Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging

Similar documents
Troubleshooting ISG with Session Monitoring and Distributed Conditional Debugging

PPPoE Session Recovery After Reload

RADIUS NAS-IP-Address Attribute Configurability

SSG Service Profile Caching

PPPoE Client DDR Idle Timer

DHCP Lease Limit per ATM/RBE Unnumbered Interface

BGP Enforce the First Autonomous System Path

RADIUS Tunnel Preference for Load Balancing and Fail-Over

DHCP Option 82 Support for Routed Bridge Encapsulation

Suppress BGP Advertisement for Inactive Routes

IS-IS Incremental SPF

OSPF Incremental SPF

Frame Relay Conditional Debug Support

Generic Routing Encapsulation Tunnel IP Source and Destination VRF Membership

VPDN Group Session Limiting

Autosense of MUX/SNAP Encapsulation and PPPoA/PPPoE on ATM PVCs

PPP/MLP MRRU Negotiation Configuration

PPPoE Session Limits per NAS Port

Configuring Multiple Basic Service Set Identifiers and Microsoft WPS IE SSIDL

IMA Dynamic Bandwidth

QoS Child Service Policy for Priority Class

Configuring ISA Accounting

Protocol-Independent MAC ACL Filtering on the Cisco Series Internet Router

Extended NAS-Port-Type and NAS-Port Support

This feature was introduced. This feature was integrated into Cisco IOS Release 12.2(27)SBA.

RADIUS Logical Line ID

Per IP Subscriber DHCP Triggered RADIUS Accounting

Packet Classification Using the Frame Relay DLCI Number

MPLS MTU Command Changes

Logging to Local Nonvolatile Storage (ATA Disk)

Cisco Unity Express Voic System User s Guide

Installing IEC Rack Mounting Brackets on the ONS SDH Shelf Assembly

ISSU and SSO DHCP High Availability Features

VPDN LNS Address Checking

PPPoE Service Selection

Modified LNS Dead-Cache Handling

Configuring an Intermediate IP Multicast Helper Between Broadcast-Only Networks

Cisco Smart Business Communications System Teleworker Set Up

DHCP ODAP Server Support

OSPF RFC 3623 Graceful Restart Helper Mode

Configuring the Cisco IOS DHCP Relay Agent

IP SLAs Random Scheduler

DHCP Relay MPLS VPN Support

Configuring Route Maps to Control the Distribution of MPLS Labels Between Routers in an MPLS VPN

PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement

Configuring ISG VRF Transfer (Cisco IOS Release 12.2(28)SB)

Route Processor Redundancy Plus (RPR+)

LAN Emulation Overview

Cisco Voice Applications OID MIB

Contextual Configuration Diff Utility

Configuring MPLS Multi-VRF (VRF-lite)

Using Application Level Gateways with NAT

Cisco 806, Cisco 820 Series, Cisco 830 Series, SOHO 70 Series and SOHO 90 Series Routers ROM Monitor Download Procedures

ATM VP Average Traffic Rate

Wireless LAN Error Messages

BECN and FECN Marking for Frame Relay over MPLS

Configuring Virtual Interfaces

Installing the Cisco ONS Deep Door Kit

IP Event Dampening. Feature History for the IP Event Dampening feature

Wireless LAN Overview

MPLS VPN: VRF Selection Based on Source IP Address

Exclusive Configuration Change Access and Access Session Locking

Cisco Software Licensing Information for Cisco Unified Communications 500 Series for Small Business

Configuring Token Ring LAN Emulation for Multiprotocol over ATM

Release Notes for Cisco Aironet Client Utility and Driver, Version 3.0 for Mac OS

Chunk Validation During Scheduler Heapcheck

Cisco Aironet Directional Antenna (AIR-ANT-SE-WiFi-D)

Connecting Cisco DSU/CSU High-Speed WAN Interface Cards

Low Latency Queueing with Priority Percentage Support

White Paper: Using Microsoft Windows Server 2003 with Cisco Unity 4.0(4)

QoS: Classification of Locally Sourced Packets

QoS: Color-Aware Policer

Cisco Unified MeetingPlace for Microsoft Office Communicator

Cisco Report Server Readme

RSVP Message Authentication

Application Firewall Instant Message Traffic Enforcement

Maintenance Checklists for Cisco Unity VPIM Networking (with Microsoft Exchange)

MPLS VPN OSPF and Sham-Link Support

Site Preparation and Network Communications Requirements

Cisco Aironet 1500 Series Access Point Large Pole Mounting Kit Instructions

Cisco Unified Mobile Communicator 3.0 User Portal Guide

Connecting Cisco WLAN Controller Enhanced Network Modules to the Network

Release Notes for Cisco Security Agent for Cisco Unified MeetingPlace Release 6.0(7)

PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement

Maintenance Checklists for Microsoft Exchange on a Cisco Unity System

Cisco Virtual Office End User Instructions for Cisco 1811 Router Set Up at Home or Small Office

This feature was introduced. This feature was integrated into Cisco IOS Release 12.2(27)SBA.

Using Microsoft Outlook to Schedule and Join Cisco Unified MeetingPlace Express Meetings

Configuration Replace and Configuration Rollback

MPLS Traffic Engineering (TE) Scalability Enhancements

Applying the Tunnel Template on the Home Agent

Connecting Cisco 4-Port FXS/DID Voice Interface Cards

Cisco BTS Softswitch Site Preparation and Network Communications Requirements, Release 6.0. Safety and Compliance

Catalyst 2955 Switch DIN Rail Clip Installation Notes

MPLS Traffic Engineering Fast Reroute Link Protection

This module was first published on May 2, 2005, and last updated on May 2, 2005.

Cisco Video Surveillance Virtual Matrix Client Configuration Guide

Corporate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA USA

Cisco Unified CallConnector for Microsoft Windows 1.4 Mobility Service Quick Reference Guide

Installing ONS SDH FMEC-E3/DS3 Cards

Transcription:

Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging The Intelligent Service Architecture (ISA) is a core set of Cisco IOS components that provide a structured framework in which edge access devices can deliver flexible and scalable services to subscribers. A Cisco device that is running a Cisco IOS image with ISA is called an Intelligent Service Gateway (ISG). This document describes ISA session monitoring and distributed conditional debugging. ISA session monitoring uses the show interface monitor and show processes cpu monitor commands, which display statistics that are updated at specified intervals. Conditional debugging facilitates debug filtering for ISA and is available as distributed conditional debugging. Module History This module was first published on April 28, 2005, and was last updated April 28, 2005. Finding Feature Information in This Module Your Cisco IOS software release may not support all features. To find information about feature support and configuration, use the Feature Information for Distributed Conditional Debugging section on page 209. Contents Prerequisites for Distributed Conditional Debugging, page 200 Restrictions for Distributed Conditional Debugging, page 200 Information About ISA Session Monitoring and Distributed Conditional Debugging, page 200 How to Enable ISA Session Monitoring and Distributed Conditional Debugging, page 201 Configuration Examples for ISA Distributed Conditional Debugging, page 207 Additional References, page 208 Feature Information for Distributed Conditional Debugging, page 209 Corporate Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA Copyright 2005 Cisco Systems, Inc. All rights reserved.

Prerequisites for Distributed Conditional Debugging Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging Prerequisites for Distributed Conditional Debugging Before using the information in this module, it is recommended that you be familiar with the use of Cisco IOS debug commands and conditional debugging. See the Additional References section on page 208 to find information about these topics. Restrictions for Distributed Conditional Debugging Conditions that are set for an active session take effect only when the session is terminated and reestablished. Caution Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use the Cisco IOS debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users, or on a debug chassis with a single active session. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use. Information About ISA Session Monitoring and Distributed Conditional Debugging Before you enable session monitoring or distributed conditional debugging, you should understand the following concepts: ISA Session and Flow Monitoring, page 200 ISA Distributed Conditional Debugging, page 200 ISA Session and Flow Monitoring ISA introduces a mechanism that allows an adminstrator to monitor ISA sessions and flows continuously. The show interface monitor command, which displays interface statistics, and the show process cpu monitor command, which displays information about CPU usage, both update the information in their displays at specified intervals. These commands also provide the ability to freeze or clear the information in the display. ISA Distributed Conditional Debugging This section contains the following concepts: Benefits of Enhanced Conditional Debugging for the ISA Platforms, page 201 Cisco IOS Software Components Supported by Distributed Conditional Debugging, page 201 200

How to Enable ISA Session Monitoring and Distributed Conditional Debugging Benefits of Enhanced Conditional Debugging for the ISA Platforms Because literally thousands of user sessions run on the ISA platforms, it is not practical to troubleshoot a problem with a session by enabling the various component debug commands that are available and trace through the messages for a single session or user. Instead, it is more practical to filter debugging messages for a single session or call across the various Cisco IOS components that a session traverses. For this reason, the conditional debugging previously offered in the Cisco IOS software has been enhanced to facilitate debug filtering for ISA and is available as distributed conditional debugging. Cisco IOS Software Components Supported by Distributed Conditional Debugging The following components are supported for ISA distributed conditional debugging: Authentication, authorization, and accounting (AAA) and RADIUS ATM components Feature Manager Policy Manager PPP PPP over Ethernet (PPPoE) Session Manager Virtual Private Dialup Network (VPDN) See Table 20 and Table 21 for specific commands that are supported for distributed conditional debugging. How to Enable ISA Session Monitoring and Distributed Conditional Debugging This section contains the following tasks: Monitoring ISA Sessions and Flows, page 201 Configuring Distributed Conditional Debugging, page 202 Monitoring ISA Sessions and Flows Perform this task to monitor interface and CPU statistics. 201

How to Enable ISA Session Monitoring and Distributed Conditional Debugging DETAILED STEPS Step 1 Step 2 Command or Action enable Router> enable show interface type number monitor [interval seconds] Purpose Enables privileged EXEC mode. Enter your password if prompted. Displays interface statistics and updates the display at specified intervals. Step 3 Router# show interface ethernet 3/0 monitor interval 10 show processes cpu monitor [interval seconds] Router# show processes cpu monitor Displays detailed CPU utilization statistics and updates the display at specified intervals. Configuring Distributed Conditional Debugging Two main tasks are required for configuring distributed conditional debugging: enabling conditional debugging, and issuing one or more supported debug command. These required tasks are described in the following sections: ISA Debug Condition Commands, page 202 Debug Commands That Are Supported by ISA Conditional Debug, page 203 Enabling Distributed Conditional Debugging, page 205 Restrictions, page 205 Enabling Distributed Conditional Debugging, page 205 Displaying Debugging Conditions, page 206 Troubleshooting Tips, page 206 ISA Debug Condition Commands Table 20 lists the debug condition commands that you can issue at the EXEC prompt to enable distributed conditional debugging. You can set more than one condition. Table 20 Supported Conditional Debug Commands Command debug condition domain domain-name debug condition interface atm ATM-interface vc {vci/vpi vci} debug condition interface atm ATM-interface vc {vci/vpi vci} vlan-id ID debug condition interface {Ethernet Fast Ethernet Gigabit Ethernet} vlan-id ID Purpose Filters messages on the specified domain name. Filters messages on the specified virtual circuit. Filters messages on the specified VLAN identifier. 202

How to Enable ISA Session Monitoring and Distributed Conditional Debugging Table 20 Supported Conditional Debug Commands Command debug condition mac-address hexadecimal-mac-address debug condition portbundle ip IP-address bundle bundle-number debug condition session-id session-id debug condition username email-address Purpose Filters messages on the specified MAC address. Filters messages on the specified Port-Bundle Host Key (PBHK). Filters messages on the specified session identifier. Note The session identifier can be obtained by entering the show subscriber session command. Filters messages on the specified Internet username. Debug Commands That Are Supported by ISA Conditional Debug Following is a list of the Cisco IOS debug commands that are supported for distributed conditional debugging. The commands are listed by component. One or more of these commands can be issued after enabling one of the debug condition commands listed in Table 20 Table 21 Debug Commands Supported by ISA Distributed Conditional Debugging AAA Debug Commands debug aaa accounting debug aaa authentication debug aaa authorization debug aaa id ATM Debug Commands debug atm arp debug atm error debug atm event debug atm oam debug atm packet debug atm state PPP Debug Commands debug ppp authentication debug ppp bap error debug ppp bap events debug ppp bap negotiation debug ppp cbcp debug ppp error debug ppp mppe detailed debug ppp mppe events debug ppp mppe pack debug ppp multi data 203

How to Enable ISA Session Monitoring and Distributed Conditional Debugging Table 21 Debug Commands Supported by ISA Distributed Conditional Debugging (continued) debug ppp multi events debug ppp multi frag debug ppp negotiation debug ppp pack debug ppp subscriber PPPoE Debug Commands debug pppoe data debug pppoe error debug pppoe event debug pppoe packet Session Manager Debug Commands debug subscriber aaa authorization event debug subscriber aaa authorization fsm debug subscriber error debug subscriber event Feature Manager Debug Commands debug subscriber feature access-list error debug subscriber feature access-list event debug subscriber feature compression detail debug subscriber feature compression error debug subscriber feature compression event debug subscriber feature detail debug subscriber feature error debug subscriber feature event debug subscriber feature interface-config error debug subscriber feature interface-config event debug subscriber feature modem-on-hold detail debug subscriber feature modem-on-hold error debug subscriber feature modem-on-hold event debug subscriber feature portbundle error debug subscriber feature portbundle event debug subscriber feature portbundle packet debug subscriber feature qos-policy error debug subscriber feature qos-policy event debug subscriber feature static-routes error debug subscriber feature static-routes event debug subscriber feature traffic-classification detail 204

How to Enable ISA Session Monitoring and Distributed Conditional Debugging Table 21 Debug Commands Supported by ISA Distributed Conditional Debugging (continued) debug subscriber feature traffic-classification error debug subscriber feature traffic-classification event Policy Manager Debug Commands debug subscriber fsm debug subscriber policy condition debug subscriber policy detail debug subscriber policy error debug subscriber policy event debug subscriber policy fsm debug subscriber policy rule debug subscriber session error debug subscriber session event VPDN Debug Commands debug vpdn call event debug vpdn call fsm debug vpdn error debug vpdn event debug vpdn event disconnect Restrictions The debug condition session-id command filters a session only after the session has been established. The session identifier is a unique dynamic number generated internally by the Cisco IOS software and assigned to each session when the session is established. In VPDN, the debug commands and messages associated with tunnels cannot be filtered because they are not associated with a session, but are displayed during the tunnel-establishment phase. The debugging messages will be displayed even if filtering is enabled by one of the conditions. If multiple conditions are set, the debugging messages corresponding to all the sessions that meet any of the conditions will be displayed. Some conditions, such as domain name, will trigger debugging messages for all the sessions that belong to the particular domain. Enabling Distributed Conditional Debugging SUMMARY STEPS Perform this task to enable distributed conditional debugging for ISA. 1. enable 2. debug condition command 3. debug command 205

How to Enable ISA Session Monitoring and Distributed Conditional Debugging DETAILED STEPS Step 1 Step 2 Step 3 Command or Action enable Router> enable debug condition command Router# debug condition username user@cisco.com debug command Router# debug subscriber aaa authorization fsm Purpose Enables privileged EXEC mode. Enter your password if prompted. Enter one or more of the debug condition commands listed in Table 20 to enable distributed conditional debugging. Enter one or more of the supported debug commands from Table 21. Displaying Debugging Conditions To display the debugging conditions that have been set, perform the following task: SUMMARY STEPS 1. enable 2. show debug condition DETAILED STEPS Step 1 Step 2 Command or Action enable Router> enable show debug condition Purpose Enables privileged EXEC mode. Enter your password if prompted. Displays conditions that have been set for debugging. Router# show debug condition Troubleshooting Tips The Cisco IOS software displays messages as you set the conditions for filtering the debugging. When a condition is set, it is assigned a number, as follows: Condition 1 set If a condition has already been set, the following message is displayed : % Condition already set 206

Configuration Examples for ISA Distributed Conditional Debugging The following messages and prompt are displayed when you attempt to disable the last condition using the no form of a debug condition command: This condition is the last interface condition set. Removing all conditions may cause a flood of debugging messages to result, unless specific debugging flags are first removed. Proceed with removal? [yes/no]: yes Condition 1 has been removed Tip Use the no forms of the commands to disable all debug commands before disabling all of the debugging conditions that have been set. Configuration Examples for ISA Distributed Conditional Debugging This section contains the following examples: Enabling ISA Distributed Conditional Debugging: Example, page 208 Displaying Debugging Conditions: Example, page 208 Monitoring Interface Statistics: Example The following example shows sample output for the show interface monitor command. The display will be updated every 10 seconds. Router> show interface ethernet 0/0 monitor interval 10 Router Name: Scale3-Router8 Update Secs: 10 Interface Name: Ethenet 0/0 Interface Status: UP, line is up Line Statistics: Total: Rate(/s) Delta Input Bytes: 123456 123 7890 Input Packets: 3456 56 560 Broadcast: 1333 6 60 OutputBytes: 75717 123 1230 Output Packets: 733 44 440 Error Statistics: Total: Delta: Input Errors: 0 0 CRC Errors: 0 0 Frame Errors: 0 0 Ignored: 0 0 Output Errors: 0 0 Collisions: 0 0 No. Interface Resets: 2 End = e Clear = c Freeze = f Enter Command: 207

Additional References Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging Monitoring CPU Statistics: Example The following example shows sample output for the show processes cpu monitor command: Router> show processes cpu monitor CPU utilization for five seconds: 0%/0%; one minute: 0%; five minutes: 0% PID Runtime(ms) Invoked usecs 5Sec 1Min 5Min TTY Process 3 772 712 1084 0.08% 0.04% 0.02% 0 Exec 67 276 4151 66 0.08% 0.03% 0.01% 0 L2TP mgmt daemon 116 604 2263 266 0.16% 0.05% 0.01% 0 IDMGR CORE End = e Freeze = f Enter Command: Enabling ISA Distributed Conditional Debugging: Example The following example shows how to filter PPP, PPPoE, and Session Manager debugs for a PPPoE session with username user@cisco.com. Only debugging messages for the defined user are displayed on the console. Any other debugging messages associated with other users will not be displayed. Router# debug condition username user@cisco.com Condition 1 set Router# debug ppp negotiation Router# debug pppoe event Router# debug subscriber session event Displaying Debugging Conditions: Example The following example shows how to display debugging conditions that have been set. Router# show debug condition Condition 1: domain cisco.com (0 flags triggered) Condition 2: username user@cisco.com (0 flags triggered) Condition 3: ip 172.19.200.10 (0 flags triggered) Additional References The following sections provide references related to ISA session monitoring and distributed conditional debugging. Related Documents Related Topic ISA commands Cisco IOS debug commands Conditional debugging Document Title Cisco IOS Intelligent Service Architecture Command Reference Cisco IOS Debug Command Reference, Release 12.3 T Conditionally Triggered Debugging chapter in the Cisco IOS Debug Command Reference, Release 12.3 T 208

Feature Information for Distributed Conditional Debugging Technical Assistance Description Technical Assistance Center (TAC) home page, containing 30,000 pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content. Link http://www.cisco.com/public/support/tac/home.shtml Feature Information for Distributed Conditional Debugging Table 22 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Release 12.2(27)SBA or later releases appear in the table. Not all commands may be available in your Cisco IOS software release. For details on when support for specific commands was introduced, see the command reference documents. If you are looking for information on a feature in this technology that is not documented here, see the Intelligent Service Architecture Features Roadmap. Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear. Note Table 22 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature. 209

Feature Information for Distributed Conditional Debugging Troubleshooting ISA with Session Monitoring and Distributed Conditional Debugging Table 22 Feature Information for ISA Session Monitoring and Distributed Conditional Debugging Feature Name Releases Feature Configuration Information ISA:I nstrumentation: Session and Flow Monitoring ISA:Instrumentation: Advanced Conditional Debugging 12.2(27)SBA 12.2(27)SBA ISA provides a mechanism for continuously monitoring interface and CPU statistics. This feature introduces the show interface monitor and show processes cpu monitor commands, which display statistics that are updated at specified intervals. The following sections provide information about this feature: ISA Session and Flow Monitoring, page 200 Monitoring ISA Sessions and Flows, page 201 ISA provides the ability to define various conditions for filtering debug output. Conditional debugging generates very specific and relevent information that can be used for session, flow, subscriber, and service diagnostics. The following sections provide information about this feature: ISA Distributed Conditional Debugging, page 200 Configuring Distributed Conditional Debugging, page 202 CCVP, the Cisco logo, and Welcome to the Human Network are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn is a service mark of Cisco Systems, Inc.; and Access Registrar, Aironet, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Enterprise/Solver, EtherChannel, EtherFast, EtherSwitch, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iphone, IP/TV, iq Expertise, the iq logo, iq Net Readiness Scorecard, iquick Study, LightStream, Linksys, MeetingPlace, MGX, Networkers, Networking Academy, Network Registrar, PIX, ProConnect, ScriptShare, SMARTnet, StackWise, The Fastest Way to Increase Your Internet Quotient, and TransPath are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0711R) Copyright 2005 Cisco Systems, Inc. All rights reserved. This module first published April 28, 2005. Last updated April 28, 2005. 210

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback