Cisco 10000 Series Internet Router Service Selection Gateway Configuration Guide
Monitoring and Maintaining SSG
Download this chapter
Monitoring and Maintaining SSGMonitoring and Maintaining SSG
Download the complete book
Cisco 10000 Series Router Service Selection Gateway Configuration GuideCisco 10000 Series Router Service Selection Gateway Configuration Guide (PDF - 1 MB)
give_us_feedback

Table Of Contents

Monitoring and Maintaining SSG

Troubleshooting RADIUS

Per-Service Statistics

Restrictions for Per-Service Statistics

Monitoring the Parallel Express Forwarding Engine


Monitoring and Maintaining SSG

To monitor and maintain SSG, use the following commands in privileged EXEC mode:

Command
Purpose

Router# show ssg interface [interface-number | brief]

Displays a list of all SSG interfaces, the bind direction, and the binding type.

Router# show ssg summary

Displays a summary of the SSG features configured on the router and the active services.

Router# show ssg connection ip-address service-name

Displays the connections of the specified host and service name.

Router# clear ssg connection ip-address service-name

Removes the connections of the specified user and service name.

Router# show ssg pass-through-filter

Displays the downloaded filter for transparent passthrough.

Router# clear ssg pass-through-filter

Removes the downloaded filter for transparent passthrough.

To remove the filter from NVRAM, use the no form of the ssg pass-through command in global configuration mode.

Router# show ssg host [ip-address] [username]

Displays information about a subscriber and the current connections of the subscriber.

Router# clear ssg host ip-address

Removes the specified host or subscriber.

Router# show ssg direction

Displays the direction of all interfaces for which a direction has been specified.

Note The show ssg direction command is no longer supported. Instead, use the show ssg interface command.

Router# show ssg pending-command

Displays current pending commands.

Router# clear ssg pending-command

Removes all pending commands.

Router# show ssg next-hop

Displays the next-hop table.

Router# clear ssg next-hop

Removes the next-hop table.

To remove the next-hop table from NVRAM, enter the no form of the ssg next-hop command in global configuration mode.

Router# show ssg binding

Displays service names that have been bound to interfaces and the interfaces to which they have been bound.

Router# show ssg service service-name

Displays the information for a service, including QoS parameters if policing is configured.

Router# clear ssg service service-name

Removes the specified service.

Router# debug ssg ctrl-errors

Displays all error messages for control modules.

Router# debug ssg ctrl-events

Displays all event messages for control modules.

Router# debug ssg ctrl-packets

Displays packet contents handled by control modules.

Router# debug ssg data

Displays all data-path packets.

Router# debug ssg data access-list number

Displays all data-path packets for the specified access list.

Router# debug ssg errors

Displays all error messages for system modules.

Router# debug ssg events

Displays event messages for system modules.

Router# debug ssg packets

Displays packet contents handled by system modules.


Troubleshooting RADIUS

To troubleshoot communication between the RADIUS server and SSG, enter the debug radius command in privileged EXEC mode.

Per-Service Statistics

The Cisco 10000 series router collects statistics about router interfaces and the connections to them in both the input and output directions. Cisco CLI commands, such as show interface, are used to display information about the interfaces. SSG commands, such as show ssg connection, are used to display information about the connection to the router.

Restrictions for Per-Service Statistics

The Per-Service Statistics feature has the following restrictions:

The Cisco 10000 series router does not collect connection level statistics for the default or Open Garden network.

You cannot display the aggregate statistics for a user.

For PPP-based users, any link level control traffic, such as keepalives, are counted separately from the data traffic to support idle timeouts.

Monitoring the Parallel Express Forwarding Engine

To monitor the parallel express forwarding (PXF) engine, use the following commands in privileged EXEC mode:

Command
Purpose

Router# clear pxf interface [interface | rp]

Clears PXF counters for the specified interface or for the route processor (RP). If you do not specify an interface, the PXF counters for all interfaces are cleared.

Router# clear pxf statistics {ip | drop | diversion}


Clears the specified PXF statistics.

Router# show pxf cpu access-lists [security | QoS]

Displays memory information for ACLs.

Router# show pxf cpu buffers

Displays the number of output buffers of each size available for the PXF engine.

Router# show pxf cpu cef ip-prefix [mask]

Displays the current Cisco Express Forwarding (CEF) table stored in PXF memory.

Router# show pxf cpu cef memory

Displays the PXF memory usage of the current CEF table.

Router# show pxf cpu context

Displays the current and historical loads on the PXF engine. The first section displays the number of contexts of each type that have entered the PXF engine since it was last reloaded.

Router# show pxf cpu mroute

Displays the current multicast routing table stored in PXF memory.

Router# show pxf cpu queue interface

Displays the output queue statistics for an interface. If you do not specify an interface, the route processor queue statistics display.

Router# show pxf cpu schedule

Displays the rates at which each interface gets packets from the PXF engine.

Router# show pxf cpu statistics [drop | diversion | ip]

Displays statistical information about the PXF engine, since the engine was most recently loaded. If you do not specify a parameter, information is displayed for all parameters.

Router# show pxf cpu subblocks interface

Displays the status and PXF-related parameters for the interface.

Router# show pxf interface [interface | rp] [detail]

Displays PXF counters for a specific interface or the route processor (RP). If you do not specify an interface, PXF counters are displayed for all interfaces.

Router# show pxf microcode

Displays the version of microcode that is running on the PXF engine and how long it has been running.

Router# show pxf statistics {ip | diversion | drop [detail]}

Displays PXF statistics that you specify.


For more information about PXF commands, refer to the Cisco 10000 Series Router Command Quick Reference Guide.