×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ospf retransmission packet over transparent fwsm

Unanswered Question
Apr 10th, 2014
User Badges:

Hello everyone!

I have a problem, ospf packets are lost over fwsm in transparent mode. my scheme cisco 6513 (vlan 602) - FWSM (transparent mode)- juniper mx 480 (vlan 1602)
 
sh ip ospf neighbor 10.25.78.102
 Neighbor 10.25.78.102, interface address 10.25.4.49
    In the area 0.0.0.25 via interface Vlan602
    Neighbor priority is 0, State is FULL, 6 state changes
    DR is 0.0.0.0 BDR is 0.0.0.0
    Options is 0x12 in Hello (E-bit L-bit )
    Options is 0x52 in DBD (E-bit L-bit O-bit)
    LLS Options is 0x1 (LR)
    Dead timer due in 00:00:38
    Neighbor is up for 00:34:26
    Index 13/13, retransmission queue length 1377, number of retransmission 1829
    First 0x56B71B24(22845)/0x541589D4(1980410) Next 0x56B71B24(22845)/0x53145CDC(1982479)
    Last retransmission scan length is 1, maximum is 3
    Last retransmission scan time is 0 msec, maximum is 0 msec
    Link State retransmission due in 170 msec
 
fwsm version 4.1(15)
On fwsm there is a separate transparent context
interface Vlan1602
 nameif outside_vos2
 bridge-group 5
 security-level 100
 !
 interface Vlan602
 nameif inside_vos2
 bridge-group 5
 security-level 100
 !
 mtu outside_vos2 1600
 mtu inside_vos2 1600
 same-security-traffic permit inter-interface
 access-group outside_vos2 in interface outside_vos2
 access-group inside_vos2 in interface inside_vos2
 !
 
 vld-fwsm-3/Acon# sh access-list inside_vos2
access-list inside_vos2; 7 elements
access-list inside_vos2 line 1 extended permit icmp any any (hitcnt=3013) 0xdc0494dc 
access-list inside_vos2 line 2 extended permit ospf any any (hitcnt=11870) 0x1a46fe16 
access-list inside_vos2 line 3 extended permit ip any any (hitcnt=1) 0x8be5ad9f 
access-list inside_vos2 line 4 extended permit ospf host 224.0.0.5 any (hitcnt=0) 0x96c6702 
access-list inside_vos2 line 5 extended permit ospf host 224.0.0.6 any (hitcnt=0) 0xc8bc65d9 
access-list inside_vos2 line 6 extended permit ospf any host 224.0.0.6 (hitcnt=0) 0xa6831776 
access-list inside_vos2 line 7 extended permit ospf any host 224.0.0.5 (hitcnt=0) 0x1c1248b 
vld-fwsm-3/Acon# sh access-list outside_vos2    
access-list outside_vos2; 7 elements
access-list outside_vos2 line 1 extended permit icmp any any (hitcnt=3010) 0xda598b52 
access-list outside_vos2 line 2 extended permit ospf any any (hitcnt=7886) 0x112dad2b 
access-list outside_vos2 line 3 extended permit ip any any (hitcnt=10) 0x910c4a5a 
access-list outside_vos2 line 4 extended permit ospf host 224.0.0.5 any (hitcnt=0) 0x2d6480d7 
access-list outside_vos2 line 5 extended permit ospf host 224.0.0.6 any (hitcnt=0) 0x4a8401c0 
access-list outside_vos2 line 6 extended permit ospf any host 224.0.0.5 (hitcnt=0) 0x70f8cbba 
access-list outside_vos2 line 7 extended permit ospf any host 224.0.0.6 (hitcnt=0) 0x60783961 
!
 
FWSM logs(there is no drops):
6|Apr 11 2014|14:47:40|302023|||||Teardown IP protocol 89 connection 12379739847668082336 for outside_vos2:10.25.4.49 to inside_vos2:10.25.4.54 duration 0:00:06 bytes 1520
6|Apr 11 2014|14:47:40|302022|||||Built IP protocol 89 connection 12379739847668082338 for inside_vos2:10.25.4.49 (10.25.4.49) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:38|302022|||||Built IP protocol 89 connection 12379739847668082337 for inside_vos2:224.0.0.5 (224.0.0.5) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:36|302023|||||Teardown IP protocol 89 connection 12379739847668082335 for inside_vos2:10.25.4.54 to outside_vos2:10.25.4.49 duration 0:00:05 bytes 164
6|Apr 11 2014|14:47:34|302022|||||Built IP protocol 89 connection 12379739847668082336 for outside_vos2:10.25.4.49 (10.25.4.49) to inside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:31|302023|||||Teardown IP protocol 89 connection 12379739847668082332 for outside_vos2:10.25.4.49 to inside_vos2:10.25.4.54 duration 0:00:05 bytes 1520
6|Apr 11 2014|14:47:31|302022|||||Built IP protocol 89 connection 12379739847668082335 for inside_vos2:10.25.4.49 (10.25.4.49) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:29|302023|||||Teardown IP protocol 89 connection 12379739847668082329 for inside_vos2:10.25.4.54 to outside_vos2:224.0.0.5 duration 0:00:09 bytes 196
6|Apr 11 2014|14:47:26|302023|||||Teardown IP protocol 89 connection 12379739847668082330 for inside_vos2:10.25.4.54 to outside_vos2:10.25.4.49 duration 0:00:05 bytes 164
6|Apr 11 2014|14:47:25|302022|||||Built IP protocol 89 connection 12379739847668082332 for outside_vos2:10.25.4.49 (10.25.4.49) to inside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:21|302023|||||Teardown IP protocol 89 connection 12379739847668082328 for outside_vos2:10.25.4.49 to inside_vos2:10.25.4.54 duration 0:00:05 bytes 1520
6|Apr 11 2014|14:47:21|302022|||||Built IP protocol 89 connection 12379739847668082330 for inside_vos2:10.25.4.49 (10.25.4.49) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:19|302022|||||Built IP protocol 89 connection 12379739847668082329 for inside_vos2:224.0.0.5 (224.0.0.5) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:17|302023|||||Teardown IP protocol 89 connection 12379739847668082327 for inside_vos2:10.25.4.54 to outside_vos2:10.25.4.49 duration 0:00:05 bytes 164
6|Apr 11 2014|14:47:15|302022|||||Built IP protocol 89 connection 12379739847668082328 for outside_vos2:10.25.4.49 (10.25.4.49) to inside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:12|302023|||||Teardown IP protocol 89 connection 12379739847668082324 for outside_vos2:10.25.4.49 to inside_vos2:10.25.4.54 duration 0:00:04 bytes 1520
6|Apr 11 2014|14:47:11|302022|||||Built IP protocol 89 connection 12379739847668082327 for inside_vos2:10.25.4.49 (10.25.4.49) to outside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:10|302023|||||Teardown IP protocol 89 connection 12379739847668082322 for inside_vos2:10.25.4.54 to outside_vos2:224.0.0.5 duration 0:00:10 bytes 196
6|Apr 11 2014|14:47:07|302022|||||Built IP protocol 89 connection 12379739847668082324 for outside_vos2:10.25.4.49 (10.25.4.49) to inside_vos2:10.25.4.54 (10.25.4.54)
6|Apr 11 2014|14:47:07|302023|||||Teardown IP protocol 89 connection 12379739847668082323 for inside_vos2:10.25.4.54 to outside_vos2:10.25.4.49 duration 0:00:05 bytes 164
 
 
on svi interface cisco 6500 and juniper mx480 - ip mtu 1400.
 
when traffic goes without FWSM no packet loss
sh ip ospf neighbor 10.25.78.102
 Neighbor 10.25.78.102, interface address 10.25.4.49
    In the area 0.0.0.25 via interface Vlan1602
    Neighbor priority is 0, State is FULL, 6 state changes
    DR is 0.0.0.0 BDR is 0.0.0.0
    Options is 0x12 in Hello (E-bit L-bit )
    Options is 0x52 in DBD (E-bit L-bit O-bit)
    LLS Options is 0x1 (LR)
    Dead timer due in 00:00:38
    Neighbor is up for 00:00:36
    Index 13/13, retransmission queue length 0, number of retransmission 0
    First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
    Last retransmission scan length is 0, maximum is 0
    Last retransmission scan time is 0 msec, maximum is 0 msec
 
 


 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion

Related Content