I have IPIP tunnels running between several ros 3.11 routers to a linux server running quagga. If an internet circuit fails at a router, the tunnel drops as expected. However when the circuit comes back, the tunnel does not come back up.
I can ping the router from the linux box, and vice-versa. I tried adjusting MTU on both the IPIP interface and on the physical ethernet interface connected to the internet circuit, but that didn’t help. I tried rebooting, bouncing the IPIP interfaces on both sides, re-creating them. Nothing works.
I don’t think there is any state to an IPIP tunnel, hence it can’t be up or down. Sounds like something got changed and packet type 4 is getting blocked.
I have other IPIP tunnels working fine on both sides, so I don’t think it’s anything to do with blocked packets. No problems with anything else between these two routers, pings, ssh, snmp, etc. I have firewall rules on both sides permitting all traffic from both.
I ran the sniffer and found that one side doesn’t send any ipencap packets out to the remote peer, and doesn’t respond to ipencap packets sent from that peer, even after re-creating the IPIP interfaces on both sides. Even after upgrading to 3.11 and reboots.