Quite often when you are trying to verify that tasks are working  as expected you use the #debug ip packet command which works great… except if there is any other traffic on the router and you can quickly become swamped with the debug output. Luckily the #debug ip packet command can also take an ACL so if you wanted to verify traffic was going to the host 10.10.10.1 and only to that host you can do this by;

• - Creating an ACL for 10.10.10.1

• Router#Access-list 101 permit ip any host 10.10.10.1

• - Applying that ACL to the debug command

• Router#Debug ip packet detail 101

• - Bob’s your uncle

Because the #debug ip packet detail takes an ACL you can change the ACL to whatever you like, so if you just wanted to see ICMP its simple just change it to the following and reapply your Debug ip packet detail 101.

Router#Access-list 101 permit ip any any icmp

Another handy way is that if you accidently perform a debug command which causes a backlog on your console connection that you could not perform an un all due to so much output on the console, you should be able to telnet into the router and issue the usual undebug all immediately

The debugging will instantly disappear from the Console session as well, this is as debugging wont be sent to vty lines without the following command issuing the command terminal monitor, so you can stop debugging without having to wait to get your command across the Console if you have filled it up with debugging.

This can save valuable minutes or even a reload just remember to setup remote access before getting into a pickle