Could PIX be choking on RIP updates?

gresendiz · ‎08-30-2002

Primary PIX and Secondary PIX are plugged into the same 3524 switch. Vendor routers are plugged into the same 3524 switch. RIP is exchange between vendors and the PIX. When we unplug a vendor router (Not PIX interface) from the 3524 switch, Primary PIX reboots. Could it be choking on the RIP updates? Secondary PIX attempts to take over but since its sick(replacing it), it never does and once Primary PIX comes back on-line, it assumes active role. I verified the 3524's config to ensure it has port fast enabled so BPDUs don't get sent to the PIX. Any ideas?

steve.barlow · ‎08-30-2002

Take a look at the bug tool, PIX and RIP have some known issues.

Hope that helps.

Steve

gresendiz · ‎08-30-2002

Thanks.

I found the following that fits my issue:

When RIP2 is enabled on the inside interface the PIX inside will loose

connectivity and failover. Even when failed over to the secondary the same

inside IP is not pingable. Debug RIP on the pix shows no RIP packets,

even though the two routers on the same segment shows good packets

on a debug IP RIP. After a failover and fail back the primary pix will

function for a while then the inside will fail again after about 5 minutes.

The pix never has any issues as long as I do not (rip inside passive version 2)

on the interface(inside or outside).

The RIP updates stopped appearing even though debug RIP is not turn off.

And after a few minutes, they aged out of the routing table.