cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
514
Views
0
Helpful
6
Replies

Question on migration from a Cisco 2501 to a Cisco 1841

brenteverett
Level 1
Level 1

Hello All! I'm in the process of configuring my newly purchased Cisco 1841 router with a T1 WIC (WIC-1DSU-T1-V2) that will be connected to a remote site and an Avaya G350 media gateway (with a WAN module). My questions have to do with how it's currently configured and what part of the config I keep and what part of the config I discard. Currently we have a 2501 on our site and a 2501 on the remote site, both with external AT&T Paradyne 3162 DSU/CSU. There's also an AT&T Integration Multiplexer 500 on both ends of the connection. See the attached diagram for a better description. Basically when I fnish the conversion both the external DSU/CSU's will be gone and the AT&T Mux devices will be gone. What's bothering me is this part of our config:

stun peer-name 10.4.0.1

stun protocol-group 9 basic

!

interface Loopback0

ip address 10.4.0.1 255.255.0.0

This setting is on both existing 2501's however I'm not sure if it's there because of the AT&T Mux devices or because of our IBM AS/400? I'm sorry that's so much info but I'm having trouble understanding those settings, any thoughts?

1 Accepted Solution

Accepted Solutions

Allen

It is helpful to see the old config. Based on this I see no reason not to remove the loopback interface since it is not being used for anything else in this config.

And looking at the config confirms that you are no longer doing STUN. There are still the commands in global config but there would have been some more commands on a serial interface if it were still being done. So I think even more positively that you can remove the stun commands.

HTH

Rick

HTH

Rick

View solution in original post

6 Replies 6

Richard Burts
Hall of Fame
Hall of Fame

Allen

The config commands for STUN are almost certainly there for the AS/400 (which sounds like it is processing IBM SNA) and not for the Mux. And the loopback address is used by STUN. So unless the functionality of the AS/400 has changed and it is no longer processing SNA then the STUN config needs to remain in the config.

Note that STUN is supported only in certain feature sets. Make sure that your IOS image on the 1841s is a feature set that does have support for STUN.

HTH

Rick

HTH

Rick

Thanks for you help with this, I spoke to a couple of our IBM guys and we are no longer using SNA (we were about 5 years ago) and I'm guessing this is left over command from that. It's a good thing because I'm fairly sure our IOS image didn't support STUN as I couldn't find the commands on it. In regards to the loopback address should I leave that as is? Usually the loopback address is 127.0.0.1 but I'm guessing it's a little different in this case.

Allen

If the AS/400 is no longer doing SNA (and increasingly that is what many organizations are doing) then you do not need the STUN commands.

Without knowing what is in the configuration it is difficult to say what to do about the loopback interface. If the only thing it was used for was STUN then it can be removed. If it was used for anything else then it should remain.

I think you may be a bit confused about the loopback. The loopback interface on a router is not quite the same thing as a loopback address used by many hosts. The host loopback address is frequently 127.0.0.1 but that is not the same as a loopback interface on a Cisco router. The Cisco loopback interface is a virtual interface (there is no physical implementation of the interface) which can take an IP address like other interfaces do. The address on the loopback can be accessed through any of the physical interfaces. The major advantage of the loopback interface is that it removes any physical dependency. For example your network management might want to ping a router to determine whether it was up or down. If you ping a serial interface (or an Ethernet interface or any other physical interface) and that interface was down then it would look like the entire router was down. But if you ping the loopback interface and the interface has any active physical interface then it can get to the loopback and the router will report as up.

The loopback interface was used for peering with STUN. In many of today's networks loopback interfaces might be used for peering in IPSec VPNs, or it might be used as the source address of network management or syslog messages, it might be used as the source address of authentication requests to TACACS or Radius, it usually becomes the router ID in OSPF or BGP, or a number of other things.

So it would require looking through the config to see whether you need to retain the loopback interface.

HTH

Rick

HTH

Rick

Thanks for your help with this Rick, here's the current config on the 2501:

version 11.1

service slave-log

service password-encryption

service udp-small-servers

service tcp-small-servers

!

hostname router

!

clock timezone EST -5

enable password 7 ******

!

ip subnet-zero

ip domain-list *****

ip domain-list *****

ip dhcp-server 10.1.1.50

ip dhcp-server 10.1.1.17

!

stun peer-name 10.4.0.1

stun protocol-group 9 basic

location ******

!

interface Loopback0

ip address 10.4.0.1 255.255.0.0

!

interface Ethernet0

ip address 10.1.1.110 255.255.0.0

ip helper-address 10.1.1.50

ip helper-address 10.1.1.17

no ip mroute-cache

no ip route-cache

!

interface Serial0

description point-to-point T1 CH 1-23

ip address 10.2.1.110 255.255.0.0

ip helper-address 10.1.1.50

ip helper-address 10.1.1.17

no ip mroute-cache

no ip route-cache

!

interface Serial1

description DLCI 100 PVC=T1 CIR=768

no ip address

no ip mroute-cache

encapsulation frame-relay

no ip route-cache

shutdown

!

interface Serial1.1 point-to-point

description DLCI 110 PVC=256 CIR=128

ip address 10.6.1.110 255.255.0.0

no ip mroute-cache

no ip route-cache

shutdown

frame-relay interface-dlci 110

!

interface Serial1.2 point-to-point

description DLCI 120 PVC=512 CIR=256

ip address 10.7.1.110 255.255.0.0

no ip mroute-cache

no ip route-cache

bandwidth 256

shutdown

frame-relay interface-dlci 120

!

interface Serial1.3 point-to-point

description DLCI 977 Frame Relay CNMS

ip address 204.159.60.166 255.255.255.0

no ip mroute-cache

no ip route-cache

shutdown

frame-relay interface-dlci 977

!

router rip

network 10.0.0.0

!

ip host siteb 10.3.1.110

ip domain-name *****

ip name-server 10.1.1.26

ip name-server 10.1.1.27

ip classless

ip route 0.0.0.0 0.0.0.0 10.1.1.120

ip route 10.3.0.0 255.255.0.0 10.2.1.111

ip route 10.9.0.0 255.255.0.0 10.1.1.120

ip route 10.20.0.0 255.255.0.0 10.1.1.120

ip route 10.30.0.0 255.255.0.0 10.1.1.120

ip http server

logging console critical

logging trap notifications

logging 10.1.1.40

!

snmp-server community public RO

snmp-server chassis-id *****

banner motd

This is an official computer system of ******. It is for authorized users only. Unauthorized users are prohibited. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy.

!

line con 0

password 7

login

line aux 0

transport input all

line vty 0 4

password 7

login

line vty 5 15

password 7

login

!

end

I edited out some of the sensitive stuff but everything else is the same

Allen

It is helpful to see the old config. Based on this I see no reason not to remove the loopback interface since it is not being used for anything else in this config.

And looking at the config confirms that you are no longer doing STUN. There are still the commands in global config but there would have been some more commands on a serial interface if it were still being done. So I think even more positively that you can remove the stun commands.

HTH

Rick

HTH

Rick

Allen

I am glad that my responses were helpful. Thank you for using the rating system to indicate that your issue was resolved (and thanks for the rating). It makes the forum more useful when people can read an issue and can know that there were responses which did resolve the issue.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: