trace object
Function
The trace object command creates a diagnosis object.
The undo trace object command deletes a diagnosis object.
By default, no diagnosis object is created. If you do not specify the direction at which information is exported, the default direction is the CLI.
Format
trace object { mac-address mac-address | ip-address ip-address [ vpn-instance vpn-instance-name ] | interface interface-type interface-number | user-vlan user-vlan-id [ qinq-vlan qinq-vlan-id ] | user-name user-name | access-mode { dot1x | mac-authen | portal | wlan } } * [ process-wlan ] [ output { command-line | file file-name | syslog-server syslog-server-ip } ]
undo trace object { mac-address mac-address | ip-address ip-address [ vpn-instance vpn-instance-name ] | interface interface-type interface-number | user-vlan user-vlan-id [ qinq-vlan qinq-vlan-id ] | user-name user-name | access-mode { dot1x | mac-authen | portal | wlan } } * [ process-wlan ] [ output { command-line | file [ file-name ] | syslog-server [ syslog-server-ip ] } ]
undo trace object { service-object-id | all }
The access-mode wlan and process-wlan parameters are only supported by S5730-HI, S5731-H, S5731S-H, S6730-H, S6730S-H, S5732-H, S6720-HI, and S5720-HI.
Parameters
| Parameter | Description | Value |
|---|---|---|
mac-address mac-address |
Creates a diagnosis object based on the MAC address. |
The value is in the format of H-H-H, in which H is a hexadecimal number of 1 to 4 digits. |
ip-address ip-address |
Creates a diagnosis object based on the IP address. |
The value is in dotted decimal notation. |
vpn-instance vpn-instance-name |
Specifies the name of a VPN instance. |
The value must be an existing VPN instance name. |
interface interface-type interface-number |
Creates a diagnosis object based on the interface. |
- |
user-vlan user-vlan-id |
Creates a diagnosis object based on the user VLAN. |
The value is an integer that ranges from 1 to 4094. |
qinq-vlan qinq-vlan-id |
Creates a diagnosis object based on the QinQ VLAN ID. |
The value is an integer that ranges from 1 to 4094. |
user-name user-name |
Creates a diagnosis object based on the user name. |
The value is a string of 1 to 253 case-insensitive characters without spaces. |
access-mode |
Creates a diagnosis object based on the access mode. |
- |
dot1x |
Creates a diagnosis object based on the dot1x access mode. |
- |
mac-authen |
Creates a diagnosis object based on the mac-authen access mode. |
- |
portal |
Creates a diagnosis object based on the portal access mode. |
- |
wlan |
Creates a diagnosis object based on the wlan access mode. |
- |
process-wlan |
Specifies the WLAN sub-core. |
- |
output |
Specifies the direction in which the device exports diagnosis information. |
- |
command-line |
Exports diagnosis information to the CLI. |
- |
file file-name |
Exports diagnosis information as a file. NOTE:
It is recommended that you export the diagnosis information to a specified file. |
The value of file-name is a string of 1 to 63 case-insensitive characters without spaces. |
syslog-server syslog-server-ip |
Exports diagnosis information to a log server. |
syslog-server-ip specifies the IP address of the log server, in dotted decimal notation. |
service-object-id |
Specifies the ID of a diagnosis object to be deleted. NOTE:
Diagnosis object IDs are generated based on sequence in which the diagnosis objects are created. The ID starts from 0. To view all created diagnosis objects, run the display trace object command. |
The value is an integer that ranges from 0 to 3. |
all |
Deletes all diagnosis objects. |
- |
Usage Guidelines
Usage scenario
When locating faults of DHCP, AAA, or NAC service during user access, maintenance personnel can create diagnosis objects to trace services and locate the faults.
Users with different services have different attributes. Create diagnosis objects for different services based on different attributes.
- DHCP service: based on the MAC address.
- AAA and NAC services: based on the MAC address, IP address, user name, user VLAN ID, or access mode.
To ensure that you can diagnose the entire DHCP service process, create a diagnosis object based on the MAC address. You can run the trace object mac-address mac-address [ output { command-line | file file-name | syslog-server syslog-server-ip } ] command to create a diagnosis object for the DHCP service.
Service diagnosis supports only common AAA users.
Prerequisites
Service diagnosis has been enabled using the trace enable command.
Precautions
If a diagnosis object is created based on the MAC address or IP address, various service processes can be diagnosed generally. If a diagnosis object is created based on other parameters, service diagnosis may fail to be performed because the parameters may not be obtained in service processes. Therefore, you are advised to create a diagnosis object based on the MAC address or IP address.
When the slot parameter is used for service diagnosis, if a user switches between the pre-authentication connection and authentication success states and authorization information (including ACL, VLAN, or authentication event authorization) is not changed in the switching process, no service diagnosis information will be output. In this situation, you can use the user name or interface for service diagnosis.
The diagnosis output file cannot exceed 1 MB. The excessive diagnosis information is not recorded.
- Delete diagnosis objects based on the object attributes. Run the undo trace object { mac-address mac-address | ip-address ip-address [ vpn-instance vpn-instance-name ] | interface interface-type interface-number | user-vlan user-vlan-id [ qinq-vlan qinq-vlan-id ] | user-name user-name | access-mode { dot1x | mac-authen | portal | wlan } } * [ output { command-line | file file-name | syslog-server syslog-server-ip } ] command. For example, diagnosis objects 1 (10.10.10.1) and 2 (10.10.10.1+0025-9efb-be78) have been created. To delete diagnosis objects based on the IP address, run the undo trace object ip-address 10.10.10.1 command. Diagnosis objects 1 and 2 are deleted.
- Delete diagnosis objects based on the object ID. Run the undo trace object service-object-id command to delete a specified diagnosis object. You can view the object ID using the display trace object command
- Delete all diagnosis objects using the undo trace object all command.
- The AR1000V does not support diagnosis objects of the dot1x, mac-authen,or portal access mode, so specifying these parameters is not recommended on the AR1000V.