Keeping a site to site tunnel up indefinitely

It depends on the equipment (and software rev). Some allow you to set keep-alives, others don't.

This is between a 2600 router and ASA 5510.

The following might help:

It's not clear what the OP is looking for. This does not keep the SA's up.

There are seceral tools that might be used to persuate a router to generate periodic traffic.

NTP

1. ## ntp server some.address.across.vpn don't point it at an actual server as ntp sends little traffic one it is happy.

1. Create GRE tunnel interfaces and point them across the vpn, enable keepalives with the desired interval.

2. ## This one is the most official but I think needs certain feature set. Use SAA to send traffic, say pings, to real or non-existant hosts across vpn.

1. ## wouldn't fancy this one much. bgp peer would do too.

2. I think certain feature sets have "cron". Schedule pings.

What's happening is that we are performing dns zone transfers daily between us and a remote site in Europe and it looks like it fails every night. Our suspicion is that the tunnel comes down every night (due to non-existant traffic) and since the dns server only sends a short and brief broadcast when it tries to poll another dns server, the tunnel doesn't come up fast enough for it to pick up again. :(

If that is the case, just increase your tunnel lifetimes.

DNS Zone transfer is entirely by TCP. I'm not aware of any broadcast (UDP) being done to check to see if the DNS server is up, but I can't say that I've ever looked for that in the traces.

What do you all think about this?

rtr 1 type echo protocol ipIcmpEcho [destip] source-ipaddr [localip] request-data-size 64 timeout 3000 frequency 60 hours-of-statistics-kept 25 rtr schedule 1 life forever start-time now

I guess this might work better than me having to create a bat file that does ping remoteip -t