cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
565
Views
10
Helpful
7
Replies

Best way to scale ISDN backup

karl.jones
Level 1
Level 1

HI All

We have a WAN of a round forty routers with backup isdn into a pri at the central site. My routing protocol is eigrp. On my WAN links, I use IP address's with 30 bit masks, and on each remote router, I configure a dialer to dial into the central site as a backup. All my dialers have 30 bit masks, so I have quite a few small nets.

I recently read a cisco paper in which remote routers obtained an IP address automatically and all ISDN dialups dialled into a rotary group on just one subnet. This got me thinking ' one subnet' in the routing table instead of many. This sounds good, but it was a RAS solution and not a backup ISDN solution for remote sites.

Can anyone advise on the best way to scale backup ISDN, just one other thing, my eigrp net is discontiguous.

Any advice would be much appreciated.

Regards

1 Accepted Solution

Accepted Solutions

Thanks for the ringing endorsement!

The target address is let through so that routers behind the spoke router dialing in can learn that the ISDN line is up. If there are no other routers at the spoke, this is not necessary.

The default route is let through so that when the ISDN service hiccups, and calls are completed to both routers, the call to the backup router will be dropped because the floating static default route has a higher admin distance than the learned default route to the preferred router. The placement should be reversed if the other router is preferred.

Good luck and have fun!

VIncent C Jones

www.networkingunlimited.com

View solution in original post

7 Replies 7

steve.barlow
Level 7
Level 7

A simple method letting you could keep what you have now (bri to pri) but moving to one network/subnet - I used this before with no issues:

!

interface Serial3/0:23

description Backup PRI line 416-xxx-xxxx

ip address 10.216.250.6 255.255.255.0

encapsulation ppp

dialer idle-timeout 300

dialer map ip 10.216.250.1 name rba0can broadcast

dialer map ip 10.216.250.3 name rbb0can broadcast

dialer map ip 10.216.250.4 name rbc0can broadcast

dialer map ip 10.216.250.5 name rbd0can broadcast

dialer map ip 10.216.250.7 name rbe0can broadcast

dialer map ip 10.216.250.8 name rbf0can broadcast

dialer map ip 10.216.250.9 name rbg0can broadcast

dialer map ip 10.216.250.11 name rbhcan broadcast

dialer-group 1

isdn switch-type primary-ni

ppp authentication chap

!

access-list 100 remark Deny EIGRP from starting the dialing

access-list 100 deny eigrp any any

access-list 100 permit ip any any log

dialer-list 1 protocol ip list 100

On the remote site you could use the backup command (if WAN link dies, failover to the bri) or you could use the dialer-watch command to force the failover (eg dialer watch-group 1 and dialer watch-list 1 ip 172.22.53.0 255.255.255.252) or you could use a floating static (admin distance of higher than eigrp pointing to the bri). If the PRI gets oversubscribed in the future, you can add a second line and only will only have 2 subnets now.

Here is a link evaluating the various backup methods: http://www.cisco.com/warp/public/123/backup-main.html

Hope it helps.

Steve

Hi Steve

Thanks for a great reply and example.

This I think is legacy ddr, which looks like it would work well. On my remote sites, I use dialer profiles with floating statics. These would be all on the same 24bit subnet as opposed to individual 30 bit subnets which I will change. I will remove the individual dialer profiles on the pri and change the config similar to above. This would achieve my main aim of cutting down on routing table entries I think.

But ...... can I add dialer profiles to the Serial3/0:23 interface as well, perhaps if i need to dial out with different conditions from the pri and perhaps with a more restrictive dialer group. This solution looks great for backing up my remote sites but I need to be able to add dialer profiles and other things to the Serial3/0:23 in the coming weeks to this. I am putting some mica modems in there too and I will also have some TA's dialing in too.

Regards

My preference is to use ip unnumbered on my dial backup links. This allows setting up the dial backup so the remotes can dial into multiple PRI's on multiple routers (for when your network expands to that size :-) Using EIGRP, you can also play games with route filtering to simplify ISDN testing. Works great with DDR or dialer watch, legacy or dialer profiles, and no problem using the PRI(s) for dialout or other purposes either. There are several example configurations in my book (chapter 7 is dedicated to considerations unique to hub and spoke networks like yours), the example listings are on my website. Listing 7-18 is probably your best bet, showing how to use virtual templates with dialer profiles to support an arbitrary number of remote sites dialing in.

Good luck and have fun!

Vincent C Jones

www.networkingunlimited.com

Thankyou for advice ..... I will try to get a copy.

Regards

Hi all

I have had a look at the High Availability with cisco networking book (great book) and have a question relating to config on pg341.

I like the ip unnumbered option for the ISDN dialers and bri interfaces and have created loopbacks on both the hub and the spoke, routing protocol is eigrp.

My question is this:- I have always at the hub filtered out all routing updates out of the bri interface on the hub with the "access-list 11 deny any" command. There is a default route on the spoke router with a higher admin distance than the primary framerelay link. On page 341, you have a distribution list of

permit 10.0.0.2

deny any

on page 339 you have a

permit 10.0.0.2

permit 0.0.0.0

deny any

Basically, I have always done a "deny any" out of the bri interface and would like to keep it that way if it is ok. My config is virtually identical to the config in the book, the destination hub is 172.16.45.1. Can I leave my deny any statement as it is or should I go for one of the above methods. Both seem to work ok, but there is probably advantages to the book method.

I would appreciate if any one could help me on this matter.

Thanks in advance

Thanks for the ringing endorsement!

The target address is let through so that routers behind the spoke router dialing in can learn that the ISDN line is up. If there are no other routers at the spoke, this is not necessary.

The default route is let through so that when the ISDN service hiccups, and calls are completed to both routers, the call to the backup router will be dropped because the floating static default route has a higher admin distance than the learned default route to the preferred router. The placement should be reversed if the other router is preferred.

Good luck and have fun!

VIncent C Jones

www.networkingunlimited.com

Hi Vincent

Thanks for your reply ... i understand now ..... once again great book

Regards

Karl Jones

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: