We have an issue with 2 routers(2621 and 878) which under some specific circumstances will flood the network with duplicate packets until they're both rebooted. The WAN has 9 sites but the smallest site is bridged and doesn't have a router. If the link to the bridged site goes down when a packet is trying to reach a device there, the 2621 and the 878 retransmit the packet indefinitely. We need both routers off at the same time to break the cycle.

Using Ethereal on a PC on the WAN side we're able to capture the packets and so far we've seen ICMP packets, UDP packets (snmp from the print server querying the printer) and TCP packets (SYN packets from trying to restart a print job).

The routers and the devices on the small site are all on a layer 2 WAN so we check the MAC address in the packets to see where they came from but the source IP remains the same (eg. print server at head office). Using ethereal on the source machine shows it isn't sending the packets when this occurs - it's all contained on the WAN side.

Considering only 2 of the 8 routers are doing this I'm wondering if it might be a bug in the IOS. The 2621 image is c2600-is-mz.122-13.bin and the 878 is c870-advsecurityk9-mz.124-4.T3.bin.

I've been investigating this for a while and am at a loss so far - any help appreciated.