RE: Should I disable cdp on ISDN

From: Scott Morris (swm@emanon.com)
Date: Thu Sep 25 2003 - 16:44:39 GMT-3

That's actually a very good point (most of it)...

After meandering through the debugs, PPP actually creates the route at
the end of the IPCP phase. It has nothing to do with whether you are
using an unnumbered interface or not! It will show up as a connected
route.

My configs did have a redistribute connected that I had forgotten to
take off. :) (minor oversight!) But that's the part that caused it
being a problem appearing and disappearing from the ospf database.

But ya know... One of those days.

As for pinging the other side or not, it would depend on whether you
were using the old Legacy DDR (dial string), or profiles or not. With
dialer maps, it would already have the reachability. For older style,
or ISP-style stuff where you're configuring things to not necessarily
know the other end's IP (or your own), then you are absolutely correct,
it would make a difference.

Scott

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Brian Dennis
Sent: Thursday, September 25, 2003 1:53 PM
To: 'Peng Zheng'; 'Scott Morris'; 'Barney Gaumer'; 'Nawaz, Ajaz'; 'Donny
MATEO'
Cc: ccielab@groupstudy.com
Subject: RE: Should I disable cdp on ISDN

That is the point of my e-mail. CDP and "peer neighbor-route" should not
bring the line up. Now the "peer neighbor-route" feature 'could' cause
the line to bounce when doing route redistribution. As a side note PPP
multilink 'could' also cause the link to bounce when using OSPF demand
circuit.

Now on to your questions:

1) Should I use dialer-group on R5, if I don't, R5
won't callback R4 when I ping R5 from R4. But If I
configure it, the callback reason OSPF.

Are you sure that PPP callback needs a dialer-group to return a call?
Try it out.

2) If I configure dialer-group on R5, can I configure
ip ospf demand-circuit on R4. If I did so, R5 will
call R4 when just reload both of them. Is this
conflict with "Only R4 initiate call"?

As per RFC 1793 (OSPF over Demand Circuits):
<Quote>
A demand point-to-point circuit need be configured in only one of the
two endpoints. </Quote>

If you do not want R5 to make a call for any reason just do not include
the dialer-group command under the interface. Be sure to set the dialer
idle-timeout to 0 on R5 since R5 does not have any interesting traffic
specified so that it will not ever drop the link due to the lack of
interesting traffic.

That being said R5 could still make a call if using dialer watch or
dialer persistent (12.2T) even without a dialer-group command.

Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
Internetwork Expert, Inc.
http://www.InternetworkExpert.com

-----Original Message-----
From: Peng Zheng [mailto:zpnist@yahoo.com]
Sent: Thursday, September 25, 2003 10:34 AM
To: Brian Dennis; 'Scott Morris'; 'Barney Gaumer'; 'Nawaz, Ajaz'; 'Donny
MATEO'
Cc: ccielab@groupstudy.com
Subject: RE: Should I disable cdp on ISDN

I have a case:

R5----R4

Only R4 initiate call, R5 will callback. R4 will watch
some routes. OSPF won't bring up the link.

I configure both demand-circuit and dialer-watch

My config on R4:

interface BRI0
 ip address 145.45.45.4 255.255.255.240
 encapsulation ppp
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 110A1016141D
 dialer idle-timeout 180
 dialer map ip 150.50.12.0 name R5 broadcast
4082222222
 dialer map ip 145.45.45.5 name R5 broadcast
4082222222
 dialer load-threshold 128 either
 dialer watch-group 1
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 40811111111 4081111111
 isdn spid2 40811111112 4081111111
 cdapi buffers regular 0
 cdapi buffers raw 0
 cdapi buffers large 0
 ppp callback request
 ppp authentication chap callin
 ppp chap hostname r4
 ppp chap password 7 14141B180F0B
 ppp multilink

dialer-list 1 protocol ip permit

------------------------
on R5:

interface BRI0
 ip address 145.45.45.5 255.255.255.240
 encapsulation ppp
 ip ospf authentication message-digest
 ip ospf message-digest-key 1 md5 7 070C285F4D06
 ip ospf demand-circuit
 dialer callback-secure
 dialer idle-timeout 180
 dialer map ip 145.45.45.4 name r4 class dialer1
broadcast 4081111111
 dialer load-threshold 128 either
 dialer-group 1
 isdn switch-type basic-ni
 isdn spid1 40822222221 4082222222
 isdn spid2 40822222222 4082222222
 cdapi buffers regular 0
 cdapi buffers raw 0
 cdapi buffers large 0
 ppp callback accept
 ppp authentication chap PPPCALLBACK
 ppp authorization PPPCALLBACK
 ppp multilink

dialer-list 1 protocol ip permit
------------------------------

I have several question:

1) Should I use dialer-group on R5, if I don't, R5
won't callback R4 when I ping R5 from R4. But If I
configure it, the callback reason OSPF.

2) If I configure dialer-group on R5, can I configure
ip ospf demand-circuit on R4. If I did so, R5 will
call R4 when just reload both of them. Is this
conflict with "Only R4 initiate call"?

3)in this case, I enable cdp and peer nei, it didn't
bring

--- Brian Dennis <bdennis@internetworkexpert.com>
wrote:
> Scott,
> Can you send the debugs from when CDP generates this
> host route in the
> routing table and causes OSPF to trigger a call? Of
> course add the "no
> peer neighbor-route" command so we can be sure it's
> CDP that is
> generating the host route. Actually if you can get
> the "peer
> neighbor-route" command to cause an OSPF demand
> circuit to trigger a
> call without involving route redistribution send the
> debugs for that
> also.
>
> Are you 100% sure that the host route for the "peer neighbor-route"
> command is generated by CDP or has anything to do
> with CDP? Disable CDP
> and see if it still appears. In fact try it with
> another vendor's device
> on the other side if you have one around.
>
> The "peer neighbor-route" command is needed normally
> for unnumbered
> links. If a link is unnumbered a route will be
> needed to the remote
> side's IP address. This "peer neighbor-route"
> command is how a route to
> the remote end is created. If you disable the "peer neighbor-route"
> command on an unnumbered link, a static route will
> normally be needed to
> reach the remote end.
>
> For someone to get an understanding of the "peer neighbor-route"
> command and how it's used in the real world I recommend
> enabling PPP on a serial
> link between two routers. Use IP unnumbered off of
> each respective
> router's loopback interface and then ping the remote
> end's loopback. Now
> do a "no peer neighbor-route" command on each side
> of the link and
> 'bounce' (shut/no shut) the interface. Try to ping
> the remote end's
> loopback to see the benefit of having the "peer
> neighbor-route" command
> on.
>
> In regards to the original question about CDP
> triggering a call, I would
> be impressed if someone can create a dialer-list
> that permits CDP to
> begin with. CDP triggering a call by default is an
> urban legend.
>
> Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
> bdennis@internetworkexpert.com
> Toll Free: 877-224-8987
> Direct: 775-745-6404 (Outside the US and Canada)
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
>
> -----Original Message-----
> From: nobody@groupstudy.com
> [mailto:nobody@groupstudy.com] On Behalf Of
> Scott Morris
> Sent: Thursday, September 25, 2003 8:39 AM
> To: 'Barney Gaumer'; 'Nawaz, Ajaz'; 'Donny MATEO';
> 'Peng Zheng'
> Cc: ccielab@groupstudy.com; nobody@groupstudy.com
> Subject: RE: Should I disable cdp on ISDN
>
> Let's back up a little bit... Dialer circuits are interesting
> creatures unto themselves.
>
> CDP will allow the generation of a neighbor route
> (/32 host route). When
> it comes up, it's in your OSPF table. When CDP
> neighbor goes away (no
> relation to OSPF), then the host route goes away.
> If the host route
> goes away, your database changes and OSPF will dial
> up the other side to
> talk about it. Then the route comes back...
>
> It's a big evil circle.
>
> You can disable CDP. That's one way to solve the
> problem. The other
> way is:
>
> No peer neighbor-route
>
> That will prevent the generation of the /32 route
> for the CDP neighbor
> on a dial circuit. So from that aspect, I can see
> where people get the
> idea that CDP brings the link up. It doesn't
> really, but because of
> something 'assisted by' CDP that it does.
>
> Give that a whirl and see whether your
> up/down/up/down problem goes
> away!
>
>
> Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service
> Provider) #4713,
> CISSP, JNCIS, et al.
> IPExpert CCIE Program Manager
> IPExpert Sr. Technical Instructor swm@emanon.com/smorris@ipexpert.net
> http://www.ipexpert.net
>
>
>
> -----Original Message-----
> From: Barney Gaumer [mailto:bagaumer@yahoo.com]
> Sent: Thursday, September 25, 2003 11:27 AM
> To: Scott Morris; 'Nawaz, Ajaz'; 'Donny MATEO';
> 'Peng Zheng'
> Cc: ccielab@groupstudy.com; nobody@groupstudy.com
> Subject: RE: Should I disable cdp on ISDN
>
>
> I was playing with OSPF demand circuit the other day
> &
> the only way I could get everything to work was to
> enable broadcast on the "dialer map ip" and use
> "ospf database-filter"
> otherwise the link kept flapping up and down.
>
> The adjacency occured like it should for a demand
> circuit and all of the routes were there, just
> didn't
> think I had to do anything more than make one side
> of
> the ISDN circuit a demand circuit.
>
> What did I do wrong??
>
> interface BRI0/0
> bandwidth 128
> ip address 10.1.1.1 255.255.255.0
> encapsulation ppp
> ip ospf demand-circuit
> ip ospf database-filter all out
> dialer map ip 10.1.1.2 name rtr-g broadcast
> 4082222222
> dialer load-threshold 1 outbound
> dialer-group 1
> isdn switch-type basic-ni
> isdn spid1 40811111111
> isdn spid2 40811111112
> no cdp enable
> ppp authentication chap
> ppp chap hostname rtr-a
> ppp chap password 0 cisco
> ppp multilink
>
> --- Scott Morris <swm@emanon.com> wrote:
> > OSPF Demand Circuit has nothing to do with whether
> > CDP will bring your
> > circuit up or not! Your definition of interesting
> > traffic defines that.
> > OSPF demand circuit doesn't define interesting
> > traffic. It makes sure
> > that even though OSPF >IS< interesting traffic, it
> > won't be constantly
> > talking to the other side unless something change.
> >
> > OSPF Demand Circuit suppresses the hello packets
> > (which would be
> > interesting) and puts routes in the database into
> a
> > do not age state in
> > order to keep them happy. And keeps the neighbor connection formed
> > (part of suppressing hellos).
> >
> > CDP is still a completely different beast.
> >
> >
> > Scott Morris, CCIE4 (R&S/ISP-Dial/Security/Service
> > Provider) #4713,
> > CISSP, JNCIS, et al.
> > IPExpert CCIE Program Manager
> > IPExpert Sr. Technical Instructor
> swm@emanon.com/smorris@ipexpert.net
> > http://www.ipexpert.net
> >
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com
> > [mailto:nobody@groupstudy.com] On Behalf Of
> > Nawaz, Ajaz
> > Sent: Thursday, September 25, 2003 8:58 AM
>
=== message truncated ===

__________________________________
Do you Yahoo!?
The New Yahoo! Shopping - with improved product search
http://shopping.yahoo.com

***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***

This archive was generated by hypermail 2.1.4 : Wed Oct 01 2003 - 07:24:37 GMT-3