Does anyone have thoughts on the most reliable way of bringing up an ISDN link for frame relay back up?
My issue is Im using a floating static route (prob the most deployed method) to inject a route into the routing table once the primary frame relay connection goes down. Because the floating static route needs to be a blanketed (very general) statement, for example something that includes the entire 10.0.0.0 network, rouge traffic from a remote site can cause the ISDN to dial when frame relay is still active.
What methods are out there to prevent random traffic to addresses that fall outside of those learned through the dynamic routing protocol?
I'm familar with dialer watch, but are there others?
Are you saying that the criteria needs to be broad in scope because you don't want to make it specific or because you are just under the impression that it has to be? I have done DDR using international dialup and satellite dialup where we were, to say the least, specific about what traffic brought up the connection. The floating static route and the criteria for interesting traffic are two different issues. You can have a very broad (even default) route pointing to a dialer and a very specific access list to allow/disallow traffic.
Also remember that as long as the static route is floating, it isn't in the routing table. Hence, there shouldn't be any risk that the ISDN will be brought up. It stays in a spoofing mode as long as the primary route is active in the table.
Since you're using a 10.0.0.0/8 floating static, and rogue traffic from remote sites is bringing up the ISDN it sounds like this route really isn't floating and is always in your routing table. This could happen when hosts at the remote sites send traffic to 10.x.x.x networks that you aren't learning dynamic routes for over the primary line, thus this traffic is taking the next best route over the ISDN. This would be the 'rogue traffic' you described.
You could change your dialer-list to reference an access-list so only traffic destined to your valid networks brings up the ISDN.
If you want to move away from the floating static route method, you could use the backup interface method like the previous poster mentioned. With frame, backup interface is more reliable with using the Frame-Relay End-To-End Keepalive (FREEK) feature (both ends have to be Cisco).
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...