cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
499
Views
0
Helpful
8
Replies

CRC count from a c7200 VPN box to a 2912-xl switch

Brent Rockburn
Level 2
Level 2

So let's see.

I have two VPN routers that are connected to two seperate Switches for failover.

I'm getting CRC erros on the switchport that the router is plugged into (no matter what port I plug it into) I've verified duplex and speed, I've also changed the cable out. Doesn't matter what port I plug the router into the crc's start to count up. No crc's on the routers interface.

Anyone?

8 Replies 8

Edison Ortiz
Hall of Fame
Hall of Fame

You've performed all the correct steps and it seems you have a bad switch, it happens ! :)

That switch is quite old as well.

Have you tried connecting another device to this switch and see if you can duplicate the CRC errors ?

Have you tried upgrading the firmware ?

__

Edison.

Just updated the switch last night. There are other devices using the switch without any problems at all. Even when the router is in standby mode there are no CRC's on the switchport it's plugged into. It seems that only the VPN traffic causes it. Doesn't make any sense to me, but I thought that maybe because all the switchports are in a vlan it might have something to do with how the Gig interface on the router is configured. Do I need to encasuplate dot1q on that interface going to the switch? Also this happens on both my outside switches, I don't see how both switches can be bad.

You don't need dot1q unless you are planning to carry more than one Vlan on the link.

Make sure to configure the switch as access-vlan and the router as a normal routed port.

Please post the portion or the entire config from both devices, maybe there is something in the configuration that needs correcting.

Thanks

This is the config for the gig interface

interface GigabitEthernet0/1

description Outside

ip address XX.XX.XXX.XX XXX.XXX.XXX.XXX

ip virtual-reassembly

ip tcp adjust-mss 1300

duplex full

speed 100

media-type rj45

no negotiation auto

no cdp enable

standby delay minimum 30 reload 60

standby 2 ip XX.XX.XXX.XX

standby 2 timers 1 10

standby 2 preempt

standby 2 name ha-out

standby 2 track GigabitEthernet0/2

crypto map clientmap redundancy ha-out stateful

This is the interface on the switch

interface FastEthernet0/9

description VPN Router .XX

mtu 1500

duplex full

speed 100

switchport access vlan 110

no cdp enable

This is the "show int fast 0/9" on the switch

NMM-2912-1-Outside#sh int fastEthernet 0/9

FastEthernet0/9 is up, line protocol is up

Hardware is Fast Ethernet, address is 0004.4dd0.4889 (bia 0004.4dd0.4889)

Description: VPN Router .13

MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

reliability 255/255, txload 1/255, rxload 1/255

Encapsulation ARPA, loopback not set

Keepalive not set

Full-duplex, 100Mb/s, 100BaseTX/FX

ARP type: ARPA, ARP Timeout 04:00:00

Last input never, output 02:45:25, output hang never

Last clearing of "show interface" counters 03:27:21

Queueing strategy: fifo

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

5 minute input rate 0 bits/sec, 0 packets/sec

5 minute output rate 0 bits/sec, 0 packets/sec

4251524 packets input, 2530110338 bytes

Received 2494 broadcasts, 0 runts, 0 giants, 0 throttles

25 input errors, 25 CRC, 0 frame, 27 overrun, 27 ignored

0 watchdog, 2494 multicast

0 input packets with dribble condition detected

4377529 packets output, 1375471044 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets

0 babbles, 0 late collision, 0 deferred

0 lost carrier, 0 no carrier

0 output buffer failures, 0 output buffers swapped out

Change speed/duplex to auto/auto

Clear counters

Let's see if the CRC increases again.

Weird, let me do some digging...

Can you eliminate the MTU statement on the 2900 side? I don't see the purpose of it as the default MTU size is 1500.

By the way something I forgot to mention.

We RMA'd the first 2912xl that was doing this. This is the second one CISCO has sent. Same problem.

Then, it seems a compatibility issue between the 29xx and the Giga interface in the 7200

or

the configuration at one of the ports.

Can we eliminate the speed/duplex and mtu as I suggested ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco