Debug ip traffic

What happens if you use the debug ip packet command on a router? Don't try it! This command can actually bring an entire production router down.

However, when used properly, this command can be a very helpful tool. For example, you can use debug ip packet with an ACL. And, you can even ask for details.

So, let's say you want to view only traffic from host 1.1.1.1 to host 2.2.2.2 that was using port 80. Being very careful, you could see it using debug ip packet and an ACL. Here's an example:

Router(config)# access-list 101 deny ip host 1.1.1.1 host 2.2.2.2 eq 80
Router(config)# exit

Router# debug ip packet detail 101

IP packet debugging is on (detailed) for access list 101

In this example, you have a rudimentary packet sniffer that gives information on TCP port number (src/dest), sequence number, ack, window, and flag information. In addition, this is for the entire router — not just a single interface.