FIB issue ?

From: Richard Dumoulin (Richard.Dumoulin@vanco.fr)
Date: Thu Sep 09 2004 - 22:00:52 GMT-3

• Next message: John Matus: "Re: mroute woes - help!"
• Previous message: John Matus: "mroute woes - help!"
• Next in thread: Howard C. Berkowitz: "Re: FIB issue ?"
• Maybe reply: Howard C. Berkowitz: "Re: FIB issue ?"
• Maybe reply: hcb@gettcomm.com: "Re: FIB issue ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I have just had a look at the looking glass and since the /19 network is
there and all the sites are in the same range I really can't think of what
can be the issue. There are even two remote sites, one working (.17) and the
other not working (.18) only separated by the ISP POP !
Also I have noticed that the isakmp packet answers from the main site are
not reaching my remote.
Those sites have been working for several months now and I can't really
think of what could be wrong.
The ISP on the remote sites side thinks it's an issue with the other end ISP
but he can't explain why so ...

Something to note is that the traceroute (in the direction Remote --> Hub)
fails in the router immediately connected to the main hub router,

--Richard

-----Message d'origine-----
De : Howard C. Berkowitz [mailto:hcb@gettcomm.com]
Envoyi : Friday, September 10, 2004 2:12 AM
@ : ccielab@groupstudy.com
Objet : Re: FIB issue ?

At 12:42 AM +0100 9/10/04, Richard Dumoulin wrote:
>For those who work in an ISP, is it common to have issues with a forwarding
>table of an Internet router ?
>I am asking because I am having issues with 7 sites out of 30 that are not
>properly negociating their IPSec tunnel. All they have in common is the
>trace route not working in the direction to the Main hub. Trace route works
>fine for the remaining sites. Ping works for all the working/non-working
>sites.
>So I am starting to think that maybe one of the transit Internet router
>might need a refresh in their cache.

If ping works but traceroute doesn't, I'd suspect an outbound (from
you) UDP filter, or an ICMP filter somewhere in the reverse path.
Does traceroute get you partially there? If so, suspect the next hop
after the last router you can reach.

Since an ISP of any appreciable size using Cisco routers, at least,
should be using CEF, there's really no concept of a cache miss. The
main BGP RIB could, for some reason, be missing the route.

Does your service provider have a looking glass, or will their
support people give you the results of show route for the routes in
question?

>I would appreciate any opinion,
>
>Thanks
>
>--Richard

• Next message: John Matus: "Re: mroute woes - help!"
• Previous message: John Matus: "mroute woes - help!"
• Next in thread: Howard C. Berkowitz: "Re: FIB issue ?"
• Maybe reply: Howard C. Berkowitz: "Re: FIB issue ?"
• Maybe reply: hcb@gettcomm.com: "Re: FIB issue ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Oct 01 2004 - 15:00:41 GMT-3