I have the following question, which am missing a real case scenario, and I would like to ask if someone has had an opportunity to find the following out: If there is a packet loss on one of the underlying links of a VPN tunnel: is the packet loss seen in the tunnel smaller, identical or higher?
If you see my answer to your previous Q the you will full understand how you check the issue.
for example I want to use Ping to test VPN tunnel BUT since there are two layer how can I know which one is make my tunnel traffic drop ??
the ping command even if it simple but tricky we can use ping to detect the issue if it in overlaying or underlying HOW? PING <IP destination> source <IP source >
as I mention before first we do ping for underlaying PING <TUNNEL IP destination> source <TUNNEL IP source >
we must success if not the issue in your ISP
second we ping for OVERLAYING PING <TUNNEL IP local end > source <TUNNEL IP far end >
this give us hint that the VPN tunnel overlying have issue
the underlaying need more steps since the issue involved ISP the overlying is simple since we have P2P so either this is ip is config wrong there is IPSec config under GRE which make traffic drop the tunnel VRF issue which cause by assign VRF under tunnel and this sometimes make tunnel not forward packet.
This would depend on how much of the traffic on the link actually goes over the VPN tunnel. If all traffic that egresses on the link is sent over the tunnel then the packet loss should be identical. If only some of the traffic is sent over the VPN tunnel then the packet loss would be smaller.
-- Please remember to select a correct answer and rate helpful posts