What is the debug command?

The debug command is used to check the operation of a router/switch in real time. debug command allows you to get a detailed picture of the router/switch operation. However, the debug command places a heavy burden on the router/switch. It is best to avoid using the debug command on a working router/switch.

Example of the debug command

The debug command is entered in privileged EXEC mode. If you look at the help for the debug command from the command line, you can specify many things, such as

R1#debug ?
  IUA                       ISDN adaptation Layer options
  aaa                       AAA Authentication, Authorization and Accounting
  aal2_xgcpspi              AAL2_XGCP Service Provider Interface.
  access-expression         Boolean access expression
  acircuit                  Attachment Circuit information
  adjacency                 adjacency
  alarm-interface           Alarm Interface Card events
  all                       Enable all debugging
  alps                      ALPS debug information
  apple                     Appletalk information
  arap                      Appletalk Remote Access
  archive                   debug archive commands
  arp                       IP ARP and HP Probe transactions
  asnl                      Application Subscribe Notify Layer
  aspp                      ASPP information
  async                     Async interface information
  backhaul-session-manager  Backhaul SM options
  backup                    Backup events
  bcm560x                   BCM560X L2 Driver
  bgp                       BGP information
  bsc                       BSC information
  bstun                     BSTUN information
 --More—
~省略~

Two of the many debug commands are described below.

  • debug ip packet
  • debug ip routing

debug ip packet

The “debug ip packet” displays information about the IP packets sent and received by the router on the console in real time.

debug ip packet

#debug ip packet [<ACL>] [detail]

<ACL> : associated ACL number
detail : View detailed information on packets

It is better to limit the number of IP packets to be displayed by associating them with ACLs. It even shows detailed information such as the IP header protocol number and TCP/UDP port number. debug ip packet is shown in the following example.

R1#debug ip packet
IP packet debugging is on
R1#
*Mar  1 00:13:15.451: IP: s=192.168.12.1 (local), d=224.0.0.5 (Serial2/0), len 80, sending broad/multicast
R1#
*Mar  1 00:13:17.903: IP: s=192.168.12.2 (FastEthernet0/0), d=224.0.0.5, len 76, rcvd 0
*Mar  1 00:13:17.907: IP: s=192.168.12.1 (local), d=192.168.12.2 (FastEthernet0/0), len 80, sending
*Mar  1 00:13:17.907: IP: s=192.168.12.1 (local), d=192.168.12.2 (FastEthernet0/0), len 80, encapsulation failed
R1#
*Mar  1 00:13:19.463: IP: s=192.168.12.2 (Serial2/0), d=224.0.0.5, len 80, rcvd 0
~省略~

debug ip routing

You can use the debug ip routing command to display real-time events for registering, updating, and deleting route information in the routing table.

debug ip routing

#debug ip routing [<ACL>]

<ACL> : associated ACL number

It is also possible to target only specific route information in the routing table by associating ACLs. The following is an example of shutting down an interface with debug ip routing enabled and shutdown -> no shutdown.

R1#debug ip routing
IP routing debugging is on
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface serial 2/0
R1(config-if)#shutdown
R1(config-if)#
*Mar  1 00:20:22.383: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: True
*Mar  1 00:20:22.383: RT: interface Serial2/0 removed from routing table
*Mar  1 00:20:22.383: RT: del 192.168.21.0/30 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:20:22.383: RT: delete subnet route to 192.168.21.0/30
*Mar  1 00:20:22.387: RT: NET-RED 192.168.21.0/30
*Mar  1 00:20:22.387: RT: delete network route to 192.168.21.0
*Mar  1 00:20:22.387: RT: NET-RED 192.168.21.0/24
R1(config-if)#
*Mar  1 00:20:24.371: %LINK-5-CHANGED: Interface Serial2/0, changed state to administratively down
R1(config-if)#
*Mar  1 00:20:24.379: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:25.371: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
R1(config-if)#
*Mar  1 00:20:25.371: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: False
R1(config-if)#no shutdown
R1(config-if)#
*Mar  1 00:20:29.947: RT: is_up: Serial2/0 0 state: 4 sub state: 1 line: 0 has_route: False
R1(config-if)#
*Mar  1 00:20:31.931: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1(config-if)#
*Mar  1 00:20:31.935: RT: is_up: Serial2/0 0 state: 4 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:31.979: RT: is_up: Serial2/0 1 state: 4 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:31.979: RT: SET_LAST_RDB for 192.168.21.0/30
  NEW rdb: is directly connected

*Mar  1 00:20:31.983: RT: add 192.168.21.0/30 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:20:31.983: RT: NET-RED 192.168.21.0/30
*Mar  1 00:20:31.983: RT: interface Serial2/0 added to routing table
*Mar  1 00:20:32.955: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
R1(config-if)#
*Mar  1 00:20:32.959: RT: is_up: Serial2/0 1 state: 4 sub state: 1 line: 0 has_route: True

When we shutdown the interface, the direct route information (192.168.21.0/24) has been removed from the routing table. And no shutdown shows that the route information for the directly connected (192.168.12.0/24) has been registered in the routing table.

Stop the debug

To stop the debug, simply prefix any enabled debug command with “no”. Alternatively, you can use the undeug all command to stop all debug commands.

stop the debug

#no <Enabled deubg command>

or

#undebug all

R1#debug ip packet
IP packet debugging is on
R1#undebug all
All possible debugging has been turned off
Omit “undebug all” and just recognize “u all”.

Related articles

Cisco Basic