Hi, I saw there was already a discussion concerning that topic, but 5 years old: http://www.gossamer-threads.com/lists/cisco/nsp/78543 Is there maybe some new tcpdump-style debugging feature available to provide such functions beside the suggested "debug ip packet"?
I am looking for such situations: 1) I like to view traffic on a certain physical interface or switched vlan. I would like to see all packets and not a specific protocol or IP range. As far as I see I cannot specify an interface in an ACL but the "debug ip packet" only allows ACLs for filtering as far as I see. 2) I like to debug an IP connection and limit to a certain amount of packets (like "show me the next 20 packets from/to host x.x.x.x"). Can you tell me what bandwidth or pps I have to take into consideration to avoid overload ? To understand better what I do before typing it in on a 10G+ box: "debug ip packet ..." redirects the packets to the Management CPU and everything filtered with an ACL leads into only packets matching ALC are forwarded to the CPU, everything else is handled by the DFC/CFC+PFC only like usual. Correct ? Im looking for a way that works without exporting stuff to another box and low risk to overload CPU (live environment). Hardware in my case are several Sup720-3B, Sup720-3BXL or Sup2T with 67xx linecards. If there are special software revisions needed, please let me know. kind regards Rolf Hanßen _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
