[c-nsp] 3560 problem / strange !

Liviu Pislaru leev at rdsnet.ro
Fri Feb 17 20:18:57 EST 2006


i have a cisco WS-C3560G-24TS-S (i'll name it R) in "desktop routing" 

# sh ip ro summary
Route Source    Networks    Subnets     Overhead    Memory (bytes)
connected           1                20           4424          3192
static                  1                70          4888          10792   
ospf xxx           2              179        11584          27512
bgp xxx      1045            5263      403712       962896
internal        161                                               188692
Total           1210        5532        421608      1193084

and the topology:

Hosts-----Router1 ------- R -----RouterX(IP1 - Subnet1 ) -----host(SubnetN)

IP1 is from a subnet that is directly connected to a SVI on router R;
Subnet 1 and Subnet N are ip addresses from the same subnetX;
subnetX is staticaly routed on R towards RouterX_IP1;
subnetX is announced from BGP towards Router1;
there are many subnets like subnetX routed on R not just one;

from some Hosts behind Router1 (that can be directly connected or some hops 
away) i can reach some subnetX (10% of them).

this is very weired for me. there are subnets like subnetX that works just 
fine (90% of them) but there are some that can't be reached. the last hop for 
all the packets send towards them (mtr, traceroute) is Router1. the routing 
table is ok.
if i configure identicaly a 3750-ME and I replace router R (C3560G-24TS-S) the 
problems disapear. 

i have IOS flash:c3560-advipservicesk9-mz.122-25.SED1.bin and cisco said:


Resolved Caveats in Cisco IOS Release 12.2(25)SED1
These caveats were resolved:

•CSCeh43851 (Catalyst 3750, 3560, 2970 switches and Cisco EtherSwitch service 

The switch no longer drops IP packets with an encrypted TCP header or with a 
TCP header that is fragmented into two different Ethernet frames.


do you think this is the problem and the bug isn't fixed in IOS SED1 or could 
be something else ?
anybody experienced the same problems ? any advice is very usefull;

thank you in advance !

More information about the cisco-nsp mailing list