Version 15.1(4)M4 outgoing byte count wrong

In IOS Version 15.1(4)M4 running on an 1811 the output byte
count appears to be wrong on Virtual-Access interfaces for L2TP/IPsec.

Virtual-Access2 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Closed
Base PPPoVPDN vaccess
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 5 seconds on reset
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 2d18h
Input queue: 0/4096/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 4000 bits/sec, 2 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
49120 packets input, 7045240 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
52961 packets output, 52168 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions


Virtual-Access2.1 is up, line protocol is up
Hardware is Virtual Access interface
Interface is unnumbered. Using address of Loopback0 (172.31.32.126)
MTU 1500 bytes, BW 7200 Kbit/sec, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoVPDN vaccess, cloned from Virtual-Template2
Vaccess status 0x0
Protocol l2tp, tunnel id 26551, session id 31061
Keepalive set (10 sec)
5165 packets input, 972655 bytes
5167 packets output, 3595 bytes
Last clearing of "show interface" counters never


The "packets input", "packets output" and "bytes input" look like they
could be correct, but the "bytes output" clearly is wrong.

This worked OK on our previous router under 12.4
Is this a bug or a functionality change?
Could it be that it can be made working with some config change?

interface Virtual-Template2
description L2TP/IPsec VPN template
ip unnumbered Loopback0
ip access-group dialup-in in
ip access-group dialup-out out
ip mtu 1400
ip tcp adjust-mss 1350
peer default ip address pool vpnpool
ppp authentication ms-chap-v2 ms-chap
ppp pap refuse
.

Relevant Pages

  • [NEWS] Cisco IOS Interface Blocked by IPv4 Packets
    ... Cisco routers and switches running Cisco IOSŪ software and configured to ... Multiple IPv4 packets with specific ... protocol fields sent directly to the device may cause the input interface ... device to incorrectly flag the input queue on an interface as full. ...
    (Securiteam)
  • Re: [maybe spam] Re: linux PF_PACKET compatibility
    ... This family allows an application to send and receive packets dealing directly with the network card driver, thus avoiding the usual protocol stack-handling. ... That is, any packet sent through the socket will be directly passed to the Ethernet interface, and any packet received through the interface will be directly passed to the application." ...
    (freebsd-hackers)
  • Re: ifAddrAdd failed for unknown reason
    ... This causes problems in the VxWorks stack, as VxWorks now doesn't know which interface should be used to route packets to this subnet. ... Netmask 0xff000000 Subnetmask 0xff000000 ... Protocol: IP 4.4 ARP Type: 2054 Recv 0x108e0a4 Shutdown ...
    (comp.os.vxworks)
  • Re: Problem on CIsco 7204VXR/NPE400 ==> input errors
    ... GigabitEthernet0/0 is up, line protocol is up ... input packets with dribble condition detected ... overruns are usually due to a traffic spike which caused an interface ... receive ring buffers exaustion. ...
    (comp.dcom.sys.cisco)
  • Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet
    ... Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet ... to process Internet Protocol version 4 packets are vulnerable to ...
    (Bugtraq)