Dhcp snooping debug commands – Brocade FastIron SX, FCX, and ICX Diagnostic Reference User Manual

Page 72

Advertising
background image

60

Brocade FastIron SX, FCX, and ICX Diagnostic Reference

53-1003076-02

DHCP snooping debug commands

4

debug ip bgp keepalives

Syntax: [no] debug ip bgp keepalives

Brocade devices use keepalives to collect information about applications and services. For
example, you can configure a keepalive to continually monitor and report on the online status of a
resource, such as BGP.

Brocade# debug ip bgp keepalives

BGP: 10.1.1.2 sending KEEPALIVE

BGP: 10.1.1.2 KEEPALIVE received

debug ip bgp updates

Syntax: [no] debug ip bgp updates

This command displays BGP receive, transmit, or receive and transmit update messages about
debug processing.

Brocade# debug ip bgp updates

BGP: safi(0): 10.1.1.2 sending UPDATE w/attr: Origin=IGP AS_PATH=65538

NEXT_HOP=10.1.1.1 MED=1

BGP: (0): 10.1.1.2 sending UPDATE Label=0 2001:DB8:83:e8:00:04:78:64:10.1.1.1/32

BGP: 10.1.1.2 rcv bad UPDATE (saif 0) due to AS loop, take as implicit withdraw!

BGP: BGP: 10.1.1.2 rcv UPDATE w/attr: Origin=INCOMP AS_PATH= AS_SEQ(2) 3

NextHop=10.1.1.2 MED=30

BGP: (0): 10.1.1.2 rcv UPDATE 10.1.1.2/32

BGP: 10.1.1.2 rcv bad UPDATE (saif 0) due to AS loop, take as implicit withdraw!

BGP: BGP: 10.1.1.2 rcv UPDATE w/attr: Origin=IGP AS_PATH= AS_SEQ(2) 3

NextHop=10.1.1.2 MED=5

BGP: (0): 10.1.1.2 rcv UPDATE 10.10.10.10/32

BGP: (0): 10.1.1.2 rcv UPDATE 10.213.0.0/16

BGP: (0): 10.1.1.2 rcv UPDATE 10.200.200.200/32

BGP: (0): 10.1.1.2 rcv UPDATE 10.18.18.0/24

BGP: (0): 10.1.1.2 rcv UPDATE 10.1.1.32/32

DHCP snooping debug commands

Dynamic Host Configuration Protocol (DHCP) snooping enables the Brocade device to filter
untrusted DHCP packets in a subnet. DHCP snooping can ward off man-in-the-middle (MiM)

attacks, such as a malicious user posing as a DHCP server sending false DHCP server reply
packets with the intention of misdirecting other users. DHCP snooping can also stop unauthorized
DHCP servers and prevent errors due to user misconfiguration of the DHCP servers.

Often, DHCP snooping is used together with Dynamic ARP Inspection (DAI) and IP Source Guard.

debug ip dhcp-snooping

Syntax: [no] debug ip dhcp-snooping

This command enables debugging of the DHCP snooping activity.

Brocade# debug ip dhcp-snooping

Brocade(config-vif-11)# DHCP: snooping on for vlan 14, port 5/1/2

DHCP: rcv on port 5/1/2, intercept DHCP pkt, Discovr

DHCP: snooping on port 5/1/2, smac 0000.00ce.ac79, type 1, VRF 1

0.0.0.0->0000.00ce.ac79

DHCP Option82: Adding option 82

Advertising
Popular Brands
Popular manuals