Router Installation and Configuration Manual/Configuring an ISDN BRI Interface
From ImageStream Router Documentation
- This chapter describes how to configure the ImageStream router serial WAN interfaces without integrated CSU/DSUs and includes the following topics:
- WAN Port Uses”
- Understanding the Network Interface Configuration File
- Configuring an ISDN BRI Internface
- Default ISDN BRI Interface Configuration
- Customizing the Configuration
- Configuring Additional ISDN BRI Devices
- Before configuring the WAN interface, you must make the appropriate cabling connection for your needs. Refer to the hardware installation guide for your ImageStream product for information on making the WAN connection. See the Command Reference for more detailed command descriptions and instructions.
WAN PORT USES
- WAN ports are used for high-speed dedicated connections between two local area networks (LANs). Once a connection is established between two sites, a wide area network (WAN) is achieved. WAN connections can be achieved through the use of dedicated leased lines such as T1, E1 or higher bandwidth lines, SONET/SDH connections, ATM connections, Frame Relay connections, or ISDN lines. Connection rates can range from 9600bps to 2.048Mbps (E1) to 2.488Gbps (OC-48). ImageStream routers support these connection types using one or more serial ports with or without integrated CSU/DSUs.
- Diagram under Construction
- All WAN port connections are very similar and are represented in the diagram at left.
- For most applications, a dedicated line connects two routers, each located on a separate remote network. The following examples describe various uses for synchronous ports.
- Routing over Leased Lines. A serial port with or without integrated CSU/DSUs can be used to connect to synchronous leased lines from 9600bps to T1 (1.544Mbps) or E1 (2.048Mbps) to DS3 (44.736Mbps) or E3 (34.368Mbps) for continuous operation. Synchronous optical network (SONET) or Synchronous Digital Hierarchy (SDH) interfaces use optical instead of copper wiring and commonly operate at speeds from OC-3/STM- (155.52Mbps) to OC-48/STM-16 (2.488Gbps) and higher. A channel service unit/digital service unit (CSU/DSU) must be attached to the serial port, or integrated into the serial card. For more information about configuring cards with integrated CSU/DSUs, See the chapter “Configuring an Integrated CSU/DSU WAN Interface.”
- Routing over ATM. ATM (asynchronous transfer mode) is a dedicated-connection switching technology that organizes digital data into 53-byte cell units (48 bytes of data, 5 bytes of overhead) and transmits them over a physical medium using digital signal technology. Individually, a cell is processed asynchronously relative to other related cells. Like frame relay, two advantages over a leased line network are lower cost and the ability to have multiple virtual circuits (VCs) come into a single physical port. It is especially popular for DSL service and hub-and-spoke network arrangements. However, unlike frame relay, ATM is designed for easy implementation in hardware (rather than software) and is designed for optical links at higher speeds. For more information about configuring ATM, See the chapter “Configuring an ATM Interface.”
- Routing over Frame Relay. Frame Relay provides connectivity using a packet-switched network. Its two advantages over a leased line network are lower cost and the ability to have multiple permanent virtual circuits (PVCs) come into a single physical port. It is especially popular for hub-and-spoke network arrangements. For example, a dozen field offices with T1 or fractional T1 Frame Relay connections can connect to a central office using a single DS3, fractional DS3 or T1 Frame Relay connection. The central office requires only one CSU/DSU and serial port on the router, instead of twelve. For more information about configuring frame relay, See the chapter “Configuring a Frame Relay Interface.”
- Routing over ISDN. Integrated Services Digital Network (ISDN) provides fast dial-up connectivity for applications where the expense of a dedicated Frame Relay, ATM or leased line connection is not appropriate for the amount and nature of the traffic.
CONFIGURING AN ISDN BRI INTERFACE
- ISDN is most commonly used to provide low-cost connectivity between sites that cannot justify the cost of a dedicated high-speed leased line. However, ISDN connections provide more bandwidth than asynchronous dial-up connections can, as well as quicker call completion—approximately 1 second instead of 45 seconds.
- ImageStream routers support manual dial-on-demand and automatic ISDN connections using a BRI interface card and the PPP protocol. BRI supports two 64Kbps B channels for data and one 16Kbps D channel for signaling. ISDN ports are available as either a U or S/T interface. The ISDN BRI U interface card has the NT1 device integrated in the port, meaning that no modem, CSU/DSU, or external terminal adapter is required. For the ISDN S/T interface, the BRI interface requires an external terminal adapter to connect from the S/T port to the ISDN line.
- Once you have determined the type of synchronous connection to use between your remote locations, the synchronous port on each end of the connection must be configured. If your WAN interface is not an ISDN BRI interface, please see the appropriate chapter in this manual.
Configuration menu 1. AAA (Password) Configuration 2. Global configuration 3. Network interface configuration 4. Firewall and QOS configuration 5. Service configuration 6. Dynamic routing configuration 7. Save configuration to flash 0. ISis-Router main menu
- From the “Configuration menu”, select the “Network interface configuration” option by pressing 3 and Enter. This will open the ImageStream router’s primary configuration file, wan.conf in the default editor. The wan.conf file is also accessible from the command line in the /usr/local/sand directory.
UNDERSTANDING THE NETWORK INTERFACE CONFIGURATION FILE
- wan.conf is the primary configuration file used by ImageStream’s open source Standard Architecture for Network Drivers (SAND). SAND handles configuration and management of all LAN and WAN devices on an ImageStream router. For more information about ImageStream’s SAND technology, visit the ImageStream Web site at http://www.imagestream.com/SAND.html. See the Command Reference for more detailed command descriptions and instructions.
- The default wan.conf file is:
! version 2.00 ! interface Ethernet0 ip address 10.10.199.199 255.0.0.0 ! interface Serial0 shutdown description Port 0 encapsulation hdlc ip address 192.168.10.1 255.255.255.252 ! # Set the default route via Serial0 using the device #ip route add 0.0.0.0/0 dev Serial0 # Set the default route via Serial0 using an IP #ip route add default via 192.168.10.2 ! end
- The values in the default file are explained below.
- version 2.00:
- Denotes the version number of the configuration file and driver set. This value is set by ImageStream and should not be changed or modified.
- interface Ethernet0:
- Denotes the start of the configuration section for the first Ethernet device in your system. All commands that follow this line until the next ! mark will be applied to Ethernet0.
- ip address 10.10.199.199 255.0.0.0:
- Specifies the IP address and netmask for Ethernet0.
- !, end:
- Signifies the end of a configuration section or the end of the wan.conf file. You must include a “!” to delimit each section of the configuration file and an “end” statement at the end of the file.
- interface Serial0:
- Denotes the start of the configuration section for the first Serial port in your system. All commands that follow this line until the next ! mark will be applied to Serial0.
- Instructs the router not to start this port when SAND is started or reloaded.
- description Port 0:
- Sets a description for this device. The description is optional used for reporting purposes in other utilities. Setting a value here does not affect the operation of the port.
- encapsulation hdlc:
- Specifies the Cisco HDLC protocol for this serial port.
- ip address 192.168.10.1 255.255.255.252:
- Specifies the IP address and netmask for Serial0.
- # Set the default route via Serial0 using the device:
- A comment inserted in the configuration file. Lines that begin with # or ! are ignored by SAND when starting or reloading configurations.
- #ip route add 0.0.0.0/0 dev Serial0:
- A route statement setting the default route to the Serial0 device. Note that this command is commented out, so it will be ignored by SAND.
- #ip route add default via 192.168.10.2:
- A route statement setting the default route to the IP address of 192.168.10.2. Note that this command is commented out, so it will be ignored by SAND. This command also uses the alternate default route designator of default instead of the numeric 0.0.0.0/0. The designators are equivalent.
DEFAULT ISDN BRI INTERFACE CONFIGURATION
- The default values of cards equipped with a basic rate ISDN (BRI) interface are as follows:
- U.S. NI-1 switch type is enabled.
- No port description is configured for any port.
- PPP encapsulation is enabled.
- Bridging is not configured.
- Remember that default settings are not necessarily shown in the configuration file.
CUSTOMIZING THE CONFIGURATION
- To customize the WAN port configurations, complete the following sections. The ordering of the commands is done by convention, but a specific order is not required. Likewise, all configurations are indented to make configurations easy to read, but indentation is not required. In general, ImageStream follows this ordering convention:
- Port description
- BRI ISDN configuration settings
- PPP encapsulation settings
- Other optional settings
- IP address/netmask
- Secondary IP addresses/netmasks
Setting the device name
- The default configuration uses “Serial0” as the device name. In this chapter, we will discuss the configuration of ISDN BRI interfaces. The interface name used for BRI interfaces is “bri”. To assign the proper device name to a port, enter this command in the wan.conf file in the Serial interface configuration section:
- interface briXX:
- “XX” above denotes the number of the BRI interface. The first ISDN BRI port will be bri0, then bri1 and so forth. Using the router’s default configuration below, we have modified the interface name to reflect the use of ISDN BRI interface:
! interface bri0 shutdown description Connection to provider encapsulation hdlc ip address 192.168.10.1 255.255.255.252 !
Setting the port description
- You can assign description to all WAN ports. Although this feature is optional, it may be particularly useful to assign names to facilitate administration. Setting a description does not change the operation or name of the port.
- To assign a description to a port, enter this command in the wan.conf file in the Serial interface configuration section:
- description string:
- Using the router’s default configuration below, we have modified the description for Serial0:
! interface bri0 shutdown description Connection to provider encapsulation hdlc ip address 192.168.10.1 255.255.255.252 !
Setting the IP address and netmask
- During the initial installation process, you will set the IP address and netmask for the
Serial interface. To change the IP address and netmask of the Serial interface from the default, modify the ip address command. The syntax of this command is:
- ip address ipaddress netmask
- Set the IP address to the address to be used by the serial interface of the router on your network. If you have divided your network into subnets, enter the subnet mask that identifies how your network addresses are divided between the network portion and the host portion.
- Using the default configuration below, we have set the Serial0 IP address to 22.214.171.124 with a netmask of 255.255.255.252. Often, with numbered point-to-point Serial links, the netmask will be a /30 (a subnet with 2 valid addresses). Remember you will need to substitute your address and netmask for your network.
! interface bri0 shutdown description Connection to provider encapsulation hdlc ip address 126.96.36.199 255.255.255.252 !
Setting serial transport encapsulation
- The serial transport encapsulation must be set to PPP for an ISDN BRI port. The syntax of this command is:
- encapsulation ppp :
In the default configuration below, we specified PPP encapsulation. This encapsulation type is the only valid type for ISDN BRI interfaces.
! interface bri0 shutdown description Connection to provider encapsulation ppp ip address 188.8.131.52 255.255.255.252 !
Enabling or disabling a Serial interface
- To disable an interface, use the shutdown interface configuration command. Unlike other command line interfaces, the wan.conf file does not require a “no” version of a command to reverse the operation. Entering “no” followed by a command will be ignored by SAND.
- By default, bri0 is disabled in the default configuration below because the shutdown command has been entered.
! interface Serial0 shutdown description Connection to provider encapsulation hdlc ip address 184.108.40.206 255.255.255.252 !
- To enable bri0 in the configuration, remove the shutdown command. Do not use “no shutdown”, as this will be ignored by SAND. It is not necessary to enter “no” and a command to negate the command. Simply remove the command from the configuration file.
Adding comments to a Serial configuration
- Comments may be added to the Serial configuration, or anywhere in the wan.conf file by inserting a line that begins with the # symbol. The contents of the line will be ignored by SAND. Comments may be used to place contact information, ticket numbers, circuit IDs or any other information into the wan.conf file. There are no limits on the number or length of comments that may be inserted.
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp ip address 220.127.116.11 255.255.255.252 !
Scaling the connection speed calculation
- For some media, such as Ethernet and Token Ring, the bandwidth is fixed; for other media, such as serial lines, you can change the actual bandwidth by adjusting the hardware. ISDN BRI interfaces automatically calculate the bandwidth setting based on the number and speed of ISDN B channels connected on the interface. The bandwidth statement is not used.
CONFIGURING ISDN BRI SWITCH SETTINGS
Configuring the ISDN switch type
- ImageStream ISDN BRI interface cards are capable of interoperating with many different ISDN switches. The default setting is for the North American National ISDN, or NI-1, switch, but the BRI card can also support German 1tr6 and European EDSS-1/NET3 (Euro-ISDN) switches. For use in most other environments, a none option that does not set any specific ISDN switch variables is supported.
- The isdn switch-type command is used to set the ISDN BRI card to use a particular ISDN switch configuration. The syntax of the isdn switch-type command is:
- isdn switch-type type:
- where the type is either 1tr6 (or basic-1tr6, which is equivalent), edss1 (or basic-net3, which is equivalent), ni1 (or basic-ni, which is equivalent) or none. In the default example below, we have set the isdn switch-type command to use Euro-ISDN.
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 ip address 18.104.22.168 255.255.255.252 !
Configuring the ISDN telephone numbers - North America
- The service profile identifier (SPID) is a unique number assigned by the telephone company that identifies your ISDN equipment to the telephone company’s switch. SPIDs are used only in the United States. A SPID can have up to 20 digits. Each B channel on an ISDN BRI interface will have a SPID, for a maximum of 2 per ISDN circuit. To configure SPIDs, use the isdn spid1 and isdn spid2 commands:
- isdn spid1 number :
- isdn spid2 number :
- These numbers will be assigned by the telephone company. Enter the commands into the bri configuration, for example:
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type basic-ni isdn spid1 5551212 isdn spid2 5551213 ip address 22.214.171.124 255.255.255.252 !
Configuring the ISDN telephone numbers - Europe/Germany
- Euro-ISDN subscribers can assign more than one ISDN number to an ISDN line. For example, an ISDN line could have the numbers 1234567 and 1234568. Each of these numbers could be used to dial into the ISDN line. These numbers are referred to as Multiple Subscriber Numbers (MSN). German ISDN networking uses a similar concept called EAZ numbering.
- For dial-out ISDN interfaces, the MSN/EAZ number specifies the outgoing phone number. For dial-in ISDN interfaces, the MSN/EAZ number specifies the phone number that will be answered. If you are unsure of your MSN/EAZ number, or do not know if you should use one, do not enter these commands. To configure an MSN or EAZ, use the isdn msn or equivalent isdn eaz command:
- isdn msn number :
- isdn eaz number :
- This number will be assigned by the telephone company. Both commands function in the same manner. Enter the command into the bri configuration, for example:
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 ip address 126.96.36.199 255.255.255.252 !
CONFIGURING ISDN BRI INTERFACE CHARACTERISTICS
Configuring Incoming Call Acceptance
- By default BRI interface accept and answer all incoming calls. You can specify that the router verify the incoming phone number, if the number is delivered by the ISDN switch. To limit inbound calls to specific phone numbers, use the isdn callin command:
- isdn callin [ phone1, phone2 … ] :
- Enabling this command will limit accepted inbound calls to those numbers specified in the command only. Calls from other or unidentified numbers will be rejected when this command is enabled. In the configuration below, an isdn callin command has been added:
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 ip address 188.8.131.52 255.255.255.252 !
Configuring the PPP Username and Password for Incoming Calls
- A username and password is used by the local router to authenticate the PPP peer. When the peer sends its username and password, the local router will check whether that username and password are configured locally. If there is a successful match, the peer is authenticated. To set the username and password, use the username command:
- username username password password :
- In the default configuration below, the username command has been added:
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 username imagestream password isis ip address 184.108.40.206 255.255.255.252 !
Configuring the PPP Authentication Method
- PPP currently supports two authentication protocols:
- Password Authentication Protocol (PAP)
- Challenge Handshake Authentication Protocol (CHAP)
- Both are specified in RFC 1334 and are supported on synchronous and asynchronous interfaces.
- PAP is not a secure authentication protocol. Passwords are sent across the link in clear text and there is no protection from playback or trail-and-error attacks. The remote node is in control of the frequency and timing of the login attempts. CHAP is considered to be more secure because the user password is never sent across the connection. CHAP authentication will be used in the configuration examples in this chapter. See the Command Reference for PAP authentication commands.
- The authentication method is set using the ppp authentication command:
- ppp authentication [ pap | chap ] :
Configuring the PPP username and password for remote authentication
- A username and password can be used by the remote router to authenticate the local PPP peer. When the local peer sends its username and password, the remote router will check whether that username and password are configured locally. If there is a successful match, the peer is authenticated. This command is used when remote authentication is required upon dialin or with outgoing calls. To set the remote username and password for CHAP, use the ppp chap hostname command:
- ppp chap hostname username password password :
- In the configuration below, the ppp chap hostname command has been added:
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 username imagestream password isis ppp authentication chap ppp chap hostname remote password isis1234 ip address 220.127.116.11 255.255.255.252 !
- Defined by RFC 1990, Multilink PPP (MLPPP) allows devices to send data over multiple point-to-point data links to the same destination by implementing a virtual link. The MLPPP connection has a maximum bandwidth equal to the sum of the bandwidths of the component links. For ISDN BRI connections, MLPPP is used to bond both B channels together into a single 112 Kbps or 128 Kbps connection.
- For MLPPP operation, enter the command ppp multilink.
CONFIGURING ISDN BRI FOR DIAL-ON-DEMAND AND DIAL-BACKUP
- A backup interface is an interface that stays idle until certain circumstances occur; then it is activated. A backup interface for a serial interface can be an ISDN interface or a different serial interface. A backup interface can be configured to be activated when any of the following three circumstances occurs:
- The primary line goes down.
- The load on the primary ISDN B channel reaches a certain threshold.
- Traffic is sent to a particular IP address or the next hop address.
Configuring dial-on-demand for a second B channel
- You can configure dial-on-demand to activate the secondary B channel based on the traffic load on the primary B channel. The router monitors the traffic load and computes a 5-minute moving average based on a value out of 255. If this average exceeds the value you set for the line, the secondary B channel is activated and, depending upon how the line is configured, some or all of the traffic will flow onto the secondary dialup
- Use the isdn load-threshold command to set the load average that triggers the second B channel. The value is a number from 0 to 255, with 255 being the heaviest load:
- isdn load-threshold value:
- In the default configuration below, we have set the threshold to 100 out of 255, which is about 3137 bps (100/255 is .392 * 8000 Bps for a 64 Kbps B channel = 3137).
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 username imagestream password isis ppp authentication chap ppp chap hostname remote password isis1234 isdn load-threshold 100 ip address 18.104.22.168 255.255.255.252 !
Enabling dial-backup for ISDN BRI
- You can configure dial-on-demand to activate the ISDN BRI interface when traffic is sent to the interface. To specify that dial-on-demand routing is to be supported, use the dialer in-band command in interface configuration mode. Adding this command to the configuration will instruct the router to bring up this link when traffic is sent to the device. If dialer in-band is not specified, the router will assume that the BRI port is a dedicated line and will dial-out automatically and remain connected.
- In the default configuration below, we have removed the isdn load-threshold command and added dialer in-band for use with dial-on-demand routing.
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 username imagestream password isis ppp authentication chap ppp chap hostname remote password isis1234 dialer in-band ip address 22.214.171.124 255.255.255.252 !
Configuring dial-backup parameters
- To configure a serial interface or ISDN interface to call one or multiple sites or to receive calls from multiple sites, use a form of the dialer map ip command. This command instructs the dialer to authenticate or place a call when traffic is received for the specified IP address.
- If the router will be connecting to a remote site, you can specify a dial string and an optional speed parameter using the dialer map ip command. This option informs the ISDN software whether it should place a call at 56 or 64 kbps. If you omit the ISDN speed parameter, the default is 64 kbps. The syntax of the dialer map ip command is:
- dialer map ip next-hop-address [broadcast] [name hostname] [speed 56 | speed 64] [dial-string]:
- In the default configuration below, we have instructed the dialer to dial the remote system “core” using B channel speeds of 64 Kbps when traffic is received for the default gateway (0.0.0.0).
! interface bri0 #NOC phone: 800-555-1212 - Our account #58935 description Connection to provider encapsulation ppp isdn switch-type edss1 isdn msn 5551212 isdn callin 12345678 username imagestream password isis ppp authentication chap ppp chap hostname remote password isis1234 dialer in-band # First B channel dials 8675309 dialer map ip 0.0.0.0 name core 8675309 # Second B channel dials 8675308 dialer map ip 0.0.0.0 name core 8675308 ip address 126.96.36.199 255.255.255.252 !
Configuring dial-backup using routing
- Instead of using the dialer map ip command, dial-on-demand routing can be configured using routing metrics on the interface. Specifying a secondary route with a higher metric value will also allow the ISDN BRI interface to operate in dial-on-demand mode. In the example below, the routing commands will add a primary default gateway through Serial0 and a lower priority route through bri0. This secondary route will only be used if Serial0 is unavailable. The first packet sent via this secondary route will cause the dialer to bring up the ISDN BRI link.
! # Add the primary default gateway via the T1 ip route 0.0.0.0 0.0.0.0 Serial0 # Add a lower priority route via bri0 ip route 0.0.0.0 0.0.0.0 bri0 metric 10 !
- Note: You must save the settings to the router’s non-volatile flash memory! If the router is rebooted before saving, your changes will be lost! See the chapter “Backup/Restore Menu: Managing Configurations” for more information.