What is the debug command?

The debug command is used to verify the operation of a router/switch in real time. debug command allows you to get a detailed picture of the router/switch operation. However, the debug command places a heavy burden on the router/switch. It is best to avoid using the debug command on a working router/switch.

Example of the debug command

The debug command is entered in privileged EXEC mode. If you look at the help for the debug command from the command line, you can specify many things, such as

R1#debug ?
  IUA                       ISDN adaptation Layer options
  aaa                       AAA Authentication, Authorization and Accounting
  aal2_xgcpspi              AAL2_XGCP Service Provider Interface.
  access-expression         Boolean access expression
  acircuit                  Attachment Circuit information
  adjacency                 adjacency
  alarm-interface           Alarm Interface Card events
  all                       Enable all debugging
  alps                      ALPS debug information
  apple                     Appletalk information
  arap                      Appletalk Remote Access
  archive                   debug archive commands
  arp                       IP ARP and HP Probe transactions
  asnl                      Application Subscribe Notify Layer
  aspp                      ASPP information
  async                     Async interface information
  backhaul-session-manager  Backhaul SM options
  backup                    Backup events
  bcm560x                   BCM560X L2 Driver
  bgp                       BGP information
  bsc                       BSC information
  bstun                     BSTUN information
 --More—
-- omitted --

Two of the many debug commands are described below.

  • debug ip packet
  • debug ip routing

debug ip packet

The “debug ip packet” displays information about the IP packets sent and received by the router on the console in real time.

debug ip packet

#debug ip packet [<ACL>] [detail]

<ACL> : associated ACL number
detail : View detailed information on packets

It is better to limit the number of IP packets to be displayed by associating them with ACLs. It even shows detailed information such as the IP header protocol number and TCP/UDP port number. debug ip packet is shown in the following example.

R1#debug ip packet
IP packet debugging is on
R1#
*Mar  1 00:13:15.451: IP: s=192.168.12.1 (local), d=224.0.0.5 (Serial2/0), len 80, sending broad/multicast
R1#
*Mar  1 00:13:17.903: IP: s=192.168.12.2 (FastEthernet0/0), d=224.0.0.5, len 76, rcvd 0
*Mar  1 00:13:17.907: IP: s=192.168.12.1 (local), d=192.168.12.2 (FastEthernet0/0), len 80, sending
*Mar  1 00:13:17.907: IP: s=192.168.12.1 (local), d=192.168.12.2 (FastEthernet0/0), len 80, encapsulation failed
R1#
*Mar  1 00:13:19.463: IP: s=192.168.12.2 (Serial2/0), d=224.0.0.5, len 80, rcvd 0
-- omitted --

debug ip routing

You can use the debug ip routing command to display real-time events for registering, updating, and deleting route information in the routing table.

debug ip routing

#debug ip routing [<ACL>]

<ACL> : associated ACL number

It is also possible to target only specific route information in the routing table by associating ACLs. The following is an example of shutting down an interface with debug ip routing enabled and shutdown -> no shutdown.

R1#debug ip routing
IP routing debugging is on
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface serial 2/0
R1(config-if)#shutdown
R1(config-if)#
*Mar  1 00:20:22.383: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: True
*Mar  1 00:20:22.383: RT: interface Serial2/0 removed from routing table
*Mar  1 00:20:22.383: RT: del 192.168.21.0/30 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:20:22.383: RT: delete subnet route to 192.168.21.0/30
*Mar  1 00:20:22.387: RT: NET-RED 192.168.21.0/30
*Mar  1 00:20:22.387: RT: delete network route to 192.168.21.0
*Mar  1 00:20:22.387: RT: NET-RED 192.168.21.0/24
R1(config-if)#
*Mar  1 00:20:24.371: %LINK-5-CHANGED: Interface Serial2/0, changed state to administratively down
R1(config-if)#
*Mar  1 00:20:24.379: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:25.371: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
R1(config-if)#
*Mar  1 00:20:25.371: RT: is_up: Serial2/0 0 state: 6 sub state: 1 line: 0 has_route: False
R1(config-if)#no shutdown
R1(config-if)#
*Mar  1 00:20:29.947: RT: is_up: Serial2/0 0 state: 4 sub state: 1 line: 0 has_route: False
R1(config-if)#
*Mar  1 00:20:31.931: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1(config-if)#
*Mar  1 00:20:31.935: RT: is_up: Serial2/0 0 state: 4 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:31.979: RT: is_up: Serial2/0 1 state: 4 sub state: 1 line: 0 has_route: False
*Mar  1 00:20:31.979: RT: SET_LAST_RDB for 192.168.21.0/30
  NEW rdb: is directly connected

*Mar  1 00:20:31.983: RT: add 192.168.21.0/30 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:20:31.983: RT: NET-RED 192.168.21.0/30
*Mar  1 00:20:31.983: RT: interface Serial2/0 added to routing table
*Mar  1 00:20:32.955: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
R1(config-if)#
*Mar  1 00:20:32.959: RT: is_up: Serial2/0 1 state: 4 sub state: 1 line: 0 has_route: True

When we shutdown the interface, the direct route information (192.168.21.0/24) has been removed from the routing table. And no shutdown shows that the route information for the directly connected (192.168.12.0/24) has been registered in the routing table.

Conditional debugging

Conditional debugging filters the output of the debug command to show only what you want to see. The output of the debug command can be very large, so in order to efficiently verify the behavior of the debug command, filter the output of the debug command.

To determine the conditions for filtering the output of the debug command, enter the following command in privileged EXEC mode.

Conditions to filter the output of the debug command#debug condition <condition>

<condition> : Conditions to filter the output of the debug command

You can set a large number of filter criteria, and the help from the CLI shows that you can set many of them, as shown below.

The most commonly used and easy-to-understand condition would be interfaces. The following configuration will show only the output of the debug command for a specific interface.

Display the output of the debug command for a specific interface#debug condition interface <interface-name>

<interface-name> : Interface name for which you want to display the output of the debug command

Example of debug condition interface

Here is an example of using debug condition interface to display only the output of the debug command for a specific interface. debug ip rip command will display the periodic sending and receiving of RIP packets in real time on the console.

R2#debug ip rip
RIP protocol debugging is on
R2#
*Mar  1 00:12:58.331: RIP: received v2 update from 192.168.12.1 on FastEthernet0/0
*Mar  1 00:12:58.331:      10.1.1.0/24 via 0.0.0.0 in 1 hops
R2#
*Mar  1 00:13:06.435: RIP: received v2 update from 192.168.23.3 on FastEthernet0/1
*Mar  1 00:13:06.435:      10.3.3.0/24 via 0.0.0.0 in 1 hops
R2#
*Mar  1 00:13:18.711: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (192.168.12.2)
*Mar  1 00:13:18.711: RIP: build update entries
*Mar  1 00:13:18.711:   10.3.3.0/24 via 0.0.0.0, metric 2, tag 0
*Mar  1 00:13:18.715:   192.168.23.0/24 via 0.0.0.0, metric 1, tag 0
R2#
*Mar  1 00:13:21.659: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/1 (192.168.23.2)
*Mar  1 00:13:21.659: RIP: build update entries
*Mar  1 00:13:21.659:   10.1.1.0/24 via 0.0.0.0, metric 2, tag 0
*Mar  1 00:13:21.663:   192.168.12.0/24 via 0.0.0.0, metric 1, tag 0

To display only RIP packets sent and received on FastEthernet0/0, configure the following conditions.

R2#debug condition interface FastEthernet 0/0
Condition 1 set

Then, the output of the debug ip rip command will be only about FastEthernet0/0.

*Mar  1 00:15:35.767: RIP: sending v2 update to 224.0.0.9 via FastEthernet0/0 (192.168.12.2)
*Mar  1 00:15:35.767: RIP: build update entries
*Mar  1 00:15:35.767:   10.3.3.0/24 via 0.0.0.0, metric 2, tag 0
*Mar  1 00:15:35.771:   192.168.23.0/24 via 0.0.0.0, metric 1, tag 0
R2#
*Mar  1 00:15:52.115: RIP: received v2 update from 192.168.12.1 on FastEthernet0/0
*Mar  1 00:15:52.115:      10.1.1.0/24 via 0.0.0.0 in 1 hops

Verify the debugging

To verify the enabled debug command, enter the following command in privileged EXEC mode.

Verify debugging#show debugging

If you configured a condition to filter the output of the debug command, it will be displayed together with the show debugging command. If you want to check only the conditions, use the show debugging condition command. The following is a sample of show debugging.

R2#show debugging
IP routing:
  RIP protocol debugging is on





Condition 1: interface Fa0/0 (1 flags triggered)
        Flags: Fa0/0

R2#show debugging condition

Condition 1: interface Fa0/0 (1 flags triggered)
        Flags: Fa0/0

Stop the debugging

To stop the debug, simply prefix any enabled debug command with “no”. Alternatively, you can use the undeug all command to stop all debug commands.

stop the debug

#no <Enabled deubg command>

or

#undebug all

R1#debug ip packet
IP packet debugging is on
R1#undebug all
All possible debugging has been turned off
Omit “undebug all” and just recognize “u all”.

Cisco Basic