The common Debug Types are:

• Debug Flow Basic/Undebug Flow Basic - probably the most used of the debug options, it is though, the most CPU intensive.  Provides a view of the traffic flow through a NetScreen device.
• Debug IKE Detail/Undebug IKE Detail - Used to view the IKE Phase 1 and Phase 2 negotiations.  Most IKE problems can be seen when viewing the even t log.  However, when troubleshooting a VPN with another vendor, a debug IKE detail could provide information about how the other VPN has been configured.
• Debug PKI Detail/Undebug PKI Detail - Used to view the passing of digital certificates and other events that occur in phase 1 of IKE negotiation with RSA or DSA.
• Debug NAT/Undebug NAT - Used to view NAT translations as they occur through the NetScreen
• Debug DHCP/Undebug DHCP - Used to view DHCP lease assignments.

Debug, like snoop, is a powerful troubleshooting tool, but it must be used with caution.  The performance degradation will be dependent on the following:

1. The debug being performed (debug flow basic is the most CPU intensive)
2. The amount of traffic being sent through the NetScreen
3. The method of output