ISDN dial backup, dialer watch, & routing protocols

[dozier]

Hello.

I was using EIGRP and dialer watch for ISDN dial backup from a remote site to our main site. It worked fine, except that whenever I made any modifications to EIGRP (such as adding a new network or modifying the distribute-list) on the main router it broke all its adjacencies and caused the remote to dial up. I was told that OSPF was more stable so I set that up, and it seemed like it would solve the problem, except I can't get OSPF to communicate over the ISDN link. I egt messages in the remote saying "Apr 25 2005 13:59:35.996: OSPF: Rcv pkt from 172.16.23.1, BRI0/2/0, area 0.0.0.2 : src not on the same network".

I can see why this is a problem, but I can't figure out how to fix it. The PRI interface on the main router is configured with the IP address 172.16.23.1/24. When the ISDN connects it negotiates an address in the same network, however, it uses a host mask instead of the class C, so when it recieves the hello packet from the main router he discards it since the source isn't a part of the same network it was recieved on (due to the host mask). I've tried a bunch of stuff, but can't seem to get it to work. Here are pieces of the configs:

Main:

interface Serial1/0:23 
description PRI for ISDN Dial Backup 
bandwidth 56 
ip address 172.16.23.1 255.255.255.0 
ip access-group 110 in 
encapsulation ppp 
delay 3000 
dialer idle-timeout 2147483 
isdn switch-type primary-4ess 
peer default ip address pool isdn-backup 
priority-group 1 
ppp authentication chap 
ppp ipcp mask 255.255.255.0 

router ospf 99 
log-adjacency-changes 
passive-interface FastEthernet2/0 
network 172.16.23.0 0.0.0.31 area 2 
network 172.16.24.0 0.0.0.255 area 2 
network 172.16.250.0 0.0.0.127 area 0

Remote:

interface BRI0/2/0 
description ISDN Dial Backup 
bandwidth 56 
ip address negotiated 
ip access-group 111 in 
ip nat outside 
encapsulation ppp 
delay 3000 
dialer map ip 172.16.250.0 broadcast XXXXXXXXXXX 
dialer watch-group 1 
isdn switch-type basic-ni 
isdn spid1 XXXXXXXXXXXXX 
isdn spid2 XXXXXXXXXXXXX 
no peer default ip address 
ppp ipcp mask request 
ppp ipcp address accept 

router ospf 99 
log-adjacency-changes 
network 172.16.23.0 0.0.0.31 area 2 
network 172.16.24.8 0.0.0.3 area 2 
network 172.16.240.2 0.0.0.0 area 2 
network 172.16.242.2 0.0.0.0 area 2 
network 172.16.242.3 0.0.0.0 area 2

Any input would be greatly appreciated.

 

[lambent]

Actually there's an alternative way to do this...no kidding...that's shut down the PRI before you do any routing/network changes that may involve routing convergence.

Since the ISDN is just used for backup, I don't see why you can't shut it down when doing changes to the network.

Always make things as simple as possible

 

[dozier]

Well, lambent, that really doesn't seem like a solution to me. It's a temporary workaround at best, and may not even always be an option depending on the circumstances.

Is what I'm trying to do really that wild? I wouldn't think so, which is why I can't understand why this is such an issue. I know, I could make compromises and get something that works, but it wouldn't be the best solution.

 

[lambent]

Why do you use "ip address negotiated" when actually you can put a static IP there? Any rationale behind?

Btw if your IOS is 12.2(8)T or above, you can try this dialer watch new options:

dialer watch-list 1 ip 10.1.1.0 255.255.255.0
dialer watch-list 1 delay connect 10

The above example configures the router to wait 10 seconds before verifying that the network 10.1.1.0 disappears in the routing table and dialing a secondary link.

Also...I don't see why you set the idle timeout to 2147483 seconds (I believe that's about 24 days). I usually just set it to 300 so once the route comes back, it'll just stay there for 5 mins only.

 

[dozier]

Why do you use "ip address negotiated" when actually you can put a static IP there? Any rationale behind?

Yes, I could. It's not a bad idea, I just decided to go the other way. If I gave the routers static IP I'd feel the need to keep track of them, which I don't care about doing.

Btw if your IOS is 12.2(8)T or above, you can try this dialer watch new options:

dialer watch-list 1 ip 10.1.1.0 255.255.255.0
dialer watch-list 1 delay connect 10

Thank you! I'd been looking for exactly that!

Also...I don't see why you set the idle timeout to 2147483 seconds (I believe that's about 24 days). I usually just set it to 300 so once the route comes back, it'll just stay there for 5 mins only.

That was set that way on the hub router simply because it's the largest value. I wanted to control the timeout on the remotes, which by default is 120, I believe.

And FYI, I had the same problem getting OSPF to work over the ISDN when I did use static addresses as opposed to negotiated.

 

[lambent]

And FYI, I had the same problem getting OSPF to work over the ISDN when I did use static addresses as opposed to negotiated."

You mean you still have the "src not on the same network" problem when you use static addresses? Can you actually ping each other using the BRI/PRI IP addresses as the source IP?

"network 172.16.23.0 0.0.0.31 area 2"

Did you intentionally use this wildcard mask 0.0.0.31 rather than 0.0.0.255?

 

[ADB100]

Floating statics and static to dynamic (OSPF, EIGRP etc) route redistribution everytime. Works a treat and none of the issues you mention will effect it, plus you can put the redundancy onto another router so if the router fails you still have backup.
The whole thing requires a design to be put in place beforehand though and isn't something you would want to tackle on-the-fly.

Andy