URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 8514
[ Назад ]

Исходное сообщение
"Разные MTU на интерфейсе "

Отправлено Kan , 16-Авг-05 08:29 
Добрый день!
Не могу понять почему у меня разные MTU на интерфесах Tunell на маршрутизаторах.

Пинги через тунель идут через один!!!

Первый маршрутизатор

interface: Dialer0
    Crypto map tag: vpn, local addr. yyy.yyy.yyy.yyy

   protected vrf:
   local  ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   current_peer: xxx.xxx.xxx.xxx:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 19, #pkts encrypt: 19, #pkts digest 19
    #pkts decaps: 16, #pkts decrypt: 16, #pkts verify 16
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 1, #recv errors 0

     local crypto endpt.: yyy.yyy.yyy.yyy, remote crypto endpt.: xxx.xxx.xxx.xxx
     path mtu 1500, media mtu 1500
     current outbound spi: CD6CE629

     inbound esp sas:
      spi: 0x5254EC5A(1381297242)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2000, flow_id: 1, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3568)
        IV size: 8 bytes
        replay detection support: Y

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:
      spi: 0xCD6CE629(3446466089)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2001, flow_id: 2, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3568)
        IV size: 8 bytes
        replay detection support: Y

     outbound ah sas:

     outbound pcp sas:


interface: Virtual-Access2
    Crypto map tag: vpn, local addr. yyy.yyy.yyy.yyy

   protected vrf:
   local  ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   current_peer: xxx.xxx.xxx.xxx:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 19, #pkts encrypt: 19, #pkts digest 19
    #pkts decaps: 16, #pkts decrypt: 16, #pkts verify 16
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 1, #recv errors 0

     local crypto endpt.: yyy.yyy.yyy.yyy, remote crypto endpt.: xxx.xxx.xxx.xxx
     path mtu 1500, media mtu 1500
     current outbound spi: CD6CE629

     inbound esp sas:
      spi: 0x5254EC5A(1381297242)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2000, flow_id: 1, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3568)
        IV size: 8 bytes
        replay detection support: Y

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:
      spi: 0xCD6CE629(3446466089)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2001, flow_id: 2, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3566)
        IV size: 8 bytes
        replay detection support: Y

     outbound ah sas:

     outbound pcp sas:


interface: Tunnel0
    Crypto map tag: vpn, local addr. yyy.yyy.yyy.yyy

   protected vrf:
   local  ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   current_peer: xxx.xxx.xxx.xxx:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 19, #pkts encrypt: 19, #pkts digest 19
    #pkts decaps: 16, #pkts decrypt: 16, #pkts verify 16
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 1, #recv errors 0

     local crypto endpt.: yyy.yyy.yyy.yyy, remote crypto endpt.: xxx.xxx.xxx.xxx
     path mtu 1500, media mtu 1500
     current outbound spi: CD6CE629

     inbound esp sas:
      spi: 0x5254EC5A(1381297242)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2000, flow_id: 1, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3562)
        IV size: 8 bytes
        replay detection support: Y

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:
      spi: 0xCD6CE629(3446466089)
        transform: esp-3des esp-sha-hmac ,
        in use settings ={Transport, }
        slot: 0, conn id: 2001, flow_id: 2, crypto map: vpn
        sa timing: remaining key lifetime (k/sec): (4392980/3562)
        IV size: 8 bytes
        replay detection support: Y

     outbound ah sas:

     outbound pcp sas:

Второй:

interface: Dialer0
    Crypto map tag: vpn, local addr. xxx.xxx.xxx.xxx

   protected vrf:
   local  ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   current_peer: yyy.yyy.yyy.yyy:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: xxx.xxx.xxx.xxx, remote crypto endpt.: yyy.yyy.yyy.yyy
     path mtu 1476, media mtu 1476
     current outbound spi: 0

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:


interface: Tunnel0
    Crypto map tag: vpn, local addr. xxx.xxx.xxx.xxx

   protected vrf:
   local  ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   current_peer: yyy.yyy.yyy.yyy:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: xxx.xxx.xxx.xxx, remote crypto endpt.: yyy.yyy.yyy.yyy
     path mtu 1476, media mtu 1476
     current outbound spi: 0

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:


interface: Virtual-Access3
    Crypto map tag: vpn, local addr. xxx.xxx.xxx.xxx

   protected vrf:
   local  ident (addr/mask/prot/port): (xxx.xxx.xxx.xxx/255.255.255.255/47/0)
   remote ident (addr/mask/prot/port): (yyy.yyy.yyy.yyy/255.255.255.255/47/0)
   current_peer: yyy.yyy.yyy.yyy:500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: xxx.xxx.xxx.xxx, remote crypto endpt.: yyy.yyy.yyy.yyy
     path mtu 1476, media mtu 1476
     current outbound spi: 0

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:


Содержание

Сообщения в этом обсуждении
"Разные MTU на интерфейсе "
Отправлено Kan , 16-Авг-05 08:41 
В дагонку

Вот схема

LOCAL1 -> Cisco 2651 < Tunnel over ADSL> Cisco 837-> LOCAL 2

Между кошками ADSL На интерфейсе ATM, Tunnel0 и Dialer0 вот что написано

ATM0/0 is up, line protocol is up
  Hardware is DSLSAR (with Alcatel ADSL Module)
  MTU 4470 bytes, sub MTU 4470, BW 512 Kbit, DLY 1000 usec,
     reliability 255/255, txload 4/255, rxload 9/255
  Encapsulation ATM, loopback not set
  Encapsulation(s): AAL5  AAL2, PVC mode
  23 maximum active VCs, 256 VCs per VP, 1 current VCCs
  VC Auto Creation Disabled.
  VC idle disconnect time: 300 seconds
  Last input never, output 00:00:00, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 532
  Queueing strategy: Per VC Queueing
  5 minute input rate 20000 bits/sec, 11 packets/sec
  5 minute output rate 9000 bits/sec, 10 packets/sec
     2472356 packets input, 589924058 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     4492965 packets output, 816029506 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out


Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Internet address is 192.168.250.1/24
  MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive not set
  Tunnel source xxx.xxx.xxx.xxx (Dialer0), destination yyy.yyy.yyy.yyy
  Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled
  Tunnel TTL 255
  Checksumming of packets disabled,  fast tunneling enabled
  Last input 00:01:03, output 00:01:07, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 2
  Queueing strategy: fifo
  Output queue: 0/0 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     1447 packets input, 164075 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     975 packets output, 105011 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out

Dialer0 is up, line protocol is up (spoofing)
  Hardware is Unknown
  Internet address is xxx.xxx.xxx.xxx/30
  MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, loopback not set
  Interface is bound to Vi3
  Last input never, output never, output hang never
  Last clearing of "show interface" counters 1w4d
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: weighted fair
  Output queue: 0/1000/64/0 (size/max total/threshold/drops)
     Conversations  0/0/16 (active/max active/max total)
     Reserved Conversations 0/0 (allocated/max allocated)
     Available Bandwidth 42 kilobits/sec
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     2472006 packets input, 589882565 bytes
     4493288 packets output, 798341192 bytes