IP service command directory

clear tcp

clear tcp statistics

debug arp

debug ip icmp

debug ip packet

debug ip raw

debug ip rtp

debug ip tcp packet

debug ip tcp transactions

debug ip udp

ip mask-reply

ip mtu

ip redirects

ip route-cache

ip source-route

ip tcp synwait-time

ip tcp window-size

ip unreachables

show ip cache

show ip irdp

show ip sockets

show ip traffic

show tcp

show tcp brief

show tcp statistics  

show tcp tcb

 

Use the following commands to configure various IP services. For more configuration information about IP services, please refer to the chapter “configure IP services”.

clear tcp

Clear a TCP connection.

clear tcp {local host-name port remote host-name port | tcb address}

 

Parameter:

local host-name port

IP address of the local host and TCP port.

remote host-name port

IP address of the remote host and TCP port.

tcb address

The convert control block(TCB) of TCP connection to be deleted. TCB is the identifier of TCP connection which can be obtained by command “show tcp brief”.

 

Command mode:

Supervisor mode

 

Explanation:

Command “clear tcp” is mainly used to clear the closed TCP connection. In some cases, such as communication line problem, TCP connection or restart of the dealing host, TCP connection is actually stopped, but as there is no communication on TCP connection, the system cannot timely discover this situation, here you can use command “clear TCP” to close the invalid TCP connection. Among them, command clear tcp local host-name port remote host-name port is used to stop the TCP connection between designated IP address/port of local host and remote host. Command clear tcp tcb address is used to stop the TCP connection tagged by the designated TCB address.

 

Example:

The following example clears the TCP connection between 192.168.20.22:23local)和192.168.20.120:4420remote. Command “show tcp brief” shows the local and remote host information of current TCP connection.

Router#show tcp brief

TCB         Local Address         Foreign Address      State

0xE85AC8    192.168.20.22:23      192.168.20.120:4420   ESTABLISHED

0xEA38C8    192.168.20.22:23      192.168.20.125:1583   ESTABLISHED

Router#clear tcp local 192.168.20.22 23 remote 192.168.20.120 4420

Router#show tcp brief

TCB         Local Address         Foreign Address      State

0xEA38C8    192.168.20.22:23      192.168.20.125:1583   ESTABLISHED

 

The following example clears the TCP connection with TCB address 0xea38c8. Command “show tcp brief” shows the TCB address of TCP connection.

Router#show tcp brief

TCB         Local Address         Foreign Address      State

0xEA38C8    192.168.20.22:23      192.168.20.125:1583   ESTABLISHED

Router#clear tcp tcb 0xea38c8

Router#show tcp brief

TCB         Local Address         Foreign Address      State

 

Relevant command

show tcp

show tcp brief

show tcp tcb

clear tcp statistics

clear tcp statistics

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Use the following command to clear TCP statistics:

Router#clear tcp statistics

 

Relevant command

show tcp statistics

debug arp

Show ARP interactive information, such as sending ARP request, receiving ARP response, receiving ARP request, sending ARP response and etc… When the router cannot communicate with the host, the command can be used to analyse the ARP interactive information. Use “no debug arp” to stop showing the information.

 

debug arp

no debug arp

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Router#debug arp

Router#IP ARP: rcvd req src 192.168.20.116 00:90:27:a7:a9:c2, dst 192.168.20.111, Ethernet1/0

IP ARP: req filtered src 192.168.20.139 00:90:27:d5:a9:1f, dst 192.168.20.82 00:

00:00:00:00:00, wrong cable, Ethernet1/1

IP ARP: created an incomplete entry for IP address 192.168.20.77, Ethernet1/0

IP ARP: sent req src 192.168.20.22 08:00:3e:33:33:8a, dst 192.168.20.77, Ethernet1/0

IP ARP: rcvd reply src 192.168.20.77 00:30:80:d5:37:e0, dst 192.168.20.22, Ethernet1/0

 

The first information indicates: the router receives an ARP request on interface Ethernet1/0, IP address of the host sending the request is 192.168.20.116, the MAC address is 00:90:27:a7:a9:c2, it requests the MAC address of host with IP address 192.168.20.111:

    IP ARP: rcvd req src 192.168.20.116 00:90:27:a7:a9:c2, dst 192.168.20.111, Ethernet1/0

The second information means: the router receives an ARP address request from 192.168.20.139 on interface Ethernet 1/1. But, according to the interface configuration of the router, this interface is not on the network on which the host claims to be. So, there might be an error in configuration of the host. If the router sets up ARP cache according to this information, it may be unable to communication with certain host configured at the same address on the normal interface.

    IP ARP: req filtered src 192.168.20.139 00:90:27:d5:a9:1f, dst 192.168.20.82 00:

    00:00:00:00:00, wrong cable, Ethernet1/1

The third information means, the router wants to resolute the MAC address of host 192.168.20.77, so it creates an incomplete ARP entry for the host, and then fills in MAC address while receiving ARP response. According to the configuration of the router, this host connects on the interface Ethernet 1/0.

    IP ARP: created an incomplete entry for IP address 192.168.20.77, Ethernet1/0

The fourth information means: the router sends ARP request on interface Ethernet1/0, IP address of the router is 192.168.20.22, MAC address of the interface is 08:00:3e:33:33:8a, the IP address of the requested host is 192.168.20.77. This information is related to the third information.

    IP ARP: sent req src 192.168.20.22 08:00:3e:33:33:8a, dst 192.168.20.77, Ethernet1/0

The fifth information means, the router receives ARP response from 192.168.20.77 to router interface 192.168.20.22 on interface Ethernet1/0, which tells that its MAC address is 00:30:80:d5:37:e0. This information is related to the third and fourth information.

    IP ARP: rcvd reply src 192.168.20.77 00:30:80:d5:37:e0, dst 192.168.20.22, Ethernet1/0

debug ip icmp

Show the interactive information of  Internet Control Message Protocol  (ICMP). Use command “no debug ip icmp” to disable debug output.

debug ip icmp

no debug ip icmp

 

Parameter:

none

Command mode:

Supervisor mode

 

Explanation:

This command can show the ICMP packet the system received and sent, in order to solve the connection problem between port to port of the network. If you want to know the detailed information about command output “debug ip icmp”, please refer to RFC 792, Internet Control Message Protoco”.

 

Example:

Router#debug ip icmp

Router#ICMP: sent pointer indicating to 192.168.20.124 (dst was 192.168.20.22), len 48

ICMP: rcvd echo from 192.168.20.125, len 40

ICMP: sent echo reply, src 192.168.20.22, dst 192.168.20.125, len 40

ICMP: sent dst (202.96.209.133) host unreachable to 192.168.20.124, len 36

ICMP: sent dst (192.168.20.22) protocol unreachable to 192.168.20.124, len 36

ICMP: rcvd host redirect from 192.168.20.77, for dst 22.0.0.3 use gw 192.168.20.26, len 36

ICMP: rcvd dst (22.0.0.3) host unreachable from 192.168.20.26, len 36

ICMP: sent host redirect to 192.168.20.124, for dst 22.0.0.5 use gw 192.168.20.77, len 36

ICMP: rcvd dst (2.2.2.2) host unreachable from 192.168.20.26, len 36

 

The explanation of the first information is as follows:

ICMP: sent pointer indicating to 192.168.20.124 (dst was 192.168.20.22), len 48

Domain

Description

ICMP:

Shows the information of Internet Control Message Protocol  (ICMP) packet.

Sent

Sending ICMP packet.

pointer indicating

ICMP packet type, this ICMP packet means that original IP packet parameter error, and also indicates the error domain. Other types of ICMP packets include:

echo reply          

dst unreachableinclude

---net unreachable

---host unreachable

---protocol unreachable

---port unreachable

---fragmentation needed and DF set

---source route failed

---net unacknowledged

---destination host unacknowledged

---source host isolated

---net prohibited

---host prohibited

---net tos unreachable

---host tos unreachable

source quench

redirect,includes

---net redirect

---host redirect

---net tos redirect

---host tos redirect

echo

router advertisement

router solicitation

time exceeded, includes:

---ttl exceeded

---reassembly timeout

parameter problemincludes:

---pointer indicating

---option missed

---bad length

timestamp

timestamp reply

information request

information reply

mask request

mask reply

 If it is the ICMP type unacknowledged by the system, the system will show the ICMP type and code value.

to 192.168.20.124

The destination address of ICMP packet is 192.168.20.124, and also the source address of the original packet which initiates ICMP packet.

(dst was 192.168.20.22)

The destination address of the original packet initiates ICMP packet is 192.168.20.22.

len 48

The length of ICMP packet is 48 bytes, not including the length of IP header.

 

The explanation of the second information is as follows:

    ICMP: rcvd echo from 192.168.20.125, len 40

Domain

Description

rcvd

Received ICMP packet.

echo

ICMP packet type, for echo request packet.

from 192.168.20.125

The source address of ICMP packet is 192.168.20.125.

 

The explanation of the third information is as follows:

    ICMP: sent echo reply, src 192.168.20.22, dst 192.168.20.125, len 40

Domain

Command

src 192.168.20.22

Source address of ICMP packet is 192.168.20.22.

dst 192.168.20.125

Destination address of ICMP packet is 192.168.20.125.

 

According to the different types of ICMP packets, the generated ICMP packet information use different formats in the convenience of showing the packet content.

For example, for ICMP redirect packet, you can use the following format to print:

ICMP: rcvd host redirect from 192.168.20.77, for dst 22.0.0.3 use gw 192.168.20.26, len 36

ICMP: sent host redirect to 192.168.20.124, for dst 22.0.0.5 use gw 192.168.20.77, len 36

The first information means, it receives the redirect packet of ICMP host from host 192.168.20.77, suggests that you can use gateway 192.168.20.26 to reach the destination host 22.0.0.3, the length of ICMP packet is 36 bytes.

The second information means, it sends the redirect packet of ICMP host to 192.168.20.124, informs it to use 192.168.20.77 to reach host 22.0.0.5, the length of ICMP packet is 36 bytes.

For destination unreachable packet of ICMP, use the following formats to print:

ICMP: sent dst (202.96.209.133) host unreachable to 192.168.20.124, len 36

ICMP: rcvd dst (2.2.2.2) host unreachable from 192.168.20.26, len 36

The first information means, the router can not route a certain IP packet, so it sends destination host 202.96.209.133unreachable packet of ICMP to the source host 192.168.20.124 of the packet, the length of ICMP packet is 36 bytes.

The second information means, the router receives an ICMP packet from host 192.168.20.26, informs that the destination host (2.2.2.2) is unreachable, and the length of ICMP packet is 36 bytes.

 

debug ip packet

Show the interactive information of internet protocol (IP). Use “no debug ip packet” to stop showing the information.

debug ip packet [detail] [ip-access-list-name]

no debug ip packet

 

Parameter:

detail

(Optional) output the protocol information encapsulated with IP packets, like protocol number, UDP, TCP port number, ICMP packet type and etc…

ip-access-list-name

(Optional) name of IP access list used to filter output information. Only the information meets IP packet of designated IP access list can be output.

access-group

(Optional) The name of IP access list used to filter output information. Only IP packet information meets designated IP access list will be output.

interface

(Optional) interface name used to filter output information. Only IP packets information fits with designated interface will be output.

Command mode:

Supervisor mode

 

Explanation:

This command can help to realize the final destination of every IP packets received or produced local and realize the reason of communication trouble.

Possible situations include:

Forwarded         

Forwarded as broadcast packet or multicast packet

Routing failure during forwarding

Send redirect packet       

Rejected as it has source routing option

Rejected as it has illegal IP options

Source route

It is required to be fragmented when sending packets from local, but DF position is reset.

Receive packet

Receive IP fragment

Send packet

Send broadcast/multicast

Routing failure for packet generated local

Packets generated local are fragmented

Received packets are filtered

Sent packets are filtered

Link layer encapsulation failure (only for Ethernet)

Unknown protocol

Using this command may result in great traffic of output information. So you’d better use it in the relatively leisure time of the router, or it will seriously affect the system performance. What is more, you’d better use access list to filter the output, so that the system shows only the packet information that interest the user.

Command mode:

Supervisor mode

 

Example:

router#debug ip packet

router#IP: s=192.168.20.120 (Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1, len=60, redirected

IP: s=192.168.20.22 (local), d=192.168.20.120 (Ethernet1/0), g=192.168.20.120, len=56, sending

IP: s=192.168.20.120 (Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1, len=60, forward

IP: s=192.168.20.81 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=56, rcvd

Domain

Description

IP

Means that this information is about IP packet.

s=192.168.20.120 (Ethernet1/0)

The source address of IP packet and the interface name to receive the packet (if it is not the packet generated local)

d=19.0.0.9 (Ethernet1/0)

Destination address of IP packet and interface name of sent packet (if the routing is successful)

g=192.168.20.1

Net hop destination address of IP packet, may be gateway address, may be destination address.

len

Length of IP packet.

redirected

Means that the router will send ICMP redirect packet to the source host of this packet. Other situations include:

forward---Packets are forwarded

forward directed broadcast---The packets are sent as directed broadcast, packets will be transformed into physical broadcast on the sending interface.

unroutable---Packet routing failure and will be discarded.

source route---Source route

rejected source route---System does not support source route currently, so it rejects the packet with IP source route option.

bad options---IP option error and packets will be discarded.

need frag but DF set---local packets need to be fragmented, but DF is reset

rcvd---Packets are received local.

rcvd fragment---Packet fragment received

sending---sending packets generated local

sending broad/multicast---sending broadcast/multicast packets generated local.

Sending fragment ------Sending IP packet sent local.

denied by in acl---Denied by receiving access list of the receiving interface.

denied by out acl---Denied by sending access list of the sending interface.

unknown protocol--- unknown protocol

encapsulation failed---protocol encapsulation error, only for Ethernet. It is shown when the packets to be sent on Ethernet were discarded because of ARP resolution error.

          

The first information means, the router receives an IP packet, its source address is 192.168.20.120, and is from the session connected to interface Ethernet1/0, the destination address is 19.0.0.9, the sending interface defined by the routing table is Ethernet1/0, gateway address is 192.168.20.1 and the length of the packet is 60 bytes. The source hosts to discover gateway and to send IP packets are connected on the same network, which is the network connected with interface Ethernet1/0 of the router, so the router sends out ICMP redirect packet.

IP: s=192.168.20.120 (Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.1, len=60, redirected

 

The second information, describes the sending of ICMP redirect packet, the source address is local address 192. 168. 20.22, the destination address is the above packets’ source address 192.168.20.120, sent from interface Ethernet1/0, as it is directly arriving at the destination, the gateway address is the destination address 192.168.20.120 and the length of ICMP redirect packet is 56 bytes.

IP: s=192.168.20.22 (local), d=192.168.20.120 (Ethernet1/0), g=192.168.20.120, len=56, sending

The third information means, the IP layer receives an IP packet and the source address of it is 192.168.20.120, the receiving interface is Ethernet1/0, the destination address of the packet is 19.0.0.9, by searching the routing table, you find out that you should forward this packet to interface Ethernet1/0, gateway is 192.168.20.77, the length packet is 60 bytes. This information shows that after the system sends ICMP redirect packet, it forwards the packet shown by the first information.

IP: s=192.168.20.120 (Ethernet1/0), d=19.0.0.9 (Ethernet1/0), g=192.168.20.77, len=60, forward 

The fourth packet means, the IP layer receives an IP packet, whose source address is 192.168.20.81, receiving interface is Ethernet1/0, destination address is 192.168.20.22, it is an IP address configured on interface Ethernet1/0 of the router and the length of the packet is 56 bytes, received local.

IP: s=192.168.20.81 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=56, rcvd

We are going to introduce the output of command “debug ip packet detail” in the following,

router#debug ip packet detail

router#IP: s=192.168.12.8 (Ethernet1/0), d=255.255.255.255 (Ethernet1/0), len=328, rcvd, UDP: src=68, dst=67

IP: s=192.168.20.26 (Ethernet1/0), d=224.0.0.5 (Ethernet1/0), len=68, rcvd,    proto=89

IP: s=192.168.20.125 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=84, rcvd, ICMP: type=0, code = 0

IP: s=192.168.20.22 (local), d=192.168.20.124 (Ethernet1/0), g=192.168.20.124, len=40, sending, TCP: src=1024, dst=23, seq=75098622, ack=161000466, win=17520, ACK

Domain

Description

UDP

Protocol name, such as UDP, ICMP, TCP and etc… Other protocols are described in protocol number.

type, code

ICMP packet type and code

src, dst

Source interface and destination interface of UDP and TCP packet.

seq

Serial of TCP packet.

ack

Acknowledgement number of TCP packet

win

Window value of TCP packet.

ACK

ACK of control bit of TCP packet is reset, means that the confirmation serial is valid. Other control bits including SYN, URG, FIN, PSH, RST.

The first information means, received UDP packet, the source port is 68, the destination port is 67.

IP: s=192.168.12.8 (Ethernet1/0), d=255.255.255.255 (Ethernet1/0), len=328, rcvd, UDP: src=68, dst=67                      

The second information means, protocol number received the packets is 89.

IP: s=192.168.20.26 (Ethernet1/0), d=224.0.0.5 (Ethernet1/0), len=68, rcvd,    proto=89

The third information means, received ICMP packet, the packet type is 0, code is 0.

IP: s=192.168.20.125 (Ethernet1/0), d=192.168.20.22 (Ethernet1/0), len=84, rcvd, ICMP: type=0, code = 0

The fourth information means, send TCP packet, the source port is 1024, destination port is 23, serial number is 75098622, confirmation number is 161000466, size of the receiving window is 17520, the ACK tag position is reset. For information about the meaning of these domains, please refer to RFC 793— TRANSMISSION CONTROL PROTOCOL.

IP: s=192.168.20.22 (local), d=192.168.20.124 (Ethernet1/0), g=192.168.20.124, len=40, sending, TCP: src=1024, dst=23, seq=75098622, ack=161000466, win=17520, ACK

Now we are going to introduce the usage of access control list. For example, if you want to display the packet information with source address of 192.168.20.125, first you should define standard access control list abc to only accept IP packet with source address of 192.168.20.125. Then, use this access control list in command “debug ip packet”.

Router#config

Router_config#ip access-list standard abc

Router_config_std_nacl#permit 192.168.20.125

Router_config_std_nacl#exit

Router_config#exit

Router#debug ip packet abc

Router#IP: s=192.168.20.125 (Ethernet0/1), d=192.168.20.22 (Ethernet0/1), len=48, rcvd

The above command uses the standard control access list, and it can also use extended access control list.

Relevant command

debug ip tcp packet

 

debug ip raw 

Show the interactive information of internet protocol (IP). Use “no debug ip raw” to stop showing the information.

debug ip raw [detail] [access-list-group] [interface]

no debug ip raw

 

Parameter:

detail

 (Optional) output the protocol information encapsulated by IP packet, such as protocol number, UDP, TCP port number, ICMP packet type and etc…

access-group

(Optional) the IP access list name used to filter output information. Only IP packet information meets designated IP access list will be output.

interface

(Optional) the port number used to filter output information. Only the information meets IP packet of the designated port will be output.

 

Command mode:

Supervisor mode

 

Explanation:

This command can help to realize the final destination of every received or local generated IP packet, and to realize the reas

Possible situations include:

Forwarded

Forwarded as broadcast packet or multicast packet

Routing failure while being forwarded

Send redirect packet

Rejected as it includes source routing option

Rejected as it includes illegal IP options

Source router

Local sent packet needs to be fragmented, but DF position is reset

Receive packet

Receive IP fragment

Send packet

Send broadcast/multicast

Routing failure of local generated packet

Local generated packets are fragmented

Received packets are filtered

Sent packets are filtered

Link layer encapsulation failure (only applies to Ethernet)

Unknown protocol

Use this command may produce great number of output information, so you’d better use it during the leisure time of the router, or it will seriously affect the system function. In addition, you should use access list to filter output if possible, and enable the system to display only the packet information that interest the user.

 

Example:

The same as “debug ip packet

Relevant command

debug ip tcp packet

debug ip rtp

Display the interactive information of header compression. Use “no debug ip rtp” to stop displaying the information.

debug ip rtp {header-compression|packets |rtcp}

no debug ip rtp {header-compression|packets |rtcp}

 

Parameter:

Header-compress

RTP/UDP/IP header compress event.

packets

RTP/UDP/IP header compress interactive data packet.

rtcp

TCP/IP header compress interactive data packet.

 

Command mode:

Supervisor mode

 

Explanation:

This command can help to realize the detailed process of header compress interaction.

Use this command may produce mass output information, so it is better to be used during leisure time of the router, or it will seriously affect the system performance.

 

Example:

routerdebug ip rtp header-compress

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: new connection, conn 0,

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7078, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7079, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7080, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7081, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7082, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7083, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7084, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7085, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7086, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4024, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7087, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4025, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4026, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7088, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7089, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4027, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7090, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4028, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7091, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4029, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7092, Gen = 0

2002-1-9 21:36:42

21:32:05: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4030, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7093, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7094, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4032, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7095, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4033, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7096, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4034, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7097, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7098, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4036, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7099, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4037, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7100, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4038, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7101, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: tossing error packet

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7102, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4040, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7103, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4041, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7104, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4042, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7105, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7106, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4044, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7107, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4045, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output uncompressed, conn 0, cksum 0x0000, seq 7108, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv COMPRESSED_RTP, conn 0, cksum 0x0000, seq 4046, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7109, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: output COMPRESSED_RTP, conn 0, cksum 0x0000, seq 7110, Gen = 0

2002-1-9 21:36:43

21:32:06: RHC Serial1/0: recv uncompress, conn 0, cksum 0x0000, seq 4048, Gen = 0

no deb all

1760#

 

debug ip tcp packet

Displays the received and sent information of transmit control protocol (TCP). Use “no debug ip tcp packet” to stop the display.

debug ip tcp packet

no debug ip tcp packet

 

Parameter:

none

Command mode:

Supervisor mode

 

Example:

Router#debug ip tcp packet

Router#tcp: O ESTABLISHED 192.168.20.22:23 192.168.20.125:3828 seq 50659460

      DATA 1 ACK 3130379810 PSH WIN 4380

tcp: I ESTABLISHED 192.168.20.22:23 192.168.20.125:3828 seq 3130379810

      DATA 2 ACK 50659460 PSH WIN 16372 

tcp: O ESTABLISHED 192.168.20.22:23 192.168.20.125:3828 seq 50659461

      DATA 50 ACK 3130379812 PSH WIN 4380

tcp: O FIN_WAIT_1 192.168.20.22:23 192.168.20.125:3828 seq 50659511

      ACK 3130379812 FIN WIN 4380

tcp: I FIN_WAIT_1 192.168.20.22:23 192.168.20.125:3828 seq 3130379812

      ACK 50659511 WIN 16321

tcp: I FIN_WAIT_1 192.168.20.22:23 192.168.20.125:3828 seq 3130379812

      ACK 50659512 WIN 16321

tcp: I FIN_WAIT_2 192.168.20.22:23 192.168.20.125:3828 seq 3130379812

      ACK 50659512 FIN WIN 16321

tcp: O TIME_WAIT 192.168.20.22:23 192.168.20.125:3828 seq 50659512

      ACK 3130379813 WIN 4380

tcp: I LISTEN 0.0.0.0:23 0.0.0.0:0 seq 3813109318

      DATA 2 ACK 8057944 PSH WIN 17440

tcp: O LISTEN 0.0.0.0:23 0.0.0.0:0 seq 8057944

      RST  

Domain

Description

tcp:

Show the information about TCP packet.

O

Send TCP packet.

ESTABLISHED

Current mode of TCP connection. For the description of TCP connection mode, please refer to the explanation of command “debug ip tcp transactions”.

192.168.20.22:23

The source address of the packet is 192.168.20.22 and the source port is 23.

192.168.20.125:3828

The destination address of the packet is 192.168.20.125 and the destination port is 3828.

seq 50659460

Serial number of the packet is 50659460.

DATA 1

Effective data bit number included in the packet is 1.

ACK 3130379810

Acknowledgement number of the packet is 3130379810.

PSH

PSH in the control bit of the packet is reset.

Other control bit including ACK, FIN, SYN, URG, and RST.

WIN 4380

The window domain of the packet is functioned to inform the size of the receiving cache of recipient’s receiving port. Currently it is 4380 bytes.

I

Receive TCP packet.

 If some of above domains are not displayed, it means that this domain has no valid value in this TCP packet.

Relevant command

debug ip tcp transactions

 

debug ip tcp transactions

Display the important interactive information of convert control protocol (TCP), such as the change of TCP connection mode. Use “no debug ip tcp transactions” to stop the display.

debug ip tcp transactions

no debug ip tcp transactions

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Router#debug ip tcp transactions

Router#TCP: rcvd connection attempt to port 23

TCP: TCB 0xE88AC8 created

TCP: state was LISTEN -> SYN_RCVD [23 -> 192.168.20.125:3828]

TCP: sending SYN, seq 50658312, ack 3130379657 [23 -> 192.168.20.125:3828]

TCP: state was SYN_RCVD -> ESTABLISHED [23 -> 192.168.20.125:3828]

TCP: connection closed by user, state was LISTEN [23 -> 0.0.0.0:0]

TCP: state was TIME_WAIT -> CLOSED [23 -> 192.168.20.125:3827]

TCP: TCB 0xE923C8 deleted

TCP: TCB 0xE7DBC8 created

TCP: connection to 192.168.20.124:513 from 192.168.20.22:1022, state was CLOSED to SYN_SENT

TCP: sending SYN, seq 52188680, ack 0 [1022 -> 192.168.20.124:513]

TCP: state was SYN_SENT -> ESTABLISHED [1022 -> 192.168.20.124:513]

TCP: rcvd FIN, state was ESTABLISHED -> CLOSE_WAIT [1022 -> 192.168.20.124:513]

TCP: connection closed by user, state was CLOSE_WAIT [1022 -> 192.168.20.124:513]

TCP: sending FIN [1022 -> 192.168.20.124:513]

TCP: connection closed by user, state was LAST_ACK [1022 -> 192.168.20.124:513]

TCP: state was LAST_ACK -> CLOSED [1022 -> 192.168.20.124:513]

TCP: TCB 0xE7DBC8 deleted

Domain

Description

TCP:

Showing the TCP interactive information.

rcvd connection attempt to port 23

Receive the connection attempt to port 23. (telnet port)

TCB 0xE88AC8 created

A new TCP connection control block, tagged “0xE88AC8”.

state was LISTEN -> SYN_RCVD

Means that the state of TCP state machine is changed from listen to LISTEN to SYN_RCVD.

Possible TCP states include:

LISTEN---Wait for the TCP connection attempt from any remote host.

SYN_SENT--- Sending connection attempt to initiate TCP connection negotiation, and waiting for the response from recipient.

SYN_RCVD---It receives the connection request and sends acknowledgement, it also sends its own connection request and waits for the recipient’s acknowledgement of connection request.

ESTABLISHED---Means that the connection is set up successfully, during the data sending period, it can receive the application of upstream.

FIN_WAIT_1---It has already sent the request to finish the connection, and is waiting for the acknowledgement from the recipients and the recipient’s request to finish the connection.

FIN_WAIT_2--- It has already sent the request to finish the connection and received the acknowledgement from the recipients and is waiting for the recipient’s request to finish the connection.

CLOSE_WAIT---It has already sent the request to finish the connection and sent the acknowledgement and is waiting for the local user to close the connection, once the user wants to close the connection, the system will send request to finish the connection.

CLOSING--- It has already sent the request to finish the connection, received the request to finish the connection from the recipient and sent the acknowledgement, and is waiting for the acknowledgement of the request from the recipient to finish the connection.

LAST_ACK---It has received the request from the recipient to finish the connection and acknowledged, sent the request to finish the connection is waiting for the acknowledgement.

TIME_WAIT---It is waiting enough time for the confirmation that the recipient has received the acknowledgement of local request to finish connection with it, and whether the packet about this connection converted in the network has arrived at the destination or been discarded.

CLOSED---Means no connection or the connection has been completely closed.

For detailed information, please refer to RFC793, TRANSMISSION CONTROL PROTOCOL.

[23 -> 192.168.20.125:3828]

In the column:

The first domain (23) means local TCP port

The second domain (192.168.20.125)means remote IP address.

The third domain (3828) means remote TCP port.

sending SYN

Send a connection attempt packet (SYN reset in TCP header control bit). Other TCP control bits include SYN, ACK, FIN, PSH, RST and URG.

seq 50658312

The serial number of sent packet is 50658312.

ack 3130379657

The acknowledge number of the sent packet is 3130379657.

rcvd FIN

Receive the request to finish the connection (FIN reset in TCP header control bit).

connection closed by user

TCP connection closed per the request of upstream application

connection timed out

Connection timed out and closed

 

Relevant command

debug ip tcp packet

debug ip udp

Show the interactive information of user data protocol (UDP). Use command “no debug ip udp” to stop.

debug ip udp

no debug ip udp

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Router#debug ip udp

Router#UDP: rcvd src 192.168.20.99(520), dst 192.168.20.255(520), len = 32

UDP: sent src 192.168.20.22(20001), dst 192.168.20.43(1001), len = 1008

     

Domain

Description

UDP:

It shows that this packet is related to UDP packet.

rcvd

Packets received

sent

Packets sent.

src

The source IP address and UDP interface of UDP packets.

dst

The target IP address and UDP interface of UDP packets.

len

The length of UDP packets.

 So, the first packet means it receives a UDP packet from host 192.168.20.99, on interface 520, the target address is 192.168.20.255, on target interface 520, and the packet length is 32 bytes.

The second packet means it sends a UDP packet, the host address is 192.168.20.22, on interface 20001, the target address is 192.168.20.43, on target interface 1001, and the packet length is 1008 bytes.

 

ip mask-reply

Demand the router to respond to IP address mask request on the designated interface. If you want to turn this function off, use command “no ip mask-reply”.

ip mask-reply

no ip mask-reply

default ip mask-reply

 

Parameter:

none

 

Default:

Do not respond to the IP address mask request.

 

Command mode:

Interface configuration mode

Example:

interface ethernet 1/1

ip mask-reply

ip mtu

Configure the length of Maximum convert Unit of IP packets sent from the interface via command “ip mtu”. If you want to use the default value of MTU again, use command “no ip mtu”.

ip mtu bytes

no ip mtu

 

Parameter:

bytes          The maximum convert length of IP calculated by unit of byte. 

Default:

It is variable according to the different physical media of the interface, and is the same as the maximum transfer unit on the interface. The minimum is 68 bytes.

 

Command mode:

Interface configuration mode

 

Explanation:

If the IP packet length exceeds the IP MTU set on the interface, the router would fragment the packets. For all the devices connected on the same physical media, you should configure the same protocolMTU before they can communicate. The MTU (configure by interface configuration command “mtu”) value will affect the IP MTU value. If the IP MTU value is the same as MTU value, when you change the MTU value, the IP MTU value will be automatically changed into a new MTU value. But, the change of IP MTU value will not affect the MTU value.

The minimum value of IP MTU is 68 bytes, the maximum value will not exceed the MTU configured on the interface. 

Example:

The following command configures the IP MTU of the interface as 200:

interface serial1/0

    ip mtu 200

 

Relevant command:

mtu 

 

ip redirects

Send IP ICMP redirect packet. Use command “no ip redirects” to stop sending ICMP redirect packet.

ip redirects

no ip redirects

 

Parameter:

none

 

Default:

Normally, IP redirect packet is sent by default. But, if the user configures hot backup routingprotocol, this function will be automatically closed. And, if the configuration of hot backup routingprotocol is canceled then, this function will not be automatically opened.

Command mode:

Interface configuration mode

 

Explanation:

When the router finds out that the forwarding interface where gateway is located is the same as the receiving interface while forwarding packets, and the host sending packets is connected to the logical network of this interface, according to the protocol, it can send a ICMP redirect packet to inform the host to directly set the router as the gateway to the destination address of the packet without being forwarded by this router.

If the interface is configured hot backup routerprotocol, the sending of IP redirect packet may cause the loss of packets. 

Example:

The following command opens the function of sending ICMP redirect packet on interface Ethernet1/0:

interface ethernet 1/0

ip redirects

 

ip route-cache

Configure whether to use route cache to forward IP packet on the interface. Use command “no ip route-cache” to forbid using route cache.

ip route-cache

no ip route-cache

ip route-cache same-interface

no ip route-cache same-interface

 

Parameter:

same-interface  Permit IP packets to be quickly exchanged out of the receiving interface.

 

Default:

Permit quick exchange on the interface, forbid the quick exchange on the same interface. 

Command mode:

Interface configuration mode

 

Explanation:

The route cache implement load distribution on forwarded packet based on source address/destination address.

Permits route cache will enhance the packet forward performance of the router. But on low speed line (64K or lower), normally we should prohibit route cache

The user can use command “ip route-cache same-interface” to permit the IP route cache on the same interface, which means, the receiving interface is the same as the sending interface. Normally, we suggest that you do not open this function, as it is conflicted with the redirect function of the router. If the user has a not completely connected network, such as frame relay, you can enable this function on the frame relay interface. For example, routerA, B, C jointly construct a frame relay network, but there are only links between A-B, B-C, the communication between A and C must be relayed by B: A-B-C, B receives A’s packet from one DLCI of the interface, and then send it to C by another DLCI from the same interface.

 

Example:

The following command permits the route cache  on the same interface:

       ip route-cache same-interface

The following command forbids route cache, including the route cache on the same interface:

       no ip route-cache

The following command only forbids the route cache on the same interface:

       no ip route-cache same-interface

The following command enables the system to return to the default configuration (permits route cache  and forbids route cache on the same interface):

       ip route-cache 

Relevant command

show ip cache

ip source-route

Permit the router to process IP packet with IP source route option. If you require the router to discard any IP packet with IP source route option, use command “no ip source-route”.

ip source-route

no ip source-route

 

Parameter:

none

 

Default:

Process IP packet with IP source route option.

 

Command mode:

global configuration mode

 

Example:

The following command demands processing the IP packet with IP source route option.

ip source-route

Relevant command

ping

 

ip tcp synwait-time

Configure the timeout the router waits for the successful TCP connection. If you want to reset it to default time, use command “no ip tcp synlatency time”.

ip tcp synwait-time seconds

no ip tcp synwait-time

 

Parameter:

seconds: The TCP connection waiting time counted in the unit of second. The effective value ranges from 5 to 300 seconds. 75 seconds by default.

 

Default:

75 seconds

 

Command mode:

global configuration mode

 

Explanation:

When the router initiates TCP connection, if the connection is still not established successfully after latency time of TCP connection, the router considers connection failure and returns this result to the upstream application program. The user can configure the latency time for successful TCP connection, 75 seconds by default. This option has no relation with TCP connection packet forwarded by the router, but only relates to the TCP connection of the router itself.

If you want to know the current value of it, use command ip tcp synwait-time ?, the value in [] is the current value.

Example:

The following example sets the latency time for TCP connection as 30 seconds:

Router_config#ip tcp synwait-time 30

Router_config#ip tcp synwait-time ?

  <5-300>[30] seconds     -- wait time

 

ip tcp window-size

Configure the window size of TCP. If you want it to return to the default value, use command “no ip tcp window-size”.

ip tcp window-size bytes

no ip tcp window-size

 

Parameter:

bytes       Window size illustrated in the unit of bit. 65535 bytes at most. 2000 bytes by default.

Default:

2000 bytes

 

Command mode:

global configuration mode

 

Explanation:

Only if you clearly know your reason to change the default value, you’d better not change it hotheaded. If you want to know the current value, use command ip tcp window-size ?, the value in [] is the current value. 

Example:

The following example configures the TCP window size as 6000 bytes:

Router_config#ip tcp window-size 6000

Router_config#ip tcp window-size ?

  <1-65535>[6000] bytes     -- Window size

 

ip unreachables

Configure the router to send ICMP unreachable packet. If you want the router to stop sending, use command “no ip unreachables”.

ip unreachable

no ip unreachable

 

Parameter:

none

 

Default:

Send ICMP unreachable packet. 

Command mode:

Interface configuration mode

 

Explanation:

When the router is forwarding IP packet, it may discover that there is no related routes in routing table, which results in the discard of the packet. Meanwhile, the router can send ICMP unreachable packet to the source host, inform the source host about this situation, in order to let the source host timely discover the errors and make corrections.

Example:

The following example configures to send ICMP unreachable packet on interface ethernet1/0:

interface ethernet 1/0

ip unreachables

 

show ip cache

Show route cache used for IP

show ip cache [prefix mask] [type number]

 

Parameter:

prefix mask: (optional) only shows the entries of which the destination address of the entry matches the designated prefix/mask the user keys in.

type number: (optional) only shows the entries of which the sending interface of the entry matches the designated interface type/number the user keys in.

rsvp: (optional) only shows the entry related to RSVP, means that, this entry, RSVP is employed.

 

Command mode:

Supervisor mode

 

Example:

The following example shows the route cache:

Router#show ip cache

Source          Destination     Interface        Next Hop

192.168.20.125  2.0.0.124       Serial1/0        2.0.0.124

192.168.20.124  192.168.30.124  Serial1/0        2.0.0.124

2.0.0.124       192.168.20.125  Ethernet1/1      192.168.20.125

 

Domain

Decription

Source

Source address.

Destination

Destination address.

Interface

Type and number of the sending interface.

Next Hop

Gateway address.

 The following example shows the route cache of which the destination address matches the designated prefix/mask:

Router#show ip cache 192.168.20.0 255.255.255.0

Source          Destination     Interface        Next Hop

2.0.0.124       192.168.20.125  Ethernet0/1      192.168.20.125

 

The following example shows the route cache of which the sending interface matches the designated interface type/mask:

Router#show ip cache s1/0

Source          Destination     Interface        Next Hop

192.168.20.125  2.0.0.124       Serial1/0        2.0.0.124

192.168.20.124  192.168.30.124  Serial1/0        2.0.0.124

 

show ip irdp

Show socket information.

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

xuhao_config_e1/0#  show ip irdp

Async0/0 ICMP router discovery protocol(IRDP) : OFF

 

Ethernet1/0 ICMP router discovery protocol(IRDP) : ON

  Advertisements occur between every 450 and 600 seconds

  Advertisements are sent as broadcasts

  Advertisements valid in 1800 seconds

  Default preference : 0

 

Ethernet1/1 ICMP router discovery protocol(IRDP) : OFF

 

Null0 ICMP router discovery protocol(IRDP) : OFF

 

Loopback7 ICMP router discovery protocol(IRDP) : OFF

 

Loopback10 ICMP router discovery protocol(IRDP) : OFF

 

show ip sockets

Show socket information.

show ip sockets

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Router#show ip sockets

Proto

Local

Port

Remote

Port

In

Out

17

0.0.0.0

0

0.0.0.0

0

161

0

6

0.0.0.0

0

0.0.0.0

0

513

0

17

0.0.0.0

0

0.0.0.0

0

1698

0

17

0.0.0.0

0

0.0.0.0

0

69

0

6

0.0.0.0

0

0.0.0.0

0

23

0

17

0.0.0.0

0

0.0.0.0

0

137

122590

   

    Domain

Description

Proto(protocol)

IP protocol number. 17 means UDP, 6 means TCP.

Remote

Remote address.

Port

Remote port.

Local

Local address.

Port

Local port.

In

Total bytes received.

Out

Total bytes sent.

 

show ip traffic

Show IP traffic statistics.

show ip traffic

 

Parameter:

none

 

Command mode:

Supervisor mode

 

Example:

Router#show ip traffic

IP statistics:

Rcvd:  0 total, 0 local destination, 0 delivered

         0 format errors, 0 checksum errors, 0 bad ttl count

         0 bad destination address, 0 unknown protocol, 0 discarded

         0 filtered , 0 bad options, 0 with options

  Opts:  0 loose source route, 0 record route, 0 strict source route

         0 timestamp, 0 router alert, 0 others

  Frags: 0 fragments, 0 reassembled, 0 dropped

         0 fragmented, 0 fragments, 0 couldn't fragment

  Bcast: 0 received, 0 sent

  Mcast: 0 received, 0 sent

  Sent:  230 generated, 0 forwarded

         0 filtered, 0 no route, 0 discarded 

ICMP statistics:

Rcvd: 0 total, 0 format errors, 0 checksum errors

0 redirect, 0 unreachable, 0 source quench

0 echos, 0 echo replies, 0 mask requests, 0 mask replies

0 parameter problem, 0 timestamps, 0 timestamp replies

0 time exceeded, 0 router solicitations, 0 router advertisements

Sent: 0 total, 0 errors

0 redirects, 0 unreachable, 0 source quench

0 echos, 0 echo replies, 0 mask requests, 0 mask replies

0 parameter problem, 0 timestamps, 0 timestamp replies

0 time exceeded, 0 router solicitations, 0 router advertisements

 

UDP statistics:

Rcvd: 28 total, 0 checksum errors, 22 no port, 0 full sock

Sent: 0 total

 

TCP statistics:

Rcvd: 0 total, 0 checksum errors, 0 no port

Sent: 3 total

 

IGMP statistics:

Rcvd: 0 total, 0 format errors, 0 checksum errors

0 host queries, 0 host reports

Sent: 0 host reports

 

ARP statistics:

Rcvd: 8 total, 7 requests, 1 replies, 0 reverse, 0 other

Sent: 5 total, 5 requests, 0 replies (0 proxy), 0 reverse

Domain

Description

format errors

Packet format error, such as IP header length error.

bad hop count

When the router is forwarding packets, if it finds that the TTL value is reduced to 0, the packets will be discarded.

no route

The router has no packet from corresponding route.

 

show tcp

Shows the state information of all TCP connections.

show tcp

 

Parameter:

none

 

Command mode:

Supervisor mode  

 

Example:

Router#show tcp

 

TCB 0xE9ADC8

Connection state is ESTABLISHED, unread input bytes: 934

Local host: 192.168.20.22, Local port: 1023

Foreign host: 192.168.20.124, Foreign port: 513

 

Enqueued bytes for transmit: 0, input: 934  mis-ordered: 0 (0 packets)

 

Timer          Starts    Wakeup            Next(ms)

Retrans            33          1                   0

TimeWait           0          0                   0

SendWnd           0          0                   0

KeepAlive         102          0             7199500

 

iss:  29139463  snduna:  29139525  sndnxt:  29139525     sndwnd:     17520

irs: 709124039  rcvnxt: 709205436  rcvwnd:      4380

 

SRTT: 15 ms, RXT: 2500 ms, RTV: 687 ms

minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms

 

Datagrams (max data segment is 1460 bytes):

Rcvd: 102 (out of order: 0), with data: 92, total data bytes: 81396

Sent: 104 (retransmit: 0), with data: 31, total data bytes: 61

 

Domain

Description

TCB 0xE77FC8

Inside identification of TCP connection control block.

Connection state is ESTABLISHED

Current connection state. TCP connection may be in any states of the following:

LISTEN---wait for the TCP connection attempt from any remote hosts.

SYN_SENT---After sending connection request, waiting for the response from the recipient.

SYN_RCVD---It receives the connection request and sends acknowledgement, it also sends its own connection request and waits for the recipient’s acknowledgement of connection request.

ESTABLISHED---Means that the connection is set up successfully, during the data sending period, it can receive the application of upstream.

FIN_WAIT_1---It has already sent the request to finish the connection, and is waiting for the acknowledgement from the recipients and the recipient’s request to finish the connection.

FIN_WAIT_2--- It has already sent the request to finish the connection and received the acknowledgement from the recipients and is waiting for the recipient’s request to finish the connection.

CLOSE_WAIT---It has already sent the request to finish the connection and sent the acknowledgement and is waiting for the local user to close the connection, once the user wants to close the connection, the system will send request to finish the connection.

CLOSING--- It has already sent the request to finish the connection, received the request to finish the connection from the recipient and sent the acknowledgement, and is waiting for the acknowledgement of the request from the recipient to finish the connection.

LAST_ACK---It has received the request from the recipient to finish the connection and acknowledged, sent the request to finish the connection is waiting for the acknowledgement.

TIME_WAIT---It waits enough time for the confirmation that the recipient has received the acknowledgement of local request to finish connection with it.

CLOSED---Means no connection or the connection has been completely closed.

For detailed information, please refer to RFC793, TRANSMISSION CONTROL PROTOCOL.

unread input bytes:

The data can be submitted for upstream application after the TCP procession yet has not been received by upstream application.

Local host:

Local IP address.

Local port:

Local TCP port.

Foreign host:

Remote IP address.

Foreign port:

Remote TCP port.

Enqueued bytes for transmit:

Enqueued bytes for transmission include the data sent yet not acknowledged and unsent data.

input:

Enqueued bytes for receiving: these data are waiting to be accepted for upstream application after sorting.

mis-ordered:

The bytes and packets in the mis-ordered queue, these data can only be accepted by upstream application in the receiving queue in order after other data are received. For example, if it receives packet 1,2,4,5,6, packet 1 and 2 can enter the receiving queue, but 4,5 and 6 can only enter mis-ordered queue to wait for the arrival of packet 3.

Then it shows the situation of currently connected timer, includes the start times of the timer, timeouts of the timer and the interval from the next timeout of the timer (0 means the timer is not running currently). Each connection uses independent timer. The number of timeouts of timer is normally less than the starts of the timer, because the timer may be reset during the process of running. For example, if the system receives the acknowledgement of all sent data from the recipient while the retransmit timer is running, the retransmit timer will stop running.

Timer          Starts    Wakeups            Next(ms)

Retrans            33          1                   0

TimeWait           0          0                   0

SendWnd           0          0                   0

KeepAlive         102          0             7199500

 

Domain

Description

Timer

Name of the timer.

Starts

Starts of the timer.

Wakeups

Timeouts of the timer.

Next(ms)

Interval from the next timeout of the timer (ms as the unit), o means the timer is not running.

Retrans

Retransmit timer, used to initiate data retransmission. The timer is started after sending the data, if the data is not acknowledged within the timeout, the timer will retransmit the data.

TimeWait

Time wait timer, used to guarantee the recipient’s receiving of acknowledgement of connection stop request.

SendWnd

Send window timer, used to guarantee that the send window is reset to the normal size in the situation when TCP acknowledges loss.

KeepAlive

Keep alive timer, used to guarantee the normal operation of communication link and the recipient’s still state of connection. It will ignite the sending of test packet in order to check the communication link state and the recipient’s state.

 

Then shows the serial used by TCP connection. TCP uses serial to guarantee the reliable and ordered data convert. Local and remote hosts also perform traffic control and sending acknowledgement according to serial number.

iss:  29139463  snduna:  29139525  sndnxt:  29139525     sndwnd:     17520

irs: 709124039  rcvnxt: 709205436  rcvwnd:      4380

 

Domain

Description

iss:

Initial sending serial

snduna:

Sending serial of the first bit of the data sent yet have not received the acknowledgement from the recipient.

sndnxt:

The send serial of the first bit of the data sent thereafter.

sndwnd:

TCP window size of remote host.

irs:

Initial receiving serial, which is also the initial sending serial of the remote host

rcvnxt:

Receiving serial recently acknowledged.

rcvwnd:

TCP window size of the local host.

       

The it shows the sending time recorded by local host, the system can adjust the system to adapt to various network according to these data.

SRTT: 15 ms, RXT: 2500 ms, RTV: 687 ms

minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms

Domain

Description

SRTT:

Trip time after smooth treatment

RXT:

Retransmission timeout

RTV:

Variation of trip time.

MinRXT:

Minimum retransmit timeout permitted.

MaxRXT:

Maximum retransmit timeout permitted.

ACK hold:

Maximum latency of the delay of acknowledgement in order to be sent with the data.

        

Datagrams (max data segment is 1460 bytes):

Rcvd: 102 (out of order: 0), with data: 92, total data bytes: 81396

Sent: 104 (retransmit: 0), with data: 31, total data bytes: 61

Domain

Description

max data segment is

Maximum data segment permitted for this connection.

Rcvd:

Packets received in this connection process by local host, and packets dis-ordered among them.

with data:

Packets with valid data.

total data bytes:

Total data bytes included in the packets.

Sent:

Total packets sent during the connection process of local host, and the packets resent.

with data:

Packets include valid data.

total data bytes:

Data bytes included in the packets.

 

Relevant command

show tcp brief

show tcp tcb

 

show tcp brief

Show brief information of TCP connection.

show tcp brief [all]

 

Parameter:

all    (optional) show all ports. If you do not input this key word, the system will not show the port in the state of “LISTEN”.

 

Command mode:

Supervisor mode

 

Example:

Router#show tcp brief

TCB         Local Address           Foreign Address          State

0xE9ADC8    192.168.20.22:1023    192.168.20.124:513    ESTABLISHED

0xEA34C8    192.168.20.22:23      192.168.20.125:1472   ESTABLISHED

 

Domain

Description

TCB

Inside tag of TCP connection.

Local Address

Local IP address and TCP port.

Foreign Address

Remote IP address and TCP port.

State

Connection mode. For detailed information please refer to command “show tcp”.

 

Relevant command

show tcp

show tcp tcb

 

show tcp statistics

show tcp statistics

show tcp statistics

 

Parameter:

none

 

Command mode:

Supervisor mode  

 

Example:

Router#show tcp statistics

Rcvd: 148 Total, 0 no port

0 checksum error, 0 bad offset, 0 too short

131 packets (6974 bytes) in sequence

0 dup packets (0 bytes)

0 partially dup packets (0 bytes)

0 out-of-order packets (0 bytes)

0 packets (0 bytes) with data after window

0 packets after close

0 window probe packets, 0 window update packets

0 dup ack packets, 0 ack packets with unsend data

127 ack packets (247 bytes)

Sent: 239 Total, 0 urgent packets

6 control packets

123 data packets (245 bytes)

0 data packets (0 bytes) retransmitted

110 ack only packets (101 delayed)

0 window probe packets, 0 window update packets

4 Connections initiated, 0 connections accepted, 2 connections established

3 Connections closed (including 0 dropped, 1 embryonic dropped)

5 Total rxmt timeout, 0 connections dropped in rxmt timeout

1 Keepalive timeout, 0 keepalive probe, 1 Connections dropped in keepalive

Domain

Description

Rcvd:

The statistics of the packets the router received.

Total

Total packets received.

no port

The number of the received packets with non-existent ports.

checksum error

The number of the checked and wrong packets received.

bad offset

The number of the received packets with bad offset traffic.

too short

The number of the received packets with less than the minimum effective length.

packets in sequence

The number of data packets received in sequence.

dup packets

The number of duplicated packets received.

partially dup packets

The number of partly duplicated packets received.

out-of-order packets

The number of out-of-order packets received.

packets with data after window

The number of packets received with data out of the receiving window of the router.

packets after close

The number of packets received after the connection closes.

window probe packets

The number of window probe packets received.

window update packets

The number of window update packets received.

dup ack packets

The number of duplicately acknowledged packets received.

ack packets with unsent data

The number of acknowledged packets received with unsent data.

ack packets

The number of acknowledged packets received.

Sent

The statistics about the packets sent by the router.

Total

The number of total sent packets.

urgent packets

The number of urgent packets sent.

control packets

The number of control(SYN、FIN or RST) packets sent.

data packets

The number of data packets sent.

data packets retransmitted

The number of retransmitted data packets.

ack only packets

The number of acknowledged only packets sent.

window probe packets

The number of window probe packets sent.

window update packets

The number of window update packets sent.

Connections initiated

The number of connections initiated locally.

connections accepted

The number of connections accepted locally.

connections established

The number of connections established locally.

Connections closed

The number of local connections closed.

Total rxmt timeout

Total number of resent time-outs.

Connections dropped in rxmit timeout

Total number of connections dropped resulted from resent time-outs

Keepalive timeout

The number of keepalive time-outs.

keepalive probe

The number of Keepalive probe packets sent.

Connections dropped in keepalive

The number of connections dropped because of keepalive.

 

Relevant command

clear tcp statistics

show tcp tcb

Display the mode information of certain TCP connection.

show tcp tcb address

 

Parameter:

address

The convert control block (TCB) address connected with TCP to be shown. TCB is the inside TCP connection tag of the system, which can be obtained via command “show tcp brief”.

 

Command mode:

Supervisor mode

 

Example:

For detailed explanation of the following displayed, please refer to command “show tcp

Router_config#show tcp tcb 0xea38c8

 

TCB 0xEA38C8

Connection state is ESTABLISHED, unread input bytes: 0

Local host: 192.168.20.22, Local port: 23

Foreign host: 192.168.20.125, Foreign port: 1583

 

Enqueued bytes for transmit: 0, input: 0  mis-ordered: 0 (0 packets)

 

Timer          Starts    Wakeups            Next(ms)

Retrans            4          0                   0

TimeWait           0          0                   0

SendWnd           0          0                   0

KeepAlive          +5          0             6633000

 

iss:  10431492  snduna:  10431573  sndnxt:  10431573     sndwnd:     17440

irs: 915717885  rcvnxt: 915717889  rcvwnd:      4380

 

SRTT: 2812 ms, RXT: 18500 ms, RTV: 4000 ms

minRXT: 1000 ms, maxRXT: 64000 ms, ACK hold: 200 ms

 

Datagrams (max data segment is 1460 bytes):

Rcvd: 5 (out of order: 0), with data: 1, total data bytes: 3

Sent: 4 (retransmit: 0), with data: 3, total data bytes: 80

 

Relevant command

show tcp

show tcp brief