[c-nsp] GRE tunnel flapping every 15 minutes

Benjamin Lovell belovell at cisco.com
Wed Feb 16 14:26:45 EST 2011 

Config looks fine to me. Just would just note that you should make sure WANgateway is IP address not an interface. If you cannot ping the WAN IP on the 871 when this is happening I would guess this is really a problem with the access circuit to your ISP. You should be able to confirm this in the following manner. 

Turn on ICMP debugs. The next time a failure happens, ping the 871 WAN IP. Once you have connectivity back go check the log and see if your pings got to the 871 or not. If not then it's an ISP problem for sure. If they got there then it's likely a problem on 871 but still *possible that it's a return path ISP problem. 

-Ben


On Feb 14, 2011, at 5:36 PM, schilling wrote:

> I have an ISR 871 behind Comcast residential cable modem with static
> IP address, and have GRE tunnel back to our headend. Just plain
> point-to-point GRE tunnel. Now it's flapping every 15 minutes, then
> comes back up after 30 seconds. debug ip routing just showed tunnel66
> down and refreshed the routing table. There is no route
> addition/removal or any interface down before the tunnel66 down.  When
> the tunnel is down, I am still able to ping the WAN gateway, but not
> the WAN IP on the ISR871.
> 
> #remote end
> interface Tunnel66
>  bandwidth 8000
> ip address 192.168.222 255.255.255.252
> no ip redirects
> ip tcp adjust-mss 1436
> load-interval 30
> keepalive 10 10
> tunnel source FastEthernet4
> tunnel destination 192.168.253.19
> tunnel path-mtu-discovery
> end
> ip route 192.168.253.19 255.255.255.255 WANgateway
> ip route 0.0.0.0 0.0.0.0 WANgateway 250
> ip route 0.0.0.0 0.0.0.0 tunnel66
> 
> #head end similar.
> 
> Just upgraded the ISR871 to be running latest
> c870-advipservicesk9-mz.124-24.T4.bin, but the issue persists. We
> already tried reboot the modem and reboot the switch.
> 
> Any insight?
> 
> Thanks,
> 
> Schilling
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list