MTU size and Bandwidht settings are same ..

Plzz find below conf for u r ref

============================

!

interface Tunnel20

ip address 10.200.200.1 255.255.255.252

ip access-group 2 out

ip directed-broadcast

ip accounting output-packets

ip route-cache flow

load-interval 30

tunnel source 161.144.100.2

tunnel destination 192.168.21.225

tunnel mode ipip

!

============================

interface Tunnel20

ip address 10.200.200.2 255.255.255.252

ip access-group 2 in

ip helper-address 10.16.192.255

ip helper-address 10.16.194.255

ip helper-address 10.16.193.255

ip helper-address 161.144.120.255

ip helper-address 192.168.24.244

ip helper-address 161.144.150.255

ip helper-address 161.144.140.255

ip helper-address 161.144.160.255

ip helper-address 161.144.130.255

ip helper-address 10.16.195.255

ip helper-address 10.15.192.255

ip helper-address 161.144.116.255

ip helper-address 10.16.85.255

ip helper-address 10.16.197.255

ip helper-address 20.16.192.255

ip route-cache flow

load-interval 30

tunnel source 192.168.21.225

tunnel destination 161.144.100.2

tunnel mode ipip

!

--More--

prasad

We might be able to give better answers if we knew a bit more about your environment. Your original post says something general about not matching. Can you give us a bit more specific information to work with? Can you help us understand what is not matching?

I notice that one tunnel has ip access-group 2 out and the other tunnel has ip access-group 2 in. Can you provide the details of access-list 2 from both routers.

Are we sure that the tunnels are working in both directions? If you do a traceroute from one router to the tunnel address of the other router do you get a response that shows that it is 1 hop away? Do you get the same response from the other router?

Is it possible that the routing logic on one router is sending traffic through the tunnel that it not returning through the tunnel from the other router?

HTH

Rick

Hi,

I am attaching full config of both routers.

we have one router in LAN to forword market data." local-udp-fwd.txt "

we have one more router at ISP who receives this broadcast on tunnel 20 " isp-udp-fwd.txt "

we kept this router so as to all VPN clients will get the broadcast from ISP and not from my LAN so as we save on wan BW.

This tunnel is onle accepting traffic from one ip 161.144.100.30 who is actual sending broadcast that is why only out traffic on internal router and in traffic on ISP side.

Thanks

prasad

Please help me in understanding why out traffic and othere end in traffic is not matching

BSE-EXCH#show interfaces tunnel 20

Tunnel20 is up, line protocol is up

Hardware is Tunnel

Internet address is 10.200.200.1/30

MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,

reliability 255/255, txload 218/255, rxload 1/255

Encapsulation TUNNEL, loopback not set

Keepalive set (10 sec)

Tunnel source 161.144.100.2, destination 192.168.21.225

Tunnel protocol/transport IP/IP, key disabled, sequencing disabled

Checksumming of packets disabled, fast tunneling enabled

Last input 4d17h, output 00:00:00, output hang never

Last clearing of "show interface" counters 1d18h

Queueing strategy: fifo

Output queue 0/0, 0 drops; input queue 0/75, 0 drops

30 second input rate 0 bits/sec, 0 packets/sec

30 second output rate 184000 bits/sec, 16 packets/sec

0 packets input, 0 bytes, 0 no buffer

Received 0 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

899345 packets output, 846447214 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 output buffer failures, 0 output buffers swapped out

BSE-EXCH#

prasad

I have looked at the configs that you posted and I do not see any obvious problem with the configured tunnels. I still do not understand what the problem is. You say something about traffic not matching but you have not posted anything to help us see or understand what about the traffic is not matching. If you could clarify this perhaps we can find the answer.

I do note one thing that seems a bit strange - though I do not know if it is part of the problem. On the ISP router there is only one physical interface through which the tunnel traffic is carried, and it has a subnet that has room for only one other device on that subnet. So the ISP router will receive packets on the tunnel interface and for every broadcast received it will generate multiple packets based on the helper-address configured which will be forwarded out the physical interface (on which they were received). So the neighbor device at address 192.168.21.226 is forwarding the tunnel traffic to the JMFS-SIFY and is receiving a bunch of directed broadcast traffic to forward to other destinations. Is this the intended environment?

HTH

Rick

Thanks RICK,

I am attaching the logical diag PPT and int.txt for u r ref

Hi Prasad,

Just a quick question, are sure that the traffic pattern for both sides are symmetrical i.e. there is no multicast or any broadcast that is being sent over this link?

As I guess its quite difficult to see that ONE-WAY traffic on a Router Interface.

If I were you, I would have tried to use a Sniffer and tried to understand whats going on.

HTH,

Please rate if it helps

Regards

Wilson SAmuel

Hi Wilson,

we are only forwording udp broadcas that is why it is one way traffic,

How can i use sniffer on the wan interface?

Thanks

Prasad

Prasad

The interface text does help me to understand what you are asking about. I do not believe that you have a real problem. One end is reporting 16 packets per second and the other end is reporting 17 packets per second. I do not believe that at this number of packets per second you are able to get measurements that exactly match up. If there is a difference of even 1/4 of a second in when you do the show interface commands you would not be looking at exactly the same traffic flows. I think that the difference you see (at least in what you posted) is simply the difference of sampling slightly different traffic flows.

HTH

Rick

Hi Rick,

agree the packets are matching, then i guess in/out rates bits/sec also should match.

i have the graph for this interface it is always the difference.

how can i capture all the data packets on this interface.?

Thanks,

Prasad