Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k

ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMAND ROUTING

Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to discuss Troubleshooting and Configuring Dial on Demand Routing with Cisco expert Zulfiqar Ahmed. Zulfiqar, CCIE# 3960, is part of Technical Assistance Center (TAC) based out of San Jose, California where he currently holds the position of Customer Support Engineer in Access-Cable team. He joined Cisco in 1997 as an engineer in TAC. Feel free to post any questions relating to Troubleshooting and Configuring Dial on Demand Routing. Remember to use the rating system to let Zuliqar know if you’ve received an adequate response.

Zulfiqar might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through June 6. Visit this forum often to view responses to your questions and the questions of other community members.

21 REPLIES
New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hello Zulfiqar:

I have recently purchased 2514 access router. I desire to configure it to my ADSL connection, however I can't seem to be able to make PPP work right. I haven't obtained much useful reference from the web or from Cisco website.

Please advise,

JT

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

JT , you mean connecting an ADSL line directly into the 2514 and doing PPPoA/oE ? This is not doable on a 2500 series router. You will have to have an external DSL modem with the DSL line connected to it and then doing bridging on the 2514 behind the external DSL modem. If you want to connect the DSL line directly to a Cisco DSL router, an 827 box is a better choice :

http://www.cisco.com/pcgi-bin/Support/browse/psp_view.pl?p=Internetworking:PPPoE__PPPoA__PPP_over_Ethernet__PPP_over_ATM&viewall=true

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

With two routers running HSRP and OSPF, the primary router has a frame link out to the core and HSRP is tracking it. the secondary router uses DDR for backup to the core.

Obviously the "backup interface" command can not be applied.

A floating static route on the secondary router brings up the backup connection when the primary fails and it has an ACL denieing OSPF from bringing up the ISDN in the dialer-list.

Problem being, I don't want static routes on the core and edge devices being reditributed accross the network.

Will an "OSPF demand circuit" sort out the mess ?

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

You can avoid the ISDN being brought up by OSPF in this case. Make sure the backup interface is covered by OSPF and put " IP ospf demand-circuit" and " no default peer neighbor-route" under the backup interface(on both the core and the edge router).

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Steve, actually you should not need a floating static route on the backup HSRP router to make its DDR link dialout . When the primary link via primary HSRP router goes down, backup HSRP router tracking primary HSRP one, will take over and will dialout (depending on the dialer list) for the traffic destined to the core. And, its definitely the place where OSPF demand circuit comes handy and fits into the picture. Now, if you are now wondering about /32 PPP host routes being redistributed into OSPF, please see Reason 4 and its three possible solutions at :

http://www.cisco.com/en/US/tech/tk365/tk480/technologies_tech_note09186a008009481b.shtml

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Unfortunately this is one site of 20 that are in the same OSPF area and use the same setup. If i was to make the site a stub to minimise LSA's as reccommended, won't i have to break each site down into it's own area ?

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Steve, recommendation of making an area stuby is not the only solution to minimize LSAs. This is only when there are large number of link flaps on the demand circuit. As an admin if you know your backup link works reliably and you

do not see the primary link or the backup link go up and down too much , then

a demand circuit is just fine even with not being stuby. On the other hand since with 20 such sites you have a big enough OSPF network at hand, I would recommend to open up a TAC case and work with an OSPF expert as you may need careful examination of your routing strategy.

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hi Zulfiqar,

I have a question about dialin. I have 1PRI on a 3640 Router . I make a xot translation. "translate x25 .* tcp 138.191.1.229 port 8023 stream quiet" Now. I will the system upgrade with a 2nd PRI. The idea is, that the user connect to the 2nd number, it should route the packet to a other destination. Is it possible to route a packet with a dialed number ?

thanks

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Martin, so the users connecting to this new PRI will be dialup (Async/isdn) users?

If so, do you want the traffic from those dialup calls to be forwarded out a particular

interface on the 3640? It sounds like something that POLICY ROUTING *could* do for you , but I would appreciate if you could shed more light on your requirement along with uploading a copy of your config if you could (pls remove IPs and passwords).

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

The user connecting with (asynch/isdn)

the traffic from the new PRI should go with xot to a other destination, than the traffic from the old PRI

Interface

X.25 software, Version 3.0.0.

SuperLAT software (copyright 1990 by Meridian Technology Corp).

TN3270 Emulation software.

Primary Rate ISDN software, Version 1.1.

1 Ethernet/IEEE 802.3 interface(s)

31 Serial network interface(s)

30 terminal line(s)

2 Channelized E1/PRI port(s)

Configuration

service pad to-xot

service pad from-xot

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

!

logging buffered 64000 debugging

aaa new-model

aaa authentication login default group tacacs+ line

aaa authentication login modem none

aaa authentication enable default group tacacs+ enable

aaa authorization exec default group tacacs+ if-authenticated

aaa authorization exec modem none

aaa authorization commands 15 default group tacacs+ if-authenticated

aaa accounting commands 15 default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

aaa accounting system default start-stop group tacacs+

!

memory-size iomem 30

clock timezone met 1

clock summer-time met recurring last Sun Mar 2:00 last Sun Oct 2:00

modem country mica switzerland

ip subnet-zero

no ip source-route

!

!

ip tftp source-interface Loopback0

ip domain-name post.ch

!

x29 inviteclear-time none

!

x29 profile post 1:0 2:0 3:0 4:6 5:0 6:0 7:2 8:0 9:0 10:0 12:0

isdn switch-type primary-net5

x25 routing

call rsvp-sync

!

!

!

!

!

!

controller E1 1/0

pri-group timeslots 1-31

description ISDN PRI

!

controller E1 1/1

shutdown

!

!

!

interface Loopback0

ip address

!

interface Ethernet0/0

ip address

half-duplex

no cdp enable

!

interface Serial1/0:15

no ip address

encapsulation x25 dce

no ip route-cache

no keepalive

x25 accept-reverse

isdn switch-type primary-net5

isdn incoming-voice modem

!

interface Group-Async0

no ip address

no ip route-cache

no ip mroute-cache

dialer in-band

async mode interactive

group-range 65 94

!

ip classless

ip route 0.0.0.0 0.0.0.0 ********

ip tacacs source-interface Loopback0

no ip http server

ip pim bidir-enable

!

!

snmp-server community RO 10

snmp-server community RW 11

snmp-server community RO 10

snmp-server trap-source Loopback0

snmp-server location E37 Z-135

snmp-server contact IT251 NOS

no snmp-server enable traps tty

x25 route 1111 xot ***.***.***.***

!

translate x25 .* tcp ***.***.***.***port 8023 stream quiet

translate x25 1111 profile post tcp ***.***.***.*** port 8023 stream quiet

!

dial-peer cor custom

!

!

!

banner exec ^CCC

#### ###### ####### ###### ###### ########

## ## ## ## ## ## # # ##

## ## ## ## ## ## ## ##

## #### #### ####### ## ## #### ##

## ## ## ## ## ## ##

## ## ## ## ## # # ##

#### ###### ## ###### ###### ##

Router tpie17 - cisco 3640

EFTPOS Direkt / Kartengeld

Engehalde / Raum 135 - Rack 008

Unauthorized access is prohibited

^C

banner motd ^CC

Unauthorized access is prohibited

^C

!

line con 0

vacant-message ^CCC

Your L O G I N T I M E is expired!

If you need my services again, hit to call me back.

^C

line 65 94

no motd-banner

no exec-banner

exec-timeout 5 0

flush-at-activation

script modem-off-hook offhook

authorization exec modem

login authentication modem

modem answer-timeout 0

modem InOut

modem autoconfigure type mica

autocommand pad 1111 /profile post /quiet

transport input all

escape-character NONE

line aux 0

vacant-message ^CCC

Your L O G I N T I M E has expired!

If you need my services again, hit to call me back.

^C

line vty 0 4

access-class 20 in

exec-timeout 20 0

vacant-message ^CCC

Your L O G I N T I M E is expired!

If you need my services again, hit to call me back.

^C

transport input telnet

line vty 5 34

session-timeout 5

no motd-banner

no exec-banner

exec-timeout 0 0

!

ntp clock-period 17179346

ntp source Loopback0

end

thanks

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Not being too clear on your X.25 setup, I think you should be able to do that with the following:

username 4085251212 nopassword dnis

username 4085251212 autocommand pad 1111 /profile post /quiet

username 4085251313 nopassword dnis

username 4085251313 autocommand pad 2222 /profile post /quiet

And then you could have corresponding "x.25 route ---- xot" commands .

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hello Zulfiqar;

I have two questions for you.

1. Can an 8 port BRI with NT-1 and a 1 port Channelized T1 module sit in the same 3640 chassis? If so, is there a minium IOS version required?

2. I am having a hard time finding configuration examples of a dialout scenario using the Channelized T1 and an NM-30DM with a 3640. Can you point me in the right direction?

Thank You

Sean

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hi Sean,

(1) Sure. NM-8B-U and NM-1CT1 aresupported in all IOS releases on 3640. If you plan to use NM-1CT1 as ISDN PRI in conjunction with the BRI lines on NM-8B-U, then in order to have multiple ISDN switch types defined on the same box (for BRI and PRI) , you need to have atleast 11.3(3)T code :

http://www.cisco.com/univercd/cc/td/doc/product/software/ios113ed/113t/113t_3/multisdn.htm

(2) Would you dialout as DDR ? Or like using some dialout software on a PC

from the LAN segment ? You could start with the following and see if that helps :

http://www.cisco.com/warp/customer/471/DialOutEZ.shtml

http://www.cisco.com/warp/customer/471/modemdialoutcontroller.html

http://www.cisco.com/warp/customer/471/Non_DDR_callout.html

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_configuration_example09186a0080094559.shtml

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hello Zulfiqar:

I have a Cisco 2651 with a an E1 PRI controller which provides backup to frame-relay PVC's. 2 routers are sited on the LAN which run both EIGRP and HSRP with the dialer watch feature. Up until last week all was OK in that if a frame-relay link went down the dialer watch feature would bring up the relevant dialer. Early this week a frame-relay link went down, the dialer came up but i was unable to ping the remote branch router. Nothing has changed on the routers and i am a little bemused!. I have run debugs and have verified the dialer coming up, PPP auth and negotiation are both fine yet i am unable to ping over the link. After the dialer idle timeout expires the line is brought down fine and i am able to raise it again if i try to ping across the link. I can supply the configs if required.

Any comments would be appreciated.

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Steve, please send the debugs and possibly the config (passwords omitted) along with show ver from this 2651 in question.

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hi Zulfiqar,

Do you have an address where i can mail the configs to as when i add the configs it is in excess of 10,000 characters?

Regards

Steve

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Steve, sure please use zahmed@cisco.com .

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hello

On a router 836 with dsl connection is the time between two connections 25sec .

Can I set a timer to decrease this time?

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Gerd, not sure what two connections you are talking about. Is your DSL line going down for some reason and then coming back up after 25 seconds? How often is this occuring? Could you paste only the interface level configuration from this 836 in question so that I know what we are talking about ?

~Zulfi

New Member

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

Hello Zulfiqar

Yes, I thinh so.

The DLS line doing down for some reason and then comming back up after 25 seconds. Normaly it occur one time a day. The provider disconnect the session.

25 secons are to long for any applications.

Thanks a lot!

interface ATM0

no ip address

atm vc-per-vp 64

no atm ilmi-keepalive

pvc 1/32

pppoe-client dial-pool-number 1

!

dsl operating-mode annexb-ur2

!

interface Dialer1

ip address negotiated

ip access-group 111 in

ip mtu 1492

ip nat outside

ip inspect myfw out

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer remote-name redback

dialer-group 1

ppp authentication pap chap callin

ppp chap hostname xxxxxxxxxxxxxx

ppp chap password 7 xxxxxxxx

ppp ipcp dns request

Bronze

Re: ASK THE EXPERT- TROUBLESHOOTING AND CONFIGURING DIAL ON DEMA

I am not sure if we have too many options here. Also we do not know if there are some extra seconds being consumed in assigning you an IP address via DHCP in IPCP portion of PPP. The only thing I could try based on the assumption if your ISP does CHAP authentication with you instead of PAP, is to reverse the order of pap chap in ppp authentication command, since if they are doing CHAP then it does take a couple of extra seconds to first reject your first option for PAP and then make you do CHAP instead. So do "ppp authen chap pap callin" instead of "ppp authen pap chap callin" and see how that goes. Other than that, it all depends on your ISP.

~Zulfi

47
Views
7
Helpful
21
Replies
CreatePlease to create content