[c-nsp] trace via gre over ipsec tunnel
Gert Doering
gert at greenie.muc.de
Tue Feb 15 07:28:55 EST 2005
Hi,
On Tue, Feb 15, 2005 at 03:21:14PM +0300, vladimir.savostin at eu.effem.com wrote:
> We have following network configuration:
> Host1--Router1--(GRE/IPSEC tun)--Router2--(GRE/IPSEC tun)--Router3--Host2
>
> When doing traceroute from Host1 to Host2 I see the following results:
>
> Tracing route to Host2 over a maximum of 30 hops
> 1 <10 ms 10 ms <10 ms Router1
> 2 <20 ms 20 ms <20 ms Host2
>
> The problem is that tun interfaces don't seen as hop counts.
> There are no some special configuration on tun interfaces.
>
> May be some of your faced with such problem early?
There are a number of interesting IOS bugs where the TTL isn't decremented
on packets being CEF-switched through GRE tunnels. All bugs I know
(read: that I've seen in our network) have been fixed in recent IOS
versions.
What IOS versions are you using?
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list