Re: Winnt and DDR

karl.jones · ‎04-08-2002

Hi All

I have a 1603r which I am configuring for ddr to the central site. Connected to this ISDN router is a small lan with a few pc's. Basically, even when the pc's are not logged on, (ctrl, alt, del), they are still looking for the pdc and appear to be sending some form of keepalives to it which inevitably keeps the link up. I believe there is something you can configure on the router to stop these keepalives from keeping the link up. I only want the link to come up when there is real traffic or the users are logging on to the pdc. Can anyone help here.

Regards

abahl · ‎04-08-2002

U cand use an extended access list to identify the IP traffic, and use taht to initiate DDR connection.

Anuj

karl.jones · ‎04-08-2002

Yip .. I know but NT seems to keep the link up even if your not even logged on (ctrl alt del)

jakub.lasinski · ‎04-11-2002

I'd suggest to use packet sniffer to check what goes in your network. Than block unwanted traffic on the router. Consider use of time based access lists. There is a free sniffer called Ethereal. Send me e-mail if you want http://. I don't remember it just now.

a.c.p · ‎04-16-2002

Hi

I had the same problem with DDR, and winnt, i found out that winnt, i looking for it's defalut gateway when i trys to access the PDC, are you using DHCP or Fixed Address ?

ali-franks · ‎04-16-2002

Hi Karl,

Are you using NT4 or 2000? NT 4 is not too bad but I have found that 2000 is horrendous for Netbios broadcasts. If I remember rightly NT4 does the same but to a lesser extent.

Use an extended ACL inbound on the Ethernet interface denying UDP ports 137,138, and 139. Also, if the server is 2000 and you are not using it for web access, remove ALL the root DNS servers that are there by default from installation. This will not only help stop the UDP broadcasts, but you will find that if you "debug ip packet detail", when the server receives no response from the UDP 53 request to the root DNS it will try to ping it.

All of this not only uses bandwidth but racks up a hefty ISDN call charge!

The keepalives that you mention I think are the same UDP broadcasts from the clients. Try disabling Netbios over TCP/IP to cure that one.

Theoretically routers should not pass broadcast traffic by default but for some reason some ISDN routers do!! Don't ask me why coz I've not really followed it uo - just blocked the traffic.

If anyone can shed any further light on this please feel free!!

Ali

karl.jones · ‎04-16-2002

Hi Ali

Thanks for your response ... I have an nt client connected to a 1600 router dialing into a 3600 router with a large lan connected. On this lan are nt servers and clients. The nt client off the 1600 router needs to dial into the 3600 for 10 mins at a time but the 3600 needs dial the 1600 also at times. If I deny ports 137,138 and 139 from the interesting traffic on both sides, do you think this will do the trick.

Thanks for your comments

Regards

Karl

ali-franks · ‎04-16-2002

Hi Karl

Yes it should do the trick. Ether use an extended ACL on the E0 interface or refer the "dialer-list" to an ACL. Follows is sample from an 801:

801(config)#dialer-list 10 protocol ip list 100

801(config)#access-list 100 deny udp any any eq 137

801(config)#access-list 100 deny udp any any eq 138

801(config)#access-list 100 deny udp any any eq 139

801(config)#access-list 100 permit ip any any

Let me know if you have any probs.

Ali

karl.jones · ‎04-16-2002

Thanks Ali

this is perfect

Regards