Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

Do I need DLSW ER ?

scenario 1 : pls see attached file "TWO router one 400 card.JPG".

Do I need config DLSW ER on DLSW-1 and DLSW-2 ?

scenario 2 : pls see attached file "TWO router two 400 card.JPG" .

Two AS/400 ethernet has duplicate mac-address. Of course,they resides on different VLAN. Can I config it like this:

DLSW-3 router:

dlsw local-peer peer-id 10.2.19.1

dlsw remote-peer 0 tcp 10.2.24.2 circuit weight 20

dlsw remote-peer 0 tcp 10.2.20.1 circuit weight 10

dlsw load-balance circuit-count

DLSW-1 router:

dlsw local-peer peer-id 10.2.24.2 cost 1 promiscuous

DLSW-2 router:

dlsw local-peer peer-id 10.2.20.1 cost 1 promiscuous

scenario 3 : pls see attached file "two center router and remote router.JPG" .

Is it right that add DLSW ER on DLSW-3 AND DLSW-4 router based on config of scenario 2.

any comments is appreciated!

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Do I need DLSW ER ?

Hi,

i assume the as/400 is the "host" in this scenario and the sna server is the "remote client".

scenario 1:

We do not support dlsw ER on the host end.

Why?

Ethernet today means you use a ethernet switch which

makes it necessary to configure dlsw ER with mac address mapping. If you do this on the host end you need to map the mac addresses of the clients. If you have only one sna server you can do this.

However if you have 600 clients in your network you would need to create 600 map statements.

Scenario2 is much prefered for the host end attachment of two dlsw routers.

Scenario2.

Yes you can configure it like you have stated. If the

two ethernet interfaces of the host are equal than you dont need the circuit weight at all. Just two peers and the dlsw load-balance command. You should add a

dlsw timer explorer-wait-time 2

on router dlsw-3.

this makes sure that the router waits 2 seconds to get all responses back to the canureach frame and then caches the results before making a decision which peer to use.

It is the typical scenario we have in a lot of networks today.

Scenario3:

This is the recommended scenario for dlsw ER. Dlsw ER

is configured on the branch router, mapping the mac

address of the host. Typically there are only a limited number of host mac addresses.

Router3 and router4 are configured peer wise like scenario2 and on the ethernet you have the dlsw ER

configuration.

thanks...

Matthias

22 REPLIES
Cisco Employee

Re: Do I need DLSW ER ?

Hi,

i assume the as/400 is the "host" in this scenario and the sna server is the "remote client".

scenario 1:

We do not support dlsw ER on the host end.

Why?

Ethernet today means you use a ethernet switch which

makes it necessary to configure dlsw ER with mac address mapping. If you do this on the host end you need to map the mac addresses of the clients. If you have only one sna server you can do this.

However if you have 600 clients in your network you would need to create 600 map statements.

Scenario2 is much prefered for the host end attachment of two dlsw routers.

Scenario2.

Yes you can configure it like you have stated. If the

two ethernet interfaces of the host are equal than you dont need the circuit weight at all. Just two peers and the dlsw load-balance command. You should add a

dlsw timer explorer-wait-time 2

on router dlsw-3.

this makes sure that the router waits 2 seconds to get all responses back to the canureach frame and then caches the results before making a decision which peer to use.

It is the typical scenario we have in a lot of networks today.

Scenario3:

This is the recommended scenario for dlsw ER. Dlsw ER

is configured on the branch router, mapping the mac

address of the host. Typically there are only a limited number of host mac addresses.

Router3 and router4 are configured peer wise like scenario2 and on the ethernet you have the dlsw ER

configuration.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Matthias,

thanks for your reply.

If DLSW ER is not supported on the host end,is there any loop or incorrect reachability like document of DLSW ER said because same remote mac-address will come from DLSW-1 and DLSW-2?

If so,how to config in scenario 1 ?

thanks!

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

for scenario1:

The most clean way to use it is dlsw/vdlc/snasw together on the head end router and do appn EE upstream to the host. That way you have only pure ip (udp) traffic on the ethernet in front of the host.

I know that it requires some prerequisites at the host end and not everybody can just simply flip the switch and do it.

Also if you can use snasw you can also think about the extra money for the licenses and put a router running snasw directly into the branch eliminating dlsw alltogether on the wide area network.

the second best way is to configure tradditional dlsw with bridge-groups and apply a bridge-group 1 input-address-list 700 filter to the two dlsw routers on the common ethernet.

access-list 700 would ONLY permit the mac address/addresses of your host/hosts.

That way you can not have a loop from dlsw router1 to dlsw router2 and so on.

However one of the problems you can have even with the access list is if your end system brings up multiple circuits on different sap's. And if you would end up to bring up, from the branch, one circuit to head-end1 and the next one to head-end2.

In that case you get issues with the cam table of the head end switches since both head end routers are doing local ack and would send frames into the switch with the source address of the remote client. The cam table, in any given vlan, for any given mac addres, can only point to exactly one port at any time.

if each of your end systems just starts one circuit you are fine with this way. Even if you bring up a

end system with two or more circuits on different sap's it will almost certainly work as long as the

switch cam table is setup and is constantly refreshed

i.e. by rr's of the already existing circuit.

It is just something you need to keep in mind, it is not a totally clean solution.

A third way of doing it would be to configure a

static peer from the branch router to the head1end1.

and a backup peer from the branch to head-end2 with linger 0. Which means the backup peer will go away the moment the primary peer comes back up regardless of the active circuits.

In that case you have always only one router active between the branch and the head end.

The drawback of this is that the backup peer is only

backing up the tcp portion of the dlsw peer connection. If the failure is somewhere else. I.e. in the switched cloud, between the router and the host, the backup peer will not be triggered.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

thanks.

Your reply solved my problem.

And I have another related question and I can't find detailed information on cisco.com.

Except dlsw router,I have another single router running DLSW and SNASW. How to provide redundancy for it? Just do it like previous post ? Do I need concern redundancy for SNASW ?

Config of router:

source-bridge ring-group 99

dlsw local-peer peer-id 10.1.1.254 promiscuous

dlsw icanreach netbios-exclusive

snasw cpname APPN.RTSNASW

snasw port F00 FastEthernet0/0 conntype nohpr

snasw port VDLC vdlc 99 mac 1000.2000.0000 conntype nohpr

snasw link SNA port F00 rmac 0008.e018.cc08

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

i am not sure if i can fully understand your question in regards to the dlsw / snasw configuration.

In my terminology upstream is from the router to the host, downstream is from the router to the remote client.

You most likely have a branch router with dlsw peering to the router you gave the config example from. If the upstream link is "link SNA" than you would need another router, parallel which has also a upstream "link SNA" to your host, and downstream it is connected via dlsw to the branch router. The dlsw

circuit is terminated in the router. The target

mac address for the downstream clients is the mac

address configured on the snasw vdlc port. You configure the same mac address on both routers. So the downstream branch router learns the snasw vdlc

mac address via both peers. And that is how you get

redundancy in this case. For the vdlc port you can configure the key-word nns-required. That means it only accepts downstream connections when the upstream link is connected. if the upstream link fails it will reject downstream connections and they will then fall over to the parallel router. This is triggered from the branch router after the xid exchange failed.

if you need redundancy for snasw with local clients, you would configure hsrp on the two routers ethernet interfaces and define a hsrp mac-address. The hsrp mac-address is the address your clients are connecting to. The snasw port is the physical interface in this case. Hsrp is just used to make the

router listen to a particular mac address. Plus it

provides redundancy in case one router fails.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi, Matthias

thanks for your reply.

From your post, I know that I can config same vdlc mac-address on both redundancy router. But how to config CPNAME ? It's unique on APPN network. Can I config same CPNAME on both redundancy SNASW router. And on my SNA software of RS/6000 which resides on remote site would need config HOST CPNMAE.

So how to config SNASW CPNMAE when implement redundancy of SNASW ? Or my opinion is totally error.

thanks.

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

The snasw routers do indeed need to have different cp names. I'm not familiar with configuration on the RS/6000, but in every SNA implementation I'm aware of there is a way to indicate you want to learn the adjacent cp name rather than configuring it. Is this HOST CPNAME part of a link definition or otherwise?

- Ray

Cisco Employee

Re: Do I need DLSW ER ?

I found the RS/6000 configuration guide on-line ...

http://publibfp.boulder.ibm.com/cgi-bin/bookmgr/BOOKS/asvf4000/CONTENTS?SHELF=&DT=19940207143307#1.2.2

I took a quick glance. It looks like all you need to add is an Ethernet Link Station Profile. You should use the local APPN control point's XID, and where you specify the remote link MAC/SAP address specify the one you have configured on the VDLC port (the same in each snasw router). Say no in response to "Verify Adjacent Node?" so that you will learn the cpname of which ever snasw router you connect to.

My comments are based on the assumptions that 1) you want to have the RS/6000 connect as an APPN EN to only one snasw router at a time, 2) you have dlsw peers correctly configured to provide access over the WAN between the RS/6000 and the snasw routers, and 3) the RS/6000 is connected to it's local dlsw router via Ethernet. If any of those are incorrect then the answer will be different.

As Matthias already mentioned, there are other ways to provide redundancy (i.e. local snasw and hsrp). We can discuss these further if you want.

- Ray

New Member

Re: Do I need DLSW ER ?

Hi Ray,

thanks for your reply.

When you said "assumptions 1" , do you mean that another router will take over if current work router didn't work ? And execpt EN,how about NN and LEN ?

I use another router to provide local and remote SNA communication to S/390. It's config is like this:

source-bridge ring-group 1

!

dlsw local-peer peer-id 99.1.5.240 promiscuous

dlsw bridge-group 2

snasw cpname NET.ROUTERCP

snasw dlus NET.DEVP backup NET.DEVT

snasw port HPRIP hpr-ip FastEthernet0/0

snasw port ETH vdlc 1 mac 4000.4000.4000

snasw link OS3901 port HPRIP ip-dest 99.1.5.149

snasw link OS390 port HPRIP ip-dest 99.1.5.150

Can I provide redundancy for local and remote at the same time ? Do I need special concern about DLUS and DLUR ?

thanks!

New Member

Re: Do I need DLSW ER ?

If I code same mac-address on both redundancy router,how to config HSRP mac-address to provide redundancy for local client ?

If I code same mac-address, is there any problem about duplicate mac-address on ethernet? It like that local client can connected to vdlc mac 4000.4000.4000 . So if I code it on both router, there would be two same mac on same ethernet.

thanks!

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

in general vdlc mac addresses should only be reachable via remote dlsw peers.

You code the same mac address on both routers on the snasw vdlc port. Those mac addresses are reachable from dlsw and are terminated in the router.

If you need to have redundancy for local clients at the same time you can configure hsrp with a hsrp mac-address. Simply make it the same mac address as the vdlc one, just keep in mind you have to bitswap the address.

If you do hsrp you do NOT do transparent bridging on the ethernet interface. If you dont do transparent bridging you can NOT get to the snasw vdlc mac addresses.

Your local clients are talking directly to the snasw router. There is no bridging involved in this connectivity and as such you have only one router advertising the hsrp mac-address on the ethernet. The one that is hsrp active. Just define the physical interface as snasw port. Hsrp is used to make the

router "listen" to the appropriate mac address and

provide the redundancy in case a box goes down.

As you stated if you configured bridging on the ethernet and then you need dlsw local switching to get to the snasw vdlc mac-address. In this case you have the mac address appear from two routers on the same ethernet segment which is no allowed on a ethernet segment.

If you remove the bridging from the ethernet segment and use hsrp you have it clean.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Matthias,

If I only config HSRP and no bridging, can SNA on local ethernet work normally ? I never see this before your post.

thanks!

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

the most simple way to configure snasw on a ethernet segment is to use the physcial interface as snasw port.

You can change the physcial mac address to your needs and be done.

The problem is that you can do this only on one router per ethernet segment. If you need redundancy in case of an outage of one of the routers than you have actually not that much choices.

If you use any form of transparent bridging you will

always have the same mac address advertised from two

physical routers on the same ethernet segment and this is forbidden in ethernet.

So there is not that much choice left besides to use hsrp.

It works fine and it is the recommended way to get redundancy for snasw on a ethernet segment. You are not using any bridging. Always only one router per segement is active and advertising the hsrp mac addrss. As such the ethernet switch is happy. If a switchover happens the router is sending a gratuitous arp and is changing the cam table to point to the new active hsrp router.

If you have multiple ethernet segments/vlans you can get load balancing by activating even vlans on router1 and odd vlans on router2.

With the usage of multiple hsrp groups you can even have more than one mac address active on the same segment.

In case you also have already ip addresses on your

routers you waste a view addresses for the standby stuff. If you dont use ip on these segments you need to dummy the ip addresses up, since you need an ip address to get hsrp to work.

We have certainly customers using hsrp for snasw redundancy and the number will grow the more ethernet comes into play.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Matthias ,

thanks for all your post. It helps me so much!

New Member

Re: Do I need DLSW ER ?

Hi Matthias ,

I am sorry that there is another quesiton.

If HSRP can provide redundancy for local SNASW,can it do same work for two cip router ?

Following is config of my cip router and DLSW is working for remote site.

source-bridge ring-group 755

source-bridge transparent 755 55 5 4

dlsw local-peer peer-id 10.1.2.1 promiscuous

interface Channel1/0

no ip address

no keepalive

csna 0110 00

!

interface Channel1/1

ip directed-broadcast

no keepalive

csna 0110 00

!

interface Channel1/2

no ip address

no keepalive

max-llc2-sessions 2500

lan TokenRing 0

source-bridge 10 1 755

adapter 0 4000.0755.0025

lan TokenRing 1

source-bridge 11 1 755

adapter 1 4000.0755.0025

interface FastEthernet4/0/1

description ***sna communication****

no ip address

duplex auto

speed auto

bridge-group 4

bridge-group 4 spanning-disabled

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

no, the cip requires bridging. Snasw works with hsrp because snasw does not require bridging by itself.

The question for redundancy with a cip router is first of all where are your clients?

If they are remote coming in via dlsw, you have multiple choices.

Use two cip routers and peer your remote routers directly to those two routers.

If you have to use a peer farm with more dlsw peer routers than cip routers you can configure for each dlsw peer router one separate set of channel access on the cip router. A separate lan tokenring, separate adapter, with the mac address your clients connect.

When you come in to such a router via llc2 on ethernet you have to srtlb between the ethernet and the cip.

Per source-bridge virtual-ring group you can configure exactly one srtlb statement. However you can configure multiple virtual ring groups.

So if you need to get to i.e. two dlsw peer routers per cip router you can configure a ethernet vlan for each dlsw peer and connect the dlsw peer routers and the cip routers via trunks to the ethernet switch/switches.

On each vlan you configure a unique bridge-group srtlb'ed into a single lan tokenring. Such you dont bridge anything together, there are no loops and everyone can reach the host.

However there is no real good solution for local clients.

You can connect them to either this vlan or that vlan. but not to both at a time.

You have the same problem than with snasw and ethernet when you use bridging into a dlsw router to get to the vdlc mac address. If you connect both cip routers on a common ethernet both cip routers will appear on the same ethernet advertising the same mac address, which is not allowed on ethernet.

I know that customers do it, but i also know that we have sometimes customers on the phone with really wiered problems and it turns out cleaning up those configurations fixes the problems.

One other way for local clients would be to use again snasw with hsrp and then let snasw have an upstream link. But that depends again on the type of configuration you have in your environment.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Matthias,

Cau you give more detail about why snasw does not require bridging by itself ?

And if I am running DLSW and CIP on same router,is it right that I peer remote routers directly to those two routers to do load-balance ? For example:

dlsw local-peer peer-id 10.2.19.1

dlsw remote-peer 0 tcp host site CIP router 1

dlsw remote-peer 0 tcp host site CIP router 2

dlsw load-balance circuit-count

dlsw timer explorer-wait-time 2

Is HSMA stable enough to be used with local CIP redundancy ?

thanks!

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

your example configuration is correct.

When i say snasw does not require bridging i mean this:

The simpelst form of snasw would be a router running snasw and a ethernet interface. You define the physical ethernet interface as snasw port and you can now connect local clients to the mac address of this interface. The routers ethernet interface is not promiscuous at all, no bridging is enabled at all.

The routers interface is listening only to his own unicast mac address and broadcasts at this point.

If you need to connect a cip to the local lan you have to enable bridging, since the cip internal lan tokenring is always at least one hop away from the physcical lan.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Matthias,

thanks for your reply.

Is HSMA stably enough to work on production enviorment ? Is there any example on real world which deployed HSMA ?

Cisco Employee

Re: Do I need DLSW ER ?

Hi,

thanks for mentioning HSMA. I completely forgot about that. I know that we have a couple of customers using it but i dont know much about the details. I have to let someone else answer to that.

thanks...

Matthias

New Member

Re: Do I need DLSW ER ?

Hi Henry,

Yes it's stable enough for production. There have been production customers for about 3 years now.

Rgds, Dan

New Member

Re: Do I need DLSW ER ?

Hi Dan,

thanks for your reply!

I will try it.

423
Views
12
Helpful
22
Replies
CreatePlease to create content