Could it be fragmentation?

Kanan Huseynli · ‎08-15-2016

Hi there,

We have classical Hub&SPOKE topology where branch routers connected to HO Router over ISP VLAN number xxx ( with private IPs ).In addition to,we implement IPSec Site-to-Site VPN for security purposes over GRE tunnel.Let's say,WAN interface of Branch router for interface connected to ISP,and LAN interface for interface connected to Branch-Sw.

When I ping WAN of Branch from HO_Router ,I get 100% .But When I ping LAN of Branch from HO_Router ,I get 90-95% result.

And this happens only for one branch router.With other branch routers result is 100%,even for LAN interface.

I think problem is not caused by ISP,because ping to WAN interface works with 100% result.It seems problem related to Branch_Router.by the way,I have monitored several times CPU utilization,it is no more than 7-8%-that is normal.

What could be a reason?

Thanks in advance,

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Muhammad Uzair · ‎08-15-2016

Hi Konancisco:

can you trace the up and down path to the branch and confirm if it is same or not, also any traffic policy on branch router which might be dropping LAN segment.

Kindest Regards,

Uzair

Kindest regards,
Uzair
CCENT, CCNA (R&S), CCNP (R&S).

Kanan Huseynli · ‎08-15-2016

Both traceroute are true.There is no policy.Actually ping works,but 90-95%.If it was policy droping packet on LAN interface,then it would drop all of them.

regards,

Kanan

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Muhammad Uzair · ‎08-17-2016

Hi, can you please do the extended ping from host to HO and see if you can find any packet loss on any particular hop?