Collecting Packet Drop Logs in Cisco SD-WAN cEdge Environments

Available Languages

Download Options

  • PDF     (15.1 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (90.9 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (79.5 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:April 22, 2025
Document ID:222975

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes the process of collecting Packet Drop Logs, a critical step in diagnosing and resolving issues related to packet loss or server inaccessibility.

    Prerequisites

    Requirements

    Cisco recommends that you have knowledge of the Cisco Software-Defined Wide Area Network (SD-WAN).

    Components

    This document is not restricted to specific software and hardware versions.

    The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

    Background Information

    Logs must be collected before performing any action in order to resolve the issue.

    By accurately capturing and analyzing these logs, network professionals can pinpoint network bottlenecks and take corrective action to improve reliability and performance across the organization.

    Steps

    1. Identify the branch and hub from where the applications can not be accessed.

    Identifying the Branch and Hub Locations Where Application Access is Unavailable

    2. Collect the mentioned command outputs in order to check if control connections and BFD sessions are up.

    terminal length 0

    show clock

    show sdwan software

    show sdwan control connections

    show sdwan bfd sessions | in <remote-ip>              remote-IP of destination tunnel

    show sdwan bfd sessions table | in <remote-ip>      

    show sdwan bfd summary

    show ip route

    show ip route vrf <>

    Also check for interface output drops show interface <interface-name>.

    3. Check for hardware platform drops, collect 2-3 samples with 10 seconds interval.

    show platform hardware qfp active statistics drop

    show platform hardware qfp active feature ipsec datapath drops

    show platform hardware qfp active feature sdwan datapath statistics

    show platform hardware qfp active feature bfd datapath statistics

    4. Take cflowd output from Hub and Spoke while accessing application.

    show sdwan app-fwd cflowd flows table | in <src-or-dst ip address>

    5. Packet trace on both Hub and Spoke simulataneously.

    packet trace on both hub and spoke

    debug platform condition ipv4 <ip> both
    debug platform packet-trace packet 2048 fia-trace data-size 4096
    debug platform condition start

    show plat packet summary

    debug platform condition stop

    show plat packet packet all decode

    6. Collect admin-tech on both Hub and Spoke from https://www.cisco.com/c/en/us/support/docs/routers/sd-wan/216954-how-to-collect-an-admin-tech-in-an-sd-wa.html.

    Revision History

    Revision Publish Date Comments
    1.0
    28-Apr-2025
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Md Aamir Sadique
      Cisco Technical Leader
    • Afroz Dalal
      Cisco Technical Leader

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products