[c-nsp] PIX VPN & packet loss
Andre Beck
cisco-nsp at ibh.net
Thu Mar 24 11:55:35 EST 2005
Hi,
I'm observing a small but "stable" amount of packet loss in a VPN
built of a central PIX 515 and a bunch of 506s. There seems to be
a loss of approx. 1.5% to 2% on VPN tunnels, regardless of the site
talking to central, seemingly in the direction 515->506. PIX OS versions
are latest, configuration is mostly trivial, VPN sites can basically
do any IP traffic to the central site. Extensive ping tests in the
respective broadcast domains to which the PIXen are connected as
well as on the links interconnecting them show no packet loss at all.
Anyone seen something like this or have a hook where to start further
debugging? I'm supposed to establish a QoSed star of GRE tunnels on
top of that for VoIP to come and really need to get rid of *that*
packet loss before doing the QoS tuning introducing an intentional
one through shaping...
TIA,
Andre.
--
The _S_anta _C_laus _O_peration
or "how to turn a complete illusion into a neverending money source"
-> Andre Beck +++ ABP-RIPE +++ IBH Prof. Dr. Horn GmbH, Dresden <-
More information about the cisco-nsp
mailing list