[c-nsp] Mysterious GRE tunnel flap

Quinn Kuzmich lostinmoscow at gmail.com
Thu Jul 22 12:08:02 EDT 2010 

Ok, here's the config for one of the two routers - they have the same basic
HSRP config so if one is wrong, so is the other.  Remember, the other end of
the tunnel is NOT exhibiting the problem at all.


!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname rem16-miramar-r2
!
boot-start-marker
boot-end-marker
!
logging count
logging message-counter syslog
logging buffered 51200
no logging console
!
no aaa new-model
ip source-route
!
!
!
!
no ip cef
ip domain lookup source-interface FastEthernet0/0
ip domain name cell2.psap.bc.local
ip multicast-routing
no ipv6 cef
ntp server 10.3.0.1
multilink bundle-name authenticated
!
!
archive
 log config
  hidekeys
!
!
ip tftp source-interface FastEthernet0/0
!
track 1 interface Serial0/1/0 ip routing
!
!
!
!
interface Tunnel16
 description *** TUNNEL FOR VSS 16 (Multicast only) ***
 ip address 10.250.16.1 255.255.255.252
 ip pim query-interval 1
 ip pim state-refresh origination-interval 4
 ip pim dense-mode
 ip tcp adjust-mss 1436
 no ip mroute-cache
 keepalive 1 1
 tunnel source 10.16.15.254
 tunnel destination 10.3.15.254
!
interface FastEthernet0/0
 description *** BACKROOM ***
 ip address 10.16.15.252 255.255.240.0
 ip access-group 100 out
 ip helper-address 10.3.0.1
 ip pim dr-priority 255
 ip pim query-interval 1
 ip pim state-refresh origination-interval 4
 ip pim dense-mode
 no ip mroute-cache
 speed 100
 full-duplex
 keepalive 1
 standby delay minimum 45 reload 60
 standby 1 ip 10.16.15.254
 standby 1 timers 1 3
 standby 1 preempt delay minimum 15 reload 15 sync 15
 standby 1 track Serial0/1/0
!
interface FastEthernet0/1
 description *** CROSSOVER R2 R1 ***
 ip address 10.252.216.2 255.255.255.0
 ip hello-interval eigrp 2604 1
 ip hold-time eigrp 2604 2
 speed 100
 full-duplex
 keepalive 1
!
interface Serial0/1/0
 ip address 10.252.16.2 255.255.255.252
 ip hello-interval eigrp 2604 1
 ip hold-time eigrp 2604 3
 keepalive 4
 no fair-queue
 service-module t1 timeslots 1-24
!
router eigrp 2604
 passive-interface FastEthernet0/0
 network 10.16.0.0 0.0.15.255
 network 10.252.0.0 0.0.255.255
 no auto-summary
 eigrp stub connected
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.252.216.1 240
!
!
no ip http server
ip dns server
ip mroute 10.0.0.0 255.0.0.0 10.250.16.2
!
ip access-list standard AllSites
 permit 10.0.0.0
ip access-list standard MyRemoteSite
 permit 10.16.0.0 0.0.15.255
!
logging source-interface FastEthernet0/0
logging server-arp
logging 10.4.0.1
access-list 100 deny   udp 10.4.0.0 0.0.15.255 any gt 5000
access-list 100 permit ip any any
access-list 101 deny   udp 10.3.0.0 0.0.15.255 any gt 5000
access-list 101 permit ip any any
!
route-map REM-LEAK-LIST permit 10
 match ip address AllSites
 match interface FastEthernet0/1
!
route-map REM-LEAK-LIST permit 20
 match ip address MyRemoteSite
 match interface Serial0/1/0
!
!
!
control-plane
!
!
!
line con 0
 login local
line aux 0
line vty 0 4
 exec-timeout 0 0
 login local
 transport input telnet
line vty 5 15
 exec-timeout 0 0
 login
 transport input telnet

More information about the cisco-nsp mailing list