From: Kevin Baumgartner (kbaumgar@xxxxxxxxx)
Date: Thu Oct 12 2000 - 13:23:05 GMT-3
You are correct. You don't need to create any access-lists to prevent OSPF
from dialing. This seems to be a common misconception of how IP OSPF demand
circuits. Two of the most common problems that I have seen that cause the
ISDN to always call are
1. Some other routing protocol is sending routing updates over the ISDN link.
Do passive interface BRI for all non-OSPF routing protocols if any other
routing process is running on either of the ISDN routers.
2. If redistributing into OSPF on either router make sure that the IP network f
or
the ISDN link is not redistributed. Use route-maps to filter this out.
Also use "no peer neighbor-route" on both BRI interfaces.
Kevin
At 05:50 AM 10/12/00 -0700, you wrote:
>Glad to here its working but i have a question for the group.
>In your config you have the following
> > access-list 100 deny ip any host 224.0.0.5
> > access-list 100 permit ip any any
> > dialer-list 1 protocol ip list 100
>
>Now I know what your list does, but I want to know why you need to block the O
SPF multicast traffic.
>Is this not needed initialy to set up the peers across the ISDN and then to pu
t it into a DNA state?
>I too have built a similar IP OSPF demand circuit and did not need to block th
e multicast traffic will your circuit work without that line in the access-list
?
>
>I thought one of the advantages of the demand circuit was that there was no ne
ed to block that multicast traffic.
>
>Anyone with any insight to this.
>
>Shaun
>
>
>
>
>Edgar.Feliz@BTNA.com on 10/12/2000 02:12:00 AM
>To: kbaumgar@cisco.com@Internet
>cc: ccielab@groupstudy.com@Internet (bcc: Shaun Nicholson/MD/KAIPERM)
>Subject: RE: ISDN staying up!!!(fixed)
>
>Kevin,
>
>The passive interface dialer 0 under the IGRP routing process worked the
>line has stayed quiet since I added that to the config.
>
>It's those little things that get you in the lab.
>
>Thanks,
>
>EF
>
>-----Original Message-----
>From: Kevin Baumgartner [mailto:kbaumgar@cisco.com]
>Sent: Thursday, October 12, 2000 1:34 AM
>To: Edgar.Feliz@BTNA.com
>Subject: Re: ISDN staying up!!!
>
>
> So there a few things that I would change with you setup
>when using IP ospf-demand circuit.
>
>1. The redistribute IGRP into OSPF should not redistribute
> network 172.16.65.0. (ISDN network). Use a route-map with
> the redistribution so that this doesn't happen.
>
> so something like
>
> router ospf 5
> redistribute igrp 5 subnets route-map BRI-route
> route-map BRI-route deny 10
> match ip add 1
> route-map BRI-route permit 20
> match ip add 2
> access-list 1 permit 172.16.65.0 0.0.0.255
> access-list 2 permit any
>
>
>2. Don't need to deny any routing updates with the dialer-list.
> OSPF-demand circuits will only send updates with topology changes.
> If you have to do dialer filters to prevent the ISDN from dialing
> you don't have the configuration setup right.
>
> So should only do
>
> dialer-list protocol ip permit
>
>3. With router igrp, do passive interface BRI on both routers so that
> igrp updates are not sent over ISDN.
>
> >
> > r5's IP address is 172.16.65.5 the other side is r6 IP address 172.16.65.6
> >
> > EF
> >
> > I am re-posting the config for r5 (r6) is close to the same) because I do
> > not think I responded to all last time.
> >
> > r5#sh runn
> > Building configuration...
> >
> > Current configuration:
> > !
> > version 11.3
> > service timestamps debug datetime localtime
> > service timestamps log datetime localtime
> > no service password-encryption
> > !
> > hostname r5
> > !
> > enable password cisco
> > !
> > username r6 password 0 cisco
> > username ccie password 0 cisco
> > ip subnet-zero
> > no ip domain-lookup
> > isdn switch-type basic-ni1
> > !
> > !
> > interface Ethernet0
> > ip address 137.20.20.5 255.255.255.0
> > ip ospf cost 1
> > ip ospf priority 200
> > !
> > interface Serial0
> > no ip address
> > encapsulation frame-relay IETF
> > no ip mroute-cache
> > frame-relay lmi-type cisco
> > !
> > interface Serial0.1 multipoint
> > ip address 172.16.100.5 255.255.255.0
> > ip ospf network point-to-multipoint
> > frame-relay interface-dlci 503
> > frame-relay interface-dlci 506
> > !
> > interface Serial0.2 point-to-point
> > ip address 172.16.200.1 255.255.255.0
> > frame-relay interface-dlci 504
> > !
> > interface Serial1
> > no ip address
> > shutdown
> > !
> > interface BRI0
> > no ip address
> > encapsulation ppp
> > dialer pool-member 1
> > isdn spid1 0835866101 8358661
> > isdn spid2 0835866301 8358663
> > no cdp enable
> > ppp authentication chap
> > !
> > interface Dialer0
> > ip address 172.16.65.5 255.255.255.0
> > encapsulation ppp
> > ip ospf demand-circuit
> > dialer remote-name r6
> > dialer idle-timeout 300
> > dialer string 8358662
> > dialer string 8358664
> > dialer pool 1
> > dialer-group 1
> > no peer neighbor-route
> > no cdp enable
> > ppp authentication chap
> > ppp chap hostname ccie
> > !
> > router ospf 5
> > redistribute igrp 5 subnets
> > network 137.20.20.0 0.0.0.255 area 0
> > network 172.16.65.0 0.0.0.255 area 10
> > network 172.16.100.0 0.0.0.255 area 10
> > area 10 virtual-link 172.16.3.65
> > area 10 virtual-link 172.16.100.6
> > area 10 virtual-link 172.16.65.6
> > !
> > router igrp 5
> > redistribute ospf 5 metric 2000 100 255 1 1500
> > network 172.16.0.0
> > !
> > ip classless
> > !
> > access-list 100 deny ip any host 224.0.0.5
> > access-list 100 permit ip any any
> > dialer-list 1 protocol ip list 100
> > alias exec sr sh runn
> > alias exec sir sh ip route
> > alias exec ct conf term
> > alias exec sio sh ip ospf int
> > alias exec wm wr mem
> > !
> > line con 0
> > exec-timeout 0 0
> > privilege level 15
> > line aux 0
> > privilege level 15
> > line vty 0 4
> > privilege level 15
> > login local
> > !
> > end
> >
> > r5#
> >
> > -----Original Message-----
> > From: Kevin Baumgartner [mailto:kbaumgar@cisco.com]
> > Sent: Thursday, October 12, 2000 1:07 AM
> > To: Edgar.Feliz@BTNA.com
> > Subject: Re: ISDN staying up!!!
> >
> >
> > So who is 172.16.65.5? Seem like this is where it's coming from.
> > Might be something like cdp.
> >
> > Kevin
> >
> > >
> > > Here is the output from the "sh dialer"
> > >
> > > EF
> > >
> > > r5#sh dialer
> > >
> > > BRI0 - dialer type = ISDN
> > >
> > > Dial String Successes Failures Last called Last status
> > > 0 incoming call(s) have been screened.
> > > 0 incoming call(s) rejected for callback.
> > >
> > > BRI0:1 - dialer type = ISDN
> > > Idle timer (300 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is data link layer up
> > > Dial reason: ip (s=172.16.65.5, d=255.255.255.255)
> > > Interface bound to profile Dialer0
> > > Time until disconnect 292 secs
> > > Current call connected 00:04:14
> > > Connected to 8358662 (r6)
> > >
> > > BRI0:2 - dialer type = ISDN
> > > Idle timer (120 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is idle
> > >
> > > Dialer0 - dialer type = DIALER PROFILE
> > > Idle timer (300 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is data link layer up
> > >
> > > Dial String Successes Failures Last called Last status
> > > 8358662 80 0 00:04:16 successful
> > Default
> > > 8358664 1 0 07:14:18 successful
> > Default
> > > r5#
> > >
> > > r6#sh dia
> > >
> > > BRI0 - dialer type = ISDN
> > >
> > > Dial String Successes Failures Last called Last status
> > > 0 incoming call(s) have been screened.
> > > 0 incoming call(s) rejected for callback.
> > >
> > > BRI0:1 - dialer type = ISDN
> > > Idle timer (300 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is data link layer up
> > > Interface bound to profile Dialer0
> > > Time until disconnect 287 secs
> > > Current call connected 07:16:16
> > > Connected to 8358661 (ccie)
> > >
> > > BRI0:2 - dialer type = ISDN
> > > Idle timer (120 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is idle
> > >
> > > Dialer0 - dialer type = DIALER PROFILE
> > > Idle timer (300 secs), Fast idle timer (20 secs)
> > > Wait for carrier (30 secs), Re-enable (15 secs)
> > > Dialer state is data link layer up
> > >
> > > Dial String Successes Failures Last called Last status
> > > 8358661 0 0 07:16:19 failed
> > Default
> > > 8358663 1 0 07:15:49 successful
> > Default
> > > r6#
> > >
> > >
> > > -----Original Message-----
> > > From: Kevin Baumgartner [mailto:kbaumgar@cisco.com]
> > > Sent: Thursday, October 12, 2000 12:46 AM
> > > To: Edgar.Feliz@BTNA.com
> > > Subject: Re: ISDN staying up!!!
> > >
> > >
> > > Well I don't think that is why the line stays up. Do a show dialer
> > > to see why dial happened on both routers.
> > >
> > > Kevin
> > >
> > > >
> > > > Kevin,
> > > >
> > > > I can ping. Yes link is up, and stays up until my "idle time-out"
> > expires
> > > > then it come right back up. I have only gotten this since I went to a
> > > dialer
> > > > int. configuration.
> > > >
> > > > EF
> > > >
> > > > -----Original Message-----
> > > > From: Kevin Baumgartner [mailto:kbaumgar@cisco.com]
> > > > Sent: Thursday, October 12, 2000 12:23 AM
> > > > To: Edgar.Feliz@BTNA.com
> > > > Subject: Re: ISDN staying up!!!
> > > >
> > > >
> > > > Sure your link is up? Can you ping between routers over ISDN?
> > > >
> > > > Seems to me pkt type 0xC021 is CHAP and I don't think it's working.
> > > >
> > > > Kevin
> > > >
> > > > >
> > > > > How can I stop the following that I believe is keeping up my ISDN
>line
> > > > > without restricting PPP, as I am using PPP as my encap type? I get
>the
> > > > > following when I "deb PPP packet, authentication, and negotiation.
> > > > >
> > > > > Mar 1 11:36:56: BR0:1 LCP: O ECHOREQ [Open] id 3 len 12 magic
> > > 0x028A54B4
> > > > > *Mar 1 11:36:56: BR0:1 LCP: echo_cnt 1, sent id 3, line up
> > > > > *Mar 1 11:36:56: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> > > > > *Mar 1 11:36:56: BR0:1 LCP: I ECHOREP [Open] id 3 len 12 magic
> > > 0x02AEF0A1
> > > > > *Mar 1 11:36:56: BR0:1 LCP: Received id 3, sent id 3, line up
> > > > > *Mar 1 11:37:04: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> > > > > *Mar 1 11:37:04: BR0:1 LCP: I ECHOREQ [Open] id 3 len 12 magic
> > > 0x02AEF0A1
> > > > > *Mar 1 11:37:04: BR0:1 LCP: O ECHOREP [Open] id 3 len 12 magic
> > > 0x028A54B4
> > > > > *Mar 1 11:37:06: BR0:1 LCP: O ECHOREQ [Open] id 4 len 12 magic
> > > 0x028A54B4
> > > > > *Mar 1 11:37:06: BR0:1 LCP: echo_cnt 1, sent id 4, line up
> > > > > *Mar 1 11:37:06: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> > > > > *Mar 1 11:37:06: BR0:1 LCP: I ECHOREP [Open] id 4 len 12 magic
> > > 0x02AEF0A1
> > > > > *Mar 1 11:37:06: BR0:1 LCP: Received id 4, sent id 4, line up
> > > > > *Mar 1 11:37:14: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Edgar Feliz
> > > > >
> > > > > Brazil x 2 11/13-14
> > > > >
> > > > >
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:25:26 GMT-3