Debuging IP packets with ACL filter

April 28, 2007 at 12:22 pm | Posted in Blogroll | Leave a comment

ACL 101 is created just for the debuging purpose. It does not need to be applied on any interface! If we do not turn on the “debug ip packet detail 101” command, the ACL 101 does not record any “hits”. When we turn it on, it will record the number of hits via “show access-list 101” command

PE1#ping ip 165.87.1.2 source 165.87.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.87.1.2, timeout is 2 seconds:
Packet sent with a source address of 165.87.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
PE1#
*Mar  1 22:19:53.486: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:19:53.486: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:19:53.490: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:19:53.490: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:19:53.490: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:19:53.490: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:19:53.494: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:19:53.498: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:19:53.498: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:19:53.498: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:19:53.502: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:19:53.502: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:19:53.502: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:19:53.506: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:19:53.506: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:19:53.510: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:19:53.510: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:19:53.510: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:19:53.514: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:19:53.514: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
PE1#
PE1#
PE1#
PE1#debug ip packet detail 101
IP packet debugging is on (detailed) for access list 101
PE1#ping ip 165.87.1.2 source 165.87.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.87.1.2, timeout is 2 seconds:
Packet sent with a source address of 165.87.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
PE1#
*Mar  1 22:20:29.590: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:20:29.590: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:20:29.590:     ICMP type=8, code=0
*Mar  1 22:20:29.594: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:20:29.594: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:20:29.594:     ICMP type=0, code=0
*Mar  1 22:20:29.594: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:20:29.598: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:20:29.598:     ICMP type=8, code=0
*Mar  1 22:20:29.602: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:20:29.602: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:20:29.602:     ICMP type=0, code=0
*Mar  1 22:20:29.602: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:20:29.602: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:20:29.606:     ICMP type=8, code=0
*Mar  1 22:20:29.606: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:20:29.606: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:20:29.610:     ICMP type=0, code=0
*Mar  1 22:20:29.610: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:20:29.610: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:20:29.610:     ICMP type=8, code=0
*Mar  1 22:20:29.614: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:20:29.614: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:20:29.614:     ICMP type=0, code=0
*Mar  1 22:20:29.618: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:20:29.618: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:20:29.618:     ICMP type=8, code=0
*Mar  1 22:20:29.622: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:20:29.622: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:20:29.622:     ICMP type=0, code=0
PE1#
PE1#
PE1#ping 165.87.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.87.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
**** NO PACKETS match debugging criteria (ACL 101)
PE1#sh access-l 101
Extended IP access list 101
    10 permit icmp host 165.87.1.1 host 165.87.1.2 (20 matches)
    20 permit icmp host 165.87.1.2 host 165.87.1.1 (20 matches)

PE1#clear access-list ? 
  counters  Clear access list counters

PE1#clear access-list counters
PE1#sh access-l 101           
Extended IP access list 101
    10 permit icmp host 165.87.1.1 host 165.87.1.2
    20 permit icmp host 165.87.1.2 host 165.87.1.1
PE1#

PE1#ping ip 165.87.1.2 source 165.87.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.87.1.2, timeout is 2 seconds:
Packet sent with a source address of 165.87.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
PE1#sh access-l 101                    
Extended IP access list 101
    10 permit icmp host 165.87.1.1 host 165.87.1.2
    20 permit icmp host 165.87.1.2 host 165.87.1.1

PE1#debug ip packet detail 101
IP packet debugging is on (detailed) for access list 101
PE1#
PE1#
PE1#ping ip 165.87.1.2 source 165.87.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 165.87.1.2, timeout is 2 seconds:
Packet sent with a source address of 165.87.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms
PE1#
*Mar  1 22:25:29.778: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:25:29.778: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:25:29.778:     ICMP type=8, code=0
*Mar  1 22:25:29.782: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:25:29.782: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:25:29.782:     ICMP type=0, code=0
*Mar  1 22:25:29.782: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:25:29.782: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:25:29.786:     ICMP type=8, code=0
*Mar  1 22:25:29.786: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:25:29.790: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:25:29.790:     ICMP type=0, code=0
*Mar  1 22:25:29.790: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:25:29.790: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:25:29.790:     ICMP type=8, code=0
*Mar  1 22:25:29.794: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:25:29.794: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:25:29.794:     ICMP type=0, code=0
*Mar  1 22:25:29.798: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:25:29.798: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:25:29.798:     ICMP type=8, code=0
*Mar  1 22:25:29.802: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:25:29.802: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:25:29.802:     ICMP type=0, code=0
*Mar  1 22:25:29.802: IP: tableid=0, s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), routed via FIB
*Mar  1 22:25:29.806: IP: s=165.87.1.1 (local), d=165.87.1.2 (Serial0/3), len 100, sending
*Mar  1 22:25:29.806:     ICMP type=8, code=0
*Mar  1 22:25:29.810: IP: tableid=0, s=165.87.1.2 (Serial0/3), d=165.87.1.1 (Loopback0), routed via RIB
*Mar  1 22:25:29.810: IP: s=165.87.1.2 (Serial0/3), d=165.87.1.1, len 100, rcvd 4
*Mar  1 22:25:29.810:     ICMP type=0, code=0
PE1#
PE1#
PE1#
PE1#sh access-list 101
Extended IP access list 101
    10 permit icmp host 165.87.1.1 host 165.87.1.2 (10 matches)
    20 permit icmp host 165.87.1.2 host 165.87.1.1 (10 matches)

Advertisements

Leave a Comment »

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Create a free website or blog at WordPress.com.
Entries and comments feeds.

%d bloggers like this: