[c-nsp] DMVPN and OSPF
Luan Nguyen
luan at netcraftsmen.net
Thu Jul 30 14:10:21 EDT 2009
Care to post the configuration? So maybe some of us who think that this
problem is interesting could plug it into dynamips and check it out for you?
Have you tried to remove the configuration and put it back? Maybe add a few
loopback interfaces and advertise them?
Regards,
-----------------------------------
Luan Nguyen
Chesapeake NetCraftsmen, LLC.
http://www.netcraftsmen.net
------------------------------------
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jay Nakamura
Sent: Thursday, July 30, 2009 1:55 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] DMVPN and OSPF
Looking back on tickets, it seems like this problem started happening
after upgrading from 12.4(15)T5 to 12.4(24)T. Before the upgrade, it
was running solid for a year.
I have tried 12.4(24)T1 but that doesn't seem to have any effect. I
can't go below 12.4(20)T because we want to deploy IOS content
filtering.
> On Thu, Jul 30, 2009 at 7:48 AM, Rodney Dunn<rodunn at cisco.com> wrote:
>>
>>
>> Jay Nakamura wrote:
>>>>
>>>> Did you force the DR to be the hub by setting the priority?
>>>
>>> Yes. And confirmed.
>>>
>>>> I forgot, did you set it to broadcast or multipoint?
>>>
>>> broadcast
>>>
>>>> I'd suggest you look at the packet capture feature and get a trace when
>>>> it's
>>>> down.
>>>
>>> Is this what you are referring to?
>>>
>>>
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/ht_rawip.html#wp1049404
>>>
>>
>> No this one:
>>
>>
http://supportwiki.cisco.com/ViewWiki/index.php/Tech_Insights:Utilizing_the_
New_Packet_Capture_Feature
>>
>>
>>
>>> There is no tech onsite and it's a little far so I can't do it at the
>>> moment but if I can't figure out anything else, that will be the next
>>> step.
>>>
>>>> Do you see the LSA's in the database?
>>>
>>> I believe it was blank. It's working now after a reboot so I can't
>>> check but I will check next time it happens.
>>>
>>
>> Ok. That is the starting point if the neigbors are not flapping.
>>
>>
>>>> Can you ping 224.0.0.5 and get a response?
>>>>
>>>> Are the neighbors flapping?
>>>
>>> It didn't flap at all. Routes just disappeared. Well, that's not
>>> 100% true. The backup hub VPN connection went down and it wouldn't
>>> come up. I could ping the primary hub tunnel IP when the routes were
>>> gone but none of the other DMVPN peer IP.
>>>
>>
>> Almost always issues like this are with packet loss. You have to make
sure
>> the multicast traffic can traverse the cloud and that requires
replication
>> at the hub..and the spoke if you are doing a single spoke tunnel with
dual
>> hubs.
>>
>>
>>>
>>>> Jay Nakamura wrote:
>>>>>
>>>>> Has anyone seen this symptom?
>>>>>
>>>>> 1841, advanced IP feature set
>>>>> DMVPN spoke and OSPF over the DMVPN
>>>>>
>>>>> Running 12.4(24)T
>>>>>
>>>>> Periodically, the router looses all it's OSPF routes and stays that
>>>>> way. Clearing the DMVPN or OSPF process does nothing. It recreates
>>>>> the OSPF session with neighbor but it still has no routes. It can't
>>>>> seem to re-connect to the backup DMVPN hub either.
>>>>>
>>>>> Router still routes to the static default route for internet traffic
>>>>> and everything else seems normal. Just can't get to the VPN network.
>>>>>
>>>>> It's really not doing anything fancy other than DMVPN and OSPF.
>>>>> _______________________________________________
>>>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list