You are here: Home > CLI Commands > Just_CLI_Topics > pkt-trace

pkt-trace acl

pkt-trace acl

<name> [enable | disable] [log] [trace-hex-mask <tmask> [log-1]] [trace [recv] [send] [fast] [bridge] [route] [session] [rtsp] [station] [init] [vlan] [user] [mcast] [tunnel] [bwm] [nat] [trunk] [cp-dp-sp] [acl-processing] [heap] [event] [cp-dp-sp-message] [port] [ftp] [icmp-error] [wep-encrypt] [wep-decrypt] [ipsec-encrypt] [ipsec-decrypt] [ipsec-ctrl] [pptp] [ip-re-assembly] [wep-icmpfr] [dhcp] [mobility] [peer] [pptp-ctrl] [tkip-encrypt] [tkip-decrypt] [tkip-ctrl] [tkip-alloc-err] [sip-alg] [skinny] [vocera] [gsi] [aesccm-encrypt] [aesccm-decrypt] [netad] [xSec-ctrl] [xSec-encrypt] [xSec-decrypt] [tcp-termination] [log-2] [dpi]]

Description

Trace packets in the datapath. Use this feature only under the supervision of Aruba technical support.

Syntax

Parameter

Description

<name>

Traces packets for the specified access-control list.

enable

Enables packet tracing for the ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

disable

Disables packet tracing for the ACLAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port..

log

Writes packet trace data to log file.

tracemask <tmask>

Specify the trace mask. This value will be provided by Aruba technical support.

trace-hex-mask

Configures datapath trace mask in hexadecimal form

<tmask>

Specifies trace mask in hexadecimal form

[log-1]

Writes packet trace data to log file.

trace

Configures datapath trace options.

acl-processing

Trace mask for aclAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. functionality

aesccm-decrypt

Trace mask for aesccm-decrypt functionality

aesccm-encrypt

Trace mask for aesccm-encrypt functionality

bridge

Trace mask for bridge functionality

bwm

Trace mask for bwm functionality

cp-dp-sp

Trace mask for control path, slow path and fasth path messaging functionality

cp-dp-sp-message

Additional trace mask for control path, slow path and fasth path messaging functionality

dhcp

Trace mask for dhcp functionality

dpi

Trace mask for datapath DPIDeep Packet Inspection. DPI is an advanced method of network packet filtering that is used for inspecting data packets exchanged between the devices and systems over a network. DPI functions at the Application layer of the Open Systems Interconnection (OSI) reference model and enables users to identify, categorize, track, reroute, or stop packets passing through a network.

event

Trace mask for event functionality

fast

Trace mask for fast functionality

ftp

Trace mask for FTPFile Transfer Protocol. A standard network protocol used for transferring files between a client and server on a computer network. functionality

gsi

Trace mask for GSI functionality

heap

Trace mask for heap functionality

icmp-error

Trace mask for ICMPInternet Control Message Protocol. ICMP is an error reporting protocol. It is used by network devices such as routers, to send error messages and operational information to the source IP address when network problems prevent delivery of IP packets. error processing functionality

init

Trace mask for init functionality

ip-re-assembly

Trace mask for IP re-assembly functionality

ipsec-ctrl

Trace mask for IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.-ctrl functionality

ipsec-decrypt

Trace mask for IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.-decrypt functionality functionality

ipsec-encrypt

Trace mask for IPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.-encrypt functionality functionality

log-2

Enables writing packet trace data into log file

mcast

Trace mask for mcast functionality

mobility

Trace mask for mobility functionality

nat

Trace mask for NATNetwork Address Translation. NAT is a method of remapping one IP address space into another by modifying network address information in Internet Protocol (IP) datagram packet headers while they are in transit across a traffic routing device. functionality

netad

Trace mask for netad functionality

peer

Trace mask for peer functionality

port

Trace mask for port functionality

pptp

Trace mask for PPTPPoint-to-Point Tunneling Protocol. PPTP is a method for implementing virtual private networks. It uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets. functionality

pptp-ctrl

Trace mask for PPTPPoint-to-Point Tunneling Protocol. PPTP is a method for implementing virtual private networks. It uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.-ctrl functionality

recv

Trace mask for recv functionality

route

Trace mask for route functionality

rtsp

Trace mask for rtsp functionality

send

Trace mask for send functionality

session

Trace mask for session functionality

sip-alg

Trace mask for sip alg service functionality

skinny

Trace mask for skinny functionality

station

Trace mask for station functionality

tcp-termination

Trace mask for datapath TCPTransmission Control Protocol. TCP is a communication protocol that defines the standards for establishing and maintaining network connection for applications to exchange data.  termination functionality

tkip-alloc-err

Trace mask for TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard.-alloc-err functionality

tkip-ctrl

Trace mask for TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard.-ctrl functionality

tkip-decrypt

Trace mask for TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard.-decrypt functionality

tkip-encrypt

Trace mask for TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard.-encrypt functionality

trunk

Trace mask for trunk functionality

tunnel

Trace mask for tunnel functionality

user

Trace mask for user functionality

vlan

Trace mask for VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. functionality

vocera

Trace mask for Vocera functionality

wep-decrypt

Trace mask for WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. -decrypt functionality functionality

wep-encrypt

Trace mask for WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. -encrypt functionality functionality

wep-icmpfr

Trace mask for WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. -icmpfr functionality

xSec-ctrl

Trace mask for xSec-ctrl functionality

xSec-decrypt

Trace mask for xSec-decrypt functionality

xSec-encrypt

Trace mask for xSec-encrypt functionality

Example

The following example enables packet tracing for the traffic matching the aclAccess Control List. ACL is a common way of restricting certain types of traffic on a physical port. stateful-dot1x.

(host) [mynode] #pkt-trace acl stateful-dot1x enable trace

Command History

Release

Modification

ArubaOS 8.0.0.0

Command introduced.

Command Information

Platforms

License

Command Mode

All platforms

Base operating system.

Enable mode on Mobility Master.

/*]]>*/