Try turning off keep alive on the Cisco side (“no keepalive"). I’ve seen issues with GRE tunnels to non-Cisco boxen with that enabled (even when the other side supposedly supports it)
Chris > On 24 Aug 2018, at 9:09 am, David Deutsch <ddeut...@tsicorp.net> wrote: > > Hoping the list can help with this one. > > I have a basic GRE tunnel between my Cisco ASR1006 and a Linux box. > > On the Cisco side: > > interface Tunnel100 > description Tun 100 - BPT > ip address 172.16.100.1 255.255.255.0 > tunnel source x.x.136.1 > tunnel destination x.x.x.234 > > I have several of these basic GRE tunnels from this router, however this is > the only one giving me problems. > > The tunnel source is my loopback, I can ping the local 172.168.100.1, > however when I try to ping the other inside: > > #ping 172.16.100.2 > Type escape sequence to abort. > Sending 5, 100-byte ICMP Echos to 172.16.100.2, timeout is 2 seconds: > !!... > Success rate is 40 percent (2/5), round-trip min/avg/max = 97/105/113 ms > > It always dies after two pings, every time. Additionally, pinging from the > other side has the exact same results: > > ping 172.16.100.1 > PING 172.16.100.1 (172.16.100.1): 56 data bytes > 64 bytes from 172.16.100.1: seq=0 ttl=255 time=83.430 ms > 64 bytes from 172.16.100.1: seq=1 ttl=255 time=88.326 ms > ... then nothing. > > I've gone as far as to completely rebuild the Linux side with no luck and > I'm starting to feel that I've missed something basic on the Cisco side, > except I've used these tunnels for years. > > Any advice/ideas? > > Thanks, > David > _______________________________________________ > cisco-nsp mailing list cisco-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-nsp > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/