[c-nsp] 7206 pppoe concentrator and vpn issues
Code Monkey
have.an.email at gmail.com
Wed Apr 19 10:14:03 EDT 2006
On 4/19/06, Frank Bulk <frnkblk at iname.com> wrote:
> How are you detecting these ICMP packets going down the PPPoE tunnel rather
> than back to the originator? Do you have an access list set up against that
> interface?
As I said, by logging dropped packets on the CPE.
The CPE (a Cisco 837) had an input access-list that dropped misrouted
packets, I logged packets that were rejected, and bingo.
If it hadn't been that, I would have first suspected logging problems
on the 7200, but I don't think the 837 CPE could log a packet that it
did not receive, and log it it did.
I changed the access-list to allow ICMP packets from the upstream
router to any, no more PMTUD problems, and the match counter on that
access-list statement keeps incrementing.
HTH
More information about the cisco-nsp
mailing list