ISDN 拨号备份

在本例中,网络使用一对二方式.其中一个远端A与Internet互连,中心点与另外一个远端B通过该远端A连入Internet. 并且三点之间内部互通.现三地之间用三台Cisco互连,能正常工作.但是现需要备份中心点与两个远端之间的通信线路.

计划采用ISDN拨号备份.

ISDN Configuration Example - IP

Sample Configuration for C2503

C2503#wr t

######

Current configuration:

!

version 10.2

!

hostname C2503

!

enable password test

!

username C4000 password cisco (See username explanation in the followi

ng

section.)

isdn switch-type basic-dms100

!

interface Ethernet0

ip address 172.16.10.1 255.255.255.0

!

interface Serial0

no ip address

shutdown

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 172.16.20.1 255.255.255.0

encapsulation ppp

bandwidth 56

dialer idle-timeout 300

dialer map ip 172.16.20.2 name C4000 speed 56 broadcast 14155551234

dialer map ip 172.16.20.2 name C4000 speed 56 broadcast 14155556789

dialer hold-queue 5

dialer load-threshold 100

dialer-group 1

isdn spid1 408555432101 5554321

isdn spid2 408555987601 5559876

ppp authentication chap

!

router igrp 1

network 172.16.0.0

!

ip route 192.168.24.0 255.255.255.0 172.16.20.2

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

0

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.

255

!

!

dialer-list 1 list 100

!

line con 0

line aux 0

line vty 0 4

password test

login

!

end

Explanation of C2503 Configuration

C2503#wr t

######

Current configuration:

!

version 10.2

!

hostname C2503

!

enable password test

!

username C4000 password cisco

The username "C4000" is the hostname of the remote router and is used

by the dialer map command below. The username is case sensitive and mu

st match the remote router's hostname exactly.

The password, which is used by the CHAP authentication process, is cas

e sensitive and must match the remote router's password exactly.

Note: To avoid confusion, the unencrypted form of the password cisco i

s shown in this sample configuration. In the actual configuration, the

password would appear in its encrypted form: 7 13061E010803, where 7

denotes the encryption type and 13061E010803 is the encrypted form of

the password cisco. When entering or making changes to the username co

mmand, always type the password in its unencrypted form and do not ent

er the encryption type (7). It is set automatically.

isdn switch-type basic-dms100

The ISDN switch type must match your carrier's equipment. If you chang

e the switch-type, you must reload the router for the new switch type

to take effect.

interface Ethernet0

ip address 172.16.10.1 255.255.255.0

interface Serial0

no ip address

shutdown

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 172.16.20.1 255.255.255.0

encapsulation ppp

PPP encapsulation is recommended over HDLC in order to allow the use o

f CHAP authentication.

bandwidth 56

The default bandwidth setting for a BRI interface is 64k. If you confi

gured your dialer map statements with the speed 56 option, you should

include the bandwidth statement.

Note: This command does not control the speed of your ISDN line. It se

ts the correct reference point for the BRI port's show interface stati

stics, for the dialer load-threshold command, and for IGRP/EIGRP routi

ng metrics.

dialer idle-timeout 300

This command sets the number of seconds the ISDN connection will remai

n open if no interesting traffic is being routed. The timer is reset e

ach time an interesting packet is forwarded.

dialer map ip 172.16.20.2 name C4000 speed 56 broadcast 14155551234

dialer map ip 172.16.20.2 name C4000 speed 56 broadcast 14155556789

The dialer map command is used with CHAP authentication to place the i

nitial call to the remote router when interesting traffic is forwarded

to the BRI interface. Once the connection is active, the dialer idle-

timeout command determines how long it will remain active. A dialer ma

p statement is required for each ISDN phone number that will be called

. Be aware though, that two dialer map statements pointing to the same

location might activate both B channels when you may only want to use

one channel.

Note: The command parameters for this example are:

172.16.20.2 = the IP address of the remote router's BRI interface. To

determine this address, type show interface bri 0 at the remote router

's console prompt.

name C4000 = the hostname of the remote router. The name is case sensi

tive and should match the name configured for the username command abo

ve.

speed 56 = sets the dialer speed to 56k for ISDN circuits that are not

64k end-to-end, and should be included in both routers' dialer map st

atements. Most installations in North America must be configured for 5

6K.

broadcast = allows the forwarding of broadcast packets. Unless broadca

st packets are specified as interesting packets by the dialer-list com

mand, they will only be forwarded when the ISDN link is active.

14155551234

14155556789 = the remote router's ISDN telephone numbers.

dialer hold-queue 5

This command allows interesting packets to be queued until the ISDN co

nnection is established. In this example, five interesting packets wil

l be queued.

dialer load-threshold 100

This command is used to configure bandwidth on demand by setting the m

aximum load before the dialer places another call through the second B

channel. The load is the calculated weighted average load value for t

he interface, where 1 is unloaded and 255 is fully loaded. The actual

load value you should configure depends on the characteristics of your

particular network. In this example, the second B channel will be act

ivated when the load reaches 39% of maximum utilization, which is 100

divided by 255.

dialer-group 1

The dialer-group 1 command enables the dialer-list 1 on the BRI interf

ace, which determines which packets will be interesting and activate t

he ISDN connection.

isdn spid1 408555432101 5554321

isdn spid2 408555987601 5559876

The isdn spid commands are used if your carrier assigns spids to your

ISDN lines.

ppp authentication chap

This command enables CHAP authentication.

router igrp 1

network 172.16.0.0

ip route 192.168.24.0 255.255.255.0 172.16.20.2

This IP route command creates a static route to the remote router's ne

twork via the remote router's BRI interface. This is required because

dynamic routes are lost when the ISDN link is down.

Note: The command parameters for this example are:

192.168.24.0 = the target network.

255.255.255.0 = the target network mask. A 255 in an octet's position

specifies an exact match for that octet is required, and a 0 in an oct

et's position specifies any value will match.

172.16.20.2 = the address of the next hop that can be used to reach th

e target network.

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

0

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.

255

This access list determines which IP packets will be interesting and a

ctivate the ISDN link. The access-list you should create depends on yo

ur particular network design.

Note: The command parameters for this example are:

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

0

defines all broadcast packets as uninteresting.

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0255.255.255.2

55

defines all other IP packets as interesting.

dialer-list 1 list 100

This command points to access-list 100, which determines which IP pack

ets will be interesting.

line con 0

line aux 0

line vty 0 4

password test

login

!

end

Sample Configuration for C4000

C4000#wr t

######

Current configuration:

!

version 10.2

!

hostname C4000

!

enable password test

!

username C2503 password cisco (See username explanation in the followi

ng

section.)

isdn switch-type basic-dms100

!

interface Ethernet0

ip address 192.168.24.65 255.255.255.0

!

interface Serial0

no ip address

shutdown

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 172.16.20.2 255.255.255.0

encapsulation ppp

bandwidth 56

dialer idle-timeout 300

dialer map ip 172.16.20.1 name C2503 speed 56 broadcast 14085554321

dialer map ip 172.16.20.1 name C2503 speed 56 broadcast 14085559876

dialer hold-queue 5

dialer load-threshold 100

dialer-group 1

isdn spid1 415555123401 5551234

isdn spid2 415555678901 5556789

ppp authentication chap

!

router igrp 1

network 172.16.0.0

network 192.168.24.0

!

ip route 172.16.10.0 255.255.255.0 172.16.20.1

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

0

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.

255

!

!

dialer-list 1 list 100

!

line con 0

line aux 0

line vty 0 4

password test

login

!

end

Explanation of C4000 Configuration

C4000#wr t

######

Current configuration:

!

version 10.2

!

hostname C4000

!

enable password test

!

username C2503 password cisco

The username "C2503" is the hostname of the remote router and is used

by the dialer map command below. The username is case sensitive and mu

st match the remote router's hostname exactly.

The password, which is used by the CHAP authentication process, is cas

e sensitive and must match the remote router's password exactly.

Note: To avoid confusion, the unencrypted form of the password cisco i

s shown in this sample configuration. In the actual configuration, the

password would appear in its encrypted form: 7 13061E010803, where 7

denotes the encryption type and 13061E010803 is the encrypted form of

the password cisco. When entering or making changes to the username co

mmand, always type the password in its unencrypted form and do not ent

er the encryption type (7). It is set automatically.

isdn switch-type basic-dms100

The ISDN switch type must match your carrier's equipment. If you chang

e the switch-type you must reload the router for the new switch type t

o take effect.

interface Ethernet0

ip address 192.168.24.65 255.255.255.0

interface Serial0

no ip address

shutdown

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 172.16.20.2 255.255.255.0

encapsulation ppp

PPP encapsulation is recommended over HDLC in order to allow the use o

f CHAP authentication.

bandwidth 56

The default bandwidth setting for a BRI interface is 64k. If you confi

gured your dialer map statements with the speed 56 option, you should

include the bandwidth statement.

Note: This command does not control the speed of your ISDN line. It se

ts the correct reference point for the BRI port's show interface stati

stics, for the dialer load-threshold command, and for IGRP/EIGRP routi

ng metrics.

dialer idle-timeout 300

This command sets the number of seconds the ISDN connection will remai

n open if no interesting traffic is being routed. The timer is reset e

ach time an interesting packet is forwarded.

dialer map ip 172.16.20.1 name C2503 speed 56 broadcast 14085554321

dialer map ip 172.16.20.1 name C2503 speed 56 broadcast 14085559876

The dialer map command is used with CHAP authentication to place the i

nitial call to the remote router when interesting traffic is forwarded

to the BRI interface. After the connection is active, the dialer idle

-timeout command determines how long it will remain active. A dialer m

ap statement is required for each ISDN phone number that will be calle

d. Be aware though, that two dialer map statements pointing to the sam

e location might activate both B channels when you may only want to us

e one channel.

Note: The command parameters for this example are:

172.16.20.1 = the IP address of the remote router's BRI interface. To

determine this address, type show interface bri 0 at the remote router

's console prompt.

name C2503 = the hostname of the remote router. The name is case sensi

tive and should match the name configured for the username command abo

ve.

speed 56 = sets the dialer speed to 56k for ISDN circuits that are not

64k end-to-end, and should be included in both routers' dialer map st

atements. Most installations in North America must be configured for 5

6K.

broadcast = allows the forwarding of broadcast packets. Unless broadca

st packets are specified as interesting packets by the dialer-list com

mand, they will only be forwarded when the ISDN link is active.

14085554321

14085559876 = the remote router's ISDN telephone numbers.

dialer hold-queue 5

This command allows interesting packets to be queued until the ISDN co

nnection is established. In this example, five interesting packets wil

l be queued.

dialer load-threshold 100

This command is used to configure bandwidth on demand by setting the m

aximum load before the dialer places another call through the second B

channel. The load is the calculated weighted average load value for t

he interface, where 1 is unloaded and 255 is fully loaded. The actual

load value you should configure depends on the characteristics of your

particular network. In this example, the second B channel will be act

ivated when the load reaches 39% of maximum utilization, which is 100

divided by 255.

dialer-group 1

The dialer-group 1 command enables the dialer-list 1 on the BRI interf

ace, which determines which packets will be interesting and activate t

he ISDN connection.

isdn spid1 415555123401 5551234

isdn spid2 415555678901 5556789

The isdn spid commands are used if your carrier assigns spids to your

ISDN lines.

ppp authentication chap

This command enables CHAP authentication.

router igrp 1

network 172.16.0.0

network 192.168.24.0

ip route 172.16.10.0 255.255.255.0 172.16.20.1

This ip route command creates a static route to the remote router's ne

twork via the remote router's BRI interface. This is required because

dynamic routes are lost when the ISDN link is down.

Note: The command parameters for this example are:

172.16.0.0 = the target network.

255.255.0.0 = the target network mask. A 255 in an octet's position sp

ecifies an exact match for that octet is required, and a 0 in an octet

's position specifies any value will match.

172.16.20.1 = the address of the next hop that can be used to reach th

e target network.

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

0

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.

255

This access list determines which IP packets will be interesting and a

ctivate the ISDN link. The access-list you should create depends on yo

ur particular network design.

Note: The command parameters for this example are:

access-list 100 deny ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.

defines all broadcast packets as uninteresting.

access-list 100 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.

255

defines all other IP packets as interesting.

dialer-list 1 list 100

This command points to access-list 100, which determines which IP pack

ets will be interesting.

line con 0

line aux 0

line vty 0 4

password test

login

!

end

---

备份的话，用静态路由足矣！下面是我公司在北京的工程配置：Current config

uration:

!

version 11.3

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname feihua

!

enable secret 5 $1$011Y$UBLyBOlDTa6ZKRnMnoyU0.

enable password 7 011F0F110A5A565B

!

username feihua password 7 141B1B1E5D557A7F

username jianhua1 password 7 00081A13550A5B52

no ip source-route

isdn switch-type basic-net3

!

!

!

interface Ethernet0

ip address 10.10.0.1 255.255.255.0

!

!

interface Serial0

backup delay 5 30

backup interface BRI0

ip address 10.10.10.1 255.255.255.0

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 10.10.20.1 255.255.255.0

encapsulation ppp

dialer idle-timeout 300

dialer map ip 10.10.20.2 name jianhua1 broadcast 86521075

dialer load-threshold 128 outbound

dialer-group 1

isdn switch-type basic-net3

ppp authentication chap

ppp multilink

hold-queue 75 in

!

ip classless

ip route 10.10.1.0 255.255.255.0 10.10.10.2

ip route 10.10.1.0 255.255.255.0 10.10.20.2

ip route 10.10.2.0 255.255.255.0 10.10.10.2

ip route 10.10.2.0 255.255.255.0 10.10.20.2

!

dialer-list 1 protocol ip permit

!

line con 0

line aux 0

line vty 0

password 7 045702135E701C1A

login

line vty 1 4

login

!

end

被叫端的配置：（建国门广发证券）

urrent configuration:

!

version 11.3

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname jianhua1

!

enable secret 5 $1$011Y$UBLyBOlDTa6ZKRnMnoyU0.

enable password 7 011F0F110A5A565B

!

username feihua password 7 141B1B1E5D557A7F

username jianhua1 password 7 00081A13550A5B52

no ip source-route

isdn switch-type basic-net3

!

!

!

interface Ethernet0

ip address 10.10.1.1 255.255.255.0

!

!

interface Serial0

ip address 10.10.10.2 255.255.255.0

!

interface Serial1

no ip address

shutdown

!

interface BRI0

ip address 10.10.20.2 255.255.255.0

encapsulation ppp

dialer idle-timeout 300

dialer map ip 10.10.20.1 name feihua broadcast

dialer load-threshold 128 outbound

dialer-group 1

isdn switch-type basic-net3

ppp authentication chap

ppp multilink

hold-queue 75 in

!

ip classless

ip route 10.10.0.0 255.255.255.0 10.10.10.1

ip route 10.10.0.0 255.255.255.0 10.10.20.1

ip route 10.10.2.0 255.255.255.0 10.10.1.2

!

dialer-list 1 protocol ip permit

!

line con 0

line aux 0

line vty 0

password 7 045702135E701C1A

login

line vty 1 4

login

!

end