We just replaced the ISR 871 with a brand new ISR881. The issue persists. We have a dozen other tunnels terminated on the same head end. None of them has issue.
I did run Ben suggested debug ip icmp. The ISR871 is still sending out icmp reply even we are not able to get it from out end during the tunnel down 30 seconds interval. When our engineer was on site. He was able to ping the WAN gateway on the cable modem during the 30 seconds down time, but not able to ping the tunnel destination. He also tried to ping from the ISR881, was able to ping WAN gateway, but not the tunnel destination. I am now leaning toward routing issue within Comcast or cable modem issue. Thanks, Schilling On Wed, Feb 16, 2011 at 2:36 PM, Quinn Kuzmich <lostinmos...@gmail.com> wrote: > I had a similar issue with one of my tunnels, and it turned out to be bad > hardware on one end. > > Q > > On Mon, Feb 14, 2011 at 3:36 PM, schilling <schilling2...@gmail.com> wrote: >> >> I have an ISR 871 behind Comcast residential cable modem with static >> IP address, and have GRE tunnel back to our headend. Just plain >> point-to-point GRE tunnel. Now it's flapping every 15 minutes, then >> comes back up after 30 seconds. debug ip routing just showed tunnel66 >> down and refreshed the routing table. There is no route >> addition/removal or any interface down before the tunnel66 down. When >> the tunnel is down, I am still able to ping the WAN gateway, but not >> the WAN IP on the ISR871. >> >> #remote end >> interface Tunnel66 >> bandwidth 8000 >> ip address 192.168.222 255.255.255.252 >> no ip redirects >> ip tcp adjust-mss 1436 >> load-interval 30 >> keepalive 10 10 >> tunnel source FastEthernet4 >> tunnel destination 192.168.253.19 >> tunnel path-mtu-discovery >> end >> ip route 192.168.253.19 255.255.255.255 WANgateway >> ip route 0.0.0.0 0.0.0.0 WANgateway 250 >> ip route 0.0.0.0 0.0.0.0 tunnel66 >> >> #head end similar. >> >> Just upgraded the ISR871 to be running latest >> c870-advipservicesk9-mz.124-24.T4.bin, but the issue persists. We >> already tried reboot the modem and reboot the switch. >> >> Any insight? >> >> Thanks, >> >> Schilling >> _______________________________________________ >> cisco-nsp mailing list cisco-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/cisco-nsp >> archive at http://puck.nether.net/pipermail/cisco-nsp/ > > _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/