Debugging ip packet acl – Panasonic NN46240-710 User Manual

Page 74

Attention! The text in this document has been recognized automatically. To view the original document, you can use the "Original mode".

Advertising
background image

2 GRE troubleshooting

Nortel Secure Router 8000 Series

_________ Troubleshooting - VPN

*0.93688561 PE TUNNEL/8/ATKDBG:Slot=2;Tunnel2/0/0-Out: Mbuf length = 84 from GRE Tunnel

out

The preceding information shows the tunnel interface (Tunnel2/0/0) on which packets are
encapsulated as well as the packet length.

*0.93688656 PE TUNNEL/8/ATKDBG:Slot=2;Tunnel2/0/0-Out: GRE/IP encapsulated

192.168.1.3->192.168.1.2(len = 108).

The preceding information shows the source and the destination addresses in the IP header of

the encapsulated packet.

*0.93688784 PE TUNNEL/8/ATKDBG:Slot=2;Tunnel-In: Get packet,the tunnel is

src(192.168.1.2)/dest(192.168.1.3),length = 108 .

*0.93688928 PE TUNNEL/8/ATKDBG:Slot=2;

Judge keepalive finished. NOT keepalive packet.

The preceding information shows the IP address resolved from the response packet and the

packet length.

(4) Reply from 1.1.1.2: bytes=56 Sequence=2 ttl=255 time=4 ms

The preceding information shows that the response is received from the remote tunnel interface.
Parameters of the packet are also shown.

(5) *0.93689024 PE TUNNEL/8/ATKDBG:Slot=2;Tunnel-In: Enter Tunnel Input and GRE mode

found.

The preceding information shows that received packets are sent to the tunnel-input queue.

(6) *0.93689120 PE TUNNEL/8/ATKDBG:Slot=2;Tunnel2/0/0-In: GRE decapsulated IP

1.1.1.2->1.1.1.3(len = 84).

The preceding information shows that packets are resolved, with the tunnel IP address removed

from the GRE header.

debugging ip packet acl

The display of the debugging ip packet acl command is as follows:

*0.94698304 PE IP/8/debug_case:Slot=2;

Sending, interface = Tunnel2/0/0, version = 4, headlen = 20, tos = 0,

pktlen = 84, pktid = 9490, offset = 0, ttl = 255, protocol = 1,

checksum = 37520, s = 1.1.1.3, d = 1.1.1.2

prompt: Sending the packet from local at Tunnel2/0/0

*0.94698640 PE IP/8/debug_case:

Delivering, interface = Tunnel2/0/0, version = 4, headlen = 20, tos = 0,

pktlen = 84, pktid = 36363, offset = 0, ttl = 255, protocol = 1,

checksum = 10647, s = 1.1.1.2, d = 1.1.1.3

prompt: IP packet is delivering up!

The output contains packets that match access control list (ACL) rules.

CD NOTE

The ACL rules used in this example are:

#

acl number 3001

rule 5 permit ip source 1.1.1.2 0 destination 1.1.1.3 0

rule 10 permit ip source 1.1.1.3 0 destination 1.1.1.2 0

2-20

Nortel Networks Inc.

Issue 5.3 (30 March2009)

Advertising
Popular Brands
Popular manuals