Lab 19: Configuring Classical IP Using SVCs on Cisco 7XXX Routers, RFC 2225-Part I

 <  Free Open Study  >  

Lab 17: Configuring OSPF Demand Circuits over ISDN

This lab assumes an in-depth knowledge of the various routing protocols. It might be a good idea to read Chapter 12 before attempting this lab. Try to complete this lab on your own by doing some research and looking up the necessary commands first before peeking at the solution provided.

Refer to the network diagram in Figure 7-12 for reference; call this network the ABC company.

Figure 7-12. Network Topology for This Lab

graphics/07fig12.gif

Configure the ABC network so that it satisfies the following requirements:

  1. Configure OSPF and EIGRP as shown previously, and be sure to redistribute between them to ensure full IP connectivity.

  2. The 56-kbps Frame Relay link is the primary means of communication between Green Bay and San Diego. You do not want OSPF traffic to be capable of initiating ISDN calls, but you do want to maintain total connectivity in the case of a Frame Relay outage . ISDN calls should be initiated upon a loss of routes.

  3. Both routers must be capable of initiating calls. Toll charges from Green Bay are cheaper, so be sure that the vast majority of ISDN calls is initiated from Green Bay.

  4. You want to authenticate each ISDN connection, ensuring that the passwords are hidden using MD5 encryption.

  5. The Green Bay router must be configured so that it will accept incoming calls only from the San Diego router.

  6. The ISDN call must disconnect 5 minutes after the routes through the Frame Relay link are restored.

  7. The Frame Relay link is only 56 k. Be sure that your configurations reflect this.

  8. No static routes are to be used in this lab.

Lab 17 Solution

Example 7-62 shows the final configuration solution that meets the aforementioned requirements for this lab.

Example 7-61 Phoenix 2, Phoenix, Green Bay, San Diego, and Minneapolis Router Configurations
 Phoenix2#  show running-config  Building configuration... Current configuration: ! version 11.2 no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname Phoenix2 ! enable password cisco ! ! interface Ethernet0  ip address 170.10.35.2 255.255.255.0 ! interface Ethernet1  no ip address  shutdown ! interface Serial0  no ip address  shutdown  no fair-queue ! interface Serial1  no ip address  shutdown ! router eigrp 1  network 170.10.0.0  no auto-summary ! no ip classless ! ! line con 0  exec-timeout 0 0  privilege level 15  logging synchronous line aux 0 line vty 0 4  password cisco  login ! end _______________________________________________________________________ Phoenix#  show running-config  Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Phoenix ! logging buffered 9096 debugging ! ip subnet-zero isdn switch-type basic-dms100 ! ! ! interface Ethernet0  ip address 170.10.35.1 255.255.255.0  no ip directed-broadcast ! interface Serial0  no ip address  no ip directed-broadcast  shutdown ! interface Serial1  description POINT TO POINT LINK TO GREEN BAY  bandwidth 64  ip address 170.10.23.2 255.255.255.252  no ip directed-broadcast  clockrate 125000 ! router eigrp 1  network 170.10.0.0  no auto-summary ! no ip classless ! ! ! line con 0  privilege level 15  logging synchronous  transport input none line aux 0 line vty 0 4  login ! end _______________________________________________________________________ Green_Bay#  show running-config  Building configuration... Current configuration: ! version 12.0 service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname Green_Bay ! ! username San_Diego password 0 isdnlab ip subnet-zero isdn switch-type basic-dms100 ! ! ! interface Ethernet0  ip address 170.10.22.1 255.255.255.0  no ip directed-broadcast  no keepalive ! interface Serial0  no ip address  no ip directed-broadcast  encapsulation frame-relay  logging event subif-link-status  logging event dlci-status-change  no fair-queue  clockrate 125000 ! interface Serial0.1 point-to-point  description 56K FRAME RELAY CONNECTION  bandwidth 56  ip address 170.10.29.1 255.255.255.252  no ip directed-broadcast  frame-relay interface-dlci 300 ! interface Serial1  description POINT TO POINT LINK TO PHOENIX  bandwidth 64  ip address 170.10.23.1 255.255.255.252  no ip directed-broadcast ! interface BRI0  ip address 170.10.129.1 255.255.255.252  no ip directed-broadcast  encapsulation ppp  ip ospf cost 9999  ip ospf demand-circuit  dialer callback-secure  dialer idle-timeout 300  dialer enable-timeout 5  dialer map ip 170.10.129.2 name San_Diego class isdnlab broadcast 6129319360  dialer-group 1  isdn switch-type basic-dms100  isdn spid1 61293199371111  isdn spid2 61293199381111  isdn caller 6129319360 callback  ppp callback accept  ppp authentication chap ! router eigrp 1  redistribute ospf 1 metric 64 100 200 10 1500  passive-interface BRI0 passive-interface Serial0.1 network 170.10.0.0  no auto-summary ! router ospf 1  redistribute eigrp 1 metric 100 subnets route-map DENY_BRI_ROUTE  network 170.10.29.1 0.0.0.0 area 0  network 170.10.129.1 0.0.0.0 area 0 passive-interface Serial1 ! no ip classless ! ! map-class dialer isdnlab  dialer callback-server username access-list 1 permit 170.10.129.0 0.0.0.3 dialer-list 1 protocol ip permit route-map DENY_BRI_ROUTE deny 10  match ip address 1 ! route-map DENY_BRI_ROUTE permit 20 ! ! ! line con 0  privilege level 15  logging synchronous  transport input none line aux 0 line vty 0 4  login ! end _______________________________________________________________________ San_Diego#  show running-config  Building configuration... Current configuration: ! version 11.2 no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname San_Diego ! enable password cisco ! username Green_Bay password 0 isdnlab ip subnet-zero no ip domain-lookup isdn switch-type basic-dms100 ! interface Ethernet0  no ip address  no keepalive  media-type 10BaseT ! interface Ethernet1  no ip address  media-type 10BaseT ! interface Ethernet2  no ip address  shutdown  media-type 10BaseT ! interface Ethernet3  no ip address  shutdown  media-type 10BaseT ! interface Ethernet4  no ip address  shutdown  media-type 10BaseT ! interface Ethernet5  no ip address  shutdown  media-type 10BaseT ! interface Serial0  no ip address  encapsulation frame-relay ! interface Serial0.1 point-to-point  description 56K FRAME RELAY CONNECTION  ip address 170.10.29.2 255.255.255.252  bandwidth 56  frame-relay interface-dlci 200 ! interface Serial1  ip address 170.10.49.2 255.255.255.252  clockrate 125000 ! interface Serial2  no ip address  shutdown ! interface Serial3  no ip address  shutdown ! interface BRI0  ip address 170.10.129.2 255.255.255.252  encapsulation ppp  ip ospf cost 9999  ip ospf demand-circuit  isdn spid1  61293193601111  isdn spid2  61293197761111 dialer idle-timeout 300  dialer wait-for-carrier-time 10  dialer map ip 170.10.129.1 name Green_Bay broadcast 6129319937  dialer-group 1  no fair-queue  ppp callback request  ppp authentication chap ! interface BRI1  no ip address  shutdown ! interface BRI2  no ip address  shutdown ! interface BRI3  no ip address  shutdown ! router ospf 1  network 170.10.29.2 0.0.0.0 area 0  network 170.10.129.2 0.0.0.0 area 0  network 170.10.49.2 0.0.0.0 area 1 ! ip classless ! dialer-list 1 protocol ip permit ! line con 0  exec-timeout 0 0  privilege level 15  logging synchronous line aux 0 line vty 0 4  exec-timeout 0 0  privilege level 15  logging synchronous  no login ! end _______________________________________________________________________ Minneapolis#  show running-config  Building configuration... Current configuration: ! version 11.2 no service password-encryption no service udp-small-servers no service tcp-small-servers ! hostname Minneapolis ! enable password cisco ! ! interface Ethernet0  ip address 170.10.44.1 255.255.255.0  no keepalive ! interface Serial0  no ip address  shutdown  no fair-queue ! interface Serial1  ip address 170.10.49.1 255.255.255.252 ! router ospf 1  network 170.10.0.0 0.0.255.255 area 1 ! no ip classless ! ! line con 0  privilege level 15  logging synchronous line aux 0 line vty 0 4  privilege level 15  password cisco  no login ! end 

Lab 17 Solution Discussion

Again, nothing special is going on with the Phoenix, Phoenix 2, and Minneapolis configurations. They are being used here only to generate routes. The bulk of the configuration commands needed for this lab are done with the Green Bay router.

This lab hinted at the use of OSPF demand circuit, in that it asked the ISDN link to be brought up in the case of a loss of routes over the Frame Relay connection. If the lab had asked you to have the ISDN line come up in case of physical loss of connectivity on the Frame Relay link, using the backup interface option would have been more appropriate.

To satisfy requirement 3, Green Bay was set up as a callback router. Requirement 4 asked for authentication using MD5 encryption, so CHAP had to be configured. We also set it up with ISDN caller ID to satisfy requirement 5. Both Green Bay and San Diego have dialer map statements, so both have the capability to issue ISDN calls. Requirement 6 was satisfied with setting the dialer idle-timeout to 300 seconds on both ends of the ISDN connection.

The biggest issue with this particular lab is getting the ISDN line to remain quiet when the network is stable. If you were able to do this without first looking at the solution, you should be proud of your accomplishment.

The important thing to notice about the Green Bay router configuration is the use of the route map statement when redistributing EIGRP into OSPF. Recall from the OSPF demand circuit section that sometimes you need to do more than simply issue the ip ospf demand-circuit command. This lab network is a classic example of this. When redistributing EIGRP into OSPF on the Green Bay router, you have effectively created a routing loop because the BRI interface (170.10.129.1) also is included with the EIGRP network. Because of this, this interface constantly is being redistributed into OSPF from EIGRP, and vice versa. To fix this, you needed to use a route map to deny the 170.10.129.0/30 network from being redistributed into OSPF. An alternative to using a route map would have been to use a distribute list, denying this network from being redistributed.

One other important thing to note is the use of the ip ospf cost 9999 command under the BRI interface of the Green Bay and San Diego routers. Remember that requirement 7 of the lab basically requires you to use the bandwidth 56 command under interface s0.1 of both routers. Because of this, OSPF actually preferred the BRI link because it had a lower cost. This was fixed by increasing the OSPF cost to an artificially high number on the BRI interface. This number didn't have to be this high, but we chose to use 9999 for emphasis. You also could have used the ip ospf cost command on the Serial 0.1 of these routers to decrease the cost.

 <  Free Open Study  >  


CCIE Practical Studies, Volume I
CCIE Practical Studies, Volume I
ISBN: 1587200023
EAN: 2147483647
Year: 2001
Pages: 283
Authors: Karl Solie

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net