09-07-2007 11:54 AM - edited 03-03-2019 06:39 PM
I have a DLSW router with ISDN DDR. Need to come up with a way to only initiate the call when there is DLSW data traffic.
09-07-2007 01:00 PM
Robert
Is your dialer for DDR configured with dialer-group on the interface which points to a dialer-list? If so configuring the dialer-list to use an access list which would permit only DLSW traffic would be the logical way to only initiate a DDR call to situations where there was DLSW traffic.
HTH
Rick
09-10-2007 04:24 AM
I did appy an access-list on the dialer to allow only port 2065 per cisco's reccomended config. The peers never come active.
09-10-2007 07:06 AM
Robert
Perhaps posting the router config would help us figure out what is happening and to suggest a solution.
HTH
Rick
09-10-2007 07:12 AM
pri router
access-list 151 permit tcp any eq 2065 any
access-list 151 permit tcp any any eq 2065
access-list 151 deny ip any host 255.255.255.255
access-list 151 permit ip any any
main router
dlsw remote-peer 0 tcp x.x.x.x lf 4472 keepalive 0 timeout 90 dynamic
remote router
dlsw remote-peer 0 tcp x.x.x.x keepalive 0 timeout 90 dynamic
access-list 151 permit tcp any eq 2065 any
access-list 151 permit tcp any any eq 2065
access-list 151 deny ip any host 255.255.255.255
access-list 151 permit ip any any
09-10-2007 07:41 AM
Robert
Thanks for the additional information. In looking at the access list other than deny anything that is a broadcast everything else is permitted (you have specific permits for the TCP 2065 traffic and then you have a permit ip any any). So I have a hard time believing that the access list is preventing formation of peer relationship.
If you do show access-list 151 do you see any hit count on the permits for TCP 2065?
Was it forming peer relationship and stopped when you made the configuration changes or has it always had problems forming peer relationship?
HTH
Rick
09-10-2007 07:53 AM
I was seeing no deniels on the acl. It was working before I made changes. Here is the debug output while trying to connect.
10w6d: DLSw: Packet for disconnected dynamic peer 192.168.x.x
10w6d: DLSw: START-TPFSM (peer 192.168.x.x(2065)): event:ADMIN-OPEN CONNECTION state:DISCONN
10w6d: DLSw: dtp_action_a() attempting to connect peer 192.168.x.x(2065)
10w6d: DLSw: END-TPFSM (peer 192.168.x.x(2065)): state:DISCONN->WAIT_WR
10w6d: DLSw: CONN: peer 192.168.x.x async open callback failed, Connection re
fused by remote host [9]
10w6d: DLSw: START-TPFSM (peer 192.168.x.x(2065)): event:TCP-ASYNC OPEN FAILED state:WAIT_WR
10w6d: DLSw: dtp_action_b() close connection for peer 192.168.x.x(2065)
10w6d: DLSw: END-TPFSM (peer 192.168.x.x(2065)): state:WAIT_WR->DISCONN
09-10-2007 07:49 AM
If you are having problems getting the line to come up, I would start with simply access-list 151 permit ip any any. If that doesn't bring the line up, nothing will. You will then know whether you should be looking at your access-list or looking at the config of your dialer.
Kevin Dorrell
Luxembourg
09-10-2007 08:15 AM
Kevin
Welcome back. It has been quite a while since I have seen a post from you on the forum. I am glad to see you back.
Frankly the access list that he has got which denies packets to a broadcast address is almost equivalent to your suggestion since it permits everything else.
Robert
I notice this in the messages that you posted:
10w6d: DLSw: CONN: peer 192.168.x.x async open callback failed, Connection re
fused by remote host [9]
I am not sure about async open callback failed (are you attempting callback?). But the part about Connection refused by remote host is pretty clear that there is an issue on the other end of the connection. Can you provide some information about that router?
HTH
Rick
09-10-2007 08:26 AM
It is the master router for this connection and several other dlsw connections. All which are working.
DLSW config from the master:
source-bridge ring-group 101
source-bridge transparent 101 2 1 1
dlsw local-peer peer-id x.x.x.x
dlsw remote-peer 0 tcp x.x.x.x lf 4472 keepalive 0 timeout 90 dynamic
dlsw icanreach mac-exclusive
dlsw icanreach mac-address xxxx.xxxx.xxxx mask ffff.ffff.ffff
dlsw udp-disable
09-10-2007 08:40 AM
Robert
Thanks for the additional information from the DLSW on the master which all looks quite normal.
I believe that the issue is not so much with the DLSW configuration but is more likely in the DDR configuration. Can you post the DDR configuration from both routers?
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: