mazzy
@net24.it
| [Config] 871 & 12.4(15)T3 DebugsON ? Hi, I've installed the new IOS & latest SDM 2.5
After loading SDM, an alert message pop-up about enable debugs, recommend to disable it for better performance.
I go in CLI: no debug all or undebug all.
I get reply that all the debug info are disabled, reload SDM and I get no more warning, but after a reload of the router if I relaunch SDM I'll get the same pop-up message.
so I think that the IOS image enable some debugs at the boot.
I was running the 12.4(9)T6 before but I'd like to check the status of IPS with the latest release, maybe it's no the right time to do it. | |
|
 TROLL131313
join:2004-12-21
Horsham, PA
 ·Comcast
| Re: [Config] 871 & 12.4(15)T3 DebugsON ? You are correct on the boot-up debug. IOS has to do this since it spits out info on the remote port on start up.
Have you tried the IPS migration wizard in SDM yet? It seems to work and it will even download the latest V5 signature pkg from cisco and convert them.
Overall the performance seems better now with IPS, tho time will tell. | |
|
 | 
MSN
join:2004-05-15
Osgoode, ON
| Re: [Config] 871 & 12.4(15)T3 DebugsON ? Coincidentally, I'm testing my new 871 with 12.4(15)T3 and with IPS turned on both outbound and inbound and I'm seeing absolutely no performance difference with IPS on vs. off.
Speedtest.net and speakeasy.net/speedtest both give me approximately 4200 kbps down and 600 kbps up on my ADSL connection regardless of whether IPS is scanning the packets or not. I'm seeing all kinds of detailed IPS messages in my syslog as it's doing its thing too, so I know its working.
I'm also using ZBF (Zone-Based firewall). I'm impressed and a bit surprised.
/Eric | |
|
| | jrpavel3
join:2002-03-16
UK | Re: [Config] 871 & 12.4(15)T3 DebugsON ? If you show cpu history, you will see how hard your router is working  | |
|
| | mr_dirt
join:2006-02-14
Denver, CO
| said by MSN  :I'm also using ZBF (Zone-Based firewall). I'm impressed and a bit surprised. So, what are you impressed and surprised at? Performance?
Are you running the complete sig list? | |
|
| | |
MSN
join:2004-05-15
Osgoode, ON
| Re: [Config] 871 & 12.4(15)T3 DebugsON ? I'm running the complete "basic" list per the SDM's recommendations. Since the 871 only has 128 MB RAM, the advanced list will cause memory faults when traffic is high.
That said, I've only disabled two signatures. Cisco recently announced a TTL vulnerability in their IOS and two of the signatures matched against this type of DoS attack. I was getting too many false positives (mainly from UPnP and dynamic routing protocol...basically IP multicast) so I turned 'em off.
As I said in my 1st post, what impresses me most is that througput doesn't seem to be affected in the least with the IPS engines (13 of them) all turned on.
/Eric | |
|
| | | | mr_dirt
join:2006-02-14
Denver, CO | Re: [Config] 871 & 12.4(15)T3 DebugsON ? Thanks for the details. | |
|
| | | | |
MSN
join:2004-05-15
Osgoode, ON | Re: [Config] 871 & 12.4(15)T3 DebugsON ? You're welcome.
Also, I'm running 384 signatures.
/Eric | |
|
jrpavel3
join:2002-03-16
UK | I think that it may be the wireless that has some debugging switched on.
Try show debugging? | |
|
| mash_man
join:2004-08-16
1602HC | Re: [Config] 871 & 12.4(15)T3 DebugsON ? You are correct,
Dot11 debugging is enabled by default. | |
|
Euphrates
join:2007-04-30
Bellingham, WA
| Sorry to resurrect this thread but I'm coming across the same problem with debugs. I'm running 12.4(15)T4 Advanced IP Services. I'm noticing the same problem with dot11 debugs being enabled by default at boot. I tried the "no debug dot11 syslog" command a a reload but it seems to start on it's own at boot. I'm thinking I will have to create a config with that command in it at the end of the config string and see if that disables dot11 syslog debugging at the moment the startup config is pulled into running config. I will let you all know how it goes...unless someone has already come up with a solution to this issue. | |
|
| Euphrates
join:2007-04-30
Bellingham, WA
| Re: [Config] 871 & 12.4(15)T3 DebugsON ? Nope, it didn't seem to work. When I boot up, I get the following:
no debug dot11 syslog
-----^
% Invalid input detected at '^' marker.
I had the command configured like so:
!
no debug dot11 syslog
!
end
I added the (!) to separate this test command from my normal configs.
***Note***
Because of the way posts are formated, I had to add the (-) in there up to the point that it shows the (^). | |
|
|
|
|
