|
ru.cisco
- RU.CISCO ---------------------------------------------------------------------
From : Igor Suvorov 2:5020/1046 02 May 2002 21:34:45
To : All
Subject : DDR
--------------------------------------------------------------------------------
DDR соединений с другими маршрутизаторами. Для каждого
маршрутизатора определен свой собственный Dialer Interface.
Привязка соединений к интерфейсам реализована по именам
роутеров через dialer remote-name XXX. Hа удаленных
маршрутизаторах на DDR интерфейсе указано получать ip
адрес динамически. Обычно все работает.
Hо, периодически у 3640 едут мозги и она начинает раздавать
ip адреса с одного диалера тому маршрутизатору, что пришел
на другой диалер. Т.е. попросту путать диалеры. Хотя, если
верить CCO и www.google.com, все вроде бы правильно.
Можно конечно плюнуть и забить адреса вручную. Hо должна
подобная схема работать, или нет?
ios 12.1.5(T)12
Вот так выглядит конфиг роутера:
aaa new-model
aaa authentication ppp default local group radius
aaa authorization network default local group radius
!
username Router-1 password 7 XXXXX
username Router-2 password 7 XXXXX
username Router-3 password 7 XXXXX
username Router-4 password 7 XXXXX
ip subnet-zero
!
isdn switch-type primary-net5
!
!
controller E1 1/0
pri-group timeslots 1-22
!
!
interface Loopback0
ip address XXX.XXX.XXX.33 255.255.255.224
!
!
interface Serial1/0:15
no ip address
encapsulation ppp
dialer pool-member 1 max-link 1
dialer pool-member 2 max-link 1
dialer pool-member 3 max-link 1
dialer pool-member 4 max-link 2
isdn switch-type primary-net5
isdn incoming-voice modem
no fair-queue
no cdp enable
ppp authentication chap
!
!
interface Dialer1
ip unnumbered Loopback0
encapsulation ppp
dialer pool 1
dialer remote-name Router-1
dialer idle-timeout 600
dialer string 1001
dialer-group 1
peer default ip address XXX.XXX.XXX.34
no fair-queue
no cdp enable
!
interface Dialer2
ip unnumbered Loopback0
encapsulation ppp
dialer pool 2
dialer remote-name Router-2
dialer idle-timeout 600
dialer string 1002
dialer-group 2
peer default ip address XXX.XXX.XXX.35
no fair-queue
no cdp enable
!
interface Dialer3
ip unnumbered Loopback0
encapsulation ppp
dialer pool 3
dialer remote-name Router-3
dialer idle-timeout 600
dialer string 1003
dialer-group 2
peer default ip address XXX.XXX.XXX.36
no fair-queue
no cdp enable
!
interface Dialer4
bandwidth 128
ip unnumbered Loopback0
encapsulation ppp
dialer pool 4
dialer remote-name Router-4
dialer idle-timeout 600
dialer string 1004
dialer load-threshold 100 outbound
dialer-group 2
peer default ip address XXX.XXX.XXX.37
no fair-queue
no cdp enable
ppp multilink
!
ip local pool dynamic_pool XXX.XXX.XXX.38 XXX.XXX.XXX.54
ip classless
ip route XXX.XXX.XXX.34 255.255.255.255 Dialer1
ip route XXX.XXX.XXX.35 255.255.255.255 Dialer2
ip route XXX.XXX.XXX.36 255.255.255.255 Dialer3
ip route XXX.XXX.XXX.37 255.255.255.255 Dialer4
!
dialer-list 1 protocol ip list 100
dialer-list 2 protocol ip permit
Вот так выглядит нормальное соединение для первого диалера:
%LINK-3-UPDOWN: Interface Serial1/0:20, changed state to up
Se1/0:20 PPP: Treating connection as a callin
Se1/0:20 PPP: Phase is ESTABLISHING, Passive Open [0 sess, 0 load]
Se1/0:20 LCP: State is Listen
Se1/0:20 LCP: I CONFREQ [Listen] id 145 len 15
Se1/0:20 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:20 LCP: MagicNumber 0x297B4A93 (0x0506297B4A93)
Se1/0:20 LCP: O CONFREQ [Listen] id 105 len 15
Se1/0:20 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:20 LCP: MagicNumber 0x545553D6 (0x0506545553D6)
Se1/0:20 LCP: O CONFACK [Listen] id 145 len 15
Se1/0:20 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:20 LCP: MagicNumber 0x297B4A93 (0x0506297B4A93)
Se1/0:20 LCP: I CONFACK [ACKsent] id 105 len 15
Se1/0:20 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:20 LCP: MagicNumber 0x545553D6 (0x0506545553D6)
Se1/0:20 LCP: State is Open
Se1/0:20 PPP: Phase is AUTHENTICATING, by both [0 sess, 0 load]
Se1/0:20 CHAP: O CHALLENGE id 105 len 34 from "Cisco3640"
Se1/0:20 CHAP: I CHALLENGE id 144 len 36 from "Router-1"
Se1/0:20 CHAP: Waiting for peer to authenticate first
Se1/0:20 CHAP: I RESPONSE id 105 len 36 from "Router-1"
Se1/0:20 CHAP: O SUCCESS id 105 len 4
Se1/0:20 CHAP: Processing saved Challenge, id 144
%DIALER-6-BIND: Interface Se1/0:20 bound to profile Di1
Se1/0:20 CHAP: O RESPONSE id 144 len 34 from "Cisco3640"
Se1/0:20 CHAP: I SUCCESS id 144 len 4
Se1/0:20 PPP: Phase is UP [0 sess, 0 load]
Se1/0:20 IPCP: O CONFREQ [Not negotiated] id 111 len 10
Se1/0:20 IPCP: Address XXX.XXX.XXX.33 ()
Se1/0:20 IPCP: I CONFREQ [REQsent] id 192 len 10
Se1/0:20 IPCP: Address 0.0.0.0 ()
Se1/0:20 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0,
we want XXX.XXX.XXX.34
Se1/0:20 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0,
we want XXX.XXX.XXX.34
Se1/0:20 IPCP: O CONFNAK [REQsent] id 192 len 10
Se1/0:20 IPCP: Address XXX.XXX.XXX.34 ()
Se1/0:20 IPCP: I CONFACK [REQsent] id 111 len 10
Se1/0:20 IPCP: Address XXX.XXX.XXX.33 ()
Se1/0:20 IPCP: I CONFREQ [ACKrcvd] id 193 len 10
Se1/0:20 IPCP: Address XXX.XXX.XXX.34 ()
Se1/0:20 AAA/AUTHOR/IPCP: Start. Her address XXX.XXX.XXX.34,
we want XXX.XXX.XXX.34
Se1/0:20 AAA/AUTHOR/IPCP: Reject XXX.XXX.XXX.34,
using XXX.XXX.XXX.34
Se1/0:20 AAA/AUTHOR/IPCP: Done. Her address XXX.XXX.XXX.34,
we want XXX.XXX.XXX.34
Se1/0:20 IPCP: O CONFACK [ACKrcvd] id 193 len 10
Se1/0:20 IPCP: Address XXX.XXX.XXX.34 ()
Se1/0:20 IPCP: State is Open
Se1/0:20 DDR: dialer protocol up
Di1 IPCP: Install route to XXX.XXX.XXX.34
А вот так - кривое:
%LINK-3-UPDOWN: Interface Serial1/0:19, changed state to up
Se1/0:19 PPP: Treating connection as a callin
Se1/0:19 PPP: Phase is ESTABLISHING, Passive Open [0 sess, 0 load]
Se1/0:19 LCP: State is Listen
Se1/0:19 LCP: I CONFREQ [Listen] id 144 len 15
Se1/0:19 LCP: AuthProto CHAP ()
Se1/0:19 LCP: MagicNumber 0x2979724D (0x05062979724D)
Se1/0:19 LCP: O CONFREQ [Listen] id 23 len 15
Se1/0:19 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:19 LCP: MagicNumber 0x54537B7D (0x050654537B7D)
Se1/0:19 LCP: O CONFACK [Listen] id 144 len 15
Se1/0:19 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:19 LCP: MagicNumber 0x2979724D (0x05062979724D)
Se1/0:19 LCP: I CONFACK [ACKsent] id 23 len 15
Se1/0:19 LCP: AuthProto CHAP (0x0305C22305)
Se1/0:19 LCP: MagicNumber 0x54537B7D (0x050654537B7D)
Se1/0:19 LCP: State is Open
Se1/0:19 PPP: Phase is AUTHENTICATING, by both [0 sess, 0 load]
Se1/0:19 CHAP: O CHALLENGE id 20 len 34 from "Cisco3640"
Se1/0:19 CHAP: I CHALLENGE id 143 len 36 from "Router-1"
Se1/0:19 CHAP: Waiting for peer to authenticate first
Se1/0:19 CHAP: I RESPONSE id 20 len 36 from "Router-1"
Se1/0:19 CHAP: O SUCCESS id 20 len 4
Se1/0:19 CHAP: Processing saved Challenge, id 143
%DIALER-6-BIND: Interface Se1/0:19 bound to profile Di1
Пока все вроде бы правильно, роутер опознан, выбран, как и
положено, 1 диалер.
Se1/0:19 CHAP: O RESPONSE id 143 len 34 from "Cisco3640"
Se1/0:19 CHAP: I SUCCESS id 143 len 4
Se1/0:19 PPP: Phase is UP [0 sess, 0 load]
Se1/0:19 IPCP: O CONFREQ [Not negotiated] id 21 len 10
Se1/0:19 IPCP: Address XXX.XXX.XXX.33 ()
Se1/0:19 IPCP: I CONFREQ [REQsent] id 190 len 10
Se1/0:19 IPCP: Address 0.0.0.0 (0x030600000000)
Se1/0:19 AAA/AUTHOR/IPCP: Start. Her address 0.0.0.0,
we want XXX.XXX.XXX.36
Se1/0:19 AAA/AUTHOR/IPCP: Done. Her address 0.0.0.0,
we want XXX.XXX.XXX.36
Поехало. Откуда оно вылезло? Почему .36, а не .34, как указанно в
peer default ip address диалера? Тем более, что .36 в этот момент
еще и активен.
Se1/0:19 IPCP: O CONFNAK [REQsent] id 190 len 10
Se1/0:19 IPCP: Address XXX.XXX.XXX.36 ()
Se1/0:19 IPCP: I CONFACK [REQsent] id 21 len 10
Se1/0:19 IPCP: Address XXX.XXX.XXX.33 ()
Se1/0:19 IPCP: I CONFREQ [ACKrcvd] id 191 len 10
Se1/0:19 IPCP: Address XXX.XXX.XXX.36 ()
Se1/0:19 AAA/AUTHOR/IPCP: Start. Her address XXX.XXX.XXX.36,
we want XXX.XXX.XXX.36
Se1/0:19 AAA/AUTHOR/IPCP: Reject XXX.XXX.XXX.36, using XXX.XXX.XXX.36
Se1/0:19 AAA/AUTHOR/IPCP: Done. Her address XXX.XXX.XXX.36, we want
XXX.XXX.XXX.36
Se1/0:19 IPCP: O CONFACK [ACKrcvd] id 191 len 10
Se1/0:19 IPCP: Address XXX.XXX.XXX.36 ()
Se1/0:19 IPCP: State is Open
Se1/0:19 DDR: dialer protocol up
Di1 IPCP: Install route to XXX.XXX.XXX.36
deb что еще можно сделать, чтобы попробовать разобраться? Менять
мозги на 12.2.7b (или что более осмысленное?) допустимо, но
хотелось бы по возможности обойтись без этого.
--
Igor
--- Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
* Origin: no gnus is a bad news (2:5020/1046@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
DDR |
Igor Suvorov |
02 May 2002 21:34:45 |
|
|
