RE: ISDN Multilink

From: Kevin Dailey (kldailey@xxxxxxxxxxxxxxxxx)
Date: Fri Feb 23 2001 - 02:31:59 GMT-3

   
Put 'ppp authentication chap' under the BRI. This should bind the BRI to
the Dialer.

Kevin

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Jason Dachtler
Sent: Thursday, February 22, 2001 7:01 PM
To: BUI, TIN T (SBCSI)
Cc: 'John Kaberna'; ccielab@groupstudy.com
Subject: Re: ISDN Multilink

Enable:

debug ppp authentication
debug ppp negotiation

That will show you the CHAP exchanges, both outcoming and incoming, and
you will be able to see the username used. The password will be
encrypted, but at least it will give you a start.

-Jason

"BUI, TIN T (SBCSI)" wrote:
>
> There are no other routes and the line is down when I ping, I do see the
> isdn line come up. No mention of authentication though! I even rebooted
> both R3 & R5, but no help. I also put encap ppp on bri0 (where it was not
> there, only on dialer1), but it did not help. Debug ppp auth does not
show
> any results. Here is what I saw doing debug isdn events and debug ppp
> packet:
>
> r3#ping 170.100.35.245
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 170.100.35.245, timeout is 2 seconds:
>
> 00:16:32: ISDN BR0: Outgoing call id = 0x8008
> 00:16:32: ISDN BR0: Event: Call to 8358662 at 64 Kb/s
> 00:16:32: ISDN BR0: received HOST_PROCEEDING call_id 0x8008
> 00:16:32: ISDN BR0: received HOST_CONNECT call_id 0x8008
> 00:16:32: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
> 00:16:32: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1
> 00:16:32: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
> .!!!!
> Success rate is 80 percent (4/5), round-trip min/avg/max = 36/36/36 ms
> r3#
> 00:16:33: ISDN BR0: Event: Connected to 8358662 on B1 at 64 Kb/s
> 00:16:34: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
> state
> to up
> 00:16:38: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
> 8358662
> 00:16:47: ISDN BR0: Outgoing call id = 0x8009
> 00:16:47: ISDN BR0: Event: Call to 8358662 at 64 Kb/s
> 00:16:47: ISDN BR0: Event: incoming ces value = 2
> 00:16:47: ISDN BR0: received HOST_PROCEEDING call_id 0x8009
> 00:16:47: ISDN BR0: Event: incoming ces value = 2
> 00:16:47: ISDN BR0: received HOST_CONNECT call_id 0x8009
> 00:16:47: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up
> 00:16:47: %DIALER-6-BIND: Interface BR0:2 bound to profile Di1
> 00:16:47: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
> 8358662
> 00:16:47: ISDN BR0: Event: Connected to 8358662 on B2 at 64 Kb/s
> 00:16:48: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:2, changed
> state
> to up
> 00:16:49: ISDN BRI0: isdn_is_bchannel_available: No Free B-channels
> r3#
> 00:16:53: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to 8358662
>
> Here is debug ppp packet
> r3#debug ppp packet
> PPP packet display debugging is on
> r3#ping 170.100.35.245
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 170.100.35.245, timeout is 2 seconds:
>
> 00:20:25: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
> 00:20:25: %DIALER-6-BIND: Interface BR0:1 bound to profile Di1
> 00:20:25: BR0:1 LCP: O CONFREQ [Closed] id 14 len 10
> 00:20:25: BR0:1 LCP: MagicNumber 0xE0315BED (0x0506E0315BED)
> 00:20:25: BR0:1 PPP: I pkt type 0xC021, datagramsize 14
> 00:20:25: BR0:1 PPP: I pkt type 0xC021, datagramsize 14
> 00:20:25: BR0:1 LCP: I CONFREQ [REQsent] id 4 len 10
> 00:20:25: BR0:1 LCP: MagicNumber 0xE02FC468 (0x0506E02FC468)
> 00:20:25: BR0:1 LCP: O CONFACK [REQsent] id 4 len 10
> 00:20:25: BR0:1 LCP: MagicNumber 0xE02FC468 (0x0506E02FC468)
> 00:20:25: BR0:1 LCP: I CONFACK [ACKsent] id 14 len 10
> 00:20:25: BR0:1 LCP: MagicNumber 0xE0315BED (0x0506E0315BED)
> 00:20:25: BR0:1 IPCP: O CONFREQ [Not negotiated] id 4 len 10
> 00:20:25: BR0:1 PPP: I pkt type 0x8021, datagramsize 14
> 00:20:25: BR0:1 PPP: I pkt type 0x8207, datagramsize 8
> 00:20:25: BR0:1 IPCP: Address 170.100.35.243 (0x0306AA6423F3)
> 00:20:25: BR0:1 CDPCP: O CONFREQ [Closed] id 4 len 4
> 00:20:25:.!!!!
> Success rate is 80 percent (4/5), round-trip min/avg/max = 40/40/40 ms
> r3# BR0:1 IPCP: I CONFREQ [REQsent] id 4 len 10
> 00:20:25: BR0:1 PPP: I pkt type 0x8021, datagramsize 14
> 00:20:25: BR0:1 PPP: I pkt type 0x8207, datagramsize 8
> 00:20:25: BR0:1 IPCP: Address 170.100.35.245 (0x0306AA6423F5)
> 00:20:25: BR0:1 IPCP: O CONFACK [REQsent] id 4 len 10
> 00:20:25: BR0:1 IPCP: Address 170.100.35.245 (0x0306AA6423F5)
> 00:20:25: BR0:1 CDPCP: I CONFREQ [REQsent] id 4 len 4
> 00:20:25: BR0:1 CDPCP: O CONFACK [REQsent] id 4 len 4
> 00:20:25: BR0:1 IPCP: I CONFACK [ACKsent] id 4 len 10
> 00:20:25: BR0:1 IPCP: Address 170.100.35.243 (0x0306AA6423F3)
> 00:20:25: BR0:1 CDPCP: I CONFACK [ACKsent] id 4 len 4
> 00:20:26: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
> state
> to up
> 00:20:26: BR0:1 PPP: O pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: I pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: O pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: I pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: O pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: I pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: O pkt type 0x0021, datagramsize 104
> 00:20:26: BR0:1 PPP: I pkt type 0x0021, datagramsize 104
> 00:20:27: BR0:1 LCP: O ECHOREQ [Open] id 1 len 12 magic 0xE0315BED
> 00:20:27: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:27: BR0:1 PPP: O pkt type 0x0207, datagramsize 276
> 00:20:27: BR0:1 LCP: I ECHOREP [Open] id 1 len 12 magic 0xE02FC468
> 00:20:27: BR0:1 LCP: Received id 1, sent id 1, line up
> 00:20:28: BR0:1 PPP: O pkt type 0x0021, datagramsize 68
> 00:20:31: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
> 8358662
> 00:20:31: %LINK-3-UPDOWN: Interface BRI0:2, changed state to up
> 00:20:31: %DIALER-6-BIND: Interface BR0:2 bound to profile Di1
> 00:20:31: %ISDN-6-CONNECT: Interface BRI0:1 is now connected to 8358662
> 8358662
> 00:20:31: BR0:2 LCP: O CONFREQ [Closed] id 3 len 10
> 00:20:31: BR0:2 LCP: MagicNumber 0xE0317563 (0x0506E0317563)
> 00:20:31: BR0:2 PPP: I pkt type 0xC021, datagramsize 14
> 00:20:31: BR0:2 PPP: I pkt type 0xC021, datagramsize 14
> 00:20:31: BR0:2 LCP: I CONFREQ [REQsent] id 3 len 10
> 00:20:31: BR0:2 LCP: MagicNumber 0xE02FDDDE (0x0506E02FDDDE)
> 00:20:31: BR0:2 LCP: O CONFACK [REQsent] id 3 len 10
> 00:20:31: BR0:2 LCP: MagicNumber 0xE02FDDDE (0x0506E02FDDDE)
> 00:20:31: BR0:2 LCP: I CONFACK [ACKsent] id 3 len 10
> 00:20:31: BR0:2 LCP: MagicNumber 0xE0317563 (0x0506E0317563)
> 00:20:31: BR0:2 IPCP: O CONFREQ [Not negotiated] id 3 len 10
> 00:20:31: BR0:2 PPP: I pkt type 0x8021, datagramsize 14
> 00:20:31: BR0:2 PPP: I pkt type 0x8207, datagramsize 8
> 00:20:31: BR0:2 IPCP: Address 170.100.35.243 (0x0306AA6423F3)
> 00:20:31: BR0:2 CDPCP: O CONFREQ [Closed] id 3 len 4
> 00:20:31: BR0:2 IPCP: I CONFREQ [REQsent] id 3 len 10
> 00:20:31: BR0:2 PPP: I pkt type 0x8021, datagramsize 14
> 00:20:31: BR0:2 PPP: I pkt type 0x8207, datagramsize 8
> 00:20:31: BR0:2 IPCP: Address 170.100.35.245 (0x0306AA6423F5)
> 00:20:31: BR0:2 IPCP: O CONFACK [REQsent] id 3 len 10
> 00:20:31: BR0:2 IPCP: Address 170.100.35.245 (0x0306AA6423F5)
> 00:20:31: BR0:2 CDPCP: I CONFREQ [REQsent] id 3 len 4
> 00:20:31: BR0:2 CDPCP: O CONFACK [REQsent] id 3 len 4
> 00:20:31: BR0:2 CDPCP: O CONFACK [REQsent] id 3 len 4
> 00:20:31: BR0:2 IPCP: I CONFACK [ACKsent] id 3 len 10
> 00:20:31: BR0:2 IPCP: Address 170.100.35.243 (0x0306AA6423F3)
> 00:20:31: BR0:2 CDPCP: I CONFACK [ACKsent] id 3 len 4
> 00:20:32: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:32: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:32: BR0:1 LCP: I ECHOREQ [Open] id 1 len 12 magic 0xE02FC468
> 00:20:32: BR0:1 LCP: O ECHOREP [Open] id 1 len 12 magic 0xE0315BED
> 00:20:32: BR0:2 LCP: I ECHOREQ [Open] id 1 len 12 magic 0xE02FDDDE
> 00:20:32: BR0:2 LCP: O ECHOREP [Open] id 1 len 12 magic 0xE0317563
> 00:20:32: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:2, changed
> state
> to up
> 00:20:32: BR0:2 PPP: I pkt type 0x0021, datagramsize 72
> 00:20:32: BR0:2 PPP: O pkt type 0x0021, datagramsize 56
> 00:20:32: BR0:2 PPP: I pkt type 0x0021, datagramsize 56
> 00:20:32: BR0:2 PPP: O pkt type 0x0021, datagramsize 276
> 00:20:32: BR0:2 PPP: I pkt type 0x0021, datagramsize 276
> 00:20:32: BR0:2 PPP: O pkt type 0x0021, datagramsize 56
> 00:20:32: BR0:2 PPP: I pkt type 0x0021, datagramsize 56
> 00:20:32: BR0:2 PPP: O pkt type 0x0021, datagramsize 56
> 00:20:33: BR0:2 PPP: O pkt type 0x0021, datagramsize 136
> 00:20:33: BR0:2 PPP: I pkt type 0x0021, datagramsize 124
> 00:20:33: BR0:2 PPP: O pkt type 0x0021, datagramsize 124
> 00:20:33: BR0:2 PPP: I pkt type 0x0021, datagramsize 136
> 00:20:37: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to 8358662
> 00:20:37: BR0:1 LCP: O ECHOREQ [Open] id 2 len 12 magic 0xE0315BED
> 00:20:37: BR0:2 LCP: O ECHOREQ [Open] id 1 len 12 magic 0xE0317563
> 00:20:37: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:37: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:37: BR0:1 LCP: I ECHOREP [Open] id 2 len 12 magic 0xE02FC468
> 00:20:37: BR0:1 LCP: Received id 2, sent id 2, line up
> 00:20:37: BR0:2 LCP: I ECHOREP [Open] id 1 len 12 magic 0xE02FDDDE
> 00:20:37: BR0:2 LCP: Received id 1, sent id 1, line up
> 00:20:38: BR0:2 PPP: O pkt type 0x0021, datagramsize 72
> r3#
> 00:20:42: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:42: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:42: BR0:1 LCP: I ECHOREQ [Open] id 2 len 12 magic 0xE02FC468
> 00:20:42: BR0:1 LCP: O ECHOREP [Open] id 2 len 12 magic 0xE0315BED
> 00:20:42: BR0:2 LCP: I ECHOREQ [Open] id 2 len 12 magic 0xE02FDDDE
> 00:20:42: BR0:2 LCP: O ECHOREP [Open] id 2 len 12 magic 0xE0317563
> 00:20:42: BR0:2 PPP: I pkt type 0x0021, datagramsize 72
> r3#
> r3#u
> 00:20:47: BR0:1 LCP: O ECHOREQ [Open] id 3 len 12 magic 0xE0315BED
> 00:20:47: BR0:2 LCP: O ECHOREQ [Open] id 2 len 12 magic 0xE0317563
> 00:20:47: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:47: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:47: BR0:1 LCP: I ECHOREP [Open] id 3 len 12 magic 0xE02FC468
> 00:20:47: BR0:1 LCP: Received id 3, sent id 3, line up
> 00:20:47: BR0:2 LCP: I ECHOREP [Open] id 2 len 12 magic 0xE02FDDDE
> 00:20:47: BR0:2 LCP: Received id 2, sent id 2, line up
> 00:20:48:n a BR0:2 PPP: O pkt type 0x0021, datagramsiz
> 00:20:52: BR0:1 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:52: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:52: BR0:1 LCP: I ECHOREQ [Open] id 3 len 12 magic 0xE02FC468
> 00:20:52: BR0:1 LCP: O ECHOREP [Open] id 3 len 12 magic 0xE0315BED
> 00:20:52: BR0:2 LCP: I ECHOREQ [Open] id 3 len 12 magic 0xE02FDDDE
> 00:20:52: BR0:2 LCP: O ECHOREP [Open] id 3 len 12 magic 0xE0317563
> 00:20:52: BR0:2 PPP: I pkt type 0x0021, datagramsize 72
> 00:20:56: %DIALER-6-UNBIND: Interface BR0:1 unbound from profile Di1
> 00:20:56: %ISDN-6-CONNECT: Interface BRI0:2 is now connected to 8358662
> 00:20:56: %ISDN-6-DISCONNECT: Interface BRI0:1 disconnected from 8358662
> 835866
> 2, call lasted 31 seconds
> 00:20:56: %LINK-3-UPDOWN: Interface BRI0:1, changed state to down
> 00:20:57: BR0:2 LCP: O ECHOREQ [Open] id 3 len 12 magic 0xE0317563
> 00:20:57: BR0:2 PPP: I pkt type 0xC021, datagramsize 16
> 00:20:57: BR0:2 LCP: I ECHOREP [Open] id 3 len 12 magic 0xE02FDDDE
> 00:20:57: BR0:2 LCP: Received id 3, sent id 3, line up
> 00:20:57: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed
> state
> to down
> 00:20:58: BR0:2 PPP: O pkt type 0x0021, datagramsize 72
> r3#
> r3#u
> 00:21:01: %DIALER-6-UNBIND: Interface BR0:2 unbound from profile Di1
> 00:21:01: %ISDN-6-DISCONNECT: Interface BRI0:2 disconnected from 8358662
,
> call
> lasted 30 secondsnall
> 00:21:01: %LINK-3-UPDOWN: Interface BRI0:2, changed state to down
> 00:21:02: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:2, changed
> state
> to down
>
> -----Original Message-----
> From: John Kaberna [mailto:jkaberna@netcginc.com]
> Sent: Thursday, February 22, 2001 2:17 PM
> To: BUI, TIN T (SBCSI); ccielab@groupstudy.com
> Subject: Re: ISDN Multilink
>
> Has the line stayed up the whole time? I'm guessing two things. 1. The
> line has stayed up the whole time and is therefore already authenticated.
> 2. There is somehow an alternate route. Do a traceroute just to make
sure
> it is going over the ISDN line. I'm not sure about either of those
though.
> You should add the username and password back in to the hub router. It
does
> not need to be on the remote router since authentication is only one-way.
>
> Anyone else?
>
> John
>
> ----- Original Message -----
> From: "BUI, TIN T (SBCSI)" <tb4565@sbc.com>
> To: "'John Kaberna'" <jkaberna@netcginc.com>; <ccielab@groupstudy.com>
> Sent: Thursday, February 22, 2001 2:04 PM
> Subject: RE: ISDN Multilink
>
> > Looks like the dialer load-threshold does work. However, something
really
> > strange is happenning. I took out "username user5 password cisco" and
> > corresponding username on both routers so that there are no username
> > statements on both routers. Interesting enough, I'm still able to ping
> from
> > R3 to R5. In other words, somehow it's authenticating even without
> username
> > statements in global configs for both routers. Something is really
> strange.
> > I turned on debug ppp auth and debug isdn q931 and debug isdn events and
I
> > cannot see what username is being sent. It's almost like it's not using
> any
> > type of authentication. Am I missing something?
> >
> > -----Original Message-----
> > From: John Kaberna [mailto:jkaberna@netcginc.com]
> > Sent: Wednesday, February 21, 2001 4:18 PM
> > To: BUI, TIN T (SBCSI); ccielab@groupstudy.com
> > Subject: Re: ISDN Multilink
> >
> >
> > In order to get 2 channels you need to configure dialer load-threshold.
> PPP
> > multilink by itself is not enough. For the one-way authentication
> question
> > you do not need to configure a callback. The hub router receiving the
> call
> > (router with ppp chap refuse callin) should authenticate the incoming
> call.
> > But the spoke router placing the call shouldnt need to authenticate the
> hub
> > router. I am also wondering why you are using the same hostname on both
> > routers as far as ppp chap is concerned. I'm not sure if that would
make
> a
> > difference but its definitely not good practice and the proctor may
think
> > you don't know what your doing.
> >
> > PS I even remove the ppp chap user.... on all routers and also used
> > incorrect names on dialer remote-name and R3 still can ping R5..
> >
> > ----- Original Message -----
> > From: "BUI, TIN T (SBCSI)" <tb4565@sbc.com>
> > To: <ccielab@groupstudy.com>
> > Sent: Wednesday, February 21, 2001 3:36 PM
> > Subject: ISDN Multilink
> >
> >
> > > Hi, I have 2 questions with this ISDN configuration. Question 1, I'm
> > having
> > > problems with getting the 2nd B channel to come up with Multilink. R3
> is
> > > dialing R5 and only bri0:1 comes up. Am I doing something wrong?
> > >
> > > Second question regards ppp chap refuse callin, is this how I can get
R3
> > to
> > > dial R5 and R5 will refuse authentication from R3 using Chap. In this
> > > instance, I want R3 to authenticate not R5. This solution seems to
> simple
> > > because of only 1 statement. Right now, it does work with this
> statement,
> > > but I'm thinking that I need to do callback or something. Can someone
> > > explain? thanks. Here's the configuration:
> > >
> > > On R3:--->
> > >
> > > interface BRI0
> > > no ip address
> > > no ip directed-broadcast
> > > ip ospf interface-retry 0
> > > dialer pool-member 1
> > > isdn switch-type basic-ni
> > > isdn spid1 0835866101
> > > isdn spid2 0835866301
> > > !
> > > interface Dialer1
> > > ip address 170.100.35.243 255.255.255.240
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > ip ospf interface-retry 0
> > > dialer remote-name r5
> > > dialer string 8358662
> > > dialer string 8358664
> > > dialer pool 1
> > > dialer-group 1
> > > ppp authentication chap
> > > ppp chap hostname user5
> > > ppp multilink
> > >
> > > On R5:--->
> > >
> > > interface BRI0
> > > no ip address
> > > no ip directed-broadcast
> > > ip ospf interface-retry 0
> > > dialer pool-member 1
> > > isdn switch-type basic-ni
> > > isdn spid1 0835866201
> > > isdn spid2 0835866401
> > > !
> > > interface Dialer1
> > > ip address 170.100.35.245 255.255.255.240
> > > no ip directed-broadcast
> > > encapsulation ppp
> > > ip ospf interface-retry 0
> > > dialer remote-name r3
> > > dialer string 8358661
> > > dialer string 8358663
> > > dialer pool 1
> > > ppp authentication chap
> > > ppp chap hostname user5
> > > ppp chap refuse callin
> > > ppp multilink
> > >
> > > > > Tin T. Bui
> > > > > Senior Network Manager
> > > > > CCNP, CNE, MCP
> > > > > Network Management Center
> > > > > SBC Services Inc.
> > > > > 7337 Trade Street, Rm 1110
> > > > > San Diego, Ca 92121
> > > > > Office #: 858-886-4644/858-886-4589
> > > > > Pager #: 858-494-0482
> > > > > Fax #: 858-549-4103
> > > > > Email: tb4565@sbc.com
> > >

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:28:58 GMT-3