[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1081
  • Last Modified:

TTL Expired in transit

In the past I was able to unplug my WAN Connection (T1) and the circuit would failover to the DSL connection through the 1841 routers back to main. Now I am receiving this message:

Reply from 10.210.210.2: TTL Expired in Transit

When I do a tracert the following occurs:

10.63.36.62
10.210.210.2
10.210.210.1
10.210.210.2
10.210.210.1 and so on.

I have attached the IP routes from both my 3745 Router and my 3750 Core. The 3750 is 10.210.210.1 and the 3745 is 10.210.210.2. It appears that I have a routing loop but I am not sure where. Any advice would be greatly appreciated.
3750-Core.txt
3745-Router.txt
0
Doug_Ickes
Asked:
Doug_Ickes
  • 6
  • 4
  • 2
1 Solution
 
stranger9002Commented:
S*   0.0.0.0/0 [1/0] via 10.210.210.1 in 3745

I guess that you are trying to tracert some IP from internet and when it comes to the 3745 it sends tha packet back - there is the loop
0
 
from_expCommented:
yes, 3745 points to 3750, but 3750 should go to
S*   0.0.0.0/0 [1/0] via 10.200.200.2

so what is 10.200.200.2?
0
 
Doug_IckesAuthor Commented:
Stranger, What I am trying to do is tracert an IP that is on my internal network. I have a point to point T1 between my main office and my branches. When I disconnect the WAN to any of the branches to test failover, I am receiving the TTL expired message. I was able to accomplish this in the past but it does not work now.

Bear with me because I am not a network expert, but should I just remove the S*   0.0.0.0/0 [1/0] via 10.210.210.1? Thanks for your assistance!
0
Nothing ever in the clear!

This technical paper will help you implement VMware’s VM encryption as well as implement Veeam encryption which together will achieve the nothing ever in the clear goal. If a bad guy steals VMs, backups or traffic they get nothing.

 
Doug_IckesAuthor Commented:
Exp, 10.200.200.2 is my ASA-5510.
0
 
from_expCommented:
please don't remove anything right now.
 let us understand your topology.
what host you are tracing? we have to understand if that destination is within routing table.
0
 
Doug_IckesAuthor Commented:
Exp,

Thanks for the quick response. I was trying to trace either a 10.63.36.x or 10.63.40.x address on my network. With the T1 conncted everything works fine. When I remove the T1 to test failover that is when I receive the TTL message. I have 5 branches (3 on the 10.63.36.x network and 2 on the 10.63.40.x network).I have DSL connections at the branch offices that are connected to Cisco 1841 routers.
0
 
stranger9002Commented:
please be more specific with the IP addresses you're trying to trace, because acording to the routing tables the networks are smaller than /24 (10.63.36.0-10.63.36.255)  - this range is subnetted to multiple networks and the chosen path differs at different subnets
0
 
from_expCommented:
can you please provide routing tables for both routers when everything is on T1 and when you unplug T1.
0
 
Doug_IckesAuthor Commented:
exp and stranger

unfortunately not until after hours. we are in the middle of our workday and I can't unplug the T1 until after hours. I will do that tomorrow morning and post the routing tables then.

Thanks foreveryone's assistance so far and I will get back with you tomorrow with the routing tables.
0
 
Doug_IckesAuthor Commented:
I am adding the routing tables for 2 of my branches. Martinsburg - 10.63.36.97 -.128 and Everett - 10.63.40.1 - .32 when the T1 has been disconnected.

I have already attached the routing tables for the 3745 and 3750 above when all T1's are connected.
Martinsburg-T1-Disconnected-3745.txt
Martinsburg-T1-Disconnected-3750.txt
Everett-T1-Disconnected-3745.txt
Everett-T1-Disconnected-3750.txt
0
 
from_expCommented:
hi!
I don't get your topology very well
how many T1 you have? to every branch? and backup via DSLs?
you are not specific at what and from where you are doing traces.
Please help us to solve your problem with proper scheme

At present time I thing you have one redundant static default router on one of the routers and that is why they are looping.
So my idea is the following: when T1s are working fine, then there are dynamic routes to branches.
when you unplug T1, route expires from routing table and router sends traffic via static default route. I suppose your 1841 should announce, that branches are also available through them...
0
 
Doug_IckesAuthor Commented:
Well I figured out the problem. The public IP changed on my Bedford DSL connection. That connection is the IP that the branch 1841 routers are configured to failover to. Once I changed the Tunnel0 interface to the correct (new) public IP everything started functioning normail. I was abe to unplug my T1 and it failed over to my VPN tunnel through the 1841. Thanks to everyone for your input.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 6
  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now