From: Nigel Taylor (nigel_taylor@xxxxxxxxxxx)
Date: Tue Nov 06 2001 - 07:52:42 GMT-3
Just as a thought you might want to try doing the following on your
dialer-list
access-list 102 deny ospf any any
access-list 102 permit ip any any
Here's a few links that might help..
http://www.cisco.com/warp/public/104/dcprob.html
http://www.cisco.com/warp/public/104/dc.html
http://www.cisco.com/warp/public/129/config-bri-map.html
HTH
Nigel
----- Original Message -----
From: "Ademola Osindero" <osindero@lagos.sns.slb.com>
To: "Ben-Shalom, Omer" <omer.ben-shalom@intel.com>; <ccielab@groupstudy.com>
Sent: Tuesday, November 06, 2001 3:15 AM
Subject: Re: OSPF demand circuit with dialer interfaces (yes, again !!!)
> Omer,
>
> I have not tried this suggestion but this was what I learned from a
> practice lab
>
> Create an access-list that defines interesting traffic using
>
>
> access-list 101 deny ip any 255.255.255.255 0.0.0.0
> access-list 101 deny ip any 224.0.0.0 0.0.0.255
> access-list 101 permit ip any any
>
>
>
> Don't explicitly permit ospf packets, but just permit ip after denying
> 224.0.0.0 traffic.
>
> Hope this works
>
> Ademola
>
>
> At 09:57 AM 11/6/2001 +0200, Ben-Shalom, Omer wrote:
> >I know this is one of the most discussed issues in the past and I read
> >through about 300 letter on this BUT
> >
> >The previous responses are sometimes conflicting and I don't see any
> >solution for my problem.
> >
> >(for people who want to go straight to the real question look below at
the
> >!!!! line)
> >to sum:
> >
> >I have 2 routers running only OSPF, they are connected via ISDN with
dialer
> >interfaces.
> >
> >The ISDN line keeps coming up immediately after it goes down, dial reason
is
> >sending to 244.0.0.5,
> >
> >I tried setting one or both sides to be demand circuit, in both cases
both
> >sides show that it is a demand circuit with show ip ospf interface.
> >
> >DNA is showing in database, dead time is empty.
> >
> >Everything looks OK but I always show that the router is sending periodic
> >data such as
> >4d22h: Di0 DDR: ip (s=150.100.100.1, d=224.0.0.5), 64 bytes
> >
> >and so on - every 40 seconds, in spite of this the ispf network type is
> >point-to-point and show ip ospf int dialer 0 shows:
> >
> >Dialer0 is up, line protocol is up (spoofing)
> > Internet Address 150.100.100.1/24, Area 0
> > Process ID 1, Router ID 2.2.2.2, Network Type POINT_TO_POINT, Cost:
1785
> > Configured as demand circuit.
> > Run as demand circuit.
> > DoNotAge LSA allowed.
> > Transmit Delay is 1 sec, State DOWN,
> > Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
> > Hello due in 00:00:39 (using PollInterval of 40)
> > !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> >
> >so I am at a loss as to why the router is sending hello every 40 seconds
> >when it is
> >clearly marked as a demand circuit with DoNotAge LSA allowd
> >
> >Changing the interesting traffic definition brings:
> >
> >Nov 6 09:35:32: Di0 DDR: ip (s=150.100.100.1, d=224.0.0.5), 64 bytes,
> >outgoing uninteresting (list 102)
> >Nov 6 09:36:12: Di0 DDR: ip (s=150.100.100.1, d=224.0.0.5), 64 bytes,
> >outgoing uninteresting (list 102)
> >(again every 40 seconds)
> >
> >but then the adjacency is going down after a while with the message:
> >%OSPF-5-ADJCHG: Process 1, Nbr 3.3.3.3 on Dialer0 from FULL to DOWN,
> >Neighbor Down: Too many retransmissions on Demand Circuit
> >
> >Both routers are running 12.1
> >
> >setting the no peer route option on the interface removes the host route
of
> >the other end but does not change the situation in any way.
> >
> >defining demand circuit on one side or both, on dial interface and/or
> >physical interface and so on makes no change.
> >
> >My configuration of one router below (the other is very similar)
> >
> >Any remarks on what to do to stop this are most welcome, I am really at a
> >loss here
> >
> >Thanks
> >
> >Omer.
> >
> >------------- config follows -------------------
> >
> >version 12.1
> >service timestamps debug datetime
> >service timestamps log uptime
> >no service password-encryption
> >!
> >hostname 3600-2
> >!
> >enable password cisco
> >!
> >username 2500-2 password 0 cisco
> >username dspcbc password 0 cisco
> >!
> >!
> >!
> >!
> >ip subnet-zero
> >no ip domain-lookup
> >!
> >isdn switch-type basic-dms100
> >!
> >!
> >crypto isakmp policy 10
> > authentication pre-share
> >crypto isakmp key cisco address 150.100.100.2
> >!
> >!
> >crypto ipsec transform-set DSPC ah-md5-hmac esp-des
> >!
> >crypto map DSPC 10 ipsec-isakmp
> > set peer 150.100.100.2
> > set transform-set DSPC
> > match address 101
> >!
> >interface Loopback0
> > ip address 2.2.2.2 255.255.255.255
> >!
> >interface Tunnel10
> > ip address 150.100.200.1 255.255.255.252
> > shutdown
> > tunnel source Dialer0
> > tunnel destination 150.100.100.2
> >!
> >interface Serial0/0
> > no ip address
> > encapsulation frame-relay
> > no fair-queue
> > serial restart-delay 0
> >!
> >interface Ethernet1/0
> > ip address 170.100.42.241 255.255.255.240
> >!
> >interface BRI2/0
> > no ip address
> > encapsulation ppp
> > ip ospf demand-circuit
> > dialer pool-member 1
> > isdn switch-type basic-dms100
> > no peer neighbor-route
> > ppp authentication chap
> > ppp multilink
> > crypto map DSPC
> >!
> >interface Dialer0
> > ip address 150.100.100.1 255.255.255.0
> > encapsulation ppp
> > ip ospf network point-to-point
> > ip ospf demand-circuit
> > dialer pool 1
> > dialer remote-name dspcbc
> > dialer string 9039271092
> > dialer-group 1
> > no peer neighbor-route
> > ppp authentication chap
> >!
> >router ospf 1
> > router-id 2.2.2.2
> > log-adjacency-changes
> > network 2.2.2.2 0.0.0.0 area 0
> > network 150.100.100.1 0.0.0.0 area 0
> >!
> >ip classless
> >ip http server
> >!
> >access-list 101 permit ospf any any
> >access-list 101 permit ip any any
> >access-list 101 permit igmp any any
> >access-list 102 deny ip any host 224.0.0.5
> >access-list 102 permit ip any any
> >dialer-list 1 protocol ip list 102
> >!
This archive was generated by hypermail 2.1.4 : Fri Jun 21 2002 - 06:45:05 GMT-3