Hi,
On Thu, Dec 3, 2009 at 7:20 PM, olumayokun fowowe <olumayokun_at_gmail.com> wrote:
>
> I noticed something strange recently. I don't know if anybody can help me
> with an explanation. the connection between the two catalyst 6509 switches
> are routed and I have a number of SVIs on both switches (the SVIs serves as
> gateway for a number of vlans). i have a GRE over IPSEC tunnel across the
> routed interfaces of the catalyst switches. Everything works fine if traffic
> is passing over the routed interfaces and not the tunnels. However, if I
> force the traffic to pass across the tunnel, the SVIs become unreachable
> from both sides but the end devices are reachable. A show command confirms
> that the traffic is being encrypted.
Could it just be that the crypto processing is being performed by the
RP, instead of in hardware (as it will be for forwarding of plain text
traffic), and it's crippling the systems? It doesn't exactly match
your symptoms, but it's one possible theory. You're not doing any
bridging over the SVIs, are you?
1. post hardware configuration ("sh module")
2. post relevant portions of IOS configuration, and IOS version information
3. do what you can help us to help you. we're not magicians.
cheers,
Dale
Blogs and organic groups at http://www.ccie.net
Received on Thu Dec 03 2009 - 22:02:39 ART
This archive was generated by hypermail 2.2.0 : Sat Jan 02 2010 - 11:11:07 ART