10-04-2002 08:33 AM - edited 03-02-2019 01:50 AM
HI All
We have a WAN of a round forty routers with backup isdn into a pri at the central site. My routing protocol is eigrp. On my WAN links, I use IP address's with 30 bit masks, and on each remote router, I configure a dialer to dial into the central site as a backup. All my dialers have 30 bit masks, so I have quite a few small nets.
I recently read a cisco paper in which remote routers obtained an IP address automatically and all ISDN dialups dialled into a rotary group on just one subnet. This got me thinking ' one subnet' in the routing table instead of many. This sounds good, but it was a RAS solution and not a backup ISDN solution for remote sites.
Can anyone advise on the best way to scale backup ISDN, just one other thing, my eigrp net is discontiguous.
Any advice would be much appreciated.
Regards
Solved! Go to Solution.
11-13-2002 02:37 PM
Thanks for the ringing endorsement!
The target address is let through so that routers behind the spoke router dialing in can learn that the ISDN line is up. If there are no other routers at the spoke, this is not necessary.
The default route is let through so that when the ISDN service hiccups, and calls are completed to both routers, the call to the backup router will be dropped because the floating static default route has a higher admin distance than the learned default route to the preferred router. The placement should be reversed if the other router is preferred.
Good luck and have fun!
VIncent C Jones
10-04-2002 09:10 AM
A simple method letting you could keep what you have now (bri to pri) but moving to one network/subnet - I used this before with no issues:
!
interface Serial3/0:23
description Backup PRI line 416-xxx-xxxx
ip address 10.216.250.6 255.255.255.0
encapsulation ppp
dialer idle-timeout 300
dialer map ip 10.216.250.1 name rba0can broadcast
dialer map ip 10.216.250.3 name rbb0can broadcast
dialer map ip 10.216.250.4 name rbc0can broadcast
dialer map ip 10.216.250.5 name rbd0can broadcast
dialer map ip 10.216.250.7 name rbe0can broadcast
dialer map ip 10.216.250.8 name rbf0can broadcast
dialer map ip 10.216.250.9 name rbg0can broadcast
dialer map ip 10.216.250.11 name rbhcan broadcast
dialer-group 1
isdn switch-type primary-ni
ppp authentication chap
!
access-list 100 remark Deny EIGRP from starting the dialing
access-list 100 deny eigrp any any
access-list 100 permit ip any any log
dialer-list 1 protocol ip list 100
On the remote site you could use the backup command (if WAN link dies, failover to the bri) or you could use the dialer-watch command to force the failover (eg dialer watch-group 1 and dialer watch-list 1 ip 172.22.53.0 255.255.255.252) or you could use a floating static (admin distance of higher than eigrp pointing to the bri). If the PRI gets oversubscribed in the future, you can add a second line and only will only have 2 subnets now.
Here is a link evaluating the various backup methods: http://www.cisco.com/warp/public/123/backup-main.html
Hope it helps.
Steve
10-05-2002 04:06 AM
Hi Steve
Thanks for a great reply and example.
This I think is legacy ddr, which looks like it would work well. On my remote sites, I use dialer profiles with floating statics. These would be all on the same 24bit subnet as opposed to individual 30 bit subnets which I will change. I will remove the individual dialer profiles on the pri and change the config similar to above. This would achieve my main aim of cutting down on routing table entries I think.
But ...... can I add dialer profiles to the Serial3/0:23 interface as well, perhaps if i need to dial out with different conditions from the pri and perhaps with a more restrictive dialer group. This solution looks great for backing up my remote sites but I need to be able to add dialer profiles and other things to the Serial3/0:23 in the coming weeks to this. I am putting some mica modems in there too and I will also have some TA's dialing in too.
Regards
10-05-2002 03:40 PM
My preference is to use ip unnumbered on my dial backup links. This allows setting up the dial backup so the remotes can dial into multiple PRI's on multiple routers (for when your network expands to that size :-) Using EIGRP, you can also play games with route filtering to simplify ISDN testing. Works great with DDR or dialer watch, legacy or dialer profiles, and no problem using the PRI(s) for dialout or other purposes either. There are several example configurations in my book (chapter 7 is dedicated to considerations unique to hub and spoke networks like yours), the example listings are on my website. Listing 7-18 is probably your best bet, showing how to use virtual templates with dialer profiles to support an arbitrary number of remote sites dialing in.
Good luck and have fun!
Vincent C Jones
10-06-2002 10:06 AM
Thankyou for advice ..... I will try to get a copy.
Regards
11-13-2002 08:27 AM
Hi all
I have had a look at the High Availability with cisco networking book (great book) and have a question relating to config on pg341.
I like the ip unnumbered option for the ISDN dialers and bri interfaces and have created loopbacks on both the hub and the spoke, routing protocol is eigrp.
My question is this:- I have always at the hub filtered out all routing updates out of the bri interface on the hub with the "access-list 11 deny any" command. There is a default route on the spoke router with a higher admin distance than the primary framerelay link. On page 341, you have a distribution list of
permit 10.0.0.2
deny any
on page 339 you have a
permit 10.0.0.2
permit 0.0.0.0
deny any
Basically, I have always done a "deny any" out of the bri interface and would like to keep it that way if it is ok. My config is virtually identical to the config in the book, the destination hub is 172.16.45.1. Can I leave my deny any statement as it is or should I go for one of the above methods. Both seem to work ok, but there is probably advantages to the book method.
I would appreciate if any one could help me on this matter.
Thanks in advance
11-13-2002 02:37 PM
Thanks for the ringing endorsement!
The target address is let through so that routers behind the spoke router dialing in can learn that the ISDN line is up. If there are no other routers at the spoke, this is not necessary.
The default route is let through so that when the ISDN service hiccups, and calls are completed to both routers, the call to the backup router will be dropped because the floating static default route has a higher admin distance than the learned default route to the preferred router. The placement should be reversed if the other router is preferred.
Good luck and have fun!
VIncent C Jones
11-14-2002 02:58 AM
Hi Vincent
Thanks for your reply ... i understand now ..... once again great book
Regards
Karl Jones
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide