ISDN dialer-list & EIGRP

Answered Question
Apr 10th, 2008
User Badges:

Hi Guys,


I have some confusion in understanding below backup ISDN dialer list configs:


dialer-list 1 protocol ip list 101

!

access-list 101 deny eigrp any any

access-list 101 permit ip any any


Dialer-list 1 is calling the ACL 101 that is blocking EIGRP traffic that prevents establishing EIGRP neighborship over BRI interface when primary link is working.


I am confused when Primary link will go down how EIGRP will work & exchange routes with neighbor router over BRI interface while acl 101 is blocking the eigrp.


Please help me to understand.


Thanks,

-Amolak

Correct Answer by lamav about 9 years 1 month ago

Amolak:


Your interpretation and understanding of what the access list and dialer list are doing is correct. However, the piece you're missing is that the dialer list is only effective in defining "interesting" traffic.


In this case, according to the dialer list, EIGRP updates are not "interesting" and therefore will not force the BRI interface to come up when the primary link is functioning, as you rightly pointed out. However, once the BRI interface is activated (Let's say as a result of the primary link going down and a default floating static route that points to the ISDN interface taking effect), the floodgates will be opened and everything will then be allowed to pass, including EIGRP packets.


If you wanted to filter traffic after the BRI interface begins passing traffic, a conventional access list must be applied to the BRI interface itself.


HTH


Victor



Correct Answer by mike-greene about 9 years 1 month ago

Hi,

The dialer list instructs what can bring the BRI interface up and dial out. In your case you don't want EIGRP to bring the interface up so you deny at the top of the ACL and then permit ip any. Once the interface has been triggered and the BRI interface is up, the dialer list does nothing so EIGRP will neighbor with the other side...assuming IP addressing and EIGRP configs are correct.


HTH



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
mike-greene Thu, 04/10/2008 - 09:55
User Badges:
  • Bronze, 100 points or more

Hi,

The dialer list instructs what can bring the BRI interface up and dial out. In your case you don't want EIGRP to bring the interface up so you deny at the top of the ACL and then permit ip any. Once the interface has been triggered and the BRI interface is up, the dialer list does nothing so EIGRP will neighbor with the other side...assuming IP addressing and EIGRP configs are correct.


HTH



Correct Answer
lamav Thu, 04/10/2008 - 15:07
User Badges:
  • Blue, 1500 points or more

Amolak:


Your interpretation and understanding of what the access list and dialer list are doing is correct. However, the piece you're missing is that the dialer list is only effective in defining "interesting" traffic.


In this case, according to the dialer list, EIGRP updates are not "interesting" and therefore will not force the BRI interface to come up when the primary link is functioning, as you rightly pointed out. However, once the BRI interface is activated (Let's say as a result of the primary link going down and a default floating static route that points to the ISDN interface taking effect), the floodgates will be opened and everything will then be allowed to pass, including EIGRP packets.


If you wanted to filter traffic after the BRI interface begins passing traffic, a conventional access list must be applied to the BRI interface itself.


HTH


Victor



lamav Thu, 04/10/2008 - 18:20
User Badges:
  • Blue, 1500 points or more

Amolak, you're very welcome. And thank you for the rating.


Victor

Actions

This Discussion