[Bert Driehuis <driehuis@xxxxxxxxxxxxx>]

On Sun, 15 Oct 2000, Paul Ionescu wrote:

> I discovered some time ago that there is a undocumented command on Cisco
> routers that lets one to "capture" ip packets in hex dump.
> The command is: debug ip packet dump
> The output is sent via the normal logging methods and can be stored on
> a  syslog server for further analisys.

I would *strongly* recommend against using this command unless you
really know what you're doing and/or don't mind a router reboot.

It is very easy to lose control of the router, because it can saturate
both the serial link and the CPU given sufficient load on the circuits,
and you may need physical access to the router to recover from this
condition. If you're lucky, the task gets killed by the executive, if
not, the router locks up.

I've seen someone do this to a router in South Africa. He didn't
appreciate my suggestion he should bike over there and fix it.

The SNMP capture has resource usage limitations built in; I'd suggest
using that if this functionality is required.

Cheers,

				-- Bert

Bert Driehuis -- driehuis@xxxxxxxxxxxxx -- +31-20-3116119
If the only tool you've got is an axe, every problem looks like fun!