Cool Cisco Certification exam Debug Tricks – Syslog & AS Number

Home > Blogs > Cisco > Cool Cisco Certification exam Debug Tricks – Syslog & AS Number

Cool Cisco Certification exam Debug Tricks – Syslog & AS Number

Like This Blog 2 Mark Jacob
Added by October 1, 2012

If you are studying for a Cisco certification exam, odds are that you work in lab-type situations frequently. Maybe you use GNS3 or even one of the Virtual Lab solutions offered on the Cisco website. If that is the case, I have a couple of cool tricks to share with you.

One of them is related to syslog traffic. If you are not inclined to create an actual syslog server inside your virtual environment, but you still want to verify that syslog messages are being sent and received, try this process on one of your routers (the one you want to be your ‘fake’ syslog server).

First, create an extended access-list to match syslog traffic:

(config)# ip access-list extended 101
(config-ext-nacl)# permit udp any host eq syslog

(The ip address is assigned to a Loopback interface on the syslog-receiving router.)

Now create a debug command to watch for traffic matching that access-list:

# debug ip packet 101

Now if you go to another device in your virtual network (or real one too, this works either way) and configure it to send syslog messages to, you will see that traffic happens on the receiving device. Here’s a sample of output you can expect to see:

virtual network output cisco debugging tricks

We are not really concerned here about deciphering the content, we just want to verify that syslog messages are being sent and received. The above output shows that we have succeeded!

A second cool trick is one for which I have been hunting myself for a while. I wanted to know how a person could retrieve the Autonomous System (AS) number in use if I wasn’t ‘in the know.’ For instance, I am on a router which is in the network, but on which the EIGRP routing protocol has not been configured. In this case, how can I determine the AS number in use? This is a trivial matter if my router IS running EIGRP and is already configured with the correct AS number. show ip eigrp topology will return the results I seek. Here is some sample output from that command:

show ip eigrp topology cisco debugging tricks

The AS number is clearly evident. But when I am not configured, what can I do? I presented this challenge in a recent class and a student named Cara returned the next day with the following suggestion (she did not claim credit; she said someone told her, but I still appreciated her sharing).
First, create an extended access list to identify what you wish to observe. As EIGRP uses the multicast address of to communicate, let’s latch on to that:

(config)# ip access-list extended 102
(config-ext-nacl)#permit ip any host

That’s all we need. Now we need to debug with the ‘dump’ keyword to push the raw data to the screen:

# debug ip packet detail 102 dump

Here is some sample output:

debug ip packet detail dump cisco debugging tricks

What we want to focus on here is the fifth hex chunk AFTER the E000000A. We can see above that the fifth chunk is hex 64. Some quick arithmetic will reveal that this is decimal value 100. Voila! There it is! The AS number in use is 100. That is so cool.

Now I have searched the net for that little gem, but I didn’t find that information until after Cara shared with me. But it is out there; apparently I need to refine my search engine skills even further. It must be a question of knowing what questions to ask. (Isn’t it always?!) Oh well, I am happy that I can sleep now that this persistent gnawing at my brain has been put to rest.

If you have any cool debug tricks you would like to share, I would love to hear about them!

Mark Jacob
Cisco Instructor – Interface Technical Training
Phoenix, AZ

Videos You May Like

How to Build in a PSMethod to your PowerShell Code

0 71 0

In this video, PowerShell instructor Jason Yoder shows how to add Methods (PSMethod) to your code using free software that’s added into the PSObject. For instructor-led PowerShell courses, see our course schedule. Microsoft Windows PowerShell Training Download the Building Methods PowerShell script</a> used in this video. <# ╔══════════════════════════════════════════════════════════════════════════════╗ ║ ║ ║ Building Methods ║ ╟──────────────────────────────────────────────────────────────────────────────╢ … Continue reading How to Build in a PSMethod to your PowerShell Code

How to create a Cisco IOS Banner – Login and MOTD Message of the Day

0 4288 4

In this video, Cisco CCNA instructor Mark Jacob shows how to create a Login and Message of the Day (MOTD) banners in Cisco IOS. The Banner is an interesting feature of the Cisco IOS. You could probably get by without it, but in a commercial environment you want to have it.

OSPF Adjacency Troubleshooting Solution – Getting Close to the OSPF adj

0 249 1

In this video, Cisco CCNA & CCNP instructor Mark Jacob shows how to troubleshoot OSPF Adjacency issues by showing the distance between routers with the show ip ospf neighbor command.

Write a Comment

See what people are saying...

    Share your thoughts...

    Please fill out the comment form below to post a reply.