Has anyone seen this before? I'm seeing this error flood the logs on one of my DMVPN spoke routers. EIGRP isn't flapping and the IPSEC tunnel is stable. It's not pegging out the proc either. It's just annoying at this point.
The 10.0.10.12 is a loopback used as DMVPN tunnel source.
*Jun 22 02:08:59.083: %IP-3-DESTHOST: src=10.0.10.12, dst=0.0.0.0, NULL desthost -Process= "ISM-VPN background", ipl= 0, pid= 53
-Traceback= 58FAF34z 411D2D8z 411DBECz 9CC0778z 9CC08F0z 4DD4DACz 4DBAC7Cz
*Jun 22 02:08:59.875: %IP-3-DESTHOST: src=10.0.10.12, dst=0.0.0.0, NULL desthost -Process= "ISM-VPN background", ipl= 0, pid= 53
-Traceback= 58FAF34z 411D2D8z 411DBECz 9CC0778z 9CC08F0z 4DD4DACz 4DBAC7Cz
I can't find anything useful from the Google.
Did you see the bug - CSCdu06914?
It is older, but I have seen bugs come back in newer releases on occasion. Is your default route pointed to an interface? instead of a next hop IP?
-Otanx
NECROBUGS!!! AIIIEEEEE!!!!
:fail1:
Quote from: Otanx on June 22, 2020, 08:13:02 AM
Did you see the bug - CSCdu06914?
It is older, but I have seen bugs come back in newer releases on occasion. Is your default route pointed to an interface? instead of a next hop IP?
-Otanx
Oh ok so this is from back in the 12.x days.
c3900-universalk9-mz.SPA.152-4.M2.bin
This router is riding a SATCOM shot using a TDMA Linkway modem. It uses RIP between the modems and then learns a default route through EIGRP once the tunnel is established. The default route points at the DMVPN hub on a backside router we use as a landing point.
Today I am going to try switching the crypto engine over from the VPN module to the onboard and see if anything blows up. It's not in production yet anyway.
RTR#show crypto engine brief
crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Disabled
Location: onboard 0
Product Name: Onboard-VPN
FW Version: 1
Time running: 63876 seconds
Compression: Yes
DES: Yes
3 DES: Yes
AES CBC: Yes (128,192,256)
AES CNTR: No
Maximum buffer length: 4096
Maximum DH index: 0000
Maximum SA index: 0000
Maximum Flow index: 8000
Maximum RSA key size: 0000
crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Enabled
Location: slot 0
Product Name: ISM VPN Accelerator
UBOOT Ver : U-Boot 1.1.1 - ISRG2-Crypto-Engine - Version 2.7 (Build time: Mar 7 2011 - 09:12:23)
Firmware Ver: User: sripadma - View/Label: REVENTON_V6_FW_COMMIT_IOS_10162012 - Date: Oct 16 2012 - Time: 14:19:18
HW State : READY
Compression: No
DES: Yes
3 DES: Yes
AES CBC: Yes (128,192,256)
AES CNTR: No
Maximum buffer length: 4096
Maximum DH index: 5120
Maximum SA index: 5120
Maximum Flow index: 10230
Maximum RSA key size: 2048
crypto engine name: Cisco VPN Software Implementation
crypto engine type: software
serial number: 7250EFF8
crypto engine state: installed
crypto engine in slot: N/A