Upload
lenard-junior-melton
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Synergon Informatika Rt.
© Synergon Informatika Rt., 1999
Chapter 16
Configuring Bandwidth on Demand
2
Objectives
Upon completion of this chapter, you will be
able to perform the following tasks:Configure dial-on-demand routing (DDR)Configure DDR using access listsConfigure PPP authenticationConfigure DDR rotary group Configure IPX over DDRConfigure snapshot routingConfigure dial backup
3
Bandwidth on Demand Overview
Primary
Backup
Dial-on-Demand Routing
Dial Backup
4
Dial-on-Demand Routing Configuration
5
Dial-on-Demand OverviewSynchronizeDatabase
Orders are Are Placed
Manufacturingand
Shipping
Headquarters
• Transaction processing using DDR
Publish Confirmations
6
Dial-on-Demand Routing Use
ISDN orPSTN
• Use for low-volume, periodic traffic
• Connect remote sites only when traffic dictates
7
DDR Operation
ISDN orBasic
Service
• Interesting packets dictate DDR call
• User dictates what is interesting
• After idle period, call disconnected
“Interesting”packet arrives
DCE
Dial connection
8
DDR Configuration Tasks1 Define interesting traffic2 Enable DDR on an interface3 Assign traffic definition to an interface 4 Define destination(s)5 Configure call parameters
1 Define interesting traffic2 Enable DDR on an interface3 Assign traffic definition to an interface 4 Define destination(s)5 Configure call parameters
DDR
Destination
DDR
call
parameters
DDR
call
parameters
S0/B0
Dialer groupDialer group
Dialer List
9
DDR CommandsRouter (config) #
dialer-list dialer-group protocol protocol-name [ permit | deny | list access-list-number ]
dialer-list dialer-group protocol protocol-name [ permit | deny | list access-list-number ]
Defines “interesting” packets for DDR Assigns an access list to dialer group
Router (config) #
dialer-list dialer-group list access-list-number dialer-list dialer-group list access-list-number
• Assigns an access list to a dialer group
Router (config-if) #
dialer in-band dialer in-band
• Enables DDR on an interface• Not required for ISDN BRI
10
DDR Commands (cont.)Router (config-if) #
dialer-group group-numberdialer-group group-number
Assigns an interface to dialer access group
Router (config-if) #
dialer map protocol next-hop-address [ name hostname ] [ speed 56| 64 ] [ broadcast ] [ dialer-string ]
dialer map protocol next-hop-address [ name hostname ] [ speed 56| 64 ] [ broadcast ] [ dialer-string ]
• Defines how to reach a destination
Router (config-if) #
dialer string string-numberdialer string string-number
• Specifies the telephone number to be called for interfaces calling a single site
11
DDR Optional CommandsRouter (config-if) #
dialer-load-threshold load [ outbound | inbound | either ]dialer-load-threshold load [ outbound | inbound | either ]
• Sets maximum load before dialing additional calls
Router (config-if) #
dialer idle-timeout secondsdialer idle-timeout seconds
• Establishes the idle time before disconnect
Router (config-if) #
dialer fast-idle secondsdialer fast-idle seconds
• Establishes idle time when line contention exists
12
DDR Example
171.68.14.0131.108.126.1
BR0ISDNA B
131.108.126.2
171.68.12.0
5551234(Number to reach)
• Traffic for subnets 12 and 14 of network
171.68.0.0 will trigger a DDR call
E0
13
DDR Example (cont.)
isdn switch-type basic-net3
ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2dialer-list 1 protocol ip permit !interface bri 0 encapsulation pppip address 131.108.126.1 255.255.255.0dialer-group 1!dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300
isdn switch-type basic-net3
ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2dialer-list 1 protocol ip permit !interface bri 0 encapsulation pppip address 131.108.126.1 255.255.255.0dialer-group 1!dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300
Define static routes on Cisco A to reach networks on Cisco B
Protocol list identifies interesting packets
Interface configuration for DDR
Setup details for router and the dealing device
Time to wait for more traffic before DDR drops call
Subnets171.68.12.0172.68.14.0
131.108.126.1
BR0ISDNA B
131.108.126.2
BR0
14
DDR Using Access Lists Overview
Telnet
ISDNA B
IP
Initiates DDR call
Does not
• Access lists allow individual protocols to be defined as interesting (Telnet)
15
DDR Example
171.68.14.0131.108.126.1
BR0ISDNA B
131.108.126.2
171.68.12.0
BR0555-1234
• IP FTP traffic for subnets 12 and 14 of network 171.68.0.0 will trigger a DDR call
• IGRP routing updates and ping will not trigger a DDR call
E0
16
DDR/Access List Example (cont.)
access-list 101 deny igrp any 255.255.255.255 0.0.0.0access-list 101 deny icmp any 171.68.12.0 0.0.3.255echoaccess-list 101 permit tcp any 171.68.12.0 0.0.3.255 eq ftp dialer-list 1 list 101 !ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2 !interface bri 0ip address 131.108.126.1 255.255.255.0dialer-group 1dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300 ]
access-list 101 deny igrp any 255.255.255.255 0.0.0.0access-list 101 deny icmp any 171.68.12.0 0.0.3.255echoaccess-list 101 permit tcp any 171.68.12.0 0.0.3.255 eq ftp dialer-list 1 list 101 !ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.2 !interface bri 0ip address 131.108.126.1 255.255.255.0dialer-group 1dialer map ip 131.108.126.2 5551234!dialer idle-timeout 300 ]
Access list defining interesting packets on Cisco A
Static routes to reach destination
Interface configuration DDR
Time to wait before call
Subnets171.68.12.0172.68.14.0131.108.126.1
BR0ISDNA B
131.108.126.2
BR0
17
Verifying DDR Configuration
Home-isdn-router # show dialer interface b 0BRI0 - dialer type = ISDN
Dial String Success Failures Last called Last status 01:10:43 successful
0 incoming call(s) have been screened.
Time until disconnect 116 secsCurrent call connected 00:10:44
BRI0: B-Channel 2
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Home-isdn-router # show dialer interface b 0BRI0 - dialer type = ISDN
Dial String Success Failures Last called Last status 01:10:43 successful
0 incoming call(s) have been screened.
Time until disconnect 116 secsCurrent call connected 00:10:44
BRI0: B-Channel 2
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
14155551212 493 0
BRI0: B-Channel 1Idle timer (120 secs), Fast idle timer (20 secs)Wait for carrier (30 secs), Re-enable (15 secs)
Connected to 14155551212 (central-site-router1)
• Shows DDR interface diagnostics
18
Scalable DDR Configuration
19
Scalable DDR Configuration Topics
Configuring PPP authentication
Dialing multiple simultaneous destinations
using a rotary group
Configuring DDR for IPX
Using snapshot routing to avoid static route
configuration
20
PPP Authentication Overview
Dial_Up orCircuit-Switched
Network
PPP Session Establishment
1 Link Establishment Phase
2 Optional Authentication Phase
3 Network-Layer Protocol Phase
• Two PPP authentication protocols:
PAP and CHAP
21
PPP Authentication Using PAP
Remote Router
(SantaCruz)
Hostname: santacruzPassword: boardwalk
Central-Site Router(HQ)
Username santacruzPassword boardwalk
2-Way Handshake
“santacruz, boardwalk”
Accept/Reject
• Passwords sent in clear text
• Peer in control of attempts
22
PPP Authentication Using CHAP
Remote Router
(SantaCruz)
Hostname: santacruzPassword: boardwalk
Central-Site Router(HQ)
Username santacruzPassword boardwalk
3-Way Handshake
Challenge
Accept/Reject
• Uses encrypted “secret” known only to authenticator and peer
• Authenticator in control of attempts
Response
23
PPP Authentication Commands
Router (config-if) #
ppp authentication chapppp authentication chap
Forces incoming calls to answer password challenges
Router (config-if) #
ppp authentication papppp authentication pap
• Sets password checking for incoming calls
24
PPP Authentication Commands (cont.)
Router (config-if) #
username name password secret-pwdusername name password secret-pwd
Establishes the host name and password used during incoming call verification
Router (config-if) #
dialer map protocol next-hop-address name hostnamedialer map protocol next-hop-address name hostname
• Defines how to reach one or more destinations when using CHAP authentication
25
PPP Authentication Example
131.108.126.1
BR0
PSTNor
ISDNA B
131.108.126.2
RIGHTBR0
E0S0
LEFT
E0
interface s 0 (OR bri 0)ip address 131.108.125.1 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.2 name RIGHT 5552222!hostname LEFTusername RIGHT password cisco
interface s 0 (OR bri 0)ip address 131.108.125.1 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.2 name RIGHT 5552222!hostname LEFTusername RIGHT password cisco
interface s 0 (OR bri 0)ip address 131.108.126.2 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.1 name LEFT 5551111!hostname RIGHTusername LEFT password cisco
interface s 0 (OR bri 0)ip address 131.108.126.2 2255.255.255.0encapsulation pppppp authentication chapdialer map ip 131.108.126.1 name LEFT 5551111!hostname RIGHTusername LEFT password cisco
26
DDR Using Rotary Group Overview
ISDN
TokenRing
TokenRing
Rotary Group
• Several physical interfaces make up a single dialer interface • Use for reaching multiple destinations at the same time
27
Rotary Configuration Overview
Commanddefining
interestingtraffic
Commanddefining
interestingtraffic
Virtual
dialer
Interface
Rotary Group
BR0BR0
BR1BR1
BR2BR2
BR3BR3
DDR call
parameters
DDR call
parameters
Directs interesting
traffic to an
available
interface
• Define interesting traffic to initiate call
• Associate interesting traffic to dialer interface
• Direct call and traffic to an interface
DDRinterfaces
28
DDR Rotary CommandsRouter (config) #
interface dialer number interface dialer number
• Creates a dialer interface used in rotary group configuration
Router (config-if) #
dialer rotary-group number dialer rotary-group number
• Places a physical interface into a dialer rotary group
Router (config-if) #
encapsulation pppencapsulation ppp
• Defines encapsulation type as PPP (required by rotary group DDR)
29
DDR Rotary Example
ISDN
3261111
BRI0
131.108.126.1
131.108.124.0
BRI3
4000
131.108.126.12500-A
171.68.12.0
171.68.14.0
BRI0
BRI02500-B
131.108.126.3
3263333
3262222
30
DDR Rotary Example (cont.)isdn switch-type basic-net3ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.3dialer-list 2 protocol ip permit username 2500-A password cisco username 2500-B password cisco !interface dialer 3id address 131.108.126.1 255.255.255.0encapsulation pppppp authentication chap dialer map ip 131.108.126.2 name 2500-A 3262222dialer map ip 131.108.126.3 name 2500-B 3263333dialer group 2 dialer load-threshold 160dialer fast-idle 15 dialer idle-timeout 120!int bri 0dialer rotary-group 3. .int bri 3dialer rotary-group 3
isdn switch-type basic-net3ip route 171.68.12.0 255.255.255.0 131.108.126.2ip route 171.68.14.0 255.255.255.0 131.108.126.3dialer-list 2 protocol ip permit username 2500-A password cisco username 2500-B password cisco !interface dialer 3id address 131.108.126.1 255.255.255.0encapsulation pppppp authentication chap dialer map ip 131.108.126.2 name 2500-A 3262222dialer map ip 131.108.126.3 name 2500-B 3263333dialer group 2 dialer load-threshold 160dialer fast-idle 15 dialer idle-timeout 120!int bri 0dialer rotary-group 3. .int bri 3dialer rotary-group 3
Set up static routes
Create the virtual interface
PPP encapsulation required
Connect to the interesting traffic definition
160/255=60%
Define interesting traffic
Assign physical interfaces to the rotarygroup for virtual interface 3
31
DDR Rotary Example (cont.)
isdn switch-type basic-net3!ip route 131.108.124.0 255.255.255.0 131.108.126.1dialer-list 2 protocol ip permit hostname 2500-Busername 4000 password cisco !interface bri 0encapsulation pppppp authentication chapip address 131.108.126.1 255.255.255.0dialer-group 2 dialer load-threshold 160dialer map ip 131.108.126.1 name 4000 3261111dialer idle-timeout 120!
isdn switch-type basic-net3!ip route 131.108.124.0 255.255.255.0 131.108.126.1dialer-list 2 protocol ip permit hostname 2500-Busername 4000 password cisco !interface bri 0encapsulation pppppp authentication chapip address 131.108.126.1 255.255.255.0dialer-group 2 dialer load-threshold 160dialer map ip 131.108.126.1 name 4000 3261111dialer idle-timeout 120!
Set up static route Prepare forauthentication on the link
Connect to the interesting traffic definition
Setup details for router and the dealing device
Set idle time before line is disconnected at 2 minutes (120 seconds)
Cisco 2500-B
32
DDR for IPX Overview
SPXKeepaliveWatchdogUpdates
SPXKeepalive
NetWare Server
• Spoofing allows the router to respond while the DDR interface is idle
33
Spoofing Configuration Tasks
1 Turn off route caching
2 Enable SPX spoofing
3 Enable Watchdog spoofing
4 Set SPX idle time
1 Turn off route caching
2 Enable SPX spoofing
3 Enable Watchdog spoofing
4 Set SPX idle time
34
DDR for IPX Example
Network 10
555123410.1234.5678.abcd
Network 20
Ipx route 20 10.1234.5678.abcddialer-list 1 protocol ip denydialer-list 1 protocol ipx permit!interface serial 0 ipx network 10dialer in-banddialer-group-1 no ipx route-cacheipx watchdog-spoofipx spx-spoofipx spx-idle-time 300!dialer map ipx 10.1234.5678.abcd 5551234
Ipx route 20 10.1234.5678.abcddialer-list 1 protocol ip denydialer-list 1 protocol ipx permit!interface serial 0 ipx network 10dialer in-banddialer-group-1 no ipx route-cacheipx watchdog-spoofipx spx-spoofipx spx-idle-time 300!dialer map ipx 10.1234.5678.abcd 5551234
35
Snapshot Routing Overview
RIP/IGRP
ISDN
RIP and SAP
• Allows dynamic distance vector routing protocols to run over DDR
• Reduces overhead of routing updates
36
Snapshot Routing Operation
Active
Period Quiet Period
Active
Period
Exchangeroutingupdates
ExchangeroutingupdatesFreeze routing table
Time (minutes)
37
Snapshot Client/Server Operation
Quite time expiresDial server router
Server Router Routing
Updates
ClientRouter
Send routes
• Client router calls server router during Active Period
• Periodic routing updates sent over LAN interface
38
Step 1 Specify a BRI interface
Step 2 Configure the client router
Step 3 Define a dialer map
Step 1 Specify a BRI interface
Step 2 Configure the client router
Step 3 Define a dialer map
Snapshot Configuration Tasks
Server Router
ClientRouter
ISDN
Step 1 Specify a ISDN interface
Step 2 Configure the server router
Step 1 Specify a ISDN interface
Step 2 Configure the server router
39
Snapshot Routing CommandsRouter (config-if) #
snapshot client active-time quite-time [ suppress-statechange-updates ] [ dialer ]
snapshot client active-time quite-time [ suppress-statechange-updates ] [ dialer ]
Configure client router
Router (config-if) #
snapshot server active-time [ dialer ]snapshot server active-time [ dialer ]
• Configure server router
Router (config-if) #
dialer map snapshot sequence-number [ name name ] dial-stringdialer map snapshot sequence-number [ name name ] dial-string
• Define a dialer map on client router
40
Snapshot Routing Example
Server Router
ClientRouter
ISDN
1-415-555-1212
interface BRI 0
snapshot client 5 7200 dialer
dialer map snapshot 60 name server-router 14155551212
interface BRI 0
snapshot client 5 7200 dialer
dialer map snapshot 60 name server-router 14155551212
interface BRI 0
snapshot server 5 dialer
interface BRI 0
snapshot server 5 dialer
Name
“server-router”
• Active periods must be the same
41
Verifying Snapshot Configuration
client-router # show snapshotBRI0 is up, line protocol is up Snapshot client line state up
Length of active period: 5 minutesLength of quite period: 720 minutesLength of retry period: 8 minutes
Current state: quite, remaining: 390 minutes
client-router # show snapshotBRI0 is up, line protocol is up Snapshot client line state up
Length of active period: 5 minutesLength of quite period: 720 minutesLength of retry period: 8 minutes
Current state: quite, remaining: 390 minutes
client-router # clear snapshot quite-time bri 0client-router # show snapshotBRI0 is up, line protocol is upSnapshot client line state up
Length of active period: 5 minutesLength of quite period: 720 minutesLength of retry period: 8 minutes
client-router # clear snapshot quite-time bri 0client-router # show snapshotBRI0 is up, line protocol is upSnapshot client line state up
Length of active period: 5 minutesLength of quite period: 720 minutesLength of retry period: 8 minutes
Current state: active, remaining/exchange time 4/2 minutes Updates received this cycle: appletalk
42
Dial Backup Configuration
43
Dial Backup Overview
XXPrimary
Auto-dial modem
Secondary
Raises DTR
• A secondary line is available because of primary line loss or high usage
44
Dial Backup Commands Router (config-if) #
backup interface interface-namebackup interface interface-name
Router (config-if) #
backup load { enable-threshold | never } { disable-load | never }backup load { enable-threshold | never } { disable-load | never }
• Specifies load limits for backup use
Router (config-if) #
backup delay { enable-delay | never } { disable-delay | never }backup delay { enable-delay | never } { disable-delay | never }
• Sets response timers for line up/down
• Selects a backup line
45
Dial Backup Example
DSU/CSU DSU/CSU
int s 0
backup interface serial 1
backup delay 40 never
int s 0
backup interface serial 1
backup delay 40 never
Backup load 60 5Backup load 60 5
Primary
Secondary Auto-answer modem
Auto-dial modem
S0
S1
S0
S1
46
Summary
Cisco routers support many
bandwidth-on-demand features including:
Dial-on-demand routing (DDR)
DDR with access lists
Rotary group DDR
DDR for IPX
Snapshot routing
Dial backup