Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Want to monitor smtp traffic

Status
Not open for further replies.
pgaliardo

pgaliardo

MIS
Nov 30, 2004
887
Suddenly we are having trouble sending e-mail from our domain. There are tons of variables that it could be, but one variable I would like to eliminate is our Cisco 2600. I am getting connection time outs to remote domains. I am not sure if it is an Internet problem, or if the packets ever actually get outside the router. Is there anyway I can monitor smtp traffic through the router and see if it is actually getting to the outside? Any help would be greatly appreciated.

Thanks.
 
Sort by date Sort by votes
Not sure on the monitoring but you should also check the following:
do a "show process cpu history" to make sure CPU is not getting maxxed out
and
do a "show arp" and make sure your arp cahce has not grown so enormous that it is causing problems.

Think you can create an access list to allow, or if you already have one, SMTP traffic out then you can enable terminal monitor and debug that access list.
 
Upvote 0 Downvote
On the router create an extended ACL, for example:

access-list 100 permit any any eq smtp. Type 'show logging' and verify you have logging level of debugging set for either the console, monitor or buffer. If not, set the appropriate level using the 'logging buffer 7' (this will store the log to the routers log) or 'logging monitor 7' (this will present the data to a telnet session)

On your router, type 'debug ip packet 100'. and retry your SMTP test.

If your is receiving the SMTP packet and forwarding it you will see something like the following:

Mar 15 10:14:55.716: IP: tableid=0, s=145.227.36.2 (FastEthernet0), d=212.44.60.
20 (Dialer0), routed via RIB
Mar 15 10:14:55.716: IP: s=62.60.105.63 (FastEthernet0), d=212.44.60.20 (Dialer0
), g=212.44.60.20, len 48, forward
Mar 15 10:14:56.256: IP: tableid=0, s=145.227.36.2 (FastEthernet0), d=212.44.60.
20 (Dialer0), routed via RIB
Mar 15 10:14:56.256: IP: s=62.60.105.63 (FastEthernet0), d=212.44.60.20 (Dialer0
), g=212.44.60.20, len 48, forward
Mar 15 10:14:56.756: IP: tableid=0, s=145.227.36.2 (FastEthernet0), d=212.44.60.
20 (Dialer0), routed via RIB

Note the 'forward' remark in the output. This proves the router is forwarding the SMTP packet.

Disable the debug using the 'undebug all' command.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

B
  • Locked
  • Question
Cisco IP phone 7841 8851 unable to forward all to external number
Replies
0
Views
225
badwolf1686
B
CPM86
  • Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
362
CPM86
CPM86
Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
409
Luzbel
Luzbel
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
573
madwok
madwok
quazimotto
  • Locked
  • Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
251
quazimotto
quazimotto

Part and Inventory Search

Sponsor

Back
Top