Richard
asked on
Tunnel interface exists but there is not config
Hi all,
We recently setup some monitoring on our network. We are getting xfer util notifications on some tunnels that I didnt know existed. (tunnel 0 and 1 and 2 should not exist)
here is the sh int:
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
--------------------------
* GigabitEthernet0/0 0 3 0 323 236000 151 1547000 245 3
GigabitEthernet0/1 0 0 0 0 0 0 0 0 0
* GigabitEthernet0/2 0 0 0 7 1677000 233 279000 163 0
* SM1/0 0 0 0 0 1745000 337 1737000 304 0
SM1/1 0 0 0 0 0 0 0 0 0
* Tunnel0 0 0 0 0 0 0 209000 129 0
* Tunnel1 0 0 0 0 0 0 0 0 0
* Tunnel2 0 0 0 0 0 0 1488000 173 0
and here is the config, which does not show any tunnel ints. Can anyone explain?
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname mlb-2921-1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
no ip domain lookup
ip domain name prg.com
ip wccp 61 redirect-list WAAS
ip wccp 62 redirect-list WAAS
multilink bundle-name authenticated
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2402665126
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-2402665126
!
!
crypto pki certificate chain TP-self-signed-2402665126
certificate self-signed 01
Blah
quit
voice-card 0
dspfarm
dsp services dspfarm
!
!
!
!
!
!
license udi pid blah
hw-module pvdm 0/0
!
hw-module sm 1
!
!
!
username netadmin privilege 15 secret 5 blah
!
redundancy
!
!
ip ftp source-interface GigabitEthernet0/0
!
class-map match-any signal
match dscp af31
match access-group 110
class-map match-any video
match dscp af41
match access-group 199
class-map match-any voice
match ip dscp ef
match access-group 111
class-map match-any premium
match access-group name citrix
!
!
policy-map WAN-EDGE
class voice
priority percent 29
set ip precedence 5
class signal
bandwidth percent 1
set ip precedence 5
class video
bandwidth percent 15
set ip precedence 4
class premium
bandwidth percent 19
set precedence 3
class class-default
fair-queue
random-detect
set ip precedence 0
!
!
!
!
!
interface GigabitEthernet0/0
description LAN INTERFACE
ip address 10.62.0.10 255.255.255.0
ip wccp 61 redirect in
ip wccp 62 redirect out
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Link to SOUL MPLS
bandwidth 4096
ip address 10.248.105.58 255.255.255.252
ip flow ingress
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
description Link to SOUL MPLS CGE
bandwidth 4096
ip address 10.248.109.214 255.255.255.252
ip flow ingress
load-interval 30
duplex auto
speed auto
service-policy output WAN-EDGE
!
interface SM1/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.62.0.20 255.255.255.0
!Application: Restarted at Tue Sep 27 01:28:49 2011
service-module ip default-gateway 10.62.0.10
!
interface SM1/1
no ip address
shutdown
!
!
router eigrp 100
default-metric 10000 100 255 1 1500
network 10.62.0.0 0.0.255.255
redistribute bgp 65062 route-map bgp2eigrp
!
router bgp 65062
no synchronization
bgp log-neighbor-changes
network 10.62.0.0 mask 255.255.0.0
redistribute static metric 100
redistribute eigrp 100 route-map eigrp2bgp
neighbor 10.248.105.57 remote-as 9942
neighbor 10.248.105.57 version 4
neighbor 10.248.109.213 remote-as 9942
neighbor 10.248.109.213 version 4
no auto-summary
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip flow-cache timeout active 1
ip flow-export version 9
ip flow-export destination 10.10.2.194 9995
!
ip route 10.62.0.0 255.255.0.0 10.62.0.1
ip route 10.62.0.20 255.255.255.255 SM1/0
!
ip access-list extended WAAS
permit tcp 10.62.0.0 0.0.255.255 10.0.0.0 0.255.255.255
permit tcp 10.0.0.0 0.255.255.255 10.62.0.0 0.0.255.255
ip access-list extended citrix
remark Citrix traffic for business apps
permit tcp any any eq 1494
permit udp any any eq 1604
permit tcp any eq 1494 any
permit udp any eq 1604 any
!
!
ip prefix-list mlb seq 30 permit 10.62.0.0/16 le 32
logging trap debugging
logging source-interface GigabitEthernet0/0
logging 10.10.2.194
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 110 permit tcp any any eq 2000
access-list 110 permit tcp any any eq 2001
access-list 110 permit tcp any any eq 1720
access-list 110 permit tcp any any eq 1719
access-list 110 permit tcp any any eq 2002
access-list 110 permit udp any any eq 2427
access-list 110 permit tcp any any eq 2428
access-list 110 permit tcp any any eq 3224
access-list 111 permit udp any any range 16384 32768
!
route-map eigrp2bgp permit 10
match ip address prefix-list mlb
!
route-map bgp2eigrp deny 10
match ip address prefix-list mlb
!
route-map bgp2eigrp permit 20
set metric 20000 20 255 1 4470
!
!
snmp-server community L1t&-Br1t& RW
snmp-server community H45br4gh RO
snmp-server contact ---Syslog 7---
snmp-server enable traps snmp authentication linkdown linkup coldstart warms
snmp-server enable traps tty
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps flash insertion removal
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps hsrp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipsla
snmp-server host 10.0.2.99 L1t&-Br1t&
snmp-server host 10.60.2.55 L1t&-Br1t&
!
control-plane
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
!
!
sccp local GigabitEthernet0/0
sccp ccm 10.60.5.10 identifier 1 priority 2 version 7.0
sccp ccm 10.60.5.11 identifier 2 priority 1 version 7.0
sccp
!
sccp ccm group 1
bind interface GigabitEthernet0/0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate profile 10 register MEL-FARM
!
dspfarm profile 10 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 3
associate application SCCP
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
login local
line aux 0
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp server 10.0.0.1
end
We recently setup some monitoring on our network. We are getting xfer util notifications on some tunnels that I didnt know existed. (tunnel 0 and 1 and 2 should not exist)
here is the sh int:
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
--------------------------
* GigabitEthernet0/0 0 3 0 323 236000 151 1547000 245 3
GigabitEthernet0/1 0 0 0 0 0 0 0 0 0
* GigabitEthernet0/2 0 0 0 7 1677000 233 279000 163 0
* SM1/0 0 0 0 0 1745000 337 1737000 304 0
SM1/1 0 0 0 0 0 0 0 0 0
* Tunnel0 0 0 0 0 0 0 209000 129 0
* Tunnel1 0 0 0 0 0 0 0 0 0
* Tunnel2 0 0 0 0 0 0 1488000 173 0
and here is the config, which does not show any tunnel ints. Can anyone explain?
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname mlb-2921-1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
no ip domain lookup
ip domain name prg.com
ip wccp 61 redirect-list WAAS
ip wccp 62 redirect-list WAAS
multilink bundle-name authenticated
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-2402665126
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certifi
revocation-check none
rsakeypair TP-self-signed-2402665126
!
!
crypto pki certificate chain TP-self-signed-2402665126
certificate self-signed 01
Blah
quit
voice-card 0
dspfarm
dsp services dspfarm
!
!
!
!
!
!
license udi pid blah
hw-module pvdm 0/0
!
hw-module sm 1
!
!
!
username netadmin privilege 15 secret 5 blah
!
redundancy
!
!
ip ftp source-interface GigabitEthernet0/0
!
class-map match-any signal
match dscp af31
match access-group 110
class-map match-any video
match dscp af41
match access-group 199
class-map match-any voice
match ip dscp ef
match access-group 111
class-map match-any premium
match access-group name citrix
!
!
policy-map WAN-EDGE
class voice
priority percent 29
set ip precedence 5
class signal
bandwidth percent 1
set ip precedence 5
class video
bandwidth percent 15
set ip precedence 4
class premium
bandwidth percent 19
set precedence 3
class class-default
fair-queue
random-detect
set ip precedence 0
!
!
!
!
!
interface GigabitEthernet0/0
description LAN INTERFACE
ip address 10.62.0.10 255.255.255.0
ip wccp 61 redirect in
ip wccp 62 redirect out
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/1
description Link to SOUL MPLS
bandwidth 4096
ip address 10.248.105.58 255.255.255.252
ip flow ingress
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/2
description Link to SOUL MPLS CGE
bandwidth 4096
ip address 10.248.109.214 255.255.255.252
ip flow ingress
load-interval 30
duplex auto
speed auto
service-policy output WAN-EDGE
!
interface SM1/0
ip unnumbered GigabitEthernet0/0
service-module ip address 10.62.0.20 255.255.255.0
!Application: Restarted at Tue Sep 27 01:28:49 2011
service-module ip default-gateway 10.62.0.10
!
interface SM1/1
no ip address
shutdown
!
!
router eigrp 100
default-metric 10000 100 255 1 1500
network 10.62.0.0 0.0.255.255
redistribute bgp 65062 route-map bgp2eigrp
!
router bgp 65062
no synchronization
bgp log-neighbor-changes
network 10.62.0.0 mask 255.255.0.0
redistribute static metric 100
redistribute eigrp 100 route-map eigrp2bgp
neighbor 10.248.105.57 remote-as 9942
neighbor 10.248.105.57 version 4
neighbor 10.248.109.213 remote-as 9942
neighbor 10.248.109.213 version 4
no auto-summary
!
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip flow-cache timeout active 1
ip flow-export version 9
ip flow-export destination 10.10.2.194 9995
!
ip route 10.62.0.0 255.255.0.0 10.62.0.1
ip route 10.62.0.20 255.255.255.255 SM1/0
!
ip access-list extended WAAS
permit tcp 10.62.0.0 0.0.255.255 10.0.0.0 0.255.255.255
permit tcp 10.0.0.0 0.255.255.255 10.62.0.0 0.0.255.255
ip access-list extended citrix
remark Citrix traffic for business apps
permit tcp any any eq 1494
permit udp any any eq 1604
permit tcp any eq 1494 any
permit udp any eq 1604 any
!
!
ip prefix-list mlb seq 30 permit 10.62.0.0/16 le 32
logging trap debugging
logging source-interface GigabitEthernet0/0
logging 10.10.2.194
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 110 permit tcp any any eq 2000
access-list 110 permit tcp any any eq 2001
access-list 110 permit tcp any any eq 1720
access-list 110 permit tcp any any eq 1719
access-list 110 permit tcp any any eq 2002
access-list 110 permit udp any any eq 2427
access-list 110 permit tcp any any eq 2428
access-list 110 permit tcp any any eq 3224
access-list 111 permit udp any any range 16384 32768
!
route-map eigrp2bgp permit 10
match ip address prefix-list mlb
!
route-map bgp2eigrp deny 10
match ip address prefix-list mlb
!
route-map bgp2eigrp permit 20
set metric 20000 20 255 1 4470
!
!
snmp-server community L1t&-Br1t& RW
snmp-server community H45br4gh RO
snmp-server contact ---Syslog 7---
snmp-server enable traps snmp authentication linkdown linkup coldstart warms
snmp-server enable traps tty
snmp-server enable traps envmon fan shutdown supply temperature status
snmp-server enable traps flash insertion removal
snmp-server enable traps config
snmp-server enable traps entity
snmp-server enable traps fru-ctrl
snmp-server enable traps hsrp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipsla
snmp-server host 10.0.2.99 L1t&-Br1t&
snmp-server host 10.60.2.55 L1t&-Br1t&
!
control-plane
!
!
voice-port 0/0/0
!
voice-port 0/0/1
!
voice-port 0/0/2
!
voice-port 0/0/3
!
!
!
sccp local GigabitEthernet0/0
sccp ccm 10.60.5.10 identifier 1 priority 2 version 7.0
sccp ccm 10.60.5.11 identifier 2 priority 1 version 7.0
sccp
!
sccp ccm group 1
bind interface GigabitEthernet0/0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate profile 10 register MEL-FARM
!
dspfarm profile 10 conference
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
codec g729r8
codec g729br8
maximum sessions 3
associate application SCCP
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
login local
line aux 0
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp server 10.0.0.1
end
Probably it is related to MPLS configuration.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
perfect Mat, thanks so much
You're very welcome.