Community discussions

MikroTik App
 
Zergling
just joined
Topic Author
Posts: 13
Joined: Fri Nov 04, 2011 9:20 pm

Lost packets through some VPN tunnels (IPsec IKEv2)

Tue Nov 23, 2021 1:37 am

I have CCR1036 6.48.5 (Long-term) with IPsec connection and EoIP through it. Everything was working good until one day:
Nov/19/2021 22:36:22 ipsec,info killing ike2 SA: 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:67c34eb35f0027fa:f36431e265f397ce
Nov/19/2021 22:36:23 ipsec,info new ike2 SA (R): 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:92e9ce18609a9012:254c1203d1744e1b
Nov/19/2021 22:36:28 ipsec,info,account peer authorized: 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:92e9ce18609a9012:254c1203d1744e1b
Nov/19/2021 22:38:03 interface,info eoip-tunnel1 link down
Nov/20/2021 15:18:10 ipsec,info new ike2 SA (R): 1**.***.***.**8[4500]-64.227.106.112[54917] spi:e602c7c40f1f9da2:71a57628a3e04467
Nov/20/2021 15:18:10 ipsec,error identity not found for peer: FQDN: 8308d7a8e6c503a2
Nov/20/2021 15:18:10 ipsec,info killing ike2 SA: 1**.***.***.**8[4500]-64.227.106.112[57254] spi:e602c7c40f1f9da2:71a57628a3e04467
Nov/21/2021 04:03:23 ipsec,info killing ike2 SA: 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:ecda8e3234906b1a:caf7b54a033eb345
Nov/21/2021 04:03:25 ipsec,info new ike2 SA (R): 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:8bfc7016c2af84d1:273f2bea3e6efe79
Nov/21/2021 04:03:39 ipsec,info,account peer authorized: 1**.***.***.**8[4500]-7**.***.***.31[4500] spi:8bfc7016c2af84d1:273f2bea3e6efe79
Nov/21/2021 04:03:41 interface,info eoip-tunnel1 link up
1**.***.***.**8 – my server IP
7**.***.***.31 – my client IP
64.227.106.112 – not my IP

And almost everything looks fine, but:
1. EoIP was only reconnect after 29 hours (after second reconnect of IPsec), but it was not the same stable connection like before (and it looked like the connection was being limited to 256 kbps). Now only IPsec itself generated packet loss at the level of 80% but, oddly enough, only from the server side (tx), packets from the client arrived to the server without any losses.
2. I make other IPsec connections to check the route problem. Only one of the 3 connections works reasonably well. At first I thought it was a problem of one of the peers, but now I'm not sure because after connecting 3th IPsec, my suspicion has lost connection with the suspect peer.
3. The IPsec tunnel passing through this router (server) also suffers packet loss.
4. I made tunnel OpenVPN to save the day a bit, but some tunnels passing through it (PPTP to be exact) also suffer packet loss like IPsec.

Has my router suffered any strange damage? Hacked? Or maybe you have any ideas what might have happened? Because I have no idea anymore, I have no idea what else I can check. Please help if you can. Of course router was rebooted ;-)

Are there any tools like traceroute for encapsulated packages?

Who is online

Users browsing this forum: InfraErik and 88 guests