-
RSRB provides bridging between Token Ring networks that are separated by non-Token Ring networks. -
Each router connected by RSRB must have a virtual Token Ring configured. RSRB bridges between the two virtual rings over arbitrary media. -
Direct encapsulation can be used for RSRB over a point-to-point connection with no protocol overhead. -
Fast-Sequenced Transport (FST) encapsulates RSRB traffic in IP datagrams for efficient routing. FST drops packets that arrive out of order, so it should not be used if this is likely in your network. -
TCP encapsulation can be used for the most robust (but least-efficient) RSRB transport. Use this method if you have a multiprotocol backbone, if you use load balancing over redundant paths, or if you have a mixture of media types. NOTE RSRB uses UDP and TCP ports: 1996 ("high" priority), 1987 ("medium" priority), 1988 ("normal" priority), and 1989 ("low" priority). Note that it is possible to change the TCP port numbers through RSRB configuration. Configuration -
Define a virtual ring on both ends of the RSRB connection: (global) source-bridge ring-group ring-group [ virtual-mac-addr ] A virtual Token Ring numbered ring-group (1 to 4095) is created. Physical Token Ring interfaces must first be bridged to this virtual ring via SRB. (This step is identical to Step 1 in Section 5-1.) -
Use Direct Encapsulation RSRB. This involves defining the remote RSRB peer: (global) source-bridge remote-peer ring-group interface interface [ mac-addr ] [ lf size ] The remote RSRB peer router is identified by the local virtual ring ring-group (1 to 4095) and the physical interface (serial, Ethernet, FDDI, or Token Ring only; serial must use HDLC encapsulation). A target MAC address mac-addr can be used to specify a unique peer if a multipoint network (Ethernet or FDDI) is used. The lf keyword can be used to set the largest frame size that can be sent ( 516, 1500, 2052, 4472, 8144, 11407, or 17800 bytes). The router negotiates this size across the path . A lower frame size reduces a packet's serialization time across a slower link, resulting in more available time for keepalives and other packets. -
Use FST Encapsulation RSRB. -
Define the local FST router as a peer: (global) source-bridge fst-peername local-interface-address The FST connection is sourced by the IP address of a local Token Ring interface local-interface-address. -
Define the remote FST peer: (global) source-bridge remote-peer ring-group fst ip-address [ lf size ] The remote peer for the local virtual ring ring-group is defined as the router at IP address ip-address. The lf keyword can be used to set the largest frame size that can be sent ( 516, 1500, 2052, 4472, 8144, 11407, or 17800 bytes). The router negotiates this size across the path. A lower frame size reduces a packet's serialization time across a slower link, giving more available time for keepalives and other packets. -
Use TCP Encapsulation RSRB. -
Define the local router as a TCP peer: (global) source-bridge remote-peer ring-group tcp ip-address The local router becomes a TCP peer for local virtual ring ring-group. The IP address ip-address is usually from a local Token Ring interface, although this is not required. -
Define the remote TCP peer: (global) source-bridge remote-peer ring-group tcp ip-address [ lf size ] [ tcp-window-size window ] [ local-ack ] [ priority ] The remote router becomes a TCP peer for local virtual ring ring-group. The IP address ip-address is usually from a remote Token Ring interface, although this is not required. The TCP window size window can be set (10240 to 65535; the default is 10240 bytes). If the window is changed, it should be identical on the local and remote peer routers. The lf keyword can be used to set the largest frame size that can be sent ( 516, 1500, 2052, 4472, 8144, 11407, or 17800 bytes). The router negotiates this size across the path. A lower frame size reduces a packet's serialization time across a slower link, giving more available time for keepalive and other packets. If the two RSRB peers are separated by a large geographic distance or a slow WAN link, sessions between the peers can drop. Local acknowledgment can be configured on both RSRB peers to send LLC2 frame acknowledgments from the local router to a local host. Use the local-ack keyword to enable this function. -
(Optional) Enable passthrough for some sessions: (global) source-bridge passthrough ring-group When local acknowledgment is enabled between RSRB peers ( local-ack ), all sessions from all rings are locally acknowledged by default. If sessions initiated from a specific local ring number ring-group should not be locally acknowledged, they can be passed through. -
(Optional) Filter RSRB traffic. -
Use a SAP filter. -
Define the filter: (global) access-list acc-list-number { permit deny } type-code type-mask The list is numbered acc-list-number (200 to 299). It contains statements that permit or deny packets with a specific 16-bit LSAP or SNAP type-code (four-digit hex with leading 0x). The type-mask is a wildcard mask (four-digit hex; a 1 ignores and a 0 matches). NOTE For DSAP/SSAP pairs, always use a mask of 0x0101. The least-significant bit in each SAP field is used for other purposes. -
Apply the filter to an RSRB peer: (global) rsrb remote-peer ring-group tcp ip-address lsap-output-list acc-list-number -OR- (global) rsrb remote-peer ring-group fst ip-address lsap-output-list acc-list-number -OR- (global) rsrb remote-peer ring-group interface interface lsap-output-list acc-list-number The SAP filter defined by access list acc-list-number is used for outbound traffic to the RSRB remote peer on virtual ring number ring-group. The remote peer is identified by its IP address for TCP encapsulation ( tcp ) and FST encapsulation ( fst ), and by the connecting interface for direct encapsulation ( interface ). -
Use a NetBIOS filter. -
Define the filter: (global) netbios access-list host list-name { permit deny } pattern The access list is named list-name. It either permits or denies packets if the NetBIOS name matches the pattern string. The pattern is a station name, and it can include ? (to match a single character) or * (to match any number of characters to the right). Remember that there is an implicit deny statement at the end of the access list. -
Apply the filter to an RSRB peer: (global) rsrb remote-peer ring-group tcp ip-address netbios-output-list host acc-list-name -OR- (global) rsrb remote-peer ring-group fst ip-address netbios-output-list host acc-list-name -OR- (global) rsrb remote-peer ring-group interface interface netbios-output-list host acc-list-name The NetBIOS filter defined by acc-list-name is used for outbound traffic to the RSRB remote peer on virtual ring number ring-group. The remote peer is identified by its IP address for TCP encapsulation ( tcp ) and FST encapsulation ( fst ), and by the connecting interface for direct encapsulation ( interface ). -
(Optional) Set the RSRB keepalive interval: (interface) source-bridge keepalive seconds Keepalive messages are periodically sent to determine if the remote peer is still accessible. The interval can be set to seconds (10 to 300; the default is 30 seconds). Example Remote source-route bridging is configured between the local router (virtual ring 100) and remote peers at 172.19.68.4 and 172.19.171.7. The routers are connected by an intermediate network through serial interface 8/0. Local acknowledgment is used to prevent SNA session timeouts across the RSRB connections. Figure 5-3 shows a network diagram. The top portion of the figure shows a functional view of remote source-route bridging, as rings and bridges. Notice that RSRB effectively extends virtual ring 100 to the remote peer routers, where further SRB would be configured to other physical rings. The bottom portion shows the corresponding physical topology. Figure 5-3. Network Diagram for the Example source-bridge ring-group 100 source-bridge remote-peer 100 tcp 172.19.3.17 source-bridge remote-peer 100 tcp 172.19.68.4 local-ack source-bridge remote-peer 100 tcp 172.19.171.7 local-ack interface tokenring 0/1 ip address 172.19.3.17 255.255.255.0 source-bridge 5 1 100 ring-speed 16 source-bridge spanning multiring all interface tokenring 1/2 source-bridge 7 1 100 ring-speed 16 source-bridge spanning 10 multiring all interface serial 8/0 description Transit network to remote sites ip address 192.168.14.1 255.255.255.0 |