So im stumped, and I thought that maybe I could get some other insight into my little problem. Here is the scenario:
Two broadband(15mbit+ down each, 1.5mbit+ up each) are connected via a lan to lan IPsec tunnel. Since I have around 5 different networks behind each of these routers Im running a routing protocol between the routers(ospf, tuned down quite a bit). Since im running a routing protocol, I must also run GRE tunnels between the routers, so im running IPsec over GRE.
The GRE tunnels are configured as follows:
interface Tunnel101
ip address 192.168.254.1 255.255.255.252
ip mtu 1400
ip ospf authentication message-digest
ip ospf authentication-key
ip ospf hello-interval 120
ip ospf 50 area 501
keepalive 10 3
tunnel source FastEthernet0/0
tunnel destination x.x.x.x
tunnel path-mtu-discovery
tunnel bandwidth transmit 15000
end
as you can see, MTU has been changed to 1400 so Im not fragmenting anything when data is put into the tunnel(was having problems with a few applications). Both sides are configured the same, just inverse with source and destination ips/interfaces. Hopefully that description is good, the problem is this.
When I start an SSH connection from location A to a location B linux box its fine, I can log in and run any command I would like, but when I try and run something like top, or ps(something with large or continuous output) the entire ssh session locks up and I have to close out and reconnect to the host. This connection is going over the GRE tunnel and being encrypted with IPsec. Now, when I connect to the same server, but this time not going over the tunnel(directly with location A's public ip address and ports forwarded on its router) I can run top fine, run through all my processses, run yum, etc, so I know the problem isn't the server.
The weird part is, I have run music, movies, remote desktop over the tunnel without any problems, and still can run them fine.. the only problem im having is with this SSH connection to this host through the tunnel! The resources on the routers around 5% tops CPU utilization, I have SSH'd into the far end routers console as well through the tunnel and ran a show tech without my ssh connection dying. I have no idea what the problem is.
Any thoughts/recommendations? Was thinking about upgrading IOS, though im on a very recent release as it is. Any help is greatly appreciated.
Two broadband(15mbit+ down each, 1.5mbit+ up each) are connected via a lan to lan IPsec tunnel. Since I have around 5 different networks behind each of these routers Im running a routing protocol between the routers(ospf, tuned down quite a bit). Since im running a routing protocol, I must also run GRE tunnels between the routers, so im running IPsec over GRE.
The GRE tunnels are configured as follows:
interface Tunnel101
ip address 192.168.254.1 255.255.255.252
ip mtu 1400
ip ospf authentication message-digest
ip ospf authentication-key
ip ospf hello-interval 120
ip ospf 50 area 501
keepalive 10 3
tunnel source FastEthernet0/0
tunnel destination x.x.x.x
tunnel path-mtu-discovery
tunnel bandwidth transmit 15000
end
as you can see, MTU has been changed to 1400 so Im not fragmenting anything when data is put into the tunnel(was having problems with a few applications). Both sides are configured the same, just inverse with source and destination ips/interfaces. Hopefully that description is good, the problem is this.
When I start an SSH connection from location A to a location B linux box its fine, I can log in and run any command I would like, but when I try and run something like top, or ps(something with large or continuous output) the entire ssh session locks up and I have to close out and reconnect to the host. This connection is going over the GRE tunnel and being encrypted with IPsec. Now, when I connect to the same server, but this time not going over the tunnel(directly with location A's public ip address and ports forwarded on its router) I can run top fine, run through all my processses, run yum, etc, so I know the problem isn't the server.
The weird part is, I have run music, movies, remote desktop over the tunnel without any problems, and still can run them fine.. the only problem im having is with this SSH connection to this host through the tunnel! The resources on the routers around 5% tops CPU utilization, I have SSH'd into the far end routers console as well through the tunnel and ran a show tech without my ssh connection dying. I have no idea what the problem is.
Any thoughts/recommendations? Was thinking about upgrading IOS, though im on a very recent release as it is. Any help is greatly appreciated.