t1 multilink ppp routing

Answered Question
Jan 31st, 2007

I have an adtran 4205 and a cisco 1800 at two offices. I have 2 t1's at each site installed for load balancing, etc dedicated to network traffic only. I used multilink ppp and have the ppp1 interface on each router up, and both t1's on each router showing up. all is fine. for the ppp 1 interfaces on each router, I used 192.168.1 255.255.255.252 and 192.168.1.2 255.255.255.252 respectively. All seems fine there. I can ping and telnet back and forth using those addresses. For the main office router, the important lan range is 10.1.3.x and 10.1.5.x 255.255.0.0 and at the remote site 10.2.4.1 255.255.255.0 Both sides have a seperate firewall which holds the routes for internet traffic on a seperate connection. The main router has 0.0.0.0 0.0.0.0 10.1.3.20 (firwall at main site) and the remove site has 0.0.0.0 0.0.0.0 10.2.4.10 (firewall for remote site)

From REMOTE Test Router: (10.2.4.1 255.255.255.0, 192.168.1.2 255.255.255.252)

ping 10.1.3.5 source 10.2.4.1 request timed out

ping 10.1.3.5 source 192.168.1.2 success!

ping 192.168.1.1 source 10.2.4.1 request timed out

From MAIN Test Router (10.1.3.5 255.255.0.0, 192.168.1.1 255.255.255.252)

ping 10.2.4.1 source 10.1.3.5 expired TTL in transit

ping 10.2.4.1 source 192.168.1.1 request timed out

ping 192.168.1.2 source 10.1.3.5 success!

Is this a static route issue? I even tried configuring the 0.0.0.0 routes as the 192.168.1.x addresses of the other routers, or even 0.0.0.0 0.0.0.0 ppp1 and still cant talk accross to the other LAN. Any suggestions?

I have this problem too.
0 votes
Correct Answer by devang_etcom about 9 years 8 months ago

no problem... you can use it... i think both the way your work will be done...

rate the post if it helps

regards

Devang

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (5 ratings)
Loading.
Richard Burts Wed, 01/31/2007 - 09:47

Spencer

We probably could tell more exactly what the problem is if you would post the output of show ip route from both routers. But it sounds fairly simple from your description. My guess is that the MAIN router does not have a route to 10.2.4.0. Try putting this on the MAIN router:

ip route 10.2.4.0 255.255.255.0 192.168.1.2

Give it a try and let us know if it solves it. If it does not, then please post the output of show ip route.

HTH

Rick

devang_etcom Wed, 01/31/2007 - 09:49

is it possible to post the show run output of both the side... and i want to know about the routing enabled in your network including static and default router configuartion...

regards

Devang

networksavvy Wed, 01/31/2007 - 11:09

Ok, make sure to ignore the HDLC interfaces on the main router. That is the current setup on a swapped out router to keep the remote office up. I have the router in question brought into this office plugged directly into the main router via t1 crossover cables.

Also, I currently dont have anything plugged into the eth port of the remote router - which is why there may not be anything for the 10.2.4 range in its own routing tables. This should not deter my tests trying to ping by IP address of 10.1.4.1 from MAIN to REMOTE, should it?

I also tried adding that static route to the PPP address of the other router. Pinging 10.2.4.1 from 10.1.3.5 still doesn't work.

Thanks again all.

CONT...

networksavvy Wed, 01/31/2007 - 11:11

CONT.

MAIN

ip subnet-zero

ip classless

ip name-server 10.1.3.104

ip routing

ip multicast-routing

ip mcast-stub helper-address 10.1.190.190

no ip firewall alg h323

no ip firewall alg sip

qos map NBX 10

match dscp 46

priority 512

interface eth 0/1

description BR Network

ip address 10.1.3.5 255.255.0.0

no ip proxy-arp

ip mcast-stub upstream

no shutdown

interface eth 0/2

description NBX Phone Network

ip address 10.2.5.1 255.255.255.0

no ip proxy-arp

no shutdown

!

interface t1 3/1

description NO T1 1

tdm-group 1 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/2

description LC T1 1

tdm-group 1 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/3

description BB T1 1

tdm-group 1 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/4

description NO T1 2

tdm-group 1 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/5

description NEW ORLEANS T1 1 TEST

clock source internal

tdm-group 5 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/6

description NEW ORLEANS T1 2 TEST

clock source internal

tdm-group 6 timeslots 1-24 speed 64

no shutdown

!

interface t1 3/7

shutdown

!

interface t1 3/8

shutdown

!

interface ppp 1

ip address 192.168.1.1 255.255.255.252

ip mcast-stub downstream

ip mcast-stub helper-enable

ppp multilink

qos-policy out NBX

no shutdown

cross-connect 5 t1 3/5 5 ppp 1

cross-connect 6 t1 3/6 6 ppp 1

!

interface hdlc 1

description NO T-1 CenturyTel

ip unnumbered eth 0/1

qos-policy out NBX

no shutdown

cross-connect 1 t1 3/1 1 hdlc 1

!

interface hdlc 2

description LC T-1 CenturyTel

ip unnumbered eth 0/1

qos-policy out NBX

no shutdown

cross-connect 2 t1 3/2 1 hdlc 2

!

interface hdlc 3

description BB T-1 CenturyTel

ip unnumbered eth 0/1

ip mcast-stub downstream

ip mcast-stub helper-enable

qos-policy out NBX

no shutdown

cross-connect 3 t1 3/3 1 hdlc 3

!

interface hdlc 4

description NO T-1 Nuvox

ip unnumbered eth 0/1

ip mcast-stub downstream

ip mcast-stub helper-enable

qos-policy out NBX

no shutdown

cross-connect 4 t1 3/4 1 hdlc 4

!

interface hdlc 5

no ip address

shutdown

!

interface hdlc 6

no ip address

no shutdown

!

router rip

version 2

redistribute static

redistribute connected

network 10.2.0.0 255.255.0.0

network 10.1.0.0 255.255.0.0

network 192.168.1.0 0.0.0.3

!

ip access-list extended UDP-FORWARD

permit udp any eq netbios-ns any

permit udp any eq netbios-ss any

permit udp any eq netbios-dgm any

!

ip route 0.0.0.0 0.0.0.0 10.1.3.20

ip route 10.2.4.0 255.255.255.0 192.168.1.2

!

no ip tftp server

ip http server

ip http secure-server

no ip snmp agent

no ip ftp agent

REMOTE

ip classless

ip routing

ip multicast-routing

ip mcast-stub helper-address 10.1.190.190

ip load-sharing per-packet

!

no ip firewall alg h323

no ip firewall alg sip

!

qos map NBX 10

match dscp 46

priority 512

!

interface eth 0/1

description NO LAN

ip address 10.2.4.1 255.255.255.0

ip mcast-stub downstream

ip mcast-stub helper-enable

ip igmp immediate-leave

no shutdown

!

interface eth 0/2

no ip address

shutdown

!

interface t1 1/1

description NO T-1

tdm-group 1 timeslots 1-24 speed 64

no shutdown

!

interface t1 2/1

tdm-group 2 timeslots 1-24 speed 64

no shutdown

!

interface ppp 1

ip address 192.168.1.2 255.255.255.252

ip mcast-stub upstream

ppp multilink

qos-policy out NBX

no shutdown

cross-connect 1 t1 1/1 1 ppp 1

cross-connect 2 t1 2/1 2 ppp 1

!

router rip

version 2

network 10.2.2.0 0.0.0.255

network 192.168.1.0 0.0.0.3

!

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip route 10.1.0.0 255.255.0.0 192.168.1.1

networksavvy Wed, 01/31/2007 - 11:13

SHOW IP ROUTES

MAIN

Codes: C - connected, S - static, R - RIP, O - OSPF, B - BGP

IA - OSPF inter area, N1 - OSPF NSSA external type 1

N2 - OSPF NSSA external type 2, E1 - OSPF external type 1

E2 - OSPF external type 2

Gateway of last resort is 10.1.3.20 to network 0.0.0.0

S 0.0.0.0/0 [1/0] via 10.1.3.20, eth 0/1

C 10.1.0.0/16 is directly connected, eth 0/1

R 10.2.1.0/24 [120/1] via 10.2.1.1, hdlc 2

R 10.2.2.0/24 [120/1] via 10.2.2.1, hdlc 4

R 10.2.3.0/24 [120/1] via 10.2.3.1, hdlc 3

S 10.2.4.0/24 [1/0] via 192.168.1.2, ppp 1

C 10.2.5.0/24 is directly connected, eth 0/2

C 192.168.1.0/30 is directly connected, ppp 1

C 192.168.1.2/32 is directly connected, ppp 1

REMOTE

Codes: C - connected, S - static, R - RIP, O - OSPF, B - BGP

IA - OSPF inter area, N1 - OSPF NSSA external type 1

N2 - OSPF NSSA external type 2, E1 - OSPF external type 1

E2 - OSPF external type 2

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

S 0.0.0.0/0 [1/0] via 192.168.1.1, ppp 1

S 10.1.0.0/16 [1/0] via 192.168.1.1, ppp 1

C 192.168.1.0/30 is directly connected, ppp 1

C 192.168.1.1/32 is directly connected, ppp 1

Richard Burts Wed, 01/31/2007 - 11:17

Spencer

Before I even start to look at the configuration material that you posted, I think we need to clarify your comment about the Ethernet of the remote router. Did I understand correctly that there is nothing plugged into it? If there is nothing plugged into it, then the interface is most likely in the line is up, line protocol is down state. And if the line protocol is down then this does in fact explain your issue. If the interface for 10.2.4.1 is line protocol down then attempts to ping to it or attempts to ping from it will fail.

Before we go further with this you need to get something in to it so that it is protocol up.

[edit: I just saw the message that you posted which includes the show ip route from both routers. This confirms what I have said. There is no route for 10.2.4.0 as a connected interface. This indicates that the interface is almost surely in the protocol down state. And this IS the problem. Get the interface up and up before we try to do anything else. Devang's suggestion of creating a loopback on the remote router and assigning 10.2.4.1/24 to the loopback would be a quick way to test - you probably need to remove the address from the Ethernet before you try to put it on the loopback.]

HTH

Rick

devang_etcom Wed, 01/31/2007 - 11:17

yes do one thing configure the loopbakc address with the one of the ip address from 10.2.4.x for testing purpose... and then try to ping...

devang_etcom Wed, 01/31/2007 - 11:20

it means create loopback interface and then assign ip address of 10.2.4.x series...

# interface loopback n

# ip address 10.2.4.x subnetmask

regards

Devang

networksavvy Wed, 01/31/2007 - 13:08

It's working!! You guys were right, nothing plugged in - no responses. Thanks a ton. I could have swore that I had configured eth int on routers before with just an ip and was able to ping from the neighboring router. Must have been a brain fart!

One question. Are there any dis/advantages to using ppp1 in the route instead of the actual opposite interface?

Thanks again guys, much appreciated.

Correct Answer
devang_etcom Wed, 01/31/2007 - 13:26

no problem... you can use it... i think both the way your work will be done...

rate the post if it helps

regards

Devang

networksavvy Wed, 01/31/2007 - 14:23

One other thing now. I cannot ping from one branch LAN to another branch LAN through MAIN. RIP is properly distributing. But, I'm now trying to ping over the ppp1 to hdlc interfaces. IE: From the new 10.2.4.x network pinging to LC at 10.2.1.1 - I get response. But, if I ping a known host - I dont. From the LC router, I cannot ping 10.2.4.1 or anything else on the .4 network. What kind of static route will I have to add to LC router to let it know that 10.2.4.x is 2 hops away through main? Note: All across-office pinging works now on the production single t1 setup using 100% hdlc. It's not working right now with the mppp example from above.

Thanks!

devang_etcom Wed, 01/31/2007 - 15:03

i am not clear with your explanation will you please explain it in more details or with some diagaram so i can help you out...

regards

Devang

networksavvy Wed, 01/31/2007 - 17:55

Sorry - let me clarify. Will I have to add static routes to any of the routers for the 10.2.4.1 router to be able to communicate with the routers that are connected to the 10.1.3.5 over the HDLC links?

All of the other sites connect to the MAIN BR router in a hub and spoke... I am just wondering if the configuration that I got working in the office will share RIP information over the PPP link about the sites that the 10.2.4.1 router doesn't know about, but that the 10.1.3.5 does?

I can't test that as I am in the main office, and will be driving out to switch the router with the tested one at the remote office in the morning.

Richard Burts Wed, 01/31/2007 - 19:24

Spencer

With most dynamic routing protocols you should not need to configure any static routes. Assuming that you have network statements in the routing protocol for the PPP link and for the LAN/loopback interfaces then the protocol should advertise all the subnets to all the routers and everything should be reachable.

There is an issue when the protocol is RIP version 1. RIP is a classful routing protocol and one important thing that means is that RIP will summarize over network boundaries. What that means in practical terms is that if 10.2.4.0 is the LAN and 192.168.1.0 is the PPP, then RIP will only advertise a summary route for 10.0.0.0 over the PPP. And this means that the MAIN will not see a route to 10.2.4.0. With RIP version 2 you have an option to configure no summarization which would resolve the issue. So if you add the command under router rip to turn off automatic summarization you should be ok.

I did notice in the config that you posted for remote this:

router rip

version 2

network 10.2.2.0 0.0.0.255

I assume that it is a typo mistake that the network statement should be for 10.2.4.0 rather than 10.2.2.0.

HTH

Rick

networksavvy Wed, 01/31/2007 - 20:18

Yes, I did notice that earlier and corrected on the router before I unplugged. I am thinking with all my rip statements being correct, I will be good to go when I'm on site. I will definitely post an update tomorrow afte the swap to let you all know what happens. Thanks again, you have been extremely helpful. Have a great night!

Richard Burts Wed, 01/31/2007 - 20:30

Spencer

The config that you posted does not turn off auto summarization. The design that you are using with 10.1.x.x on one side and 10.2.4.x on the other side with 192.168.1.0 in the middle is technically described as discontiguous network and with auto summarization it is an issue.

Unless you turn off auto summarization you will not be good to go when you get to the remote site.

HTH

Rick

networksavvy Thu, 02/01/2007 - 06:00

I just made the swap. Everything is fine except for the new site pinging other branch sites. I cannot ping hosts on the remote LAN or the remote router. If I add a route on the new remote router as 10.2.1.0 255.255.255.0 192.168.1.1(mains IP), I can ping the remote router from remote, but still not hosts. Does this make sense? Which routers will I have to disable autosummarization to have this work?

EDIT: Actually, just ran show ip protocols to see if it was enabled on existing remote, main, and new remote and will display results in that order. It says that auto net summarization is not in effect?

LC REMOTE

Routing protocol is "rip"

Sending updates every 30 seconds, next due in 5 seconds

Invalid after 180 seconds, hold down time is 120 seconds

Redistributing: rip

Default version control: send version 2, receive version 2

Interface Send Ver. Rec Ver.

eth 0/1 2 2

hdlc 1 2 2

Routing for networks:

10.2.0.0/16

10.1.0.0/16

Automatic network summarization is not in effect

MAIN

Routing protocol is "rip"

Sending updates every 30 seconds, next due in 18 seconds

Invalid after 180 seconds, hold down time is 120 seconds

Redistributing: rip, static, connected

Default version control: send version 2, receive version 2

Interface Send Ver. Rec Ver.

eth 0/1 2 2

eth 0/2 2 2

hdlc 2 2 2

hdlc 3 2 2

Routing for networks:

10.2.0.0/16

10.1.0.0/16

192.168.1.0/0

Automatic network summarization is not in effect

Routing protocol is "bgp 0"

NEW REMOTE

Routing protocol is "rip"

Sending updates every 30 seconds, next due in 17 seconds

Invalid after 180 seconds, hold down time is 120 seconds

Redistributing: rip

Default version control: send version 2, receive version 2

Routing for networks:

10.2.2.0/0

192.168.1.0/0

Automatic network summarization is not in effect

Routing protocol is "bgp 0"

Not sure why two of them have BGP enabled, dont think that would hurt through.

Thanks,

Spencer

devang_etcom Thu, 02/01/2007 - 06:03

so what are the output of both side show ip route...

you are having still same IP addressing right...

devang

networksavvy Thu, 02/01/2007 - 06:11

Sorry, got rid of the 10.2.4. and replaced it with the production of 10.2.2. for ease.

SH IP ROUTES of

NEW REMOTE 10.2.2.1, 192.168.1.2

Gateway of last resort is 10.2.2.10 to network 0.0.0.0

S 0.0.0.0/0 [1/0] via 10.2.2.10, eth 0/1

S 10.1.0.0/16 [1/0] via 192.168.1.1, ppp 1

S 10.2.1.0/24 [1/0] via 192.168.1.1, ppp 1

C 10.2.2.0/24 is directly connected, eth 0/1

C 192.168.1.0/30 is directly connected, ppp 1

C 192.168.1.1/32 is directly connected, ppp 1

MAIN MIDDLE 10.1.3.5, 192.168.1.1

S 0.0.0.0/0 [1/0] via 10.1.3.20, eth 0/1

C 10.1.0.0/16 is directly connected, eth 0/1

R 10.2.1.0/24 [120/1] via 10.2.1.1, hdlc 2

S 10.2.2.0/24 [1/0] via 192.168.1.2, ppp 1

R 10.2.3.0/24 [120/1] via 10.2.3.1, hdlc 3

C 10.2.5.0/24 is directly connected, eth 0/2

C 192.168.1.0/30 is directly connected, ppp 1

C 192.168.1.2/32 is directly connected, ppp 1

EXISTING REMOTE 10.2.1.1

Gateway of last resort is 10.1.3.5 to network 0.0.0.0

R 0.0.0.0/0 [120/1] via 10.1.3.5, hdlc 1

R 10.1.0.0/16 [120/1] via 10.1.3.5, hdlc 1

C 10.2.1.0/24 is directly connected, eth 0/1

R 10.2.2.0/24 [120/1] via 10.1.3.5, hdlc 1

R 10.2.3.0/24 [120/2] via 10.1.3.5, hdlc 1

R 10.2.5.0/24 [120/1] via 10.1.3.5, hdlc 1

R 192.168.1.0/30 [120/1] via 10.1.3.5, hdlc 1

networksavvy Thu, 02/01/2007 - 06:19

Update: I can ping from existing remote(10.2.1 to new remote through the RIP advertisements that it learned about 10.2.2 over HDLC1 interface. I still cannot ping from 10.2.2 to 10.2.1 network even with the static route i added to send it to 192.168.1.1

devang_etcom Thu, 02/01/2007 - 06:19

from routing table you shoud be able to ping the remote router as your main and new remote is directly connected but the problem with the remote host is ... look at your new remote host routing table there is no any information about the 10.1.3.0 (main router lan) so your routing table of the remote host need to have this entry... as you are having one main and two different remote site, your configuration is not looks to be an identical... and i think this bgp configuration from your new remote and the main side is i think not usefull...

rate the post if it helps

regards

Devang

networksavvy Thu, 02/01/2007 - 06:33

There she goes. Looks like it took some finagling with the route I had already added. The 10.1.3.5 route that you didnt see - falls under the 10.1.0 network though I thought? It must, because it's all working!

devang_etcom Thu, 02/01/2007 - 06:35

you you all done all site is connected with each other right you got the full reachability

regards

Devang

Actions

This Discussion