Interesting Traffic

DDR uses the expression interesting traffic to determine what can bring the circuit up. In fact, the two types of traffic are traffic that can activate the circuit and traffic that can cross the circuit.

graphics/alert_icon.gif

In both real life as well as on the exam, interesting traffic is an area where you can easily trip up because of typos that would be accepted. When taking the exam, carefully examine the statements defining interesting traffic.


Traffic that can activate the circuit is the traffic that the circuit exists for. For example, a bank might have an ATM machine that gets a customer every 3 minutes during the day but averages one every 30 minutes at night, with only two customers between the hours of midnight and 5 a.m. When a customer begins the transaction, the bank branch makes a call to a central location to validate the PIN, verify the customer has enough funds for a withdrawal, and so on. You can set a timer so that as long as interesting traffic ATM data, in this case crosses every few minutes, the link stays up. The bank might decide that it makes sense to have a timeout value of 5 minutes. During this time, the circuit remains up and the timer is reset every time an important piece of data crosses. As long as ATM data keeps crossing in the 5-minute window, the circuit remains up.

Uninteresting Traffic

Uninteresting traffic isn't a "real" term but serves to describe any traffic that can't bring the circuit up. When interesting traffic brings the link up, the circuit is a normal path. Any traffic that ordinarily can cross the link will cross once the link is brought up. If you want to stop traffic from crossing a circuit, you have to find some way to do so; you use an access list or a routing update filter, or you make the interface passive for a routing protocol.

graphics/tip_icon.gif

You can set the passive interface command on a routing protocol to tell that protocol not to send updates out the interface. Updates can still arrive and be processed; it's just that none will leave.


Routing protocols can be either interesting or uninteresting, depending on the way you configure them. If you're using a protocol that updates on a constant basis, you need to understand that the circuit won't drop if that traffic is considered interesting. For instance, what happens if all IP traffic is interesting, and you are using Routing Information Protocol (RIP) routing with a 120-second idle timer and RIP's default of a 30-second refresh rate? Every 30 seconds, RIP sends a packet and the idle timer gets reset. One solution is to make routing updates uninteresting, but another is snapshot routing.

Snapshot Routing

Snapshot routing is the process of making a routing update interesting… sometimes. You configure routing updates to occur every 30 minutes rather than every 30 seconds. When you use "quiet" and "active" periods, if the line is free, the router makes a call, exchanges routing tables, and shuts down on a periodic basis. The router might be quiet for 30 minutes and active for 3, allowing it to get a couple of routing updates, caching the information long term. It then goes into quiet mode and shuts down the connection. If the connection is busy when it hits an active period, it skips the update and stays quiet until the next regularly scheduled active period.

graphics/note_icon.gif

IOS version 12.2 saw the addition of the "persistent" DDR circuit. This circuit is triggered by on-demand traffic and then stays up until it is manually torn down, ignoring all idle timers.


Access Lists

Access lists serve to filter traffic into traffic that meets predefined conditions and traffic that doesn't meet the conditions. What happens to the traffic depends on the configuration. An access list doesn't always serve to filter undesirable traffic; you can use it for many purposes.

One of those purposes is to decide what traffic can bring the link up. When traffic is forwarded to the interface by the routing protocol, the router realizes the circuit is down and must activate the link before the traffic can leave. The router runs the traffic type through the access-list statements to see whether this traffic qualifies. If it matches a permit statement, the link can be brought up.

It's important to note that the router only checks the access list if the circuit is down. If the circuit is up, the router doesn't check the access list and the traffic just continues across.

Remember that most access lists need to specify source and destination, as well as the type of traffic that is considered important. We say "most" because although you could use a standard access list, chances are you would just use a protocol IP permit statement, instead of pointing to an access list. You can use one to point to a single source, but pointing to a single destination is more common.

An extended access-list statement consists of the following command:

 access-list ### <permit | deny> protocol source_ip source_mask <source_port>  destination_ip destination_mask <destination_port> 

The protocol can be IP, TCP, User Datagram Protocol (UDP), and so on, but it can also be something like Open Shortest Path First (OSPF), Encapsulating Security Payload (ESP), and so on. If you're choosing TCP or UDP, you can also specify the ports in question as a single port or a range of ports. You can use any as the source or destination. In fact, any is often used as a catch-all for every other type of traffic that hasn't been specified.

You can use the mask to depict the range of IP addresses that the statement covers. A 1 is an "I don't care" bit, and a 0 indicates the address must match exactly. The representation is based on the IP address form, so a 0 is eight 0s, 255 is eight 1s, and so on. Covering all devices on the Class C 192.168.1 network would be 192.168.1.0 0.0.0.255.

graphics/alert_icon.gif

Cisco exams often try to confuse you with access-list statements. A prime example is an answer that looks right but isn't because it uses IP as the protocol and has port numbers specified.


The following are two examples of access-list statements, the first pointing to a specific machine but allowing all types of traffic, and the second only allowing Telnet traffic:

 access-list 101 permit ip any 192.168.1.2 0.0.0.0 access-list 101 deny ip any any access-list 120 permit tcp any 192.168.1.2 0.0.0.0 eq 23 access-list 120 deny ip any any 


CCNP BCRAN Remote Access Exam Cram 2 (Exam Cram 640 - XXX)
CCNP BCRAN Remote Access Exam Cram 2 (Exam Cram 640 - XXX)
ISBN: N/A
EAN: N/A
Year: 2003
Pages: 183

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net