01-09-2018 12:07 PM
I have recently set up a FCIP tunnel between a couple 7800's and am seeing the tunnel bouncing quite frequently.
Setup is as follows
Site 1 - 2 7800's - site1_FCIP_A and Site1_FCIP_B routers - V7000 connected directly to the FC ports - V7K port 7's on FCIP_A switch and V7K port 8's on FCIP_B switch. Ge0 ports on each switch defined with an ipinterface, iproutes defined also.
Site 2 - 2 7800's - site2_FCIP_A and site2_FCIP_B routers - V7000 connected directly to the FC ports - V7K port 7's on FCIP_A switch and V7K port 8's on FCIP_B switch. Ge0 ports on each switch defined with an ipinterface, iproutes defined also.
On FCIP_A switches - tunnel 16 created with compression and ipsec, because advanced extension not licensed, commrate was set to -b 1000000 -B 1000000 (think this may be wrong, maybe should have set to 0 without the -b and -B switches). Same config applies on the FCIP_B switches - tunnel 16 created
The WAN between sites is 10Gb - so with this setup, the aggregate is potentially 2Gb for the tunnels - 1Gb on FCIP_A and 1 Gb on FCIP_B.
the tunnel created perfectly fine and the fabrics merged as expected, but i cannot figure out why the tunnel keeps dropping.
looking at the portshow fciptunnel 16 on both switches on one site, i am seeing one switch doing way more than the other with alot of retransmits, out of order and slow starts - which i do not quite know what those last two indicate in terms of troubleshooting.
the network team has indicated they are not seeing any issues with the WAN link, so i suspect something with the tunnel configuration or something of the sort causing the issues.
Any suggestions/hints on where to start troubleshooting?
01-11-2018 01:51 AM
What is the FOS release installed on the 7800?
Are you running Ficon or Open systems?
01-11-2018 09:29 AM
Please find attached fcip admin guide that is providing troubleshooting guidance starting on page 109.
01-11-2018 12:20 PM
I have actually got that and have read it through multiple times.
I am wondering if i did something wrong in my setup.
basically i just create a single ipif on the Ge0 port on both sides, created the route, verified everything was pingable from ip to ip, gateway to gateway etc and created a tunnel on both sides with the same parameter.
now the only thing i did with the tunnel creation is i specified the -b and -B parameters the same - 1000000Kbps . Advanced Extension license is not used, so it would not let me set a lower -b and higher -B commrate.
Wondering if i should have set that to 0 and not specify a -b and -B parameter.
Also the FC ports are negotiating at 8Gbps, the Ge ports are set to auto. do i need to do anything to the FC ports to dial them down? is it trying to send too much through the tunnel and it cannot handle it?
01-18-2018 01:16 AM
There are some defects in the current release that you are using relative to IPsec and compression.
Attached is the FOS release note of 7.4.2b.
As a guidance, potentially upgrade to the latest release (not 100% sure that is the issue), or try to remove compression and/or IPsec and see if better as a test.