Debugging a Switch Router

Table of Contents

Debugging a Switch Router
Using the Debug Interface
Enabling Message Logging

Debugging a Switch Router


This appendix provides an overview of the debug commands that might be helpful when troubleshooting your switch router.

This appendix consists of the following sections:

Use debug commands to isolate problems, not to monitor normal network operation. Because the high overhead of debug commands can disrupt switch router operation, use debug commands only when you are looking for specific types of traffic or problems and have narrowed your problems to a likely subset of causes.

Output formats vary with each debug command. Some generate a single line of output per packet, and others generate multiple lines of output per packet. Some generate large amounts of output, and others generate only occasional output. Some generate lines of text, and others generate information in field format.

Follow these steps to minimize the negative impact of using debug commands:


Step 1   Use the no logging console global configuration command on your switch router. This command disables all logging to the console terminal.

Step 2   Use Telnet to connect to a switch router port, and enter the enable EXEC command.

Step 3   Use the terminal monitor command to copy debug command output and system error messages to your current terminal display.





As a result, you can view debug command output remotely, without being connected through the console port.

Because the console port no longer has to generate character-by-character processor interrupts, following this procedure minimizes the load created by using debug commands.

If you intend to keep the output of the debug command, spool the output to a file. The procedure for setting up such a debug output file is described in the Cisco  IOS Debug Command Reference publication. This publication provides complete details regarding the function and output of debug commands, and includes specific debug commands that are useful when troubleshooting specific problems.

Using the Debug Interface

This section explains how to diagnose and resolve internetworking problems by using debug commands, and covers the following topics:


Caution   Because debugging output is assigned a high priority in the multiservice route processor, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with customer support. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that the increased overhead of debug command processing will affect system use.

Entering debug Commands

All debug commands are entered in privileged EXEC mode, and most debug commands take no arguments. For example, to enable the debug atm packet command, enter the following in privileged EXEC mode at the command line:

Switch# debug atm packet
ATM packets debugging is on
Displaying all ATM packets

To display the status of each debugging option, enter the show debugging command in privileged EXEC mode:

Switch# show debugging
Generic ATM:
ATM packets debugging is on
Switch#

To turn off the debug atm packet command in privileged EXEC mode, enter the no form of the command at the command line:

Switch# no debug atm packet
ATM packets debugging is off
Switch#

Using the debug ? Command

To list and see a brief description of all the debug command options, at the command line enter the debug ? command in privileged EXEC mode, as shown in the following example:

Switch# debug ?
aaa AAA Authentication, Authorization and Accounting
all Enable all debugging
arp IP ARP and HP Probe transactions
async Async interface information
atm ATM interface packets
broadcast MAC broadcast packets
callback Callback activity
cdp CDP information
ces-iwf CES-IWF Info
chat Chat scripts activity
compress COMPRESS traffic
custom-queue Custom output queueing
dialer Dial on Demand
dnsix Dnsix information
domain Domain Name System
eigrp EIGRP Protocol information
ethernet-interface Ethernet network interface events
filesys File system information
general Rhino General Debug
ip IP information
ipc Interprocess communications debugging
lane LAN Emulation
list Set interface or/and access list for the next debug command
modem Modem control/process activation
ntp NTP information
nvram Debug NVRAM behavior
packet Log unknown packets
ports Rhino Ports Info
ppp PPP (Point to Point Protocol) information
priority Priority output queueing
probe HP Probe Proxy Requests
rif RIF cache transactions
serial Serial interface information
snmp SNMP information
sscop SSCOP
standby Hot standby protocol
tacacs TACACS authentication and authorization
tag-switching Tag Switching
  telnet Incoming telnet connections
tftp TFTP packets
token Token Ring information
tunnel Generic Tunnel Interface
Switch#

Note   Not all debug commands listed in the output of the debug ? command are described in this document. Commands included here assist you in diagnosing network problems.

Using the debug all Command: Warning

To enable all system diagnostics, you can enter the debug all command in privileged EXEC mode at the command line.


Caution   Because debugging output takes priority over other network traffic, and because the debug all command generates more output than any other debug command, it can severely diminish switch router performance or render the switch router unusable. Use more specific debug commands.

The no debug all command turns off all diagnostic output. Using this command is a convenient way to ensure that you have not accidentally left any debug commands turned on.

Generating debug Command Output

Enabling a debug command can result in output similar to the following example for the debug lane client all command:

Switch# debug lane client all
Switch#
LEC ATM13/0/0.1: action A_RESEND_JOIN_REQ
LEC ATM13/0/0.1: sending LANE_JOIN_REQ on VCD 303
LEC ATM13/0/0.1: Status 0
LEC ATM13/0/0.1: LECID 0
LEC ATM13/0/0.1: MAC address 00e0.4fac.b402
LEC ATM13/0/0.1: ATM address 47.00918100000000E04FACB401.00E04FACB402
.01
LEC ATM13/0/0.1: LAN Type 1
LEC ATM13/0/0.1: Frame size 1
LEC ATM13/0/0.1: LAN Name eng_elan
LEC ATM13/0/0.1: LAN Name size 8
LEC ATM13/0/0.1: state JOIN_CTL_DIST_CONN event LEC_TIMER_JOIN => JOIN_CTL_DIST_
CONN
%LANE-3-NOREGILMI: ATM13/0/0 LECS cannot register 47.00918100000000E04FACB401.00
E04FACB405.00 with ILMI
LEC ATM13/0/0.1: action A_RESEND_JOIN_REQ
LEC ATM13/0/0.1: action A_TEARDOWN_LEC
LEC ATM13/0/0.1: sending RELEASE
LEC ATM13/0/0.1: callid 0x60EBB48C
LEC ATM13/0/0.1: cause code 31
LEC ATM13/0/0.1: sending CANCEL
LEC ATM13/0/0.1: ATM address 47.00918100000000E04FACB401.00E04FACB402.01
LEC ATM13/0/0.1: state JOIN_CTL_DIST_CONN event LEC_TIMER_JOIN => TERMINATING
LEC ATM13/0/0.1: received RELEASE_COMPLETE
LEC ATM13/0/0.1: callid 0x60EBB48C
LEC ATM13/0/0.1: cause code 31
LEC ATM13/0/0.1: action A_PROCESS_TERM_REL_COMP
LEC ATM13/0/0.1: state TERMINATING event LEC_SIG_RELEASE_COMP => IDLE
LEC ATM13/0/0.1: received CANCEL
LEC ATM13/0/0.1: state IDLE event LEC_SIG_CANCEL => IDLE
LEC ATM13/0/0.1: state IDLE event LEC_CTL_ILMI_SET_RSP_POS => IDLE
%LANE-3-NOREGILMI: ATM13/0/0 LECS cannot register 47.00918100000000E04FACB401.00
E04FACB405.00 with ILMI
%LANE-3-NOREGILMI: ATM13/0/0 LECS cannot register 47.00918100000000E04FACB401.00
E04FACB405.00 with ILMI
Switch#
%LANE-3-NOREGILMI: ATM13/0/0 LECS cannot register 47.00918100000000E04FACB401.00
E04FACB405.00 with ILMI
Switch# no debug lane client all
All possible debugging has been turned off
Switch#

The switch router continues to generate such output until you enter the corresponding no debug command (in this case, no debug lane client all).

If you enable a debug command and no output is displayed, consider the following possibilities:

  • The switch router might not be properly configured to generate the type of traffic you want to monitor. Use the show running-config command to check the configuration of the switch router.
  • Even a properly configured switch router might not generate the type of traffic you want to monitor when debugging is enabled. Depending on the protocol you are debugging, you can use commands such as the ping atm interface atm command to generate network traffic.

Redirecting Debugging and Error Message Output

By default, the network server sends the output from debug commands and system error messages to the console terminal. If you use this default, monitor debugging output with a virtual terminal connection, rather than the console port.

To redirect debugging output, use the variations of the logging command within configuration mode as described in the following sections.

Possible destinations include the console terminal, virtual terminals, internal buffer, and UNIX hosts running a syslog server. The syslog format is compatible with 4.3 Berkeley Standard Distribution (BSD) UNIX and its derivatives.


Note   Be aware that the debugging destination you use affects system overhead. Logging messages to the console produces very high overhead, whereas logging messages to a virtual terminal produces less overhead. Logging messages to a syslog server produces even less, and logging them to an internal buffer produces the least overhead of any method.

To configure message logging, you need to be in configuration command mode. To enter this mode, use the configure terminal command at the EXEC prompt.

Enabling Message Logging

By logging messages you can redirect debug output to a file, memory, or a remote host connection.

This section contains the following:

To configure message logging, use any of the following global configuration commands. Use the no form of the command to assign the default value:

Command Purpose

logging on

Enables message logging.

logging hostname | ip-address

Enables logging to a sys server host.

logging buffered [buffer-size] [0 - 7 | alerts | critical | debugging | emergencies | errors | informational | notifications | warnings]

Enables logging to an internal buffer instead of writing to the console, and configures the buffer size.

logging console [0 - 7 | alerts | critical | debugging | emergencies | errors | informational | notifications | warnings]

Enables logging to the console, and configures the level displayed.

logging facility {auth | cron | daemon | kern | local0 - local7 | lpr | mail | news | sys9 - sys14 | syslog | user | uucp}

Enables logging to a specific facility.

logging monitor [0 - 7 | alerts | critical | debugging | emergencies | errors | informational | notifications | warnings]

Enables logging to a monitor, and configures the level displayed.

logging source-interface {{atm | atm-p} card/subcard/port | async 1 | bvi number | dialer | ethernet number | lex number | loopback number | null 0 | tunnel number | virtual-template number | virtual-tokenring number | vlan number}

Enables logging from a specific source interface.

logging trap [0 - 7 | alerts | critical | debugging | emergencies | errors | informational | notifications | warnings]

Enables logging of SNMP1 traps.

1SNMP = Simple Network Management Protocol
Examples

To enable message logging to all supported destinations other than the console, enter the logging on command as in the following example:

Switch(config)# logging on

To direct logging to the console terminal only and disable logging output to other destinations, enter the no logging on command as in the following example:

Switch(config)# no logging on

Setting the Message Logging Levels

You can set the logging levels when you log messages to the following devices:

  • Console
  • Monitor
  • Syslog server

Table A-1 lists and briefly describes the logging levels and corresponding keywords you can use to set the logging levels for these types of messages. The highest level of message is 0, emergencies. The lowest level is 7, debugging, which also displays the largest number of messages.

Table A-1   Message Logging Keywords and Levels

Level Keyword Description Syslog Definition

0

emergencies

System is unusable.

LOG_EMERG

1

alerts

Immediate action is needed.

LOG_ALERT

2

critical

Critical conditions exist.

LOG_CRIT

3

errors

Error conditions exist.

LOG_ERR

4

warnings

Warning conditions exist.

LOG_WARNING

5

notifications

Normal, but significant, conditions exist.

LOG_NOTICE

6

informational

Informational messages.

LOG_INFO

7

debugging

Debugging messages.

LOG_DEBUG

For information about limiting these messages, refer to the sections that follow.

Limiting the Types of Logging Messages Sent to the Console

The logging console command limits the logging messages displayed on the console terminal to messages up to and including the specified severity level, which is specified by the level argument.

The level argument is one of the keywords listed in Table A-1. Keywords are listed in order from the most severe level to the least severe level.

The no logging console command disables logging to the console terminal.

Example

The following example sets console logging of messages at the debugging level, which is the least severe level and displays all logging messages:

Switch(config)# logging console debugging

Logging Messages to an Internal Buffer

The logging buffered command copies logging messages to an internal buffer instead of writing them to the console terminal. The buffer is circular in nature, so newer messages overwrite older messages. To display the messages that are logged in the buffer, use the show logging privileged EXEC command. The first message displayed is the oldest message in the buffer. The no logging buffered command cancels the use of the buffer and writes messages to the console terminal, which is the default setting.

Example

The following example copies logging messages to buffered memory and sets the memory buffer space as 10,000 bytes:

Switch(config)# logging buffered 10000

Limiting the Types of Logging Messages Sent to Another Monitor

The logging monitor command limits the logging messages that are displayed on terminal lines—other than the console line—to messages with a level up to and including the specified level argument. The level argument is one of the keywords listed in Table A-1. To display logging messages on a terminal (virtual console), use the terminal monitor privileged EXEC command.

The no logging monitor command disables logging to terminal lines other than the console line.

Example

The following example sets the level of messages displayed on monitors other than the console to notification level:

Switch(config)# logging monitor notification

Logging Messages to a UNIX Syslog Server

The logging command identifies a syslog server host to receive logging messages. The ip-address argument is the IP address of the host. By issuing this command more than once, you build a list of syslog servers that receive logging messages.

The no logging command deletes the syslog server with the specified address from the list of syslogs.

Example

The following example configures syslog server host diablo.cisco.com to receive the logging messages:

Switch(config)# logging diablo.cisco.com
Example of Setting Up a UNIX Syslog Daemon

To set up the syslog daemon on a 4.3 BSD UNIX system, include a line such as the following in the file /etc/syslog.conf:

local7.debugging /usr/adm/logs/tiplog

The local7 keyword specifies the logging facility to be used. The debugging keyword specifies the syslog level. See Table A-1 for other keywords that can be listed.

The UNIX system sends messages at or above this level to the specified file, in this case /usr/adm/logs/tiplog. The file must already exist, and the syslog daemon must have permission to write to the specific file. For System V UNIX systems, the line should read as follows:

local7.debug /usr/admin/logs/cisco.log

Limiting Messages to a Syslog Server

The logging trap command limits the logging messages sent to syslog servers to messages with a level up to and including the specified level argument. The level argument is one of the keywords listed in Table A-1.

To send logging messages to a syslog server, specify its host address with the logging command. The default trap level is the informational level. The no logging trap command disables logging to syslog servers.

Example

The following example configures traps sent to the syslog server as informational:

Switch(config)# logging trap informational

Displaying the Logging Configuration

To display the logging configuration, use the following command in user EXEC mode:

Command Purpose

show logging

Displays the logging configuration.

Example

The following example shows the addresses and levels associated with the current logging setup. The command output also includes ancillary statistics.

Switch# show logging
Syslog logging: disabled (0 messages dropped, 3 flushes, 0 overruns)
Console logging: level critical, 130 messages logged
Monitor logging: level notifications, 0 messages logged
Trap logging: level informational, 132 message lines logged
Buffer logging: level debugging, 127 messages logged
Log Buffer (10000 bytes):
Switch#