show ip errors


show ip errors [vsx-peer]


Shows IP error statistics for packets received by the switch since the switch was last booted.

Command context

Operator (>) or Manager (#)



Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed.


Operators or Administrators. Users without administrator authority can execute this command from the operator context (>) only.


IP error info about received packets is collected from each active line card on the switch and is preserved during failover events. Error counts are cleared when the switch is rebooted.

Drop reasons are the following:

Malformed packet

The packet does not conform to TCP/IP protocol standards such as packet length or internet header length.

A large number of malformed packets can indicate that there are hardware malfunctions such as loose cables, network card malfunctions, or that a DOS (denial of service) attack is occurring.

IP address error

The packet has an error in the destination or source IP address. Examples of IP address errors include the following:

  • The source IP address and destination IP address are the same.

  • There is no destination IP address.

  • The source IP address is a multicast IP address.

  • The forwarding header of an IPv6 address is empty.

  • There is no source IP address for an IPv6 packet.

Invalid TTLs

The TTL (time to live) value of the packet reached zero. The packet was discarded because it traversed the maximum number of hops permitted by the TTL value.

TTLs are used to prevent packets from being circulated on the network endlessly.


Showing ip error statistics for packets received by the switch:

switch# show ip errors
Drop reason                Packets
Malformed packets                1
IP address errors               10
Invalid TTLs                     0