[c-nsp] VPN over Comcast
Ge Moua
moua0100 at umn.edu
Tue Apr 27 16:15:59 EDT 2010
we are extending l2 pseudowire over ipsec tunnels through comcast
business class internet and this seems to work mostly stable for us; I'm
not sure if the sla for residential cable would incur more outage or
not; albeit we are in the minneapolis mkt and not chicago.
--
Regards,
Ge Moua
Network Design Engineer
University of Minnesota | OIT - NTS
On 4/27/10 12:42 PM, Michael Malitsky wrote:
> I will probably be laughed at, but I'll ask just in case.
>
> We are having particularly bad luck trying to run VPN tunnels over
> Comcast cable in the Chicago area. The symptoms are basically complete
> loss of connectivity (lasting minutes to sometimes hours), or sometimes
> flapping for a period of time. More often than not, a reboot of the
> cable modem is required. The most interesting ones involve the
> following: a PIX or ASA configured as an EZvpn client, connecting to a
> 3000 concentrator, authentication over RADIUS. When I go to look at the
> RADIUS logs, I see connections from the same box with small intervals.
> Timeout is 8 hours, so theoretically I should see 3 connections in a
> 24-hr period. In some cases, I see dozens, in the most egregious cases,
> thousands over a 24-hour period. I am taking that as an indicator of a
> really unstable Comcast circuit. We have not had this problem with any
> other ISP, anywhere in the country.
> I am pretty much down to telling customers to find another provider...
>
> Any thoughts or ideas on the matter will be appreciated.
>
> PS. To be fair (?) to Comcast, this is not a ubiquitous problem. It
> affects about 25% of the installations I get to see.
>
> Sincerely,
> Michael Malitsky
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list