Hi all,
I am trying to configure ISDN backup for a client. The scenario is as follows:
Remote branch is connected through Metro ethernet with edge router A. Routing protocol is OSPF and everything is tunneled through a GRE tunnel.
I need to configure ISDN backup in which the same remote router will call to edge router B. Not only that i will need a full OSPF table (due to some multicast applications that are running) and a time-based ACL.
I have tried to simulate this on the lab using 2x 1841 routers. The configuration is as follows:
Router1: Remote router (caller)
------------------------------------------------
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TWO
!
boot-start-marker
boot system flash flash:c1841-advipservicesk9-mz.124-24.T1.bin
boot-end-marker
!
logging message-counter syslog
enable password cisco
!
no aaa new-model
clock timezone EET 2
clock summer-time EEST recurring last Sun Mar 3:00 last Sun Oct 3:00
dot11 syslog
ip source-route
!
!
ip dhcp excluded-address 10.6.6.1
!
!
!
ip cef
no ipv6 cef
ntp server 192.168.255.2
!
multilink bundle-name authenticated
!
isdn switch-type basic-net3
isdn tei-negotiation first-call
!
!
!
!
username cisco password 0 cisco
username ONE password 0 cisco
username TWO password 0 cisco
archive
log config
hidekeys
!
!
!
!
!
!
track 1 ip sla 1 reachability
!
!
!
interface Loopback0
ip address 10.2.2.2 255.255.255.255
!
interface Tunnel1
ip address 10.4.4.2 255.255.255.0
ip ospf network point-to-point
keepalive 10 3
tunnel source FastEthernet0/1
tunnel destination 10.3.3.1
!
interface FastEthernet0/0
description LAN
ip address 10.6.6.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description LINK
ip address 10.3.3.2 255.255.255.0
load-interval 30
duplex auto
speed auto
!
interface BRI0/0/0
no ip address
encapsulation ppp
dialer pool-member 1
dialer idle-timeout 60
isdn switch-type basic-net3
isdn point-to-point-setup
no cdp enable
ppp authentication chap
!
interface Dialer0
ip address 10.7.7.2 255.255.255.0
encapsulation ppp
dialer pool 1
dialer remote-name ONE
dialer idle-timeout 60
dialer string 123456789
dialer load-threshold 1 outbound
dialer-group 1
no cdp enable
ppp authentication chap
ppp multilink
!
router ospf 1
log-adjacency-changes
passive-interface default
network 0.0.0.0 255.255.255.255 area 0
!
ip local policy route-map MY-LOCAL-POLICY
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.4.4.1 track 1
ip route 0.0.0.0 0.0.0.0 10.7.7.1 254
ip http server
no ip http secure-server
!
!
!
ip sla 1
icmp-echo 10.1.1.1
timeout 1000
threshold 2
frequency 3
ip sla schedule 1 life forever start-time now
access-list 101 deny ospf any any
access-list 101 permit ip any any time-range TRADING-HOURS
access-list 111 permit ip 10.6.6.0 0.0.0.255 10.5.5.0 0.0.0.255 time-range TRADING-HOURS
access-list 112 permit icmp any host 10.1.1.1 echo
dialer-list 1 protocol ip list 111
!
!
!
!
route-map MY-LOCAL-POLICY permit 10
match ip address 112
set ip next-hop 10.4.4.1
set interface Dialer0 Null0
!
!
!
control-plane
!
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
time-range TRADING-HOURS
periodic weekdays 8:00 to 18:30
!
end
Router2: Edge router (callee)
------------------------------------------------
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ONE
!
boot-start-marker
boot-end-marker
!
logging buffered 10000 debugging
enable password cisco
!
no aaa new-model
memory-size iomem 25
clock timezone EET 2
clock summer-time EEST recurring last Sun Mar 3:00 last Sun Oct 3:00
no ip source-route
no ip gratuitous-arps
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
isdn switch-type basic-net3
!
!
username ONE password 0 cisco
username TWO password 0 cisco
!
!
!
!
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.255
!
interface Tunnel1
ip address 10.4.4.1 255.255.255.0
ip ospf network point-to-point
keepalive 10 3
tunnel source FastEthernet0/1
tunnel destination 10.3.3.2
!
interface FastEthernet0/0
description LAN
ip address 10.5.5.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
description LINK
ip address 10.3.3.1 255.255.255.0
duplex auto
speed auto
!
interface BRI0/0/0
description BACKUP ISDN
no ip address
encapsulation ppp
no ip route-cache cef
no ip route-cache
no ip mroute-cache
load-interval 30
dialer pool-member 1
dialer idle-timeout 60
isdn switch-type basic-net3
isdn point-to-point-setup
no keepalive
no fair-queue
no cdp enable
ppp authentication chap
!
interface Dialer0
ip address 10.7.7.1 255.255.255.0
encapsulation ppp
no ip route-cache cef
no ip route-cache
no ip mroute-cache
dialer pool 1
dialer remote-name TWO
dialer idle-timeout 0
dialer-group 1
no cdp enable
ppp authentication chap
ppp multilink
!
router ospf 1
log-adjacency-changes
passive-interface default
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip access-list extended dial
permit ip host 10.7.7.1 host 10.7.7.2 time-range TRADING_HOURS
!
access-list 101 deny ospf any any
access-list 101 deny udp any any eq ntp
access-list 101 permit ip any any time-range TRADING_HOURS
access-list 111 permit ip 10.5.5.0 0.0.0.255 10.6.6.0 0.0.0.255 time-range TRADING_HOURS
access-list 111 permit ip host 10.7.7.1 host 10.7.7.2 time-range TRADING_HOURS
access-list 112 permit ip any any time-range TRADING_HOURS
dialer watch-list 1 ip 10.2.2.0 255.255.255.0
dialer-list 1 protocol ip list 111
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
password cisco
login
!
scheduler allocate 20000 1000
ntp master
time-range TRADING_HOURS
periodic weekdays 8:00 to 18:30
!
end
I have managed so far to make it work with static routes. The thing is: how to make it work with OSPF?
Any help will be appreciated.
Thank you.
TIA,
Nicos Nicolaides
