short but easy.
1. generate crypto key
R3(config)#ip domain-name test.com
R3(config)#crypto key generate rsa general-keys modulus 512
The name for the keys will be: R3.test.com
% The key modulus size is 512 bits
% Generating 512 bit RSA keys ...[OK]
R3(config)#
*Nov 25 19:45:10.421: %SSH-5-ENABLED: SSH 1.99 has been enabled
R3(config)#user cisco pas cisco
R3(config)#line vty 0 4
R3(config-line)#login local
R3(config-line)#tra
R3(config-line)#transport in ssh
R3(config-line)#^Z
R3#
test it:
R6#ssh -l cisco 24.1.3.3
Password:
R3>
thats it
cco resorces:
http://www.cisco.com/warp/public/707/ssh.shtml
Sunday, 25 November 2007
IS-IS over Frame Relay
running IS-IS over FR is also not easy task.
I have setup where R3 and R2 connected FR cloud (PVC). connection is confogured using major interface, inverse arp also in place:
R2#
!
interface Serial0/0
ip address 24.1.23.2 255.255.255.0
ip router isis
encapsulation frame-relay
no fair-queue
clockrate 128000
no dce-terminal-timing-enable
!
router isis
net 49.1a33.0000.1801.0202.00
log-adjacency-changes
!
R3#
!
interface Serial0/1/0
ip address 24.1.23.3 255.255.255.0
ip router isis
encapsulation frame-relay
no fair-queue
clockrate 128000
!
router isis
net 49.1a33.0000.1801.0303.00
log-adjacency-changes
!
R2#sho frame map
Serial0/0 (up): ip 24.1.23.3 dlci 203(0xCB,0x30B0), dynamic,
broadcast,
CISCO, status defined, active
R2#sho clns in ser 0/0
Serial0/0 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 36 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x1, local circuit ID 0x2
Level-1 Metric: 10, Priority: 64, Circuit ID: R2.02
DR ID: 0000.0000.0000.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, Priority: 64, Circuit ID: R2.02
DR ID: 0000.0000.0000.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 0
Next IS-IS LAN Level-1 Hello in 7 seconds
Next IS-IS LAN Level-2 Hello in 7 seconds
R2#sho isis nei
System Id Type Interface IP Address State Holdtime Circuit Id
R2#
R3#sho frame map
Serial0/1/0 (up): ip 24.1.23.2 dlci 302(0x12E,0x48E0), dynamic,
broadcast,
CISCO, status defined, active
R3#
R3#
R3#
R3#
R3#sho clns int ser 0/1/0
Serial0/1/0 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 31 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x1, local circuit ID 0x2
Level-1 Metric: 10, Priority: 64, Circuit ID: R3.02
DR ID: 0000.0000.0000.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, Priority: 64, Circuit ID: R3.02
DR ID: 0000.0000.0000.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 0
Next IS-IS LAN Level-1 Hello in 6 seconds
Next IS-IS LAN Level-2 Hello in 3 seconds
R3#sho isis nei
System Id Type
Interface IP Address State Holdtime Circuit Id
R6 L1 Fa0/0 24.1.36.6 UP 29 R3.01
R6 L2 Fa0/0 24.1.36.6 UP 29 R3.01
R3#
Real problem!!!! everything seams ok but no adjacencies build :(
lets debug isis
R2#debug isis adj-packets
R2#
*Apr 20 12:23:50.695: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:51.143: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:23:51.671: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
*Apr 20 12:23:55.111: ISIS-Adj: Sending L1 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:58.467: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:59.479: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
*Apr 20 12:24:00.351: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:24:04.195: ISIS-Adj: Sending L1 LAN IIH on Loopback0, length 1514
*Apr 20 12:24:07.039: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:24:07.979: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:24:08.475: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
R2#
some technologilac background - ISIS is not running on top of IP. it uses own protocol nr xxx.
problem is clear - frame relay map is not mapping clns next hop addresses.
lets help him:
R2(config-if)#frame-relay map clns 203 br
R2(config-if)#
*Apr 20 12:29:41.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Up, new adjacency
*Apr 20 12:29:47.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Down, adjacency type changed
*Apr 20 12:29:48.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Up, new adjacency
R2(config-if)#^Z
R2#sho fr
*Apr 20 12:30:21.175: %SYS-5-CONFIG_I: Configured from console by consolea
R2#sho frame map
Serial0/0 (up): CLNS dlci 203(0xCB,0x30B0), static,
broadcast,
CISCO, status defined, active
Serial0/0 (up): ip 24.1.23.3 dlci 203(0xCB,0x30B0), dynamic,
broadcast,
CISCO, status defined, active
R2#sho isis nei
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L1 Se0/0 24.1.23.3 UP 7 R3.02
R3 L2 Se0/0 24.1.23.3 UP 7 R3.02
R2#
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int ser 0/1/0
R3(config-if)#frame map cln
R3(config-if)#frame map clns 302 br
R3(config-if)#^Z
R3#
*Nov 25 19:28:12.609: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R2 (Serial0/1/0) Up, new adjacency
*Nov 25 19:28:13.521: %SYS-5-CONFIG_I: Configured from console by console
R3#
cisco major interfaces treated as multipoint interfaces by default. thats why we see L1 and L2 adjancencies. on a pure p-t-p interfaces we see only L1L2
R4#sho cln
R4#sho clns int ser 0/0.401
Serial0/0.401 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 12 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x2, local circuit ID 0x100
Neighbor System-ID: R1
Level-1 Metric: 10, Priority: 64, Circuit ID: R4.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 1
Level-2 Metric: 10, Priority: 64, Circuit ID: R4.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 1
Next IS-IS Hello in 1 seconds
if state UP
R4#sho runn int ser 0/0.401
Building configuration...
Current configuration : 134 bytes
!
interface Serial0/0.401 point-to-point
ip address 24.1.14.4 255.255.255.0
ip router isis
frame-relay interface-dlci 401
end
R4#
and finaly different hello is send over ptp and ptmp inerfaces (LAN hello and serial hello).
something from CCO:
http://www.cisco.com/warp/public/97/isis-frint.html
I have setup where R3 and R2 connected FR cloud (PVC). connection is confogured using major interface, inverse arp also in place:
R2#
!
interface Serial0/0
ip address 24.1.23.2 255.255.255.0
ip router isis
encapsulation frame-relay
no fair-queue
clockrate 128000
no dce-terminal-timing-enable
!
router isis
net 49.1a33.0000.1801.0202.00
log-adjacency-changes
!
R3#
!
interface Serial0/1/0
ip address 24.1.23.3 255.255.255.0
ip router isis
encapsulation frame-relay
no fair-queue
clockrate 128000
!
router isis
net 49.1a33.0000.1801.0303.00
log-adjacency-changes
!
R2#sho frame map
Serial0/0 (up): ip 24.1.23.3 dlci 203(0xCB,0x30B0), dynamic,
broadcast,
CISCO, status defined, active
R2#sho clns in ser 0/0
Serial0/0 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 36 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x1, local circuit ID 0x2
Level-1 Metric: 10, Priority: 64, Circuit ID: R2.02
DR ID: 0000.0000.0000.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, Priority: 64, Circuit ID: R2.02
DR ID: 0000.0000.0000.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 0
Next IS-IS LAN Level-1 Hello in 7 seconds
Next IS-IS LAN Level-2 Hello in 7 seconds
R2#sho isis nei
System Id Type Interface IP Address State Holdtime Circuit Id
R2#
R3#sho frame map
Serial0/1/0 (up): ip 24.1.23.2 dlci 302(0x12E,0x48E0), dynamic,
broadcast,
CISCO, status defined, active
R3#
R3#
R3#
R3#
R3#sho clns int ser 0/1/0
Serial0/1/0 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 31 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x1, local circuit ID 0x2
Level-1 Metric: 10, Priority: 64, Circuit ID: R3.02
DR ID: 0000.0000.0000.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, Priority: 64, Circuit ID: R3.02
DR ID: 0000.0000.0000.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 0
Next IS-IS LAN Level-1 Hello in 6 seconds
Next IS-IS LAN Level-2 Hello in 3 seconds
R3#sho isis nei
System Id Type
Interface IP Address State Holdtime Circuit Id
R6 L1 Fa0/0 24.1.36.6 UP 29 R3.01
R6 L2 Fa0/0 24.1.36.6 UP 29 R3.01
R3#
Real problem!!!! everything seams ok but no adjacencies build :(
lets debug isis
R2#debug isis adj-packets
R2#
*Apr 20 12:23:50.695: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:51.143: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:23:51.671: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
*Apr 20 12:23:55.111: ISIS-Adj: Sending L1 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:58.467: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:23:59.479: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
*Apr 20 12:24:00.351: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:24:04.195: ISIS-Adj: Sending L1 LAN IIH on Loopback0, length 1514
*Apr 20 12:24:07.039: ISIS-Adj: Sending L2 LAN IIH on Loopback0, length 1514
*Apr 20 12:24:07.979: ISIS-Adj: Encapsulation failed for L2 LAN IIH on Serial0/0
*Apr 20 12:24:08.475: ISIS-Adj: Encapsulation failed for L1 LAN IIH on Serial0/0
R2#
some technologilac background - ISIS is not running on top of IP. it uses own protocol nr xxx.
problem is clear - frame relay map is not mapping clns next hop addresses.
lets help him:
R2(config-if)#frame-relay map clns 203 br
R2(config-if)#
*Apr 20 12:29:41.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Up, new adjacency
*Apr 20 12:29:47.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Down, adjacency type changed
*Apr 20 12:29:48.923: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R3 (Serial0/0) Up, new adjacency
R2(config-if)#^Z
R2#sho fr
*Apr 20 12:30:21.175: %SYS-5-CONFIG_I: Configured from console by consolea
R2#sho frame map
Serial0/0 (up): CLNS dlci 203(0xCB,0x30B0), static,
broadcast,
CISCO, status defined, active
Serial0/0 (up): ip 24.1.23.3 dlci 203(0xCB,0x30B0), dynamic,
broadcast,
CISCO, status defined, active
R2#sho isis nei
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L1 Se0/0 24.1.23.3 UP 7 R3.02
R3 L2 Se0/0 24.1.23.3 UP 7 R3.02
R2#
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int ser 0/1/0
R3(config-if)#frame map cln
R3(config-if)#frame map clns 302 br
R3(config-if)#^Z
R3#
*Nov 25 19:28:12.609: %CLNS-5-ADJCHANGE: ISIS: Adjacency to R2 (Serial0/1/0) Up, new adjacency
*Nov 25 19:28:13.521: %SYS-5-CONFIG_I: Configured from console by console
R3#
cisco major interfaces treated as multipoint interfaces by default. thats why we see L1 and L2 adjancencies. on a pure p-t-p interfaces we see only L1L2
R4#sho cln
R4#sho clns int ser 0/0.401
Serial0/0.401 is up, line protocol is up
Checksums enabled, MTU 1500, Encapsulation FRAME-RELAY
ERPDUs enabled, min. interval 10 msec.
CLNS fast switching enabled
CLNS SSE switching disabled
DEC compatibility mode OFF for this interface
Next ESH/ISH in 12 seconds
Routing Protocol: IS-IS
Circuit Type: level-1-2
Interface number 0x2, local circuit ID 0x100
Neighbor System-ID: R1
Level-1 Metric: 10, Priority: 64, Circuit ID: R4.00
Level-1 IPv6 Metric: 10
Number of active level-1 adjacencies: 1
Level-2 Metric: 10, Priority: 64, Circuit ID: R4.00
Level-2 IPv6 Metric: 10
Number of active level-2 adjacencies: 1
Next IS-IS Hello in 1 seconds
if state UP
R4#sho runn int ser 0/0.401
Building configuration...
Current configuration : 134 bytes
!
interface Serial0/0.401 point-to-point
ip address 24.1.14.4 255.255.255.0
ip router isis
frame-relay interface-dlci 401
end
R4#
and finaly different hello is send over ptp and ptmp inerfaces (LAN hello and serial hello).
something from CCO:
http://www.cisco.com/warp/public/97/isis-frint.html
Saturday, 17 November 2007
IP over ATM
just before leaving warszawa some info mastering ATM technology.
CCO link about static maping and inarp on ATM technology:
http://www.cisco.com/warp/public/121/routed_rfc1483.html
like FR, ATM has two posibilieties to find next hop ip address:
1. static mapping
interface ATM2/0/0.116 multipoint
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
pvc ip 1/116 protocol ip 10.0.0.2 broadcast
encapsulation aal5mux ip
!
2. inverse arp (inarp)
interface ATM2/0/0.116 multipoint
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
protocol ip inarp broadcast
!
CCO link about static maping and inarp on ATM technology:
http://www.cisco.com/warp/public/121/routed_rfc1483.html
like FR, ATM has two posibilieties to find next hop ip address:
1. static mapping
interface ATM2/0/0.116 multipoint
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
pvc ip 1/116 protocol ip 10.0.0.2 broadcast
encapsulation aal5mux ip
!
2. inverse arp (inarp)
interface ATM2/0/0.116 multipoint
ip address 10.0.0.1 255.0.0.0
no ip directed-broadcast
protocol ip inarp broadcast
!
Friday, 16 November 2007
ppp over ATM
hello from warszawa:)
PPP over ATM is not supported in my LAB so dynamips will help.
info on CCO how to configure ppp termination:
http://www.cisco.com/en/US/products/hw/routers/ps314/products_feature_guide_chapter09186a008007e26a.html
Server is R1
!
interface ATM4/0
no ip address
no atm ilmi-keepalive
pvc 0/102
protocol ppp Virtual-Template1
!
!
interface Virtual-Template1
ip unnumbered Loopback0
peer default ip address pool test_01
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip local pool test_01 10.1.12.2 10.1.12.4
ip classless
!
Client is R2
!
interface ATM4/0
no ip address
no atm ilmi-keepalive
pvc 0/201
dialer pool-member 1
protocol ppp dialer
!
!
interface Dialer0
ip address negotiated
encapsulation ppp
dialer pool 1
dialer persistent
dialer-group 1
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip classless
!
no ip http server
!
!
dialer-list 1 protocol ip permit
!
theoreticaly it must work but in reality not.
after entering clear interface dialer 0 router R2 displays:
*Nov 20 09:35:39.999: Di0 DDR: Dialer cannot nail-up the profile - dialer string not configured
probably because ppp client is not to used on 7200 series.
PPP over ATM is not supported in my LAB so dynamips will help.
info on CCO how to configure ppp termination:
http://www.cisco.com/en/US/products/hw/routers/ps314/products_feature_guide_chapter09186a008007e26a.html
Server is R1
!
interface ATM4/0
no ip address
no atm ilmi-keepalive
pvc 0/102
protocol ppp Virtual-Template1
!
!
interface Virtual-Template1
ip unnumbered Loopback0
peer default ip address pool test_01
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip local pool test_01 10.1.12.2 10.1.12.4
ip classless
!
Client is R2
!
interface ATM4/0
no ip address
no atm ilmi-keepalive
pvc 0/201
dialer pool-member 1
protocol ppp dialer
!
!
interface Dialer0
ip address negotiated
encapsulation ppp
dialer pool 1
dialer persistent
dialer-group 1
!
router ospf 100
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip classless
!
no ip http server
!
!
dialer-list 1 protocol ip permit
!
theoreticaly it must work but in reality not.
after entering clear interface dialer 0 router R2 displays:
*Nov 20 09:35:39.999: Di0 DDR: Dialer cannot nail-up the profile - dialer string not configured
probably because ppp client is not to used on 7200 series.
Wednesday, 7 November 2007
ppp over frame relay authorization
we have first snow in Vilnius this morning :)
Nice link on CCO about ppp chap authentication
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml
Folowing PPPoFR topic today authorized ppp session on server (R6). nothing special, standart ppp auth commands does the job:
R6# (server)
!
username R4 password 0 R4test
!
interface Virtual-Template2
ip address 150.2.46.6 255.255.255.0
ppp authentication chap pap
!
R4# (client)
!
interface Virtual-Template2
ip address 150.2.46.4 255.255.255.0
ppp pap sent-username R4 password 0 R4test
!
Nice link on CCO about ppp chap authentication
http://www.cisco.com/en/US/tech/tk713/tk507/technologies_tech_note09186a00800b4131.shtml
Folowing PPPoFR topic today authorized ppp session on server (R6). nothing special, standart ppp auth commands does the job:
R6# (server)
!
username R4 password 0 R4test
!
interface Virtual-Template2
ip address 150.2.46.6 255.255.255.0
ppp authentication chap pap
!
R4# (client)
!
interface Virtual-Template2
ip address 150.2.46.4 255.255.255.0
ppp pap sent-username R4 password 0 R4test
!
Tuesday, 6 November 2007
ppp over frame relay
This time about ppp over frame relay. very simple configuration (comparing to ppp over ethernet) because on cisco site thereis very nice document describing this functionality.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/pppframe.htm
how it goes:
1. configure virtual-template interface
2. apply this virtual template to frame relay dlci
!
interface Serial0/0.2 point-to-point
frame-relay interface-dlci 406 ppp Virtual-Template2
!
interface Virtual-Template2
ip address 150.2.46.4 255.255.255.0
!
some show commands:
R4#sho int virtual-access 3
Virtual-Access3 is up, line protocol is up
Hardware is Virtual Access interface
Internet address is 150.2.46.4/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: IPCP PPPoFR vaccess, cloned from Virtual-Template2 Vaccess status 0x44 Bound to Serial0/0.2 DLCI 406, Cloned from Virtual-Template2, loopback not set Keepalive set (10 sec) DTR is pulsed for 5 seconds on reset Last input 00:00:01, output never, output hang never Last clearing of "show interface" counters 00:18:25 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 128 packets input, 8984 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 160 packets output, 9354 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions
R4#
next steps within this toppic (ppp over fr):
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/pppframe.htm
how it goes:
1. configure virtual-template interface
2. apply this virtual template to frame relay dlci
!
interface Serial0/0.2 point-to-point
frame-relay interface-dlci 406 ppp Virtual-Template2
!
interface Virtual-Template2
ip address 150.2.46.4 255.255.255.0
!
some show commands:
R4#sho int virtual-access 3
Virtual-Access3 is up, line protocol is up
Hardware is Virtual Access interface
Internet address is 150.2.46.4/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255 Encapsulation PPP, LCP Open Open: IPCP PPPoFR vaccess, cloned from Virtual-Template2 Vaccess status 0x44 Bound to Serial0/0.2 DLCI 406, Cloned from Virtual-Template2, loopback not set Keepalive set (10 sec) DTR is pulsed for 5 seconds on reset Last input 00:00:01, output never, output hang never Last clearing of "show interface" counters 00:18:25 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 128 packets input, 8984 bytes, 0 no buffer Received 0 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 160 packets output, 9354 bytes, 0 underruns 0 output errors, 0 collisions, 0 interface resets 0 output buffer failures, 0 output buffers swapped out 0 carrier transitions
R4#
next steps within this toppic (ppp over fr):
- point-t0-multipoint subinterfaces
- frame-relay over main interfaces
- dynamic assigment of ip address (from ppp and dhcp pools)
- pap and chap authentication
Sunday, 4 November 2007
frame relay
on a Cisco router there two possibilieties to configure frame relay:
- static (using framerelay map and point to point subinterfaces)
- dynamic (using inverse arp)
Simpliest is inverse arp based configuration. inverse arp is responsible for mapping next hop ip addresses to correct DLCIs. inverse arp is enabled by default.
inverse arp on point to multipoint subinterface:
!
interface Serial0/0.2 multipoint
ip address 10.1.13.1 255.255.255.0
no ip route-cache
frame-relay interface-dlci 102
frame-relay interface-dlci 103
!
R1_pod2#sho frame-relay map
Serial0/0.2 (up): ip 10.1.13.2 dlci 102(0x66,0x1860), dynamic,
broadcast,, status defined, active
Serial0/0.2 (up): ip 10.1.13.3 dlci 103(0x67,0x1870), dynamic,
broadcast,, status defined, active
R1_pod2#
Static mapping involves permanent assigments of next hop ip addressess to DLCI values. It is possible to use static mapping on interfaces where inverse arp is used.
!
interface Serial0/1/0.1 multipoint
ip address 10.1.13.3 255.255.255.0
frame-relay map ip 10.1.13.1 301
frame-relay map ip 10.1.13.2 302
frame-relay interface-dlci 301
frame-relay interface-dlci 302
no frame-relay inverse-arp
!
Very important is LMI status messages. by default they send every 10 sec. default behaviour can be changed using:
R3#conf t
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#int ser 0/1/0
R3(config-if)#
R3(config-if)#keepalive 6
R3(config-if)#^Z
R3#
Subscribe to:
Posts (Atom)