© Synergon Informatika Rt., 1999 Chapter 16 Configuring Bandwidth on Demand

Synergon Informatika Rt.

© Synergon Informatika Rt., 1999

Chapter 16

Configuring Bandwidth on Demand

2

Objectives

Upon completion of this chapter, you will be

able to perform the following tasks:Configure dial-on-demand routing (DDR)Configure DDR using access listsConfigure PPP authenticationConfigure DDR rotary group Configure IPX over DDRConfigure snapshot routingConfigure dial backup

3

Bandwidth on Demand Overview

Primary

Backup

Dial-on-Demand Routing

Dial Backup

4

Dial-on-Demand Routing Configuration

5

Dial-on-Demand OverviewSynchronizeDatabase

Orders are Are Placed

Manufacturingand

Shipping

Headquarters

• Transaction processing using DDR

Publish Confirmations

6

Dial-on-Demand Routing Use

ISDN orPSTN

• Use for low-volume, periodic traffic

• Connect remote sites only when traffic dictates

7

DDR Operation

ISDN orBasic

Service

• Interesting packets dictate DDR call

• User dictates what is interesting

• After idle period, call disconnected

“Interesting”packet arrives

DCE

Dial connection

8

DDR Configuration Tasks1 Define interesting traffic2 Enable DDR on an interface3 Assign traffic definition to an interface 4 Define destination(s)5 Configure call parameters

1 Define interesting traffic2 Enable DDR on an interface3 Assign traffic definition to an interface 4 Define destination(s)5 Configure call parameters

DDR

Destination

DDR

call

parameters

DDR

call

parameters

S0/B0

Dialer groupDialer group

Dialer List

9

DDR CommandsRouter (config) #

dialer-list dialer-group protocol protocol-name [ permit | deny | list access-list-number ]

dialer-list dialer-group protocol protocol-name [ permit | deny | list access-list-number ]

Defines “interesting” packets for DDR Assigns an access list to dialer group

Router (config) #

dialer-list dialer-group list access-list-number dialer-list dialer-group list access-list-number

• Assigns an access list to a dialer group

Router (config-if) #

dialer in-band dialer in-band

• Enables DDR on an interface• Not required for ISDN BRI

10

DDR Commands (cont.)Router (config-if) #

dialer-group group-numberdialer-group group-number

Assigns an interface to dialer access group


dialer map protocol next-hop-address [ name hostname ] [ speed 56| 64 ] [ broadcast ] [ dialer-string ]

dialer map protocol next-hop-address [ name hostname ] [ speed 56| 64 ] [ broadcast ] [ dialer-string ]

• Defines how to reach a destination


dialer string string-numberdialer string string-number

• Specifies the telephone number to be called for interfaces calling a single site

11

DDR Optional CommandsRouter (config-if) #

dialer-load-threshold load [ outbound | inbound | either ]dialer-load-threshold load [ outbound | inbound | either ]

• Sets maximum load before dialing additional calls


dialer idle-timeout secondsdialer idle-timeout seconds

• Establishes the idle time before disconnect


dialer fast-idle secondsdialer fast-idle seconds

• Establishes idle time when line contention exists

12

DDR Example

171.68.14.0131.108.126.1

BR0ISDNA B

131.108.126.2

171.68.12.0

5551234(Number to reach)

• Traffic for subnets 12 and 14 of network

171.68.0.0 will trigger a DDR call

E0

13

DDR Example (cont.)

isdn switch-type basic-net3

ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2dialer-list 1 protocol ip permit !interface bri 0 encapsulation pppip address 131.108.126.1 255.255.255.0dialer-group 1!dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300

isdn switch-type basic-net3

ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2dialer-list 1 protocol ip permit !interface bri 0 encapsulation pppip address 131.108.126.1 255.255.255.0dialer-group 1!dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300

Define static routes on Cisco A to reach networks on Cisco B

Protocol list identifies interesting packets

Interface configuration for DDR

Setup details for router and the dealing device

Time to wait for more traffic before DDR drops call

Subnets171.68.12.0172.68.14.0

131.108.126.1

BR0ISDNA B

131.108.126.2

BR0

14

DDR Using Access Lists Overview

Telnet

ISDNA B

IP

Initiates DDR call

Does not

• Access lists allow individual protocols to be defined as interesting (Telnet)

15

DDR Example

171.68.14.0131.108.126.1

BR0ISDNA B

131.108.126.2

171.68.12.0

BR0555-1234

• IP FTP traffic for subnets 12 and 14 of network 171.68.0.0 will trigger a DDR call

• IGRP routing updates and ping will not trigger a DDR call

E0

16

DDR/Access List Example (cont.)

access-list 101 deny igrp any 255.255.255.255 0.0.0.0access-list 101 deny icmp any 171.68.12.0 0.0.3.255echoaccess-list 101 permit tcp any 171.68.12.0 0.0.3.255 eq ftp dialer-list 1 list 101 !ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2 !interface bri 0ip address 131.108.126.1 255.255.255.0dialer-group 1dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300 ]

access-list 101 deny igrp any 255.255.255.255 0.0.0.0access-list 101 deny icmp any 171.68.12.0 0.0.3.255echoaccess-list 101 permit tcp any 171.68.12.0 0.0.3.255 eq ftp dialer-list 1 list 101 !ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2 !interface bri 0ip address 131.108.126.1 255.255.255.0dialer-group 1dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300 ]

Access list defining interesting packets on Cisco A

Static routes to reach destination

Interface configuration DDR

Time to wait before call

Subnets171.68.12.0172.68.14.0131.108.126.1

BR0ISDNA B

131.108.126.2

BR0

17

Verifying DDR Configuration

Home-isdn-router # show dialer interface b 0BRI0 - dialer type = ISDN

Dial String Success Failures Last called Last status 01:10:43 successful

0 incoming call(s) have been screened.

Time until disconnect 116 secsCurrent call connected 00:10:44

BRI0: B-Channel 2

Idle timer (120 secs), Fast idle timer (20 secs)

Wait for carrier (30 secs), Re-enable (15 secs)

Home-isdn-router # show dialer interface b 0BRI0 - dialer type = ISDN

Dial String Success Failures Last called Last status 01:10:43 successful

0 incoming call(s) have been screened.

Time until disconnect 116 secsCurrent call connected 00:10:44

BRI0: B-Channel 2

Idle timer (120 secs), Fast idle timer (20 secs)

Wait for carrier (30 secs), Re-enable (15 secs)

14155551212 493 0

BRI0: B-Channel 1Idle timer (120 secs), Fast idle timer (20 secs)Wait for carrier (30 secs), Re-enable (15 secs)

Connected to 14155551212 (central-site-router1)

• Shows DDR interface diagnostics

18

Scalable DDR Configuration

19

Scalable DDR Configuration Topics

Configuring PPP authentication

Dialing multiple simultaneous destinations

using a rotary group

Configuring DDR for IPX

Using snapshot routing to avoid static route

configuration

20

PPP Authentication Overview

Dial_Up orCircuit-Switched

Network

PPP Session Establishment

1 Link Establishment Phase

2 Optional Authentication Phase

3 Network-Layer Protocol Phase

• Two PPP authentication protocols:

PAP and CHAP

21

PPP Authentication Using PAP

Remote Router

(SantaCruz)

Hostname: santacruzPassword: boardwalk

Central-Site Router(HQ)

Username santacruzPassword boardwalk

2-Way Handshake

“santacruz, boardwalk”

Accept/Reject

• Passwords sent in clear text

• Peer in control of attempts

22

PPP Authentication Using CHAP

Remote Router

(SantaCruz)

Hostname: santacruzPassword: boardwalk

Central-Site Router(HQ)

Username santacruzPassword boardwalk

3-Way Handshake

Challenge

Accept/Reject

• Uses encrypted “secret” known only to authenticator and peer

• Authenticator in control of attempts

Response

23

PPP Authentication Commands


ppp authentication chapppp authentication chap

Forces incoming calls to answer password challenges


ppp authentication papppp authentication pap

• Sets password checking for incoming calls

24

PPP Authentication Commands (cont.)


username name password secret-pwdusername name password secret-pwd

Establishes the host name and password used during incoming call verification


dialer map protocol next-hop-address name hostnamedialer map protocol next-hop-address name hostname

• Defines how to reach one or more destinations when using CHAP authentication

25

PPP Authentication Example

131.108.126.1

BR0

PSTNor

ISDNA B

131.108.126.2

RIGHTBR0

E0S0

LEFT

E0

interface s 0 (OR bri 0)ip address 131.108.125.1 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.2 name RIGHT 5552222!hostname LEFTusername RIGHT password cisco

interface s 0 (OR bri 0)ip address 131.108.125.1 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.2 name RIGHT 5552222!hostname LEFTusername RIGHT password cisco

interface s 0 (OR bri 0)ip address 131.108.126.2 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.1 name LEFT 5551111!hostname RIGHTusername LEFT password cisco

interface s 0 (OR bri 0)ip address 131.108.126.2 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.1 name LEFT 5551111!hostname RIGHTusername LEFT password cisco

26

DDR Using Rotary Group Overview

ISDN

TokenRing

TokenRing

Rotary Group

• Several physical interfaces make up a single dialer interface • Use for reaching multiple destinations at the same time

27

Rotary Configuration Overview

Commanddefining

interestingtraffic

Commanddefining

interestingtraffic

Virtual

dialer

Interface

Rotary Group

BR0BR0

BR1BR1

BR2BR2

BR3BR3

DDR call

parameters

DDR call

parameters

Directs interesting

traffic to an

available

interface

• Define interesting traffic to initiate call

• Associate interesting traffic to dialer interface

• Direct call and traffic to an interface

DDRinterfaces

28

DDR Rotary CommandsRouter (config) #

interface dialer number interface dialer number

• Creates a dialer interface used in rotary group configuration


dialer rotary-group number dialer rotary-group number

• Places a physical interface into a dialer rotary group


encapsulation pppencapsulation ppp

• Defines encapsulation type as PPP (required by rotary group DDR)

29

DDR Rotary Example

ISDN

3261111

BRI0

131.108.126.1

131.108.124.0

BRI3

4000

131.108.126.12500-A

171.68.12.0

171.68.14.0

BRI0

BRI02500-B

131.108.126.3

3263333

3262222

30

DDR Rotary Example (cont.)isdn switch-type basic-net3ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.3dialer-list 2 protocol ip permit username 2500-A password cisco username 2500-B password cisco !interface dialer 3id address 131.108.126.1 255.255.255.0encapsulation pppppp authentication chap dialer map ip 131.108.126.2 name 2500-A 3262222dialer map ip 131.108.126.3 name 2500-B 3263333dialer group 2 dialer load-threshold 160dialer fast-idle 15 dialer idle-timeout 120!int bri 0dialer rotary-group 3. .int bri 3dialer rotary-group 3

isdn switch-type basic-net3ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.3dialer-list 2 protocol ip permit username 2500-A password cisco username 2500-B password cisco !interface dialer 3id address 131.108.126.1 255.255.255.0encapsulation pppppp authentication chap dialer map ip 131.108.126.2 name 2500-A 3262222dialer map ip 131.108.126.3 name 2500-B 3263333dialer group 2 dialer load-threshold 160dialer fast-idle 15 dialer idle-timeout 120!int bri 0dialer rotary-group 3. .int bri 3dialer rotary-group 3

Set up static routes

Create the virtual interface

PPP encapsulation required

Connect to the interesting traffic definition

160/255=60%

Define interesting traffic

Assign physical interfaces to the rotarygroup for virtual interface 3

31

DDR Rotary Example (cont.)

isdn switch-type basic-net3!ip route 131.108.124.0 255.255.255.0 131.108.126.1dialer-list 2 protocol ip permit hostname 2500-Busername 4000 password cisco !interface bri 0encapsulation pppppp authentication chapip address 131.108.126.1 255.255.255.0dialer-group 2 dialer load-threshold 160dialer map ip 131.108.126.1 name 4000 3261111dialer idle-timeout 120!

isdn switch-type basic-net3!ip route 131.108.124.0 255.255.255.0 131.108.126.1dialer-list 2 protocol ip permit hostname 2500-Busername 4000 password cisco !interface bri 0encapsulation pppppp authentication chapip address 131.108.126.1 255.255.255.0dialer-group 2 dialer load-threshold 160dialer map ip 131.108.126.1 name 4000 3261111dialer idle-timeout 120!

Set up static route Prepare forauthentication on the link

Connect to the interesting traffic definition

Setup details for router and the dealing device

Set idle time before line is disconnected at 2 minutes (120 seconds)

Cisco 2500-B

32

DDR for IPX Overview

SPXKeepaliveWatchdogUpdates

SPXKeepalive

NetWare Server

• Spoofing allows the router to respond while the DDR interface is idle

33

Spoofing Configuration Tasks

1 Turn off route caching

2 Enable SPX spoofing

3 Enable Watchdog spoofing

4 Set SPX idle time

1 Turn off route caching

2 Enable SPX spoofing

3 Enable Watchdog spoofing

4 Set SPX idle time

34

DDR for IPX Example

Network 10

555123410.1234.5678.abcd

Network 20

Ipx route 20 10.1234.5678.abcddialer-list 1 protocol ip denydialer-list 1 protocol ipx permit!interface serial 0 ipx network 10dialer in-banddialer-group-1 no ipx route-cacheipx watchdog-spoofipx spx-spoofipx spx-idle-time 300!dialer map ipx 10.1234.5678.abcd 5551234

Ipx route 20 10.1234.5678.abcddialer-list 1 protocol ip denydialer-list 1 protocol ipx permit!interface serial 0 ipx network 10dialer in-banddialer-group-1 no ipx route-cacheipx watchdog-spoofipx spx-spoofipx spx-idle-time 300!dialer map ipx 10.1234.5678.abcd 5551234

35

Snapshot Routing Overview

RIP/IGRP

ISDN

RIP and SAP

• Allows dynamic distance vector routing protocols to run over DDR

• Reduces overhead of routing updates

36

Snapshot Routing Operation

Active

Period Quiet Period

Active

Period

Exchangeroutingupdates

ExchangeroutingupdatesFreeze routing table

Time (minutes)

37

Snapshot Client/Server Operation

Quite time expiresDial server router

Server Router Routing

Updates

ClientRouter

Send routes

• Client router calls server router during Active Period

• Periodic routing updates sent over LAN interface

38

Step 1 Specify a BRI interface

Step 2 Configure the client router

Step 3 Define a dialer map

Step 1 Specify a BRI interface

Step 2 Configure the client router

Step 3 Define a dialer map

Snapshot Configuration Tasks

Server Router

ClientRouter

ISDN

Step 1 Specify a ISDN interface

Step 2 Configure the server router

Step 1 Specify a ISDN interface

Step 2 Configure the server router

39

Snapshot Routing CommandsRouter (config-if) #

snapshot client active-time quite-time [ suppress-statechange-updates ] [ dialer ]

snapshot client active-time quite-time [ suppress-statechange-updates ] [ dialer ]

Configure client router


snapshot server active-time [ dialer ]snapshot server active-time [ dialer ]

• Configure server router


dialer map snapshot sequence-number [ name name ] dial-stringdialer map snapshot sequence-number [ name name ] dial-string

• Define a dialer map on client router

40

Snapshot Routing Example

Server Router

ClientRouter

ISDN

1-415-555-1212

interface BRI 0

snapshot client 5 7200 dialer

dialer map snapshot 60 name server-router 14155551212

interface BRI 0

snapshot client 5 7200 dialer

dialer map snapshot 60 name server-router 14155551212

interface BRI 0

snapshot server 5 dialer

interface BRI 0

snapshot server 5 dialer

Name

“server-router”

• Active periods must be the same

41

Verifying Snapshot Configuration

client-router # show snapshotBRI0 is up, line protocol is up Snapshot client line state up

Length of active period: 5 minutesLength of quite period: 720 minutesLength of retry period: 8 minutes

Current state: quite, remaining: 390 minutes

client-router # show snapshotBRI0 is up, line protocol is up Snapshot client line state up


Current state: quite, remaining: 390 minutes

client-router # clear snapshot quite-time bri 0client-router # show snapshotBRI0 is up, line protocol is upSnapshot client line state up


client-router # clear snapshot quite-time bri 0client-router # show snapshotBRI0 is up, line protocol is upSnapshot client line state up


Current state: active, remaining/exchange time 4/2 minutes Updates received this cycle: appletalk

42

Dial Backup Configuration

43

Dial Backup Overview

XXPrimary

Auto-dial modem

Secondary

Raises DTR

• A secondary line is available because of primary line loss or high usage

44

Dial Backup Commands Router (config-if) #

backup interface interface-namebackup interface interface-name


backup load { enable-threshold | never } { disable-load | never }backup load { enable-threshold | never } { disable-load | never }

• Specifies load limits for backup use


backup delay { enable-delay | never } { disable-delay | never }backup delay { enable-delay | never } { disable-delay | never }

• Sets response timers for line up/down

• Selects a backup line

45

Dial Backup Example

DSU/CSU DSU/CSU

int s 0

backup interface serial 1

backup delay 40 never

int s 0

backup interface serial 1

backup delay 40 never

Backup load 60 5Backup load 60 5

Primary

Secondary Auto-answer modem

Auto-dial modem

S0

S1

S0

S1

46

Summary

Cisco routers support many

bandwidth-on-demand features including:

Dial-on-demand routing (DDR)

DDR with access lists

Rotary group DDR

DDR for IPX

Snapshot routing

Dial backup

Documents

© Synergon Informatika Rt., 1999 Chapter 16 Configuring Bandwidth on Demand