From: Howard C. Berkowitz (hcb@gettcomm.com)
Date: Thu Sep 09 2004 - 21:11:47 GMT-3
At 12:42 AM +0100 9/10/04, Richard Dumoulin wrote:
>For those who work in an ISP, is it common to have issues with a forwarding
>table of an Internet router ?
>I am asking because I am having issues with 7 sites out of 30 that are not
>properly negociating their IPSec tunnel. All they have in common is the
>trace route not working in the direction to the Main hub. Trace route works
>fine for the remaining sites. Ping works for all the working/non-working
>sites.
>So I am starting to think that maybe one of the transit Internet router
>might need a refresh in their cache.
If ping works but traceroute doesn't, I'd suspect an outbound (from
you) UDP filter, or an ICMP filter somewhere in the reverse path.
Does traceroute get you partially there? If so, suspect the next hop
after the last router you can reach.
Since an ISP of any appreciable size using Cisco routers, at least,
should be using CEF, there's really no concept of a cache miss. The
main BGP RIB could, for some reason, be missing the route.
Does your service provider have a looking glass, or will their
support people give you the results of show route for the routes in
question?
>I would appreciate any opinion,
>
>Thanks
>
>--Richard
This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:41 GMT-3