[c-nsp] PBR across IPsec GRE tunnel stopped working
Dan Benson
dbenson at swingpad.com
Tue Nov 11 16:26:44 EST 2014
Hello list,
I have two Cisco 7600s with SPA-IPSEC-2G used to protect GRE tunnels with IPsec. These have been working perfectly until a few days ago when it seems a public path changed, adding a lot of delay between the tunnel endpoints. When this happened, my PBR policy to set recursive next-hop stopped working. What is strange is that direct packets across the tunnel and through the tunnel flow perfectly, only my PBR recursive next-hop has stopped working.
The only solution I have been able to find is to remove the tunnel protection and run in standard GRE mode, which works perfectly.
Any insight is greatly appreciated.
db
More information about the cisco-nsp
mailing list