cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3257
Views
0
Helpful
5
Replies

Transparent DSL to Ethernet bridge using AAL5MUX

kayasaman
Level 1
Level 1

Hi,

I'm trying to build a project where I utilize a Cisco 877 as a dumb modem by briding the ATM interface together with an Ethernet interface (VLAN) in this case due L2 switchports.

The online documentation for RFC 2684 bridging states that I should be using AAL5SNAP as the encapsulation mechanism however, my ISP requires that I use the AAL5MUX encapsulation as part of the DSL settings.

My current config looks like so:

Header 1

Building configuration...

Current configuration : 1694 bytes

!

! Last configuration change at 22:46:28 BST Sun Aug 19 2012 by admin

! NVRAM config last updated at 22:47:41 BST Sun Aug 19 2012 by admin

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname Cisco877W

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

clock summer-time BST recurring

no ip routing

no ip cef

!

!

!

!

!

multilink bundle-name authenticated

!

!

!

!

username <omitted>

!

!

!

!

!

!

interface ATM0

no ip address

no ip route-cache

no atm ilmi-keepalive

pvc 0/38

  encapsulation aal5snap

!

dsl operating-mode auto

bridge-group 1

!

interface FastEthernet0

switchport access vlan 2

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

switchport access vlan 3

!

interface Dot11Radio0

no ip address

no ip route-cache

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Vlan1

no ip address

no ip route-cache

!        

interface Vlan2

no ip address

no ip route-cache

bridge-group 1

!

interface Vlan3

ip address 192.168.1.254 255.255.255.0

!

!

!

no ip http server

no ip http secure-server

!

access-list 100 permit tcp 192.168.0.0 0.0.1.255 any eq telnet

access-list 100 deny   tcp any any eq telnet

access-list 100 remark Only allow local subnets telnet acces

!

!

!

!

control-plane

!

bridge 1 protocol ieee

!

line con 0

logging synchronous

no modem enable

line aux 0

line vty 0 4

access-class 100 in

logging synchronous

login local

transport input all

!

scheduler max-task-time 5000

ntp server 192.168.1.120

end

Currently the internet/WAN connectivity is really poor as the system either doesn't connect or connects really slowly and quieries don't get through, pages don't resolve etc...

Prior to this when I was using the 877 in full routing mode with the Dialer sub interface providing the PPPoA connection to my ISP the internet speed was fine unless the line got conjested.

The previous config I was using is as follows:

Header 1

interface ATM0

mtu 1500

no ip address

no ip route-cache

shutdown

no atm ilmi-keepalive

pvc 0/38

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

dsl lom 200

!

interface Dialer0

ip address negotiated

ip nat outside

no ip virtual-reassembly

encapsulation ppp

no ip route-cache

shutdown

dialer pool 1

no cdp enable

ppp authentication chap callin

ppp chap hostname <omitted>

ppp chap password <omitted>

At present I haved OpenBSD doing PPPoE with NAT/PAT/firewall/routing etc.... on a Sun Microsystems Netra T105 SPARC server. As stated this is a test project to compare speed and capability.

The CPU and memory of the server are not in use at all as there's plenty of juice left inside the system so no reason for routing packets to be bottlenecked by OpenBSD.

Could anyone help me get AAL5MUX working if it is at all possible as I'm positive that this will sort out my internet connectivity issues....??

If I run a quick 'show' from the ATM interface I get a bunch of options and I'm not sure which one I need or even if it is compatible for bridging:

Header 1

(config-if-atm-vc)#encap aal5mux ?

  fr-atm-srv   Frame Relay/ATM service interworking

  frame-relay  Frame Relay/ATM network interworking

  ip           IP

  ppp          VC MUX PPP over AAL5 Encapsulation

  voice        Voice over ATM

(config-if-atm-vc)#encap aal5mux ppp ?

  Virtual-Template  Virtual Template interface

  dialer            pvc is part of dialer profile

Perhaps would I need to create a virtual-template and bridge from there?

Thanks

5 Replies 5

kayasaman
Level 1
Level 1

In  fact with LOM enabled running sh dsl inter I get this:

Header 1

#sh dsl inter

ATM0

Alcatel 20190 chipset information

         ATU-R (DS)            ATU-C (US)

Modem Status:     Showtime (DMTDSL_SHOWTIME)

DSL Mode:     ITU G.992.5 (ADSL2+) Annex A

ITU STD NUM:      0x03                 0x2

Chip Vendor ID:     'STMI'                 'GSPN'

Chip Vendor Specific:  0x0000             0x0010

Chip Vendor Country:   0x0F             0xFF

Modem Vendor ID: 'CSCO'                 'GSPN'

Modem Vendor Specific: 0x0000             0x1000

Modem Vendor Country:  0xB5             0xFF

Serial Number Near:    FCZ112713XK

Serial Number Far:    

Modem VersChip ID:      C196 (0)

DFE BOM:     DFE3.0 Annex A (1)

Chip ID:      C196 (0)

DFE BOM:     DFE3.0 Annex A (1)

Capacity Used:     48%                 100%

Noise Margin:     16.5 dB              7.0 dB

Output Power:     20.0 dBm             10.0 dBm

Attenuation:     19.0 dB              7.0 dB

Defect Status:     None                            None                       

Last Fail Code:     None

Watchdog Counter: 0xDC

Watchdog Resets: 0

Selftest Result: 0x00

Subfunction:     0x00

Interrupts:     12431 (0 spurious)

PHY Access Err:     0

Activations:     3

LED Status:     ON

LED On Time:     100

LED Off Time:     100

Init FW:     init_3.0.010_nobist.bin

Operation FW:     AMR-3.0.010.bin

FW Source:     external

FW Version:     3.0.10

          DS Channel1      DS Channel0    US Channel1      US Channel0

Speed (kbps):              0            8192             0             907

Cells:                  0      1834382523             0      1723611539

Reed-Solomon EC:          0               0             0               0

CRC Errors:              0             597             0               0

Header Errors:              0             439             0               0

Total BER:          0E-0         2354E-10

Leakage Average BER:      0E-0         8322E-12

Interleave Delay:         0               4             0              58

            ATU-R (DS)    ATU-C (US)

Bitswap:           enabled          enabled

Bitswap success:          0                  0

Bitswap failure:          0                  0

LOM Monitoring : Enabled

LOM watch configured for 200 times

LOM appeared continuously for 0 times

DMT Bits Per Bin

000: 0 0 0 0 0 0 0 0 3 5 7 8 9 A A B

010: C C C C C C C D C C C C B B B A

020: 0 0 0 0 2 2 4 4 4 4 5 6 6 6 6 7

030: 7 7 7 7 7 8 8 8 8 8 8 8 8 8 8 8

040: 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8 8

050: 8 8 8 8 8 8 8 8 8 8 8 8 7 7 8 7

060: 7 7 7 7 7 7 7 7 7 7 7 2 7 8 8 8

070: 7 7 7 7 7 7 7 8 7 7 7 7 7 7 7 8

080: 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7

090: 7 7 7 7 7 7 7 6 7 7 6 6 6 6 6 7

0A0: 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6 6

0B0: 6 6 6 6 6 6 6 6 6 7 7 7 7 7 7 7

0C0: 7 7 6 7 6 6 6 6 6 6 6 6 6 6 6 6

0D0: 6 6 5 2 2 6 6 6 6 6 6 6 6 6 6 6

0E0: 6 5 6 6 6 6 6 6 6 6 5 5 5 5 6 5

0F0: 5 6 6 7 6 6 6 5 6 6 6 6 5 5 6 6

100: 6 6 6 6 6 6 6 6 6 6 6 4 6 6 6 6

110: 6 6 6 6 6 6 5 6 5 5 4 6 5 6 5 5

120: 5 5 6 6 5 5 5 5 5 5 5 5 5 5 5 5

130: 5 5 5 5 5 5 4 4 4 5 4 4 4 4 4 4

140: 4 4 4 4 4 4 4 4 4 4 5 5 4 5 5 5

150: 5 5 2 4 5 4 5 4 4 5 5 5 5 5 5 4

160: 4 4 4 4 4 4 4 0 4 4 4 4 4 4 4 4

170: 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4

180: 4 0 4 4 4 4 4 4 4 4 4 4 4 4 4 4

190: 0 4 4 4 4 4 4 4 4 4 4 4 4 4 4 4

1A0: 4 0 4 4 4 4 4 4 3 3 3 0 0 0 2 0

1B0: 0 0 2 2 2 2 2 2 0 2 2 2 2 2 2 2

1C0: 0 2 2 2 0 2 2 2 0 0 2 0 2 2 2 2

1D0: 0 0 2 2 2 2 2 2 2 2 0 2 2 2 2 2

1E0: 2 2 2 1 1 0 0 0 0 0 0 0 0 0 0 0

1F0: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

paolo bevilacqua
Hall of Fame
Hall of Fame

Trying to bridge will only produce trouble and poor performances.

Use routing, and everything will work fine.

Giuseppe Larosa
Hall of Fame
Hall of Fame

Hello Kayasaman,

AAL5SNAP encapsulation includes a SNAP header that allows to identify the payload as bridged ethernet frames, AAL5MUX does not provide this capability.

As a result of this your attempt to bridge over AAL5MUX  has very poor performance.

As already suggested by Paolo move back to a routed solution.

Hope to help

Giuseppe

Giuseppe Larosa wrote:

Hello Kayasaman,

AAL5SNAP encapsulation includes a SNAP header that allows to identify the payload as bridged ethernet frames, AAL5MUX does not provide this capability.

As a result of this your attempt to bridge over AAL5MUX  has very poor performance.

As already suggested by Paolo move back to a routed solution.

Yes, altough in theory, both bridged frame over aal5mux, or bridged frame over ppp over aal5mux should work.

But as they say, in theory, theory and practice are the same thing, but in practice, they are not.

Hi,

so sorry for the late response.

I totally lost track of this posting as things got out of control busy :-(

Thanks for the reponses in the meantime!

Hmm.... so any type of ATM to Ethernet bridging will result in poor performance.

Currently having a working system in place with this config:

Header 1

interface ATM0

mtu 1454

no ip address

no ip route-cache

no atm ilmi-keepalive

pvc 0/38

  encapsulation aal5snap

!

dsl operating-mode auto

dsl lom 200

bridge-group 1

!

interface FastEthernet0

switchport access vlan 2

!

interface Vlan2

no ip address

ip mtu 1454

no ip route-cache

bridge-group 1

!

bridge 1 protocol ieee

Confirming I get:

Bridge Group 1:

    Address       Action   Interface       Age   RX count   TX count

0030.881e.efee   forward   ATM0              0  361151454  220767492

000f.e213.eec0   forward   ATM0              0     863456          0

0800.20f9.c324   forward   Vlan2             0  262447407  425575101

Though too many bit errors:

Header 1

ATM0

Alcatel 20190 chipset information

         ATU-R (DS)            ATU-C (US)

Modem Status:     Showtime (DMTDSL_SHOWTIME)

DSL Mode:     ITU G.992.5 (ADSL2+) Annex A

ITU STD NUM:      0x03                 0x2

Chip Vendor ID:     'STMI'                 'GSPN'

Chip Vendor Specific:  0x0000             0x0010

Chip Vendor Country:   0x0F             0xFF

Modem Vendor ID: 'CSCO'                 'GSPN'

Modem Vendor Specific: 0x0000             0x1000

Modem Vendor Country:  0xB5             0xFF

Serial Number Near:    FCZ112713XK

Serial Number Far:    

Modem VersChip ID:      C196 (0)

DFE BOM:     DFE3.0 Annex A (1)

Chip ID:      C196 (0)

DFE BOM:     DFE3.0 Annex A (1)

Capacity Used:     47%                 100%

Noise Margin:     21.5 dB              7.5 dB

Output Power:     20.0 dBm             10.0 dBm

Attenuation:     19.0 dB              7.0 dB

Defect Status:     None                            None                       

Last Fail Code:     None

Watchdog Counter: 0x57

Watchdog Resets: 0

Selftest Result: 0x00

Subfunction:     0x00

Interrupts:     12536 (0 spurious)

PHY Access Err:     0

Activations:     2

LED Status:     ON

LED On Time:     100

LED Off Time:     100

Init FW:     init_3.0.010_nobist.bin

Operation FW:     AMR-3.0.010.bin

FW Source:     external

FW Version:     3.0.10

          DS Channel1      DS Channel0    US Channel1      US Channel0

Speed (kbps):              0            8192             0             903

Cells:                  0      1118853068             0      2910286709

Reed-Solomon EC:          0               0             0               0

CRC Errors:              0             782             0               0

Header Errors:              0             334             0               0

Total BER:          0E-0         2329E-11

Leakage Average BER:      0E-0         4018E-12

Interleave Delay:         0               4             0              58

            ATU-R (DS)    ATU-C (US)

Bitswap:           enabled          enabled

Bitswap success:          0                  0

Bitswap failure:          0                  0

LOM Monitoring : Enabled

LOM watch configured for 200 times

LOM appeared continuously for 0 times

With all other PPP config, NAT/PAT, Firewall, static/dynamic routing functions handled by the OpenBSD server.

A few things I've noticed/observed. I do manage to get full ADSL 2+ Annex A performance; between 600 - 700 kbps max downstream bandwidth.

For sure the OpenBSD box is only 400MHz SPARC and only 1 of them meaning that any additional processing would also be going through the single core/socket CPU. It's actually quite interesting to see how say remotely logging in via SSH affects the WAN performance.

Multi user access is also slow and difficult since the bandwidth rapidly drops when 2+ people browse HTTP at the same time, let alone backend services such as web/mail servers.

Also the VoIP system goes completely dead if say someone is loading a video file from eg. Youtube.

I think I'm going to fork out for a Cisco 887VA so that I can utilize the Annex M capability of my DSL line however, the Cisco NAT seems to take lots of memory in the routers.....

My 1801W which I used previously kept crashing once the number of connections went up. Doing a sh ip nat translations and piping the output into a file resulted in roughly 7000+ lines (translations) so no wonder the boxes crash on me all the time.

Luckily I don't have this problem with OpenBSD on the server/router test that I've devised. However, I think I really need a faster internet line/Metro Ethernet compatible router - budget doesn't allow so I guess I'm slightly stuck.

The good part is that I have learned a lot by connecting my various 8xx + 1800 routers to the OpenBSD box using GRE over IPSEC, OSPF, PPPoE etc... and have had the chance to check out SPI and other security features which slowdown/blowup my Cisco boxes.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco