Conditional Debug on Cisco IOS Router

ReneMolenaar · December 26, 2016, 7:05pm

This topic is to discuss the following lesson:

tkalis · October 19, 2015, 6:27pm

Rene,

Hi. With the debug condition there are multiple options that can be used such as interface (as you highlighted) ip address, mac address, etc… When you have multiple debug conditions configured is it a logical “and” or “or”? In other words do they all have to match for it to work with multiple conditions? When using the “ip” condition could that be any IP going through the router? Could it also include traffic to the router itself? Many thanks.

Thomas

ReneMolenaar · October 21, 2015, 3:15pm

Hi Thomas,

The debug condition command is pretty simple, it doesn’t work with and/or operators. For example if you enable “debug condition int fa0/0” then it will only show debug information for that interface. When you add “debug condition int fa0/1” then it will also show debug information from fa0/1, that’s it. It’s not like it will now match on traffic that enters fa0/0 and exits fa0/1 (or vice versa). It works more like access-list statements, if it matches…the debug info will show up, if it doesn’t match then you don’t see it.

Debug ip will show anything, traffic that is originated by the router and traffic that it receives from other devices.

Rene

roland.walker · May 29, 2016, 7:02pm

Rene,

I have been able to get conditional debug to work with interface. However, I have yet to perform a successful conditional debug with ip. Here’s an example:

R5#debug ip ospf hello
OSPF hello debugging is on
R5#
OSPF-1 HELLO Gi1.45: Send hello to 224.0.0.5 area 0 from 155.1.45.5
R5#
OSPF-1 HELLO Tu0: Send hello to 224.0.0.5 area 0 from 155.1.0.5
R5#
OSPF-1 HELLO Gi1.5: Send hello to 224.0.0.5 area 0 from 155.1.5.5
OSPF-1 HELLO Gi1.58: Send hello to 224.0.0.5 area 0 from 155.1.58.5
R5#
OSPF-1 HELLO Gi1.45: Rcv hello from 150.1.4.4 area 0 155.1.45.4
OSPF-1 HELLO Tu0: Rcv hello from 150.1.4.4 area 0 155.1.0.4
OSPF-1 HELLO Gi1.100: Rcv hello from 150.1.4.4 area 0 169.254.100.4
R5#
OSPF-1 HELLO Gi1.100: Send hello to 224.0.0.5 area 0 from 169.254.100.5
R5#
OSPF-1 HELLO Gi1.45: Send hello to 224.0.0.5 area 0 from 155.1.45.5
R5#
OSPF-1 HELLO Tu0: Send hello to 224.0.0.5 area 0 from 155.1.0.5
OSPF-1 HELLO Gi1.58: Send hello to 224.0.0.5 area 0 from 155.1.58.5
R5#
OSPF-1 HELLO Gi1.5: Send hello to 224.0.0.5 area 0 from 155.1.5.5
R5#
OSPF-1 HELLO Tu0: Rcv hello from 150.1.4.4 area 0 155.1.0.4
OSPF-1 HELLO Gi1.45: Rcv hello from 150.1.4.4 area 0 155.1.45.4
OSPF-1 HELLO Gi1.100: Rcv hello from 150.1.4.4 area 0 169.254.100.4
R5#
OSPF-1 HELLO Gi1.100: Send hello to 224.0.0.5 area 0 from 169.254.100.5
R5#
OSPF-1 HELLO Gi1.45: Send hello to 224.0.0.5 area 0 from 155.1.45.5
R5#
OSPF-1 HELLO Tu0: Send hello to 224.0.0.5 area 0 from 155.1.0.5
OSPF-1 HELLO Gi1.5: Send hello to 224.0.0.5 area 0 from 155.1.5.5
R5#
OSPF-1 HELLO Gi1.58: Send hello to 224.0.0.5 area 0 from 155.1.58.5
R5#u a
OSPF-1 HELLO Gi1.45: Rcv hello from 150.1.4.4 area 0 155.1.45.4
OSPF-1 HELLO Tu0: Rcv hello from 150.1.4.4 area 0 155.1.0.4
OSPF-1 HELLO Gi1.100: Rcv hello from 150.1.4.4 area 0 169.254.100.4

R5#u all
VDSL daemon error condition debugging is off
VDSL daemon state machine debugging is off
VDSL daemon information debugging is off
VDSL ipc error condition debugging is off
VDSL ipc tx debugging is off
VDSL ipc rx debugging is off
VDSL MIB error debugging is off
VDSL MIB information debugging is off
All possible debugging has been turned off

R5#debug condition ip 155.1.0.5
Condition 1 set

R5#debug ip ospf hello
OSPF hello debugging is on

R5#show debug
IOSXE Conditional Debug Configs:

Conditional Debug Global State: Stop

IOSXE Packet Tracing Configs:

OSPF:
  OSPF hello debugging is on

Condition 1: ip 155.1.0.5 :: (0 flags triggered)

R5#show debug
IOSXE Conditional Debug Configs:

Conditional Debug Global State: Stop

IOSXE Packet Tracing Configs:

OSPF:
  OSPF hello debugging is on

Condition 1: ip 155.1.0.5 :: (0 flags triggered)

R5#show debug
IOSXE Conditional Debug Configs:

Conditional Debug Global State: Stop

IOSXE Packet Tracing Configs:

OSPF:
  OSPF hello debugging is on

Condition 1: ip 155.1.0.5 :: (0 flags triggered)

As you can see I don’t get any output when I set the debug condition with the ip address. I’ve also tried different types of debugs, i.e. debug ip icmp, debug ip packet, etc.

Any advice on getting conditional debug to work with ip would be appreciative or an example would be appreciated.

Thank you.

Roland

ReneMolenaar · June 1, 2016, 12:08pm

Hi Ronald,

I just tried this on some IOS 15 routers but I’m having the same issue as you. Whatever IP address I try in “debug condition ip”…nothing shows up I’m guessing that this command doesn’t work for most debug commands…

Rene

roland.walker · June 8, 2016, 3:56am

Rene,

Thank you for checking as well. Much appreciated.

Roland

rockymntdan · June 23, 2016, 2:16pm

I tried a couple of different combinations and maybe in GNS3 this command doesn’t work at all.
I set conditions for completely different IP and only enable debug ip icmp, ping from another router and I still get output.
enable condition for interface that isn’t used and I still get debug output when pinging.
Seems this command isn’t working at all in GNS3.

I’d fire up my rack of gear but it’s 110 here …

R5#debug ip icmp
ICMP packet debugging is on

R5#debug condition ip 192.168.1.1
Condition 1 set

R5#
&#42;Jun 23 05:13:31.239: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2
&#42;Jun 23 05:13:31.315: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2
&#42;Jun 23 05:13:31.379: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2
&#42;Jun 23 05:13:31.471: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2
&#42;Jun 23 05:13:31.575: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2

R5#debug condition int f0/0
Condition 1 set

R5#show debug
Generic IP:
  ICMP packet debugging is on

Condition 1: interface Fa0/0 (1 flags triggered)
        Flags: Fa0/0

R5#
&#42;Jun 23 05:14:41.695: ICMP: echo reply sent, src 10.1.35.5, dst 10.1.26.2

ReneMolenaar · June 26, 2016, 2:19pm

Hi Daniel,

Same issue here, conditional debugging works for interfaces but I was unable to get any wanted results with debug ip condition. Tried it in VIRL and on real hardware.

Rene

davidilles · October 9, 2023, 9:10am

Hello, everyone!

For some reason, the only condition that I could get to actually work was the one related to an interface, none of the others really worked. The IP condition (as mentioned above) doesn’t seem to work, and here is a VLAN Condition that I’ve just created.

obrázok

However, regardless of whether I issue a ping from H1 or H2, both pings are debugged, even the one coming from VLAN 20.

And neither a MAC address condition seems to work…

Any ideas?

Thank you in advance.

David

lagapidis · October 14, 2023, 5:07am

Hello David

You must keep in mind that whenever you apply a condition, there is a “catch”. The catch is that the conditional debugging based on the criteria you configure, will only apply to those debug commands that are relevant to the criteria you choose.

For example, the conditional debugging based on a MAC address you have configured will only apply to those debug commands that inherently work at Layer 2 or where the MAC address is a relevant piece of information. If you apply a conditional debug with a particular MAC, it cannot be expected to conditionally filter an ICMP debug. It will however apply to a debug of the MAC address table.

Similarly, if you apply a debug condition to VLAN 10, this will only apply to debugs such as spanning tree events that are relevant to VLANs, and not to ICMP messages. Does that make sense?

I hope this has been helpful!

Laz