Hi all, I am a little confused when it comes to BRI/PRI sppofing itself.
I found this information on another forum:
"The layer 2 protocol does not have a peer to communicate with when there is no phone call / connection established. Normally, the absence of a layer 2 peer would cause the protocol to go 'down.'
Here, "spoofing" infers that they layer 2 protocol is being 'fooled' internally to think that there is a connection to a peer when in fact there is no connection, because there hasn't been any phone call placed yet.
When you establish the connection, the 'spoofing' should go away because a real layer 2 peer will now be available to keep the protocol 'up.'"
My question is, why does the layer 2 protocol need to be 'fooled' in the first place? What would be the problem if the layer 2 protocol knew that the line protocol was down?
My thought is that perhaps it would think that the connection is broken therefore unusable which in turn would ruin the idea of using it as a dial backup. Is that at all correct?
Your understanding is pretty close to exact. Lets start from a basic operation in IOS: if an interface is up then IOS puts the subnet of that interface into the routing table as a connected subnet and IOS now knows that it can get to anything within that subnet by going through that interface. In IOS when an interface goes down, then IOS removes the subnet of that interface from the routing table and does not use that interface to get anything in that subnet.
If we understand that basic operation then we can better understand the spoofing of the BRI. If there is no call active on the BRI then there is no layer 2 (data link layer) connectivity and the interface would normally be down and therefore the subnet would be removed from the routing table. And therefore the BRI would not function for dial backup because the IOS does not think that it can reach anything through the BRI because it is not in the routing table.
So the BRI spoofs. It acts like it is up even when it is logically down. It remains in the routing table even though there is really no layer 2 connection. And so dial backup works because the BRI is spoofing.