Table Of Contents

show ddns update interface through show ipv6 traffic Commands

show ddns update interface

show ddns update method

show debug

show debug mmp

show dhcpd

show dhcprelay state

show dhcprelay statistics

show disk

show dns-hosts

show eigrp events

show eigrp interfaces

show eigrp neighbors

show eigrp topology

show eigrp traffic

show failover

show failover exec

show file

show firewall

show flash

show fragment

show gc

show h225

show h245

show h323-ras

show history

show icmp

show idb

show igmp groups

show igmp interface

show igmp traffic

show import webvpn

show interface

show interface ip brief

show inventory

show ip address

show ip address dhcp

show ip address pppoe

show ip audit count

show ip verify statistics

show ips

show ipsec sa

show ipsec sa summary

show ipsec stats

show ipv6 access-list

show ipv6 interface

show ipv6 mld traffic

show ipv6 neighbor

show ipv6 route

show ipv6 routers

show ipv6 traffic

show ddns update interface through show ipv6 traffic Commands

---

show ddns update interface

To display the DDNS methods assigned to security appliance interfaces, use the show ddns update interface command in privileged EXEC mode.

show ddns update interface [interface-name]

Syntax Description

interface-name

(Optional) The name of a network interface.

Defaults

Omitting the interface-name string displays the DDNS method assigned to each interface.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	•	—

Command History

Release	Modification
7.2(1)	This command was introduced.

Examples

The following example displays the DDNS method assigned to the inside interface:

hostname# show ddns update interface inside

Dynamic DNS Update on inside:

  Update Method Name            Update Destination

  ddns-2                        not available

hostname#

Related Commands

Command	Description
ddns (DDNS-update- method mode)	Specifies a DDNS update method type for a created DDNS method.
ddns update (interface config mode)	Associates a security appliance interface with a DDNS update method or a DDNS update hostname.
ddns update method (global config mode)	Creates a method for dynamically updating DNS resource records.
show ddns update method	Displays the type and interval for each configured DDNS method. a DHCP server to perform DDNS updates.
show running-config ddns	Displays the type and interval of all configured DDNS methods in the running configuration.

show ddns update method

To display the DDNS update methods in the running configuration, use the show ddns update method command in privileged EXEC mode.

show ddns update method [method-name]

Syntax Description

method-name

(Optional) The name of a configured DDNS update method.

Defaults

Omitting the method-name string displays all configured DDNS update methods.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	•	—

Command History

Release	Modification
7.2(1)	This command was introduced.

Examples

The following example displays the DDNS method named ddns-2:

hostname(config)# show ddns update method ddns-2

Dynamic DNS Update Method: ddns-2

IETF standardized Dynamic DNS 'A' and 'PTR' records update

Maximum update interval: 0 days 0 hours 10 minutes 0 seconds

hostname(config)#

Related Commands

Command	Description
ddns (DDNS-update- method mode)	Specifies a DDNS update method type for a created DDNS method.
ddns update (interface config mode)	Associates a security appliance interface with a Dynamic DNS (DDNS) update method or a DDNS update hostname.
ddns update method (global config mode)	Creates a method for dynamically updating DNS resource records.
show ddns update interface	Displays the interfaces associated with each configured DDNS method.
show running-config ddns	Displays the type and interval of all configured DDNS methods in the running configuration.

show debug

To show the current debugging configuration, use the show debug command.

show debug [command [keywords]]

Syntax Description

command

(Optional) Specifies the debug command whose current configuration you want to view. For each command, the syntax following command is identical to the syntax supported by the associated debug command. For example, valid keywords following show debug aaa are the same as the valid keywords for the debug aaa command. Thus, show debug aaa supports an accounting keyword, which allows you to specify that you want to see the debugging configuration for that portion of AAA debugging.

Defaults

This command has no default settings.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	•	•	•	•

Command History

Release	Modification
Preexisting	This command was preexisting.
8.0(2)	The eigrp keyword was added to the list of possible command values.

Usage Guidelines

The valid command values follow. For each command, the syntax following command is identical to the syntax supported by the associated debug command. Refer to the associated debug command for information about the supported syntax.

---

Note The availability of each command value depends upon the command modes that support the applicable debug command.

---

•aaa

•appfw

•arp

•asdm

•context

•crypto

•ctiqbe

•ctm

•dhcpc

•dhcpd

•dhcprelay

•disk

•dns

•eigrp

•email

•entity

•fixup

•fover

•fsm

•ftp

•generic

•gtp

•h323

•http

•http-map

•icmp

•igmp

•ils

•imagemgr

•ipsec-over-tcp

•ipv6

•iua-proxy

•kerberos

•ldap

•mfib

•mgcp

•mrib

•ntdomain

•ntp

•ospf

•parser

•pim

•pix

•pptp

•radius

•rip

•rtsp

•sdi

•sequence

•sip

•skinny

•smtp

•sqlnet

•ssh

•ssl

•sunrpc

•tacacs

•timestamps

•vpn-sessiondb

•webvpn

•xdmcp

•xml

Examples

The following commands enable debugging for authentication, accounting, and Flash memory. The show debug command is used in three ways to demonstrate how you can use it to view all debugging configuration, debugging configuration for a specific feature, and even debugging configuration for a subset of a feature.

hostname# debug aaa authentication 

debug aaa authentication enabled at level 1

hostname# debug aaa accounting

debug aaa accounting enabled at level 1

hostname# debug disk filesystem

debug disk filesystem enabled at level 1

hostname# show debug

debug aaa authentication enabled at level 1

debug aaa accounting enabled at level 1

debug disk filesystem enabled at level 1

hostname# show debug aaa

debug aaa authentication enabled at level 1

debug aaa authorization is disabled.

debug aaa accounting enabled at level 1

debug aaa internal is disabled.

debug aaa vpn is disabled.

hostname# show debug aaa accounting

debug aaa accounting enabled at level 1

hostname# 

Related Commands

Command	Description
debug	See all debug commands.

show debug mmp

To display current debug settings for the MMP inspection module, use the show debug mmp command in privileged EXEC mode.

show debug mmp

Syntax Description 

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	•	•	•	—

Command History 

Release	Modification
8.0(4)	The command was introduced.

Examples

The following example shows the use of the show debug mmp command to displaythe current debug settings for the MMP inspection module:

hostname# show debug mmp

debug mmp  enabled at level 1

Related Commands 

Command	Description
debug mmp	Display inspect MMP events.
inspect mmp	Configures the MMP inspection engine.

show dhcpd

To view DHCP binding, state, and statistical information, use the show dhcpd command in privileged EXEC or global configuration mode.

show dhcpd {binding [IP_address] | state | statistics}

Syntax Description

binding	Displays binding information for a given server IP address and its associated client hardware address and lease length.
IP_address	Shows the binding information for the specified IP address.
state	Displays the state of the DHCP server, such as whether it is enabled in the current context and whether it is enabled on each of the interfaces.
statistics	Displays statistical information, such as the number of address pools, bindings, expired bindings, malformed messages, sent messages, and received messages.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	•	•	•	—

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

If you include the optional IP address in the show dhcpd binding command, only the binding for that IP address is shown.

The show dhcpd binding | state | statistics commands are also available in global configuration mode.

Examples

The following is sample output from the show dhcpd binding command:

hostname# show dhcpd binding

IP Address Hardware Address Lease Expiration Type

10.0.1.100 0100.a0c9.868e.43 84985 seconds automatic

The following is sample output from the show dhcpd state command:

hostname# show dhcpd state

Context Not Configured for DHCP

Interface outside, Not Configured for DHCP

Interface inside, Not Configured for DHCP

The following is sample output from the show dhcpd statistics command:

hostname# show dhcpd statistics

DHCP UDP Unreachable Errors: 0

DHCP Other UDP Errors: 0

Address pools        1

Automatic bindings   1

Expired bindings     1

Malformed messages   0

Message              Received

BOOTREQUEST          0

DHCPDISCOVER         1

DHCPREQUEST          2

DHCPDECLINE          0

DHCPRELEASE          0

DHCPINFORM           0

Message              Sent

BOOTREPLY            0

DHCPOFFER            1

DHCPACK              1

DHCPNAK              1

Related Commands

Command	Description
clear configure dhcpd	Removes all DHCP server settings.
clear dhcpd	Clears the DHCP server bindings and statistic counters.
dhcpd lease	Defines the lease length for DHCP information granted to clients.
show running-config dhcpd	Displays the current DHCP server configuration.

show dhcprelay state

To view the state of the DHCP relay agent, use the show dhcprelay state command in privileged EXEC or global configuration mode.

show dhcprelay state

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	•	—

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

This command displays the DHCP relay agent state information for the current context and each interface.

Examples

The following is sample output from the show dhcprelay state command:

hostname# show dhcprelay state

Context  Configured as DHCP Relay

Interface outside, Not Configured for DHCP

Interface infrastructure, Configured for DHCP RELAY SERVER

Interface inside, Configured for DHCP RELAY

Related Commands

Command	Description
show dhcpd	Displays DHCP server statistics and state information.
show dhcprelay statistics	Displays the DHCP relay statistics.
show running-config dhcprelay	Displays the current DHCP relay agent configuration.

show dhcprelay statistics

To display the DHCP relay statistics, use the show dhcprelay statistics command in privileged EXEC mode.

show dhcprelay statistics

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	•	—

Command History

Release	Modification
Preexisting	This command was preexisting.

Usage Guidelines

The output of the show dhcprelay statistics command increments until you enter the clear dhcprelay statistics command.

Examples

The following shows sample output for the show dhcprelay statistics command:

hostname# show dhcprelay statistics

DHCP UDP Unreachable Errors: 0

DHCP Other UDP Errors: 0

Packets Relayed

BOOTREQUEST          0

DHCPDISCOVER         7

DHCPREQUEST          3

DHCPDECLINE          0

DHCPRELEASE          0

DHCPINFORM           0

BOOTREPLY            0

DHCPOFFER            7

DHCPACK              3

DHCPNAK              0

hostname# 

Related Commands

Command	Description
clear configure dhcprelay	Removes all DHCP relay agent settings.
clear dhcprelay statistics	Clears the DHCP relay agent statistic counters.
debug dhcprelay	Displays debug information for the DHCP relay agent.
show dhcprelay state	Displays the state of the DHCP relay agent.
show running-config dhcprelay	Displays the current DHCP relay agent configuration.

show disk

To display the contents of the Flash memory for the adaptive security appliance only, use the show disk command in privileged EXEC mode. To display the contents of the Flash memory for a PIX security appliance only, see the show flash command.

show disk[0 | 1] [filesys | all]

Syntax Description

0 | 1	Specifies the internal Flash memory (0, the default) or the external Flash memory (1).
filesys	Shows information about the compact Flash card.
all	Shows the contents of Flash memory plus the file system information,

Defaults

Shows the internal Flash memory by default.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	•	•	—	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following is sample output from the show disk command:

hostname# show disk

-#- --length-- -----date/time------ path

 11 1301       Feb 21 2005 18:01:34 test.cfg

 12 1949       Feb 21 2005 20:13:36 test1.cfg

 13 2551       Jan 06 2005 10:07:36 test2.cfg

 14 609223     Jan 21 2005 07:14:18 test3.cfg

 15 1619       Jul 16 2004 16:06:48 test4.cfg

 16 3184       Aug 03 2004 07:07:00 old_running.cfg

 17 4787       Mar 04 2005 12:32:18 test5.cfg

 20 1792       Jan 21 2005 07:29:24 test6.cfg

 21 7765184    Mar 07 2005 19:38:30 test7.cfg

 22 1674       Nov 11 2004 02:47:52 test8.cfg

 23 1863       Jan 21 2005 07:29:18 test9.cfg

 24 1197       Jan 19 2005 08:17:48 test10.cfg

 25 608554     Jan 13 2005 06:20:54 backupconfig.cfg

 26 5124096    Feb 20 2005 08:49:28 cdisk1

 27 5124096    Mar 01 2005 17:59:56 cdisk2

 28 2074       Jan 13 2005 08:13:26 test11.cfg

 29 5124096    Mar 07 2005 19:56:58 cdisk3

 30 1276       Jan 28 2005 08:31:58 lead

 31 7756788    Feb 24 2005 12:59:46 asdmfile.dbg

 32 7579792    Mar 08 2005 11:06:56 asdmfile1.dbg

 33 7764344    Mar 04 2005 12:17:46 asdmfile2.dbg

 34 5124096    Feb 24 2005 11:50:50 cdisk4

 35 15322      Mar 04 2005 12:30:24 hs_err.log

10170368 bytes available (52711424 bytes used)

The following is sample output from the show disk filesys command:

hostname# show disk filesys

******** Flash Card Geometry/Format Info ********

COMPACT FLASH CARD GEOMETRY

   Number of Heads:            4

   Number of Cylinders       978

   Sectors per Cylinder       32

   Sector Size               512

   Total Sectors          125184

COMPACT FLASH CARD FORMAT

   Number of FAT Sectors      61

   Sectors Per Cluster         8

   Number of Clusters      15352

   Number of Data Sectors 122976

   Base Root Sector          123

   Base FAT Sector             1

   Base Data Sector          155

Related Commands

Command	Description
dir	Displays the directory contents.
show flash	Displays the contents of the internal Flash memory for the PIX security appliance only.

show dns-hosts

To show the DNS cache, use the show dns-hosts command in privileged EXEC mode.The DNS cache includes dynamically learned entries from a DNS server as well as manually entered name and IP addresses using the name command.

show dns-hosts

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following is sample output from the show dns-hosts command:

hostname# show dns-hosts

Host                       Flags      Age Type   Address(es)

ns2.example.com            (temp, OK) 0    IP    10.102.255.44

ns1.example.com            (temp, OK) 0    IP    192.168.241.185

snowmass.example.com       (temp, OK) 0    IP    10.94.146.101

server.example.com         (temp, OK) 0    IP    10.94.146.80

Table 11 shows each field description.

Table 26-1 show dns-hosts Fields 

Field	Description
Host	Shows the hostname.
Flags	Shows the entry status, as a combination of the following: •temp—This entry is temporary because it comes from a DNS server. The security appliance removes this entry after 72 hours of inactivity. •perm—This entry is permanent because it was added with the name command. •OK—This entry is valid. •??—This entry is suspect and needs to be revalidated. •EX—This entry is expired.
Age	Shows the number of hours since this entry was last referenced.
Type	Shows the type of DNS record; this value is always IP.
Address(es)	The IP addresses.

Related Commands

Command	Description
clear dns-hosts	Clears the DNS cache.
dns domain-lookup	Enables the security appliance to perform a name lookup.
dns name-server	Configures a DNS server address.
dns retries	Specifies the number of times to retry the list of DNS servers when the security appliance does not receive a response.
dns timeout	Specifies the amount of time to wait before trying the next DNS server.

show eigrp events

To display the EIGRP event log, use the show eigrp events command in privileged EXEC mode.

show eigrp [as-number] events [{start end} | type]

Syntax Description

as-number	(Optional) Specifies the autonomous system number of the EIGRP process for which you are viewing the event log. Because the security appliance only supports one EIGRP routing process, you do not need to specify the autonomous system number.
end	(Optional) Limits the output to the entries with starting with the start index number and ending with the end index number.
start	(Optional) A number specifying the log entry index number. Specifying a start number causes the output to start with the specified event and end with the event specified by the end argument. Valid values are from 1 to 4294967295.
type	(Optional) Displays the events that are being logged.

Defaults

If a start and end is not specified, all log entries are shown.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	—	—

Command History

Release	Modification
8.0(2)	This command was introduced.

Usage Guidelines

The show eigrp events output displays up to 500 events. Once the maximum number of events has been reached, new events are added to the bottom of the output and old events are removed from the top of the output.

You can use the clear eigrp events command to clear the EIGRP event log.

The show eigrp events type command displays the logging status of EIGRP events. By default, neighbor changes, neighbor warning, and DUAL FSM messages are logged. You can disable neighbor change event logging using the no eigrp log-neighbor-changes command. You can disable neighbor warning event logging using the no eigrp log-neighbor-warnings command. You cannot disable the logging of DUAL FSM events.

Examples

The following is sample output from the show eigrp events command:

hostname# show eigrp events

Event information for AS 100:

1    12:11:23.500 Change queue emptied, entries: 4 

2    12:11:23.500 Metric set: 10.1.0.0/16 53760 

3    12:11:23.500 Update reason, delay: new if 4294967295 

4    12:11:23.500 Update sent, RD: 10.1.0.0/16 4294967295 

5    12:11:23.500 Update reason, delay: metric chg 4294967295 

6    12:11:23.500 Update sent, RD: 10.1.0.0/16 4294967295 

7    12:11:23.500 Route install: 10.1.0.0/16 10.130.60.248 

8    12:11:23.500 Find FS: 10.1.0.0/16 4294967295 

9    12:11:23.500 Rcv update met/succmet: 53760 28160 

10   12:11:23.500 Rcv update dest/nh: 10.1.0.0/16 10.130.60.248 

11   12:11:23.500 Metric set: 10.1.0.0/16 4294967295

The following is sample output from the show eigrp events command with a start and stop number defined:

hostname# show eigrp events 3 8

Event information for AS 100:

3    12:11:23.500 Update reason, delay: new if 4294967295 

4    12:11:23.500 Update sent, RD: 10.1.0.0/16 4294967295 

5    12:11:23.500 Update reason, delay: metric chg 4294967295 

6    12:11:23.500 Update sent, RD: 10.1.0.0/16 4294967295 

7    12:11:23.500 Route install: 10.1.0.0/16 10.130.60.248 

8    12:11:23.500 Find FS: 10.1.0.0/16 4294967295 

The following is sample output from the show eigrp events command when there are no entries in the EIGRP event log:

hostname# show eigrp events

Event information for AS 100:  Event log is empty.

The following is sample output from the show eigrp events type command:

hostname# show eigrp events type

EIGRP-IPv4 Event Logging for AS 100:

      Log Size          500

      Neighbor Changes  Enable

      Neighbor Warnings Enable

      Dual FSM          Enable

Related Commands

Command	Description
clear eigrp events	Clears the EIGRP event logging buffer.
eigrp log-neighbor-changes	Enables the logging of neighbor change events.
eigrp log-neighbor-warnings	Enables the logging of neighbor warning events.

show eigrp interfaces

To display the interfaces participating in EIGRP routing, use the show eigrp interfaces command in privileged EXEC mode.

show eigrp [as-number] interfaces [if-name] [detail]

Syntax Description

as-number	(Optional) Specifies the autonomous system number of the EIGRP process for which you are displaying active interfaces. Because the security appliance only supports one EIGRP routing process, you do not need to specify the autonomous system number.
detail	(Optional) Displays detail information.
if-name	(Optional) The name of an interface as specified by the nameif command. Specifying an interface name limits the display to the specified interface.

Defaults

If you do not specify an interface name, information for all EIGRP interfaces is displayed.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	—	—