C06B8
      H225Lib::h225RecvData: Q.931 SETUP received from socket [2]
      H225Lib::h225RecvData: State changed to [Call Present].
Hex representation of the CALL PROCEEDING TPKT to send.
0300001B08028001027E000F050100060008914A00010880012800
      H225Lib::h225CallProcRequest: Q.931 CALL PROCEEDING sent from socket
[2]. Call state remains unchanged (Q.931 FSM simplified for H.225.0)
      H225Lib::h225TConn: connect in progress on socket [4]
      H225Lib::h225TConn: Q.931 Call State is initialized to be [Null].
Hex representation of the SETUP TPKT to send.
030000A60802008405040488988CA56C0591373737377E008D0500B8060008914A000101400
6007000740065006C0032003100332800B50000124001280001400F007000740065006C00320
0330040007A006F006E00650032002E0063006F006D006600000106B8004EC8490FB4B9D111B
FAF0060B000E945000E07006500000106B822400F007000740065006C003200330040007A006
F006E00650032002E0063006F006D
      H225Lib::h225SetupRequest: Q.931 SETUP sent from socket [4]
      H225Lib::h225SetupRequest: Q.931 Call State changed to [Call Initiated].
Hex representation of the received TPKT
0300001B08028084027E000F050100060008914A00010880012800
      H225Lib::h225RecvData: Q.931 CALL PROCEEDING received from socket [4]
Hex representation of the received TPKT
0300001808028084017E000C050300060008914A00010000
      H225Lib::h225RecvData: Q.931 ALERTING received from socket [4]
      H225Lib::h225RecvData: Q.931 Call State changed to [Call Delivered].
Hex representation of the ALERTING TPKT to send.
0300001808028001017E000C050300060008914A00010000
      H225Lib::h225AlertRequest: Q.931 ALERTING sent from socket [2]. Call
state changed to [Call Received].
Hex representation of the received TPKT
030000370802808407040388C0A57E0026050240060008914A000100660000012AFF0880012
8004EC8490FB4B9D111BFAF0060B000E945
      H225Lib::h225RecvData: Q.931 CONNECT received from socket [4]
      H225Lib::h225RecvData: Q.931 Call State changed to [Active].
Hex representation of the CONNECT TPKT to send.
0300003808028001070404889886A57E0026050240060008914A000100650000012AFC08800
128004EC8490FB4B9D111BFAF0060B000E945
      H225Lib::h225SetupResponse: Q.931 CONNECT sent from socket [2]
      H225Lib::h225SetupResponse: Q.931 Call State changed to [Active].
Example 2

The following output shows two proxy call scenarios. A trace is collected on the source proxy with H.225 turned on. The call is being torn down.
Router# debug h225 events
H.225 Event Messages debugging is on
Router#
Hex representation of the received TPKT
0300001A080200015A080200907E000A050500060008914A0001
      H225Lib::h225RecvData: Q.931 RELEASE COMPLETE received from socket [2]
      H225Lib::h225RecvData: Q.931 Call State changed to [Null].
      H225Lib::h225RecvData: no connection on socket [2]
Hex representation of the RELEASE COMPLETE TPKT to send.
0300001A080280015A080280107E000A050500060008914A0001
      H225Lib::h225TerminateRequest: Q.931 RELEASE COMPLETE sent from socket [2]. Call 
state changed to [Null].
      H225Lib::h225TClose: TCP connection from socket [2] closed
Hex representation of the RELEASE COMPLETE TPKT to send.
0300001A080280845A080280107E000A050500060008914A0001
      H225Lib::h225TerminateRequest: Q.931 RELEASE COMPLETE sent from socket [4]. Call 
state changed to [Null].
      H225Lib::h225TClose: TCP connection from socket [4] closed
debug h245 asn1

To display Abstract Syntax Notation One (ASN.1) contents of H.245 messages, use the debug h245 asn1 command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug h245 asn1
no debug h245 asn1
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release

Modification

11.3(2)NA

This command was introduced.

12.0(3)T

This command was integrated into Cisco IOS Release 12.0(3)T.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Caution This command slows the system down considerably. Connections may time out.
debug h245 events

To display H.245 events, use the debug h245 events command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug h245 events
no debug h245 events
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release

Modification

11.3(2)NA

This command was introduced.

12.0(3)T

This command was integrated into Cisco IOS Release 12.0(3)T.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

debug h245 srtp

To display H.245 Secure Real-Time Transport Protocol (SRTP) messages, use the debug h245 srtp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug h245 srtp
no debug h245 srtp
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.4(6)T1

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

To reduce the system impact of the output that this command generates, use the debug h245 srtp command during times of minimal system traffic. To reduce system overhead and redirect logging to an internal buffer, use the logging buffered command.

Use the debug h225 asn1 command to display Abstract Syntax Notation One (ASN.1) contents of H.225 messages.

Use the debug h245 asn1 command to display ASN.1 contents of H.245 messages.

The output from the debug h245 srtp command is primarily used by Cisco technical personnel. See the "Examples" section for an explanation of selected fields.

Examples

The following example displays SRTP messages exchanged during H.225 and H.245 signaling:
Router# debug h245 srtp
H.245 SRTP Messages debugging is on
SY3725_1#
000072: Mar 16 16:46:38.237: //-1/xxxxxxxxxxxx/H323/cch323_post_call_setup_request: 
cch323_post_call_setup_request:1015: SRTP added to ev for stream:SRTP_TX_STREAM.
000073: Mar 16 16:46:38.237: //-1/xxxxxxxxxxxx/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0xB.
000074: Mar 16 16:46:38.237: //-1/xxxxxxxxxxxx/H323/cch323_dump_srtp_media_params: 
The following lines show SRTP media parameters:
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x0,
crypto_suite=0x0,
master_key_len=0x0,
master_salt_len=0x0,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000075: Mar 16 16:46:38.237: //-1/xxxxxxxxxxxx/H323/cch323_dump_srtp_sess_params: 
The following lines show SRTP session parameters:
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x0,
encryptedsrtp=0x0,
encryptedsrtcp=0x0,
fecorder=0x0,
windowsizehint=0x0
000076: Mar 16 16:46:38.237: cch323_post_call_setup_request:993: 
callID = 0x4PeercallID = 0x3params->incomingCallid = 0x3srtp_params_caps = 0x0i=1
000077: Mar 16 16:46:38.237: //-1/xxxxxxxxxxxx/H323/cch323_post_call_setup_request: 
cch323_post_call_setup_request:1021: SRTP NOT added to ev
000078: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_set_srtp_call: 
../voip/cch323/gw/os/src/h323_gw_dialpeer.c:cch323_set_srtp_call:3420: SRTP configuration:
The following lines show SRTP configuration. Fields having a value set to 1 show that SRTP is enabled.
peer->voice_peer_tag = 101, ccb->srtp_call = 1, ccb->srtp_fallback = 1, 
ccb->srtp_transparent = 1 
000079: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_get_caps_chn_info: Local[TX] 
SRTP Info:../voip/cch323/gw/src/cch323_h245_iwf_util.c:cch323_get_caps_chn_info:148
000080: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
The following lines show SRTP capabilities:
crypto_bm=0x1,
codec_bm=0xB.
000081: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x0,
crypto_suite=0x0,
master_key_len=0x0,
master_salt_len=0x0,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000082: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x0,
encryptedsrtp=0x0,
encryptedsrtcp=0x0,
fecorder=0x0,
windowsizehint=0x0
000083: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_get_caps_chn_info: Remote[RX] 
SRTP Info:../voip/cch323/gw/src/cch323_h245_iwf_util.c:cch323_get_caps_chn_info:151
000084: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
The following line shows SRTP capability for the DSP, indicated by the crypto_bm field. A value of 0x0 indicates the DSP is not SRTP capable.
crypto_bm=0x0,
codec_bm=0x0.
000085: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x0,
crypto_suite=0x0,
master_key_len=0x0,
master_salt_len=0x0,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000086: Mar 16 16:46:38.241: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x0,
encryptedsrtp=0x0,
encryptedsrtcp=0x0,
fecorder=0x0,
windowsizehint=0x0
000087: Mar 16 16:46:38.245: 
//4/CCB23DEA8003/H323/cch323_build_local_encoded_fastStartOLCs: 
../voip/cch323/gw/src/cch323_h245_util.c:cch323_build_local_encoded_fastStartOLCs:1518: 
OGW: generating Keys.
000088: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:31: Entry
000089: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: Generated 
SRTP info:../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:83
000090: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0xB.
000091: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000092: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
000093: Mar 16 16:46:38.245: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:86: Exit
000094: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:31: Entry
000095: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: Generated 
SRTP info:../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:83
000096: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x0,
codec_bm=0x0.
000097: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x0,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000098: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
000099: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/cch323_generate_srtp_info: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_generate_srtp_info:86: Exit
000100: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/build_fastStart_OLCs: FWD OLC SRTP 
params:../voip/cch323/gw/src/cch323_h245_util.c:build_fastStart_OLCs:1403
000101: Mar 16 16:46:38.249: //4/CCB23DEA8003/H323/build_fastStart_OLCs: RVR OLC SRTP 
Params:../voip/cch323/gw/src/cch323_h245_util.c:build_fastStart_OLCs:1417
000102: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_build_olc_for_ccapi: 
../voip/cch323/gw/src/cch323_h245_util.c:cch323_build_olc_for_ccapi:1690: WE ARE OGW.
The following lines show the outgoing gateway sending SRTP capabilities:
000103: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_build_olc_for_ccapi: Local SRTP 
Info:../voip/cch323/gw/src/cch323_h245_util.c:cch323_build_olc_for_ccapi:1779
000104: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0xB.
000105: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000106: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
The following lines show that the gateway has received SRTP capabilities from the remote end:
000107: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_build_olc_for_ccapi: Remote SRTP 
Info:../voip/cch323/gw/src/cch323_h245_util.c:cch323_build_olc_for_ccapi:1783
000108: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0x1.
000109: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000110: Mar 16 16:46:38.301: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
000111: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/h323_common_setup_rtcp_parameters: 
../voip/cch323/gw/os/src/h323_gw_rtpapi.c:h323_common_setup_rtcp_parameters:378:olc->rtcp_
session.srtp_services:3
000112: Mar 16 16:46:38.305: vtsp_call_ssrc_update: updated ssrc=0x5227F02
000113: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:369: Entry
000114: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:416: TX [Local] SRTP 
Info .
000115: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000116: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:448: RX [Remote] SRTP 
Info .
000117: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000118: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
% SRTP Library session creation, id:0x80000002, context:0x653E0CF8, num_context=2, 
rtp:0x653D2CF4, rtp_session:0x66D79B00
000119: Mar 16 16:46:38.305: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:514: Exit
000120: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/h323_common_setup_rtcp_parameters: 
../voip/cch323/gw/os/src/h323_gw_rtpapi.c:h323_common_setup_rtcp_parameters:378:olc->rtcp_
session.srtp_services:3
000121: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:369: Entry
000122: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:416: TX [Local] SRTP 
Info .
000123: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000124: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:448: RX [Remote] SRTP 
Info .
000125: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000126: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
% SRTP Library session update with 2 keysid:0x80000002 context:0x653E0CF8
000127: Mar 16 16:46:38.313: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:514: Exit
000128: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/h323_common_setup_rtcp_parameters: 
../voip/cch323/gw/os/src/h323_gw_rtpapi.c:h323_common_setup_rtcp_parameters:378:olc->rtcp_
session.srtp_services:3
000129: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:369: Entry
000130: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:416: TX [Local] SRTP 
Info .
000131: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000132: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:448: RX [Remote] SRTP 
Info .
000133: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000134: Mar 16 16:46:38.317: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
% SRTP Library session update with 2 keysid:0x80000002 context:0x653E0CF8
000135: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_setup_srtp_session: 
../voip/cch323/gw/os/src/h323_gw_srtpapi.c:cch323_setup_srtp_session:514: Exit
000136: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_h245_cap_ind: Updated 
CCB(0x66D8D2D4) with TCS Remote SRTP Info:
000137: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0xB.
000138: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000139: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
000140: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_update_tcs_nonstd_info: 
cch323_update_tcs_nonstd_info:5800: Posting TCS SRTP caps to other callleg.
000141: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_caps: 
crypto_bm=0x1,
codec_bm=0xB.
000142: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_media_params: 
ssrc_sel=0x0,
srtp_ssrc=0x0,
crypto_services=0x3,
crypto_suite=0x1,
master_key_len=0x10,
master_salt_len=0xE,
master_key=0xxxxxxxxxxxxxxxxx,
master_salt=0xxxxxxxxxxxxxxx
000143: Mar 16 16:46:38.321: //4/CCB23DEA8003/H323/cch323_dump_srtp_sess_params: 
lifetime=0x0,
mki=0x,
mki_length=0x0,
kdr=0x18,
encryptedsrtp=0x1,
encryptedsrtcp=0x1,
fecorder=0x0,
windowsizehint=0x40
000144: Mar 16 16:46:38.325: //4/CCB23DEA8003/H323/cch323_h245_cap_ind: 
cch323_h245_cap_ind:360 cch323_update_tcs_nonstd_info failed
Related Commands

Command

Description

debug h225 asn1

Displays ASN.1 contents of H.225 messages.

debug h245 asn1

Displays ASN.1 contents of H.245 messages.

logging buffered

Enables system message logging to a local buffer.

srtp (voice)

Enables secure calls globally.

srtp (dial-peer)

Enables secure calls for a specific dial peer.

debug h323-annexg

To display all pertinent Annex G messages that have been transmitted and received, use the debug h323-annexg command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug h323-annexg {asn1 | errors | events | inout}
no debug h323-annexg
Syntax Description

asn1

Displays the Annex G ASN.1 messages.

errors

Displays the Annex G error messages encountered during processing.

events

Displays the Annex G events received from the state machine.

inout

(Optional) This functionality is not yet implemented.

.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(2)XA

This command was introduced.

12.2(4)T

This command was integrated into Cisco IOS Release 12.2(4)T.

12.2(2)XB1

This command was implemented on the Cisco AS5850.

12.2(11)T

This command was implemented on the Cisco AS5850.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug h323-annexg events command:
Router# debug h323-annexg events
Aug 16 14:03:40.983:be_process:BE QUEUE_EVENT (minor 73) wakeup
Aug 16 14:03:40.983:be_sm:Received event BE_EV_DO_QUERY
Aug 16 14:03:40.983:<- query_neighbor:Sent descriptorIDRequest to
172.18.195.46:2099 [320]
Aug 16 14:03:40.983:be_sm:Started query-timer of 1 minutes for
neighbor at 172.18.195.46 
Aug 16 14:03:40.991:-> nxg_recv_msg:Rcvd dscrptrIDCnfrmtn from
172.18.195.46:2099 [320]
Aug 16 14:03:41.531:<- send_descriptor_request:Sent descriptorRequest
to 172.18.195.46:2099 [321]
Aug 16 14:03:41.539:-> nxg_recv_msg:Rcvd descriptorConfirmation from
172.18.195.46:2099 [321]
Aug 16 14:03:41.539:handle_descriptor_cfm:Descriptor from neighbor
172.18.195.46 unchanged, TTL is 60 Seconds
Related Commands

Command

Description

emulate

Displays all pertinent Annex E messages that have been transmitted and received.

debug hccp timing

To display debug messages for the timing of HCCP events, use the debug hccp timing command in privileged EXEC mode. To disable the debug message output, use the no form of this command.

debug hccp timing [if-config]
no debug hccp timing [if-config]
Syntax Description

if-config

(Optional) Displays debugging messages showing the timing of the reconfiguration of cable interfaces during HCCP redundancy operations.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.1(3a)EC

This command was introduced.

12.2(4)XF1, 12.2(4)BC1

Support was added for the N+1 (1:n) RF Switch with the Cisco uBR10012 router.

12.2(11)BC1

Support was added for the N+1 (1:n) RF Switch with the Cisco uBR7246VXR router.

12.2(15)BC1

The if-config option was added.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

You must activate the debug hccp events command before the debug hccp timing command will generate any debug message output.

Examples

The following example shows typical output for the debug hccp timing command:
Router# debug hccp events 
Router# debug hccp timing 
HCCP timing measurement debugging is on
May 31 10:21:07.609 HCCP P is busy. Deactivating 1 6
May 31 10:21:07.609 HCCP P is busy. Deactivating 2 6
May 31 10:21:08.705 HCCP hwif_goingdown for Cable8/1/0. Deactivate 1 6
May 31 10:21:08.705 HCCP hwif_goingdown for Cable8/1/1. Deactivate 2 6
May 31 10:21:08.773 HCCP 2 6 Working: become standby - 68 msec
May 31 10:21:08.793 HCCP 1 6 Working: become standby - 20 msec
May 31 10:21:10.730 HCCP 1 1 Working: turn on "uc" - 8 msec
May 31 10:21:10.730 HCCP 1 1 Working: turn on "nru" - 0 msec
May 31 10:21:10.734 HCCP 1 1 Working: become active - 4 msec
May 31 10:21:10.774 HCCP 2 1 Working: turn on "uc" - 52 msec
May 31 10:21:10.774 HCCP 2 1 Working: turn on "nru" - 0 msec
May 31 10:21:10.774 HCCP 2 1 Working: become active - 0 msec
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 1
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 6
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 3
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 2
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 5
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/0. Deactivate 1 4
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 1
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 3
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 6
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 2
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 4
May 31 10:21:12.350 HCCP hwif_goingdown for Cable5/1/1. Deactivate 2 5
May 31 10:21:13.726 HCCP 1 1 Protect: turn off "uc" - 1972 msec
May 31 10:21:13.790 HCCP 2 1 Protect: turn off "uc" - 2036 msec
May 31 10:21:14.422 HCCP 1 1 Protect: turn off "nru" - 696 msec
May 31 10:21:14.422 HCCP 1 1 Protect: unload config (if) - 0 msec
May 31 10:21:14.438 HCCP 1 1 Protect: unload config (subif) - 16 msec
May 31 10:21:14.702 HCCP 1 1 Protect: unload config (ds) - 264 msec
May 31 10:21:14.702 HCCP 1 1 Protect: become standby - 0 msec
May 31 10:21:16.078 HCCP 2 1 Protect: turn off "nru" - 2288 msec
May 31 10:21:16.078 HCCP 2 1 Protect: unload config (if) - 0 msec
May 31 10:21:16.078 HCCP 2 1 Protect: unload config (subif) - 0 msec
May 31 10:21:16.599 HCCP 2 1 Protect: unload config (ds) - 520 msec
May 31 10:21:16.599 HCCP 2 1 Protect: become standby - 0 msec 
May 31 10:21:17.014 HCCP: P missed hello ack in LEARN state and is locked. Deactivate 4 1
May 31 10:21:17.014 HCCP 4 1 Protect: turn off "rfswitch" - 52 msec
May 31 10:21:17.593 HCCP 3 1 Working: turn on "rfswitch" - 0 msec
May 31 10:21:17.593 HCCP 3 1 Working: become active - 0 msec
May 31 10:21:18.112 HCCP 1 1 Protect: load config (if) - 0 msec
May 31 10:21:18.112 HCCP 1 1 Protect: load config (subif) - 4 msec
May 31 10:21:18.331 HCCP 1 1 Protect: load config (ds) - 100 msec
May 31 10:21:18.331 HCCP 2 1 Working: turn off "rfswitch" - 0 msec
May 31 10:21:18.331 HCCP 2 Cable5/0/1 Protect: resolve conflict Learn->Teach
May 31 10:21:18.331 HCCP 2 1 Protect: load config (if) - 0 msec
May 31 10:21:18.331 HCCP 2 1 Protect: load config (subif) - 0 msec
May 31 10:21:19.691 HCCP 2 1 Protect: load config (ds) - 76 msec
May 31 10:21:20.112 HCCP 2 1 Protect: turn on "rfswitch" - 48 msec
May 31 10:21:20.112 HCCP 2 1 Protect: become active - 0 msec
May 31 10:21:20.112 HCCP 2 1 Protect: load config (ds) - 76 msec
May 31 10:21:20.112 HCCP 2 1 Protect: turn on "rfswitch" - 48 msec
May 31 10:21:20.112 HCCP 2 1 Protect: become active - 0 msec
The following example shows typical output for the debug hccp timing if-config command:
Router# debug hccp events 
Router# debug hccp timing if-config 
HCCP Timing measurements messages of (UN)LOAD IF config CLI is on 
HCCP 1 1 Working: unload config (ds) - 112 msec
HCCP 1 1 Protect: load config (ds) - 123 msec 
HCCP 1 1 Protect: load config (chnl set freq) - 35 msec 
Related Commands

Command

Description

debug hccp authentication

Displays authentication debug messages for HCCP groups.

debug hccp channel-switch

Displays debug messages related to an RF or channel switch that is being used for HCCP N+1 (1:n) redundancy.

debug hccp events

Displays debug messages for all HCCP group interaction.

debug hccp inter-db

Displays debug messages for the inter-database events during HCCP operations.

debug hccp plane

Displays debug messages for HCCP-related messages sent between the router's control plane and data backplane.

debug hccp sync

Displays debug messages for HCCP synchronization messages.

debug hpi

Note Effective with release 12.3(8)T, the debug hpi command is replaced by the debug voip hpi command. See the debug voip hpi command for more information.

To enable debugging for Host Port Interface (HPI) message events, use the debug hpi command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug hpi {all | buffer size | capture | command | destination url | detail | error | notification | response | stats}
no debug hpi {all | buffer size | capture | command | destination url | detail | error | notification | response | stats}
Syntax Description

all

Enables all HPI debug options (command, detail, error, notification, and response).

buffer size

Sets the maximum amount of memory (in bytes) that the capture system allocates for its buffers when it is active. Valid size range is from 0 to 9000000. Default is 0.

capture

Displays HPI capture.

command

Displays commands that are being sent to the 54x DSP.

destination url

Turns capture on if it was off and sends the output to the specified URL. If capture was previously enabled for a different URL, the existing URL is closed, the new URL is opened, and output is sent to the new URL.

detail

Displays additional detail for the HPI debugs that are enabled.

error

Displays any HPI errors.

notification

Displays notification messages sent that are from the 54x DSP (for example, tone detection notification).

response

Displays responses (to commands) that are sent by the 54x DSP (for example, responses to statistic requests).

stats

Displays HPI statistics.

Defaults

This command is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.1(5)XM

This command was introduced on the Cisco AS5300 and Cisco AS5800.

12.2(2)T

This command was implemented on the Cisco 1700, Cisco 2600 series, Cisco 3600 series, and the Cisco MC3810. The stats keyword was added.

12.2(10), 12.2(11)T

This command was implemented on the Cisco 827, Cisco 2400, Cisco 7200 series, and Cisco CVA 120. The following keywords were added: buffer, capture, and destination.

12.3(8)T

This command was replaced by the debug voip hpi command.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command enables debugging for HPI message events, which are used to communicate with digital signal processors (DSPs).

When used with the Voice DSP Contol Message Logger feature, the debug hpi buffer command sets the maximum amount of memory (in bytes) that the capture system can allocate for its buffers when it is active. The debug hpi capture destination url command turns capture on if it was off and sends the output to the given URL. If capture was previously enabled for a different URL, the existing URL is closed, the new URL is opened, and output is sent to the new URL.

When you use the no debug hpi capture command, the capture option is turned off if it was on, any open files are closed, and any allocated memory is released.

Use the debug hpi all command to view gateway DSP modem relay termination codes. The DSP-to-host messages for the modem relay termination indicate to the host the modem relay session termination time, physical or link layer, and other probable causes for disconnection. On receiving this indication from the DSP, the host can disconnect the call or place the channel in the modem passthrough state.

When this command is used on a Cisco AS5300 during a calling session, the Cisco AS5300 displays the following information (of severity 6 whereas ordinary debug information is severity 7) on the screen by default:
2w6d:%ISDN-6-DISCONNECT:Interface Serial0:18  disconnected from 22022 , call lasted 12 
seconds
2w6d:%ISDN-6-DISCONNECT:Interface Serial1:9  disconnected from 32010 , call lasted 14 
seconds
2w6d:%ISDN-6-CONNECT:Interface Serial3:2 is now connected to 52003
2w6d:%ISDN-6-CONNECT:Interface Serial2:11 is now connected to 42002
To disable this default information on the Cisco AS5300 and to block the display of the debug hpi capture and show voice hpi capture commands, set the login console to a severity lower than 6.

Examples

The following example turns on the debug output from capture routines:
Router# debug hpi capture
HPI Capture/Logger debugging is on
Related Commands

Command

Description

show voice hpi capture

Verifies capture status and statistics.

debug http client

To display debugging messages for the HTTP client, use the debug http client command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug http client {all | api | background | cache | error | main | msg | socket}
no debug http client {all | api | background | cache | error | main | msg | socket}
Syntax Description

all

Displays all debugging messages for the HTTP client.

api

Displays debugging information for the HTTP client application programming interface (API) process.

background

Displays background messages.

cache

Displays debugging information for the HTTP client cache module.

error

Displays the HTTP client error messages.

main

Displays debugging information for the HTTP client main process.

msg

Displays the HTTP client messages.

socket

Displays the HTTP client socket messages.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(2)XB

This command was introduced on the Cisco AS5300, Cisco AS5350, and Cisco AS5400.

12.2(11)T

This command was implemented on the Cisco 3640 and Cisco 3660, and the background keyword was added.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The output of this command is effected by the debug condition application voice command. If the debug condition application voice command is configured and the <cisco-debug> element is enabled in the VoiceXML document, debugging output is limited to the VoiceXML application named in the debug condition application voice command.

Note We recommend that you log output from the debug http client msg and debug http client socket commands to a buffer, rather than sending the output to the console; otherwise, the size of the output could severely impact the performance of the gateway.

Examples

The following is sample output from the debug http client api command:
Router# debug http client api
HTTP Client API Process debugging is on
*Jan  3 10:58:48.609: httpc_send_ev: event sent to HTTP Client:
*Jan  3 10:58:48.609:     method (GET), url (http://serverX.com/vxml/test/prompts/9.au)
*Jan  3 10:58:48.609:     callback (61008E78), argp (63590DB4), sid (0), timeout (60),
retries (2)
*Jan  3 10:58:48.609: httpc_free: app freeing response data(626FA608)
*Jan  3 10:58:59.353: httpc_send_ev: event sent to HTTP Client:
*Jan  3 10:58:59.353:     method (GET), url (http://1.7.100.1/vxml/test/dropoffRecord)
*Jan  3 10:58:59.353:     callback (61008E78), argp (6393B684), sid (0), timeout (60),
retries (0)
*Jan  3 10:58:59.369: httpc_free: app freeing response data(626F9348)
*Jan  3 10:59:45.033: httpc_send_ev: event sent to HTTP Client:
*Jan  3 10:59:45.033:     method (POST), url
(http://rtsp-ws/dropoffAppend.php?append=&disconnect=1)
*Jan  3 10:59:45.033:     callback (60FE9064), argp (63448820), sid (7179), timeout (0),
retries (0)
*Jan  3 10:59:57.369: httpc_free: app freeing response data(626F9340)
The following is sample output from the debug http client cache command:
Router# debug http client cache
HTTP Client Cache Module debugging is on
*Jan  3 11:53:52.817: httpc_cache_rsp_return:
cache(626F8E50)URL:http://serverX.com/vxml/test/root.vxml
*Jan  3 11:53:52.829: httpc_cache_entry_free:
cache(626F8B30)URL:http://serverX.com/vxml/test/getPhoneInfo.vxml?ani=1234567&dnis=7654321
*Jan  3 11:53:52.837: httpc_cache_entry_free:
cache(626F9710)URL:http://1.7.100.1/vxml/test/engine.vxml?flow=iso
*Jan  3 11:53:52.853: httpc_cache_rsp_return:
cache(626F8B30)URL:http://1.7.100.1/vxml/test/root.vxml
*Jan  3 11:53:52.873: httpc_cache_rsp_return:
cache(626F9030)URL:http://1.7.100.1/vxml/test/getExtension.vxml
*Jan  3 11:53:59.517: httpc_cache_entry_free:
cache(626F9170)URL:http://1.7.100.1/vxml/test/checkExtension.vxml?extension=1234&attempt=1
*Jan  3 11:53:59.545: httpc_cache_rsp_return:
cache(626F9A30)URL:http://1.7.100.1/vxml/test/dropoff.vxml
*Jan  3 11:54:10.361: httpc_cache_rsp_return:
cache(626F9DF0)URL:http://serverX.com/vxml/test/init.vxml
*Jan  3 11:54:10.361: httpc_cache_rsp_return:
cache(626FA430)URL:http://1.7.100.1/vxml/test/dropoffRecord
*Jan  4 00:20:23.474: httpc_cache_store: entry(http://ServerY.com/vxml/init.vxml)
size(10114 bytes) is too large to cache. 
The following is sample output from the debug http client main command:
Router# debug http client main
HTTP Client Main Process debugging is on
*Jan  3 11:56:05.885: httpc_get, url: http://serverX.com/vxml/test/root.vxml
*Jan  3 11:56:05.889: httpc_msg_send, sid: 0, method: 83951618
*Jan  3 11:56:05.889: httpc_enqueue_wmsg, sid: 0, method: 83951618
*Jan  3 11:56:05.893: httpc_process_write_queue, socket writeble fd: 0, process enqueued
msg, sid: 0, method: 83951618
*Jan  3 11:56:05.893: httpc_msg_write, sid: 0, method: 83951618
*Jan  3 11:56:05.901: HTTPC_MSG_COMPLETE:
rsp_code(304),msg(62C9C25C)URL:http://serverX.com/vxml/test/root.vxml, fd(0)
*Jan  3 11:56:05.901: httpc_process_redirect_rsp:
msg(62C9C25C)URL:http://serverX.com/vxml/test/root.vxml, response code
HTTPC_NOT_MODIFIED_304
*Jan  3 11:56:05.913: httpc_get, url:
http://serverX.com/vxml/test/getPhoneInfo.vxml?ani=1234567&dnis=7654321
*Jan  3 11:56:05.917: httpc_msg_send, sid: 0, method: 65538
*Jan  3 11:56:05.917: httpc_enqueue_wmsg, sid: 0, method: 65538
*Jan  3 11:56:05.917: httpc_process_write_queue, socket writeble fd: 1, process enqueued 
msg,
                           sid: 0, method: 65538
*Jan  3 11:56:05.917: httpc_msg_write, sid: 0, method: 65538
*Jan  3 11:56:05.925: HTTPC_MSG_COMPLETE:
rsp_code(200),msg(62CB5824)URL:http://serverX.com/vxml/test/getPhoneInfo.vxml?ani=1234567&
dnis=7654321, fd(1)
*Jan  3 11:56:05.929: httpc_get, url: http://1.7.100.1/vxml/test/engine.vxml?flow=iso
*Jan  3 11:56:05.929: httpc_msg_send, sid: 0, method: 65538
*Jan  3 11:56:05.929: httpc_enqueue_wmsg, sid: 0, method: 65538
*Jan  3 11:56:05.929: httpc_process_free_rsp: User returns noncache response (626F9670)
*Jan  3 11:56:05.929: httpc_process_write_queue, socket writeble fd: 1, process enqueued
msg,
                           sid: 0, method: 65538
*Jan  3 11:56:05.929: httpc_msg_write, sid: 0, method: 65538
*Jan  3 11:56:05.937: HTTPC_MSG_COMPLETE:
rsp_code(200),msg(62CB03AC)URL:http://1.7.100.1/vxml/test/engine.vxml?flow=iso, fd(1)
The following is sample output from the debug http client msg command:
Router# debug http client msg
HTTP Client:
  HTTP Client Messages debugging is on
*Jan  1 05:07:30.534: HTTP Client write buffer fd(0):
GET /vxml/abcdefg/test/init.vxml HTTP/1.1
Host: c5300-2
Content-Type: application/x-www-form-urlencoded
Connection: Keep-Alive
Accept: text/vxml; level = 1, text/plain, text/html, audio/basic
User-Agent: Cisco-IOS-C5300/12.2(20010829:180555) VoiceXML/1.0
*Jan  1 05:07:30.538: about to send data to socket 0 : 
first 263 bytes of data: 
62397130:                            47455420              GET 
62397140: 2F76786D 6C2F6162 63646566 672F7465  /vxml/abcdefg/te
62397150: 73742F69 6E69742E 76786D6C 20485454  st/init.vxml HTT
62397160: 502F312E 310D0A48 6F73743A 20633533  P/1.1..Host: c53
62397170: 30302D32 0D0A436F 6E74656E 742D5479  00-2..Content-Ty
62397180: 70653A20 6170706C 69636174 696F6E2F  pe: application/
62397190: 782D7777 772D666F 726D2D75 726C656E  x-www-form-urlen
623971A0: 636F6465 640D0A43 6F6E6E65 6374696F  coded..Connectio
623971B0: 6E3A204B 6565702D 416C6976 650D0A41  n: Keep-Alive..A
623971C0: 63636570 743A2074 6578742F 76786D6C  ccept: text/vxml
623971D0: 3B206C65 76656C20 3D20312C 20746578  ; level = 1, tex
623971E0: 742F706C 61696E2C 20746578 742F6874  t/plain, text/ht
623971F0: 6D6C2C20 61756469 6F2F6261 7369630D  ml, audio/basic.
62397200: 0A557365 722D4167 656E743A 20436973  .User-Agent: Cis
62397210: 636F2D49 4F532D43 35333030 2F31322E  co-IOS-C5300/12.
62397220: 32283230 30313038 32393A31 38303535  2(20010829:18055
62397230: 35292056 6F696365 584D4C2F 312E300D  5) VoiceXML/1.0.
62397240: 0A0D0A00                             ....            
*Jan  1 05:07:30.546: read data from socket 0 : 
first 400 bytes of data: 
628DE8F0:          48545450 2F312E31 20323030      HTTP/1.1 200
628DE900: 204F4B0D 0A446174 653A2046 72692C20   OK..Date: Fri, 
628DE910: 33312041 75672032 30303120 30373A30  31 Aug 2001 07:0
628DE920: 363A3335 20474D54 0D0A5365 72766572  6:35 GMT..Server
628DE930: 3A204170 61636865 2F312E33 2E313120  : Apache/1.3.11 
628DE940: 28556E69 78292041 70616368 654A5365  (Unix) ApacheJSe
628DE950: 72762F31 2E300D0A 4C617374 2D4D6F64  rv/1.0..Last-Mod
628DE960: 69666965 643A2057 65642C20 3233204D  ified: Wed, 23 M
628DE970: 61792032 30303120 31353A35 333A3233  ay 2001 15:53:23
628DE980: 20474D54 0D0A4554 61673A20 22323430   GMT..ETag: "240
628DE990: 37642D31 39322D33 62306264 63663322  7d-192-3b0bdcf3"
628DE9A0: 0D0A4163 63657074 2D52616E 6765733A  ..Accept-Ranges:
628DE9B0: 20627974 65730D0A 436F6E74 656E742D   bytes..Content-
628DE9C0: 4C656E67 74683A20 3430320D 0A4B6565  Length: 402..Kee
628DE9D0: 702D416C 6976653A 2074696D 656F7574  p-Alive: timeout
628DE9E0: 3D352C20 6D61783D 31300D0A 436F6E6E  =5, max=10..Conn
628DE9F0: 65637469 6F6E3A20 4B656570 2D416C69  ection: Keep-Ali
628DEA00: 76650D0A 436F6E74 656E742D 54797065  ve..Content-Type
628DEA10: 3A207465 78742F76 786D6C0D 0A0D0A3C  : text/vxml....<
628DEA20: 3F786D6C 20766572 73696F6E 3D22312E  ?xml version="1.
628DEA30: 30223F3E 0A3C7678 6D6C2076 65727369  0"?>.<vxml versi
628DEA40: 6F6E3D22 312E3022 20617070 6C696361  on="1.0" applica
628DEA50: 74696F6E 3D22726F 6F742E76 786D6C22  tion="root.vxml"
628DEA60: 3E0A2020 3C666F72 6D3E0A20 2020203C  >.  <form>.    <
628DEA70: 626C6F63 6B3E0A20 20202020 203C212D  block>.      <!-
628DEA80: 2D0A2020 20                          -.              
*Jan  1 05:07:30.550: httpc_decode_msgheader: Client ignores this header: Server:
Apache/1.3.11 (Unix) ApacheJServ/1.0
*Jan  1 05:07:30.554: httpc_decode_msgheader: Client ignores this header: Accept-Ranges:
bytes
*Jan  1 05:07:30.554: processing server rsp msg:
msg(62C711C4)URL:http://vvv.com/vxml/abcdefg/test/init.vxml, fd(0):
*Jan  1 05:07:30.554: Request msg: GET /vxml/abcdefg/test/init.vxml HTTP/1.1
*Jan  1 05:07:30.554: Message Response Code: 200
*Jan  1 05:07:30.554: Message Rsp Decoded Headers:
*Jan  1 05:07:30.554: Date:Fri, 31 Aug 2001 07:06:35 GMT
*Jan  1 05:07:30.554: Content-Length:402
*Jan  1 05:07:30.554: Content-Type:text/vxml
*Jan  1 05:07:30.554: ETag:"2407d-192-3b0bdcf3"
*Jan  1 05:07:30.554: Last-Modified:Wed, 23 May 2001 15:53:23 GMT
*Jan  1 05:07:30.554: Connection:Keep-Alive
*Jan  1 05:07:30.554: Keep-Alive:timeout=5, max=10
*Jan  1 05:07:30.554: httpc_dump_msg: headers:
*Jan  1 05:07:30.554: HTTP/1.1 200 OK
Date: Fri, 31 Aug 2001 07:06:35 GMT
Server: Apache/1.3.11 (Unix) ApacheJServ/1.0
Last-Modified: Wed, 23 May 2001 15:53:23 GMT
ETag: "2407d-192-3b0bdcf3"
Accept-Ranges: bytes
Content-Length: 402
Keep-Alive: timeout=5, max=10
Connection: Keep-Alive
Content-Type: text/vxml
*Jan  1 05:07:30.558: httpc_dump_msg: body:
*Jan  1 05:07:30.558: <?xml version="1.0"?>
<vxml version="1.0" application="root.vxml">
  <form>
    <block>
      
      <var name="ani" expr="1234567"/>
      <var name="dnis" expr="7654321"/>
      <submit next="getPhoneInfo.vxml" method="get" namelist="ani dnis"/>
    </block>
  </form>
</vxml>
The following is sample output from the debug http client socket command:
Router# debug http client socket
HTTP Client Sockets debugging is on
*Jan  3 11:32:38.353: httpc_process_read_ev: HTTPC SOCK_PENDING --> SOCK_CONNECTED fd(0) 
port(80)
*Jan  3 11:32:38.377: httpc_process_read_ev: HTTPC SOCK_PENDING --> SOCK_CONNECTED fd(1) 
port(80)
*Jan  3 11:32:38.381: httpc_socket_cleanup: fd(1)
*Jan  3 11:32:38.389: httpc_process_read_ev: HTTPC SOCK_PENDING --> SOCK_CONNECTED fd(1) 
port(80)
*Jan  3 11:32:38.393: httpc_socket_cleanup: fd(1)
*Jan  3 11:32:38.397: httpc_process_read_ev: HTTPC SOCK_PENDING --> SOCK_CONNECTED fd(1) 
port(80)
*Jan  3 11:32:40.361: httpc_socket_cleanup: fd(0)
*Jan  3 11:32:40.413: httpc_socket_cleanup: fd(1)
*Jan  3 11:40:43.557: httpc socket_connect failed fd(2)     
The following is sample output from the debug http client error command:
Router# debug http client error
HTTP Client Error debugging is on
*Jan  3 12:07:40.209: HTTPC URL:http://serverX.com/vxml/test.vxml, Server rsp_code(404), 
fd(0)
*Jan  3 12:08:01.677: HTTPC SOCK_FAIL() - msg(62CA5FB4)URL:http://serverX/vxml/test.vxml
*Jan  3 12:08:01.677: httpc_free: NULL pointer argument
*Jan  3 12:08:01.677: HTTPC URL:http://serverX/vxml/test.vxml, MSG_XMIT_ERROR, fd(-1)
Jan   3 23:44:06 PDT: HTTPC 
URL:http://serverY.com:9000/ivr/sid-351/dropoffDeposit?pri=0&disconnect=1, TIMEOUT(60000 
msec), fd(-1)
Jan   3 23:44:07 PDT: HTTPC msg timeout waiting for rsp - fd(21)
Jan   3 23:44:07 PDT: httpc_free: NULL pointer argument
Jan   4 02:45:07 PDT: HTTPC msg timeout waiting for rsp - fd(0)
Jan   4 02:45:07 PDT: HTTPC URL:http://rtsp-ws/dropoffAppend.php?append=&disconnect=1, 
TIMEOUT(10000 msec), fd(-1)
Jan   4 02:46:07 PDT: httpc_msg_read: URL(http://1.7.100.1/vxml/root.vxml) - msg length 
not available.Failed to parse message body.
Jan   4 02:46:07 PDT: httpc_msg_read: ERROR - DECODE
Jan   4 02:46:08 PDT: HTTPC bad message read - fd(6), conp(632A93B4), 
msg(63280794)URL:http://1.7.100.1/vxml/test/root.vxml, len(1611)
Jan   4 02:46:08 PDT: First 400 bytes read from socket:
6241D9C0:                              3C3F78               <?x
6241D9D0: 6D6C2076 65727369 6F6E3D22 312E3022  ml version="1.0"
6241D9E0: 3F3E0A3C 76786D6C 20766572 73696F6E  ?>.<vxml version
6241D9F0: 3D22312E 30223E0A 0A20203C 70726F70  ="1.0">..  <prop
6241DA00: 65727479 206E616D 653D2263 61636869  erty name="cachi
6241DA10: 6E672220 76616C75 653D2273 61666522  ng" value="safe"
6241DA20: 2F3E0A20 203C7072 6F706572 7479206E  />.  <property n
6241DA30: 616D653D 2274696D 656F7574 22207661  ame="timeout" va
6241DA40: 6C75653D 22333073 222F3E0A 20203C70  lue="30s"/>.  <p
6241DA50: 726F7065 72747920 6E616D65 3D226665  roperty name="fe
6241DA60: 74636874 696D656F 75742220 76616C75  tchtimeout" valu
6241DA70: 653D2236 3073222F 3E0A2020 3C70726F  e="60s"/>.  <pro
6241DA80: 70657274 79206E61 6D653D22 696E7075  perty name="inpu
6241DA90: 746D6F64 65732220 76616C75 653D2264  tmodes" value="d
6241DAA0: 746D6622 2F3E0A0A 20203C76 6172206E  tmf"/>..  <var n
6241DAB0: 616D653D 22736964 22206578 70723D22  ame="sid" expr="
6241DAC0: 27313131 31312722 2F3E0A20 203C7661  '11111'"/>.  <va
6241DAD0: 72206E61 6D653D22 6C632220 65787072  r name="lc" expr
6241DAE0: 3D222765 6E2D7573 27222F3E 0A20203C  ="'en-us'"/>.  <
6241DAF0: 76617220 6E616D65 3D226861 6E646C65  var name="handle
6241DB00: 22206578 70723D22 74727565 222F3E0A  " expr="true"/>.
6241DB10: 0A20203C 63617463 68206576 656E743D  .  <catch event=
6241DB20: 2274656C 6570686F 6E652E64 6973636F  "telephone.disco
6241DB30: 6E6E6563 74222063 6F6E643D 2268616E  nnect" cond="han
6241DB40: 646C6522 3E0A2020 20203C61 73736967  dle">.    <assig
6241DB50: 6E206E61 6D653D22 68616E64 6C65      n name="handle  
Jan   4 02:47:08 PDT: httpc_free: NULL pointer argument
Jan   4 02:47:09 PDT: HTTPC URL:http://1.7.100.1/vxml/test/root.vxml, MSG_DECODE_ERROR, 
fd(6)
Jan   4 03:47:09 PDT: WARNING:httpc_msg_retry: 
msg(6325CDD4):http://vvv.com/vxml/prompts/5.au 
Related Commands

Command

Description

debug condition application voice

Displays debugging messages for only the specified VoiceXML application.

debug voip ivr

Displays debugging messages for VoIP IVR interactions.

debug vxml

Displays debugging messages for VoIP VoiceXML interactions.

debug http client cookie

To display debugging traces for cookie-related processes, including sending, receiving, validating, storing, and expiring a cookie, use the debug http client cookie command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug http client cookie
no debug http client cookie
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.3(8)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following sample output from the debug http client cookie command shows that a cookie is being received and stored:
Router# debug http client cookie 
*May  6 23:23:41.995: //38//HTTPC:/httpc_decode_msgheader: received
cookie:TestCookieX=username; path=/; domain=.cisco.com
URL:http://rtsp-ws.cisco.com/cookie.php
*May  6 23:23:41.995: //38//HTTPC:/httpc_decode_msgheader: received
cookie:TestCookieY=password; expires=Thu, 06-May-04 22:30:47 GMT; path=/;
domain=.cisco.com URL:http://rtsp-ws.cisco.com/cookie.php
*May  6 23:23:41.995: //38//HTTPC:/httpc_cookie_store: validating
cookie:TestCookieX=username; path=/; domain=.cisco.com
*May  6 23:23:41.995: //38//HTTPC:/httpc_cookie_store: store cookie:TestCookieX=username
path=/ domain=.cisco.com
*May  6 23:23:41.995: //38//HTTPC:/httpc_cookie_store: 
rtsp-7#validating cookie:TestCookieY=password; expires=Thu, 06-May-04 22:30:47 GMT;
path=/; domain=.cisco.com
*May  6 23:23:41.995: //38//HTTPC:/httpc_cookie_store: store cookie:TestCookieY=password
path=/ domain=.cisco.com
*May  6 23:23:41.995: //38//HTTPC:/httpc_process_response: TestCookieY=password path=/
domain=.cisco.com
TestCookieX=username path=/ domain=.cisco.com
Related Commands

Command

Description

http client cache memory

Configures the memory limits for the HTTP client cache.

http client cache refresh

Configures the refresh time for the HTTP client cache.

http client cookie

Enables the HTTP client to send and receive cookies.

show http client cookie

Displays cookies that are being stored by the HTTP client.

debug hw-module all upgrade

To enable debug messages for field-programmable devices (FPDs), use the debug hw-module all upgrade command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module all upgrade [error | event]
no debug hw-module all upgrade [error | event]
Syntax Description

all

Enable debug messaging for all supported modules in the system.

error

(Optional) Enables display of FPD upgrade error messages.

event

(Optional) Enables display of FPD upgrade event messages.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module all upgrade command is intended for use by Cisco Systems technical support personnel.

If you attempt to use this command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

For more information about FPD upgrades on SPA interface processors (SIPs) and shared port adapters (SPAs), refer to the Cisco 7600 Series Router SIP, SSC, and SPA Software Configuration Guide.

Examples

The following example enables FPD upgrade debug messages for all supported card types on the Cisco 7600 series router:
Router# debug hw-module all upgrade
debug hw-module subslot

To debug a shared port adapter (SPA) and all of its interfaces, use the debug hw-module subslot command in privileged EXEC configuration mode.

debug hw-module subslot slot/subslot {all | driver | fpga | if | mac | phy | tcam | upgrade [error | event] intr | force-intr}
no debug hw-module subslot slot/subslot {all | driver | fpga | if | mac | phy | tcam | upgrade [error | event] intr | force-intr}
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SIP where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enables all SPA debug messages.

driver

Enables debug messages for SPA drivers.

fpga

Enables debug messages related to SPA field programmable gate array (FPGA) processing.

if

Enables debug messages related to SPA interface processing

mac

Enables debug messages related to SPA MAC driver processing.

phy

Enables debug messages related to SPA PHY driver processing.

tcam

Enables debug messages related to SPA ternary content addressable memory (TCAM) processing.

upgrade [error | event]

Enables debug messages related to Field-Programmable Device (FPD) upgrade information.

•error—Specifies that upgrade error messages are displayed.

•event—Specifies that upgrade event messages are displayed.

intr

Enables debug messages related to SPA interrupts.

Caution The intr option should be used only under the supervision of Cisco Systems technical support personnel and is not intended for production networks.

force-intr

Enables debug messages related to manually forced SPA interrupts.

Caution The force-intr option should be used only under the supervision of Cisco Systems technical support personnel and is not intended for production networks.

Defaults

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(20)S2

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot command is intended for use by Cisco Systems technical support personnel.

If you attempt to use this command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables interface debug messages for the 4-Port 10/100 Fast Ethernet SPA located in the top subslot (0) of the MSC that is installed in slot 4 of the Cisco 7304 router and shows an interface being shut down and restarted:
Router# debug hw-module subslot 4/0 if
SPA 4xFE/2xGE interface debugging is on
Router# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# int fast 4/0/0
Router(config-if)# shut
Router(config-if)# 
4d01h: Interface FastEthernet4/0/0, stopping the devices
4d01h: Interface FastEthernet4/0/0, Turning off the port LED
Router(config-if)# 
4d01h: %LINK-5-CHANGED: Interface FastEthernet4/0/0, changed state to administratively 
down
4d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet4/0/0, changed state to 
down
Router(config-if)# 
Router(config-if)# no shut
Router(config-if)# 
4d01h: Interface FastEthernet4/0/0, stopping the devices
4d01h: Interface FastEthernet4/0/0, clearing the MAC address filter table
4d01h: Interface FastEthernet4/0/0, Disabling promiscuous mode
4d01h: Interface FastEthernet4/0/0, setting the MAC address to 00b0.64ff.4480
4d01h: Interface FastEthernet4/0/0, Disabling promiscuous mode
4d01h: Interface FastEthernet4/0/0, configuring media_type = RJ45, speed = Auto Speed, 
duplex = Auto Duplex, mode = auto-negotiation
4d01h: Interface FastEthernet4/0/0, starting the devices
4d01h: Interface FastEthernet4/0/0, clearing the hardware counters
4d01h: %LINK-3-UPDOWN: Interface FastEthernet4/0/0, changed state to up
4d01h: Interface FastEthernet4/0/0, Setting port LED to green
4d01h: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet4/0/0, changed state to 
up
debug hw-module subslot commands

To enable debug messages for control plane configuration and commands on a shared port adapter (SPA), use the debug hw-module subslot commands command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} commands
no debug hw-module subslot {slot/subslot | all} commands
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables control plane debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:
Router# debug hw-module subslot 4/0 commands
debug hw-module subslot errors

To enable debug messages for error handling and race conditions on a shared port adapter (SPA), use the debug hw-module subslot errors command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} errors
no debug hw-module subslot {slot/subslot | all} errors
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables error handling debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:
Router# debug hw-module subslot 4/0 errors
debug hw-module subslot events

To enable debug messages for control plane event notifications on a shared port adapter (SPA), use the debug hw-module subslot events command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} events
no debug hw-module subslot {slot/subslot | all} events
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables control plane event messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:
Router# debug hw-module subslot 4/0 events
debug hw-module subslot interrupts

To enable debug messages for interrupt handling on a shared port adapter (SPA), use the debug hw-module subslot interrupts command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} interrupts
no debug hw-module subslot {slot/subslot | all} interrupts
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables interrupt handling debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:
Router# debug hw-module subslot 4/0 interrupts
debug hw-module subslot ipcshim

To enable debug messages for Inter-Process Communication (IPC) shim application processing for all supported modules in the system, use the debug hw-module subslot ipcshim command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot all ipcshim
no debug hw-module subslot all ipcshim
Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

The debug hw-module subslot ipcshim command is only supported by certain shared port adapters (SPAs).

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables IPC SHIM application debug messages for all supported modules in the router:
Router# debug hw-module subslot all ipcshim
debug hw-module subslot oir

To enable debug messages for online insertion and removal (OIR) processing on a shared port adapter (SPA), use the debug hw-module subslot oir command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} oir {plugin | state-machine}
no debug hw-module subslot {slot/subslot | all} oir {plugin | state-machine}
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

plugin

Enable debug messaging for platform-provided plugin routines.

state-machine

Enable debug messaging for SPA OIR state machines.

Defaults

No default behavior or values

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example shows enabling of OIR plugin debug messages for the SPA located in subslot 1 of the SIP that is installed in slot 4 of the router, and the corresponding messages during a SPA reload:
Router# debug hw-module subslot 4/1 oir plugin
WARNING: This command is not intended for production use
and should only be used under the supervision of
Cisco Systems technical support personnel.
SPA subslot 4/1:
   SPA specific oir handling debugging is on
Router# hw-module subslot 4/1 reload
Router#
Mar 26 01:35:04: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=9
Mar 26 01:35:04: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=1
Router#
Mar 26 01:35:09: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=0
Mar 26 01:35:10: cwrp_handle_spa_oir_tsm_event: subslot 4/1 event=2
debug hw-module subslot periodic

To enable debug messages for periodic processing on a shared port adapter (SPA), use the debug hw-module subslot periodic command in privileged EXEC configuration mode. To disable debug messages, use the no form of the command.

debug hw-module subslot {slot/subslot | all} periodic
no debug hw-module subslot {slot/subslot | all} periodic
Syntax Description

slot

Chassis slot number.

Refer to the appropriate hardware manual for slot information. For SIPs, refer to the platform-specific SPA hardware installation guide or the corresponding "Identifying Slots and Subslots for SIPs and SPAs" topic in the platform-specific SPA software configuration guide.

/subslot

Secondary slot number on a SPA interface processor (SIP) where a SPA is installed.

Refer to the platform-specific SPA hardware installation guide and the corresponding "Specifying the Interface Address on a SPA" topic in the platform-specific SPA software configuration guide for subslot information.

all

Enable debug messaging for all supported modules in the system.

Defaults

No default behavior or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(18)SXE

This command was introduced.

12.0(31)S

This command was integrated into Cisco IOS Release 12.0(31)S.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug hw-module subslot commands are intended for use by Cisco Systems technical support personnel.

If you attempt to use a debug hw-module subslot command without a SPA installed, or with an incompatible SPA installed, the keyword options are not provided.

Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco Systems technical support personnel. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

The following example enables periodic processing debug messages for the SPA located in the top subslot (0) of the SIP that is installed in slot 4 of a router:
Router# debug hw-module subslot 4/0 periodic
debug iapp

Use the debug iapp privileged EXEC command to begin debugging of IAPP operations. Use the no form of this command to stop the debug operation.

[no] debug iapp
{packets | event | error}
Syntax Description

packets

Displays IAPP packets sent and received by the access point. Link test packets are not displayed

event

Displays significant IAPP events

error

Displays IAPP software and protocol errors

Defaults

This command has no default setting.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(11)JA

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

This example shows how to begin debugging of IAPP packets:
SOAP-AP# debug iapp packet
This example shows how to begin debugging of IAPP events:
SOAP-AP# debug iapp events
This example shows how to begin debugging of IAPP errors:
SOAP-AP# debug iapp errors
Related Commands

Command

Description

show debugging

Displays all debug settings

debug idmgr

To enable debugging for the identity manager (IDMGR), use the debug idmgr command in privileged EXEC mode. To disable debugging for the IDMGR, use the no form of this command.

debug idmgr {core | data | db | elog | flow local}
Syntax Description

core

Specifies debugging for the Layer 2 (L2) access core process flow.

data

Specifies debugging for data handling.

db

Specifies debugging for database interaction.

elog

Specifies debugging for event logging.

flow local

Specifies debugging for remote and local interaction.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

15.1(2)S

This command was introduced.

Usage Guidelines

You can use the debug idmgr command to debug errors such as missing or incorrect attributes in a session or Accounting, Authentication, and Authorization (AAA) records.

Usage Guidelines

The following is sample output from the debug idmgr command:
Router# debug idmgr core
IDMGR core process flow debugging is on
Router# debug idmgr data
IDMGR data handling debugging is on
Router# debug idmgr db
IDMGR database interaction debugging is on
R1# debug idmgr elog
IDMGR event logging debugging is on
R1# debug idmgr flow local
IDMGR local process flow debugging is on
2w6d: %SYS-5-CONFIG_I: Configured from console by console
2w6d: IDMGR: Enabled core flow debugging
2w6d: IDMGR: Enabled local flow debugging
2w6d: IDMGR: Enabled DB interaction debugging
2w6d: IDMGR:(07EC4890) got an Session Assert Request
2w6d: IDMGR:(07EC4890) Local processing Session Assert Request
2w6d: IDMGR: Set field session-handle 2281701385(88000009) in idmgr db record
2w6d: IDMGR: Set field aaa-unique-id 16(00000010) in idmgr db record
2w6d: IDMGR: Set field composite-key in idmgr db record
2w6d: IDMGR: Set field idmgr-data in idmgr db record
2w6d: IDMGR:(07EC4890) Adding new record 07640138 for session handle 88000009 to Session 
DB
2w6d: IDMGR: Enabled core flow debugging
2w6d: IDMGR: Enabled local flow debugging
2w6d: IDMGR: Enabled DB interaction debugging
2w6d: IDMGR:(07EC4890) got an Session Update Event
2w6d: IDMGR:(07EC4890) Local processing Session Update Event
2w6d: IDMGR:(07EC4890) Search for session record
2w6d: IDMGR: Set field session-handle 2281701385(88000009) in search record
2w6d: IDMGR:(07EC4890) Found match for session handle 88000009
2w6d: IDMGR:(07EC4890) Found record in search get, returning 07640138
2w6d: IDMGR: releasing memory for search record field with type session-handle
2w6d: IDMGR: Set field idmgr-mask 4294967295(FFFFFFFF) in search record
2w6d: IDMGR: releasing memory for search record field with type idmgr-mask
Router#
2w6d: IDMGR:(07EC4890) Updating attribute authen-status in datalist
2w6d: IDMGR:(07EC4890) Updated record 07640138 for 88000009 to Session DB
Related Commands

Command

Description

show subscriber session

Displays information about subscriber sessions on an ISG.

debug if-mgr efp-ext

To enable debugging for the interface manager (IF-MGR) Ethernet flow point (EFP) extension, use the debug if-mgr efp-ext command in privileged EXEC mode. To turn off debugging for the IF-MGR EFP extension, use the no form of this command.

debug if-mgr {errors | trace} efp-ext
no debug if-mgr {errors | trace} efp-ext
Syntax Description

errors

Specifies debugging for IF-MGR EFP extension errors.

trace

Specifies debugging for IF-MGR EFP extension traces.

Command Default

Debugging is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(33)SRD1

This command was introduced.

Usage Guidelines

Before you issue the debug if-mgr efp-ext command, consider the high volume of output that debug commands usually generate and the amount of time the debugging operation may take.

Examples

The following example shows how to enable debugging for IF-MGR EFP extension errors:
Router> enable
Router# debug if-mgr errors efp-ext
Router#
debug ima

To display debugging messages for inverse multiplexing over AMT (IMA) groups and links, use the debug ima command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ima
no debug ima
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging for IMA groups is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(5)XK

This command was modified.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following example shows output when you enter the debug ima command while adding two ATM links to an IMA group. Notice that the group has not yet been created with the interface atm slot/imagroup-number command, so the links are not activated yet as group members. However, the individual ATM links are deactivated.
Router# debug ima 
IMA network interface debugging is on
Router# config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# interface atm1/0
Router(config-if)# ima-group 1
Router(config-if)#
01:35:08:IMA shutdown atm layer of link ATM1/0
01:35:08:ima_clear_atm_layer_if ATM1/0
01:35:08:IMA link ATM1/0 removed in firmware
01:35:08:ima_release_channel:ATM1/0 released channel 0.
01:35:08:Bring up ATM1/4 that had been waiting for a free channel.
01:35:08:IMA:no shut the ATM interface.
01:35:08:IMA allocate_channel:ATM1/4 using channel 0.
01:35:08:IMA config_restart ATM1/4
01:35:08:IMA adding link 0 to Group ATM1/IMA1ATM1/0 is down waiting for IMA group 1 to be 
activated
01:35:08:Link 0 was added to Group ATM1/IMA1
01:35:08:ATM1/0 is down waiting for IMA group 1 to be created.
01:35:08:IMA send AIS on link ATM1/0
01:35:08:IMA Link up/down Alarm:port 0, new status 0x10, old_status 0x1.
01:35:10:%LINK-3-UPDOWN:Interface ATM1/4, changed state to up
01:35:10:%LINK-3-UPDOWN:Interface ATM1/0, changed state to down
01:35:11:%LINEPROTO-5-UPDOWN:Line protocol on Interface ATM1/4, changed state to up
01:35:11:%LINEPROTO-5-UPDOWN:Line protocol on Interface ATM1/0, changed state to down
Router(config-if)# int atm1/1
Router(config-if)# ima-group 1
Router(config-if)#
01:37:19:IMA shutdown atm layer of link ATM1/1
01:37:19:ima_clear_atm_layer_if ATM1/1
01:37:19:IMA link ATM1/1 removed in firmware
01:37:19:ima_release_channel:ATM1/1 released channel 1.
01:37:19:Bring up ATM1/5 that had been waiting for a free channel.
01:37:19:IMA:no shut the ATM interface.
01:37:19:IMA allocate_channel:ATM1/5 using channel 1.
01:37:19:IMA config_restart ATM1/5
01:37:19:IMA adding link 1 to Group ATM1/IMA1ATM1/1 is down waiting for IMA group 1 to be 
activated
01:37:19:Link 1 was added to Group ATM1/IMA1
01:37:19:ATM1/1 is down waiting for IMA group 1 to be created.
01:37:19:IMA send AIS on link ATM1/1
01:37:19:IMA Link up/down Alarm:port 1, new status 0x10, old_status 0x1.
Router(config-if)#
01:37:21:%LINK-3-UPDOWN:Interface ATM1/5, changed state to up
01:37:21:%LINK-3-UPDOWN:Interface ATM1/1, changed state to down
01:37:22:%LINEPROTO-5-UPDOWN:Line protocol on Interface ATM1/5, changed state to up
01:37:22:%LINEPROTO-5-UPDOWN:Line protocol on Interface ATM1/1, changed state to down
Related Commands

Command

Description

debug backhaul-session-manager set

Displays debugging messages for ATM errors, and reports specific problems such as encapsulation errors and errors related to OAM cells.

debug events

Displays debugging messages for ATM events, and reports specific events such as PVC setup completion, changes in carrier states, and interface rates.

debug interface

To display interface descriptor block debugging messages, use the debug interface command in privileged EXEC mode. To disable the debugging messages, use the no form of this command.

debug interface type number
no debug interface type number
Syntax Description

type number

Interface type and number. In the case of an ATM interface, you get the following options once you enter the interface type and number:

•vc—Displays information about the virtual circuit.

•[vpi/]vci—Specifies the virtual channel identifier (VCI) or virtual path identifier/virtual channel identifier (VPI/VCI) pair, if the interface to be debugged is an ATM-encapsulated interface. Valid values for vpi are 0 to 255. Valid values for vci are 1 to 65535.

Command Default

By default, debugging messages are not enabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.3(4)T

This command was introduced.

12.0(26)S

This command was integrated into Cisco IOS Release 12.0(26)S.

Examples

The following is sample output from the debug interface command:
Router# debug interface ATM 1/0 vc 0/5
Condition 1 set
*Jan 31 19:36:38.399: ATM VC Debug: Condition 1, atm-vc 0/5 AT1/0 triggered, count 1
Related Commands

Command

Description

debug interface counters exceptions

Displays a message when a recoverable exceptional condition happens during the computation of the interface packet and data rate statistics.

debug interface counters protocol memory

Displays the memory operations (create and free) of protocol counters on interfaces and debugging messages during memory operations.

debug interface counters exceptions

To display a message when a recoverable exceptional condition happens during the computation of the interface packet and data rate statistics, use the debug interface counters exceptions command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug interface counters exceptions
no debug interface counters exceptions
Syntax Description

This command has no arguments or keywords.

Command Default

By default, the debugging messages are not enabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.3(4)T

This command was introduced.

12.0(26)S

This command was integrated into Cisco IOS Release 12.0(26)S.

Usage Guidelines

Use the debug interface counters exceptions command to debug problems where the packet counter values or rates have unexpected values. The command helps to flag interfaces whose packet counter values have decreased in number. This condition can occur if a packet is counted and then dropped. This command helps you to determine if the input and output rate statistics are adjusted to display a zero value versus an unexpected value. It is also possible for zero values to be displayed if an interface is running at or close to its maximum capacity due to interface statistics being viewed as negative values.

This message is rate limited to one message per minute. If multiple interfaces are having unexpected counter statistic issues, then a message is displayed only for the first interface that experiences a problem within a minute.

Examples

The following is sample output from the debug interface counters exceptions command when backward-going counters are detected. The output is self-explanatory.
Router# debug interface counters exceptions
IF-4-BACKWARD_COUNTERS: Corrected for backward rx_bytes counters (561759 -> 526385) on 
Multilink1
IF-4-BACKWARD_COUNTERS: Corrected for backward tx_bytes counters (288114 -> 268710) on 
Multilink1
IF-4-BACKWARD_COUNTERS: Corrected for backward tx_bytes counters (2220 -> 0) on 
Virtual-Access4 
Related Commands

Command

Description

debug interface

Displays the interface descriptor block debugging messages.

debug interface counters protocol memory

Displays the memory operations (create and free) of protocol counters on interfaces and debugging messages during memory operations.

debug interface counters protocol memory

To display the memory operations (create and free) of protocol counters on interfaces and debugging messages during memory operations, use the debug interface counters protocol memory command in privileged EXEC mode. To disable the debugging output, use the no form of this command.

debug interface counters protocol memory
no debug interface counters protocol memory
Syntax Description

This command has no arguments or keywords.

Command Default

By default, the debugging messages are not enabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.3(4)T

This command was introduced.

12.0(26)S

This command was integrated into Cisco IOS Release 12.0(26)S.

Examples

The following is sample output from the debug interface counters protocol memory command. The output is self-explanatory.
Router# debug interface counters protocol memory
interface counter protocol memory operations debugging is on
*Jan 11 11:34:08.154: IDB_PROTO: Ethernet0/0 created CDP
*Jan 11 11:35:08.154: IDB_PROTO: Ethernet0/0 reset CDP
Related Commands

Command

Description

debug interface

Displays the interface descriptor block debugging messages.

debug interface counters exceptions

Displays a message when a recoverable exceptional condition happens during the computation of the interface packet and data rate statistics.

debug interface states

To display intermediary messages when an interface's state transitions, use the debug interface states command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug interface states
no debug interface states
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.4(11)T

This command was introduced.

12.2(44)S

This command was integrated into Cisco IOS Release 12.2(44)S.

Usage Guidelines

This command helps to debug interface state transition problems and includes the following interface state related message outputs:

•BRIDGE_ADJ—bridging database and Spanning tree protocol (STP) port state adjustment

•CSTATE_REQ—carrier state change request

•CSTATE_TMR—carrier timer state change

•LSTATE_REQ—line protocol state change request

•LSTATE_TMR—line protocol timer state change

•ROUTE_ADJ—route adjustment

•TRANS_ADJ—state transition adjustment

The debug information can be restricted to display state transitions on an interface basis using the debug condition interface command.

Caution Because the debug interface states command is a global debug command for all the interfaces in the router, in some cases such as with online insertion and removal (OIR) this command generates a substantial amount of output, depending on the number of interfaces hosted on the shared port adapter (SPA) or the line card. Use the debug condition interface command instead for debugging an interface state transition problem.

Examples

The following is sample output from the debug interface states command when the shutdown command is executed on an interface. The output is self-explanatory.
Router# debug interface states
interface state transitions debugging is on
Router# debug condition interface fast0/0
Condition 1 set
Router# config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#
*Sep  1 12:24:46.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: Entry
*Sep  1 12:24:46.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: timers not running
*Sep  1 12:24:46.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: Exit
Router(config)# interface fast0/0
Router(config-if)# shut
Router(config-if)#
*Sep  1 12:24:56.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: Entry
*Sep  1 12:24:56.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: timers not running
*Sep  1 12:24:56.294: [IDB Fa0/0 UARUYY] LSTATE_REQ: Exit
*Sep  1 12:24:57.162: [IDB Fa0/0 UARUYY] CSTATE_REQ: Entry, requested
state: A
*Sep  1 12:24:57.162: [IDB Fa0/0 UARUYY] CSTATE_REQ: starting ctimer (2000)
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] CSTATE_REQ: state assign
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] LSTATE_REQ: Entry
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] LSTATE_REQ: Exit
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] CSTATE_REQ: Exit
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] CSTATE_REQ: Entry, requested
state: A
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] CSTATE_REQ: state assign
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] LSTATE_REQ: Entry
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] LSTATE_REQ: Exit
*Sep  1 12:24:57.162: [IDB Fa0/0 AURUYY] CSTATE_REQ: Exit
*Sep  1 12:24:57.166: [IDB Fa0/0 AURUnY] TRANS_ADJ: Entry
*Sep  1 12:24:57.166: [IDB Fa0/0 AURUnn] TRANS_ADJ: propagating change
to subifs
*Sep  1 12:24:57.170: [IDB Fa0/0 AURUnn] TRANS_ADJ: Exit
*Sep  1 12:24:57.170: [IDB Fa0/0 AURUnn] ROUTE_ADJ: Entry
*Sep  1 12:24:57.170: [IDB Fa0/0 AURUnn] ROUTE_ADJ: Exit
*Sep  1 12:24:57.170: [IDB Fa0/0 AURUnn] BRIDGE_ADJ: Entry
*Sep  1 12:24:57.170: [IDB Fa0/0 AURUnn] BRIDGE_ADJ: Exit
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] CSTATE_TMR: Entry
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] CSTATE_TMR: netidb=Fa0/0,
linestate: n
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] LSTATE_REQ: Entry
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] LSTATE_REQ: timers not running
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] LSTATE_REQ: starting lineproto
timer
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] LSTATE_REQ: Exit
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] CSTATE_TMR: transition detected
*Sep  1 12:24:59.162: %ENTITY_ALARM-6-INFO: ASSERT INFO Fa0/0 Physical
Port Administrative State Down
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] TRANS_ADJ: Entry
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] TRANS_ADJ: Exit
*Sep  1 12:24:59.162: [IDB Fa0/0 AURUnn] CSTATE_TMR: Exit
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] LSTATE_TMR: Entry
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] LSTATE_TMR: not spoofing,
current state: n
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] LSTATE_TMR: informing line
state transitions
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] TRANS_ADJ: Entry
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] TRANS_ADJ: Exit
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] ROUTE_ADJ: Entry
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] ROUTE_ADJ: Exit
*Sep  1 12:25:00.162: [IDB Fa0/0 AURUnn] LSTATE_TMR: Exit
Related Commands

Command

Description

debug condition interface

Limits output for some debug commands on the basis of the interface, VC, or VLAN.

debug interface (vasi)

To display debugging information for the VRF-Aware Service Infrastructure (VASI) interface descriptor block, use the debug interface command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug interface {vasileft | vasiright} number
no debug interface {vasileft | vasiright} number
Syntax Description

vasileft

Displays information about vasileft interface.

vasiright

Displays information about vasiright interface.

number

Identifier of the VASI interface. The range is from 1 to 256.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 2.6

This command was introduced.

Examples

The following is sample output from the debug interface command:
Router# debug interface vasileft 100
Condition 1 set
Related Commands

Command

Description

interface (vasi)

Configures a VASI virtual interface.

debug adjacency (vasi)

Displays debugging information for the VASI adjacency.

debug vasi

Displays debugging information for the VASI.

show vasi pair

Displays the status of a VASI pair.

debug ip access-list hash-generation

To display debugging information about access control list (ACL) hash-value generation (for ACL Syslog entries), use the debug ip access-list hash-generation command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip access-list hash-generation
no debug ip access-list hash-generation
Syntax Description

This command has no arguments or keywords.

Command Default

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.4(22)T

This command was introduced.

Usage Guidelines

Use this command when configuring an access control entry (ACE) to view the router-generated hash values for the ACE.

This command displays the input and output for the hash-generation mechanism. The input is the ACE text and ACL name. The output is an MD5 algorithm-derived, 4-byte value.

Examples

The following example shows sample debug output displayed when configuring ACL hash-value generation.

Note The example in this section shows sample output for a numbered access list. However, you can configure ACL hash-value generation for both numbered and named access lists, and for both standard and extended access lists.
Router#
*Aug 9 00:24:31.765: %SYS-5-CONFIG_I: Configured from console by console
Router# debug ip access-list hash-generation
Syslog hash code generation debugging is on
Router# configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)# ip access-list logging hash-generation
Router(config)# access-list 101 permit tcp host 10.1.1.1 host 10.1.1.2 log
Router(config)#
*Aug 9 00:25:31.661: %IPACL-HASHGEN: Hash Input: 101 extended permit 6 host 20.1.1.1 
host 20.1.1.2 Hash Output: 0xA363BB54
Router(config)# exit
Router#
Related Commands

Command

Description

ip access-list logging hash-generation

Enables the generation of hash-values for access control entries in the system messaging logs.

show ip access-list

Displays the contents of all current access lists.

debug ip access-list intstats

To display debugging information about ACL interface level statistics, use the debug ip access-list intstats command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip access-list intstats
no debug ip access-list intstats
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2

This command was introduced.

12.4(6)T

This command was modified to include support for ACL interface level statistics.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug ip access-list intstats command is useful for debugging problems associated with ACL interface level statistics. These interface level statistics are ACL statistics that are maintained per interface and per traffic direction (input/output). This means that when a packet matches an entry in an ACL, the corresponding ACL statistics are updated for the interface on which the ACL is applied and the direction (input/output) in which the ACL is applied.

Examples

The following example is sample output from the debug ip access-list intstats command:
Router# debug ip access-list intstats
Router# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# interface FastEthernet 0/0
Router(config-if)# ip access-group 150 in
000042: *Mar 14 11:36:04.367 UTC: IPACL-INTSTATS: ACL swsb created
000043: *Mar 14 11:36:04.367 UTC: IPACL-INTSTATS: ACL header stats structure created
000044: *Mar 14 11:36:04.367 UTC: IPACL-INTSTATS: I/P stats table created
000045: *Mar 14 11:36:04.367 UTC: IPACL-INTSTATS: Statsid bitmap created
000046: *Mar 14 11:36:04.367 UTC: IPACL-INTSTATS: Done with static ACEs
Router(config-if)# no ip access-group 150 in
000047: *Mar 14 11:36:36.575 UTC: IPACL-INTSTATS: Freeing I/P stats table
000048: *Mar 14 11:36:36.575 UTC: IPACL-INTSTATS: Succesfully removed ACL from interface
000049: *Mar 14 11:36:36.575 UTC: IPACL-INTSTATS: ACL swsb destroyed 
Related Commands

Command

Description

show ip access-list

Displays the contents of all current IP access lists.

debug ip access-list turboacl

To display debugging information about turbo access control lists (ACLs), use the debug ip access-list turboacl command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip access-list turboacl
no debug ip access-list turboacl
Syntax Description

This command has no arguments or keywords.

Defaults

No default behaviors or values

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2

This command was introduced.

12.3(3)T

This command was modified to include support for turbo ACLs.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug ip access-list turboacl command is useful for debugging problems associated with turbo ACLs. Turbo ACLs compile the ACLs into a set of lookup tables, while maintaining the first packet matching requirements. Packet headers are used to access these tables in a small, fixed, number of lookups, independent of the existing number of ACL entries.

Examples

The following is sample output from the debug ip access-list turboacl command:
Router# debug ip access-list turboacl 
*Aug 20 00:41:17.843 UTC:Miss at index 73, 19
*Aug 20 00:41:17.843 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.843 UTC:Miss at index 21, 39
*Aug 20 00:41:17.847 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.847 UTC:Miss at index 116, 42
*Aug 20 00:41:17.851 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.851 UTC:Miss at index 119, 28
*Aug 20 00:41:17.851 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.855 UTC:Miss at index 116, 42
*Aug 20 00:41:17.855 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.855 UTC:Miss at index 92, 20
*Aug 20 00:41:17.855 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.855 UTC:Miss at index 119, 28
*Aug 20 00:41:17.855 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.855 UTC:Miss at index 56, 29
*Aug 20 00:41:17.859 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:17.859try, update = 1
*Aug 20 00:41:19.959 UTC:Miss at index 29, 41
*Aug 20 00:41:19.959 UTC:Adding dynamic entry, update = 1
*Aug 20 00:41:19.959 UTC:Miss at index 29, 38
Table 113 describes the significant fields shown in the display.

Table 113 debug ip access-list turboacl Field Descriptions

Field

Description

Aug 20 00:41:17.843 UTC

Date and Coordinated Universal Time (UTC) the command was used to debug the turbo ACL.

Miss at index 73, 19

Location in the compiled access list tables where a new packet lookup does not match an existing entry.

Adding dynamic entry, update = 1

Action taken to add a new entry in the compiled access list tables as a result of a packet being processed.

debug ip admission consent

To display authentication proxy consent page information on the router, use the debug ip admission consent command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip admission consent [events | errors | messages]
no debug ip admission consent
Syntax Description

errors

(Optional) Displays only error messages.

events

(Optional) Displays only event-related messages.

messages

(Optional) Displays only packet-related messages.

Command Default

If an option is not selected, all debug messages are displayed.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.4(15)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples
Router# debug ip admission consent errors 
IP Admission Consent Errors debugging is on 
Router# debug ip admission consent events 
IP Admission Consent Events debugging is on 
Router# debug ip admission consent messages 
IP Admission Consent Messages debugging is on 
Router# 
Router# show debugging
IP Admission Consent: 
IP Admission Consent Errors debugging is on 
IP Admission Consent Events debugging is on 
IP Admission Consent Messages debugging is on
debug ip admission eapoudp

To display information about Extensible Authentication Protocol over User Datagram Protocol (UDP) (EAPoUDP) network admission control events, use the debug ip admission eapoudp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip admission eapoudp
no debug ip admission eapoudp
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.3(8)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following sample output from the debug ip admission eapoudp command shows information about network admission control using EAPoUDP. In the command output, the term "posture" refers to the credentials (for example, antivirus state or version of Cisco IOS software) of the host system.
Router# debug ip admission eapoudp 
Posture validation session created for client mac= 0001.027c.f364 ip= 10.0.0.1
Total Posture sessions= 1 Total Posture Init sessions= 1 
*Apr  9 19:39:45.684: %AP-6-POSTURE_START_VALIDATION: IP=10.0.0.1|
Interface=FastEthernet0/0.420
*Apr  9 19:40:42.292: %AP-6-POSTURE_STATE_CHANGE: IP=10.0.0.1| STATE=POSTURE ESTAB
*Apr  9 19:40:42.292: auth_proxy_posture_parse_aaa_attributes:  
CiscoDefined-ACL name= #ACSACL#-IP-HealthyACL-40921e54
Apr  9 19:40:42.957: %AP-6-POSTURE_POLICY: Apply access control list
(xACSACLx-IP-HealthyACL-40921e54) policy for host (10.0.0.1)
The fields in the display are self-explanatory.

Related Commands

Command

Description

show ip admission

Displays IP admission control cache entries or the running admission control configuration.

debug ip auth-proxy

To display the authentication proxy configuration information on the router, use the debug ip auth-proxy command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip auth-proxy {detailed | ftp | function-trace | object-creation | object-deletion | telnet | timers}
no debug ip auth-proxy
Syntax Description

detailed

Displays details of the TCP events during an authentication proxy process. The details are generic to all FTP, HTTP, and Telnet protocols.

ftp

Displays FTP events related to the authentication proxy.

function-trace

Displays the authentication proxy functions.

object-creation

Displays additional entries to the authentication proxy cache.

object-deletion

Displays deletion of cache entries for the authentication proxy.

telnet

Displays Telnet-related authentication proxy events.

timers

Displays authentication proxy timer-related events.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.3(1)

The detailed keyword was added.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Use the debug ip auth-proxy command to display authentication proxy activity.

Note The function-trace debugging information provides low-level software information for Cisco technical support representatives. No output examples are provided for this keyword option.

Examples

The following examples illustrate the output of the debug ip auth-proxy command. In these examples, debugging is on for object creations, object deletions, HTTP, and TCP.

In this example, the client host at 192.168.201.1 is attempting to make an HTTP connection to the web server located at 192.168.21.1. The HTTP debugging information is on for the authentication proxy. The output shows that the router is setting up an authentication proxy entry for the login request:
00:11:10: AUTH-PROXY creates info:
cliaddr - 192.168.21.1, cliport - 36583
seraddr - 192.168.201.1, serport - 80
ip-srcaddr 192.168.21.1
pak-srcaddr 0.0.0.0 
Following a successful login attempt, the debugging information shows the authentication proxy entries created for the client. In this example, the client is authorized for SMTP (port 25), FTP data (port 20), FTP control (port 21), and Telnet (port 23) traffic. The dynamic access control list (ACL) entries are included in the display.
00:11:25:AUTH_PROXY OBJ_CREATE:acl item 61AD60CC
00:11:25:AUTH-PROXY OBJ_CREATE:create acl wrapper 6151C7C8 -- acl item 61AD60CC
00:11:25:AUTH-PROXY Src 192.168.162.216 Port [0]
00:11:25:AUTH-PROXY Dst 192.168.162.220 Port [25]
00:11:25:AUTH_PROXY OBJ_CREATE:acl item 6151C908
00:11:25:AUTH-PROXY OBJ_CREATE:create acl wrapper 6187A060 -- acl item 6151C908
00:11:25:AUTH-PROXY Src 192.168.162.216 Port [0]
00:11:25:AUTH-PROXY Dst 192.168.162.220 Port [20]
00:11:25:AUTH_PROXY OBJ_CREATE:acl item 61A40B88
00:11:25:AUTH-PROXY OBJ_CREATE:create acl wrapper 6187A0D4 -- acl item 61A40B88
00:11:25:AUTH-PROXY Src 192.168.162.216 Port [0]
00:11:25:AUTH-PROXY Dst 192.168.162.220 Port [21]
00:11:25:AUTH_PROXY OBJ_CREATE:acl item 61879550
00:11:25:AUTH-PROXY OBJ_CREATE:create acl wrapper 61879644 -- acl item 61879550
00:11:25:AUTH-PROXY Src 192.168.162.216 Port [0]
00:11:25:AUTH-PROXY Dst 192.168.162.220 Port [23]
The next example shows the debug output following a clear ip auth-proxy cache command to clear the authentication entries from the router. The dynamic ACL entries are removed from the router.
00:12:36:AUTH-PROXY OBJ_DELETE:delete auth_proxy cache 61AD6298
00:12:36:AUTH-PROXY OBJ_DELETE:delete create acl wrapper 6151C7C8 -- acl item 61AD60CC
00:12:36:AUTH-PROXY OBJ_DELETE:delete create acl wrapper 6187A060 -- acl item 6151C908
00:12:36:AUTH-PROXY OBJ_DELETE:delete create acl wrapper 6187A0D4 -- acl item 61A40B88
00:12:36:AUTH-PROXY OBJ_DELETE:delete create acl wrapper 61879644 -- acl item 61879550
The following example shows the timer information for a dynamic ACL entry. All times are expressed in milliseconds. The first laststart is the time that the ACL entry is created relative to the startup time of the router. The lastref is the time of the last packet to hit the dynamic ACL relative to the startup time of the router. The exptime is the next expected expiration time for the dynamic ACL. The delta indicates the remaining time before the dynamic ACL expires. After the timer expires, the debugging information includes a message indicating that the ACL and associated authentication proxy information for the client have been removed.
00:19:51:first laststart 1191112
00:20:51:AUTH-PROXY:delta 54220 lastref 1245332 exptime 1251112
00:21:45:AUTH-PROXY:ACL and cache are removed 
The following example is sample output with the detailed keyword enabled:
00:37:50:AUTH-PROXY:proto_flag=5, dstport_index=1
00:37:50: SYN SEQ 245972 LEN 0
00:37:50:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:37:50:AUTH-PROXY:auth_proxy_half_open_count++ 1
00:37:50:AUTH-PROXY:proto_flag=5, dstport_index=1
00:37:50: ACK 1820245643 SEQ 245973 LEN 0
00:37:50:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:37:50:clientport 4347 state 0
00:37:50:AUTH-PROXY:incremented proxy_proc_count=1
00:37:50:AUTH-PROXY:proto_flag=5, dstport_index=1
00:37:50: ACK 1820245674 SEQ 245973 LEN 0
00:37:50:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:37:50:clientport 4347 state 0
00:37:57:AUTH-PROXY:proto_flag=5, dstport_index=1
00:37:57: PSH ACK 1820245674 SEQ 245973 LEN 16
00:37:57:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:37:57:clientport 4347 state 0
00:37:57:AUTH-PROXY:proto_flag=5, dstport_index=1
00:37:57: ACK 1820245699 SEQ 245989 LEN 0
00:37:57:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:37:57:clientport 4347 state 0
00:38:01:AUTH-PROXY:proto_flag=5, dstport_index=1
00:38:01: PSH ACK 1820245699 SEQ 245989 LEN 16
00:38:01:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:38:01:clientport 4347 state 0
00:38:01:AUTH-PROXY:Authenticating user ryan
00:38:01:AUTH-PROXY:Session state is INIT.Not updating stats
00:38:01:AUTH-PROXY:Session state is INIT.Not updating stats
00:38:01:AUTH-PROXY:Sent AAA request successfully
00:38:01:AUTH-PROXY:Sent password successfully
00:38:01:AUTH-PROXY:processing authorization data
00:38:01:AUTH-PROXY:Sending accounting start.unique-id 2
00:38:01:AUTH-PROXY:Session state is INIT.Not updating stats
00:38:01:AUTH-PROXY:Session state is INIT.Not updating stats
00:38:01:AUTH-PROXY:wait complete on watched boolean stat=0
00:38:01:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:01: SYN ACK 2072458992 SEQ 4051022445 LEN 0
00:38:01:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:01: PSH ACK 2072458992 SEQ 4051022446 LEN 49
00:38:02:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:02: ACK 2072459003 SEQ 4051022495 LEN 0
00:38:02:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:02: PSH ACK 2072459003 SEQ 4051022495 LEN 33
00:38:02:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:02: ACK 2072459014 SEQ 4051022528 LEN 0
00:38:02:AUTH-PROXY:src ip addr is 192.168.127.2, dstaddr=192.168.27.1
00:38:02: PSH ACK 2072459014 SEQ 4051022528 LEN 26
00:38:03:AUTH-PROXY:proto_flag=5, dstport_index=1
00:38:03: ACK 1820245725 SEQ 246005 LEN 0
00:38:03:dst_addr 192.168.127.2 src_addr 192.168.27.1 dst_port 21 src_port 4347
00:38:03:clientport 4347 state 3
7200b#
Related Commands

Command

Description

show debug

Displays the debug options set on the router.

debug ip auth-proxy ezvpn

To display information related to proxy authentication behavior for web-based activation, use the debug ip auth-proxy ezvpn command in privileged EXEC mode. To turn off debugging, use the no form of this command.

debug ip auth-proxy ezvpn
no debug ip auth-proxy ezvpn
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging is not turned on.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.3(14)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS 12.2SX family of releases. Support in a specific 12.2SX release is dependent on your feature set, platform, and platform hardware.

Usage Guidelines

Caution Using this command may result in considerable output if simultaneous authentications are taking place.

Examples

The following is output from the debug ip auth-proxy ezvpn command. The output displays the proxy authentication behavior of a web-based activation.
Router# debug ip auth-proxy ezvpn
*Dec 20 20:25:11.006: AUTH-PROXY: New request received by EzVPN WebIntercept from 
  10.4.205.205
*Dec 20 20:25:17.150: AUTH-PROXY:GET request received
*Dec 20 20:25:17.150: AUTH-PROXY:Authentication scheme is 401
*Dec 20 20:25:17.362: AUTH-PROXY:Authorization information not present in GET request
*Dec 20 20:25:17.362: AUTH-PROXY: Allocated on credinfo for connect at 0x81EF1A84
*Dec 20 20:25:17.362: AUTH-PROXY: Posting CONNECT request to EzVPN
*Dec 20 20:25:17.362: EZVPN(tunnel22): Received CONNECT from 10.4.205.205!
*Dec 20 20:25:17.366: EZVPN(tunnel22): Current State: CONNECT_REQUIRED
*Dec 20 20:25:17.366: EZVPN(tunnel22): Event: CONNECT
The output in the display is self-explanatory.

Related Commands

Command

Description

xauth userid mode

Specifies how the Cisco Easy VPN Client handles Xauth requests or prompts from the server.

debug ip bgp

To display information related to processing of the Border Gateway Protocol (BGP), use the debug ip bgp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp [ip-address | addpath | dampening | events | in | keepalives | out | updates | vpnv4 | mpls]
no debug ip bgp [ip-address | addpath | dampening | events | in | keepalives | out | updates | vpnv4 | mpls]
Cisco 10000 Series Router

debug ip bgp [ip-address | dampening | events | in | keepalives | out | updates | vpnv4 | mpls | all | groups | import | ipv4 | ipv6]
no debug ip bgp [ip-address | dampening | events | in | keepalives | out | updates | vpnv4 | mpls | all | groups | import | ipv4 | ipv6]
Syntax Description

ip-address

(Optional) The BGP neighbor IP address.

addpath

(Optional) Displays BGP additional path events.

dampening

(Optional) Displays BGP dampening.

events

(Optional) Displays BGP events.

in

(Optional) Displays BGP inbound information.

keepalives

(Optional) Displays BGP keepalives.

out

(Optional) Displays BGP outbound information.

updates

(Optional) Displays BGP updates.

vpnv4

(Optional) Displays Virtual Private Network version 4 (VPNv4) Network Layer Reachability Information (NLRI).

mpls

(Optional) Displays Multiprotocol Label Switching (MPLS) information.

all

(Optional) Displays all address family information.

groups

(Optional) Displays BGP configuration and update groups information.

import

(Optional) Displays BGP import routes to a VPN routing and forwarding (VRF) instance across address family information.

ipv4

(Optional) Displays BGP IPv4 address family information.

ipv6

(Optional) Displays BGP IPv6 address family information.

Command Modes

Privileged EXEC(#)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.0(21)ST

This command was integrated into Cisco IOS Release 12.0(21)ST. The mpls keyword was added.

12.0(22)S

This command was integrated into Cisco IOS Release 12.0(22)S.

12.2(13)T

The mpls keyword was added.

12.2(17b)SXA

This command was integrated into Cisco IOS Release 12.2(17b)SXA.

12.0(27)S

The command output was modified to show explicit-null label information.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.2(33)SRE

This command was modified. The addpath keyword was added.

12.2(33)XNE

This command was integrated into Cisco IOS Release 12.2(33)XNE.

Cisco IOS XE Release 2.5

This command was integrated into Cisco IOS XE Release 2.5.

Usage Guidelines

Use this command with the updates and mpls keywords to display explicit-null label information. The optional arguments in, out, keepalives, updates, and events provide verbose output to the debug ip bgp command. The sequence in which the optional arguments are provided affects the behavior of the command. The non peer specific commands override the peer-specific commands.

Examples

The following is sample output from the debug ip bgp command used with vpnv4 keyword:
Router# debug ip bgp vpnv4 
03:47:14:vpn:bgp_vpnv4_bnetinit:100:2:10.0.0.0/8
03:47:14:vpn:bnettable add:100:2:10.0.0.0/8
03:47:14:vpn:bestpath_hook route_tag_change for vpn2:10.0.0.0/255.0.0.0(ok)
03:47:14:vpn:bgp_vpnv4_bnetinit:100:2:10.0.0.0/8
03:47:14:vpn:bnettable add:100:2:10.0.0.0/8
03:47:14:vpn:bestpath_hook route_tag_change for vpn2:10.0.0.0/255.0.0.0(ok)
03:47:14:vpn:bgp_vpnv4_bnetinit:100:2:10.0.0.0/8
03:47:14:vpn:bnettable add:100:2:10.0.0.0/8
03:47:14:vpn:bestpath_hook route_tag_chacle ip bgp *nge for vpn2:10.0.0.0/255.0.0.0(ok)
The following example shows sample output, including the explicit-null label, from the debug ip bgp updates and the debug ip bgp mpls commands:
Router# debug ip bgp updates 
BGP updates debugging is on
Router# debug ip bgp mpls
BGP MPLS labels debugging is on
Router#
01:33:53: BGP(0): route 10.10.10.10/32 up
01:33:53: BGP(0): nettable_walker 10.10.10.10/32 route sourced locally
01:33:53: BGP: adding MPLS label to 10.10.10.10/32
01:33:53: BGP: check on 10.10.10.10/8 in LDP - ok
01:33:53: BGP: label imp-null allocated via LDP
01:33:53: BGP-IPv4: send exp-null label for 10.10.10.10/32
01:33:53: BGP-IPv4: Send prefix 10.10.10.10/32, label exp-null    !explicit-null label 
being sent
01:33:53: BGP(0): 10.10.10.11 send UPDATE (format) 10.10.10.10/32, next 10.10.10.12, 
metric 0, path , mpls label 0 !label value is 0
01:33:53: BGP(0): updgrp 1 - 10.10.10.12 enqueued 1 updates, average/maximum size (bytes) 
61/61
The following example shows a sample output of the debug ip bgp command:
Router# debug ip bgp 209.165.200.225
Router# debug ip bgp 209.165.200.225 updates
Router# debug ip bgp keepalives
Router# debug ip bgp events
Router# debug ip bgp in
Router# debug ip bgp out
Router# show debug 
IP routing:
  BGP debugging is on (outbound) for address family: IPv4 Unicast
  BGP events debugging is on
  BGP keepalives debugging is on
  BGP updates debugging is on (outbound) for address family: IPv4 Unicast
The behavior of the command changes when the arguments are provided in a different sequence
Router# debug ip bgp keepalives
Router# debug ip bgp events
Router# debug ip bgp in
Router# debug ip bgp out
Router# debug ip bgp 209.165.200.225
Router# debug ip bgp 209.165.200.225 updates
Router# show debug
IP routing:
  BGP debugging is on for neighbor 209.165.200.225 for address family: IPv4 Unicast
  BGP events debugging is on for neighbor 209.165.200.225
  BGP keepalives debugging is on for neighbor 209.165.200.225 for address family: IPv4 
Unicast
  BGP updates debugging is on for neighbor 209.165.200.225 for address family: IPv4 
Unicast
debug ip bgp groups

To display information related to the processing of Border Gateway Protocol (BGP) update-groups, use the debug ip bgp update privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp groups [index-group | ip-address]
no debug ip bgp groups
Syntax Description

index-group

(Optional) Specifies that update-group debugging information for the corresponding index number will be displayed. The range of update-group index numbers is from 1 to 4294967295.

ip-address

(Optional) Specifies that update-group debugging information for a single peer will be displayed.

Command Default

No information about BGP update-groups is displayed.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(24)S

This command was introduced.

12.2(18)S

This command was integrated into Cisco IOS Release 12.2(18)S.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T.

12.2(27)SBC

This command was integrated into Cisco IOS Release 12.2(27)SBC.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The output of this command displays information about update-group calculations and the addition and removal of update-group members. Information about peer-groups, peer-policy, and peer-session templates will also be displayed in the output of this command as neighbor configurations change.

Note The output of this command can be very verbose. This command should not be deployed in a production network unless you are troubleshooting a problem.

When a change to outbound policy occurs, the router automatically recalculates update-group memberships and applies the changes by triggering an outbound soft reset after a 1-minute timer expires. This behavior is designed to provide the network operator with time to change the configuration if a mistake is made. You can manually enable an outbound soft reset before the timer expires by entering the clear ip bgp ip-address soft out command.

Note In Cisco IOS Release 12.0(25)S, 12.3(2)T, and prior releases the update group recalculation delay timer is set to 3 minutes.

Examples

The following sample output from the debug ip bgp groups command shows that peering has been established with neighbor 10.4.9.8 and update-group calculations are occurring for this member:
Router# debug ip bgp groups 
5w4d: BGP-DYN(0): Comparing neighbor 10.4.9.8 flags 0x0 cap 0x0 and updgrp 1 fl0
5w4d: BGP-DYN(0): Created update-group(0) flags 0x0 cap 0x0 from neighbor 10.4.0
5w4d: BGP-DYN(0): Adding  neighbor 10.4.9.8 flags 0x0 cap 0x0, to update-group 0
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.8 Up 
The following sample output from the debug ip bgp groups command shows the recalculation of update-groups after the clear ip bgp groups command was issued:
Router# debug ip bgp groups 
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.5 Down User reset
5w4d: BGP-DYN(0): Comparing neighbor 10.4.9.5 flags 0x0 cap 0x0 and updgrp 2 fl0
5w4d: BGP-DYN(0): Update-group 2 flags 0x0 cap 0x0 policies same as 10.4.9.5 fl0
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.8 Down User reset
5w4d: BGP-DYN(0): Comparing neighbor 10.4.9.8 flags 0x0 cap 0x0 and updgrp 2 fl0
5w4d: BGP-DYN(0): Update-group 2 flags 0x0 cap 0x0 policies same as 10.4.9.8 fl0
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.21 Down User reset
5w4d: BGP-DYN(0): Comparing neighbor 10.4.9.21 flags 0x0 cap 0x0 and updgrp 1 f0
5w4d: BGP-DYN(0): Update-group 1 flags 0x0 cap 0x0 policies same as 10.4.9.21 f0
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.5 Up 
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.21 Up 
5w4d: %BGP-5-ADJCHANGE: neighbor 10.4.9.8 Up 
Table 114 describes the significant fields shown in the display.

Table 114 debug ip bgp groups Field Descriptions

Field

Description

%BGP-5-ADJCHANGE:

A BGP neighbor has come Up or gone Down. The IP address of the neighbor is specified in the output string.

BGP-DYN(0):

This line is displayed when a neighbor adjacency is established. The BGP dynamic update group algorithm analyzes the policies of the new neighbor and then adds the neighbor to the appropriate BGP update group.

Related Commands

Command

Description

clear ip bgp

Resets a BGP connection or session.

clear ip bgp update-group

Clears BGP update-group member sessions.

show ip bgp replication

Displays BGP update-group replication statistics.

show ip bgp update-group

Displays information about BGP update-groups.

debug ip bgp igp-metric ignore

To display information related to the system ignoring the Interior Gateway Protocol (IGP) metric during best path selection, use the debug ip bgp igp-metric ignore command in privileged EXEC mode. To disable such debugging output, use the no form of the command.

debug ip bgp igp-metric ignore
no debug ip bgp igp-metric ignore
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Release 3.4S

This command was introduced.

Usage Guidelines

You might use this command if the path you expected to be chosen as the best path at the shadow RR was not chosen as such. That could be because the bgp bestpath igp-metric ignore command makes the best path algorithm choose the same best path as the primary RR if they are not co-located.

Examples

The following example turns on debugging of events related to the system ignoring the IGP metric during bestpath selection:
Router# debug ip bgp igp-metric ignore
Related Commands

Command

Description

bgp bestpath igp-metric ignore

Specifies that the system ignore the Interior Gateway Protocol (IGP) metric during best path selection.

debug ip bgp import

To display debugging information related to importing IPv4 prefixes from the global routing table into a VRF table, use the debug ip bgp import command in privileged EXEC mode. To disable the display of IPv4 prefix import debugging information, use the no form of this command.

debug ip bgp import {events | updates [access-list | expanded-access-list]}
no debug ip bgp import {events | updates [access-list | expanded-access-list]}
Syntax Description

events

Displays event messages related to IPv4 prefix import.

updates

Displays messages related to IPv4 prefix import updates.

access-list

(Optional) Number of access list used to filter debugging messages. The range that can be specified is from 1 to 199.

expanded-access-list

(Optional) Number of expanded access lists used to filter debugging messages. The range that can be specified is from 1300 to 2699.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(29)S

This command was introduced.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.3(14)T

This command was integrated into Cisco IOS Release 12.3(14)T.

12.2(27)SBC

This command was integrated into Cisco IOS Release 12.2(27)SBC.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Use this command to display debugging information related to the BGP Support for IP Prefix Import from Global Table into a VRF Table feature. This feature provides the capability to import IPv4 unicast prefixes from the global routing table into a Virtual Private Network (VPN) routing and forwarding (VRF) instance table using an import route map.

Examples

The following example configures IPv4 prefix import debugging messages for both import events and import updates to be displayed on the console of the router:
Router# debug ip bgp import events 
BGP import events debugging is on
Router# debug ip bgp import updates
BGP import updates debugging is on for access list 3
00:00:50: %BGP-5-ADJCHANGE: neighbor 10.2.2.2 Up 
00:01:06: BGP: reevaluate IPv4 Unicast routes in VRF academic
00:01:06: BGP: 0 routes available (limit: 1000)
00:01:06: BGP: import IPv4 Unicast routes to VRF academic
00:01:06: BGP(2)-VRF(academic): import pfx 100:1:10.30.1.0/24 via 10.2.2.2
00:01:06: BGP: accepted 8 routes (limit: 1000)
00:01:06: BGP: reevaluate IPv4 Multicast routes in VRF multicast
00:01:06: BGP: 0 routes available (limit: 2)
00:01:06: BGP: import IPv4 Multicast routes to VRF multicast
00:01:06: %BGP-4-AFIMPORT: IPv4 Multicast prefixes imported to multicast vrf reached the 
limit 2
00:01:06: BGP: accepted 2 routes (limit: 2)
00:01:06: BGP: reevaluate IPv4 Unicast routes in VRF BLUE 
00:01:06: BGP: 0 routes available (limit: 1000)
00:01:06: BGP: import IPv4 Unicast routes to VRF BLUE 
00:01:06: BGP: accepted 3 routes (limit: 1000)
Table 115 describes the significant fields shown in the display.

Table 115 debug ip bgp import Field Descriptions

Field

Description

BGP: accepted 2 routes (limit: 2)

Number of routes imported into the VRF, and the default or user-defined prefix import limit.

BGP: reevaluate IPv4 Unicast routes in VRF BLUE

Prefix was imported during BGP convergence and is being reevaluated for the next scan cycle.

BGP: 0 routes available (limit: 1000)

Number of routes available from import source, and the default or user-defined prefix import limit.

BGP: import IPv4 Unicast routes to VRF BLUE

Import map and prefix type (unicast or multicast) that is being imported into the specified VRF.

Related Commands

Command

Description

clear ip bgp

Resets a BGP connection.

debug ip bgp range

To display debugging information related to Border Gateway Protocol (BGP) dynamic subnet range neighbors, use the debug ip bgp range command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp range [detail]
no debug ip bgp range
Syntax Description

detail

(Optional) Specifies that detailed debugging information about BGP dynamic subnet range neighbors will be displayed.

Command Default

No debugging information about BGP dynamic subnet range neighbors is displayed.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(33)SXH

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The output of this command displays information about the identification and creation of BGP dynamic subnet range neighbors. BGP dynamic neighbors are configured using a range of IP addresses and BGP peer groups. After a subnet range is configured for a BGP peer group, and a TCP session is initiated for an IP address in the subnet range, a new BGP neighbor is dynamically created as a member of that group. The new BGP neighbor will inherit any configuration or templates for the group.

Examples

The following output shows that the debug ip bgp range command has been entered and a BGP neighbor at 192.168.3.2 is dynamically created using the subnet range 192.168.0.0/16. This new neighbor is a member of the peer group named group192.
Router# debug ip bgp range
bgprange_debug = 1, sense = 1
BGP dynamic Range debugging is on
!
*Mar 26 20:05:13.251: BGP:DN: Created a new neighbor *192.168.3.2 
in range 192.168.0.0/16, peer-group group192,count = 1
The following sample output from the debug ip bgp range detail command shows more detailed debugging of the addition of dynamic BGP neighbors:
Router# debug ip bgp range detail
bgprange_debug = 1, sense = 1
BGP dynamic Range debugging is on with detail (Dynamic Range neighbors details only)
!
*Mar 26 20:09:12.311: BGP:DN: ACCEPT an OPEN from 192.168.1.2 valid range 
0x32123D8:192.168.0.0/16,tcb 0x32114C0 
!
*Mar 26 20:09:12.331: BGP: 192.168.1.2 passive open to 192.168.1.1
*Mar 26 20:09:12.331: BGP:DN: ACCEPTED an OPEN from 192.168.1.2 valid range 
0x32123D8:192.168.0.0/16,tcb 0x3494040 
!
*Mar 26 20:09:12.331: BGP:DN: Created a new neighbor *192.168.1.2 
in range 192.168.0.0/16, peer-group group192,count = 2
Table 116 describes the significant field shown in the display.

Table 116 debug ip bgp range Field Descriptions

Field

Description

BGP:DN:

A potential dynamic BGP neighbor has been identified as opening a TCP session with an IP address in a subnet associated with a BGP peer group. BGP accepts the session and creates a new neighbor. The new neighbor becomes a member of the peer group associated with its subnet range.

Related Commands

Command

Description

bgp listen

Configures BGP dynamic neighbor parameters.

clear ip bgp peer-group

Clears BGP peer group member sessions.

show ip bgp peer-group

Displays information about BGP peer groups.

debug ip bgp sso

To display Border Gateway Protocol (BGP)-related stateful switchover (SSO) events or debugging information for BGP-related interactions between the active Route Processor (RP) and the standby RP, use the debug ip bgp sso command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp sso {events | transactions} [detail]
no debug ip bgp sso {events | transactions} [detail]
Syntax Description

events

Displays BGP-related SSO failures.

transactions

Displays debugging information for failed BGP-related interactions between the active RP and the standby RP.

detail

(Optional) Displays detailed debugging information about successful BGP-related SSO operations and successful BGP-related intereactions between the active and the standby RP.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(28)SB

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

The debug ip bgp sso command is used to display BGP-related SSO events or debugging information for BGP-related interactions between the active RP and the standby RP. This command is useful for monitoring or troubleshooting BGP sessions on a provider edge (PE) router during an RP switchover or during a planned In-Service Software Upgrade (ISSU).

Examples

The following is sample output from the debug ip bgp sso command with the events keyword. The following output indicates that the 10.34.32.154 BGP session is no longer SSO capable.
*Mar 28 02:29:43.526: BGPSSO: 10.34.32.154 reset SSO and decrement count
Tip Use the show ip bgp vpnv4 all neighbors command to display the reason that the SSO-capable BGP session has been disabled.

The following is sample output from the debug ip bgp sso command with the transactions keyword. The following output shows an SSO notification indicating that the SSO capability is pending for 602 BGP neighbors. This notification is generated as the state between the active and standby RP is being synchronized during the bulk synchonization phase of SSO initialization. During this phase, the Transmission Control Blocks (TCBs) must be synchronized with the TCBs on the standby RP before SSO initialization is complete.
*Mar 28 02:32:12.102: BGPSSO: tcp sso notify pending for 602 nbrs
debug ip bgp updates

To display information about the processing of Border Gateway Protocol (BGP) updates, use the debug ip bgp updates command in privileged EXEC mode. To disable the display of BGP update information, use the no form of this command.

debug ip bgp updates [access-list | expanded-access-list] [in | out] [events] [refresh]
no debug ip bgp updates [access-list | expanded-access-list] [in | out] [events] [refresh]
Syntax Description

access-list

(Optional) Number of access list used to filter debugging messages. The range that can be specified is from 1 to 199.

expanded-access-list

(Optional) Number of expanded access lists used to filter debugging messages. The range that can be specified is from 1300 to 2699.

in

(Optional) Specifies debugging messages for inbound BGP update information.

out

(Optional) Specifies debugging messages for outbound BGP update information.

events

(Optional) Specifies debugging messages for BGP update events.

refresh

(Optional) Specifies debugging messages for BGP update refresh.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.2(18)S

This command was integrated into Cisco IOS Release 12.2(18)S.

12.2(27)SBC

This command was integrated into Cisco IOS Release 12.2(27)SBC.

12.2(31)SB

This command was modified. The refresh keyword was added.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

Examples

The following is sample output from the debug ip bgp updates command. The output shows that the BGP session was cleared between neighbor 10.4.9.21 and the local router 10.4.9.4. There are no field description tables for this command because the debugging output from this command depends on the subsequent commands that are entered.
Router# debug ip bgp updates
5w2d: %SYS-5-CONFIG_I: Configured from console by console
5w2d: BGP: 10.4.9.21 went from Idle to Active
5w2d: BGP: 10.4.9.21 open active, delay 7032ms
5w2d: BGP: 10.4.9.21 open active, local address 10.4.9.4
5w2d: BGP: 10.4.9.21 went from Active to OpenSent
5w2d: BGP: 10.4.9.21 sending OPEN, version 4, my as: 101
5w2d: BGP: 10.4.9.21 send message type 1, length (incl. header) 45
5w2d: BGP: 10.4.9.21 rcv message type 1, length (excl. header) 26
5w2d: BGP: 10.4.9.21 rcv OPEN, version 4
5w2d: BGP: 10.4.9.21 rcv OPEN w/ OPTION parameter len: 16
5w2d: BGP: 10.4.9.21 rcvd OPEN w/ optional parameter type 2 (Capability) len 6
5w2d: BGP: 10.4.9.21 OPEN has CAPABILITY code: 1, length 4
5w2d: BGP: 10.4.9.21 OPEN has MP_EXT CAP for afi/safi: 1/1
5w2d: BGP: 10.4.9.21 rcvd OPEN w/ optional parameter type 2 (Capability) len 2
5w2d: BGP: 10.4.9.21 OPEN has CAPABILITY code: 128, length 0
5w2d: BGP: 10.4.9.21 OPEN has ROUTE-REFRESH capability(old) for all address-fams
5w2d: BGP: 10.4.9.21 rcvd OPEN w/ optional parameter type 2 (Capability) len 2
5w2d: BGP: 10.4.9.21 OPEN has CAPABILITY code: 2, length 0
5w2d: BGP: 10.4.9.21 OPEN has ROUTE-REFRESH capability for all address-families
5w2d: BGP: 10.4.9.21 went from OpenSent to OpenConfirm
5w2d: BGP: 10.4.9.21 went from OpenConfirm to Established
5w2d: %BGP-5-ADJCHANGE: neighbor 10.4.9.21 Up 
5w2d: BGP(0): 10.4.9.21 computing updates, afi 0, neighbor version 0, table ver0
5w2d: BGP(0): 10.4.9.21 update run completed, afi 0, ran for 0ms, neighbor vers1
5w2d: BGP(0): 10.4.9.21 initial update completed 
The following is sample output from the debug ip bgp updates out command. The output shows that the local router is sending updates with the cost community:
Router# debug ip bgp updates out
*Mar 15 01:41:23.515:BGP(0):10.0.0.5 computing updates, afi 0, neighbor version 0, table 
version 64, starting at 0.0.0.0
*Mar 15 01:41:23.515:BGP(0):10.0.0.5 send UPDATE (format) 0.0.0.0/0, next 10.0.0.2, metric 
0, path , extended community Cost:igp:1:100
*Mar 15 01:41:23.515:BGP(0):10.0.0.5 send UPDATE (format) 10.2.2.0/24, next 10.20.20.10, 
metric 0, path 10, extended community Cost:igp:8:22
*Mar 15 01:41:23.515:BGP(0):10.0.0.5 send UPDATE (format) 10.13.13.0/24, next 10.0.0.8, 
metric 0, path
The following is sample output from the debug ip bgp updates in command. The output shows that the local router is receiving updates with the cost community:
Router# debug ip bgp updates in
*Jan  6 01:27:09.111:BGP(2):10.0.0.8 rcvd UPDATE w/ attr:nexthop 10.0.0.8, origin ?, 
localpref 100, metric 0, path 10, extended community RT:100:1 Cost:igp:10:10 
Cost:igp:11:11
debug ip bgp vpnv4 checkpoint

To display the events for the Virtual Routing and Forwarding (VRF) checkpointing system between the active and standby route processors, use the debug ip bgp vpnv4 checkpoint command in privileged EXEC mode. To disable the display of these events, use the no form of this command.

debug ip bgp vpnv4 checkpoint
no debug ip bgp vpnv4 checkpoint
Syntax Description

This command has no keywords or arguments.

Defaults

Debugging is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(25)S

This command was introduced.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series router.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following example shows command output on the active route processor:
Router# debug ip bgp vpnv4 checkpoint
3d18h: %HA-5-SYNC_NOTICE: Config sync started.
3d18h: vrf-nsf: vrf vpn2 tableid 1 send OK
3d18h: vrf-nsf: vrf tableid bulk sync complete msg send OK
3d18h: vrf-nsf: CF send ok
3d18h: vrf-nsf: CF send ok
3d18h: %HA-5-SYNC_NOTICE: Config sync completed.
3d18h: %HA-5-SYNC_NOTICE: Standby has restarted.
3d18h: %HA-5-MODE: Operating mode is sso, configured mode is sso.
Related Commands

Command

Description

debug ip bgp vpnv4 nsf

Displays the nonstop forwarding events for the VRF table-id synchronization subsystem between the active and standby route processors.

debug ip bgp vpnv4 nsf

To display the nonstop forwarding events for the VRF table-id synchronization subsystem between the active and standby Route Processors, use the debug ip bgp vpnv4 nsf command in privileged EXEC mode. To disable the display of these events, use the no form of this command.

debug ip bgp vpnv4 nsf
no debug ip bgp vpnv4 nsf
Syntax Description

This command has no keywords or arguments.

Defaults

Debugging is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(25)S

This command was introduced.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series router.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following example shows the command output on the active Route Processor:
Router# debug ip bgp vpnv4 nsf
MPLS VPN NSF Processing debugging is on
Router(config)# ip vrf vpn3
3d18h: vrf-nsf: vrf vpn3 tableid 2 send rpc OK
Router(config-vrf)# no ip vrf vpn3
% IP addresses from all interfaces in VRF vpn3 have been removed
3d18h: vrf-nsf:  rx vrf tableid delete complete msg, tid = 2, name = vpn3
The following example shows the command output on the standby Route Processor:
Router# debug ip bgp vpnv4 nsf
MPLS VPN NSF Processing debugging is on
00:05:21: vrf-nsf: rx vrf tableid rpc msg, tid = 2, name = vpn3
% IP addresses from all interfaces in VRF vpn3 have been removed
00:06:22: vrf-nsf: vrf vpn3 tableid 2 , delete complete, send OK
Related Commands

Command

Description

debug ip bgp vpnv4 checkpoint

Display the events for the VRF checkpointing system between the active and standby Route Processors.

debug ip bgp vpnv4 unicast

To display debugging messages for Virtual Private Network version 4 (VPNv4) unicast routes, use the debug ip bgp vpnv4 unicast command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp vpnv4 unicast {checkpoint | csc | import | keepalives | labelmode | updates}
no debug ip bgp vpnv4 unicast {checkpoint | csc | import | keepalives | labelmode | updates}
Syntax Description

checkpoint

Displays virtual routing and forwarding (VRF) nonstop forwarding (NSF) checkpoint messages and events.

csc

Displays VRF processing messages for a Carrier Supporting Carrier (CSC) VPN.

import

Displays VRF import processing messages.

keepalives

Displays Border Gateway Protocol (BGP) keepalives.

labelmode

Displays VRF label mode processing.

updates

Displays BGP updates processing for Unicast VPNv4 address family.

Command Default

Debugging of VPNv4 unicast routes is not enabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.0(5)T

This command was introduced.

XE Release 2.2

The labelmode keyword was added.

12.2(33)SRD

This command was integrated into Cisco IOS Release 12.2(33)SRD.

Examples

The following example enables debugging of MPLS VPN label mode processing:
Router# debug ip bgp vpnv4 unicast labelmode
MPLS VPN Label mode processing debugging is on
Router# config terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# mpls label mode all-vrfs protocol bgp-vpnv4 per-vrf
% This command is an unreleased and unsupported feature
Router(config)#
*Oct 18 11:35:01.159: vpn: changing the label mode (Enable: per-vrf) for all-vrfs
*Oct 18 11:35:01.459: vpn: label mode change, bnet walk complete.
*Oct 18 11:35:01.459: BGP: VPNv4 Unicast label mode changed
Router(config)#^Z
Router#
*Oct 18 11:35:21.995: %SYS-5-CONFIG_I: Configured from console by console
Router# show debug 
Tag VPN:
  MPLS VPN Label mode processing debugging is on
Router#
Related Commands

Command

Description

show ip vrf detail

Displays assigned label mode for the VRF.

debug ip bgp vpnv6 unicast

To display debugging messages for Virtual Private Network version 6 (VPNv6) unicast routes, use the debug ip bgp vpnv6 unicast command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip bgp vpnv6 unicast {csc | import | keepalives | labelmode | topology | updates}
no debug ip bgp vpnv6 unicast {csc | import | keepalives | labelmode | topology | updates}
Syntax Description

csc

Displays VPN routing and forwarding (VRF) processing messages for a Carrier Supporting Carrier (CSC) VPN.

import

Displays VRF import processing messages.

keepalives

Displays Border Gateway Protocol (BGP) keepalives.

labelmode

Displays VRF label mode processing.

topology

Displays the routing topology instance.

updates

Displays BGP updates processing for the unicast VPNv6 address family.

Command Default

Debugging of VPNv6 unicast routes is not enabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(33)SRD

This command was introduced.

Examples

The following example enables debugging of MPLS VPN label mode processing:
Router# debug ip bgp vpnv6 unicast labelmode 
MPLS VPN Label mode processing debugging is on
Router# config terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)# mpls label mode vrf vpn1 protocol bgp-vpnv6 per-vrf
% Command accepted but obsolete, unreleased or unsupported; see documentation.
Router(config)#
6d03h: vpn: changing the label mode (Enable: per-vrf) for vrf vpn1, address family ipv6
6d03h: vpn: setting pervrfaggr label 18 for vrf vpn1:2001:DB8:1:2::/96
6d03h: vpn: setting pervrfaggr label 18 for vrf vpn1:2001:DB8:2::1/128
6d03h: vpn: pervrfaggr, withdraw and free local label 19 for vpn1:2001:DB8:CE1::1/128
6d03h: vpn: setting pervrfaggr label 18 for vrf vpn1:2001:DB8:CE1::1/128
6d03h: vpn: label mode change, bnet walk complete.
6d03h: BGP: VPNv6 Unicast label mode changed
Router(config)# end
Related Commands

Command

Description

show vrf detail

Displays assigned label mode for the VRF.

debug ip casa affinities

To display debugging messages for affinities, use the debug ip casa affinities command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip casa affinities
no debug ip casa affinities
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging for affinities is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug ip casa affinities command:
Router# debug ip casa affinities
16:15:36:Adding fixed affinity:
16:15:36:    10.10.1.1:54787 -> 10.10.10.10:23 proto = 6
16:15:36:Updating fixed affinity:
16:15:36:    10.10.1.1:54787 -> 10.10.10.10:23 proto = 6
16:15:36:    flags = 0x2, appl addr = 10.10.3.2, interest = 0x5/0x100
16:15:36:    int ip:port = 10.10.2.2:1638, sequence delta = 0/0/0/0
16:15:36:Adding fixed affinity:
16:15:36:    10.10.10.10:23 -> 10.10.1.1:54787 proto = 6
16:15:36:Updating fixed affinity:
16:15:36:    10.10.10.10:23 -> 10.10.1.1:54787 proto = 6
16:15:36:    flags = 0x2, appl addr = 0.0.0.0, interest = 0x3/0x104
16:15:36:    int ip:port = 10.10.2.2:1638, sequence delta = 0/0/0/0
Table 117 describes the significant fields shown in the display.

Table 117 debug ip casa affinities Field Descriptions

Field

Description

Adding fixed affinity

Adding a fixed affinity to affinity table.

Updating fixed affinity

Modifying a fixed affinity table with information from the services manager.

flags

Bit field indicating actions to be taken on this affinity.

fwd addr

Address to which packets will be directed.

interest

Services manager that is interested in packets for this affinity.

int ip:port

Services manager port to which interest packets are sent.

sequence delta

Used to adjust TCP sequence numbers for this affinity.

debug ip casa packets

To display debugging messages for packets, use the debug ip casa packets command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip casa packets
no debug ip casa packets
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging for packets is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug ip casa packets command:
Router# debug ip casa packets
16:15:36:Routing CASA packet - TO_MGR:
16:15:36:    10.10.1.1:55299 -> 10.10.10.10:23 proto = 6
16:15:36:    Interest Addr:10.10.2.2   Port:1638
16:15:36:Routing CASA packet - FWD_PKT:
16:15:36:    10.10.1.1:55299 -> 10.10.10.10:23 proto = 6
16:15:36:    Fwd Addr:10.10.3.2
16:15:36:Routing CASA packet - TO_MGR:
16:15:36:    10.10.10.10:23 -> 10.10.1.1:55299 proto = 6
16:15:36:    Interest Addr:10.10.2.2   Port:1638
16:15:36:Routing CASA packet - FWD_PKT:
16:15:36:    10.10.10.10:23 -> 10.10.1.1:55299 proto = 6
16:15:36:    Fwd Addr:0.0.0.0
16:15:36:Routing CASA packet - TICKLE:
16:15:36:    10.10.10.10:23 -> 10.10.1.1:55299 proto = 6
16:15:36:    Interest Addr:10.10.2.2   Port:1638  Interest Mask:SYN 
16:15:36:    Fwd Addr:0.0.0.0
16:15:36:Routing CASA packet - FWD_PKT:
16:15:36:    10.10.1.1:55299 -> 10.10.10.10:23 proto = 6
16:15:36:    Fwd Addr:10.10.3.2
Table 118 describes the significant fields shown in the display.

Table 118 debug ip casa packets Field Descriptions

Field

Description

Routing CASA packet - TO_MGR

Forwarding Agent is routing a packet to the services manager.

Routing CASA packet - FWD_PKT

Forwarding Agent is routing a packet to the forwarding address.

Routing CASA packet - TICKLE

Forwarding Agent is signaling services manager while allowing the packet in question to take the appropriate action.

Interest Addr

Services manager address.

Interest Port

Port on the services manager where packet is sent.

Fwd Addr

Address to which packets matching the affinity are sent.

Interest Mask

Services manager that is interested in packets for this affinity.

debug ip casa wildcards

To display debugging messages for wildcards, use the debug ip casa wildcards command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip casa wildcards
no debug ip casa wildcards
Syntax Description

This command has no arguments or keywords.

Defaults

Debugging for wildcards is not enabled.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(5)T

This command was introduced.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug ip casa wildcards command:
Router# debug ip casa wildcards
16:13:23:Updating wildcard affinity:
16:13:23:    10.10.10.10:0 -> 0.0.0.0:0 proto = 6
16:13:23:    src mask = 255.255.255.255, dest mask = 0.0.0.0
16:13:23:    no frag, not advertising
16:13:23:    flags = 0x0, appl addr = 0.0.0.0, interest = 0x8107/0x8104
16:13:23:    int ip:port = 10.10.2.2:1638, sequence delta = 0/0/0/0
16:13:23:Updating wildcard affinity:
16:13:23:    0.0.0.0:0 -> 10.10.10.10:0 proto = 6
16:13:23:    src mask = 0.0.0.0, dest mask = 255.255.255.255
16:13:23:    no frag, advertising
16:13:23:    flags = 0x0, appl addr = 0.0.0.0, interest = 0x8107/0x8102
16:13:23    int ip:port = 10.10.2.2:1638, sequence delta = 0/0/0/0
Table 119 describes the significant fields shown in the display.

Table 119 debug ip casa wildcards Field Descriptions

Field

Description

src mask

Source of connection.

dest mask

Destination of connection.

no frag, not advertising

Not accepting IP fragments.

flags

Bit field indicating actions to be taken on this affinity.

fwd addr

Address to which packets matching the affinity will be directed.

interest

Services manager that is interested in packets for this affinity.

int ip: port

Services manager port to which interest packets are sent.

sequence delta

Used to adjust sequence numbers for this affinity.

debug ip cef

To troubleshoot various Cisco Express Forwarding events, use the debug ip cef command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef {drops [rpf [access-list]] [access-list] | receive [access-list] | events [access-list] | interface | dialer}
no debug ip cef {drops [rpf [access-list]] [access-list] | receive [access-list] | events [access-list] | interface | dialer}
Specific to Interprocess Communication (IPC) Records

debug ip cef {ipc | interface-ipc | prefix-ipc [access-list]}
no debug ip cef {ipc | interface-ipc | prefix-ipc [access-list]}
Cisco 10000 Series Routers Only

debug ip cef {drops [rpf [access-list]] [access-list] | receive [access-list] | events [access-list]}
no debug ip cef {drops [rpf [access-list]] [access-list] | receive [access-list] | events [access-list]}
Cisco 10000 Series Routers Only—Specific to IPC Records

debug ip cef ipc
no debug ip cef ipc
Syntax Description

drops

Records dropped packets.

rpf

(Optional) Records the result of the Reverse Path Forwarding (RPF) check for packets.

access-list

(Optional) Limits debugging collection to packets that match the list.

receive

Records packets that are ultimately destined to the router and packets destined to a tunnel endpoint on the router. If the decapsulated tunnel is IP, the packets are Cisco Express Forwarding switched; otherwise the packets are process switched.

events

Records general Cisco Express Forwarding events.

interface

Records IP Cisco Express Forwarding interface events.

dialer

Records IP Cisco Express Forwarding interface events for dialer interfaces.

ipc

Records information related to IPC in Cisco Express Forwarding. Possible types of events are the following:

•IPC messages received out of sequence

•Status of resequenced messages

•Status of buffer space for IPC messages

•Transmission status of IPC messages

•Throttle requests sent from a line card to the Route Processor

interface-ipc

Records IPC updates related to interfaces. Possible reporting includes an interface coming up or going down and updates to fibhwidb and fibidb.

prefix-ipc

Records updates related to IP prefix information. Possible updates include the following:

•Debugging of IP routing updates in a line card

•Reloading of a line card with a new table

•Updates related to exceeding the maximum number of routes

•Control messages related to Forwarding Information Base (FIB) table prefixes

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

11.2GS

This command was introduced.

11.1CC

Support for multiple platforms was added.

12.0(5)T

The rpf keyword was added.

12.2(4)T

The dialer keyword was added.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

This command gathers additional information for the handling of Cisco Express Forwarding interface, IPC, or packet events.

Note For packet events, we recommend that you use an access control list (ACL) to limit the messages recorded.

Examples

The following is sample output from the debug ip cef rpf command for a packet that is dropped when it fails the RPF check. IP address 172.17.249.252 is the source address, and Ethernet 2/0/0 is the input interface.
Router# debug ip cef drops rpf
IP CEF drops for RPF debugging is on
00:42:02:CEF-Drop:Packet from 172.17.249.252 via Ethernet2/0/0 -- unicast rpf check
The following is sample output for Cisco Express Forwarding packets that are not switched using information from the FIB table but are received and sent to the next switching layer:
Router# debug ip cef receive
IP CEF received packets debugging is on
00:47:52:CEF-receive:Receive packet for 10.1.104.13
Table 120 describes the significant fields shown in the display.

Table 120 debug ip cef receive Field Descriptions

Field

Description

CEF-Drop:Packet from 172.17.249.252 via Ethernet2/0/0 -- unicast rpf check

A packet from IP address 172.17.249.252 is dropped because it failed the RPF check.

CEF-receive:Receive packet for 10.1.104.13

Cisco Express Forwarding has received a packet addressed to the router.

The following is sample output from the debug ip cef dialer command for a legacy dialer:
Router# debug ip cef dialer
00:19:50:CEF-Dialer (legacy):add link to 10.10.10.2 via Dialer1 through BRI0/0:1
00:19:50:CEF-Dialer:adjacency added:0x81164850
00:19:50:CEF-Dialer:adjacency found:0x81164850; fib->count:1
00:19:50:CEF-Dialer:setup loadinfo with 1 paths
The following is sample output from the debug ip cef dialer command for a dialer profile:
Router# debug ip cef dialer
00:31:44:CEF-Dialer (profile dynamic encap (not MLP)):add link to 10.10.10.2 via Dialer1 
through Dialer1
00:31:44:CEF-Dialer:adjacency added:0x81164850
00:31:44:CEF-Dialer:adjacency found:0x81164850; fib->count:1
Table 121 describes the significant fields shown in the display.

Table 121 debug ip cef dialer Field Descriptions

Field

Description

CEF-Dialer (legacy):add link to 10.10.10.2 via Dialer1 through BRI0/0:1

A link was added to IP address 10.10.10.2 for legacy Dialer1 through physical interface BRI0/0:1.

CEF-Dialer (profile dynamic encap (not MLP)):add link to 10.10.10.2 via Dialer1 through Dialer1

A link was added to IP address 10.10.10.2 for dialer profile Dialer1 through Dialer1.

Related Commands

Command

Description

ip cef

Enables Cisco Express Forwarding on the RPC card.

show ip cef

Displays entries in the FIB or displays a summary of the FIB.

debug ip cef accounting non-recursive

To troubleshoot Cisco Express Forwarding accounting records, use the debug ip cef accounting non-recursive command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef accounting non-recursive
no debug ip cef accounting non-recursive
Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

11.1CC

This command was introduced.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

This command records accounting events for nonrecursive prefixes when the ip cef accounting non-recursive command is enabled in global configuration mode.

Examples

The following is sample output from the debug ip cef accounting non-recursive command:
Router# debug ip cef accounting non-recursive
03:50:19:CEF-Acct:tmstats_binary:Beginning generation of tmstats 
ephemeral file (mode binary)
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF2000
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1EA0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF17C0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1D40
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1A80
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0740
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF08A0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0B60
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0CC0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0F80
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF10E0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1240
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF13A0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1500
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1920
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0E20
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1660
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF05E0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0A00
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF1BE0
03:50:19:CEF-Acct:snapshoting loadinfo 0x63FF0480
03:50:19:CEF-Acct:tmstats_binary:aggregation complete, duration 0 seconds
03:50:21:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:24:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:24:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:27:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:29:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:32:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:35:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:38:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:41:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:45:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:48:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:49:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:52:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:55:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:writing 45 bytes
03:50:57:CEF-Acct:tmstats_binary:tmstats file written, status 0
Table 122 describes the significant fields shown in the display.

Table 122 debug ip cef accounting non-recursive Field Descriptions

Field

Description

Beginning generation of tmstats ephemeral file (mode binary)

Tmstats file is being created.

CEF-Acct:snapshoting loadinfo 0x63FF2000

Baseline counters are being written to the tmstats file for each nonrecursive prefix.

CEF-Acct:tmstats_binary:aggregation complete, duration 0 seconds

Tmstats file creation is complete.

CEF-Acct:tmstats_binary:writing 45 bytes

Nonrecursive accounting statistics are being updated to the tmstats file.

CEF-Acct:tmstats_binary:tmstats file written, status 0

Update of the tmstats file is complete.

Related Commands

Command

Description

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

ip cef accounting

Enables Cisco Express Forwarding network accounting.

show ip cef

Displays entries or a summary of the FIB table.

debug ip cef fragmentation

To report fragmented IP packets when Cisco Express Forwarding is enabled, use the debug ip cef fragmentation command in privileged EXEC mode. To disable debugging output, use the no form of this command:

debug ip cef fragmentation
no debug ip cef fragmentation
Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.0(14)S

This command was introduced.

12.2(2)T

This command was integrated into Cisco IOS Release 12.2(2)T.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

This command is used to troubleshoot fragmentation problems when Cisco Express Forwarding switching is enabled.

Examples

The following is sample output from the debug ip cef fragmentation command:
Router# debug ip cef fragmentation
00:59:45:CEF-FRAG:no_fixup path:network_start 0x5397CF8E datagramstart 0x5397CF80 
data_start 0x397CF80 data_block 0x397CF40 mtu 1000 datagramsize 1414 data_bytes 1414
00:59:45:CEF-FRAG:send frag:datagramstart 0x397CF80 datagramsize 442 data_bytes 442
00:59:45:CEF-FRAG:send frag:datagramstart 0x38BC266 datagramsize 1006 data_bytes 1006
00:59:45:CEF-FRAG:no_fixup path:network_start 0x5397C60E datagramstart 0x5397C600 
data_start 0x397C600 data_block 0x397C5C0 mtu 1000 datagramsize 1414 data_bytes 1414
00:59:45:CEF-FRAG:send frag:datagramstart 0x397C600 datagramsize 442 data_bytes 442
00:59:45:CEF-FRAG:send frag:datagramstart 0x38BC266 datagramsize 1006 data_bytes 1006
Table 123 describes the significant fields shown in the display.

Table 123 debug ip cef fragmentation Field Descriptions

Field

Description

no_fixup path

A packet is being fragmented in the no_fixup path.

network_start 0x5397CF8E

Memory address of the IP packet.

datagramstart 0x5397CF80

Memory address of the encapsulated IP packet.

data_start 0x397CF80

For particle systems, the memory address where data starts for the first packet particle.

data_block 0x397C5C0

For particle systems, the memory address of the first packet particle data block.

mtu 1000

Maximum transmission unit of the output interface.

datagramsize 1414

Size of the encapsulated IP packet.

data_bytes 1414

For particle systems, the sum of the particle data bytes that make up the packet.

send frag

Fragment is being forwarded.

Related Commands

Command

Description

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

debug ip cef hash

To record Cisco Express Forwarding load sharing hash algorithm events, use the debug ip cef hash command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef hash
no debug ip cef hash
Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.0(12)S

This command was introduced.

12.1(5)T

This command was integrated into Cisco IOS Release 12.1(5)T.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB. This command is not supported on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.This command is not supported on the Cisco 7600 router.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

Use this command when changing the load sharing algorithm to display the hash table details.

Examples

The following is sample output from the debug ip cef hash command with IP Cisco Express Forwarding load algorithm tunnel information:
Router# debug ip cef hash
01:15:06:%CEF:ip cef load-sharing algorithm tunnel 0
01:15:06:%CEF:Load balancing algorithm:tunnel
01:15:06:%CEF:Load balancing unique id:1F2BA5F6
01:15:06:%CEF:Destroyed load sharing hash table
01:15:06:%CEF:Sending hash algorithm id 2, unique id 1F2BA5F6 to slot 255
The following lines show IP Cisco Express Forwarding load algorithm universal information:
01:15:28:%CEF:ip cef load-sharing algorithm universal 0
01:15:28:%CEF:Load balancing algorithm:universal
01:15:28:%CEF:Load balancing unique id:062063A4
01:15:28:%CEF:Creating load sharing hash table
01:15:28:%CEF:Hash table columns for valid max_index:
01:15:28:12: 9  7  7 4  4 10  0  7 10  4  5  0  4  7  8  4
01:15:28:15: 3 10 10  4 10  4  0  7  1  7 14  6 13 13 11 13
01:15:28:16: 1  3  7 12  4 14  8  7 10  4  1 12  8 15  4  8
01:15:28:%CEF:Sending hash algorithm id 3, unique id 062063A4 to slot 255
Table 124 describes the significant fields shown in the display.

Table 124 debug ip cef hash Field Descriptions

Field

Description

ip cef load-sharing algorithm tunnel 0

Echo of the user command.

Load balancing algorithm:tunnel

Load sharing algorithm is set to tunnel.

Load balancing unique id:1F2BA5F6

ID field in the command is usually 0. In this instance, the router chose a pseudo random ID of 1F2BA5F6.

Destroyed load sharing hash table

Purge the existing hash table.

Sending hash algorithm id 2, unique id 1F2BA5F6 to slot 255

Algorithm is being distributed.

Creating load sharing hash table

Hash table is being created.

Hash table columns for valid max_index:

Generated hash table.

Related Commands

Command

Description

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

debug ip cef rrhash

Records Cisco Express Forwarding removal of receive hash events.

debug ip cef rrhash

To record Cisco Express Forwarding removal of receive hash events, use the debug ip cef rrhash command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef rrhash
no debug ip cef rrhash
Syntax Description

This command has no arguments or keywords.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(2)T

This command was introduced.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB. This command is not supported on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA. This command is not supported on the Cisco 7600 routers.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

Use this command to verify the removal of receive hash events when you are shutting down or deleting an interface.

Examples

The following is sample output from the debug ip cef rrhash command:
Router# debug ip cef rrhash
00:27:15:CEF:rrhash/check:found 10.1.104.7 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.0 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.255 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.7 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.7 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.0 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.255 on down idb [ok to delete]
00:27:15:CEF:rrhash/check:found 10.1.104.7 on down idb [ok to delete]
Table 125 describes the significant fields shown in the display.

Table 125 debug ip cef rrhash Field Descriptions

Field

Description

rrhash/check

Verify address is on the receive list.

found 10.1.104.7 on down idb [ok to delete]

Found a valid address on the receive list for a shutdown interface that can be deleted.

Related Commands

Command

Description

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

debug ip cef hash

Records Cisco Express Forwarding removal of receive hash events.

debug ip cef subblock

To troubleshoot Cisco Express Forwarding subblock events, use the debug ip cef subblock command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef subblock [id {all | hw hw-id | sw sw-id }] [xdr {all | control | event | none | statistic}]
no debug ip cef subblock [id {all | hw hw-id | sw sw-id }] [xdr {all | control | event | none | statistic}]
Syntax Description

id

(Optional) Subblock types.

all

(Optional) All subblock types.

hw hw-id

(Optional) Hardware subblock and identifier.

sw sw-id

(Optional) Software subblock and identifier.

xdr

(Optional) Exernal Data Representation (XDR) message types.

control

(Optional) All XDR message types.

event

(Optional) Event XDR messages only.

none

(Optional) No XDR messages.

statistic

(Optional) Statistic XDR messages.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.0S

This command was introduced.

12.2(2)T

This command was integrated into Cisco IOS Release 12.2(2)T.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

This command is used to record Cisco Express Forwarding subblock messages and events.

Examples

The following is sample output from the debug ip cef subblock command:
Router# debug ip cef subblock
00:28:12:CEF-SB:Creating unicast RPF subblock for FastEthernet6/0
00:28:12:CEF-SB:Linked unicast RPF subblock to FastEthernet6/0.
00:28:12:CEF-SB:Encoded unit of unicast RPF data (length 16) for FastEthernet6/0
00:28:12:CEF-SB:Sent 1 data unit to slot 6 in 1 XDR message
Cisco 10000 Series Router Example

The following is sample output from the debug ip cef subblock command:
Router# debug ip cef subblock
00:28:12:CEF-SB:Creating unicast RPF subblock for FastEthernet6/0/0
00:28:12:CEF-SB:Linked unicast RPF subblock to FastEthernet6/0/0.
00:28:12:CEF-SB:Encoded unit of unicast RPF data (length 16) for FastEthernet6/0/0
00:28:12:CEF-SB:Sent 1 data unit to slot 6 in 1 XDR message
Table 126 describes the significant fields shown in the display.

Table 126 debug ip cef subblock Field Descriptions

Field

Description

Creating unicast RPF subblock for FastEthernet6/0/0

Creating an Unicast Reverse Path Forwarding (Unicast RPF) interface descriptor subblock.

Linked unicast RPF subblock to FastEthernet6/0/0

Linked the subblock to the specified interface.

Encoded unit of unicast RPF data (length 16) for FastEthernet6/0/0

Encoded the subblock information in an XDR.

Sent 1 data unit to slot 6 in 1 XDR message

Sent the XDR message to a line card through the IPC.

Related Commands

Command

Description

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

debug ip cef table

To enable the collection of events that affect entries in the Cisco Express Forwarding tables, use the debug ip cef table command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip cef table [access-list | consistency-checkers]
no debug ip cef table [access-list | consistency-checkers]
Syntax Description

access-list

(Optional) Controls collection of consistency checker parameters from specified lists.

consistency-checkers

(Optional) Sets consistency checking characteristics.

Defaults

This command is disabled.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

11.2GS

This command was introduced.

11.1CC

Support was added for multiple platforms.

12.0(15)S

The consistency-checkers keyword was added.

12.2(2)T

This command was integrated into Cisco IOS Release 12.2(2)T.

12.2(25)S

This command was integrated into Cisco IOS Release 12.2(25)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB and implemented on the Cisco 10000 series routers.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.4(20)T

This command was integrated into Cisco IOS Release 12.4(20)T.

Usage Guidelines

This command is used to record Cisco Express Forwarding table events related to the Forwarding Information Base (FIB) table. Possible types of events include the following:

•Routing updates that populate the FIB table

•Flushing of the FIB table

•Adding or removing of entries to the FIB table

•Table reloading process

Examples

The following is sample output from the debug ip cef table command:
Router# debug ip cef table
01:25:46:CEF-Table:Event up, 10.1.1.1/32 (rdbs:1, flags:1000000)
01:25:46:CEF-IP:Checking dependencies of 0.0.0.0/0
01:25:47:CEF-Table:attempting to resolve 10.1.1.1/32
01:25:47:CEF-IP:resolved 10.1.1.1/32 via 10.1.104.1 to 10.1.104.1 Ethernet2/0/0
01:26:02:CEF-Table:Event up, default, 0.0.0.0/0 (rdbs:1, flags:400001)
01:26:02:CEF-IP:Prefix exists - no-op change
Cisco 10000 Series Router Example

The following is sample output from the debug ip cef table command:
Router# debug ip cef table
01:25:46:CEF-Table:Event up, 10.1.1.1/32 (rdbs:1, flags:1000000)
01:25:46:CEF-IP:Checking dependencies of 0.0.0.0/0
01:25:47:CEF-Table:attempting to resolve 10.1.1.1/32
01:25:47:CEF-IP:resolved 10.1.1.1/32 via 10.1.104.1 to 10.1.104.1  GigabitEthernet2/0/0
01:26:02:CEF-Table:Event up, default, 0.0.0.0/0 (rdbs:1, flags:400001)
01:26:02:CEF-IP:Prefix exists - no-op change
Table 127 describes the significant fields shown in the display.

Table 127 debug ip cef table Field Descriptions

Field

Description

CEF-Table

Indicates a table event.

Event up, 10.1.1.1/32

IP prefix 10.1.1.1/32 is being added.

rdbs:1

Event is from routing descriptor block 1.

flags:1000000

Indicates the network descriptor block flags.

CEF-IP

Indicates a Cisco Express Forwarding IP event.

Checking dependencies of 0.0.0.0/0

Resolves the next hop dependencies for 0.0.0.0/0.

attempting to resolve 10.1.1.1/32

Resolves the next hop dependencies.

resolved 10.1.1.1/32 via 10.1.104.1 to 10.1.104.1 Ethernet2/0/0

Next hop to IP prefix 10.1.1.1/32 is set and is added to the table.

Event up, default, 0.0.0.0/0 Prefix exists - no-op change

Indicates no table change is necessary for 0.0.0.0/32.

Related Commands

Command

Description

cef table consistency-check

Enables Cisco Express Forwarding consistency checker table values by type and parameter.

clear cef table

Clears the Cisco Express Forwarding tables.

clear ip cef inconsistency

Clears Cisco Express Forwarding inconsistency statistics and records found by the Cisco Express Forwarding consistency checkers.

debug cef

Enables the display of information about Cisco Express Forwarding events.

debug ip cef

Troubleshoots various Cisco Express Forwarding events.

show cef table consistency-check

Displays Cisco Express Forwarding consistency checker table values.

show ip cef inconsistency

Displays Cisco Express Forwarding IP prefix inconsistencies.

debug ip ddns update

To enable debugging for Dynamic Domain Name System (DDNS) updates, use the debug ip ddns update command in privileged EXEC mode. To disable the debugging, use the no form of this command.

debug ip ddns update
no debug ip ddns update
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.3(8)YA

This command was introduced.

12.3(14)T

This command was integrated into Cisco IOS Release 12.3(14)T.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

Use the debug ip ddns update command to verify that your configurations are working properly. The following sample configurations are shown for demonstration of possible debug output that could display for each configuration.

Sample Configuration for the Client to Update A RRs and the Server to Update PTR RRs

The following scenario has a client configured for IETF DDNS updating of address (A) Resource Records (RRs) during which a Dynamic Host Configuration Protocol (DHCP) server is expected to update the pointer (PTR) RR. The DHCP client discovers the domain name system (DNS) server to update using an Start of Authority (SOA) RR lookup since the IP address to the server to update is not specified. The DHCP client is configured to include an fully qualified domain name (FQDN) DHCP option and notifies the DHCP server that it will be updating the A RRs.
!DHCP Client Configuration
ip ddns update method testing
 ddns
interface Ethernet1
 ip dhcp client update dns
 ip ddns update testing
 ip address dhcp
end
!DHCP Server Configuration
ip dhcp pool test
 network 10.0.0.0 255.0.0.0
 update dns
!Debug Output Enabled
Router# debug ip ddns update
00:14:39: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet1 assigned DHCP address 10.0.0.4, mask 
255.0.0.0, hostname canada_reserved
00:14:39: DYNDNSUPD: Adding DNS mapping for canada_reserved.hacks <=> 10.0.0.4
00:14:39: DYNDNSUPD: Sleeping for 3 seconds waiting for interface Ethernet1 configuration 
to settle
00:14:42: DHCPC: Server performed PTR update
00:14:42: DDNS: Enqueuing new DDNS update 'canada_reserved.hacks' <=> 10.0.0.4
00:14:42: DDNS: Zone name for 'canada_reserved.hacks' is 'hacks'
00:14:42: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:14:42: DDNS:   Zone = hacks
00:14:42: DDNS:   Prerequisite: canada_reserved.hacks not in use
00:14:42: DDNS:   Update: add canada_reserved.hacks IN A 10.0.0.4
00:14:42: DDNS: Dynamic DNS Update 1 (A) for host canada_reserved.hacks returned 0 
(NOERROR)
00:14:42: DDNS: Update of 'canada_reserved.hacks' <=> 10.0.0.4 finished
00:14:42: DYNDNSUPD: Another update completed (total outstanding=0)
Sample Configuration for the Client to Update Both A and DNS RRs and the Server to Update Neither

The following scenario has the client configured for IETF DDNS updating of both A and DNS RRs and requesting that the DHCP server update neither. The DHCP client discovers the DNS server to update using an SOA RR lookup since the IP address to the server to update is not specified. The DHCP client is configured to include an FQDN DHCP option that instructs the DHCP server to not update either A or PTR RRs.
!DHCP Client Configuration
ip dhcp-client update dns server none
ip ddns update method testing
 ddns both
interface Ethernet1
 ip ddns update testing
 ip address dhcp
end
!DHCP Server Configuration
ip dhcp pool test
 network 10.0.0.0 255.0.0.0
 update dns
!Debug Output Enabled
Router# debug ip ddns update
00:15:33: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet1 assigned DHCP address 10.0.0.5, mask 
255.0.0.0, hostname canada_reserved
00:15:33: DYNDNSUPD: Adding DNS mapping for canada_reserved.hacks <=> 10.0.0.5
00:15:33: DYNDNSUPD: Sleeping for 3 seconds waiting for interface Ethernet1 configuration 
to settle
00:15:36: DDNS: Enqueuing new DDNS update 'canada_reserved.hacks' <=> 10.0.0.5
00:15:36: DDNS: Zone name for '10.0.0.11.in-addr.arpa.' is '10.in-addr.arpa'
00:15:36: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:15:36: DDNS:   Zone = 10.in-addr.arpa
00:15:36: DDNS:   Prerequisite: 10.0.0.11.in-addr.arpa. not in use
00:15:36: DDNS:   Update: add 10.0.0.11.in-addr.arpa. IN PTR canada_reserved.hacks
00:15:36: DDNS: Dynamic DNS Update 1 (PTR) for host canada_reserved.hacks returned 0 
(NOERROR)
00:15:36: DDNS: Zone name for 'canada_reserved.hacks' is 'hacks'
00:15:36: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:15:36: DDNS:   Zone = hacks
00:15:36: DDNS:   Prerequisite: canada_reserved.hacks not in use
00:15:36: DDNS:   Update: add canada_reserved.hacks IN A 10.0.0.5
00:15:36: DDNS: Dynamic DNS Update 1 (A) for host canada_reserved.hacks returned 0 
(NOERROR)
00:15:36: DDNS: Update of 'canada_reserved.hacks' <=> 10.0.0.5 finished
00:15:36: DYNDNSUPD: Another update completed (total outstanding=0)
Sample Configuration for the Client to Update A and DNS RRs and the Server to Update Neither

The following scenario has the client configured for IETF DDNS updating of both A and DNS RRs and requesting that the DHCP server update neither. The DHCP client explicitly specifies the server to update. The DHCP client is configured to include an FQDN DHCP option that instructs the DHCP server not to update either A or PTR RRs. The configuration is performed using the ip dhcp client update dns command. The DHCP server is configured to override the client request and update both A and PTR RR anyway.
!DHCP Client Configuration
ip dhcp client update dns server none
ip ddns update method testing
 ddns both
interface Ethernet1
 ip dhcp client update dns server none
 ip ddns update testing
 ip address dhcp
end
!DHCP Server Configuration
ip dhcp pool test
 network 10.0.0.0 255.0.0.0
 update dns both override
!Debug Output Enabled on DHCP Client
Router# debug ip ddns update
00:16:30: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet1 assigned DHCP address 10.0.0.6, mask 
255.0.0.0, hostname canada_reserved
00:16:30: DYNDNSUPD: Adding DNS mapping for canada_reserved.hacks <=> 10.0.0.6
00:16:30: DYNDNSUPD: Sleeping for 3 seconds waiting for interface Ethernet1 configuration 
to settle
00:16:33: DHCPC: Server performed both updates
Sample Configuration for the Client to Update A and DNS RRs and the Server to Update Neither

The following scenario has the client configured for IETF DDNS updating of both A and DNS RRs and requesting the DHCP server to update neither. The DHCP client is configured to include an FQDN DHCP option which instructs the DHCP server not to update either A or PTR RRs. The DHCP server is configured to allow the client to update whatever RR it chooses.
!DHCP Client Configuration
ip dhcp client update dns server non
ip ddns update method testing
 ddns both
interface Ethernet1
 ip dhcp client update dns server none
 ip ddns update testing host 172.19.192.32
 ip address dhcp
end
!DHCP Server Configuration
ip dhcp pool test
 network 10.0.0.0 255.0.0.0
 update dns
!Debug Output Enabled on DHCP Client
Router# debug ip ddns update
00:17:52: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet1 assigned DHCP address 10.0.0.7, mask 
255.0.0.0, hostname canada_reserved
00:17:52: DYNDNSUPD: Adding DNS mapping for canada_reserved.hacks <=> 10.0.0.6
00:17:52: DYNDNSUPD: Sleeping for 3 seconds waiting for interface Ethernet1 configuration 
to settle
00:17:55: DDNS: Enqueuing new DDNS update 'canada_reserved.hacks' <=> 10.0.0.7
00:17:55: DYNDNSUPD: Adding DNS mapping for canada_reserved.hacks <=> 10.0.0.7 server 
10.19.192.32
00:17:55: DDNS: Enqueuing new DDNS update 'canada_reserved.hacks' <=> 10.0.0.7 server 
10.19.192.32
00:17:55: DDNS: Zone name for '7.0.0.11.in-addr.arpa.' is '11.in-addr.arpa'
00:17:55: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = 11.in-addr.arpa
00:17:55: DDNS:   Prerequisite: 10.0.0.11.in-addr.arpa. not in use
00:17:55: DDNS:   Update: add 10.0.0.11.in-addr.arpa. IN PTR canada_reserved.hacks
00:17:55: DDNS: Zone name for '10.0.0.11.in-addr.arpa.' is '10.in-addr.arpa'
00:17:55: DDNS: Using server 10.19.192.32
00:17:55: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = 11.in-addr.arpa
00:17:55: DDNS:   Prerequisite: 10.0.0.11.in-addr.arpa. not in use
00:17:55: DDNS:   Update: add 10.0.0.11.in-addr.arpa. IN PTR canada_reserved.hacks
00:17:55: DDNS: Dynamic DNS Update 1 (PTR) for host canada_reserved.hacks returned 0 
(NOERROR)
00:17:55: DDNS: Dynamic DNS Update 1 (PTR) for host canada_reserved.hacks returned 6 
(YXDOMAIN)
00:17:55: DDNS: Dynamic Update 2: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = 11.in-addr.arpa
00:17:55: DDNS:   Update: delete 10.0.0.11.in-addr.arpa. all PTR RRs
00:17:55: DDNS:   Update: add 10.0.0.11.in-addr.arpa. IN PTR canada_reserved.hacks
00:17:55: DDNS: Dynamic DNS Update 2 (PTR) for host canada_reserved.hacks returned 0 
(NOERROR)
00:17:55: DDNS: Zone name for 'canada_reserved.hacks' is 'hacks'
00:17:55: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = hacks
00:17:55: DDNS:   Prerequisite: canada_reserved.hacks not in use
00:17:55: DDNS:   Update: add canada_reserved.hacks IN A 10.0.0.7
00:17:55: DDNS: Dynamic DNS Update 1 (A) for host canada_reserved.hacks returned 0 
(NOERROR)
00:17:55: DDNS: Update of 'canada_reserved.hacks' <=> 10.0.0.7 finished
00:17:55: DYNDNSUPD: Another update completed (total outstanding=1)
00:17:55: DDNS: Zone name for 'canada_reserved.hacks' is 'hacks'
00:17:55: DDNS: Using server 10.19.192.32
00:17:55: DDNS: Dynamic Update 1: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = hacks
00:17:55: DDNS:   Prerequisite: canada_reserved.hacks not in use
00:17:55: DDNS:   Update: add canada_reserved.hacks IN A 10.0.0.7
00:17:55: DDNS: Dynamic DNS Update 1 (A) for host canada_reserved.hacks returned 6 
(YXDOMAIN)
00:17:55: DDNS: Dynamic Update 2: (sending to server 10.19.192.32)
00:17:55: DDNS:   Zone = hacks
00:17:55: DDNS:   Update: delete canada_reserved.hacks all A RRs
00:17:55: DDNS:   Update: add canada_reserved.hacks IN A 10.0.0.7
00:17:55: DDNS: Dynamic DNS Update 2 (A) for host canada_reserved.hacks returned 0 
(NOERROR)
00:17:55: DDNS: Update of 'canada_reserved.hacks' <=> 10.0.0.7 finished
00:17:55: DYNDNSUPD: Another update completed (total outstanding=0)
Sample Configuration for Updating the Internal Host Table

In the following scenario, the debug output displays the internal host table updates when the default domain name is hacks. The update method named test specifies that the internal Cisco IOS software host table should be updated. Configuring the update method as "test" should be used when the address on the Ethernet interface 0/0 changes. The hostname is configured for the update on this interface.
!Cisco IOS Software Configuration
ip domain name hacks
ip ddns update method test
 internal
interface ethernet0/0
 ip ddns update test hostname test2
 ip addr dhcp
!Debug Output Enabled
Router# debug ip ddns update
*Jun 4 03:11:10.591: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet0/0 assigned DHCP address 
10.0.0.5, mask 255.0.0.0, hostname test2
*Jun 4 03:11:10.591: DYNDNSUPD: Adding DNS mapping for test2.hacks <=> 10.0.0.5
*Jun 4 03:11:10.591: DYNDNSUPD: Adding internal mapping test2.hacks <=> 10.0.0.5
Using the show hosts command displays the newly added host table entry.
Router# show hosts
Default domain is hacks
Name/address lookup uses domain service
Name servers are 255.255.255.255
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
       temp - temporary, perm - permanent
       NA - Not Applicable None - Not defined
Host                      Port Flags      Age Type   Address(es)
test2.hacks               None (perm, OK) 0   IP    10.0.0.5
Shutting down the interface removes the host table entry.
interface ethernet0/0
 shutdown
*Jun 4 03:14:02.107: DYNDNSUPD: Removing DNS mapping for test2.hacks <=> 10.0.0.5
*Jun 4 03:14:02.107: DYNDNSUPD: Removing mapping test2.hacks <=> 10.0.0.5
Using the show hosts command confirms that the entry has been removed.
Router# show hosts
Default domain is hacks
Name/address lookup uses domain service
Name servers are 255.255.255.255
Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
       temp - temporary, perm - permanent
       NA - Not Applicable None - Not defined
Host                      Port Flags      Age Type   Address(es)
Sample Configuration of HTTP DDNS Updates

In the following scenario, the debug output shows the HTTP-style DDNS updates. The sample configuration defines a new IP DDNS update method named dyndns that configures a URL to use when adding or changing an address. No URL has been defined for use when removing an address since DynDNS.org does not use such a URL for free accounts. A maximum update interval of 28 days has been configured, which specifies that updates should be sent at least every 28 days. Configuring the new "dyndns" update method should be used for Ethernet interface 1.
!DHCP Client Configuration
ip ddns update method dyndns
 http
    add http://test:test@<s>/nic/update?system=dyndns&hostname=<h>&myip=<a>
    interval max 28 0 0 0
interface ethernet1
 ip ddns update hostname test.dyndns.org
 ip ddns update dyndns host members.dyndns.org
 ip addr dhcp
!Debugging Enabled
Router# debug ip ddns update
00:04:35: %DHCP-6-ADDRESS_ASSIGN: Interface Ethernet1 assigned DHCP address 10.32.254.187, 
mask 255.255.255.240, hostname test.dyndns.org
00:04:35: DYNDNSUPD: Adding DNS mapping for test.dyndns.org <=> 10.32.254.187 server 
63.208.196.94
00:04:35: DYNDNSUPD: Sleeping for 3 seconds waiting for interface Ethernet1 configuration 
to settle
00:04:38: HTTPDNS: Update add called for test.dyndns.org <=> 10.32.254.187
00:04:38: HTTPDNS: Update called for test.dyndns.org <=> 10.32.254.187
00:04:38: HTTPDNS: init
00:04:38: HTTPDNSUPD: Session ID = 0x7
00:04:38: HTTPDNSUPD: URL = 
'http://test:test@63.208.196.94/nic/update?system=dyndns&hostname=test.dyndns.org&myip=10.
32.254.187'
00:04:38: HTTPDNSUPD: Sending request
00:04:40: HTTPDNSUPD: Response for update test.dyndns.org <=> 10.32.254.187
00:04:40: HTTPDNSUPD: DATA START
good 10.32.254.187
00:04:40: HTTPDNSUPD: DATA END, Status is Response data received, successfully
00:04:40: HTTPDNSUPD: Call returned SUCCESS for update test.dyndns.org <=> 10.32.254.187
00:04:40: HTTPDNSUPD: Freeing response
00:04:40: DYNDNSUPD: Another update completed (outstanding=0, total=0)
00:04:40: HTTPDNSUPD: Clearing all session 7 info
!28 days later, the automatic update happens.
00:05:39: DYNDNSUPD: Adding DNS mapping for test.dyndns.org <=> 10.32.254.187 server 
63.208.196.94
00:05:39: HTTPDNS: Update add called for test.dyndns.org <=> 10.32.254.187
00:05:39: HTTPDNS: Update called for test.dyndns.org <=> 10.32.254.187
00:05:39: HTTPDNS: init
00:05:39: HTTPDNSUPD: Session ID = 0x8
00:05:39: HTTPDNSUPD: URL = 
'http://test:test@63.208.196.94/nic/update?system=dyndns&hostname=test.dyndns.org&myip=10.
32.254.187'
00:05:39: HTTPDNSUPD: Sending request
00:05:39: HTTPDNSUPD: Response for update test.dyndns.org <=> 10.32.254.187
00:05:39: HTTPDNSUPD: DATA START
nochg 10.32.254.187
00:05:39: HTTPDNSUPD: DATA END, Status is Response data received, successfully
00:05:39: HTTPDNSUPD: Call returned SUCCESS for update test.dyndns.org <=> 10.32.254.187
00:05:39: HTTPDNSUPD: Freeing response
00:05:39: DYNDNSUPD: Another update completed (outstanding=0, total=0)
00:05:39: HTTPDNSUPD: Clearing all session 8 info
Table 128 describes the significant fields shown in the output.

Table 128 debug ip ddns update Field Descriptions

Field

Description

HTTPDNSUPD

Reflects the method of update. In this case, the update method is HTTP.

HTTPDNSUPD: URL =

URL that is used to update the DNS.

Related Commands

Command

Description

debug dhcp

Displays debugging information about the DHCP client and monitors the status of DHCP packets.

debug ip dhcp server

Enables DHCP server debugging.

host (host-list)

Specifies a list of hosts that will receive DDNS updates of A and PTR RRs.

ip ddns update hostname

Enables a host to be used for DDNS updates of A and PTR RRs.

ip ddns update method

Specifies a method of DDNS updates of A and PTR RRs and the maximum interval between the updates.

ip dhcp client update dns

Enables DDNS updates of A RRs using the same hostname passed in the hostname and FQDN options by a client.

ip dhcp-client update dns

Enables DDNS updates of A RRs using the same hostname passed in the hostname and FQDN options by a client.

ip dhcp update dns

Enables DDNS updates of A and PTR RRs for most address pools.

ip host-list

Specifies a list of hosts that will receive DDNS updates of A and PTR RRs.

show ip ddns update

Displays information about the DDNS updates.

show ip ddns update method

Displays information about the DDNS update method.

show ip dhcp server pool

Displays DHCP server pool statistics.

show ip host-list

Displays the assigned hosts in a list.

update dns

Dynamically updates a DNS with A and PTR RRs for some address pools.

debug ip dfp agent

To display debugging messages for the Dynamic Feedback Protocol (DFP) agent subsystem, use the debug ip dfp command in user EXEC or privileged EXEC mode. To stop debugging output, use the no form of this command.

debug ip dfp agent
no debug ip dfp agent
Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

User EXEC or privileged EXEC mode

Command History

Release

Modification

12.1(8a)E

This command was introduced.

12.2(14)S

This command was integrated into Cisco IOS Release 12.2(14)S.

12.3(4)T

This command was integrated into Cisco IOS Release 12.3(4)T.

12.2(18)SXD

This command was integrated into Cisco IOS Release 12.2(18)SXD.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command displays debugging messages for the DFP agent subsystem.

See the following caution before using debug commands:

Caution Because debugging output is assigned a high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network flows and fewer users. Debugging during these periods reduces the effect these commands have on other users on the system.

Examples

The following example configures a DFP agent debugging session:
Router# debug ip dfp agent
DFP debugging is on
The following example stops all debugging:
Router# no debug all
All possible debugging has been turned off
debug ip dhcp server

To enable Cisco IOS Dynamic Host Configuration Protocol (DHCP) server debugging, use the debug ip dhcp server command in privileged EXEC mode. To disable DHCP server debugging, use the no form of this command.

debug ip dhcp server {events | packets | linkage | class}
no debug ip dhcp server {events | packets | linkage | class}
Syntax Description

events

Reports server events, such as address assignments and database updates.

packets

Decodes DHCP receptions and transmissions.

linkage

Displays database linkage information, such as parent-child relationships in a radix tree.

class

Displays DHCP class-based information.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.0(1)T

This command was introduced.

12.2(13)ZH

The class keyword was added.

12.3(4)T

The class keyword was integrated into Cisco IOS Release 12.3(4)T.

12.3(11)T

The output was enhanced to show the static mappings.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following example shows a combination of DHCP server events and decoded receptions and transmissions:
Router# debug ip dhcp server events 
Router# debug ip dhcp server packets 
DHCPD:DHCPDISCOVER received from client 0b07.1134.a029 through relay 10.1.0.253.
DHCPD:assigned IP address 10.1.0.3 to client 0b07.1134.a029.
DHCPD:Sending DHCPOFFER to client 0b07.1134.a029 (10.1.0.3).
DHCPD:unicasting BOOTREPLY for client 0b07.1134.a029 to relay 10.1.0.253.
DHCPD:DHCPREQUEST received from client 0b07.1134.a029.
DHCPD:Sending DHCPACK to client 0b07.1134.a029 (10.1.0.3).
DHCPD:unicasting BOOTREPLY for client 0b07.1134.a029 to relay 10.1.0.253.
DHCPD:checking for expired leases.
The following example shows database linkage information:
Router# debug ip dhcp server linkage 
DHCPD:child pool:10.1.0.0 / 255.255.0.0 (subnet10.1)
DHCPD:parent pool:10.0.0.0 / 255.0.0.0 (net10)
DHCPD:child pool:10.0.0.0 / 255.0.0.0 (net10)
DHCPD:pool (net10) has no parent.
DHCPD:child pool:10.1.0.0 / 255.255.0.0 (subnet10.1)
DHCPD:parent pool:10.0.0.0 / 255.0.0.0 (net10)
DHCPD:child pool:10.0.0.0 / 255.0.0.0 (net10)
DHCPD:pool (net10) has no parent.
The following example shows when a DHCP class is removed:
Router# debug ip dhcp server class
DHCPD:deleting class CLASS1
The following example shows the debug output when the configured pattern does not match:
Router# debug ip dhcp server class 
DHCPD:Searching for a match to 'relay-information
0106000 400020202020800060009e80b8800' in class CLASS1
DHCPD:Searching for a match to 'relay-information 0106000400020202020800060009e80b8800' in 
class CLASS1
DHCPD:Searching for a match to 'relay-information 0106000
The following example shows the debug output when you unconfigure a DHCP pattern in a DHCP class and then configure the pattern in the DHCP class:
Router# debug ip dhcp server class 
DHCPD:pattern 'relay-information 123456' removed from class CLASS1
DHCPD:Added pattern 'relay-information 010600040002020202 0800060009e80b8800' for class 
CLASS1
The following example shows the debug output when the configured pattern does match:
Router# debug ip dhcp server class 
DHCPD:Searching for a match to 'relay-information
0106000 400020202020800060009e80b8800' in class CLASS1
DHCPD:input pattern 'relay-information 010600040002020202 0800060009e80b8800' matches 
class CLASS1
DHCPD:input matches class CLASS1
The following example shows the debug output when static mappings are configured:
Router# debug ip dhcp server
Loading abc/static_pool from 10.19.192.33 (via Ethernet0): !
[OK - 333 bytes]
*May 26 23:14:21.259: DHCPD: contacting agent tftp://10.19.192.33/abc/static_pool (attempt 
0)
*May 26 23:14:21.467: DHCPD: agent tftp://10.19.192.33/abc/static_pool is responding.
*May 26 23:14:21.467: DHCPD: IFS is ready.
*May 26 23:14:21.467: DHCPD: reading bindings from 
                             tftp://10.19.192.33/abc/static_pool.
*May 26 23:14:21.707: DHCPD: read 333 / 1024 bytes.
*May 26 23:14:21.707: DHCPD: parsing text line "*time* Apr 22 2002 11:31 AM"
*May 26 23:14:21.707: DHCPD: parsing text line ""
*May 26 23:14:21.707: DHCPD: parsing text line
!IP address Type Hardware address Lease expiration.
*May 26 23:14:21.707: DHCPD: parsing text line
"10.9.9.1/24 id 0063.6973.636f.2d30.3036.302e.3437"
*May 26 23:14:21.707: DHCPD: creating binding for 10.9.9.1
*May 26 23:14:21.707: DHCPD: Adding binding to radix tree (10.9.9.1)
*May 26 23:14:21.707: DHCPD: Adding binding to hash tree
*May 26 23:14:21.707: DHCPD: parsing text line
"10.9.9.4 id 0063.7363.2d30.3036.302e.3762.2e39.3634.632d"
*May 26 23:14:21.711: DHCPD: creating binding for 10.9.9.4
*May 26 23:14:21.711: DHCPD: Adding binding to radix tree (10.9.9.4)
*May 26 23:14:21.711: DHCPD: Adding binding to hash tree
*May 26 23:14:21.711: DHCPD: parsing text line "Infinite"
*May 26 23:14:21.711: DHCPD: parsing text line ""
*May 26 23:14:21.711: DHCPD: parsing text line
!IP address Interface-index Lease expiration VRF.
*May 26 23:14:21.711: DHCPD: parsing text line "*end*"
*May 26 23:14:21.711: DHCPD: read static bindings from 
tftp://10.19.192.33/smith/static_pool.
Related Commands

Command

Description

debug dhcp

Displays debugging information about the DHCP client and monitors the status of DHCP packets.

debug ip ddns update

Enables debugging for DDNS updates.

host (host-list)

Specifies a list of hosts that will receive DDNS updates of A and PTR RRs.

ip ddns update hostname

Enables a host to be used for DDNS updates of A and PTR RRs.

ip ddns update method

Specifies a method of DDNS updates of A and PTR RRs and the maximum interval between the updates.

ip dhcp client update dns

Enables DDNS updates of A RRs using the same hostname passed in the hostname and FQDN options by a client on an interface.

ip dhcp-client update dns

Enables DDNS updates of A RRs using the same hostname passed in the hostname and FQDN options by a client.

ip dhcp update dns

Enables DDNS updates of A and PTR RRs for most address pools.

ip host-list

Specifies a list of hosts that will receive DDNS updates of A and PTR RRs.

show ip ddns update

Displays information about the DDNS updates.

show ip ddns update method

Displays information about the DDNS update method.

show ip dhcp server pool

Displays DHCP server pool statistics.

show ip host-list

Displays the assigned hosts in a list.

update dns

Dynamically updates a DNS with A and PTR RRs for some address pools.

debug ip dhcp server redundancy

To display debugging information about DHCP server and relay agent redundancy events, use the debug ip dhcp server redundancy command in privileged EXEC mode. To disable the display of debugging output, use the no form of this command.

debug ip dhcp server redundancy
no debug ip dhcp server redundancy
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging output is disabled for DHCP server and relay agent redundancy events.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(31)SB2

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

Use this command with caution. Many bindings being synchronized between the active and standby Route Processor (RP) can trigger a large amount of debugging output.

Examples

The following example displays debug messages regarding DHCP server and relay agent redundancy events. The last line (and only that line) is output when the debug ip dhcp server redundancy command is enabled. The line indicates that a binding update message has been sent to the standby for the IP address 10.0.0.2 in the pool named "test."
Router# debug ip dhcp server redundancy
*Mar 22 10:32:21: DHCPD: assigned IP address 10.0.0.2 to client 
0063.6973.636f.2d30.3030.342e.3465.6130.2e30.3831.632d.4661.312f.302e.31.
*Mar 22 10:32:21:  DHCPD: lease time = 3600
*Mar 22 10:32:21: DHCPD: dhcpd_lookup_route: host = 10.0.0.2
*Mar 22 10:32:21: DHCPD: dhcpd_lookup_route: index = 0
*Mar 22 10:32:21: DHCPD: dhcpd_create_and_hash_route: host = 10.0.0.2
*Mar 22 10:32:21: DHCPD: dhcpd_create_and_hash_route index = 0
*Mar 22 10:32:21: DHCPD: dhcpd_add_route: lease = 3600 
*Mar 22 10:32:21: DHCPD: dynamic sync completed for 10.0.0.2 in pool test
Related Commands

Command

Description

debug dhcp redundancy

Displays debugging information about DHCP proxy client redundancy events.

debug ip dhcp server snmp

To enable DHCP server Simple Network Management Protocol (SNMP) debugging, use the debug ip dhcp server snmp command in privileged EXEC mode. To disable DHCP server SNMP debugging, use the no form of this command.

debug ip dhcp server snmp
no debug ip dhcp server snmp
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(33)SRC

This command was introduced.

Examples

The following example shows how to enable debugging and display DHCP server SNMP debugging events:
Router# debug ip dhcp server snmp 
00:18:01: DHCPD SNMP: pool 'pool1' 'high' utilization trap is ignored 
00:18:18: DHCPD SNMP: pool 'pool1' 'low' utilization trap is ignored 
00:20:46: DHCPD SNMP: subnet 4.1.1.0 'high' utilization trap is ignored 
00:21:03: DHCPD SNMP: subnet 4.1.1.0 'low' utilization trap is ignored 
00:18:01: DHCPD SNMP: subnet trap is not enabled 
00:37:32: DHCPD SNMP: pool trap is not enabled
 
00:37:57: DHCPD SNMP: interface trap is not enabled 
00:27:27: DHCPD SNMP: duplicate trap is not enabled
debug ip dns name-list

To enable debugging output for Domain Name System (DNS) name list events, use the debug ip dns name-list command in privileged EXEC mode. To disable debugging output for DNS name list events, use the no form of this command.

debug ip dns name-list
no debug ip dns name-list
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging output is disabled for DNS name lists.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.4(9)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command enables the writing of DNS name list event messages to system message logging (syslog) output. A DNS name list event can be either of the following:

•The addition or removal of a DNS name list entry (a hostname pattern and action to perform on an incoming DNS query for a hostname that matches the pattern). To add or remove a DNS name list entry, use the ip dns name-list command.

•The removal of a DNS name list.

Note The addition of a DNS name list is reported as an addition of a name list entry.

To display which debugging options are enabled (DNS name list, DNS view, or DNS view list), use the show debugging command. To display the syslog history statistics and buffer contents, use the show logging command. To display a particular DNS name list or all configured name lists, use the show ip dns name-list command.

Examples

The following sample output from the debug ip dns name-list command shows the hostname pattern www.example.com being added to DNS name list 1 as a permit clause. Next, the hostname patterns www.example1.com and www.example2.com are added to DNS name list 2 as deny clauses and permit clauses, respectively. Finally, the hostname pattern www.example1.com is removed from DNS name list 2.
Router# debug ip dns name-list 
DNS Name-list debugging is on
. 
. 
. 
Router# show debugging 
DNS Name-list debugging is on
. 
. 
. 
Router# show logging 
. 
. 
. 
*May 16 14:54:44.326: DNS_NAMELIST: adding permit 'WWW.EXAMPLE' to name-list 1
*May 16 14:54:44.910: DNS_NAMELIST: adding deny 'WWW.EXAMPLE1.COM' to name-list 2
*May 16 14:54:45.202: DNS_NAMELIST: adding permit 'WWW.EXAMPLE2.COM' to name-list 2
*May 16 19:32:20.881: DNS_NAMELIST: removing 'WWW.EXAMPLE1.COM' from name-list 2
Related Commands

Command

Description

ip dns name-list

Defines a list of pattern-matching rules in which each rule permits or denies the use of a DNS view list member to handle a DNS query based on whether the query hostname matches the specified regular expression.

show debugging

Displays the state of each debugging option.

show ip dns name-list

Displays a particular DNS name list or all configured name lists.

show logging

Displays the contents of logging buffers.

debug ip dns view

To enable debugging output for Domain Name System (DNS) view events, use the debug ip dns view command in privileged EXEC mode. To disable debugging output for a DNS view, use the no form of this command.

debug ip dns view
no debug ip dns view
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging output is disabled for DNS views.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.4(9)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command enables the writing of DNS view event messages to system message logging (syslog) output. A DNS view event can be any of the following:

•The addition or removal of a DNS view definition.

•The addition or removal of a DNS forwarding name server setting for a DNS view.

•The addition or removal of a DNS resolver setting for a DNS view.

•The enabling or disabling of logging of a syslog message each time a DNS view is used.

To display which debugging options are enabled (DNS name list, DNS view, or DNS view list), use the show debugging command. To show the syslog history statistics and buffer contents, use the show logging command.

Examples

The following sample output from the debug ip dns view command shows the default DNS view being configured:
Router# debug ip dns view 
DNS View debugging is on
. 
. 
. 
Router# show debugging 
DNS View debugging is on
. 
. 
. 
Router# show logging 
. 
. 
. 
DNS_VIEW: creating view view1
DNS_VIEW: Clearing logging in view default
DNS_VIEW: Setting domain lookup in view default
DNS_VIEW: Setting domain name to cisco.com in view default
DNS_VIEW: Setting  domain list example1.com in view default
DNS_VIEW: Setting  domain list example1.com example2.com in view default
DNS_VIEW: Setting  domain list example1.com example2.com example3.com in view default
DNS_VIEW: Setting domain multicast to 192.0.2.10 in view default
DNS_VIEW: Setting domain lookup in view default
DNS_VIEW: Setting domain timeout to 7 in view default
DNS_VIEW: Setting domain retry to 7 in view default
DNS_VIEW: Setting  domain name-server 192.0.2.204 192.0.2.205 in view default
DNS_VIEW: Setting  domain name-server 192.0.2.204 192.0.2.205 192.0.2.206 in view default
DNS_VIEW: Setting domain name-server interface FastEthernet0/1 in view default
DNS_VIEW: Setting domain round-robin to 4 in view default
DNS_VIEW: Setting dns forwarding in view default
DNS_VIEW: Setting  dns forwarder 192.0.2.11 in view default
DNS_VIEW: Setting  dns forwarder 192.0.2.11 192.0.2.12 in view default
DNS_VIEW: Setting  dns forwarder 192.0.2.11 192.0.2.12 192.0.2.13 in view default
Related Commands

Command

Description

ip dns view

Enters DNS view configuration mode for the specified DNS view so that the logging setting, forwarding parameters, and resolving parameters can be configured for the view.

show debugging

Displays the state of each debugging option.

show logging

Displays the contents of logging buffers.

debug ip dns view-list

To enable debugging output for Domain Name System (DNS) view list events, use the debug ip dns view-list command in privileged EXEC mode. To disable debugging output for a DNS view list, use the no form of this command.

debug ip dns view-list
no debug ip dns view-list
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging output is disabled for DNS view lists.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.4(9)T

This command was introduced.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Usage Guidelines

This command enables the writing of DNS view list event messages to system message logging (syslog) output. A DNS view list event can be any of the following:

•The addition or removal of a DNS view list definition. To add or remove a DNS view list definition, use the ip dns view-list command.

•The addition or removal of a DNS view list member (a DNS view and the relative order in which it is to be checked in the view list) to or from a DNS view list. To add or remove a DNS view list member, use the view command.

•The setting or clearing of a DNS view list assignment as the default view list (using the ip dns server view-group command) or to an interface (using the ip dns view-group command).

To show which debugging options are enabled (DNS name list, DNS view, or DNS view list), use the show debugging command. To show the syslog history statistics and buffer contents, use the show logging command.

Examples

The following sample output from the debug ip dns vies-list command shows the addition of the DNS view list definition named userlist5. Next, five DNS views are added as members of the DNS view list.
Router# debug ip dns view-list 
DNS View-list debugging is on
. 
. 
. 
Router# show debugging 
DNS View-list debugging is on
. 
. 
. 
Router# show logging 
*May 16 23:31:17.491: DNS_VIEWLIST: creating view-list userlist5
*May 16 23:31:17.711: DNS_VIEWLIST: adding member user1 vrf vpn101 order 10 to view-list 
userlist5
*May 16 23:31:18.583: DNS_VIEWLIST: adding member user2 vrf vpn102 order 20 to view-list 
userlist5
*May 16 23:31:19.851: DNS_VIEWLIST: adding member user3 vrf vpn103 order 30 to view-list 
userlist5
*May 16 23:31:21.007: DNS_VIEWLIST: adding member user4 vrf vpn204 order 45 to view-list 
userlist5
*May 16 23:31:22.199: DNS_VIEWLIST: adding member default order 60 to view-list userlist5
Related Commands

Command

Description

ip dns server view-group

Specifies the DNS view list to use to determine which DNS view to use handle incoming queries that arrive on an interface not configured with a DNS view list.

ip dns view-group

Specifies the DNS view list to use to determine which DNS view to use to handle incoming DNS queries that arrive on a specific interface.

ip dns view-list

Enters DNS view list configuration mode so that DNS views can be added to or removed from the ordered list of DNS views.

show debugging

Displays the state of each debugging option.

show logging

Displays the contents of logging buffers.

view

Enters DNS view list member configuration mode so that usage restrictions can be configured for the view list member.

debug ip drp

To display Director Response Protocol (DRP) information, use the debug ip drp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip drp
no debug ip drp
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Usage Guidelines

The debug ip drp command is used to debug the director response agent used by the Distributed Director product. The Distributed Director can be used to dynamically respond to Domain Name System (DNS) queries with the IP address of the "best" host based on various criteria.

Examples

The following is sample output from the debug ip drp command. This example shows the packet origination, the IP address that information is routed to, and the route metrics that were returned.
Router# debug ip drp
DRP: received v1 packet from 172.69.232.8, via Ethernet0
DRP: RTQUERY for 172.69.58.94 returned internal=0, external=0
Table 129 describes the significant fields shown in the display.

Table 129 debug ip drp Field Descriptions

Field

Description

DRP: received v1 packet from 172.69.232.8, via Ethernet0

Router received a version 1 DRP packet from the IP address shown, via the interface shown.

DRP: RTQUERY for 172.69.58.94

DRP packet contained two Route Query requests. The first request was for the distance to the IP address 171.69.113.50.

internal

If nonzero, the metric for the internal distance of the route that the router uses to send packets in the direction of the client. The internal distance is the distance within the autonomous system of the router.

external

If nonzero, the metric for the Border Gateway Protocol (BGP) or external distance used to send packets to the client. The external distance is the distance outside the autonomous system of the router.

debug ip dvmrp

Note Support for DVMRP has been removed from 12.2SR releases beginning in Cisco IOS Release 12.2(33)SRB. This command is no longer available in Cisco IOS Release 12.2(33)SRB and subsequent 12.2SR releases.

To display information on Distance Vector Multiprotocol Routing Protocol (DVMRP) packets received and sent, use the debug ip dvmrp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip dvmrp [detail [access-list] [in | out]]
no debug ip dvmrp [detail [access-list] [in | out]]
Syntax Description

detail

(Optional) Enables a more detailed level of output and displays packet contents.

access-list

(Optional) Causes the debug ip dvmrp command to restrict output to one access list.

in

(Optional) Causes the debug ip dvmrp command to output packets received in DVMRP reports.

out

(Optional) Causes the debug ip dvmrp command to output packets sent in DVMRP reports.

Command Modes

Privileged EXEC

Usage Guidelines

Use the debug ip dvmrp detail command with care. This command generates a substantial amount of output and can interrupt other activity on the router when it is invoked.

Examples

The following is sample output from the debug ip dvmrp command:
Router# debug ip dvmrp
DVMRP: Received Report on Ethernet0 from 172.19.244.10
DVMRP: Received Report on Ethernet0 from 172.19.244.11
DVMRP: Building Report for Ethernet0 224.0.0.4
DVMRP: Send Report on Ethernet0 to 224.0.0.4
DVMRP: Sending IGMP Reports for known groups on Ethernet0
DVMRP: Received Report on Ethernet0 from 172.19.244.10
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Building Report for Tunnel0 224.0.0.4
DVMRP: Send Report on Tunnel0 to 192.168.199.254
DVMRP: Send Report on Tunnel0 to 192.168.199.254
DVMRP: Send Report on Tunnel0 to 192.168.199.254
DVMRP: Send Report on Tunnel0 to 192.168.199.254
DVMRP: Radix tree walk suspension
DVMRP: Send Report on Tunnel0 to 192.168.199.254
The following lines show that the router received DVMRP routing information and placed it in the mroute table:
DVMRP: Received Report on Ethernet0 from 172.19.244.10
DVMRP: Received Report on Ethernet0 from 172.19.244.11
The following lines show that the router is creating a report to send to another DVMRP router:
DVMRP: Building Report for Ethernet0 224.0.0.4
DVMRP: Send Report on Ethernet0 to 224.0.0.4
Table 130 provides a list of internet multicast addresses supported for host IP implementations.

Table 130 Internet Multicast Addresses

Address

Description

RFC

224.0.0.0

Base address (reserved)

RFC 1112

224.0.0.1

All systems on this subnet

RFC 1112

224.0.0.2

All routers on this subnet

224.0.0.3

Unassigned

224.0.0.4

DVMRP routers

RFC 1075

224.0.0.5

OSPFIGP all routers

RFC 1583

The following lines show that a protocol update report has been sent to all known multicast groups. Hosts use Internet Group Management Protocol (IGMP) reports to communicate with routers and to request to join a multicast group. In this case, the router is sending an IGMP report for every known group to the host, which is running mrouted. The host then responds as though the router were a host on the LAN segment that wants to receive multicast packets for the group.
DVMRP: Sending IGMP Reports for known groups on Ethernet0
The following is sample output from the debug ip dvmrp detail command:
Router# debug ip dvmrp detail 
DVMRP: Sending IGMP Reports for known groups on Ethernet0
DVMRP: Advertise group 224.2.224.2 on Ethernet0
DVMRP: Advertise group 224.2.193.34 on Ethernet0
DVMRP: Advertise group 224.2.231.6 on Ethernet0
DVMRP: Received Report on Tunnel0 from 192.168.199.254
DVMRP: Origin 150.166.53.0/24, metric 13, distance 0
DVMRP: Origin 150.166.54.0/24, metric 13, distance 0
DVMRP: Origin 150.166.55.0/24, metric 13, distance 0
DVMRP: Origin 150.166.56.0/24, metric 13, distance 0
DVMRP: Origin 150.166.92.0/24, metric 12, distance 0
DVMRP: Origin 150.166.100.0/24, metric 12, distance 0
DVMRP: Origin 150.166.101.0/24, metric 12, distance 0
DVMRP: Origin 150.166.142.0/24, metric 8, distance 0
DVMRP: Origin 150.166.200.0/24, metric 12, distance 0
DVMRP: Origin 150.166.237.0/24, metric 12, distance 0
DVMRP: Origin 150.203.5.0/24, metric 8, distance 0
The following lines show that this group is available to the DVMRP router. The mrouted process on the host will forward the source and multicast information for this group through the DVMRP cloud to other members.
DVMRP: Advertise group 224.2.224.2 on Ethernet0
The following lines show the DVMRP route information:
DVMRP: Origin 150.166.53.0/24, metric 13, distance 0
DVMRP: Origin 150.166.54.0/24, metric 13, distance 0
The metric is the number of hops the route has covered, and the distance is the administrative distance.

debug ip eigrp

To display information on Enhanced Interior Gateway Routing Protocol (EIGRP) protocol packets, use the debug ip eigrp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip eigrp
no debug ip eigrp
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Usage Guidelines

This command helps you analyze the packets that are sent and received on an interface. Because the debug ip eigrp command generates a substantial amount of output, only use it when traffic on the network is light.

Examples

The following is sample output from the debug ip eigrp command:
Router# debug ip eigrp
IP-EIGRP: Processing incoming UPDATE packet
IP-EIGRP: Ext 192.168.3.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960
IP-EIGRP: Ext 192.168.0.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960
IP-EIGRP: Ext 192.168.3.0 255.255.255.0 M 386560 - 256000 130560 SM 360960 - 256000 104960
IP-EIGRP: 172.69.43.0 255.255.255.0, - do advertise out Ethernet0/1
IP-EIGRP: Ext 172.69.43.0 255.255.255.0 metric 371200 - 256000 115200
IP-EIGRP: 192.135.246.0 255.255.255.0, - do advertise out Ethernet0/1
IP-EIGRP: Ext 192.135.246.0 255.255.255.0 metric 46310656 - 45714176 596480
IP-EIGRP: 172.69.40.0 255.255.255.0, - do advertise out Ethernet0/1
IP-EIGRP: Ext 172.69.40.0 255.255.255.0 metric 2272256 - 1657856 614400
IP-EIGRP: 192.135.245.0 255.255.255.0, - do advertise out Ethernet0/1
IP-EIGRP: Ext 192.135.245.0 255.255.255.0 metric 40622080 - 40000000 622080
IP-EIGRP: 192.135.244.0 255.255.255.0, - do advertise out Ethernet0/1
Table 131 describes the significant fields shown in the display.

Table 131 debug ip eigrp Field Descriptions

Field

Description

IP-EIGRP:

Indicates that this is an IP EIGRP message.

Ext

Indicates that the following address is an external destination rather than an internal destination, which would be labeled as Int.

M

Displays the computed metric, which includes the value in the SM field and the cost between this router and the neighbor. The first number is the composite metric. The next two numbers are the inverse bandwidth and the delay, respectively.

SM

Displays the metric as reported by the neighbor.

debug ip eigrp notifications

To display Enhanced Interior Gateway Routing Protocol (EIGRP) events and notifications in the console of the router, use the debug ip eigrp notifications command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip eigrp notifications
no debug ip eigrp notifications
Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

12.2(15)T

This command was introduced.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

15.0(1)M

This command was integrated into Cisco IOS Release 15.0(1)M.

Usage Guidelines

The output of the debug ip eigrp notifications command displays EIGRP events and notifications.

Examples

The following example output shows that the NSF-aware router has received the restart notification. The NSF-aware router will now wait for end of transmission (EOT) to be sent from the restarting neighbor (NSF-capable).
Router# debug ip eigrp notifications
*Oct  4 11:39:18.092:EIGRP:NSF:AS2. Rec RS update from 135.100.10.1,
00:00:00. Wait for EOT.
*Oct  4 11:39:18.092:%DUAL-5-NBRCHANGE:IP-EIGRP(0) 2:Neighbor
135.100.10.1 (POS3/0) is up:peer NSF restarted
debug ip error

To display IP errors, use the debug ip error command in privileged EXEC mode. To disable debugging errors, use the no form of this command.

debug ip error access-list-number [detail] [dump]
no debug ip error
Syntax Description

access-list-number

(Optional) The IP access list number that you can specify. If the datagram is not permitted by that access list, the related debugging output (or IP error) is suppressed. Standard, extended, and expanded access lists are supported. The range of standard and extended access lists is from 1 to 199. The range of expanded access lists is from 1300 to 2699.

detail

(Optional) Displays detailed IP error debugging information.

dump

(Hidden) Displays IP error debugging information along with raw packet data in hexadecimal and ASCII forms. This keyword can be enabled with individual access lists and also with the detail keyword.

Note The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. See the caution notes below, in the usage guidelines, for more specific information.

Defaults

No default behavior or values.

Command Modes

Privileged EXEC

Usage Guidelines

This command is used for IP error debugging. The output displays IP errors which are locally detected by this router.

Caution Enabling this command will generate output only if IP errors occur. However, if the router starts to receive many packets that contain errors, substantial output may be generated and severely affect system performance. This command should be used with caution in production networks. It should only be enabled when traffic on the IP network is low, so other activity on the system is not adversely affected. Enabling the detail and dump keywords use the highest level of system resources of the available configuration options for this command, so a high level of caution should be applied when enabling either of these keywords.

Caution The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. Because of the risk of using significant CPU utilization, the dump keyword is hidden from the user and cannot be seen using the "?" prompt. The length of the displayed packet information may exceed the actual packet length and include additional padding bytes that do not belong to the IP packet. Also note that the beginning of a packet may start at different locations in the dump output depending on the specific router, interface type, and packet header processing that may have occurred before the output is displayed.

Examples

The following is sample output from the debug ip error command:
Router# debug ip error 
IP packet errors debugging is on
04:04:45:IP:s=10.8.8.1 (Ethernet0/1), d=10.1.1.1, len 28, dispose ip.hopcount
The IP error in the above output was caused when the router attempted to forward a packet with a time-to-live (TTL) value of 0. The "ip.hopcount" traffic counter is incremented when a packet is dropped because of an error. This error is also displayed in the output of the show ip traffic command by the "bad hop count" traffic counter.

Table 132 describes the significant fields shown in the display.

Table 132 debug ip error Field Descriptions

Field

Description

IP:s=10.8.8.1 (Ethernet0/1)

The packet source IP address and interface.

d=10.1.1.1, len 28

The packet destination IP address and prefix length.

dispose ip.hopcount

This traffic counter increments when an IP packet is dropped because of an error.

The following is sample output from the debug ip error command enabled with the detail keyword:
Router# debug ip error detail 
IP packet errors debugging is on (detailed)

1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.1.1.1, len 28, dispose udp.noport

1d08h: UDP src=41921, dst=33434

1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.2.2.2, len 28, dispose ip.hopcount
1d08h:    UDP src=33691, dst=33434
The detailed output includes layer 4 information in addition to the standard output. The IP error in the above output was caused when the router received a UDP packet when no application was listening to the UDP port. The "udp.noport" traffic counter is incremented when the router drops a UDP packet because of this error. This error is also displayed in the output of the show ip traffic command by the "no port" traffic counter under "UDP statistics."

Table 133 describes the significant fields shown in the display.

Table 133 debug ip error detail Field Descriptions

Field

Description

IP:s=10.0.19.100 (Ethernet0/1)

The IP packet source IP address and interface.

d=10.1.1.1, len 28

The IP packet destination and prefix length.

dispose udp.noport

The traffic counter that is incremented when a UDP packet is dropped because of this error.

The following is sample output from the debug ip error command enabled with the detail and dump keywords:
Router# debug ip error detail dump
IP packet errors debugging is on (detailed) (dump)
1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.1.1.1, len 28, dispose udp.noport
1d08h:    UDP src=37936, dst=33434
03D72360:                      0001 42AD4242            ..B-BB
03D72370:0002FCA5 DC390800 4500001C 30130000  ..|%\9..E...0...
03D72380:01116159 0A001364 0A010101 9430829A  ..aY...d.....0..
03D72390:0008C0AD                             ..@-            
1d08h:IP:s=10.0.19.100 (Ethernet0/1), d=10.2.2.2, len 28, dispose ip.hopcount
1d08h:    UDP src=41352, dst=33434
03C01600:                      0001 42AD4242            ..B-BB
03C01610:0002FCA5 DC390800 4500001C 302A0000  ..|%\9..E...0*..
03C01620:01116040 0A001364 0A020202 A188829A  ..`@...d....!...
03C01630:0008B253                             ..2S            
Note The dump keyword is not fully supported and should be used only in collaboration with Cisco Technical Support. See the caution in the usage guidelines section of this command reference page for more specific information.

The output from the debug ip error command, when the dump keyword is enabled, provides raw packet data in hexadecimal and ASCII forms. This addtional output is displayed in addition to the standard output. The dump keyword can be used with all of the available configuration options of this command.

Table 134 describes the significant fields shown in the display.

Table 134 debug ip error detail dump Field Descriptions

Field

Description

IP:s=10.0.19.100 (Ethernet0/1)

The IP packet source IP address and interface.

d=10.1.1.1, len 28

The IP packet destination and prefix length.

dispose udp.noport

The traffic counter that is incremented when a UDP packet is dropped because of this error.

Related Commands

Command

Description

show ip traffic

Displays statistics about IP traffic.

debug ip flow cache

To enable debugging output for NetFlow cache, use the debug ip flow cache command in user EXEC or privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip flow cache
no debug ip flow cache
Syntax Description

This command has no arguments or keywords.

Command Default

Debugging output for NetFlow data export is disabled.

Command Modes

User EXEC
Privileged EXEC

Command History

Release

Modification

12.0(1)

This command was introduced.

12.3(1)

Debugging output for NetFlow v9 data export was added.

12.3(7)T

Debugging output for NetFlow for IPv6 was added.

12.2(30)S

This command was integrated into Cisco IOS Release 12.2(30)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug ip flow export command:
Router# debug ip flow cache 
IP Flow cache allocation debugging is on
Router# show ipv6 flow 
IP packet size distribution (0 total packets):
   1-32   64   96  128  160  192  224  256  288  320  352  384  416  448  480
   .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000
    512  544  576 1024 1536 2048 2560 3072 3584 4096 4608
   .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000
IP Flow Switching Cache, 0 bytes
  0 active, 0 inactive, 0 added
  0 ager polls, 0 flow alloc failures
  Active flows timeout in 30 minutes
  Inactive flows timeout in 15 seconds
SrcAddress                                  InpIf    DstAddress
                OutIf    Prot SrcPrt DstPrt Packets
c7200-vxr-2#
000037: 01:56:26: IPFLOW: Allocating Sub-Flow cache, without hash flags.
000038: 01:56:26: IPFLOW: Sub-Flow table enabled.
000039: 01:56:26: IPFLOW: Sub-Flow numbers are:
    24 sub-flows per chunk, 0 hashflag len,
    1 chunks allocated, 12 max chunks,
    24 allocated records, 24 free records, 960 bytes allocated
000040: 01:56:26: IPFLOW: Sub-Flow cache removed
Related Commands

Command

Description

export destination

Enables the exporting of information from NetFlow aggregation caches.

ip flow-aggregation cache

Enables NetFlow aggregation cache schemes.

ip flow-export

Enables the exporting of information in NetFlow cache entries.

ipv6 flow-aggregation cache

Enables NetFlow aggregation cache schemes for IPv6 configurations.

ipv6 flow export

Enables the exporting of information in NetFlow cache entries for IPv6 NetFlow configurations.

show ip cache flow aggregation

Displays the NetFlow aggregation cache configuration.

show ip flow export

Display the statistics for NetFlow data export.

debug ip flow export

To enable debugging output for NetFlow data export, use the debug ip flow export command in user EXEC or privileged EXEC mode. To disable debugging output for NetFlow data export, use the no form of this command.

debug ip flow export
no debug ip flow export
Syntax Description

This command has no keywords or arguments.

Command Default

Debugging output for NetFlow data export is disabled.

Command Modes

User EXEC
Privileged EXEC

Command History

Release

Modification

12.0(1)

This command was introduced.

12.3(1)

Debugging output for NetFlow v9 data export was added.

12.3(7)T

This command was modified so that NetFlow v9 data is collected for both IPv4 and IPv6.

12.2(18)S

This command was integrated into Cisco IOS Release 12.2(18)S.

12.2(30)S

This command was integrated into Cisco IOS Release 12.2(30)S.

12.2(28)SB

This command was integrated into Cisco IOS Release 12.2(28)SB.

12.2(18)SXF

This command was integrated into Cisco IOS Release 12.2(18)SXF.

12.2(33)SRA

This command was integrated into Cisco IOS Release 12.2(33)SRA.

12.2(33)SXH

This command was integrated into Cisco IOS Release 12.2(33)SXH.

12.2SX

This command is supported in the Cisco IOS Release 12.2SX train. Support in a specific 12.2SX release of this train depends on your feature set, platform, and platform hardware.

Examples

The following is sample output from the debug ip flow export command:
Router# debug ip flow export
IP Flow export mechanism debugging is on
*Mar 6 22:56:21.627:IPFLOW:Sending export pak to 2001::FFFE/64 port 9999
*Mar 6 22:56:21.627:IPFLOW:Error sending export packet:Adjacency failure
Related Commands

Command

Description

export destination

Enables the exporting of information from NetFlow aggregation caches.

ipv6 flow-aggregation cache

Enables NetFlow aggregation cache schemes for IPv6.

ipv6 flow-export

Enables the exporting of information in NetFlow cache entries.

show ip cache flow aggregation

Displays the NetFlow accounting aggregation cache statistics.

show ip flow export

Displays the statistics for NetFlow data export.

show ipv6 flow export

Displays the statistics for NetFlow data export for IPv6.

debug ip ftp

To activate the debugging option to track the transactions submitted during an FTP session, use the debug ip ftp command in privileged EXEC mode. To disable debugging output, use the no form of this command.

debug ip ftp
no debug ip ftp
Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Usage Guidelines

The debug ip ftp command is useful for debugging problems associated with FTP.

Examples

The following is an example of the debug ip ftp command:
Router# debug ip ftp
FTP transactions debugging is on
The following is sample output from the debug ip ftp command:
FTP: 220 ProFTPD 1.2.0pre8 Server (DFW Nostrum FTP Server) [defiant.dfw.nostrum.com]
Dec 27 22:12:09.133: FTP: ---> USER router
Dec 27 22:12:09.133: FTP: 331 Password required for router.
Dec 27 22:12:09.137: FTP: ---> PASS WQHK5JY2
Dec 27 22:12:09.153: FTP: 230 Anonymous access granted, restrictions apply.
Dec 27 22:12:09.153: FTP: ---> TYPE I
Dec 27 22:12:09.157: FTP: 200 Type set to I.
Dec 27 22:12:09.157: FTP: ---> PASV
.
.
.
.
.
.
.
.
.
.
.
.
.
.
Dec 27 22:12:09.173: FTP: ---> QUIT
Dec 27 22:12:09.181: FTP: 221 Goodbye.