RE: CCIE PRACTICE LABS (cisco press) lab1

From: john matijevic (matijevi@bellsouth.net)
Date: Wed Aug 11 2004 - 01:09:12 GMT-3

• Next message: Brian McGahan: "RE: vlan-map filters to deny IPX traffic"
• Previous message: asadovnikov: "RE: OFF Topic : Changes to CCIE staffing"
• Maybe in reply to: trouse@cisco.com: "CCIE PRACTICE LABS (cisco press) lab1"
• Next in thread: Terrence Rouse \(trouse\): "RE: CCIE PRACTICE LABS (cisco press) lab1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Trouse,
Were you at networkers? Name is familiar.
Anyways I have labbed up this lab and just about completed.
19:55:04: DLSw: START-TPFSM (peer 10.8.8.8(2065)): event:DLX-KEEPALIVE
REQ state
:CONNECT
19:55:04: DLSw: dtp_action_q() keepalive request from peer
10.8.8.8(2065)
19:55:04: DLSw: Keepalive Response sent to peer 10.8.8.8(2065))
19:55:04: DLSw: END-TPFSM (peer 10.8.8.8(2065)): state:CONNECT->CONNECT

19:55:04: DLSw: dlsw_tcpd_fini() for peer 10.8.8.8(2065)
19:55:04: DLSw: tcp fini closing connection for peer 10.8.8.8(2065)
19:55:04: DLSw: START-TPFSM (peer 10.8.8.8(2065)): event:ADMIN-CLOSE
CONNECTION
state:CONNECT
19:55:04: DLSw: dtp_action_b() close connection for peer 10.8.8.8(2065)
19:55:04: DLSw: END-TPFSM (peer 10.8.8.8(2065)): state:CONNECT->DISCONN
Actually, there is only 1 dlsw session between the 2 routers. We only
have 2 routers that are involved in this scenario. So what happened is
that nat broke the session because of the ip address translation. R5 is
configured for the local-peer id as 10.50.50.1 and the remote-peer
connection as 10.8.8.8. Without nat there is no drop session.

r5#sh dlsw peer
Peers: state pkts_rx pkts_tx type drops ckts TCP
upti
 TCP 10.8.8.8 DISCONN 0 0 conf 0 0 -
Total number of connected peers: 0
Total number of connections: 0
In conclusion, what is happening is that both connections are dropping
because both routers think they have the higher ip address, so they drop
both of the connections, and the result is a disconnect. The solution
excludes dlsw from being natted. I have found the following document
very helpful in seeing this issue.

http://www.cisco.com/en/US/tech/tk331/tk336/technologies_tech_note09186a
0080093db6.shtml

Please visit my forum on my website to discuss any other issues with
these practice labs, as I am giving support for them. I hope that helps
you.

Sincerely,

John Matijevic, CCIE #13254, MCSE, CNE, CCEA
Network Consultant
Hablo Espanol
305-321-6232
http://home.bellsouth.net/p/PWP-CCIE
 

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
trouse@cisco.com
Sent: Tuesday, August 10, 2004 11:36 PM
To: ccielab@groupstudy.com
Subject: CCIE PRACTICE LABS (cisco press) lab1

Just want to make sure I am not crazy. I am aware of the issues with
NAT and DLSW. Where the DLSW peers are both dropped their tcp session
because of IP address. However, I do not think this is a problem for
this lab one. B/C with or without nat only one tcp session is dropped
so DLSW peer is able to function under these conditions and SHOULD be
okay. But they describe this problem in the solution. While the
solution does fix any NAT/DLSW issues, I think the actual problem in
this scenerio is that the local peer-id on R5 no longer matches what R8
is using once it is NAT'ed. R8 will use 10.5.5.5 but the local peer-id
is 10.50.50.1. I capture the following debug.

1w4d: DLSw: START-TPFSM (peer 10.8.8.8(2065)): event:ADMIN-OPEN
CONNECTION state:DISCONN
1w4d: DLSw: dtp_action_a() attempting to connect peer 10.8.8.8(2065)
1w4d: DLSw: END-TPFSM (peer 10.8.8.8(2065)): state:DISCONN->WAIT_WR

1w4d: DLSw: Async Open Callback 10.8.8.8(2065) -> 11024
1w4d: DLSw: START-TPFSM (peer 10.8.8.8(2065)): event:TCP-WR PIPE OPENED
state:WAIT_WR
1w4d: DLSw: dtp_action_f() start read open timer for peer 10.8.8.8(2065)
1w4d: DLSw: END-TPFSM (peer 10.8.8.8(2065)): state:WAIT_WR->WAIT_RD

1w4d: DLSW: peer 10.8.8.8 using incorrect ip address 10.5.5.5
<====this is the problem in my opinion, not the dropping of both peers
as described.
1w4d: should match local-peer peer-id 10.50.50.1
1w4d: DLSw: dlsw_tcpd_fini() for peer 10.8.8.8(2065)
1w4d: DLSw: tcp fini closing connection for peer 10.8.8.8(2065)
1w4d: DLSw: START-TPFSM (peer 10.8.8.8(2065)): event:ADMIN-CLOSE
CONNECTION state:WAIT_RD
1w4d: DLSw: dtp_action_b() close connection for peer 10.8.8.8(2065)
1w4d: DLSw: END-TPFSM (peer 10.8.8.8(2065)): state:WAIT_RD->DISCONN

Can somone confirm or deny my analysis.

See sample lab here
http://www.ciscopress.com/content/images/1587051478/samplechapter/158705
1478content.pdf

Thanks

• Next message: Brian McGahan: "RE: vlan-map filters to deny IPX traffic"
• Previous message: asadovnikov: "RE: OFF Topic : Changes to CCIE staffing"
• Maybe in reply to: trouse@cisco.com: "CCIE PRACTICE LABS (cisco press) lab1"
• Next in thread: Terrence Rouse \(trouse\): "RE: CCIE PRACTICE LABS (cisco press) lab1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Sep 03 2004 - 07:02:41 GMT-3