VCMP tunnel is down between the SDWAN Gateway and SDWAN edges due to an ARP failure issue.
search cancel

VCMP tunnel is down between the SDWAN Gateway and SDWAN edges due to an ARP failure issue.

book

Article ID: 368351

calendar_today

Updated On:

Products

VMWare SD-WAN VMware SD-WAN by VeloCloud

Issue/Introduction

The VCMP tunnel between the Gateway/HUB and SDWAN Spoke Edges may go down if any of the following conditions are met:

  1. ARP to the next hop IP address fails on the Gateway or Edge.
  2. UDP 2426 packets are blocked by the service provider or by the transit firewall.
  3. There is a network reachability issue between the Edge and Gateway WAN link IP.
  4. The Edge or Gateway is holding an invalid certificate.
  5. The Edge is hitting its tunnel capacity and dropping inbound tunnel request packets. Note that tunnel capacity issues will not impact outbound static tunnels.

This knowledge-base article focuses on the ARP issue that may impact VCMP tunnel creation between the Gateway/HUB and Spoke edges.

 

 

Environment

Software version 5.2.3.2 GA or lower versions

Cause

The ARP to the next hop IP address must be resolved to initiate or respond to the VCMP tunnel packets. However, due to software issue #117565, the gateway may send an ARP request to an incorrect next-hop IP address, leading to a failure in establishing a VCMP tunnel with the SDWAN edges.

Resolution

Upgrade the gateway software version to 5.2.3.2 GA or a later version to fix software issue #117565.

Additional Information

Workaround: Reboot the gateway to resolve the ARP issue.

Powered by Wolken Software