04-10-2008 09:43 AM - edited 03-03-2019 09:30 PM
Hi Guys,
I have some confusion in understanding below backup ISDN dialer list configs:
dialer-list 1 protocol ip list 101
!
access-list 101 deny eigrp any any
access-list 101 permit ip any any
Dialer-list 1 is calling the ACL 101 that is blocking EIGRP traffic that prevents establishing EIGRP neighborship over BRI interface when primary link is working.
I am confused when Primary link will go down how EIGRP will work & exchange routes with neighbor router over BRI interface while acl 101 is blocking the eigrp.
Please help me to understand.
Thanks,
-Amolak
Solved! Go to Solution.
04-10-2008 09:55 AM
Hi,
The dialer list instructs what can bring the BRI interface up and dial out. In your case you don't want EIGRP to bring the interface up so you deny at the top of the ACL and then permit ip any. Once the interface has been triggered and the BRI interface is up, the dialer list does nothing so EIGRP will neighbor with the other side...assuming IP addressing and EIGRP configs are correct.
HTH
04-10-2008 03:07 PM
Amolak:
Your interpretation and understanding of what the access list and dialer list are doing is correct. However, the piece you're missing is that the dialer list is only effective in defining "interesting" traffic.
In this case, according to the dialer list, EIGRP updates are not "interesting" and therefore will not force the BRI interface to come up when the primary link is functioning, as you rightly pointed out. However, once the BRI interface is activated (Let's say as a result of the primary link going down and a default floating static route that points to the ISDN interface taking effect), the floodgates will be opened and everything will then be allowed to pass, including EIGRP packets.
If you wanted to filter traffic after the BRI interface begins passing traffic, a conventional access list must be applied to the BRI interface itself.
HTH
Victor
04-10-2008 09:55 AM
Hi,
The dialer list instructs what can bring the BRI interface up and dial out. In your case you don't want EIGRP to bring the interface up so you deny at the top of the ACL and then permit ip any. Once the interface has been triggered and the BRI interface is up, the dialer list does nothing so EIGRP will neighbor with the other side...assuming IP addressing and EIGRP configs are correct.
HTH
04-10-2008 03:07 PM
Amolak:
Your interpretation and understanding of what the access list and dialer list are doing is correct. However, the piece you're missing is that the dialer list is only effective in defining "interesting" traffic.
In this case, according to the dialer list, EIGRP updates are not "interesting" and therefore will not force the BRI interface to come up when the primary link is functioning, as you rightly pointed out. However, once the BRI interface is activated (Let's say as a result of the primary link going down and a default floating static route that points to the ISDN interface taking effect), the floodgates will be opened and everything will then be allowed to pass, including EIGRP packets.
If you wanted to filter traffic after the BRI interface begins passing traffic, a conventional access list must be applied to the BRI interface itself.
HTH
Victor
04-10-2008 06:11 PM
Victor/Mike,
Thank you very much.
-Amolak
04-10-2008 06:20 PM
Amolak, you're very welcome. And thank you for the rating.
Victor
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide