Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ISDN DDR STAYS UP AL LTHE TIME

I haven't done legacy DDR isdn configs for ages- so am a bit rusty. I have set up a Cisco 800 that connects over isdn to another 800. When I send traffic to the remote 800 (ie ing the remote ethernet i/face for example) it works fine - BRI0 comes up ok (interesting traffic is defined as ip traffic). The dialer idle time is set to 200 secs (I may reduce this later) and the fast idle timer is 60 secs. When I run "debug ip packet" on the local router I can see that loads of 255 broadcast and some mcast traffic seems to be keeping the BRI interface up and running (ie is allowed to start the bri0 interface as it is IP traffic ie "interesting". What is the best way to prevent this from happenning? I use static routes on both 800's - thre is no dynamic routing. Do I need to use the passive command on the local routers ethernet interface to stop this general network noise from keeping the isdn BRI interface constantly up? Or is the "interesting traffic" ACL too generic?

Obviously at it stands this config is going to be costly!

Heres the config

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname LOCAL_800

!

logging buffered 8192 debugging

enable secret 5 XYZ

username xxx password xxx clock timezone GMT 0 clock summer-time BST recurring last Sun Mar 2:00 last Sun Oct 2:00 ip subnet-zero

no ip domain-lookup

interface Ethernet0

ip address A.B.C.D 255.255.255.128

no ip directed-broadcast

interface BRI0

description Link to REMOTE_800

ip unnumbered Ethernet0

no ip directed-broadcast

encapsulation ppp

dialer idle-timeout 200

dialer fast-idle 60

dialer map ip A.B.C.D 00110222

dialer hold-queue 100

dialer load-threshold 200 outbound

dialer-group 1

isdn switch-type basic-net3

ppp authentication chap

hold-queue 75 in !

no ip http server

ip classless

ip route 0.0.0.0 0.0.0.0 Ethernet0

ip route 1.1.11.2 2.1.2.1 255.255.255.248 BRI0

access-list 1 permit any

dialer-list 1 protocol ip permit

Thanks for any pointers..

Peter

3 REPLIES
New Member

Re: ISDN DDR STAYS UP AL LTHE TIME

Hi,

It looks like the 'dialer-list 1 protocol ip permit' is keeping the link up. That is saying basically anything ip keep the link up. I use this command when I want the line to stay up all the time. You should link the dialer-list 1 to a access list where you can get more granular with what you consider interesting or non interesting.

dialer-list 1 protocol ip list

Hall of Fame Super Silver

Re: ISDN DDR STAYS UP AL LTHE TIME

I agree with Bill that a dialer list with protocol ip permit is an invitation to have the dialer permanently active. In a live environment you need to be more restrictive. Bill's suggestion of dialer-list 1 protocol ip list is an excellent place to start. I will suggest that ACL needs to be an extended access list so that you can specify not only source but destination address and protocols as well.

The original post mentions seeing broadcast and multicast traffic as part of what was keeping the link up. If broadcast and multicast should not bring up the link and should not reset the inactivity timer than the access list could include this:

! deny broadcast traffic

access-list 150 deny ip any host 255.255.255.255

! deny multicast traffic

access-list 150 deny ip any 224.0.0.0 15.255.255.255

as you identify other kinds of traffic that are keeping the link up and that you do not want them to you can add more deny statements.

Do remember that access lists end with an implied deny all so that there needs to be some statements with permits.

HTH

Rick

Re: ISDN DDR STAYS UP AL LTHE TIME

Don't forget CDP ....

Chris S

129
Views
0
Helpful
3
Replies