It appears that my diagnosis was incorrect as this worked out to be another
MTU issue. With all of the IPsec and GRE overhead, I needed to reduce MTU
down to 1414. Initially, I had done that on the GRE tunnels and the
interface on my voice VLAN. But I had not done that on the VLAN with the
PCs because everything seemed to work fine. This issue only presented
itself on a handful of PCs and only a few times per day. Here's someone
else who had the same issue (random Outlook EventID 26):
http://ask.wireshark.org/questions/652/connection-to-microsoft-exchange-has-been-lost-outlook-will-restore-the-connection-when-possible
Yesterday, I tried to lower MTU on the PC LAN interface of the routers but
that caused internet https sessions to break (the routers serve the default
route for internet and intranet). A client-side reboot may have resolved
this (PMTU?) but I was not able to test during the day just due to the
sheer numbers. So I have subsequently increased the router's PC LAN MTU
back to 1500 and reduced MTU on the email server. This is obviously not
ideal but it appears to be working until I can get a proper lab configured
for testing.
Thanks for your input.
On Tue, Apr 15, 2014 at 10:48 AM, Timo Teras <[email protected]> wrote:
> On Fri, 11 Apr 2014 08:26:32 -0400
> Darren Ginter <[email protected]> wrote:
>
> > I am down to my final issue on my new DMVPN WAN (all opennhrp, no
> > Cisco). From syslog:
> >
> > opennhrp[3049]: Failed to resolve x.x.x.x: protocol address
> > unreachable (6)
> >
> > I am pretty sure that this is caused by the fact that the IP address
> > in question is on a vlan that I created while troubleshooting another
> > issue. This vlan is not accommodated by the opennhrp.conf even though
> > quagga/ospf advertises it and it is reachable from the other DMVPN
> > nodes.
> >
> > 1) There seems to be a bug: when these messages appear in the logs,
> > traffic is dropped.
>
> Is this routed subnet, or gre subnet address? I think this is correct
> behaviour if it is gre subnet address. If routed, then I need to check
> the code.
>
> > 2) What is the easiest way to update the running configuration of my
> > network without interruption? I do not see a "reload-config" in
> > opennhrpctl.
>
> Unfortunately that is not yet implemented. Doing kill -9 + start would
> probably work relatively ok. Doing the reload has been on my todo list
> for a long time, but I never bothered to do it - and now I'm thinking
> to do more invasive changes first, so it's currently not a priority.
>
> - Timo
>
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
opennhrp-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opennhrp-devel
