Cisco 831 Ethernet2 2

[LangleyS]

Having just taken delivery of a 2nd Cisco 831 it appears to be different from my first one. In the configuration it shows an Ethernet2 but there is no connection on the back for Ethernet2. My other 831 with a slightly older version of IOS does not have an Ethernet2 and it does not show up in the configuration.

What is Ethernet2 used for an where would you plug a cable in for it.

Many Thanks.

 

[burtsbees]

Can you post a sh ver? Than ks.

Burt

 

[LangleyS]

Cisco IOS Software, C831 Software (C831-K9O3Y6-M), Version 12.4(5b), RELEASE SOF
TWARE (fc2)
Technical Support:

http://www.cisco.com/techsupport

Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Wed 19-Apr-06 09:59 by ssearch

ROM: System Bootstrap, Version 12.2(11r)YV6, RELEASE SOFTWARE (fc1)

Electralink uptime is 3 hours, 51 minutes
System returned to ROM by reload
System image file is "flash:c831-k9o3y6-mz.124-5b.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco C831 (MPC857DSL) processor (revision 0x500) with 58983K/6553K bytes of mem
ory.
Processor board ID FCZ111011AJ (483745621), with hardware revision 5AB2
CPU rev number 7
3 Ethernet interfaces
4 FastEthernet interfaces
128K bytes of NVRAM.
12288K bytes of processor board System flash (Read/Write)
2048K bytes of processor board Web flash (Read/Write)

Configuration register is 0x2102

 

[burtsbees]

Well, it looks like you have two WIC-1ENET cards. Is this correct?

Burt

 

[burtsbees]

The third ethernet that you are seeing in this case would be the one that contains the four fastethernet ports...the switch module IS the ethernet "interface"---this is the layer three interface, and the fastethernet ports within the ethernet "interface" are the four physical layer 2 ports. I say layer two because they are only recognized by MAC address, and the IP, or layer 3, information is configured on the ethernet interface.

Burt

 

[LangleyS]

On the back of the router I have one port labeled E0, 1 port labeled E1, one port labeled Console and 4 ports labeled 1-4. But there is nothing to say where E2 is. We have just taken delivery of 5 of these routers for a project and all of them seem to have this E2. The only other difference I can find between these ones and the other one we have is that this one has 64MB memory rather then 48MB and this have 12.4 of IOS rather than 12.2.

 

[LangleyS]

Forgot to say, the port labeled E0 shares the ports labeled 1-4.

 

[voltron1011]

Do a show ip interface brief on both routers... I'm curious to see what comes up.

 

[Davembg]

The Ethernet2 is a layer 3 capable "virtual" interface.
From my experience, it's for use as a DMZ function of the router.

I've tried to configure it for load sharing between 2 ISPs without
success. Here's a snip of my failed config.
Bacially, the router get's REALLY doggy and staic NAT doesn't seem to work.
If I had to guess, I'd say the ip routes are wrong, I can't say I'd know
how to define them as unequal costs....

IOS ver 12.3(14T7)

Current configuration : 2616 bytes
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HmGw
!
boot-start-marker
boot-end-marker
!
logging buffered 52000 debugging
enable secret 5 $thesecretissmalldosesofporn
!
no aaa new-model
!
resource policy
!
clock timezone EST -5
clock summer-time EST recurring 2 Sun Mar 2:00 1 Sun Nov 2:00
ip subnet-zero
!
!
no ip dhcp use vrf connected
!
!
ip cef
ip domain name mydomain.com
ip name-server xxx.xxx.xxx.xxx
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
!
username xxxxx privilege 15 secret 5 $thesecretissmalldosesofweed
!
!
no crypto isakmp ccm
!
!
!
interface Ethernet0
description inside link
ip address 192.168.x.x 255.255.255.0
ip helper-address 192.168.x.x
ip nat inside
ip virtual-reassembly
ip route-cache flow
no cdp enable
!
interface Ethernet1
description smartjack link
ip address xxx.xxx.xxx.xxx 255.255.255.240
ip helper-address xxx.xxx.xxx.xxx remark gateway of last resort
ip nat outside
ip virtual-reassembly
duplex auto
no cdp enable
!
interface Ethernet2
description DSL bridge link
ip address xxx.xxx.xxx.xxx 255.255.255.248
ip helper-address xxx.xxx.xxx.xxx remark gateway of last resort
ip nat outside
ip virtual-reassembly
no cdp enable
!
interface FastEthernet1
duplex auto
speed auto
!
interface FastEthernet2
duplex auto
speed auto
!
interface FastEthernet3
duplex auto
speed auto
!
interface FastEthernet4
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 `gateway of last resort` 10 permanent remark glr for wan1
ip route 0.0.0.0 0.0.0.0`gateway of last resort` 10 permanent remark glr for wan2
!
ip http server
no ip http secure-server
ip flow-aggregation cache as
cache entries 2046
cache timeout inactive 199
cache timeout active 45
export destination 192.168.xxx.xxx 9991
enabled
!
!
ip nat inside source list 2 interface Ethernet0 overload
ip nat inside source static tcp xxx.xxx.xxx.xxx 80 interface Ethernet1 80
!
no cdp run
!
!
control-plane
!
banner login ^CBlah, blah, blah^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
exec-timeout 120 0
privilege level 15
password duhhhhhhhhhh
login local
length 0
transport input telnet ssh
!
scheduler max-task-time 5000
ntp clock-period 17180257
ntp server xxx.xxx.xxx.xxx prefer
end

 

[ADB100]

I can't remember the specific IOS release (it was a 12.3T I think?), anyway this added the ability to create a 3rd logical Ethernet interface (with the 837 this created a 2nd Ethernet interface) to be used as a DMZ, however obviously you can use it for whatever you want. When you enable it (no shut) it takes over one of the switchports (the 4th one I think?).

HTH

Andy

 

[Davembg]

Right on with the tip about port 4....

http://www.cisco.com/en/US/products/ps5853/prod_bulletin0900aecd801ec63f.html

Not so sure on the idea of using it for whatever you want......
I can't seem to load share, even using simple CEF with the port(?)
It would be GREAT if I could.

It seems to 'automagically' add some stuff to the routing table, which I can't
edit/delete.

 

[ADB100]

It seems to 'automagically' add some stuff to the routing table, which I can't
edit/delete.

It might be worth posting the routing table. I used the 2nd Ethernet port on my 837 for 'normal' routing and didn't have any issues with it.

Andy

 

[burtsbees]

Hey Andy---I have an 837...could you give me a little more info on what you are talking about, "normal" routing? Can you enable an IP address that is separate from the ethernet interface that controls the four fastethernet interfaces? I have had problems with them being half duplex, and not knowing exactly what to do about it. Thanks.

Burt

 

[ADB100]

Hey Andy---I have an 837...could you give me a little more info on what you are talking about, "normal" routing? Can you enable an IP address that is separate from the ethernet interface that controls the four fastethernet interfaces? I have had problems with them being half duplex, and not knowing exactly what to do about it. Thanks.

When you enable Ethernet2 it then 'connects' the logical Ethernet2 interface to the 4th FastEthernet interface on the back. Ports 1-3 are still connected to Ethernet0. You can then configure Ethernet2 as you would any other Ethernet interface - IP address etc.

I am not too sure about the speed/duplex of these interfaces as they are 'logical' Ethernet interfaces. It may be internally they are 10Mb PHY's but I don't know. The four physical Ethernet interfaces on the rear are autodetecting 10/100 switching interfaces; I never had any issues with devices negotiating 100/Full Duplex on these?

when I had an 837 I had some static routes pointing out to next-hops on both Ethernet0 & Ethernet2 (e.g 10.1.1.0/24 on E0 and 10.1.2.0/24 on E2), as well as my default on the Dialer interface.

Andy

 

[burtsbees]

Ah---mine only shows one ethernet interface, which tells me if I wanted to see an additional logical ethernet interface, I would need a better IOS. Thanks, Andy.

Burt

 

[ADB100]

I had a quick look on CCO and it was added in 12.3(7)XR1 and integrated into 12.3(14)T.

http://www.cisco.com/en/US/products/sw/iosswrel/ps5413/products_feature_guide09186a0080235e23.html

One thing I noticed with this is during the router boot process the four Fast Ethernet interfaces are connected together, however once it is up and running the 4th port is separate. I had some issues with STP loops so had to modify my switch config to work around this 'issue'

HTH

Andy

 

[burtsbees]

Great, thanks.

Burt

 

[Davembg]

So, I'm starting a new thread where maybe we can get some insight into using the 800 series routers as dual-wan (possible load-sharing) routers.

-dave