HomeCisco networkingCisco routerHow to (more) safely run debugs on Cisco routers

How to (more) safely run debugs on Cisco routers

Running debug commands can bring a busy router to a crawl. Not sending the output to the console can help. This tech-recipe describes turning off console debugging output and techniques for viewing debug information in a router-friendly way.


Some debug commands, like debug ip packet detail
can cause a router to stop responding while it attempts to display all the data you’ve requested. Frequently, it’s trying to force a lot of data down a 9600 baud (slow) console port.

So, we can turn this off!

config t
no logging console

But, now debugs are not very useful, since they won’t display. We can telnet to the router, then

terminal monitor

to send all the debug output down the pipe to the telnet client. Better, but this can still backfire.

We can just push all the messages to a buffer:

logging buffered

then view them with

show log

Another option which will make some debug commands, like

debug ip packet

safer is to specify an access-list for just the traffic you want. For example:

access-list 100 permit ip any host 1.1.1.1
access-list 100 permit ip host 1.1.1.1 any

debug ip packet detail 100

Will give you IP packet detail for any packets coming from or going to a host with ip address 1.1.1.1.

NOTE: Corrected on 4/9/2009 by abanks, based on AWfki’s comment.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

LATEST REVIEWS

Recent Comments

error: Content is protected !!