How do you configure DLSW over DDR?

Unanswered Question
Sep 7th, 2007

I have a DLSW router with ISDN DDR. Need to come up with a way to only initiate the call when there is DLSW data traffic.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Richard Burts Fri, 09/07/2007 - 13:00

Robert

Is your dialer for DDR configured with dialer-group on the interface which points to a dialer-list? If so configuring the dialer-list to use an access list which would permit only DLSW traffic would be the logical way to only initiate a DDR call to situations where there was DLSW traffic.

HTH

Rick

rbowers Mon, 09/10/2007 - 04:24

I did appy an access-list on the dialer to allow only port 2065 per cisco's reccomended config. The peers never come active.

Richard Burts Mon, 09/10/2007 - 07:06

Robert

Perhaps posting the router config would help us figure out what is happening and to suggest a solution.

HTH

Rick

rbowers Mon, 09/10/2007 - 07:12

pri router

access-list 151 permit tcp any eq 2065 any

access-list 151 permit tcp any any eq 2065

access-list 151 deny ip any host 255.255.255.255

access-list 151 permit ip any any

main router

dlsw remote-peer 0 tcp x.x.x.x lf 4472 keepalive 0 timeout 90 dynamic

remote router

dlsw remote-peer 0 tcp x.x.x.x keepalive 0 timeout 90 dynamic

access-list 151 permit tcp any eq 2065 any

access-list 151 permit tcp any any eq 2065

access-list 151 deny ip any host 255.255.255.255

access-list 151 permit ip any any

Richard Burts Mon, 09/10/2007 - 07:41

Robert

Thanks for the additional information. In looking at the access list other than deny anything that is a broadcast everything else is permitted (you have specific permits for the TCP 2065 traffic and then you have a permit ip any any). So I have a hard time believing that the access list is preventing formation of peer relationship.

If you do show access-list 151 do you see any hit count on the permits for TCP 2065?

Was it forming peer relationship and stopped when you made the configuration changes or has it always had problems forming peer relationship?

HTH

Rick

rbowers Mon, 09/10/2007 - 07:53

I was seeing no deniels on the acl. It was working before I made changes. Here is the debug output while trying to connect.

10w6d: DLSw: Packet for disconnected dynamic peer 192.168.x.x

10w6d: DLSw: START-TPFSM (peer 192.168.x.x(2065)): event:ADMIN-OPEN CONNECTION state:DISCONN

10w6d: DLSw: dtp_action_a() attempting to connect peer 192.168.x.x(2065)

10w6d: DLSw: END-TPFSM (peer 192.168.x.x(2065)): state:DISCONN->WAIT_WR

10w6d: DLSw: CONN: peer 192.168.x.x async open callback failed, Connection re

fused by remote host [9]

10w6d: DLSw: START-TPFSM (peer 192.168.x.x(2065)): event:TCP-ASYNC OPEN FAILED state:WAIT_WR

10w6d: DLSw: dtp_action_b() close connection for peer 192.168.x.x(2065)

10w6d: DLSw: END-TPFSM (peer 192.168.x.x(2065)): state:WAIT_WR->DISCONN

Kevin Dorrell Mon, 09/10/2007 - 07:49

If you are having problems getting the line to come up, I would start with simply access-list 151 permit ip any any. If that doesn't bring the line up, nothing will. You will then know whether you should be looking at your access-list or looking at the config of your dialer.

Kevin Dorrell

Luxembourg

Richard Burts Mon, 09/10/2007 - 08:15

Kevin

Welcome back. It has been quite a while since I have seen a post from you on the forum. I am glad to see you back.

Frankly the access list that he has got which denies packets to a broadcast address is almost equivalent to your suggestion since it permits everything else.

Robert

I notice this in the messages that you posted:

10w6d: DLSw: CONN: peer 192.168.x.x async open callback failed, Connection re

fused by remote host [9]

I am not sure about async open callback failed (are you attempting callback?). But the part about Connection refused by remote host is pretty clear that there is an issue on the other end of the connection. Can you provide some information about that router?

HTH

Rick

rbowers Mon, 09/10/2007 - 08:26

It is the master router for this connection and several other dlsw connections. All which are working.

DLSW config from the master:

source-bridge ring-group 101

source-bridge transparent 101 2 1 1

dlsw local-peer peer-id x.x.x.x

dlsw remote-peer 0 tcp x.x.x.x lf 4472 keepalive 0 timeout 90 dynamic

dlsw icanreach mac-exclusive

dlsw icanreach mac-address xxxx.xxxx.xxxx mask ffff.ffff.ffff

dlsw udp-disable

Richard Burts Mon, 09/10/2007 - 08:40

Robert

Thanks for the additional information from the DLSW on the master which all looks quite normal.

I believe that the issue is not so much with the DLSW configuration but is more likely in the DDR configuration. Can you post the DDR configuration from both routers?

HTH

Rick

Actions

This Discussion