Why packets disappear on cisco?

I

Ivan2016-06-27 21:51:14

FreeBSD

Ivan, 2016-06-27 21:51:14

Hey! Situation incomprehensible to me:
A site-to-site GRE over IPsec tunnel is configured between two ciscos.
Internal networks 192.168.0.0 and 192.168.1.0
Tunnel gateways on ciscos 10.0.0.0/29
Everything works, ping is smooth and stable, but every few minutes there is a failure of 4 - 5 packets. It's from computer to computer.
The most interesting thing is that the gateways of the 10.0.0.0 network are pinged, and moreover, a remote host that is 192.168 is pinged from cisco.
I understand that it’s almost impossible to answer, it’s interesting how to look at the tsiska why they are blocked - packets are lost, because they definitely reach the tsiska. How to see what's happening on an interface like tcpdump on freebsd?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Armenian Radio, 2016-06-27
@gbg

View - like this - port mirror
you can also study the output of show int *

A

Archangel, 2016-06-29
@Archangel

Ivan : If the devices are not very powerful and only Cisco is in the infrastructure, use EIGRP. Although it seems to me that in your case, dynamic routing is a nuisance that is needed solely for the sake of academic interest.
PS Read about packet capture here: www.cisco.com/c/en/us/support/docs/ios-nx-os-softw...
Of course, it will not work as convenient as tcpdump in real time, but in the future, I'm sure still come in handy.

A

Alexander, 2016-08-04
@ferrum90

Причем здесь mirror трафика, если GRE поднимается на роутерах. Если ходите dump обмена протоколов используйте debug или команды troubleshooting'a. У вас вероятно поднят DMVPN , следовательно используется протокол nhrp и есть NHS(next-hop server). В вашем случае проблема решится следующим образом:ip #nhrp map multicast [ip NHS]
То есть вам необходимо чтобы рассылка/ответ LSA отправлялись на NHS