08-26-2010 11:29 AM - edited 03-04-2019 09:33 AM
Hello Friends,
I have a Cisco 7206VXR (NPE-G2) router which runs IOS Version 12.4(15)T13, RELEASE SOFTWARE (fc3).
The problem is at times it has stuck static routes in it which wont go away even when the link is down. So the backup wont come up and the site is hard down.
I cannot remove the static route from the routing table. Does anyone know how to remove the route or fix this problem?
Thanks,
Ram
08-26-2010 02:36 PM
Ram
Is it possible that the static route is configured using the permanent parameter?
It might be helpful if you would post the part of the config in which the static route is configured.
Can you clarify what is happening. When you say that the link is down do you just mean that there is no connectivity over the link or do you mean that the interface is actually in a protocol down state?
It might be helpful if you would post the output of show ip route and the output of show ip interface brief and indicate which static route is the problem one.
It is a standard behavior of static routes using an Ethernet interface that there can be no connectivity to neighbor devices through the Ethernet interface but a static route using the Ethernet will still be in the routing table. You might look into using Object Tracking or IP SLA to address this issue.
HTH
Rick
08-26-2010 03:05 PM
Rick,
Thanks for your reply.
I dont have a permanent parameter. I learn the static route through ipsec tunnel. But when the tunnel goes down, the static route should go away.
It works fine for 99% of the time. Once a while the static route is stuck in the routing table and wont go away
Router#show ip route 10.200.55.0
Routing entry for 10.200.55.0/27
Known via "static", distance 1, metric 0
Routing Descriptor Blocks:
* 95.193.24.108
Route metric is 0, traffic share count is 1
Router#ping 10.200.55.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.200.55.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router#show crypto ipsec sa peer 95.193.24.108
Router#
( tunnel is down)
08-26-2010 03:06 PM
Currently we reboot the router to fix this.
08-26-2010 03:16 PM
Ram
This information helps a bit and leads me to a few more questions:
- it looks like the static route is configured with the peer as the next hop address. so could you post the output of show ip route 95.193.24.108?
- if the router believes that the next hop is still reachable then the static route will remain in the routing table.
- can you ping from the router to 95.193.24.108?
HTH
Rick
08-26-2010 03:27 PM
Rick,
Im guessing its some IOS problem.
Router#sh crypto isakmp sa | include 95.193.24.108
Router#ping 95.193.24.108
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 95.193.24.108, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
Router#sh ip route 95.193.24.108
% Network not in table
Thanks,
Ram
08-27-2010 05:49 AM
Ram
This additional information is also helpful. If 95.193.24.108 is not in the routing table then what is in the routing table? Can you post the output of show ip route. It might also be helpful if you would post the output of traceroute 95.193.24.108.
HTH
Rick
09-10-2010 06:42 PM
Rick,
Here is the detail about the bug
09-11-2010 05:01 AM
Ram
Thank you for posting back to the forum with this information. It makes the forum more useful when people can read about a problem and can also read about what solved the problem. Perhaps you could mark this issue as solved so that people would know that they could see a solution to the problem?
So was your static route generated via RRI, as the bug suggests, or was it something a bit different.
HTH
Rick
09-11-2010 05:29 AM
is'nt that route there even if vpn is down to ensure that
outgoing traffic to the remote site triggers ipsec tunnel creation ?
I have had that problem also but was not sure wether its a bug or a feature.
Juergen.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide