cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
502
Views
0
Helpful
5
Replies

DLSW and bridging protocol DEC

bbois
Level 1
Level 1

Hi,

I would like to bridge DEC protocol over DSLW tunnel (+ encrypted after). I have got 2 routers with 2 fastethernet interfaces by routers (no serial), the config is the same that this exemple :

Router A

!

dlsw local-peer peer-id 150.150.1.1

dlsw remote-peer 0 tcp 150.150.2.1

dlsw bridge-group 1

!

interface Loopback0

ip address 150.150.1.1 255.255.255.0

!

interface Serial0

ip address 150.150.100.1 255.255.255.0

!

interface Ethernet0

ip address 150.150.30.1 255.255.255.0

bridge-group 1

!

bridge 1 protocol dec

!

Router B

!

dlsw local-peer peer-id 150.150.2.1

dlsw remote-peer 0 tcp 150.150.1.1

dlsw bridge-group 1

!

interface Loopback0

ip address 150.150.2.1 255.255.255.0

!

interface Serial0

ip address 150.150.100.2 255.255.255.0

!

interface Ethernet0

ip address 150.150.40.1 255.255.255.0

bridge-group 1

!

bridge 1 protocol dec

But instead of serial interfaces, we have got ethernet interfces.

The DLSW tunnels came up but brige does not work.

I have read in forum that "Bridge-group is supported for ethernet but only for IEEE not DEC protocols". Has it be improved or it is always correct ??

Thanks for your help

Benedicte

5 Replies 5

paolo bevilacqua
Hall of Fame
Hall of Fame

Hi,

you cannot bridge non-SNA protocols with DLSw+.

Is that decnet? Why don't you try regular routing for it.

Hope this helps, please rate post if it does!,/i>

Yes, the protocol to bridge is decnet. But between the 2 interfaces ethernet of the routers, we have got MPLS backbone of the enterprise. So I would like to encrypt broadcast packets (= decnet protocol) in a VPN (or tunnel or DLSw tunnel) to go throught the backbone MPLS. Overwise, I think broadcast packets like 150.255.255.255 will not be sent throught backbone MPLS... No ???

Many thanks for your help

Benedicte

If your MPLS is a layer 2 VPN then the two router endpoints will act like a point to point link and all layer two traffic will keep its validity through the MPLS VPN.

pciaccio
Level 4
Level 4

You can bridge DEC protocols using bridging. From your setup it looks like you have ethernet interfaces on both endpoint routers separated by a serial link. All you need to do is place the bridge-group 1 command on the serial interfaces on both routers. This will setup the bridging between the routers. Verify the bridge by using the SHOW BRIDGE-GROUP and SHOW BRIDGE commands.Good Luck...

Hi,

I come back to this configuration :

I have 4 routers :

2 routers with WAN link between them with bridge-group 1 command on the serial interfaces and LAN interfaces.

This 2 routers => 2620 version 12.2(19) and 2610 version 12.2(19)

2 others routers with fastethernet link between them with bridge-group 1 command on the 4 fastethernet interfaces : Lan to Lan and on the 2 lans.

This 2 routers => 2811 version 12.2(8) and 2811 version 12.4(16)

The bridge sends broadcats 101.255.255.255 packet udp/5040 from one LAN to the other LAN, throughout WAN link or fastethernet link when WAN link is broken.

It is OK when going throught WAN link and KO going throught fastethernet link ...

In the 4 LAN interfaces, we have got this ACL applied with ip access-group LAN-IN in

Extended IP access list LAN-IN

10 permit ip host 101.255.255.255 any log

20 permit ip any host 101.255.255.255 log

30 permit ip host 255.255.255.255 any log

40 permit ip any host 255.255.255.255 log

50 permit ip any any

On the routers with WAN link (26XX), the line

"permit ip any host 101.255.255.255 log" match, but on the routers with fastethernet link (2811), the line "permit ip any host 101.255.255.255 log" do not match.

We have tested to replace the 2 routers 2811 by 2 routers 2621 version 12.3(26) (with fastethernet link between them) and it was OK .. the line "permit ip any host 101.255.255.255 log" matched !!!

So we think there is something different with Cisco 2811 ...

On the Cisco 2811, packet to 101.255.255.255 udp/5040 do not match but ping 101.255.255.255 do not match.

Could you help me ???

Bénédicte