Manualshelf

Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentC8510-SRP - Switch Route Processor
311312313314315316317318319320
10-48
ATM and Layer 3 Switch Router Troubleshooting Guide
OL-1969-01
Chapter 10 Troubleshooting Ethernet, ATM Uplink, and POS Uplink Interfaces
Troubleshooting ACL Daughter Card
Step 2 Use the show access-lists command to confirm the status and configuration of the access lists configured
on the Layer 3 enabled ATM switch router.
Switch# show access-lists 110
Extended IP access list 110
permit ip host 20.0.11.1 host 20.0.11.2
permit ip host 20.0.11.2 host 20.0.11.1
For detailed information about access list filters and their configuration, refer to the Configuring IP
Services chapter in the Cisco IOS IP and IP Routing Configuration Guide.
Step 3 Use the show epc acl lookup command for a specific interface and IP addresses to display the response
of the access list daughter card to a connection attempt from a source IP address to a destination.
In the following example, the packets are allowed to cross the switch router:
Switch# show epc acl lookup in fastEthernet 11/0/0 ip 20.0.11.1 20.0.11.2
Input IP ACL lookup on FastEthernet11/0/0:Label:1 Index:42
DestIP:20.0.11.2 SrcIP:20.0.11.1 DestPort:0 SrcPort:0
Proto:256 Precedence:0x0 TOS:0x0 TCPFLAGS:0x0
ICMP type:0 code:0 IGMP type:0
Lookup Key:
00000000 00000100 00001400 0B011400 0B020000 323A3337 45000000 2053756E 00000000 002A0001
TCAM Result:80420223 80400000
Lookup got hit at
[V:0x11C00000 M:0x12C00000][0 IP] permit ip host 20.0.11.1 host 20.0.11.2
Packet will be permitted
In the following example, the packets are denied access to cross the switch router:
Switch# show epc acl lookup in fastEthernet 11/0/0 ip 20.0.11.1 20.0.11.3
Input IP ACL lookup on FastEthernet11/0/0:Label:1 Index:42
DestIP:20.0.11.3 SrcIP:20.0.11.1 DestPort:0 SrcPort:0
Proto:256 Precedence:0x0 TOS:0x0 TCPFLAGS:0x0
ICMP type:0 code:0 IGMP type:0
Lookup Key:
00000000 00000100 00001400 0B011400 0B030000 353A3439 45000000 2053756E 00000000 002A0001
TCAM Result:80422441 00400010
Lookup got hit at
[V:0x11C00000 M:0x12C00000][0 IP] deny ip host 20.0.11.1 host 20.0.11.2
Packet will be denied