IP service command directory
Use the following commands to configure various IP
services. For more configuration information about IP services, please refer to
the chapter “configure IP services”.
Clear a TCP connection.
clear tcp {local host-name
port remote host-name port | tcb address}
Parameter:
local host-name port |
IP address of the local
host and TCP port.
|
remote host-name port |
IP address of the remote
host and TCP port. |
tcb address |
The convert control
block(TCB) of TCP connection to be deleted. TCB is the identifier of TCP
connection which can be obtained by command “show tcp brief”. |
Command mode:
Supervisor
mode
Explanation:
Command “clear tcp” is mainly used to
clear the closed TCP connection. In some cases, such as communication line
problem, TCP connection or restart of the dealing host, TCP connection is
actually stopped, but as there is no communication on TCP connection, the
system cannot timely discover this situation, here you can use command “clear
TCP” to close the invalid TCP connection. Among them, command clear tcp
local host-name port remote host-name port is used to stop the TCP connection between
designated IP address/port of local host and remote host. Command clear
tcp tcb address is used to
stop the TCP connection tagged by the designated TCB address.
Example:
The following example clears the TCP connection between 192.168.20.22:23(local)和192.168.20.120:4420(remote). Command “show tcp brief” shows the local and remote host information of current TCP connection.
Router#show tcp brief
TCB
Local Address Foreign
Address
State
0xE85AC8 192.168.20.22:23 192.168.20.120:4420 ESTABLISHED
0xEA38C8 192.168.20.22:23
192.168.20.125:1583
ESTABLISHED
Router#clear tcp local
192.168.20.22 23 remote 192.168.20.120 4420
Router#show tcp brief
TCB
Local Address Foreign
Address
State
0xEA38C8 192.168.20.22:23
192.168.20.125:1583
ESTABLISHED
The following example clears the TCP connection
with TCB address 0xea38c8. Command “show tcp brief” shows the TCB address of TCP
connection.
TCB
Local Address Foreign
Address
State
0xEA38C8 192.168.20.22:23
192.168.20.125:1583
ESTABLISHED
Router#clear tcp tcb
0xea38c8
Router#show tcp brief
TCB
Local Address Foreign
Address
State
Relevant command:
clear tcp statistics
Parameter:
none
Command mode:
Supervisor
mode
Example:
Use the following command to clear TCP statistics:
Router#clear tcp
statistics
Relevant command:
show tcp statistics
Show ARP interactive information, such as
sending ARP request, receiving ARP response, receiving ARP request, sending ARP
response and etc… When the router cannot communicate with the host, the command
can be used to analyse the ARP interactive information. Use “no debug arp” to
stop showing the information.
debug arp
no debug arp
Parameter:
none
Command mode:
Supervisor
mode
Example:
Router#debug
arp
Router#IP ARP: rcvd req src
192.168.20.116 00:90:27:a7:a9:c2, dst 192.168.20.111, Ethernet1/0
IP ARP: req filtered src
192.168.20.139 00:90:27:d5:a9:1f, dst 192.168.20.82 00:
00:00:00:00:00, wrong
cable, Ethernet1/1
IP ARP: created an
incomplete entry for IP address 192.168.20.77, Ethernet1/0
IP ARP: sent req src
192.168.20.22 08:00:3e:33:33:8a, dst 192.168.20.77, Ethernet1/0
IP ARP: rcvd reply src
192.168.20.77 00:30:80:d5:37:e0, dst 192.168.20.22, Ethernet1/0
The first
information indicates: the router receives an ARP request on interface
Ethernet1/0, IP address of the host sending the request is 192.168.20.116, the MAC address is
00:90:27:a7:a9:c2, it requests the MAC address of host with IP address
192.168.20.111:
IP ARP: rcvd req src 192.168.20.116
00:90:27:a7:a9:c2, dst 192.168.20.111, Ethernet1/0
IP ARP: req filtered src 192.168.20.139
00:90:27:d5:a9:1f, dst 192.168.20.82 00:
00:00:00:00:00, wrong cable, Ethernet1/1
The third information means, the router wants
to resolute the MAC address of host 192.168.20.77, so it creates an incomplete
ARP entry for the host, and then fills in MAC address while receiving ARP
response. According to the configuration of the router, this host connects on
the interface Ethernet 1/0.
IP ARP: created an incomplete entry for IP address
192.168.20.77, Ethernet1/0
IP ARP: sent req src 192.168.20.22
08:00:3e:33:33:8a, dst 192.168.20.77, Ethernet1/0
IP ARP: rcvd reply src 192.168.20.77
00:30:80:d5:37:e0, dst 192.168.20.22, Ethernet1/0
Show the interactive information of Internet Control Message Protocol (ICMP). Use command “no debug ip icmp” to disable debug output.
debug ip icmp
no debug ip icmp
Parameter:
none
Command mode:
Supervisor
mode
Explanation:
This command can show the ICMP packet the system received and sent, in order to solve the connection problem between port to port of the network. If you want to know the detailed information about command output “debug ip icmp”, please refer to RFC 792, “Internet Control Message Protocol ”.
Example:
Router#debug ip icmp
Router#ICMP: sent pointer
indicating to 192.168.20.124 (dst was 192.168.20.22), len 48
ICMP: rcvd echo from
192.168.20.125, len 40
ICMP: sent echo reply, src
192.168.20.22, dst 192.168.20.125, len 40
ICMP: sent dst
(192.168.20.22) protocol unreachable to 192.168.20.124, len 36
ICMP: rcvd host
redirect from 192.168.20.77, for dst 22.0.0.3 use gw 192.168.20.26, len 36
ICMP: rcvd dst
(22.0.0.3) host unreachable from 192.168.20.26, len 36
ICMP: sent host
redirect to 192.168.20.124, for dst 22.0.0.5 use gw 192.168.20.77, len 36
ICMP: rcvd dst
(2.2.2.2) host unreachable from 192.168.20.26, len 36
The explanation of the first information is
as follows:
ICMP: sent pointer indicating to 192.168.20.124
(dst was 192.168.20.22), len 48
Domain |
Description |
ICMP: |
Shows the information of Internet Control Message Protocol (ICMP) packet. |
Sent |
Sending ICMP packet. |
pointer indicating |
ICMP packet type, this ICMP packet means that
original IP packet parameter error, and also indicates the error domain.
Other types of ICMP packets include: echo reply dst unreachable,include: ---net unreachable ---host unreachable ---protocol unreachable ---port unreachable ---fragmentation needed and DF set ---source route failed ---net unacknowledged ---destination host unacknowledged ---source host isolated ---net prohibited ---host prohibited ---net tos unreachable ---host tos unreachable source quench redirect,includes: ---net redirect ---host redirect ---net tos redirect ---host tos redirect echo router advertisement router solicitation time exceeded, includes: ---ttl exceeded ---reassembly timeout parameter problem,includes: ---pointer indicating ---option missed ---bad length timestamp timestamp reply information request information reply mask request mask reply If it is the ICMP type unacknowledged by the
system, the system will show the ICMP type and code value. |
to 192.168.20.124 |
The destination address of
ICMP packet is 192.168.20.124, and also the source address of the original
packet which initiates ICMP packet. |
(dst was 192.168.20.22) |
The destination address
of the original packet initiates ICMP packet is 192.168.20.22. |
len 48 |
The length of ICMP packet
is 48 bytes, not including the length of IP header. |
The explanation of the second information
is as follows:
ICMP: rcvd echo from 192.168.20.125, len 40
Domain |
Description |
rcvd |
Received ICMP packet. |
echo |
ICMP packet type, for echo request packet. |
from 192.168.20.125 |
The source address of ICMP packet is
192.168.20.125. |
The explanation of the third information is
as follows:
ICMP: sent echo reply, src 192.168.20.22, dst 192.168.20.125,
len 40
Domain |
Command |
src 192.168.20.22 |
Source address of ICMP packet is
192.168.20.22. |
dst 192.168.20.125 |
Destination address of ICMP packet is
192.168.20.125. |
According to the different types
of ICMP packets, the generated ICMP packet information use different formats in
the convenience of showing the packet content.
For example, for ICMP
redirect packet, you can use the following format to print:
ICMP:
rcvd host redirect from 192.168.20.77, for dst 22.0.0.3 use gw 192.168.20.26,
len 36
ICMP:
sent host redirect to 192.168.20.124, for dst 22.0.0.5 use gw 192.168.20.77,
len 36
The first information
means, it receives the redirect packet of ICMP host from host 192.168.20.77,
suggests that you can use gateway 192.168.20.26 to reach the destination host
22.0.0.3, the length of ICMP packet is 36 bytes.
The
second information means, it sends the redirect packet of ICMP host to
192.168.20.124, informs it to use 192.168.20.77 to reach host 22.0.0.5, the
length of ICMP packet is 36 bytes.
For destination unreachable
packet of ICMP, use the following formats to print:
ICMP: sent dst
(202.96.209.133) host unreachable to 192.168.20.124, len 36
ICMP: rcvd dst (2.2.2.2) host unreachable from 192.168.20.26,
len 36
The first information
means, the router can not route a certain IP packet, so it sends destination
host (202.96.209.133)unreachable
packet of ICMP to the source host 192.168.20.124 of
the packet, the length of ICMP packet is 36 bytes.
The second information
means, the router receives an ICMP packet from host 192.168.20.26, informs that the
destination host (2.2.2.2) is unreachable, and the length of ICMP packet is 36
bytes.
Show the interactive information of internet protocol (IP).
Use “no debug ip packet” to stop showing the information.
no debug ip
packet
Parameter:
detail |
(Optional) output the protocol
information encapsulated with IP packets, like protocol number, UDP, TCP port
number, ICMP packet type and etc… |
ip-access-list-name |
(Optional) name of IP
access list used to filter output information. Only the information meets IP
packet of designated IP access list can be output. |
access-group |
(Optional) The name of IP
access list used to filter output information. Only IP packet information
meets designated IP access list will be output. |
interface |
(Optional) interface name
used to filter output information. Only IP packets information fits with
designated interface will be output. |
Command mode:
Supervisor
mode
Explanation:
This command can help to
realize the final destination of every IP packets received or produced local
and realize the reason of communication trouble.
Possible situations include:
Forwarded
Forwarded as broadcast
packet or multicast packet
Routing failure during
forwarding
Send redirect packet
Rejected as it has
source routing option
Rejected as it has
illegal IP options
Source route
It is required to be fragmented
when sending packets from local, but DF position is reset.
Receive packet
Receive IP fragment
Send packet
Send
broadcast/multicast
Routing failure for
packet generated local
Packets generated
local are fragmented
Received packets are
filtered
Sent packets are
filtered
Link layer
encapsulation failure (only for Ethernet)
Unknown protocol
Using this command may result in great traffic of output information. So
you’d better use it in the relatively leisure time of the router, or it will
seriously affect the system performance. What is more, you’d better use access
list to filter the output, so that the system shows only the packet information
that interest the user.
Command mode:
Supervisor
mode
Example:
router#debug
ip packet
router#IP: s=192.168.20.120
(Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1, len=60, redirected
IP: s=192.168.20.22
(local), d=192.168.20.120 (Ethernet1/0), g=192.168.20.120, len=56, sending
IP:
s=192.168.20.120 (Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1,
len=60, forward
IP:
s=192.168.20.81 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=56, rcvd
Domain |
Description |
IP |
Means that this information is about IP
packet. |
s=192.168.20.120 (Ethernet1/0) |
The source address of IP packet and the
interface name to receive the packet (if it is not the packet generated
local) |
d=19.0.0.9 (Ethernet1/0) |
Destination address of IP packet and interface
name of sent packet (if the routing is successful) |
g=192.168.20.1 |
Net hop destination address of IP packet, may
be gateway address, may be destination address. |
len |
Length of IP packet. |
redirected |
Means that the router will send ICMP redirect
packet to the source host of this packet. Other situations include: forward---Packets are
forwarded forward directed
broadcast---The packets are sent as directed broadcast, packets will be
transformed into physical broadcast on the sending interface. unroutable---Packet routing
failure and will be discarded. source route---Source route rejected source
route---System does not support source route currently, so it rejects the
packet with IP source route option. bad options---IP option error
and packets will be discarded. need frag but DF set---local
packets need to be fragmented, but DF is reset rcvd---Packets are received
local. rcvd fragment---Packet
fragment received sending---sending packets
generated local sending
broad/multicast---sending broadcast/multicast packets generated local. Sending fragment
------Sending IP packet sent local. denied by in acl---Denied by
receiving access list of the receiving interface. denied by out acl---Denied by
sending access list of the sending interface. unknown protocol--- unknown
protocol encapsulation
failed---protocol encapsulation error, only for Ethernet. It is shown when
the packets to be sent on Ethernet were discarded because of ARP resolution
error. |
The first information means,
the router receives an IP packet, its source address is 192.168.20.120, and is from
the session connected to interface Ethernet1/0, the destination address is
19.0.0.9, the sending interface defined by the routing table is Ethernet1/0,
gateway address is 192.168.20.1 and the length of the packet is 60 bytes. The
source hosts to discover gateway and to send IP packets are connected on the
same network, which is the network connected with interface Ethernet1/0 of the
router, so the router sends out ICMP redirect packet.
IP: s=192.168.20.120
(Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1, len=60, redirected
The second information,
describes the sending of ICMP redirect packet, the source address is local
address 192. 168. 20.22, the destination address is the above packets’ source
address 192.168.20.120, sent from interface Ethernet1/0, as it is directly
arriving at the destination, the gateway address is the destination address
192.168.20.120 and the length of ICMP redirect packet is 56 bytes.
IP: s=192.168.20.22 (local),
d=192.168.20.120 (Ethernet1/0), g=192.168.20.120, len=56, sending
The third information means,
the IP layer receives an IP packet and the source address of it is
192.168.20.120, the receiving interface is Ethernet1/0, the destination address
of the packet is 19.0.0.9, by searching the routing table, you find out that
you should forward this packet to interface Ethernet1/0, gateway is
192.168.20.77, the length packet is 60 bytes. This information shows that after
the system sends ICMP redirect packet, it forwards the packet shown by the
first information.
IP: s=192.168.20.120
(Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.77, len=60, forward
The fourth packet means, the IP
layer receives an IP packet, whose source address is 192.168.20.81, receiving interface
is Ethernet1/0, destination address is 192.168.20.22, it is an IP address
configured on interface Ethernet1/0 of the router and the length of the packet
is 56 bytes, received local.
IP: s=192.168.20.81
(Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=56, rcvd
We are going to introduce the output of command “debug
ip packet detail” in the following,
router#debug ip packet
detail
router#IP: s=192.168.12.8
(Ethernet1/0), d=255.255.255.255 (Ethernet1/0), len=328, rcvd, UDP: src=68,
dst=67
IP: s=192.168.20.26
(Ethernet1/0), d=224.0.0.5 (Ethernet1/0), len=68, rcvd, proto=89
IP: s=192.168.20.125
(Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=84, rcvd, ICMP: type=0, code
= 0
IP: s=192.168.20.22
(local), d=192.168.20.124 (Ethernet1/0), g=192.168.20.124, len=40, sending,
TCP: src=1024, dst=23, seq=75098622, ack=161000466, win=17520, ACK
Domain |
Description |
UDP |
Protocol name, such as UDP, ICMP, TCP and etc…
Other protocols are described in protocol number. |
type, code |
ICMP packet type and code |
src, dst |
Source interface and destination interface of
UDP and TCP packet. |
seq |
Serial of TCP packet. |
ack |
Acknowledgement number of TCP packet |
win |
Window value of TCP packet. |
ACK |
ACK of control bit of TCP packet is reset,
means that the confirmation serial is valid. Other control bits including
SYN, URG, FIN, PSH, RST. |
The
first information means, received UDP packet, the source port is 68, the
destination port is 67.
IP:
s=192.168.12.8 (Ethernet1/0), d=255.255.255.255 (Ethernet1/0), len=328, rcvd,
UDP: src=68, dst=67
The
second information means, protocol number received the packets is 89.
IP:
s=192.168.20.26 (Ethernet1/0), d=224.0.0.5 (Ethernet1/0), len=68, rcvd, proto=89
The
third information means, received ICMP packet, the packet type is 0, code is 0.
IP:
s=192.168.20.125 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=84, rcvd,
ICMP: type=0, code = 0
The
fourth information means, send TCP packet, the source port is 1024, destination
port is 23, serial number is 75098622, confirmation number is 161000466, size
of the receiving window is 17520, the ACK tag position is reset. For
information about the meaning of these domains, please refer to RFC 793—
TRANSMISSION CONTROL PROTOCOL.
IP:
s=192.168.20.22 (local), d=192.168.20.124 (Ethernet1/0), g=192.168.20.124,
len=40, sending, TCP: src=1024, dst=23, seq=75098622, ack=161000466, win=17520,
ACK
Now
we are going to introduce the usage of access control list. For example, if you
want to display the packet information with source address of 192.168.20.125,
first you should define standard access control list abc to only accept IP
packet with source address of 192.168.20.125. Then, use this access control
list in command “debug ip packet”.
Router#config
Router_config#ip
access-list standard abc
Router_config_std_nacl#permit
192.168.20.125
Router_config_std_nacl#exit
Router_config#exit
Router#debug ip
packet abc
Router#IP:
s=192.168.20.125 (Ethernet0/1), d=192.168.20.22 (Ethernet0/1), len=48, rcvd
Show
the interactive information of internet protocol (IP). Use “no debug ip raw”
to stop showing the information.
no debug ip raw
Parameter:
detail |
(Optional) output the protocol
information encapsulated by IP packet, such as protocol number, UDP, TCP port
number, ICMP packet type and etc… |
access-group |
(Optional) the IP access list name used to
filter output information. Only IP packet information meets designated IP
access list will be output. |
interface |
(Optional) the port number used to filter
output information. Only the information meets IP packet of the designated
port will be output. |
Command mode:
Supervisor mode
Explanation:
This command can help to realize the final destination of
every received or local generated IP packet, and to realize the reas
Possible situations include:
Forwarded
Forwarded as broadcast packet or multicast
packet
Routing failure while being forwarded
Send redirect packet
Rejected as it includes source routing
option
Rejected as it includes illegal IP options
Source router
Local sent packet needs to be fragmented,
but DF position is reset
Receive packet
Receive IP fragment
Send packet
Send broadcast/multicast
Routing failure of local generated packet
Local generated packets are fragmented
Received packets are filtered
Sent packets are filtered
Link layer encapsulation failure (only applies to Ethernet)
Unknown protocol
Use
this command may produce great number of output information, so you’d better
use it during the leisure time of the router, or it will seriously affect the
system function. In addition, you should use access list to filter output if
possible, and enable the system to display only the packet information that
interest the user.
The same as “debug ip packet
Relevant command:
Display
the interactive information of header compression. Use “no debug ip rtp”
to stop displaying the information.
debug ip rtp
{header-compression|packets |rtcp}
no debug ip rtp {header-compression|packets |rtcp}
Parameter:
Header-compress
|
RTP/UDP/IP
header compress event. |
packets
|
RTP/UDP/IP
header compress interactive data packet. |
rtcp
|
TCP/IP
header compress interactive data packet. |
Command mode:
Supervisor mode
Explanation:
This
command can help to realize the detailed process of header compress
interaction.
Use
this command may produce mass output information, so it is better to be used
during leisure time of the router, or it will seriously affect the system
performance.
Example:
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: new connection, conn 0,
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7078, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7079, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7080, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7081, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7082, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7083, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7084, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7085, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7086, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4024, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7087, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4025, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4026, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7088, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7089, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4027, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7090, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4028, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7091, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4029, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7092, Gen = 0
2002-1-9
21:36:42
21:32:05:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4030, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7093, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7094, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4032, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7095, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4033, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7096, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4034, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7097, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7098, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4036, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7099, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4037, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7100, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4038, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7101, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: tossing error packet
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7102, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4040, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7103, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4041, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7104, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4042, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7105, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7106, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4044, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7107, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4045, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7108, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4046, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7109, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7110, Gen = 0
2002-1-9
21:36:43
21:32:06:
RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4048, Gen = 0
no
deb all
1760#
Displays
the received and sent information of transmit control protocol (TCP). Use “no
debug ip tcp packet” to stop the display.
debug ip tcp packet
no debug ip tcp packet
Parameter:
none
Command mode:
Supervisor
mode
Example:
Router#debug ip tcp packet
Router#tcp: O ESTABLISHED 192.168.20.22:23 192.168.20.125:3828 seq
50659460
DATA 1 ACK 3130379810 PSH WIN 4380
tcp: I ESTABLISHED 192.168.20.22:23
192.168.20.125:3828 seq 3130379810
DATA 2 ACK 50659460 PSH WIN 16372
tcp: O ESTABLISHED 192.168.20.22:23
192.168.20.125:3828 seq 50659461
DATA 50 ACK 3130379812 PSH WIN 4380
tcp: O FIN_WAIT_1 192.168.20.22:23
192.168.20.125:3828 seq 50659511
ACK 3130379812 FIN WIN 4380
tcp: I FIN_WAIT_1 192.168.20.22:23
192.168.20.125:3828 seq 3130379812
ACK 50659511 WIN 16321
tcp: I FIN_WAIT_1 192.168.20.22:23
192.168.20.125:3828 seq 3130379812
ACK 50659512 WIN 16321
tcp: I FIN_WAIT_2 192.168.20.22:23
192.168.20.125:3828 seq 3130379812
ACK 50659512 FIN WIN 16321
tcp: O TIME_WAIT 192.168.20.22:23
192.168.20.125:3828 seq 50659512
ACK 3130379813 WIN 4380
tcp: I LISTEN 0.0.0.0:23 0.0.0.0:0 seq
3813109318
DATA 2 ACK 8057944 PSH WIN 17440
tcp: O LISTEN 0.0.0.0:23 0.0.0.0:0 seq
8057944
RST
Domain |
Description |
tcp:
|
Show
the information about TCP packet. |
O
|
Send
TCP packet. |
ESTABLISHED
|
Current
mode of TCP connection. For the description of TCP connection mode, please
refer to the explanation of command “debug ip tcp transactions”. |
192.168.20.22:23
|
The
source address of the packet is 192.168.20.22 and the source port is 23. |
192.168.20.125:3828
|
The
destination address of the packet is 192.168.20.125 and the destination port
is 3828. |
seq
50659460 |
Serial
number of the packet is 50659460. |
DATA
1 |
Effective
data bit number included in the packet is 1. |
ACK
3130379810 |
Acknowledgement
number of the packet is 3130379810. |
PSH
|
PSH
in the control bit of the packet is reset. Other control bit including ACK, FIN, SYN, URG, and RST. |
WIN
4380 |
The
window domain of the packet is functioned to inform the size of the receiving
cache of recipient’s receiving port. Currently it is 4380 bytes. |
I
|
Receive
TCP packet. |
If some
of above domains are not displayed, it means that this domain has no valid
value in this TCP packet.
Display the important interactive
information of convert control protocol (TCP), such as the change of TCP
connection mode. Use “no debug ip tcp transactions” to stop the display.
debug ip tcp transactions
no debug ip tcp transactions
Parameter:
none
Command mode:
Supervisor
mode
Example:
Router#debug ip tcp transactions
Router#TCP: rcvd connection attempt to port 23
TCP: TCB 0xE88AC8 created
TCP: state was LISTEN -> SYN_RCVD [23 ->
192.168.20.125:3828]
TCP: sending SYN, seq 50658312, ack 3130379657 [23 ->
192.168.20.125:3828]
TCP: state was SYN_RCVD -> ESTABLISHED [23 ->
192.168.20.125:3828]
TCP: connection closed by user, state was LISTEN [23 ->
0.0.0.0:0]
TCP: state was TIME_WAIT -> CLOSED [23 ->
192.168.20.125:3827]
TCP: TCB 0xE923C8 deleted
TCP: TCB 0xE7DBC8 created
TCP: connection to 192.168.20.124:513 from 192.168.20.22:1022,
state was CLOSED to SYN_SENT
TCP: sending SYN, seq 52188680, ack 0 [1022 ->
192.168.20.124:513]
TCP: state was SYN_SENT -> ESTABLISHED [1022 ->
192.168.20.124:513]
TCP: rcvd FIN, state was ESTABLISHED -> CLOSE_WAIT [1022 ->
192.168.20.124:513]
TCP: connection closed by user, state was CLOSE_WAIT [1022 ->
192.168.20.124:513]
TCP: sending FIN [1022 -> 192.168.20.124:513]
TCP: connection closed by user, state was LAST_ACK [1022 ->
192.168.20.124:513]
TCP: state was LAST_ACK -> CLOSED [1022 ->
192.168.20.124:513]
TCP: TCB 0xE7DBC8 deleted
Domain |
Description |
TCP: |
Showing the TCP interactive information. |
rcvd
connection attempt to port 23 |
Receive the connection attempt to port 23. (telnet port) |
TCB
0xE88AC8 created |
A new TCP connection control block, tagged “0xE88AC8”. |
state
was LISTEN -> SYN_RCVD |
Means that the state of TCP state machine is changed from listen to LISTEN to SYN_RCVD. Possible TCP states include: LISTEN---Wait for the TCP connection attempt from any remote host. SYN_SENT--- Sending connection attempt to initiate TCP connection negotiation, and waiting for the response from recipient. SYN_RCVD---It receives the connection request and sends acknowledgement, it also sends its own connection request and waits for the recipient’s acknowledgement of connection request. ESTABLISHED---Means that the connection is set up successfully, during the data sending period, it can receive the application of upstream. FIN_WAIT_1---It has already sent the request to finish the connection, and is waiting for the acknowledgement from the recipients and the recipient’s request to finish the connection. FIN_WAIT_2--- It has already sent the request to finish the connection and received the acknowledgement from the recipients and is waiting for the recipient’s request to finish the connection. CLOSE_WAIT---It has already sent the request to finish the connection and sent the acknowledgement and is waiting for the local user to close the connection, once the user wants to close the connection, the system will send request to finish the connection. CLOSING--- It has already sent the request to finish the connection, received the request to finish the connection from the recipient and sent the acknowledgement, and is waiting for the acknowledgement of the request from the recipient to finish the connection. LAST_ACK---It has received the request from the recipient to finish the connection and acknowledged, sent the request to finish the connection is waiting for the acknowledgement. TIME_WAIT---It is waiting enough time for the confirmation that the recipient has received the acknowledgement of local request to finish connection with it, and whether the packet about this connection converted in the network has arrived at the destination or been discarded. CLOSED---Means no connection or the connection has been completely closed. For detailed information, please refer to RFC793, TRANSMISSION CONTROL PROTOCOL. |
[23
-> 192.168.20.125:3828] |
In
the column: The first domain (23) means local TCP port The second domain (192.168.20.125)means remote IP
address. The third domain (3828) means remote TCP port. |
sending
SYN |
Send
a connection attempt packet (SYN reset in TCP header control bit). Other TCP
control bits include SYN, ACK, FIN, PSH, RST and URG. |
seq
50658312 |
The
serial number of sent packet is 50658312. |
ack
3130379657 |
The
acknowledge number of the sent packet is 3130379657. |
rcvd
FIN |
Receive
the request to finish the connection (FIN reset in TCP header control bit). |
connection
closed by user |
TCP
connection closed per the request of upstream application |
connection
timed out |
Connection
timed out and closed |
Relevant command:
Show
the interactive information of user data protocol (UDP). Use command “no
debug ip udp” to stop.
debug ip udp
no debug ip udp
Parameter:
none
Command mode:
Supervisor
mode
Example:
Router#debug ip udp
Router#UDP: rcvd src 192.168.20.99(520), dst 192.168.20.255(520),
len = 32
UDP: sent src 192.168.20.22(20001), dst 192.168.20.43(1001), len =
1008
Domain |
Description |
UDP: |
It
shows that this packet is related to UDP packet. |
rcvd |
Packets
received |
sent |
Packets
sent. |
src |
The
source IP address and UDP interface of UDP packets. |
dst |
The
target IP address and UDP interface of UDP packets. |
len |
The
length of UDP packets. |
So, the first packet means it receives a UDP packet from
host 192.168.20.99, on interface 520, the target address is 192.168.20.255, on
target interface 520, and the packet length is 32 bytes.
The second packet means it sends a UDP packet, the host
address is 192.168.20.22, on interface 20001, the target address is
192.168.20.43, on target interface 1001, and the packet length is 1008 bytes.
Demand the router to respond to IP address
mask request on the designated interface. If you want to turn this function
off, use command “no ip mask-reply”.
ip mask-reply
no ip mask-reply
default ip mask-reply
Parameter:
none
Default:
Do
not respond to the IP address mask request.
Command mode:
Interface configuration mode
Example:
interface ethernet 1/1
ip mask-reply
Configure
the length of Maximum convert Unit of IP packets sent from the interface via
command “ip mtu”. If you want to use the default value of MTU again, use
command “no ip mtu”.
ip mtu bytes
no ip mtu
Parameter:
bytes The maximum convert length of IP calculated by unit of
byte.
Default:
It is variable according to the different physical media of
the interface, and is the same as the maximum transfer unit on the interface.
The minimum is 68 bytes.
Command mode:
Interface configuration mode
Explanation:
If the IP packet length exceeds the IP MTU
set on the interface, the router would fragment the packets. For all the
devices connected on the same physical media, you should configure the same
protocolMTU before they can communicate. The MTU (configure by interface
configuration command “mtu”) value will affect the IP MTU value. If the
IP MTU value is the same as MTU value, when you change the MTU value, the IP
MTU value will be automatically changed into a new MTU value. But, the change
of IP MTU value will not affect the MTU value.
The minimum value of IP MTU is 68 bytes, the maximum value
will not exceed the MTU configured on the interface.
Example:
The
following command configures the IP MTU of the interface as 200:
interface serial1/0
ip mtu 200
Relevant command:
mtu
Send IP ICMP redirect packet. Use command
“no ip redirects” to stop sending ICMP redirect packet.
ip redirects
no ip redirects
Parameter:
none
Default:
Normally, IP redirect packet is
sent by default. But, if the user configures hot backup routingprotocol, this
function will be automatically closed. And, if the configuration of hot backup
routingprotocol is canceled then, this function will not be automatically
opened.
Command mode:
Interface configuration mode
Explanation:
When the router finds out that the
forwarding interface where gateway is located is the same as the receiving
interface while forwarding packets, and the host sending packets is connected
to the logical network of this interface, according to the protocol, it can
send a ICMP redirect packet to inform the host to directly set the router as
the gateway to the destination address of the packet without being forwarded by
this router.
If the interface is configured hot backup routerprotocol,
the sending of IP redirect packet may cause the loss of packets.
Example:
The following command opens the function of sending ICMP
redirect packet on interface Ethernet1/0:
interface ethernet 1/0
ip redirects
Configure whether to use route cache to forward IP packet
on the interface. Use command “no ip route-cache” to forbid using route
cache.
ip route-cache
no ip route-cache
ip route-cache same-interface
no ip route-cache same-interface
Parameter:
same-interface Permit IP packets to be quickly
exchanged out of the receiving interface.
Default:
Permit
quick exchange on the interface, forbid the quick exchange on the same interface.
Command mode:
Interface configuration mode
Explanation:
The route cache implement load distribution on forwarded
packet based on source address/destination address.
Permits route cache will enhance the packet forward
performance of the router. But on low speed line (64K or lower), normally we
should prohibit route cache
The user can use command “ip route-cache same-interface”
to permit the IP route cache on the same interface, which means, the receiving
interface is the same as the sending interface. Normally, we suggest that you
do not open this function, as it is conflicted with the redirect function of
the router. If the user has a not completely connected network, such as frame
relay, you can enable this function on the frame relay interface. For example,
routerA, B, C jointly construct a frame relay network, but there are only links
between A-B, B-C, the communication between A and C must be relayed by B:
A-B-C, B receives A’s packet from one DLCI of the interface, and then send it
to C by another DLCI from the same interface.
Example:
The following command permits the route cache on the same interface:
ip
route-cache same-interface
The following command forbids route cache, including the
route cache on the same interface:
no
ip route-cache
The following command only forbids the route cache on the
same interface:
no
ip route-cache same-interface
The following command enables the system to return to the
default configuration (permits route cache and forbids route cache on the same interface):
ip
route-cache
Relevant command:
Permit
the router to process IP packet with IP source route option. If you require the
router to discard any IP packet with IP source route option, use command “no
ip source-route”.
ip source-route
no ip source-route
Parameter:
none
Default:
Process
IP packet with IP source route option.
Command mode:
global
configuration mode
Example:
The following command demands processing the IP packet with
IP source route option.
ip source-route
Relevant command:
ping
Configure
the timeout the router waits for the successful TCP connection. If you want to
reset it to default time, use command “no ip tcp synlatency time”.
ip tcp synwait-time seconds
no ip tcp synwait-time
Parameter:
seconds: The TCP connection waiting time counted in the unit of
second. The effective value ranges from 5 to 300 seconds. 75 seconds by default.
Default:
75
seconds
Command mode:
global configuration mode
Explanation:
When the router initiates TCP connection, if the connection
is still not established successfully after latency time of TCP connection, the
router considers connection failure and returns this result to the upstream
application program. The user can configure the latency time for successful TCP
connection, 75 seconds by default. This option has no relation with TCP
connection packet forwarded by the router, but only relates to the TCP
connection of the router itself.
If you want to know the current value of it, use command
ip tcp synwait-time ?, the value in [] is the current value.
Example:
The
following example sets the latency time for TCP connection as 30 seconds:
Router_config#ip tcp synwait-time 30
Router_config#ip tcp synwait-time ?
<5-300>[30]
seconds -- wait
time
Configure
the window size of TCP. If you want it to return to the default value, use
command “no ip tcp window-size”.
ip tcp window-size bytes
no ip tcp window-size
Parameter:
bytes Window size illustrated in the unit of bit. 65535 bytes at
most. 2000 bytes by default.
Default:
2000
bytes
Command mode:
global configuration mode
Explanation:
Only
if you clearly know your reason to change the default value, you’d better not
change it hotheaded. If you want to know the current value, use command ip
tcp window-size ?, the value in [] is the current value.
Example:
The
following example configures the TCP window size as 6000 bytes:
Router_config#ip tcp window-size 6000
Router_config#ip tcp window-size ?
<1-65535>[6000] bytes -- Window size
Configure
the router to send ICMP unreachable packet. If you want the router to stop
sending, use command “no ip unreachables”.
ip unreachable
no ip unreachable
Parameter:
none
Default:
Send
ICMP unreachable packet.
Command mode:
Interface configuration mode
Explanation:
When the router is forwarding
IP packet, it may discover that there is no related routes in routing table,
which results in the discard of the packet. Meanwhile, the router can send ICMP
unreachable packet to the source host, inform the source host about this
situation, in order to let the source host timely discover the errors and make
corrections.
Example:
The
following example configures to send ICMP unreachable packet on interface
ethernet1/0:
interface ethernet 1/0
ip unreachables
Show
route cache used for IP
show ip cache [prefix mask]
[type number]
Parameter:
prefix mask:
(optional) only shows the entries of which the destination address of the entry
matches the designated prefix/mask the user keys in.
type number: (optional)
only shows the entries of which the sending interface of the entry matches the
designated interface type/number the user keys in.
rsvp: (optional) only shows the
entry related to RSVP, means that, this entry, RSVP is employed.
Command mode:
Supervisor mode
Example:
The
following example shows the route cache:
Router#show ip cache
Source
Destination
Interface Next Hop
192.168.20.125
2.0.0.124 Serial1/0
2.0.0.124
192.168.20.124
192.168.30.124
Serial1/0
2.0.0.124
2.0.0.124 192.168.20.125 Ethernet1/1 192.168.20.125
Domain |
Decription |
Source |
Source
address. |
Destination |
Destination
address. |
Interface |
Type
and number of the sending interface. |
Next
Hop |
Gateway
address. |
The following example shows the route cache of which the
destination address matches the designated prefix/mask:
Router#show ip cache 192.168.20.0 255.255.255.0
Source
Destination
Interface Next Hop
2.0.0.124 192.168.20.125 Ethernet0/1 192.168.20.125
The
following example shows the route cache of which the sending interface matches
the designated interface type/mask:
Router#show ip cache s1/0
Source
Destination
Interface Next Hop
192.168.20.125 2.0.0.124
Serial1/0 2.0.0.124
192.168.20.124
192.168.30.124
Serial1/0 2.0.0.124
Show
socket information.
Parameter:
none
Command mode:
Supervisor mode
Example:
xuhao_config_e1/0#
show ip irdp
Async0/0 ICMP router discovery protocol(IRDP) : OFF
Ethernet1/0 ICMP router discovery protocol(IRDP) : ON
Advertisements occur
between every 450 and 600 seconds
Advertisements are
sent as broadcasts
Advertisements valid
in 1800 seconds
Default preference :
0
Ethernet1/1 ICMP router discovery protocol(IRDP) : OFF
Null0 ICMP router discovery protocol(IRDP) : OFF
Loopback7 ICMP router discovery protocol(IRDP) : OFF
Loopback10 ICMP router discovery protocol(IRDP) : OFF
Show
socket information.
show ip sockets
Parameter:
none
Command mode:
Supervisor mode
Example:
Router#show ip sockets
Proto |
Local |
Port |
Remote |
Port |
In |
Out |
17 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
161 |
0 |
6 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
513 |
0 |
17 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
1698 |
0 |
17 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
69 |
0 |
6 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
23 |
0 |
17 |
0.0.0.0 |
0 |
0.0.0.0 |
0 |
137 |
122590 |
Domain |
Description |
Proto(protocol) |
IP
protocol number. 17 means UDP, 6 means TCP. |
Remote |
Remote
address. |
Port |
Remote
port. |
Local |
Local
address. |
Port |
Local
port. |
In |
Total
bytes received. |
Out |
Total
bytes sent. |
Show
IP traffic statistics.
show ip traffic
Parameter:
none
Command mode:
Supervisor mode
Example:
Router#show ip traffic
IP statistics:
Rcvd:
0 total, 0 local destination, 0 delivered
0 format errors, 0
checksum errors, 0 bad ttl count
0 bad destination address,
0 unknown protocol, 0 discarded
0 filtered , 0 bad
options, 0 with options
Opts: 0 loose source route, 0 record route, 0
strict source route
0 timestamp, 0
router alert, 0 others
Frags: 0 fragments,
0 reassembled, 0 dropped
0 fragmented, 0
fragments, 0 couldn't fragment
Bcast: 0 received, 0
sent
Mcast: 0 received, 0
sent
Sent: 230 generated, 0 forwarded
0 filtered, 0 no
route, 0 discarded
ICMP statistics:
Rcvd: 0 total, 0 format errors, 0 checksum errors
0 redirect, 0 unreachable, 0 source quench
0 echos, 0 echo replies, 0 mask requests, 0 mask replies
0 parameter problem, 0 timestamps, 0 timestamp replies
0 time exceeded, 0 router solicitations, 0 router advertisements
Sent: 0 total, 0 errors
0 redirects, 0 unreachable, 0 source quench
0 echos, 0 echo replies, 0 mask requests, 0 mask replies
0 parameter problem, 0 timestamps, 0 timestamp replies
0 time exceeded, 0 router solicitations, 0 router advertisements
UDP statistics:
Rcvd: 28 total, 0 checksum errors, 22 no port, 0 full sock
Sent: 0 total
TCP statistics:
Rcvd: 0 total, 0 checksum errors, 0 no port
Sent: 3 total
IGMP statistics:
Rcvd: 0 total, 0 format errors, 0 checksum errors
0 host queries, 0 host reports
Sent: 0 host reports
ARP statistics:
Rcvd: 8 total, 7 requests, 1 replies, 0 reverse, 0 other
Sent: 5 total, 5 requests, 0 replies (0 proxy), 0 reverse
Description |
|
format
errors |
Packet
format error, such as IP header length error. |
bad
hop count |
When
the router is forwarding packets, if it finds that the TTL value is reduced
to 0, the packets will be discarded. |
no
route |
The
router has no packet from corresponding route. |
show tcp
Shows
the state information of all TCP connections.
show tcp
Parameter:
none
Command mode:
Supervisor mode
Example:
Router#show tcp
TCB 0xE9ADC8
Connection state is ESTABLISHED, unread input bytes: 934
Local host: 192.168.20.22, Local port: 1023
Foreign host: 192.168.20.124, Foreign port: 513
Enqueued bytes for transmit: 0, input:
934 mis-ordered: 0 (0 packets)
Timer Starts Wakeup
Next(ms)
Retrans
33 1
0
TimeWait 0 0
0
SendWnd 0 0
0
KeepAlive 102 0
7199500
iss:
29139463 snduna: 29139525 sndnxt:
29139525
sndwnd:
17520
irs: 709124039
rcvnxt: 709205436
rcvwnd:
4380
SRTT: 15 ms, RXT: 2500 ms, RTV: 687 ms
minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms
Datagrams (max data segment is 1460 bytes):
Rcvd: 102 (out of order: 0), with data:
92, total data bytes: 81396
Sent: 104 (retransmit: 0), with data: 31, total data bytes:
61
Domain |
Description |
TCB
0xE77FC8 |
Inside
identification of TCP connection control block. |
Connection
state is ESTABLISHED |
Current connection state. TCP connection may be in any
states of the following: LISTEN---wait for the TCP connection attempt from any
remote hosts. SYN_SENT---After sending connection request, waiting for
the response from the recipient. SYN_RCVD---It receives the connection request and sends
acknowledgement, it also sends its own connection request and waits for the
recipient’s acknowledgement of connection request. ESTABLISHED---Means that the connection is set up
successfully, during the data sending period, it can receive the application
of upstream. FIN_WAIT_1---It has already sent the request to finish
the connection, and is waiting for the acknowledgement from the recipients
and the recipient’s request to finish the connection. FIN_WAIT_2--- It has already sent the request to finish
the connection and received the acknowledgement from the recipients and is
waiting for the recipient’s request to finish the connection. CLOSE_WAIT---It has already sent the request to finish
the connection and sent the acknowledgement and is waiting for the local user
to close the connection, once the user wants to close the connection, the
system will send request to finish the connection. CLOSING--- It has already sent the request to finish the
connection, received the request to finish the connection from the recipient
and sent the acknowledgement, and is waiting for the acknowledgement of the
request from the recipient to finish the connection. LAST_ACK---It has received the request from the recipient
to finish the connection and acknowledged, sent the request to finish the
connection is waiting for the acknowledgement. TIME_WAIT---It waits enough time for the confirmation
that the recipient has received the acknowledgement of local request to
finish connection with it. CLOSED---Means no connection or the connection has been
completely closed. For detailed information, please refer to RFC793,
TRANSMISSION CONTROL PROTOCOL. |
unread input bytes: |
The data can be submitted for upstream application after the TCP
procession yet has not been received by upstream application. |
Local host: |
Local IP address. |
Local port: |
Local TCP port. |
Foreign host: |
Remote IP address. |
Foreign port: |
Remote TCP port. |
Enqueued bytes for transmit: |
Enqueued bytes for transmission include the data sent yet not
acknowledged and unsent data. |
input: |
Enqueued bytes for receiving: these data are waiting to be
accepted for upstream application after sorting. |
mis-ordered: |
The bytes and packets in the mis-ordered queue, these data can
only be accepted by upstream application in the receiving queue in order
after other data are received. For example, if it receives packet 1,2,4,5,6,
packet 1 and 2 can enter the receiving queue, but 4,5 and 6 can only enter
mis-ordered queue to wait for the arrival of packet 3. |
Then it shows the situation of currently connected timer,
includes the start times of the timer, timeouts of the timer and the interval
from the next timeout of the timer (0 means the timer is not running
currently). Each connection uses independent timer. The number of timeouts of
timer is normally less than the starts of the timer, because the timer may be
reset during the process of running. For example, if the system receives the
acknowledgement of all sent data from the recipient while the retransmit timer
is running, the retransmit timer will stop running.
Timer Starts Wakeups
Next(ms)
Retrans
33 1
0
TimeWait 0 0
0
SendWnd 0 0
0
KeepAlive 102 0
7199500
Domain |
Description |
Timer |
Name of the timer. |
Starts |
Starts of the timer. |
Wakeups |
Timeouts of the timer. |
Next(ms) |
Interval from the next timeout of the timer (ms as the unit), o
means the timer is not running. |
Retrans |
Retransmit timer, used to initiate data retransmission. The timer
is started after sending the data, if the data is not acknowledged within the
timeout, the timer will retransmit the data. |
TimeWait |
Time wait
timer, used to guarantee the recipient’s receiving of acknowledgement of
connection stop request. |
SendWnd |
Send window timer, used to guarantee that the send window is reset
to the normal size in the situation when TCP acknowledges loss. |
KeepAlive |
Keep alive timer, used to guarantee the normal operation of
communication link and the recipient’s still state of connection. It will
ignite the sending of test packet in order to check the communication link
state and the recipient’s state. |
Then
shows the serial used by TCP connection. TCP uses serial to guarantee the
reliable and ordered data convert. Local and remote hosts also perform traffic control
and sending acknowledgement according to serial number.
iss: 29139463 snduna: 29139525
sndnxt: 29139525 sndwnd: 17520
irs: 709124039
rcvnxt: 709205436
rcvwnd:
4380
Domain |
Description |
iss: |
Initial
sending serial |
snduna: |
Sending
serial of the first bit of the data sent yet have not received the
acknowledgement from the recipient. |
sndnxt: |
The
send serial of the first bit of the data sent thereafter. |
sndwnd: |
TCP
window size of remote host. |
irs: |
Initial
receiving serial, which is also the initial sending serial of the remote host |
rcvnxt: |
Receiving
serial recently acknowledged. |
rcvwnd: |
TCP
window size of the local host. |
The it shows the sending time recorded by local host, the
system can adjust the system to adapt to various network according to these
data.
SRTT: 15 ms, RXT: 2500 ms, RTV: 687 ms
minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms
Domain |
Description |
SRTT: |
Trip
time after smooth treatment |
RXT: |
Retransmission
timeout |
RTV: |
Variation
of trip time. |
MinRXT: |
Minimum
retransmit timeout permitted. |
MaxRXT: |
Maximum
retransmit timeout permitted. |
ACK
hold: |
Maximum
latency of the delay of acknowledgement in order to be sent with the data. |
Datagrams (max data segment is 1460 bytes):
Rcvd: 102 (out of order: 0), with data: 92, total data bytes:
81396
Sent: 104 (retransmit: 0), with data: 31, total data bytes: 61
Domain |
Description |
max
data segment is |
Maximum
data segment permitted for this connection. |
Rcvd: |
Packets
received in this connection process by local host, and packets dis-ordered
among them. |
with
data: |
Packets
with valid data. |
total
data bytes: |
Total
data bytes included in the packets. |
Sent: |
Total
packets sent during the connection process of local host, and the packets
resent. |
with
data: |
Packets
include valid data. |
total
data bytes: |
Data
bytes included in the packets. |
Relevant command:
Show
brief information of TCP connection.
show tcp brief [all]
Parameter:
all (optional) show all ports. If you do not input this key word,
the system will not show the port in the state of “LISTEN”.
Command mode:
Supervisor mode
Example:
Router#show tcp brief
TCB Local Address
Foreign Address State
0xE9ADC8
192.168.20.22:1023
192.168.20.124:513
ESTABLISHED
0xEA34C8
192.168.20.22:23 192.168.20.125:1472 ESTABLISHED
Domain |
Description |
TCB |
Inside
tag of TCP connection. |
Local
Address |
Local
IP address and TCP port. |
Foreign
Address |
Remote
IP address and TCP port. |
State |
Connection
mode. For detailed information please refer to command “show tcp”. |
Relevant command:
show
tcp statistics
show tcp statistics
Parameter:
none
Command mode:
Supervisor mode
Example:
Router#show tcp statistics
Rcvd: 148 Total, 0 no port
0 checksum error, 0 bad offset, 0 too short
131 packets (6974 bytes) in sequence
0 dup packets (0 bytes)
0 partially dup packets (0 bytes)
0 out-of-order packets (0 bytes)
0 packets (0 bytes) with data after window
0 packets after close
0 window probe packets, 0 window update
packets
0 dup ack packets, 0 ack packets with unsend
data
127 ack packets (247 bytes)
Sent: 239 Total, 0 urgent packets
6 control packets
123 data packets (245 bytes)
0 data packets (0 bytes) retransmitted
110 ack only packets (101 delayed)
0 window probe packets, 0 window update
packets
4 Connections initiated, 0 connections
accepted, 2 connections established
3 Connections closed (including 0 dropped, 1
embryonic dropped)
5 Total rxmt timeout, 0 connections dropped
in rxmt timeout
1 Keepalive timeout, 0 keepalive probe, 1
Connections dropped in keepalive
Domain |
Description |
Rcvd: |
The
statistics of the packets the router received. |
Total |
Total
packets received. |
no
port |
The
number of the received packets with non-existent ports. |
checksum
error |
The
number of the checked and wrong packets received. |
bad
offset |
The
number of the received packets with bad offset traffic. |
too
short |
The
number of the received packets with less than the minimum effective length. |
packets
in sequence |
The
number of data packets received in sequence. |
dup
packets |
The
number of duplicated packets received. |
partially
dup packets |
The
number of partly duplicated packets received. |
out-of-order
packets |
The
number of out-of-order packets received. |
packets
with data after window |
The
number of packets received with data out of the receiving window of the
router. |
packets
after close |
The
number of packets received after the connection closes. |
window
probe packets |
The
number of window probe packets received. |
window
update packets |
The
number of window update packets received. |
dup
ack packets |
The
number of duplicately acknowledged packets received. |
ack
packets with unsent data |
The
number of acknowledged packets received with unsent data. |
ack
packets |
The
number of acknowledged packets received. |
Sent |
The
statistics about the packets sent by the router. |
Total |
The
number of total sent packets. |
urgent
packets |
The
number of urgent packets sent. |
control
packets |
The
number of control(SYN、FIN or RST) packets sent. |
data
packets |
The
number of data packets sent. |
data
packets retransmitted |
The
number of retransmitted data packets. |
ack
only packets |
The
number of acknowledged only packets sent. |
window
probe packets |
The
number of window probe packets sent. |
window
update packets |
The
number of window update packets sent. |
Connections
initiated |
The
number of connections initiated locally. |
connections
accepted |
The
number of connections accepted locally. |
connections
established |
The
number of connections established locally. |
Connections
closed |
The
number of local connections closed. |
Total
rxmt timeout |
Total
number of resent time-outs. |
Connections
dropped in rxmit timeout |
Total
number of connections dropped resulted from resent time-outs |
Keepalive
timeout |
The
number of keepalive time-outs. |
keepalive
probe |
The
number of Keepalive probe packets sent. |
Connections
dropped in keepalive |
The
number of connections dropped because of keepalive. |
Relevant command:
Display
the mode information of certain TCP connection.
show tcp tcb address
Parameter:
address |
The
convert control block (TCB) address connected with TCP to be shown. TCB is
the inside TCP connection tag of the system, which can be obtained via
command “show tcp brief”. |
Command mode:
Supervisor mode
Example:
For
detailed explanation of the following displayed, please refer to command “show
tcp”
Router_config#show tcp tcb 0xea38c8
TCB 0xEA38C8
Connection state is ESTABLISHED, unread input bytes: 0
Local host: 192.168.20.22, Local port: 23
Foreign host: 192.168.20.125, Foreign port: 1583
Enqueued bytes for transmit: 0, input: 0 mis-ordered: 0 (0 packets)
Timer Starts Wakeups
Next(ms)
Retrans
4 0 0
TimeWait 0 0
0
SendWnd 0 0
0
KeepAlive +5 0
6633000
iss: 10431492 snduna: 10431573
sndnxt: 10431573 sndwnd: 17440
irs: 915717885
rcvnxt: 915717889
rcvwnd:
4380
SRTT: 2812 ms, RXT: 18500 ms, RTV: 4000 ms
minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms
Datagrams (max data segment is 1460 bytes):
Rcvd: 5 (out of order: 0), with data: 1, total data bytes: 3
Sent: 4 (retransmit: 0), with data: 3, total data bytes: 80
Relevant command: