[cisco-voip] Cisco 8851 not failing over to backup circuit...
Chris Ward (chrward)
chrward at cisco.com
Fri Apr 24 12:22:36 EDT 2015
VPN registration issues usually point to MTU issues. Or at least packet or fragments due to MTU issues. I suspect there is a different in packet size during the registration of these two devices or capabilities that affects packet size.
When the primary link is down, you could run some ping tests while setting the ping size to 1X00 and setting the DF bit as well, this will help you find the max size packet with overhead that can fit over the tunnel. Typically VPN tunnels take at least 80 bytes of overhead, so the largest MTU I would expect you could fit over the tunnel would be 1420.
I would try and adjust your tunnel MTU down to 1400 or even 1300 just as a test to see if it helps. (In my demo setups with EZVPN tunnels, I can only use 1350 max) Also, are your VPN endpoints able to fragment packets or clear DF bits so that they can fragment large packets? If you can clear df-bit at the interface, that may help move some of the larger packets through IF they have the DF-bit set.
+Chris
TME - Unity Connection and MediaSense
From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Jonathan Charles
Sent: Friday, April 24, 2015 11:44 AM
To: Charles Goldsmith
Cc: cisco-voip at puck.nether.net
Subject: Re: [cisco-voip] Cisco 8851 not failing over to backup circuit...
MTU was set to 1440, we set it to Auto, no change...
Jonathan
On Thu, Apr 23, 2015 at 10:13 PM, Charles Goldsmith <wokka at justfamily.org<mailto:wokka at justfamily.org>> wrote:
What's your MTU over the backup VPN? I've seen odd issues on some
networks with different providers and MTU and fragmenting packets
always caused issues until the MSS was set.
I'm not sure why this would affect the 8851's, but we've noticed some
other oddities with the 8851's. For instance, computers with intel
nic's behind the phone have issues after we apply config, and we
narrowed it down to intel gigabit master slave mode setting on the
driver, at least, setting that to slave instead of auto resolves the
problem. Otherwise, you have to reboot the phone a couple of times to
get consistent connection through the 8851. Phones are connected to a
2960 with a basic config, nothing out of the ordinary.
On Thu, Apr 23, 2015 at 6:35 PM, Jonathan Charles <jonvoip at gmail.com<mailto:jonvoip at gmail.com>> wrote:
> We have CUCM 8.6.2 with Cisco 8851, Cisco 8831 phones at a remote location;
> they are connected over MPLS and a Peplink Balance VPN as a backup.
>
> When we yank the MPLS, the 8831 registers with CUCM and works fine.... the
> 8851s do NOT.
>
> Any reason the 8851 would act differently?
>
>
>
>
> Jonathan
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20150424/1e2a3c56/attachment.html>
More information about the cisco-voip
mailing list