ADVPN Shortcut or BGP Flopping? Or Both.. Weird issue. v7.2.9

Question

So in my lab I have a hub and 3 spokes. Each have 2 WAN ports. I am testing testing failover senarios, and that seems to be working. The issue is kind of weird though.

I have a computer connected to a spoke firewall and I set the computer it to ping the other 2 spokes (10.0.200.2 and 10.0.200.3(both are /32 subnets on a LoopBack interface). What I am seeing is when the computer is pinging only one of the spokes, everything is fine, but when I set the computer to ping both spokes at the same time, then I see shortcuts being created for one spoke, then delete and new shortcut created for the other spoke. It's like only one shortcut can be alive at one time.

It just keeps flopping like this.

Shortcut create1.png

Shortcut create2.png

So I am not sure if this is an IPSec issue or routing issue.

Any help understanding this would be appreciated.

Thank you.

UnderscoresAndDashes · Answer

So after running a debug flow I notice that the spokes I am pinging are losing routes back to where I am pinging from. Not sure how/why this happens like this. It loses the route, then finds again.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded