IPSEC/GRE Tunnel Up/Down every 4 or 6 minutes

Mark Rigby · ‎06-10-2011

Greetings, we have a DMVPN Phase 2 setup in a hub and spoke design using a single head end device (Cisco 2821) and 30 spokes the majority of which are 1801's, all spokes have the same configuration and underlying transport (DSL). DSL circuits are terminated directly on the ISR.

We have a strange issue where by one of the spokes drops the tunnel every 4 or 6 minutes almost down to the second as per the output from "crypto logging session" This seems to vary between both time frames.

EEYSRO01# sh logg | include CRYPTO-5-SESSION_STATUS

Jun 10 12:48:36.624: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 12:49:06.697: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 12:52:36.718: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 12:52:37.030: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 12:58:37.932: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 12:58:38.344: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:02:38.665: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:02:38.961: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:08:36.595: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:08:36.939: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:14:36.709: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:14:37.017: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:18:36.654: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:18:36.930: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:22:36.835: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:22:37.087: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:26:36.652: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:27:06.720: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:30:36.812: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:30:37.088: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:34:36.613: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:35:06.885: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:38:36.614: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:38:36.894: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:44:36.615: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:44:36.827: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:48:37.423: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:48:37.667: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:52:36.619: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:52:36.827: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:56:36.639: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 13:56:36.851: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 14:00:36.616: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is DOWN. Peer 213.**.**.**:500 Id: 213.**.**.**

Jun 10 14:01:06.896: %CRYPTO-5-SESSION_STATUS: Crypto tunnel is UP . Peer 213.**.**.**:500 Id: 213.**.**.**

We also have other errors that proceed to the tunnel Up/Down events

Jun 10 14:35:15.716: IPSEC(crypto_map_check_encrypt_core): mtree says we have SA but couldn't find current outbound SA. dropping pak. pak->cryptoflags=0x2000820

Jun 10 14:35:15.716: IPSEC(crypto_map_check_encrypt_core): mtree says we have SA but couldn't find current outbound SA. dropping pak. pak->cryptoflags=0x1000820

Would anyone be able to shed some light on what process could occur at such a regular interval that would drop the tunnel?

Regards