Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2493
Views
4
Helpful
2
Replies

EIGRP adjacency drops over tunnel

mfurnival
Level 4
Level 4

‎03-03-2011 01:10 AM

We have two sites connection via an IPSEC tunnel and periodically we see the EIGRP adjacency between the two sites will go down:

Mar  2 03:58:52.495: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1.1 (Tunnel1) is down: holding time expired

.Mar  2 04:15:12.703: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1..1 (Tunnel1) is up: new adjacency

The tunnel does not appear to go down though. At one end we see this:

Feb 27 02:53:44.144: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1.2 (Tunnel0) is down: Interface Goodbye received

Feb 27 02:53:48.880: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1.2 (Tunnel0) is up: new adjacency

Feb 27 02:55:08.391: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1.2 (Tunnel0) is down: retry limit exceeded

Feb 27 02:56:17.582: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 200: Neighbor 10.1.1.2 (Tunnel0) is up: new adjacency

So it looks like the 10.1.1.2 end is failing to receive EIGRP hellos and bringing down the adjacency.
My guess is that there is just packet loss in the cloud but I cannot prove this (the remote site is very remote and when it goes down I have no way of accessing the remote router).
Any observations or ways to progress this will be appreciated

Labels:
0 Helpful
2 Replies 2

sean_evershed
Level 7
Level 7

‎03-03-2011 02:40 AM

I had a similar situation where two EIGRP routers were connected over a microwave link that was unreliable. To prove this I needed to gather some stats. You could try a couple of things:

- Setup an IP SLA monitor to measure packet loss to the remote end.

- Enable route profiling to gather stats on the stability of the routing table, http://www.cisco.com/en/US/docs/ios/iproute_pi/command/reference/iri_pi1.html#wp1012879

- Setup SNMP monitoring to measure bandwidth and packet loss.

Cheers

Sean

andrew.prince
Level 10
Level 10

‎03-03-2011 05:38 AM

Rememeber EIGRP hellos are not acknowledged.  You are also running over a GRE tunnel.

I would

1) Enable GRE tunnel keepalives - hello 1 dead 3

2) Check your WAN circuit - you could have an issue with 1 way transmission - if connected to a switch and layer 2 circuit use UDLD agressive.

3) Change your EIGRP hello hold timers 1 hello 3 hold.

HTH>

0 Helpful
Customers Also Viewed These Support Documents