Dial-On-Demand Routing on 827 with PPPoA

rino.gelardi · ‎10-01-2003

Hello everyone, first post on the forums and quite new to cisco world. :)

Please forgive my english, it is not my native language. :)

Now my question, i have a 827 with a pppoa dsl line. My provider charges me for the time connection stays up, so i would configure my router to work in dial-on-demand routing. I'have read many threads and many pages here on the cisco website and made a long search on google finding a sort of configuration (see attached) that (according to me!) could be working but it doesn't. All the traffic is considered interesting and the oly counter i can make to work is "ppp timeout idle".

Tks in advance to everyone could help.

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname 827

!

enable secret xxxxx

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

ip subnet-zero

no ip source-route

no ip domain-lookup

ip dhcp excluded-address x.x.x.1 10.0.0.3

!

ip dhcp pool lan

network x.x.x.0 255.0.0.0

default-router x.0.0.1

dns-server x.x.x.100 195.210.92.100

!

interface Ethernet0

ip address x.x.x.1 255.0.0.0

ip nat inside

no cdp enable

hold-queue 4096 in

hold-queue 4096 out

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface Dialer0

bandwidth 640

ip address negotiated

ip idle-group 101 out #doesn'twork

ip nat outside

encapsulation ppp

dialer pool 1 #dialer idle timeout is not considered in "sh caller timeouts"

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname ****

ppp chap password 0 ****

ppp pap sent-username **** password 0 ****

ppp timeout idle 30 inbound

!

ip nat inside source list 100 interface Dialer0 overload

ip nat inside source static tcp 10.0.0.3 4662 interface Dialer0 4662

ip nat inside source static udp 10.0.0.3 4662 interface Dialer0 4662

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

no ip http server

!

access-list 100 permit ip 10.0.0.0 0.255.255.255 any

access-list 101 permit tcp 10.0.0.0 0.255.255.255 any eq ftp

access-list 101 permit tcp 10.0.0.0 0.255.255.255 any eq pop3

access-list 101 permit tcp 10.0.0.0 0.255.255.255 any eq smtp

access-list 101 permit tcp 10.0.0.0 0.255.255.255 any eq www

access-list 101 deny tcp any any eq domain

dialer-list 1 protocol ip list 101

dialer-list 2 protocol ip deny #even with this all traffic is interesting

no cdp run

!

line con 0

stopbits 1

line vty 0 4

password ****

login

!

scheduler max-task-time 5000

end

hbaerten · ‎10-03-2003

Hi,

are you saying that even with dialer-group 2 defined on Dialer0, the connection still stays open after 2 minutes of idle time?

I would suggest to do a "debug dialer packets" to see which packets are keeping the connection open exactly.

BTW, I think you would also need to permit udp domain packets in your list 101, or your dns requests will not push open the line.

hth

Herbert

rino.gelardi · ‎10-03-2003

Hi Herbert, tks for your reply.

I have already done a debug on dialer packets and have discovered that before making connection, interesting traffic is based on internal lan addresses, once the connection is up and the dialer has is own ip address, interesting traffic is based on this one. I've already changed my dialer list to work even with the external address but now it seems there is no dialer idle timeout even if the command is properly configured.

When ia type a "sh caller timeouts" i see no timers.

Another thing i have observed is that typing a "sh dialer" i can't see any active connections when line and protocols are up.

It seems that when dialer makes the call it passes all the work to a virtual access interface that is not configurable nor is based on dialer's settings.

i'm sorry if this sounds obvious to you but this is the first time i work with those routers and some things are not so obvious to me. :)

Bye.