From: W. Alan Robertson (warobertson@xxxxxxxxxxxxx)
Date: Wed May 30 2001 - 13:29:17 GMT-3
Pasted below is a configuration template from a project I worked on
last year... DLSW over TCP encaps, across frame... Works splendidly.
It also has some other interesting stuff...
Things to note:
ip tcp path-discovery - Allows the DLSW session to make use of larger
MTU size, instead of default (568, or somesuch)
dlsw explorer wait time - If you don't specifiy this, DLSW will ignore
the Cost parameter, setting up a circuit instead to the first
responder
Also, these are working configurations for PU2 and PU4 connected
serial devices, as well as the router's "service point" function, so
that it can be viewed by Mainframe applications like NetView.
Best of luck...
Alan
----- Original Message -----
From: "peter brown" <pita40@hotmail.com>
To: <ccielab@groupstudy.com>
Sent: Wednesday, May 30, 2001 3:46 PM
Subject: dlsw+
> Hello,
> Does anybody have a working config for DLSW+ over Frame relay. Do
you only
> use LLc and Direct encap for DLSW+ over frame. I ask this question
because
> the example in CCO had only for llc and Direct. There was no sample
config
> for TCP/IP encapsulation.
----- Begin Paste -----
!################################################################
!# #
!# DI Router Configuration Template #
!# Version 2.2 - Final - 01/05/2001 #
!# #
!################################################################
!# #
!# Updated DLSW+ timer parameters #
!# Updated PU2.0 SDLC timers #
!# Updated PU4.0 MTU and SDLC parameters #
!# Updated SNMP trap destinations #
!# Updated SNMP trap catagories #
!# Updated timezone instructions #
!# Updated enable password to use secret #
!# Updated access-list 90 #
!# Information reflecting new management consoles #
!# #
!# Added TACACS+ configuration #
!# Added AAA authentication parameters #
!# Added AAA accounting parameters #
!# Added MTU path discovery #
!# Added remote logging (SYSLOG) #
!# Added NTP server (Network Time Protocol) #
!# Added initital buffer settings #
!# Added template version control #
!# template version included in Loopback description #
!# and in SNMP contact field #
!# #
!# Removed passwords from CON, AUX and VTY lines #
!# Superceded by AAA authentication configuration #
!# #
!################################################################
!# #
!# All Variables [Bracketed] #
!# #
!################################################################
!
!
!
service timestamps debug uptime
service timestamps log datetime localtime show-timezone
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
!
!
hostname [HOSTNAME]
!
!
!
enable secret [secret string]
!
logging buffered 100000 debugging
no logging console
logging monitor informational
logging source-interface Loopback 0
logging [xxx.xxx.xxx.xxx]
!
ip subnet-zero
no ip source-route
no ip finger
ip domain-list comany.org
ip domain-name company.org
ip name-server [xxx.xxx.xxx.xxx]
ip tcp path-mtu-discovery
ntp server [xxx.xxx.xxx.xxx]
!
!
!
!
! All timezones will be set for Eastern Time
! Do *NOT* alter Timezone Configuration based on install location
!
clock timezone EST -5
clock summer-time EDT recurring
!
!
!
!
! In the 'boot host' line below, [x] is the first character of the
hostname, lower case.
!
boot host tftp district[x]/[HOSTNAME] [xxx.xxx.xxx.xxx]
!
!
!
!
! Tacacs+ Information
!
tacacs-server host [xxx.xxx.xxx.xxx]
tacacs-server host [xxx.xxx.xxx.xxx]
tacacs-server key [keysting]
aaa new-model
aaa authentication login default tacacs+ enable
aaa authentication login no_tacacs line
aaa authentication enable default enable
aaa accounting exec start-stop tacacs+
aaa accounting commands 15 start-stop tacacs+
aaa accounting system start-stop tacacs+
aaa accounting nested
!
!
!
!
source-bridge ring-group 9
source-bridge largest-frame 9 8144
dlsw local-peer peer-id [Lo0 ip-addr] lf 8144
!
!
!
!
!DLSW remote-peer costs will vary...
!
!56k customers will have a cost of 1 to cc1, 2 to cc3, and 3 to cc2
!256k and T1 customers will have a cost of 1 to cc3, 2 to cc1, and 3
to cc2
!
dlsw remote-peer 0 tcp 192.168.15.53 cost 1
dlsw remote-peer 0 tcp 192.168.25.53 cost 3
dlsw remote-peer 0 tcp 192.168.35.53 cost 2
dlsw timer explorer-wait-time 5
dlsw timer sna-explorer-timeout 5
!
!
!
!
sna vdlc 9 [svc-point vmac]
sna vdlc enable-host lsap 12
!
!
!
! In the following two command lines, the last character of HOSTNAME
is replaced
! with the letter 'C'. This is in keeping with an SNA convention.
!
sna host [HOSTNAM[C]] xid-snd [xid] rmac 4002.1fed.3745 rsap 4 lsap 12
focalpoint
sna vdlc start [HOSTNAM[C]]
!
!
!
!
! Default Buffer Adjustments
!
buffers middle permanent 50
buffers middle min-free 20
buffers large permanent 8
buffers large min-free 2
buffers huge permanent 4
buffers huge min-free 2
!
!
!
!
!
! Interface Configurations
!
!
interface Loopback0
description Config Template v2.2
ip address [loop ip-addr] 255.255.255.192
no ip redirects
no ip directed-broadcast
no ip proxy-arp
!
interface Ethernet0/0
ip address [e0 ip-addr] 255.255.255.192
no ip redirects
no ip directed-broadcast
no ip proxy-arp
shutdown
!
interface Serial0/0
description Frame Relay Physical Attachment
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
encapsulation frame-relay IETF
no ip mroute-cache
no fair-queue
frame-relay lmi-type ansi
no shutdown
!
interface Serial0/0.1 point-to-point
description PVC to Head-End-1 Frame Router [Head-end RTR Name]
[Head-end Interface]
ip address [s0/0.1 ip-addr] 255.255.255.248
no ip redirects
no ip directed-broadcast
no ip proxy-arp
frame-relay interface-dlci 31
!
interface Serial0/0.2 point-to-point
description PVC to Head-End-2 Frame Router [Head-end RTR Name]
[Head-end Interface]
ip address [s0/0.2 ip addr] 255.255.255.248
no ip redirects
no ip directed-broadcast
no ip proxy-arp
frame-relay interface-dlci 32
!
interface Serial0/0.3 point-to-point
description PVC to Head-End-3 Frame Router [Head-end RTR Name]
[Head-end Interface]
ip address [s0/0.3 ip-addr] 255.255.255.248
no ip redirects
no ip directed-broadcast
no ip proxy-arp
frame-relay interface-dlci 33
!
interface TokenRing0/0
ip address [to0/0 ip-addr] 255.255.255.192
no ip redirects
no ip directed-broadcast
no ip proxy-arp
shutdown
!
!
!
!
interface Serial1/0
description PU 2.0 device
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
encapsulation sdlc
no keepalive
clock rate [rate]
sdlc role primary
sdlc vmac [vmac.vmac.vmac]
sdlc address [sdlc addr]
sdlc xid [sdlc addr] [xid]
sdlc poll-pause-timer 300
sdlc partner 4002.1fed.3745 [sdlc addr]
sdlc dlsw default
no shutdown
!
!
!
!
interface Serial1/1
description PU 4.0 device
mtu 8144
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
encapsulation sdlc
no keepalive
clock rate [rate]
sdlc role primary
sdlc N1 65152
sdlc vmac [vmac.vmac.vmac]
sdlc address [sdlc addr]
sdlc xid [sdlc addr] [xid]
sdlc poll-pause-timer 300
sdlc partner 4004.1fed.3745 [sdlc addr]
sdlc sdlc-largest-frame 8144
sdlc dlsw default
no shutdown
!
!
!
!
interface Serial1/2
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
shutdown
!
interface Serial1/3
no ip address
no ip redirects
no ip directed-broadcast
no ip proxy-arp
shutdown
!
!
!
!
ip classless
!
router eigrp 100
network 10.0.0.0
network 172.21.0.0
network 172.22.0.0
network 172.23.0.0
distribute-list 10 out
no auto-summary
!
!
!
! Routing Distribution List 10
!
access-list 10 permit 10.0.0.0 0.255.255.255
!
!
!
!
! SNMP Server List
! Includes CSRs, MSAs, TACACS+, and Mgt Consoles
!
access-list 90 permit 192.168.20.68
access-list 90 permit 192.168.30.67
access-list 90 permit 192.168.20.65
access-list 90 permit 192.168.30.65
access-list 90 permit 192.168.20.69
access-list 90 permit 192.168.20.70
access-list 90 permit 192.168.20.71
access-list 90 permit 192.168.20.72
access-list 90 permit 192.168.20.73
access-list 90 permit 192.168.20.133
access-list 90 permit 192.168.20.134
access-list 90 permit 192.168.20.135
access-list 90 permit 192.168.20.136
access-list 90 permit 192.168.30.69
access-list 90 permit 192.168.30.70
access-list 90 permit 192.168.30.71
access-list 90 permit 192.168.30.72
access-list 90 permit 192.168.30.73
access-list 90 permit 192.168.30.133
access-list 90 permit 192.168.30.134
access-list 90 permit 192.168.30.135
access-list 90 permit 192.168.30.136
!
!
!
!
snmp-server community [read sting] RO 90
snmp-server community [write string] RW 90
snmp-server trap-source Loopback0
!
!
!
snmp-server location [Name, Location (City, State), Hot or Cold
Equipment)]
!
!
!
! Setting the template version in the 'contact' field will
! make it simpler to identify which routers will need to be
! updated in the future
!
snmp-server contact Config Template v2.2
snmp-server enable traps snmp
snmp-server enable traps config
snmp-server enable traps envmon
snmp-server enable traps frame-relay
snmp-server enable traps dlsw
snmp-server enable traps llc
!
!
!
!
! Routers have 2 Trap Destinations: P2XCSR00, and P3XCSR00
!
snmp-server host [xxx.xxx.xxx.xxx] traps [string]
snmp-server host [xxx.xxx.xxx.xxx] traps [string]
!
snmp-server tftp-server-list 90
!
!
!
!
banner login ^
===============
* WARNING *
===============
----------------------------------------------------------------------
--- This computer system is a private network. Individuals using this system are subject to having their activities monitored and anyone using this system expressly consents to such monitoring.Unauthorized access to this system is a federal offense under provisions of the Computer Fraud and Abuse Act, 18 U.S.C. 1030. Persons gaining unauthorized access may be prosecuted to the fullest extent of the law. ---------------------------------------------------------------------- ---
^C ! ! ! ! line con 0 exec-timeout 5 0 login transport input none line aux 0 exec-timeout 5 0 line vty 0 4 access-class 90 in exec-timeout 5 0 login length 0 ! no scheduler allocate ! !end **Please read:http://www.groupstudy.com/list/posting.html
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:57 GMT-3