이 섹션 아래에서 기존 디버깅 명령 외에 Secure Firewall 3100 관련 CLI에 대해 설명합니다.
- show portmanager
- 스위치드, 패킷, SFP-FEC 카운터, 디지털 옵티컬 모니터링, QOS 기능, CPSS AP 및 순환 로그 덤프에 대한 세부 정보를 표시합니다.
- 예를 들면 다음과 같습니다.
- 다음 CLI는 vtcam-tti의 FXOS 포트 관리자 스위치 하드웨어 TCAM 규칙 덤프를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules hardware vtcam-tti detail
VTCAM_RULE_ID VLAN SRC_PORT PORTCHANNEL_ID FLAGS MODE REF_COUNT
1 21 0 2 0 2 5 3
2 3078 0 0 0 0 0 1
3 3077 0 0 0 0 0 1
4 3076 0 0 0 0 0 1
5 3075 0 0 0 0 0 1
6 3074 0 0 0 0 0 1
7 3073 0 0 0 0 0 1
8 1 0 0 0 0 0 1
9 18 102 0 0 24 8 1
10 5 157 0 0 24 8 1
11 31 0 12 0 2 5 3
12 15 105 0 0 24 8 1
13 9 111 0 0 24 8 1
14 13 107 0 0 24 8 1
15 26 0 7 0 2 5 3
16 29 0 10 0 2 5 3
17 23 0 4 0 2 5 3
18 19 101 0 0 24 8 1
19 30 0 11 0 2 5 3
20 28 0 9 0 2 5 3
21 4 156 0 0 24 8 1
22 34 0 15 0 2 5 3
23 6 158 0 0 24 8 1
24 8 112 0 0 24 8 1
25 24 0 5 0 2 5 3
26 14 106 0 0 24 8 1
27 32 0 13 0 2 5 3
28 25 0 6 0 2 5 3
29 12 0 0 9 6 5 2
30 20 0 1 0 2 5 3
31 11 109 0 0 24 8 1
32 27 0 8 0 2 5 3
33 17 103 0 0 24 8 1
34 22 0 3 0 2 5 3
35 16 104 0 0 24 8 1
36 3 0 19 0 26 8 1
37 35 0 16 0 2 5 3
38 33 0 14 0 2 5 3
39 7 159 0 0 24 8 1
40 2 0 17 0 26 8 1
41 10 110 0 0 24 8 1
- 다음 CLI는 FXOS 포트 관리자 스위치 VLAN 출력을 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch vlans
VLAN Ports Tag MAC-Learning FDB-mode
----- ----------------------------------------------------- -------- -------------- ---------
1 0/17,19 pop_outer_tag Control FID
2 0/1-16,18 outer_tag0_inner_tag1 Control FID
0/20 pop_outer_tag
3 0/1-16,18 outer_tag0_inner_tag1 Control FID
4 0/1-16,18 outer_tag0_inner_tag1 Control FID
5 0/1-16,18 outer_tag0_inner_tag1 Control FID
6 0/1-16,18 outer_tag0_inner_tag1 Control FID
7 0/1-16,18 outer_tag0_inner_tag1 Control FID
8 0/1-16,18 outer_tag0_inner_tag1 Control FID
- 다음 CLI는 포트 채널 인터페이스 요약을 확인하는 데 도움이 됩니다.
firepower-3140(local-mgmt)# show por
portchannel portmanager
firepower-3140(local-mgmt)# show portchannel summary
Flags: D - Down P - Up in port-channel (members)
I - Individual H - Hot-standby (LACP only)
s - Suspended r - Module-removed
S - Switched R - Routed
U - Up (port-channel)
M - Not in use. Min-links not met
-------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
3 Po3(U) Eth LACP Eth1/3(P)
2 Po2(U) Eth LACP Eth1/2(P)
LACP KeepAlive Timer:
--------------------------------------------------------------------------------
Channel PeerKeepAliveTimerFast
--------------------------------------------------------------------------------
3 Po3(U) False
2 Po2(U) False
Cluster LACP Status:
--------------------------------------------------------------------------------
Channel ClusterSpanned ClusterDetach ClusterUnitID ClusterSysID
--------------------------------------------------------------------------------
3 Po3(U) False False 0
2 Po2(U) False False 0
</pre>
- 다음 CLI는 포트 채널 로드 밸런싱 방법을 표시합니다.
-
firepower-3140(local-mgmt)# show portchannel load-balance
PortChannel Load-Balancing Configuration:
src-dst ip-l4port
PortChannel Load-Balancing Configuration Used Per-Protocol:
Non-IP: src-dst mac
IP: src-dst ip-l4port
</pre>
- 다음 CLI는 FXOS 시스템 프로세스의 상태를 표시합니다.
-
firepower-3140(local-mgmt)# show pmon state
SERVICE NAME STATE RETRY(MAX) EXITCODE SIGNAL CORE
------------ ----- ---------- -------- ------ ----
svc_sam_dme running 0(4) 0 0 no
svc_sam_dcosAG running 0(4) 0 0 no
svc_sam_portAG running 0(4) 0 0 no
svc_sam_statsAG running 0(4) 0 0 no
httpd.sh running 0(4) 0 0 no
svc_sam_sessionmgrAG running 0(4) 0 0 no
sam_core_mon running 0(4) 0 0 no
svc_sam_svcmonAG running 0(4) 0 0 no
svc_sam_serviceOrchAG running 0(4) 0 0 no
svc_sam_appAG running 0(4) 0 0 no
svc_sam_envAG running 0(4) 0 0 no
svc_sam_npuAG running 0(4) 0 0 no
svc_sam_eventAG running 0(4) 0 0 no
- 다음 CLI는 이더넷 1/1 포트와 일치하는 vtcam-tti 단계의 스위치 하드웨어 TCAM 규칙 덤프를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules hardware vtcam-tti ethernet 1 1
RULE_ID VLAN SRC_PORT PC_ID SRC_ID MODE PAK_CNT
1 20 0 1 0 101 0 151
- 다음 CLI는 vlan 0과 일치하는 vtcam-tti 단계의 스위치 하드웨어 TCAM 규칙 덤프를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules hardware vtcam-tti vlan 0
RULE_ID VLAN SRC_PORT PC_ID SRC_ID MODE PAK_CNT
1 2 0 17 0 17 0 1709
2 3 0 19 0 19 0 1626
3 4 0 16 0 0 0 0
4 5 0 15 0 0 0 0
5 6 0 14 0 0 0 0
6 7 0 13 0 0 0 0
7 8 0 12 0 0 0 0
8 9 0 11 0 0 0 0
9 10 0 10 0 0 0 0
10 11 0 9 0 0 0 0
11 12 0 8 0 0 0 0
12 13 0 7 0 0 0 0
13 14 0 6 0 0 0 0
14 15 0 5 0 0 0 0
15 16 0 4 0 0 0 0
16 17 0 3 0 0 0 0
17 18 0 2 0 0 0 0
18 19 0 1 0 0 0 0
19 20 0 1 0 101 0 166
20 21 0 2 0 102 0 1597
21 22 0 3 0 103 0 0
22 23 0 4 0 104 0 0
23 24 0 5 0 105 0 0
24 25 0 6 0 106 0 0
25 26 0 7 0 107 0 0
26 27 0 8 0 108 0 0
27 28 0 9 0 109 0 0
28 29 0 10 0 110 0 0
29 30 0 11 0 111 0 0
30 31 0 12 0 112 0 0
31 32 0 13 0 159 0 0
32 33 0 14 0 158 0 0
33 34 0 15 0 157 0 0
34 35 0 16 0 156 0 0
35 1 0 17 0 0 0 0
- 다음 CLI는 하드웨어 MAC 필터/EM 단계 규칙에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules hardware mac-filter detail
EM Entry-No : 1
VLAN : 0
SRC_PORT : 17
PC_ID : 0
SRC_ID : 17
DST_PORT : 19
HW_ID : 3072
ACT_CMD : 0
PCL_ID : 1
REDIRECT_CMD : 1
BYPASS_BRG : 1
CND_INDEX : 3074
PACKET_COUNT : 1977
DMAC : 00:00:00:00:00:00
EM Entry-No : 2
VLAN : 0
SRC_PORT : 19
PC_ID : 0
SRC_ID : 19
DST_PORT : 17
HW_ID : 3074
ACT_CMD : 0
PCL_ID : 1
REDIRECT_CMD : 1
BYPASS_BRG : 1
CND_INDEX : 3075
PACKET_COUNT : 1858
DMAC : 00:00:00:00:00:00
- 다음 CLI는 이더넷 1/9 포트와 일치하는 mac-filter 단계의 스위치 하드웨어 TCAM 규칙 덤프를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules hardware mac-filter ethernet 1 9
VLAN SRC_PORT PC_ID SRC_ID DST_PORT PKT_CNT DMAC
1 0 9 0 109 1536 0 1:80:c2:0:0:2
- 다음 CLI는 소프트웨어 MAC 필터에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules software mac-filter detail
VLAN SRC_PORT PORTCHANNEL_ID DST_PORT FLAGS MODE DMAC
1 0 17 0 19 26 8 0:0:0:0:0:0
2 0 9 0 1536 2 5 1:80:c2:0:0:2
3 104 0 0 4 24 8 0:0:0:0:0:0
4 0 7 0 1536 2 5 1:80:c2:0:0:2
5 101 0 0 1 24 8 0:0:0:0:0:0
6 0 1 0 1536 2 5 1:80:c2:0:0:2
7 0 3 0 1536 2 5 1:80:c2:0:0:2
8 106 0 0 6 24 8 0:0:0:0:0:0
9 158 0 0 14 24 8 0:0:0:0:0:0
10 0 13 0 1536 2 5 1:80:c2:0:0:2
11 0 14 0 1536 2 5 1:80:c2:0:0:2
12 0 6 0 1536 2 5 1:80:c2:0:0:2
13 0 8 0 1536 2 5 1:80:c2:0:0:2
14 112 0 0 12 24 8 0:0:0:0:0:0
15 107 0 0 7 24 8 0:0:0:0:0:0
16 0 19 0 17 26 8 0:0:0:0:0:0
17 0 12 0 1536 2 5 1:80:c2:0:0:2
18 0 5 0 1536 2 5 1:80:c2:0:0:2
19 102 0 0 2 24 8 0:0:0:0:0:0
20 156 0 0 16 24 8 0:0:0:0:0:0
21 103 0 0 3 24 8 0:0:0:0:0:0
22 0 11 0 1536 2 5 1:80:c2:0:0:2
23 157 0 0 15 24 8 0:0:0:0:0:0
24 111 0 0 11 24 8 0:0:0:0:0:0
25 0 10 0 1536 2 5 1:80:c2:0:0:2
26 108 0 0 8 24 8 0:0:0:0:0:0
27 159 0 0 13 24 8 0:0:0:0:0:0
28 110 0 0 10 24 8 0:0:0:0:0:0
29 105 0 0 5 24 8 0:0:0:0:0:0
30 0 2 0 1536 2 5 1:80:c2:0:0:2
31 0 4 0 1536 2 5 1:80:c2:0:0:2
32 0 16 0 1536 2 5 1:80:c2:0:0:2
33 109 0 0 9 24 8 0:0:0:0:0:0
34 0 15 0 1536 2 5 1:80:c2:0:0:2
- 다음 CLI는 이더넷1/9 포트와 일치하는 mac-filter 단계의 스위치 소프트웨어 DB 규칙을 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch forward-rules software mac-filter ethernet 1 9
VLAN SRC_PORT PORTCHANNEL_ID DST_PORT FLAGS MODE DMAC
1 0 9 0 1536 2 5 1:80:c2:0:0:2
- 다음 CLI는 스위치 브리지 엔진 패킷 삭제에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch counters bridge
Bridge Ingress Drop Counter: 2148
No Bridge Ingress Drop
- 다음 CLI는 하드웨어 스위치 패킷 카운터의 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch counters packet-trace
Counter Description
---------------------- ---------------------------------------------------------
goodOctetsRcv Number of ethernet frames received that are not bad
ethernet frames or MAC Control pkts
badOctetsRcv Sum of lengths of all bad ethernet frames received
gtBrgInFrames Number of packets received
gtBrgVlanIngFilterDisc Number of packets discarded due to VLAN Ingress Filtering
gtBrgSecFilterDisc Number of packets discarded due to
Security Filtering measures
gtBrgLocalPropDisc Number of packets discarded due to reasons other than
VLAN ingress and Security filtering
dropCounter Ingress Drop Counter
outUcFrames Number of unicast packets transmitted
outMcFrames Number of multicast packets transmitted. This includes
registered multicasts, unregistered multicasts
and unknown unicast packets
outBcFrames Number of broadcast packets transmitted
brgEgrFilterDisc Number of IN packets that were Bridge Egress filtered
txqFilterDisc Number of IN packets that were filtered
due to TxQ congestion
outCtrlFrames Number of out control packets
(to cpu, from cpu and to analyzer)
egrFrwDropFrames Number of packets dropped due to egress
forwarding restrictions
goodOctetsSent Sum of lengths of all good ethernet
frames sent from this MAC
Counter Source port- 0/0 Destination port- 0/0
----------------------- --------------------- ---------------------
goodOctetsRcv --- ---
badOctetsRcv --- ---
Ingress counters
gtBrgInFrames 6650 6650
gtBrgVlanIngFilterDisc 0 0
gtBrgSecFilterDisc 0 0
gtBrgLocalPropDisc 0 0
dropCounter 2163 Only for source-port
Egress counters
outUcFrames 0 0
outMcFrames 2524 2524
outBcFrames 1949 1949
brgEgrFilterDisc 14 14
txqFilterDisc 0 0
outCtrlFrames 0 0
egrFrwDropFrames 0 0
goodOctetsSent --- --- #
- 다음 CLI는 CPU의 스위치 트래픽에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch traffic cpu
Dev/RX queue packets bytes
------------ ---------- ----------
0/0 0 0
0/1 0 0
0/2 0 0
0/3 0 0
0/4 0 0
0/5 0 0
0/6 0 0
0/7 0 0 #
- 다음 CLI는 하드웨어 스위치 포트 트래픽의 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch traffic port
max-rate - pps that the port allow with packet size=64
actual-tx-rate - pps that egress the port (+ % from 'max')
actual-rx-rate - pps that ingress the port(+ % from 'max')
Dev/Port max-rate actual-tx-rate actual-rx-rate
--------- -------- --------------- ---------------
0/1 1488095 (0%)--- (0%)---
0/2 1488095 (0%)--- (0%)---
0/3 14880 (0%)--- (0%)---
0/4 14880 (0%)--- (0%)---
0/5 14880 (0%)--- (0%)---
0/6 14880 (0%)--- (0%)---
0/7 14880 (0%)--- (0%)---
0/8 14880 (0%)--- (0%)---
0/9 14880952 (0%)--- (0%)---
0/10 14880952 (0%)--- (0%)---
0/11 14880952 (0%)--- (0%)---
0/12 14880952 (0%)--- (0%)---
0/13 14880952 (0%)--- (0%)---
0/14 14880952 (0%)--- (0%)---
0/15 1488095 (0%)--- (0%)---
0/16 1488095 (0%)--- (0%)---
0/17 14880952 (0%)--- (0%)---
0/18 74404761 (0%)--- (0%)---
0/19 37202380 (0%)--- (0%)---
0/20 37202380 (0%)--- (0%)---
- 다음 CLI는 이더넷 1/13 포트와 일치하는 SFP-FEC 카운터에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager counters ethernet 1 13
Good Octets Received : 2153
Bad Octets Received : 0
MAC Transmit Error : 0
Good Packets Received : 13
Bad packets Received : 0
BRDC Packets Received : 0
MC Packets Received : 13
.........
.........
txqFilterDisc : 0
linkchange : 1
FcFecRxBlocks : 217038081
FcFecRxBlocksNoError : 217038114
FcFecRxBlocksCorrectedError : 0
FcFecRxBlocksUnCorrectedError : 0
FcFecRxBlocksCorrectedErrorBits : 0
FcFecRxBlocksCorrectedError0 : 0
FcFecRxBlocksCorrectedError1 : 0
FcFecRxBlocksCorrectedError2 : 0
FcFecRxBlocksCorrectedError3 : 0
FcFecRxBlocksUnCorrectedError0 : 0
FcFecRxBlocksUnCorrectedError1 : 0
FcFecRxBlocksUnCorrectedError2 : 0
FcFecRxBlocksUnCorrectedError3 : 0
- 다음 CLI는 이더넷 1/14 포트와 일치하는 SFP-FEC 카운터 관련 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager counters ethernet 1 14
Good Octets Received : 2153
Bad Octets Received : 0
MAC Transmit Error : 0
Good Packets Received : 13
Bad packets Received : 0
BRDC Packets Received : 0
MC Packets Received : 13
.....
.....
txqFilterDisc : 0
linkchange : 1
RsFeccorrectedFecCodeword : 0
RsFecuncorrectedFecCodeword : 10
RsFecsymbolError0 : 5
RsFecsymbolError1 : 0
RsFecsymbolError2 : 0
RsFecsymbolError3 : 0
- 다음 CLI는 이더넷 1/5 포트와 일치하는 디지털 광학 모니터링 정보에 대한 세부 정보를 표시합니다.
-
firepower-4245(local-mgmt)# show portmanager port-info ethernet 1 5
....
....
DOM info:
========:
Status/Control Register: 0800
RX_LOS State: 0
TX_FAULT State: 0
Alarm Status: 0000
No active alarms
Warning Status: 0000
No active warnings
THRESHOLDS
high alarm high warning low warning low alarm
Temperature C +075.000 +070.000 +000.000 -05.000
Voltage V 003.6300 003.4650 003.1350 002.9700
Bias Current mA 012.0000 011.5000 002.0000 001.0000
Transmit power mW 034.6740 017.3780 002.5120 001.0000
Receive power mW 034.6740 017.3780 001.3490 000.5370
Environmental Information - raw values
Temperature: 38.84 C
Supply voltage: 33703 in units of 100uVolt
Tx bias: 3499 in units of 2uAmp
Tx power: 0.1 dBm (10251 in units of 0.1 uW)
Rx power: -0.9 dBm (8153 in units of 0.1 uW)
DOM (256 bytes of raw data in hex)
=====================================
0x0000 : 4b 00 fb 00 46 00 00 00 8d cc 74 04 87 5a 7a 76
0x0010 : 17 70 01 f4 16 76 03 e8 87 72 03 e8 43 e2 09 d0
0x0020 : 87 72 02 19 43 e2 05 45 00 00 00 00 00 00 00 00
0x0030 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0040 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0050 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86
0x0060 : 26 54 83 a7 0d ab 28 0b 1f d9 00 00 00 00 08 00
0x0070 : 00 00 03 00 00 00 00 00 08 f3 00 00 00 00 00 01
0x0080 : 49 4e 55 49 41 43 53 45 41 41 31 30 2d 33 33 38
0x0090 : 38 2d 30 31 56 30 31 20 01 00 46 00 00 00 00 e3
0x00a0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00b0 : 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x00c0 : 53 46 50 2d 31 30 2f 32 35 47 2d 43 53 52 2d 53
0x00d0 : 20 20 20 20 30 38 00 00 00 00 00 00 00 00 00 d1
0x00e0 : 1e 20 2a 2a 31 34 29 36 00 00 00 00 00 00 00 00
0x00f0 : 00 00 00 00 00 56 00 00 ff ff ff ff 00 00 00 cf
=====================================
PHY Data:
PAGE IFC OFFSET VALUE | PAGE IFC OFFSET VALUE
---- --- ------ ----- | ---- --- ------ -----
- 다음 CLI는 패킷 캡처에 대해 설정된 매개변수에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch pktcap-rules software
Software DB rule:1
Slot= 1
Interface= 12
Breakout-port= 0
Protocol= 6
Ethertype= 0x0000
Filter_key= 0x00000040
Session= 1
Vlan= 0
SrcPort= 0
DstPort= 0
SrcIp= 0.0.0.0
DstIp= 0.0.0.0
SrcIpv6= ::
DestIpv6= ::
SrcMacAddr= 00:00:00:00:00:00
DestMacAddr= 00:00:00:00:00:00
- 다음 CLI는 FXOS 포트 관리자 스위치 하드웨어 TCAM 규칙에 대한 세부 정보를 표시합니다.
-
firepower-3140(local-mgmt)# show portmanager switch pktcap-rules hardware
Hardware DB rule:1
Hw_index= 15372
Rule_id= 10241
Cnc_index= 1
Packet_count= 0
Slot= 1
Interface= 12
Protocol= 6
Ethertype= 0x0000
Vlan= 0
SrcPort= 0
DstPort= 0
SrcIp= 0.0.0.0
DstIp= 0.0.0.0
SrcIpv6= ::
DestIpv6= ::
SrcMacAddr= 00:00:00:00:00:00
DestMacAddr= 00:00:00:00:00:00
- 다음은 QOS 기능에 대한 세부 정보를 표시합니다.
-
firepower(local-mgmt)# show portmanager switch qos-rule policer counters
Policer_type green(pass_count) yellow(pass_count) red(drop_count)
--------------------------------------------------------------------------
OSPF 102025351 17832 590
780
Policer_type green(pass_count) yellow(pass_count) red(drop_count)
--------------------------------------------------------------------------
CCL_CLU 0 0 0
Policer_type green(pass_count) yellow(pass_count) red(drop_count)
--------------------------------------------------------------------------
BFD 61343307 0 0
Policer_type green(pass_count) yellow(pass_count) red(drop_count)
--------------------------------------------------------------------------
HA 0 0 0
Policer_type green(pass_count) yellow(pass_count) red(drop_count)
--------------------------------------------------------------------------
CCL_CONTROL 0 0 0
- 다음 CLI는 우선순위가 높은 트래픽이 TCAM에 도달했는지 확인합니다.
-
firepower(local-mgmt)# show portmanager switch qos-rule counters
Rule_no Rule_id Rule_type pass_count
---------------------------------------------
1 9218 SW_QOS_BFD 0
Rule_no Rule_id Rule_type pass_count
---------------------------------------------
2 9216 SW_QOS_OSPF 102633941
Rule_no Rule_id Rule_type pass_count
---------------------------------------------
3 9217 SW_QOS_BFD 61343307
- 다음 CLI는 이더넷 1/10 포트와 일치하는 디바이스당 대기열별 CPU 통계를 표시합니다.
-
firepower(local-mgmt)# show queuing interface ethernet 1 10
Queue Traffic-type Scheduler-type oper-bandwidth Destination
-----------------------------------------------------------------------
3 Data WRR 100 Application
4 CCL-CLU SP 0 Application
5 BFD SP 0 Application
6 OSPF SP 0 Application
7 CCL-CONTROL/HA/LACP_Tx SP 0 Application
0 packet-capture N/A 0 CPU
7 LACP_Rx N/A 0 CPU
Port 1/10 Queue Statistics:
Queue 0:
Number of packets passed : 0
Number of packets dropped: 0
Queue 1:
Number of packets passed : 0
Number of packets dropped: 0
Queue 2:
Number of packets passed : 0
Number of packets dropped: 0
Queue 3:
Number of packets passed : 466420167
Number of packets dropped: 0
Queue 4:
Number of packets passed : 0
Number of packets dropped: 0
Queue 5:
Number of packets passed : 0
Number of packets dropped: 0
Queue 6:
Number of packets passed : 41536261
Number of packets dropped: 0
Queue 7:
Number of packets passed : 912
Number of packets dropped: 0
CPU Statistics:
Queue 2:
Number of packets passed : 180223
Number of packets dropped: 0
Queue 7:
Number of packets passed : 1572
Number of packets dropped: 0
- 다음 CLI는 내부 1/1 포트와 일치하는 디바이스당 대기열별 CPU 통계를 표시합니다.
-
firepower(local-mgmt)# show queuing interface internal 1 1
Queue Traffic-type Scheduler-type oper-bandwidth Destination
-----------------------------------------------------------------------
3 Data WRR 100 Application
4 CCL-CLU SP 0 Application
5 BFD SP 0 Application
6 OSPF SP 0 Application
7 CCL-CONTROL/HA/LACP_Tx SP 0 Application
0 packet-capture N/A 0 CPU
7 LACP_Rx N/A 0 CPU
Port 1/18 Queue Statistics:
Queue 0:
Number of packets passed : 0
Number of packets dropped: 0
Queue 1:
Number of packets passed : 0
Number of packets dropped: 0
Queue 2:
Number of packets passed : 0
Number of packets dropped: 0
Queue 3:
Number of packets passed : 17
Number of packets dropped: 0
Queue 4:
Number of packets passed : 0
Number of packets dropped: 0
Queue 5:
Number of packets passed : 0
Number of packets dropped: 0
Queue 6:
Number of packets passed : 5151
Number of packets dropped: 0
Queue 7:
Number of packets passed : 17345
Number of packets dropped: 0
CPU Statistics:
Queue 2:
Number of packets passed : 180223
Number of packets dropped: 0
Queue 7:
Number of packets passed : 1572
Number of packets dropped: 0
Note:The CPU statistics are per Queue per Device
- 다음 CLI는 덤프 AP 로그 옵션 에 대한 세부 정보를 표시합니다.
-
firepower-3110(local-mgmt)# dump portmanager switch ap-log
requested log has been dumped to /opt/cisco/platform/logs/portmgr.out*
firepower-3110(local-mgmt)# dump portmanager switch cyclic-log
requested log has been dumped to /opt/cisco/platform/logs/portmgr.out*
- 다음 CLI는 포트 관리자에 대한 자세한 정보 로깅을 활성화하거나 비활성화하는 방법에 대한 세부 정보를 표시합니다.
-
firepower-3110(local-mgmt)# debug portmanager switch
all Enable or Disable verbose logging for switch
firepower-3110(local-mgmt)# debug portmanager switch all
firepower-3110(local-mgmt)#
firepower-3110(local-mgmt)# no debug portmanager switch all
firepower-3110(local-mgmt)#
- 다음 CLI는 8개 트래픽 클래스/대기열의 포트 기반 패킷 삭제에 대한 세부 정보를 표시합니다.
-
firepower-3110(local-mgmt)# show portmanager switch tail-drop-allocated buffers all
-------------------------------------------------------------------------------------------------
| | Per Port and Traffic Class |
Port | Per port | TC0 | TC1 | TC2 | TC3 | TC4 | TC5 | TC6 | TC7 |
-----|----------|---------|---------|---------|---------|---------|---------|---------|---------|
0/1 |10 |10 |0 |0 |0 |0 |0 |0 |0 |
0/2 |15 |5 |5 |5 |0 |0 |0 |0 |0 |
0/3 |0 |0 |0 |0 |0 |0 |0 |0 |0 |
0/4 |80 |0 |0 |0 |0 |0 |0 |0 |80 |
0/5 |0 |0 |0 |0 |0 |0 |0 |0 |0 |
0/6 |0 |0 |0 |0 |0 |0 |0 |0 |0 |
0/7 |200 |25 |25 |50 |0 |0 |25 |50 |25 |
0/8 |0 |0 |0 |0 |0 |0 |0 |0 |0 |
-------------------------------------------------------------------------------------------------
- 다음 CLI는 tti-lookup0으로 인해 삭제된 패킷 수를 표시합니다.
-
firepower-3110(local-mgmt)# show portmanager switch default-rule-drop-counter tti-lookup0
Rule_id cnc_index packet_count
-------------------------------------
1 1 4
- 다음 CLI는 ipcl-lookup0으로 인해 삭제된 패킷 수를 표시합니다.
-
firepower-3110(local-mgmt)# show portmanager switch default-rule-drop-counter ipcl-lookup0
Rule_id cnc_index packet_count
-------------------------------------
4096 0 114
피드백