All,

I was trying to bring up an AMPRNet IPIP tunnel in my lab network, but when I did a packet capture on the WAN side of the gateway I am setting up, I noticed that on average, about 80% of the IPIP packets I receive from the UCSD gateway have their inner headers corrupted. As far as I can tell, the first 4 bytes of the inner header are being overwritten with a garbage byte sequence (hex 00-04-00-00). I have included a packet capture showing what's going on. At packet 63, the RIP announcement starts, and continues through packet 100, so there's some known-good traffic in there.

Has anyone seen anything like this before?

I have another AMPRNet IPIP tunnel set up on a datacenter server, and it has no such problem, so this is an isolated issue (i.e., not an issue with the UCSD gateway). The only other thing I could suspect is that the ISP-issued modem/gateway combo unit. Of course, I have no visibility into traffic upstream of this unit, so I don't have a way to know if it is causing the corruption. Unfortunately, my ISP doesn't let me disable the gateway function of the unit, so I have to suspect the firmware of this device.

Any and all help is appreciated. I am going to call my ISP tomorrow and see if they are aware of any issues with these modem/gateway units.

Thanks,

Eric Johnson - AE0JE