clear ip route * for vpn connections

yayasolenet · ‎09-04-2013

Hi ,

I've got heaps S route in my routing table which are the destination of VPN client.

I tried clear ip route a.b.c.d , clear ip route *, this never clear.

This cause VPN connection drop out.

What should I do? It is headquater route, has no time to reboot.

Cheers,

Lydia

Markus Thun · ‎09-04-2013

There are anyconnect clients connections or site to site connections?

Regards

cadet alain · ‎09-04-2013

Hi,

R2(config)#do sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     1.0.0.0/32 is subnetted, 1 subnets
O       1.1.1.1 [110/11] via 192.168.1.1, 00:00:02, FastEthernet0/0
C    2.0.0.0/8 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
R2(config)#do debug ip routing
IP routing debugging is on
R2(config)#do clear ip route *
R2(config)#
*Mar  1 00:55:45.363: RT: is_up: FastEthernet0/0 1 state: 4 sub state: 1 line: 1 has_route: True
*Mar  1 00:55:45.363: RT: add 192.168.1.0/24 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:55:45.367: RT: NET-RED 192.168.1.0/24
*Mar  1 00:55:45.367: RT: interface FastEthernet0/0 added to routing table
*Mar  1 00:55:45.367: RT: is_up: Loopback0 1 state: 4 sub state: 1 line: 0 has_route: True
*Mar  1 00:55:45.367: RT: add 2.0.0.0/8 via 0.0.0.0, connected metric [0/0]
*Mar  1 00:55:45.367: RT: NET-RED 2.0.0.0/8
*Mar  1 00:55:45.367: RT: interface Loopback0 added to routing table
*Mar  1 00:55:45.375: RT: add 1.1.1.1/32 via 192.168.1.1, ospf metric [110/11]
*Mar  1 00:55:45.379: RT: NET-RED 1.1.1.1/32

As you can see it doesn't get rid of the routes , this is not the purpose of this command, if you want to get rid of a static route just issue a no ip route< blahblah>

Regards

Alain

Don't forget to rate helpful posts.

Markus Thun · ‎09-04-2013

Hi cadet alain

where are the vpn connections routes in your overview? I see only connectet interfaces an one OSPF route.

reset ip

The reset ip commands are used to reset or clear IP routing parameters, relays and statistics.

reset ip {statistics |
routing {all | IP_address [mask]} |
cache {all | IP_address [mask]}}

Syntax Description


statistics	Resets all of the IP statistic tallies to zero. This is helpful if you are debugging an IP problem and want to watch IP statistics accrue from the current time.
routing {all \| IP_address [mask]}	Removes entries from the routing table. These can be static routes configured previously or dynamic routes picked up via RIP. •IP_address [mask]—Specifies the destination host IP address or network address for the entry to be deleted. Its value should be entered in dotted-decimal format. •all—Removes all dynamic routes and the router relearns them.
cache {all \| IP_address [mask]}	Clears entries from the IP portion of the fast-routing cache. •IP_address [mask]—Specifies the destination host IP address or network address for the entry to be deleted. Its value should be entered in dotted-decimal format. •all—Removes all dynamic routes and the router relearns them.

regards

cadet alain · ‎09-04-2013

Hi,

Does the clear ip route command work differently for a static route than for other routes? No

Does it work differently if the static route is for a VPN or not: I don't think so

Where did you get this reset ip command, I can't find it in any IOS command reference guide.

Regards

Alain

Don't forget to rate helpful posts.

yayasolenet · ‎09-04-2013

They are showing up as S , but not configured as static router. So no way to no ip route ...

They are the VPN client connections. When user VPN in, a route is added. When they disconnect, crypto session is gone, but route stays there. That's the one I want to clear.

cadet alain · ‎09-04-2013

Hi,

So you got RRI routes that aren't cleared when the session is done ? Can you tell which platform/IOS you are running because it may be a bug.

Regards

Alain

Don't forget to rate helpful posts.

yayasolenet · ‎09-04-2013

it is cisco 881 with c880data-universalk9-M , version 15.1<2>T1

When I clear ip *, it takes ages and slowly from top to bottom. Overnight, it has deleted my real Static route to other sites and not reach any of the VPN user routes.

It forced me to reboot the route and the static routes are back and all the VPN user routes are gone.

Maybe need to schedule regular reboot.

Markus Thun · ‎09-04-2013

If the VPN reconnects the communication between the peers is ok or do you have problems?

I have also the same problem with the ASA5510. When i am recconect the tunnel and then kill the session the route will be delete. After this way you can connect the VPN again and it runs

Regards