Function Description
This topic describes the commands of security in the diagnose mode.Function
The debugging nd-snooping command is used to enable the
function of printing commissioning information using neighbor discovery (ND)
Snooping. To display the path of the packets in the ND Snooping module or query
exceptions occurring when packets are processed, run this command. After the
function of printing commissioning information using ND Snooping is enabled, the
system displays the information about the ND packets and multicast listener
discovery (MLD) packets sent to the CPU.
The undo debugging nd-snooping command is used to disable the function of printing commissioning information using ND Snooping. After the function is disabled, the system does not display the information about the ND packets and MLD packets sent to the CPU.
The undo debugging nd-snooping command is used to disable the function of printing commissioning information using ND Snooping. After the function is disabled, the system does not display the information about the ND packets and MLD packets sent to the CPU.
Format
debugging nd-snooping { exception |
packet { rx | tx } {
all | mld | na |
ns | ra | rs } }
debugging nd-snooping { acl acl-number | number integer }
undo debugging nd-snooping { exception | packet { rx | tx } { all | mld | na | ns | ra | rs } }
undo debugging nd-snooping { acl | number }
debugging nd-snooping { acl acl-number | number integer }
undo debugging nd-snooping { exception | packet { rx | tx } { all | mld | na | ns | ra | rs } }
undo debugging nd-snooping { acl | number }
Parameters
| Parameter | Description | Value |
|---|---|---|
| packet | Indicates the function of printing the commissioning information about packets. To query the information about the ND packets and MLD packets sent to the CPU, use this parameter. | - |
| rx | Indicates the function of printing the commissioning information about the packets received by the ND Snooping module. | - |
| tx | Indicates the function of printing the commissioning information about the packets sent by the ND Snooping module. | - |
| all | Indicates the function of printing the commissioning information about all packets including Neighbor Solicitation (NS), Neighbor Advertisement (NA), Router Solicitation (RS), Router Advertisement (RA), and MLD packets. | - |
| ns | Indicates the function of printing the commissioning information about NS packets. | - |
| na | Indicates the function of printing the commissioning information about NA packets. | - |
| rs | Indicates the function of printing the commissioning information about RS packets. | - |
| ra | Indicates the function of printing the commissioning information about RA packets. | - |
| mld | Indicates the function of printing the commissioning information about MLD packets. | - |
| exception | Indicates the function of printing the commissioning information about abnormal packets. To query the location and contents of discarded packets, use this parameter. | - |
| acl acl-number | Queries the debugging information based on filtering packets based on ACL. | Numeral type. Range: 2000-3999. |
| number integer | Indicates the number of displayed packets. After the number of displayed packets reaches the value, the system automatically disables the debugging function. |
Numeral type. Range: 1-65535. Default value: The number is not restricted. |
Level
Operator level
Usage Guidelines
- In the privilege mode or global config mode, run the diagnose command to enter the Diagnose mode.
- By default, the debugging information print function of the ND Snooping module is disabled.
- This command must be used with the terminal monitor and terminal debugging commands. Only after the two commands are enabled, commissioning information can be reported to the command line interface (CLI) terminal.
- The system performance is affected after the function of printing commissioning information is enabled. Therefore, exercise caution when enabling it.
- For the exception parameter, the displayed commissioning information contains the function address. You must query the map file according to the address to obtain the function name.
- You cannot query the debugging information at the link layer or based on user-defined ACLs.
Example
To enable the function of printing the commissioning information about the NS
packets received by the ND Snooping module, do as follows:
huawei(diagnose)%%debugging nd-snooping
{ acl<K>|exception<K>|number<K>|packet<K> }:packet
{ rx<K>|tx<K> }:rx
{ all<K>|mld<K>|na<K>|ns<K>|ra<K>|rs<K>}:ns
Command:
debugging nd-snooping packet rx ns
To disable the function of printing the commissioning information about the
RA packets sent by the ND Snooping module, do as follows: huawei(diagnose)%%undo debugging nd-snooping
{ acl<K>|exception<K>|number<K>|packet<K> }:packet
{ rx<K>|tx<K> }:tx
{ all<K>|mld<K>|na<K>|ns<K>|ra<K>|rs<K>}:ra
Command:
undo debugging nd-snooping packet tx ra
System Response
- The system does not display any message after the command is executed successfully.
More Blog:
No comments:
Post a Comment