Archive for November, 2013


During troubleshooting it is often necessary to see what traffic is being passed between two networks or two hosts. Lets use built-in capture tool. Below are the steps you need to take:
So, we are troubleshooting traffic between a host with the address of and a host with the address of

1.) Define the traffic that you would like to check by creating capture file called LB:

#access-list LB extended permit ip host host
#access-list LB extended permit ip host host
#access-list LB extended permit icmp host host
#access-list LB extended permit icmp host host

2.) Create and start the packet capture process called LB:

#capture LB access-list LB

3.) Create some traffic between these hosts.
Our defined ACL will detect all traffic between these two hosts, so let just start pinging:

From the host ping
From the host ping

4.) Analyze the packet capture.

#show capture LB !— This will show all captured traffic.

5.) Turn off the packet capture and remove the ACL:

#no capture LB
#clear configure access-list LB

#clear capture LB !—clear the capture log by using this command
#show capture LB | inc !—use the pipe functionality when viewing output






Posted: November 26, 2013 in Generic IOS, Uncategorized



Router1(config-router)#do sh ip int br

Router1(config)#router bgp 11
Router1(config-router)#neighbor remote-as 22
Router1(config-router)#neighbor ttl-security hops 2
Router1(config-router)#network mask

router bgp 11
no synchronization
bgp log-neighbor-changes
network mask
neighbor remote-as 22
neighbor ttl-security hops 2
no auto-summary
Router2(config)#router bgp 22
Router2(config-router)#neighbor remote-as 11
Router2(config-router)#neighbor ttl-security hops 2
Router2(config-router)#network mask

router bgp 22
no synchronization
bgp log-neighbor-changes
network mask
neighbor remote-as 11
neighbor ttl-security hops 2
no auto-summary

Router2#sh ip int br
Interface IP-Address OK? Method Status Protocol

Router2#sh ip bgp summary
BGP router identifier, local AS number 22
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
1/1 BGP path/bestpath attribute entries using 124 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 296 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs

Neighbor    V   AS    MsgRcvd     MsgSent     TblVer    InQ    OutQ   Up/Down State/PfxRcd   4   11       0                   0                   1              0        0              never      Idle

ip access-list extended TTL    
permit ip host any ttl lt 2


class-map acl-filter-class

# match access-group name TTL


policy-map acl-filter
class acl-filter-class



service-policy input acl-filter

The following example configures a traffic class called acl-filter-class for use in a policy map called acl-filter. An access list permits IP packets from any source having a TTL of 0 or 1. Any packets matching the access list are dropped.
The policy map is attached to the control plane.

!– defines an IP access list that filters on a TTL value; it must be an extended access list.
ip access-list extended TTL    !–Every access list must have at least one permit statement.!–This access-list sets conditions to allow a packet to pass a named IP access list.
!–This example permits packets from source to any destination with a TTL value less than 2. Any packets that pass the access list are dropped in policy. This special access list is separate from any interface access list.
#permit ip host any ttl lt 2!– Creates a class map to be used for matching packets to a specified class.
#class-map acl-filter-class!– Configures the match criteria for a class map on the basis of the specified access control list.

     # match access-group name TTL!– Creates or modifies a policy map that can be attached to one or more interfaces to specify a service policy.

policy-map acl-filter!– Specifies the name of the class whose policy you want to create or change or to specify the default class (commonly known as the class-default class) before you configure its policy.

class acl-filter-class!– Configures a traffic class to discard packets belonging to a specific class.

drop!– Associates or modifies attributes or parameters that are associated with the control plane of the device.


!– Attaches a policy map to a control plane for aggregate control plane services.Router(config-cp)# service-policy input acl-filter