[c-nsp] Mysterious tunnel interfaces
Matlock, Kenneth L
MatlockK at exempla.org
Thu Aug 12 13:48:10 EDT 2010
Do you have any HIMI connections between the router, and a switchblade?
Ken Matlock
Network Analyst
Exempla Healthcare
(303) 467-4671
matlockk at exempla.org
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jay Nakamura
Sent: Thursday, August 12, 2010 11:35 AM
To: cisco-nsp
Subject: Re: [c-nsp] Mysterious tunnel interfaces
Mystery deepens.
Router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#int tun0
% This interface cannot be modified
Router(config)#no int tun0
% This interface cannot be modified
Router(config)#int tun2
% This interface cannot be modified
Router(config)#int tun3
% This interface cannot be modified
Router(config)#^Z
Router#sh ip pim tunnel
Router#
Nothing in "show run all" for these interfaces.
I don't have multicast configured, or at least I haven't actively
configured anything for it. I haven't really had to do anything with
Multicast so I am not familiar with it.
I do have IOS content filtering installed/configured but I don't think
that will do this.
I do have ZBFW configured.
I do not have VRF on this router.
Here are some outputs of the interfaces
Router#sh int tunn0
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Interface is unnumbered. Using address of Tunnel2 (172.16.0.1)
MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 81/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 172.19.128.31
Tunnel protocol/transport multi-GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255, Fast tunneling enabled
Tunnel transport MTU 1472 bytes
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 17:22:42, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 32000 bits/sec, 2 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
95997 packets output, 26708838 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Router#sh int tunn2
Tunnel2 is up, line protocol is up
Hardware is Tunnel
Internet address is 172.16.0.1/16
MTU 17916 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 172.16.0.1
Tunnel protocol/transport multi-GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255, Fast tunneling enabled
Tunnel transport MTU 1476 bytes
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Router#sh int tunn3
Tunnel3 is up, line protocol is up
Hardware is Tunnel
Interface is unnumbered. Using address of Tunnel2 (172.16.0.1)
MTU 17912 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 7/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 172.19.128.31
Tunnel protocol/transport multi-GRE/IP
Key disabled, sequencing disabled
Checksumming of packets disabled
Tunnel TTL 255, Fast tunneling enabled
Tunnel transport MTU 1472 bytes
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 05:17:13, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 3000 bits/sec, 2 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
111685 packets output, 18723536 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
Router#sh ip int tun0
Tunnel0 is up, line protocol is up
Interface is unnumbered. Using address of Tunnel2 (172.16.0.1)
Broadcast address is 255.255.255.255
MTU is 17856 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
VPN Routing/Forwarding "tunnel-group-ivrf"
Downstream VPN Routing/Forwarding ""
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
Output features: CCE Post NAT Classification, Firewall (firewall component)
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Router#sh ip int tun2
Tunnel2 is up, line protocol is up
Internet address is 172.16.0.1/16
Broadcast address is 255.255.255.255
Address determined by unknown means
MTU is 1476 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
VPN Routing/Forwarding "tunnel-group-ivrf"
Downstream VPN Routing/Forwarding ""
Tunnel VPN Routing/Forwarding "tunnel-group-ivrf"
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
Output features: CCE Post NAT Classification, Firewall (firewall component)
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
Router#sh ip int tun3
Tunnel3 is up, line protocol is up
Interface is unnumbered. Using address of Tunnel2 (172.16.0.1)
Broadcast address is 255.255.255.255
MTU is 17856 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are never sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP fast switching on the same interface is disabled
IP Flow switching is disabled
IP CEF switching is enabled
IP CEF switching turbo vector
IP Null turbo vector
VPN Routing/Forwarding "tunnel-group-ivrf"
Downstream VPN Routing/Forwarding ""
IP multicast fast switching is enabled
IP multicast distributed fast switching is disabled
IP route-cache flags are Fast, CEF
Router Discovery is disabled
IP output packet accounting is disabled
IP access violation accounting is disabled
TCP/IP header compression is disabled
RTP/IP header compression is disabled
Policy routing is disabled
Network address translation is disabled
BGP Policy Mapping is disabled
Input features: MCI Check
Output features: CCE Post NAT Classification, Firewall (firewall component)
WCCP Redirect outbound is disabled
WCCP Redirect inbound is disabled
WCCP Redirect exclude is disabled
On Thu, Aug 12, 2010 at 9:39 AM, Luan Nguyen <luan at netcraftsmen.net> wrote:
> I have those ISR2 (M1) as well as ASR1002 running DMVPN and don't have those
> ghost tunnels. Must be for some other services such as multicast.
> Try to remove them with no interface tunnel 0, and I think the router will
> tell you why you couldn't.
>
> Regards,
>
> -Luan
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Jay Nakamura
> Sent: Wednesday, August 11, 2010 8:53 PM
> To: cisco-nsp
> Subject: [c-nsp] Mysterious tunnel interfaces
>
> I was working on a ISR 1941 with 15.0(1)M2. I am running DMVPN on it
> and using one tunnel interface. (Tunnel 1). No other tunnel
> interfaces are configured on the router. However when I do "show int
> summary" I get this;
>
> #sh int summary
>
> *: interface is up
> IHQ: pkts in input hold queue IQD: pkts dropped from input queue
> OHQ: pkts in output hold queue OQD: pkts dropped from output queue
> RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec)
> TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec)
> TRTL: throttle count
>
> Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
> ------------------------------------------------------------------------
> * GigabitEthernet0/0 0 0 0 0 6000 5 6000 5 0
> GigabitEthernet0/1 0 0 0 0 0 0 0 0 0
> * Serial0/0/0 0 0 0 0 3000 3 2000 2 0
> NVI0 0 0 0 0 0 0 0 0 0
> * Tunnel0 0 0 0 0 0 0 0 0 0
> * Tunnel1 0 0 0 10 1000 2 1000 2 0
> * Tunnel2 0 0 0 0 0 0 0 0 0
> * Tunnel3 0 0 0 0 0 0 0 0 0
>
> I thought may be something got left behind while I was monkeying
> around in it so I reloaded the router and the tunnel 0,2,3 are still
> there and it says it's up. None of those interfaces are in the
> startup or running-config.
>
> What is going on here? My other routers with similar config on a 1841
> with 12.4(15)T* doesn't have this issue. It doesn't seem to be
> affecting the routing of traffic but it's really bothering me.
>
> -Jay
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5358 (20100811) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5358 (20100811) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5360 (20100812) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
> __________ Information from ESET NOD32 Antivirus, version of virus signature
> database 5360 (20100812) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list