Router Installation and Configuration Manual/Configuring an ISDN BRI Interface

From ImageStream Router Documentation

(Difference between revisions)
Jump to: navigation, search
(Major fixes to configurations)
(Configuring Dial-Backup Parameters)
Line 345: Line 345:
:In the default configuration below, we have instructed the dialer to dial the remote system "core" using B channel speeds of 64 Kbps when traffic is received for the default gateway (0.0.0.0).  
:In the default configuration below, we have instructed the dialer to dial the remote system "core" using B channel speeds of 64 Kbps when traffic is received for the default gateway (0.0.0.0).  
-
Dial-in router:
+
:Dial-in router:
       !  
       !  
       interface bri0  
       interface bri0  
Line 352: Line 352:
       isdn switch-type edss1  
       isdn switch-type edss1  
       isdn msn 8675309  
       isdn msn 8675309  
-
       isdn callin 5551212  
+
       isdn callin 5551212
       username imagestream password isis  
       username imagestream password isis  
       ip address 20.0.0.1 255.255.255.252  
       ip address 20.0.0.1 255.255.255.252  
       !  
       !  
-
Dial-out router:
+
:Dial-out router:
       !  
       !  
       interface bri0  
       interface bri0  
Line 372: Line 372:
       dialer map ip 0.0.0.0 name core 8675308  
       dialer map ip 0.0.0.0 name core 8675308  
       ip address 20.0.0.2 255.255.255.252  
       ip address 20.0.0.2 255.255.255.252  
-
       !  
+
       !
====Configuring Dial-Backup Using Routing====
====Configuring Dial-Backup Using Routing====

Revision as of 19:54, 30 June 2009

This chapter describes how to configure the ImageStream router serial WAN interfaces without integrated CSU/DSUs and includes the following topics:
  • WAN Port Uses
  • Understanding the Network Interface Configuration File
  • Configuring an ISDN BRI Internface
  • Default ISDN BRI Interface Configuration
  • Customizing the Configuration
  • Configuring Additional ISDN BRI Devices
Before configuring the WAN interface, you must make the appropriate cabling connection for your needs. Refer to the hardware installation guide for your ImageStream product for information on making the WAN connection. See the Command Reference for more detailed command descriptions and instructions.

Contents

WAN Port Uses

WAN ports uses is explained in detail in Chapter 7, Router Installation and Configuration Manual/Configuring a Synchronous Serial WAN Interface and in Chapter 31 Router Installation and Configuration Manual/Basic Networking.

Understanding the Network Interface Configuration File

The wan.conf file is explained in detail in Chapter 5, Router Installation and Configuration Manual/Configuring a LAN Interface, and in Chapter 31, Router Installation and Configuration Manual/Basic Networking.

Configuring an ISDN BRI Interface

ISDN is most commonly used to provide low-cost connectivity between sites that cannot justify the cost of a dedicated high-speed leased line. However, ISDN connections provide more bandwidth than asynchronous dial-up connections can, as well as quicker call completion - approximately 1 second instead of 45 seconds.
ImageStream routers support manual dial-on-demand and automatic ISDN connections using a BRI interface card and the PPP protocol. BRI supports two 64Kbps B channels for data and one 16Kbps D channel for signaling. ISDN ports are available as either a U or S/T interface. The ISDN BRI U interface card has the NT1 device integrated in the port, meaning that no modem, CSU/DSU, or external terminal adapter is required. For the ISDN S/T interface, the BRI interface requires an external terminal adapter to connect from the S/T port to the ISDN line.
Once you have determined the type of synchronous connection to use between your remote locations, the synchronous port on each end of the connection must be configured. If your WAN interface is not an ISDN BRI interface, please see the appropriate chapter in this manual.
     Configuration menu 
     1. AAA (Password) Configuration 
     2. Global configuration 
     3. Network interface configuration 
     4. Firewall and QOS configuration 
     5. Service configuration 
     6. Dynamic routing configuration 
     7. Save configuration to flash 
     0. ISis-Router main menu 
From the "Configuration menu", select menu option 3, Network interface configuration, and press Enter. This will open the ImageStream router's primary configuration file, wan.conf in the default editor. The wan.conf file is also accessible from the command line in the /usr/local/sand directory.

Default ISDN BRI Interface Configuration

The default values of cards equipped with a basic rate ISDN (BRI) interface are as follows:
  • U.S. NI-1 switch type is enabled.
  • No port description is configured for any port.
  • PPP encapsulation is enabled.
  • Bridging is not configured.
Remember that default settings are not necessarily shown in the configuration file.

Customizing the Configuration

To customize the WAN port configurations, complete the following sections. The ordering of the commands is done by convention, but a specific order is not required. Likewise, all configurations are indented to make configurations easy to read, but indentation is not required. In general, ImageStream follows this ordering convention:
  1. Comments
  2. Port description
  3. BRI ISDN configuration settings
  4. PPP encapsulation settings
  5. Other optional settings
  6. IP address/netmask
  7. Secondary IP addresses/netmasks


Setting the Device Name

The default configuration uses "Serial0" as the device name. In this chapter, we will discuss the configuration of ISDN BRI interfaces. The interface name used for BRI interfaces is bri. To assign the proper device name to a port, enter this command in the wan.conf file in the Serial interface configuration section:
     interface briXX 
The "XX" above denotes the number of the BRI interface. The first ISDN BRI port will be bri0, then bri1 and so forth. Using the router's default configuration below, we have modified the interface name to reflect the use of ISDN BRI interface:
     ! 
     interface bri0 
      shutdown 
      description Connection to provider 
      encapsulation hdlc 
      ip address 192.168.10.1 255.255.255.252 
     !

Setting the Port Description

You can assign description to all WAN ports. Although this feature is optional, it may be particularly useful to assign names to facilitate administration. Setting a description does not change the operation or name of the port.
To assign a description to a port, enter this command in the wan.conf file in the bri interface configuration section:
     description string 
Using the router's default configuration below, we have modified the description for bri0:
     ! 
     interface bri0 
      shutdown 
      description Connection to provider 
      encapsulation hdlc 
      ip address 192.168.10.1 255.255.255.252
     !

Setting the IP Address and Netmask

During the initial installation process, you will set the IP address and netmask for the bri interface. To change the IP address and netmask of the bri interface from the default, modify the ip address command. The syntax of this command is:
     ip address ipaddress netmask 
Set the IP address to the address to be used by the serial interface of the router on your network. If you have divided your network into subnets, enter the subnet mask that identifies how your network addresses are divided between the network portion and the host portion.
Using the default configuration below, we have set the bri0 IP address to 20.0.0.2 with a netmask of 255.255.255.252. Often, with numbered point-to-point Serial links, the netmask will be a /30 (a subnet with 2 valid addresses). Remember you will need to substitute your address and netmask for your network.
     ! 
     interface bri0 
      shutdown 
      description Connection to provider
      encapsulation hdlc 
      ip address 20.0.0.2 255.255.255.252
     !

Setting Serial Transport Encapsulation

The serial transport encapsulation must be set to PPP for an ISDN BRI port. The syntax of this command is:
     encapsulation ppp 
In the default configuration below, we specified PPP encapsulation. This encapsulation type is the only valid type for ISDN BRI interfaces.
     ! 
     interface bri0 
      shutdown 
      description Connection to provider
      encapsulation ppp 
      ip address 20.0.0.2 255.255.255.252
     !

Enabling or Disabling a Serial Interface

To disable an interface, use the shutdown interface configuration command. Unlike other command line interfaces, the wan.conf file does not require a "no" version of a command to reverse the operation. Entering "no" followed by a command will be ignored by SAND.
By default, bri0 is disabled in the default configuration below because the shutdown command has been entered.
     ! 
     interface bri0 
      shutdown 
      description Connection to provider
      encapsulation hdlc 
      ip address 20.0.0.2 255.255.255.252
     !
To enable bri0 in the configuration, remove the shutdown command. Do not use "no shutdown", as this will be ignored by SAND. It is not necessary to enter "no" and a command to negate the command. Simply remove the command from the configuration file.

Adding Comments to a Serial Configuration

Comments may be added to the Serial configuration, or anywhere in the wan.conf file by inserting a line that begins with the # symbol. The contents of the line will be ignored by SAND. Comments may be used to place contact information, ticket numbers, circuit IDs or any other information into the wan.conf file. There are no limits on the number or length of comments that may be inserted.
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      ip address 20.0.0.2 255.255.255.252
     !

Scaling the Connection Speed Calculation

For some media, such as Ethernet and Token Ring, the bandwidth is fixed; for other media, such as serial lines, you can change the actual bandwidth by adjusting the hardware. ISDN BRI interfaces automatically calculate the bandwidth setting based on the number and speed of ISDN B channels connected on the interface. The bandwidth statement is not used.

Configuring ISDN BRI Switch Settings

Configuring the ISDN Switch Type

ImageStream ISDN BRI interface cards are capable of interoperating with many different ISDN switches. The default setting is for the North American National ISDN, or NI-1, switch, but the BRI card can also support German 1tr6 and European EDSS-1/NET3 (Euro-ISDN) switches. For use in most other environments, a none option that does not set any specific ISDN switch variables is supported.
The isdn switch-type command is used to set the ISDN BRI card to use a particular ISDN switch configuration. The syntax of the isdn switch-type command is:
     isdn switch-type type 
where the type is either 1tr6 (or basic-1tr6, which is equivalent), edss1 (or basic-net3, which is equivalent), ni1 (or basic-ni, which is equivalent) or none. In the default example below, we have set the isdn switch-type command to use Euro-ISDN.
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1 
      ip address 20.0.0.2 255.255.255.252
     !

Configuring the ISDN Telephone Numbers - North America

The Service Profile Identifier (SPID) is a unique number assigned by the telephone company that identifies your ISDN equipment to the telephone company's switch. SPID's are used only in the United States. A SPID can have up to 20 digits. Each B channel on an ISDN BRI interface will have a SPID, for a maximum of 2 per ISDN circuit. To configure SPID's, use the isdn spid1 and isdn spid2 commands:
     isdn spid1 number 
     isdn spid2 number 
These numbers will be assigned by the telephone company. Enter the commands into the bri configuration, for example:
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type basic-ni 
      isdn spid1 5551212 
      isdn spid2 5551213 
      ip address 20.0.0.2 255.255.255.252
     !

Configuring the ISDN Telephone Numbers - Europe/Germany

Euro-ISDN subscribers can assign more than one ISDN number to an ISDN line. For example, an ISDN line could have the numbers 1234567 and 1234568. Each of these numbers could be used to dial into the ISDN line. These numbers are referred to as Multiple Subscriber Numbers (MSN). German ISDN networking uses a similar concept called EAZ numbering.
For dial-out ISDN interfaces, the MSN/EAZ number specifies the outgoing phone number. For dial-in ISDN interfaces, the MSN/EAZ number specifies the phone number that will be answered. If you are unsure of your MSN/EAZ number, or do not know if you should use one, do not enter these commands. To configure an MSN or EAZ, use the isdn msn or equivalent isdn eaz command:
     isdn msn number 
     isdn eaz number 
This number will be assigned by the telephone company. Both commands function in the same manner. Enter the command into the bri configuration, for example:
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      ip address 20.0.0.2 255.255.255.252
     !

Configuring ISDN BRI Interface Characteristics

Configuring Incoming Call Acceptance

By default BRI interface accept and answer all incoming calls. You can specify that the router verify the incoming phone number, if the number is delivered by the ISDN switch. To limit inbound calls to specific phone numbers, use the isdn callin command:
     isdn callin [ phone1, phone2 ... ] 
Enabling this command will limit accepted inbound calls to those numbers specified in the command only. Calls from other or unidentified numbers will be rejected when this command is enabled. In the configuration below, an isdn callin command has been added:
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      isdn callin 12345678 
      ip address 20.0.0.2 255.255.255.252
     !

Configuring the PPP Username and Password for Incoming Calls

A username and password is used by the local router to authenticate the PPP peer. When the peer sends its username and password, the local router will check whether that username and password are configured locally. If there is a successful match, the peer is authenticated. To set the username and password, use the username command:
     username username password password 
In the default configuration below, the username command has been added:
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection from remote 
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      isdn callin 12345678 
      username imagestream password isis 
      ip address 20.0.0.2 255.255.255.252 
     ! 

Configuring the PPP Authentication Method

PPP currently supports two authentication protocols:
  1. Password Authentication Protocol (PAP)
  2. Challenge Handshake Authentication Protocol (CHAP)
Both are specified in RFC 1334 and are supported on synchronous and asynchronous interfaces.
PAP is not a secure authentication protocol. Passwords are sent across the link in clear text and there is no protection from playback or trail-and-error attacks. The remote node is in control of the frequency and timing of the login attempts. CHAP is considered to be more secure because the user password is never sent across the connection. CHAP authentication will be used in the configuration examples in this chapter. See the Command Reference for PAP authentication commands.
The authentication method is set using the ppp authentication command:
     ppp authentication [ pap | chap ]

Configuring the PPP Username and Password for Remote Authentication

A username and password can be used by the remote router to authenticate the local PPP peer. When the local peer sends its username and password, the remote router will check whether that username and password are configured locally. If there is a successful match, the peer is authenticated. This command is used when remote authentication is required upon dialin or with outgoing calls. To set the remote username and password for CHAP, use the ppp chap hostname command:
     ppp chap hostname username password password 
In the configuration below, the ppp chap hostname command has been added:
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      isdn callin 12345678 
      ppp authentication chap 
      ppp chap hostname imagestream password isis 
      ip address 20.0.0.2 255.255.255.252 
     !      

Configuring Multilink PPP (MLPPP)

Defined by RFC 1990, Multilink PPP (MLPPP) allows devices to send data over multiple point-to-point data links to the same destination by implementing a virtual link. The MLPPP connection has a maximum bandwidth equal to the sum of the bandwidths of the component links. For ISDN BRI connections, MLPPP is used to bond both B channels together into a single 112Kbps or 128 Kbps connection.
For MLPPP operation, enter the ppp multilink command.


Configuring ISDN BRI for Dial-On-Demand and Dial-Backup

A backup interface is an interface that stays idle until certain circumstances occur; then it is activated. A backup interface for a serial interface can be an ISDN interface or a different serial interface. A backup interface can be configured to be activated when any of the following three circumstances occurs:
  1. The primary line goes down.
  2. The load on the primary ISDN B channel reaches a certain threshold.
  3. Traffic is sent to a particular IP address or the next hop address.


Configuring Dial-on-Demand for a Second B Channel

You can configure dial-on-demand to activate the secondary B channel based on the traffic load on the primary B channel. The router monitors the traffic load and computes a 5-minute moving average based on a value out of 255. If this average exceeds the value you set for the line, the secondary B channel is activated and, depending upon how the line is configured, some or all of the traffic will flow onto the secondary dialup line.
Use the isdn load-threshold command to set the load average that triggers the second B channel. The value is a number from 0 to 255, with 255 being the heaviest load:
     isdn load-threshold value 
In the default configuration below, we have set the threshold to 100 out of 255, which is about 3137 bps (100/255 is .392 * 8000 Bps for a 64 Kbps B channel = 3137).
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935 
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1  
      isdn msn 5551212 
      isdn callin 12345678 
      username imagestream password isis
      ppp authentication chap 
      ppp chap hostname imagestream password isis
      isdn load-threshold 100 
      ip address 20.0.0.2 255.255.255.252
     !

Enabling Dial-Backup for ISDN BRI

You can configure dial-on-demand to activate the ISDN BRI interface when traffic is sent to the interface. To specify that dial-on-demand routing is to be supported, use the dialer in-band command in interface configuration mode. Adding this command to the configuration will instruct the router to bring up this link when traffic is sent to the device. If dialer in-band is not specified, the router will assume that the BRI port is a dedicated line and will dial-out automatically and remain connected.
In the default configuration below, we have removed the isdn load-threshold command and added dialer in-band for use with dial-on-demand routing.
     ! 
     interface bri0 
      #NOC phone: 800-555-1212 - Our account #58935
      description Connection to provider 
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      isdn callin 12345678 
      username imagestream password isis
      ppp authentication chap 
      ppp chap hostname remote password isis1234
      dialer in-band 
      ip address 20.0.0.2 255.255.255.252
     !

Configuring Dial-Backup Parameters

To configure a serial interface or ISDN interface to call one or multiple sites or to receive calls from multiple sites, use a form of the dialer map ip command. This command instructs the dialer to authenticate or place a call when traffic is received for the specified IP address.
If the router will be connecting to a remote site, you can specify a dial string and an optional speed parameter using the dialer map ip command. This option informs the ISDN software whether it should place a call at 56 or 64 Kbps. If you omit the ISDN speed parameter, the default is 64 Kbps. The syntax of the dialer map ip command is:
      dialer map ip next-hop-address [broadcast] [name hostname] [speed 56 | speed 64] [dial-string] 
In the default configuration below, we have instructed the dialer to dial the remote system "core" using B channel speeds of 64 Kbps when traffic is received for the default gateway (0.0.0.0).
Dial-in router:
     ! 
     interface bri0 
      description Dial-in ISDN link
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 8675309 
      isdn callin 5551212
      username imagestream password isis 
      ip address 20.0.0.1 255.255.255.252 
     ! 
Dial-out router:
     ! 
     interface bri0 
      description Dial-out ISDN link
      encapsulation ppp 
      isdn switch-type edss1 
      isdn msn 5551212 
      ppp authentication chap 
      ppp chap hostname imagestream password isis
      dialer in-band 
      # First B channel dials 8675309 
      dialer map ip 0.0.0.0 name core 8675309 
      # Second B channel dials 8675308 
      dialer map ip 0.0.0.0 name core 8675308 
      ip address 20.0.0.2 255.255.255.252 
     !

Configuring Dial-Backup Using Routing

Instead of using the dialer map ip command, dial-on-demand routing can be configured using routing metrics on the interface. Specifying a secondary route with a higher metric value will also allow the ISDN BRI interface to operate in dial-on-demand mode. In the example below, the routing commands will add a primary default gateway through Serial0 and a lower priority route through bri0. This secondary route will only be used if Serial0 is unavailable. The first packet sent via this secondary route will cause the dialer to bring up the ISDN BRI link.
     ! 
      # Add the primary default gateway via the T1 
      ip route 0.0.0.0 0.0.0.0 Serial0 
      # Add a lower priority route via bri0 
      ip route 0.0.0.0 0.0.0.0 bri0 metric 10 
     ! 
Note: You must save the settings to the router's non-volatile flash memory! If the router is rebooted before saving, your changes will be lost! See Chapter 26, "Backup/Restore Menu: Managing Configurations" for more information.
Personal tools
Router software releases