Configuring Interfaces

Use the information in this chapter to understand the types of interfaces supported on our routers. Our routers support two types of interfaces: physical and virtual interfaces. The types of physical interfaces in a router depend on its appliques or interface processors. The virtual interfaces our routers support include subinterfaces and IP tunnels.

Our routers support the following types of interfaces:

• Asynchronous serial

• Asynchronous Transfer Mode (ATM)

• Channelized E1

• Channelized T1

• Dialer

• Ethernet

• Fast Ethernet

• Fiber Distributed Data Interface (FDDI)

• High-Speed Serial Interface (HSSI)

• ISDN Basic Rate Interface (BRI)

• ISDN Multiple Basic Rate Interface (MBRI)

• ISDN Primary Rate Interface (PRI)

• LAN Extender

• Loopback

• Null

• Synchronous serial

• Token Ring

• Tunnel

In addition, our routers support subinterfaces. See the wide-area networking chapters and the protocol chapters in this guide for specific information on how to configure a subinterface for a particular protocol.

For hardware technical descriptions and information about installing router interfaces, refer to the hardware installation and maintenance publication for your product. For command descriptions and usage information, refer to the "Interface Commands" chapter of the Router Products Command Reference publication.

Interface Configuration Task List

You can perform the tasks in the following sections to configure and maintain the interfaces supported on our routers:

• Understand Interface Configuration

• Configure Low-Speed Serial Interfaces on Cisco 2500 Routers

• Configure an Asynchronous Serial Interface

• Configure Service Modules on Cisco 2524 and Cisco 2525 Routers

• Configure an ATM Interface

• Configure Channelized E1

• Configure Channelized T1

• Configure a Dialer Interface

• Configure an Ethernet Interface

• Configure a Fiber Distributed Data Interface (FDDI)

• Configure a High-Speed Serial Interface (HSSI)

• Configure a Hub Interface

• Configure an ISDN Basic BRI, MBRI, or PRI Interface

• Configure a LAN Extender Interface

• Configure a Loopback Interface

• Configure a Null Interface

• Configure a Synchronous Serial Interface

• Configure a Token Ring Interface

• Configure a Tunnel Interface

• Understand Subinterfaces

• Configure Features Available on Any Interface

• Configure Dial Backup Service

• Understand Online Insertion and Removal (OIR)

• Understand Fast, Autonomous, and SSE Switching Support

• Monitor and Maintain the Interface

• Monitor and Maintain Service Modules on Cisco 2524 and Cisco 2525 Routers

See the end of this chapter for "Interface Configuration Examples."

Understand Interface Configuration

Begin interface configuration in global configuration mode. To configure an interface, follow these steps:

Step 1 Enter the configure EXEC command at the privileged EXEC prompt to enter global configuration mode.

Step 2 Once in the global configuration mode, start configuring the interface by entering the interface command. Identify the interface type followed by the number of the connector or interface card. These numbers are assigned at the factory at the time of installation or when added to a system and can be displayed with the show interfaces EXEC command. A report is provided for each interface the router supports, as seen in the following partial sample display:

Use the show hardware EXEC command to see a list of the system software and hardware.

The following sections show how to configure each interface type. Follow the interface command with the routing or bridging interface configuration commands for your particular protocol or application, as described in this chapter and subsequent chapters.

See the section "Enabling Interface Configuration Examples" at the end of this chapter.

Configure Low-Speed Serial Interfaces on Cisco 2500 Routers

This section describes how to configure low-speed serial interfaces on Cisco 2520 through Cisco 2523 routers. It describes these tasks in the following sections:

• Overview of Half-Duplex DTE and DCE State Machines

• Change between Controlled-Carrier and Constant-Carrier Modes

• Tune Half-Duplex Timers

• Change between Synchronous and Asynchronous Modes

Overview of Half-Duplex DTE and DCE State Machines

The following section describes the communication between half-duplex DTE transmit and receive state machines and half-duplex DCE transmit and receive state machines.

Half-Duplex DTE State Machines

As shown in Figure 1, the half-duplex DTE transmit state machine for low-speed interfaces remains in the ready state when it is quiescent. When a frame is available for transmission, the state machine transitions to the transmit delay state and waits for a time period, which is defined by the half-duplex timer transmit-delay command. The default is 0 ms. Transmission delays are used for debugging half-duplex links and assisting lower speed receivers that cannot process back-to-back frames.

Figure 1: Half-Duplex DTE Transmit State Machine

As shown in Figure 2, a half-duplex DTE receive state machine for low-speed interfaces idles and receives frames in the ready state. A giant frame is any frame whoes size exceeds the maximum transmission unit (MTU). If the beginning of a giant frame is received, the state machine transitions to the in giant state and discards frame fragments until it receives the end of the giant frame. At this point, the state machine transitions back to the ready state and waits for the next frame to arrive.

Figure 2: Half-Duplex DTE Receive State Machine

Half-Duplex DCE State Machines

As shown in Figure 3, for a low-speed serial interface in DCE mode, the half-duplex DCE transmit state machine idles in the ready state when it is quiescent. When a frame is available for transmission on the serial interface, such as when the output queues are no longer empty, the state machine starts a timer (based on the value of the transmit-delay command, in milliseconds) and transitions to the transmit delay state. Similar to the DTE transmit state machine, the transmit delay state gives you the option of setting a delay between the transmission of frames; for example, this feature lets you compensate for a slow receiver that loses data when multiple frames are received in quick succession. The default transmit-delay value is 0 ms; use the half-duplex timer transmit-delay interface configuration command to specify a delay value not equal to 0.

Figure 3: Half-duplex DCE Transmit State Machine

As shown in Figure 4, the half-duplex DCE receive state machine idles in the ready state when it is quiescent. It transitions out of this state when the DTE asserts RTS. In response, the DCE starts a timer with the value cts-delay. This timer delays the assertion of CTS because some DTE interfaces expect this delay. (The default value of this timer is 0 ms; use the half-duplex timer cts-delay interface configuration command to specify a delay value.)

Figure 4: Half-duplex DCE Receive State Machine

Change between Controlled-Carrier and Constant-Carrier Modes

The half-duplex controlled-carrier command enables you to change between controlled-carrier and constant-carrier modes for low-speed serial DCE interfaces in half-duplex mode. Configure a serial interface for half-duplex mode by using the half-duplex command. Full-duplex mode is the default for serial interfaces. This interface configuration is available on Cisco 2520 through Cisco 2523 routers.

Controlled-carrier operation means that the DCE interface will have DCD de-asserted in the quiescent state. When the interface has something to transmit, it will assert DCD, wait a user-configured amount of time, then start the transmission. When it has finished transmitting, it will again wait a user-configured amount of time, then de-assert DCD.

Place a Low-Speed Serial Interface in Controlled-Carrier Mode

To place a low-speed serial interface in controlled-carrier mode, perform the following task in interface configuration mode:

Place a Low-Speed Serial Interface in Constant-Carrier Mode

To return a low-speed serial interface to constant-carrier mode from controlled-carrier mode, perform the following task in interface configuration mode:

Change between Controlled-Carrier and Constant-Carrier Modes Example

The following example shows how to change to controlled-carrier mode from the default of constant-carrier operation:

Router(config)# interface serial 2
Router(config-if)# half-duplex controlled-carrier

The following example shows how to change to constant-carrier mode from controlled-carrier mode:

Router(config)# interface serial 2
Router(config-if)# no half-duplex controlled-carrier

Tune Half-Duplex Timers

To tune half-duplex timers, perform the following task in interface configuration mode:

The timer tuning commands permit you to adjust the timing of the half-duplex state machines to suit the particular needs of their half-duplex installation.

Note that the half-duplex timer command and its options deprecates the following two timer tuning commands that are available only on high-speed serial interfaces:

• sdlc cts-delay

• sdlc rts-timeout

Tune Half-Duplex Timers Example

The following examples show how to set the cts-delay timer to 1234 ms and the transmit-delay timer to 50 ms.

Router(config)# interface serial 2
Router(config-if)# half-duplex timer cts-delay 1234
Router(config-if)# half-duplex timer transmit-delay 50

Change between Synchronous and Asynchronous Modes

To specify the mode of a low-speed serial interface as either synchronous or asynchronous, perform the following task in interface configuration mode:

This command applies only to low-speed serial interfaces available on Cisco 2520 through Cisco 2523 routers.

In synchronous mode, low-speed serial interfaces support all interface configuration commands available for high-speed serial interfaces, except the following two commands:

• sdlc cts-delay

• sdlc rts-timeout

When placed in asynchronous mode, low-speed serial interfaces support all commands available for standard asynchronous interfaces. The default is synchronous mode.

Note that when you enter this command, it does not appear in the output of show running config and show startup config command, because the command is a physical-layer command.

Return a Low-Speed Serial Interface to Synchronous Mode

To return to the default mode (synchronous) of a low-speed serial interface on a Cisco 2520 through Cisco 2523 router, perform the following task in interface configuration mode:

Specify the Mode of a Low-Speed Serial Interface Example

The following example shows how to change a low-speed serial interface from synchronous to asynchronous mode:

Router(config)# interface serial 2
Router(config-if)# physical-layer async

The following examples show how to change a low-speed serial interface from asynchronous mode back to its default synchronous mode:

Router(config)# interface serial 2
Router(config-if)# physical-layer sync

or

Router(config)# interface serial 2
Router(config-if)# no physical-layer

The following example shows some typical asynchronous interface configuration commands:

Router(config)# interface serial 2
Router(config-if)# physical-layer async
Router(config-if)# ip address 1.0.0.2 255.0.0.0 
Router(config-if)# async default ip address 1.0.0.1
Router(config-if)# async mode dedicated
Router(config-if)# async default routing

The following example shows some typical synchronous serial interface configuration commands available when the interface is in synchronous mode:

Router(config)# interface serial 2
Router(config-if)# physical-layer sync
Router(config-if)# ip address 1.0.0.2 255.0.0.0 
Router(config-if)# no keepalive
Router(config-if)# ignore-dcd
Router(config-if)# nrzi-encoding
Router(config-if)# no shutdown

Configure an Asynchronous Serial Interface

All of our router platforms configured with an auxiliary port support the asynchronous serial interface. To configure an asynchronous serial interface on the router, you must establish asynchronous serial line connections using PPP or SLIP. PPP and SLIP define methods of sending Internet packets over a standard RS-232 asynchronous serial line. PPP also defines methods for sending IPX packets.

Asynchronous Serial Task List

To use the asynchronous device as a network interface via PPP or SLIP, complete the tasks in the following sections:

• Specify Asynchronous Serial Interface 1

• Configure Asynchronous Serial Encapsulation

• Configure the Addressing Method

• Configure Dedicated or Interactive Mode

• Assign IP Addresses to an Incoming Connection

• Enable or Disable Specific IP Addresses for an Interface

• Enable Asynchronous Routing

• Connect to Remote Routers via PPP or SLIP

• Configure Group and Member Asynchronous Interfaces

Specify Asynchronous Serial Interface 1

Only the auxiliary port on a router can be configured as an asynchronous serial interface. To configure an asynchronous serial interface on the router, you must establish asynchronous serial line connections using PPP or SLIP, as described in the next section.

The router automatically associates the interface number 1 with the absolute line number 1 of the auxiliary port, and treats the interface as an asynchronous line. However, to configure the auxiliary port as an asynchronous interface, you must also configure it as an auxiliary line with the line aux 1 command as described in the chapter entitled "Configuring Terminal Lines and Modem Support." Follow the line command with the appropriate line configuration commands for modem control, such as speed. Perform the following task in global configuration mode to specify the auxiliary port line as an asynchronous interface:

Configure Asynchronous Serial Encapsulation

There are two asynchronous serial encapsulation methods:

• SLIP

• Asynchronous PPP

SLIP and PPP are methods of encapsulating datagrams and other network-layer protocol information over point-to-point links. SLIP is the default method. Perform the following task in interface configuration mode to configure PPP or SLIP encapsulation on the asynchronous interface:

The configured SLIP or PPP encapsulation method applies to an interface configured for dedicated asynchronous mode or dial-on-demand routing (DDR). On an asynchronous interface configured for interactive mode, the encapsulation type is specified by the user with the slip or ppp EXEC command. See the "Configure Dedicated or Interactive Mode" section later in this section.

In order to use SLIP or PPP, the router must be configured with an IP routing protocol or with the ip host-routing command. This configuration is done automatically if you are using old-style slip address commands. However, you must configure it manually if you configure SLIP or PPP via the interface async command.

See the section "Configure PPP" in the section "Configure a Synchronous Serial Interface" later in this chapter for more information about PPP.

Configure the Addressing Method

You can control whether a user must specify an address when making a SLIP or PPP connection or whether the address is forced by the system. Using an address defined by the system is referred to as default addressing. Requiring the user to specify an address is called dynamic addressing. It is common to configure an asynchronous interface both to have a default address and to allow dynamic addressing.

This section describes how to do the following:

• Assign a Default Asynchronous Address

• Allow an Asynchronous Address to be Assigned Dynamically

Assign a Default Asynchronous Address

You can assign a permanent default asynchronous address to a line by performing the following task in interface configuration mode:

Allow an Asynchronous Address to be Assigned Dynamically

When a line is configured for dynamic assignment of asynchronous addresses, the user enters the slip or ppp EXEC command and is prompted for an address or logical host name. The TACACS validates the address, when enabled, and the line is assigned the given address and put into asynchronous mode. Assigning asynchronous addresses dynamically is also useful when you want to assign set addresses to users. For example, an application on a personal computer that automatically dials in using SLIP and polls for electronic mail messages can be set up to dial in periodically and enter the required IP address and password.

The dynamic addressing features of the internetwork allow packets to get to their destinations and back regardless of the router or network they are sent from. For example, if a host such as a laptop computer moves from place to place, it can keep the same address no matter where it is dialing in from. For an example of configuring asynchronous dynamic addressing, see the section "Asynchronous Routing and Dynamic Addressing Example" at the end of this chapter.

Configure Dedicated or Interactive Mode

You can configure the asynchronous interface to be in dedicated network or interactive mode.

For an example of placing an asynchronous interface into dedicated network mode, see the section "Dedicated Asynchronous Interface Example" at the end of this chapter.

Alternatively, you can configure an asynchronous line for interactive mode. In interactive mode, the line can be used to make any type of connection, depending on the EXEC command entered by the user. For example, depending on its configuration, the line could be used for Telnet connections, or SLIP or PPP encapsulation. Perform the following task in interface configuration mode to configure an asynchronous line for interactive mode:

Assign IP Addresses to an Incoming Connection

You can assign IP addresses to incoming connections on an asynchronous interface without a known IP address in one of three ways:

• By using the DHCP proxy-client and creating an address pool of IP addresses, administered on a DHCP server, and used on all interfaces

• By creating one or more locally administered IP address pools, used on all interfaces

• By assigning a single IP address to be used on all incoming connections on a specific interface

Address pooling allows a set of IP addresses to be allocated for users without a known IP address who are dialing in to the access server. This allows a finite number of IP addresses to be reused quickly and efficiently by many clients. Additional benefits include the ability to maintain sessions, such as Telnet, even when a modem line fails. When the client is auto-dialed back into the server, the server will attempt to reissue the same IP address to the client and therefore resume the aborted session.

You can create address pools with the Dynamic Host Configuration Protocol (DHCP) suite of commands, or with the ip local-pool command. Alternately, you can assign a single IP address to be used on a specific interface by using the peer default ip-address command. This has the same effect as turning off pooling on this interface. These methods are described in the following sections.

Configure DHCP Address Pooling

The Dynamic Host Configuration Protocol (DHCP) model consists of the following components:

• A DHCP server--A host-based DHCP server configured to accept and process requests for temporary IP addresses

• A DHCP proxy-client--A Cisco access server configured to arbitrate DHCP calls between the DHCP server and the DHCP client

The DHCP client-proxy feature manages a pool of IP addresses available to PPP or SLIP dial-in clients without a known IP address. You can designate all of the access server's asynchronous interfaces to use DHCP or you can turn off DHCP on individual interfaces. You can also assign a specific IP address to use on a given interface. (See the section "Enable or Disable Specific IP Addresses for an Interface.") Cisco's implementation of DHCP complies with RFC 1541, and is compliant with Extended TACACS and AAA/TACACS+.

Enable DHCP Address Pooling

To enable DHCP address pooling on the access server's asynchronous interfaces, perform the following tasks, starting in global configuration mode:

Refer to "Configure DHCP Pooling Examples" for examples of these tasks.

Disable DHCP Address Pooling

To turn off DHCP address pooling on a specific interface, perform the following task in interface configuration mode:

Enable or Disable Local IP Address Pooling

To make temporary IP addresses available for dial-in asynchronous clients using SLIP/PPP on a per-interface basis, perform the following tasks, beginning in global configuration mode:

Refer to "Configure Local Pooling Example" for examples of these tasks.

To turn off local IP address pooling on a specific interface, perform the following task in interface configuration mode:

Enable or Disable Specific IP Addresses for an Interface

To specify that a specific IP address be returned when an incoming connection requests an address, perform the following task in interface configuration mode:

You can use this command in conjunction with DHCP or local address pooling. Refer to "Configure Specific IP Addresses for an Asynchronous Interface Example " for an example of these tasks.

To turn off an IP address on a specific interface, perform the following task in interface configuration mode:

Enable Asynchronous Routing

You can enable use of dynamic routing protocols on the asynchronous interface by performing the following task in interface configuration mode:

Connect to Remote Routers via PPP or SLIP

You can use an asynchronous device as a network interface connection to a remote router via the auxiliary port using the PPP or SLIP protocols. Refer to the Cisco Access Connection Guide.

Configure Group and Member Asynchronous Interfaces

You can create an asynchronous interface to be used as a group interface, which can be associated with other, member asynchronous interfaces.

This association allows you to configure the group interface and all of its member interfaces with a single command entered at the asynchronous group interface command line. You can have more than one group interface on a device; however, a member interface can be associated with only one group.

See the "Group and Member Asynchronous Interfaces Examples" section for an example of group and member interfaces.

Figure 6-1 illustrates the group-member interface concept.

Create the Group Interface and the Member Interfaces

To create an asynchronous group interface and associate member interfaces to this group interface, perform the following commands starting in global configuration mode:

Refer to "Group and Member Asynchronous Interfaces Examples" for an example configuration.

Define Slave Asynchronous Interface Characteristics

Member interfaces can have certain interface configurations that differ from their group. The following are valid interface configuration commands:

• async default ip address

• description

To define a member to have one or more interface configurations different from its group, enter the following command in interface configuration mode, where interface-command is one of the commands listed in the preceding list:

Configure Service Modules on Cisco 2524 and Cisco 2525 Routers

This section describes how to configure service modules on Cisco 2524 and Cisco 2525 routers. It describes these tasks in the following sections:

• Configure Fractional T1/T1 CSU/DSU Service Modules

• Perform Loopback

• Configure 2-Wire and 4-Wire 56/64 kbps CSU/DSU Service Modules

Configure Fractional T1/T1 CSU/DSU Service Modules

This section describes how to configure fractional T1 and T1 (FT1/T1) service modules installed on Cisco 2524 and Cisco 2525 routers. This section describes the following tasks:

• Specify the Clock Source

• Enable Data Inversion Before Transmission

• Specify the Frame Type of an FT1/T1 Line

• Specify the CSU Line Build Out

• Specify FT1/T1 Line-Code Type

• Enable Remote Alarms

• Enable Loopcodes that Initiate Remote Loopbacks

• Specify Timeslots

Specify the Clock Source

To specify the clock source for the FT1/T1 CSU/DSU module, perform the following task in interface configuration mode:

Enable Data Inversion Before Transmission

Data inversion is used to guarantee the ones density requirement on an AMI line when using bit-oriented protocols such as High-Level Data Link Control (HDLC), Point-to-Point Protocol (PPP), X.25, and Frame Relay.

To guarantee the ones density requirement on an AMI line using the FT1/T1 CSU/DSU module, perform the following task in interface configuration mode:

If the timeslot speed is set to 56 kbps, this command is rejected because line density is guaranteed when transmitting at 56 kbps. Use this command with the 64 kbps line speed. If you transmit inverted bit codes, both CSU/DSUs must have this command configured for successful communication.

To enable normal data transmission on a FT1/T1 network, perform the following task in interface configuration mode:

Specify the Frame Type of an FT1/T1 Line

To specify the frame type for a line using the FT1/T1 CSU/DSU module, perform the following task in interface configuration mode:

In most cases, the service provider determines which framing type, either esf or sf, is required for your circuit.

Specify a T1 Frame Type Example

The following example enables super frame as the FT1/T1 frame type:

boa1(config-if)# service-module t1 framing sf

Specify the CSU Line Build Out

To decrease the outgoing signal strength to an optimum value for telecommunication carrier network, perform the following task on the FT1/T1 CSU/DSU module in interface configuration mode:

To transmit packets without decreasing outgoing signal strength, perform the following task in interface configuration mode:

The ideal signal strength should be between -15 dB and -22 dB, which is calculated by adding the phone company loss + cable length loss + line build out.

Specify the CSU Line Build Out Example

The following example shows a line build out setting of -7.5 dB:

Router1(config-if)#service-module t1 lbo -7.5db

Specify FT1/T1 Line-Code Type

To configure the line code for the FT1/T1 CSU/DSU module, perform the following task in interface configuration mode:

Configuring B8ZS is a method of ensuring the ones density requirement on a T1 line by substituting intentional bi polar violations in bit positions four and seven for a sequence of eight zero bits. When the CSU/DSU is configured for AMI, you must guarantee the ones density requirement in your router configuration using the service-module t1 data-coding inverted command or the service-module t1 timeslots speed 56 command.

In most cases, your T1 service provider determines which line-code type, either ami or b8zs, is required for your T1 circuit.

Specify T1 Line-Code Type Example

The following example specifies AMI as the line-code type:

Router(config-if)# service-module t1 linecode ami

Enable Remote Alarms

To generate remote alarms (yellow alarms) at the local CSU/DSU or detect remote alarms sent from the remote CSU/DSU, perform the following task in interface configuration mode:

Some user applications may transmit data that replicates remote alarms. If the line is configured to use super frame framing, this data causes false alarms at the remote end and disrupts data transmission. If the line is configured to use extended super frame framing, this data cannot cause false alarms at the remote end. In esf format, remote alarms are transmitted as out-of-band signals, which user applications cannot replicate.

To disable remote alarms, perform the following task in interface configuration mode:

Enable Loopcodes that Initiate Remote Loopbacks

To specify if the fractional T1/T1 CSU/DSU module goes into loopback when it receives a loopback code on the line, perform the following task in interface configuration mode:

You can simultaneously configure the full and payload loopback points. However, only one loopback payload code can be configured at a time. For example, if you configure the service-module t1 remote-loopback payload alternate command, a payload v.54 request, which is the industry standard and default, cannot be transmitted or accepted. Full and payload loopbacks with standard-loopup codes are enabled by default.

The no form of this command disables loopback requests. For example, the no service-module t1 remote-loopback full command ignores all full-bandwidth loopback transmissions and requests. Configuring the no form of the command may not prevent telco line providers from looping your router in esf mode, because fractional T1/T1 telcos use facilities data-link messages to initiate loopbacks.

If you enable the service-module t1 remote-loopback command, the loopback remote commands on the FT1/T1 CSU/DSU module will not be successful.

Enable Loopcodes Example

The following example displays two routers connected back-to-back through an FT1/T1 line:

Router(config-if)# no service-module t1 remote-loopback full
Router(config-if)# service-module t1 remote-loopback payload alternate
boa1(config-if)# loopback remote full
%SERVICE_MODULE-5-LOOPUPFAILED: Unit 0 - Loopup of remote unit failed
boa1(config-if)# service-module t1 remote-loopback payload v54
boa1(config-if)# loopback remote payload
%SERVICE_MODULE-5-LOOPUPFAILED: Unit 0 - Loopup of remote unit failed
boa1(config-if)# service-module t1 remote-loopback payload alternate
boa1(config-if)# loopback remote payload
%SERVICE_MODULE-5-LOOPUPREMOTE: Unit 0 - Remote unit placed in loopback

Specify Timeslots

To define timeslots for FT1/T1 module, perform the following task in interface configuration mode:

Timeslots constitute the FT1/T1 channel. The range is from 1 to 24, where the first timeslot is numbered 1 and the last timeslot is numbered 24. Specify this field by using a series of subranges separated by commas. The timeslot range must match the timeslots assigned to the channel group. In most cases, the service provider defines the timeslots that comprise a channel group. Use the no form of this command to select all FT1/T1 timeslots transmitting at 64 kbps, which is the default.

Specify Timeslots Example

The following example displays a series of timeslot ranges and a speed of 64 kbps:

Router(config-if)#service-module t1 timeslots 1-10,15-20,22 speed 64

Perform Loopback

You can loop packets back to the network from the integrated CSU/DSU, loop packets to DTE, and loop packets through a local CSU/DSU to a remote CSU/DSU.

Enable Loopback Line

To loop data received from the line at the local CSU/DSU back to the line, perform the following task in interface configuration mode:

Enable Loopback Line Example

The following example shows how to configure a payload loopback:

Router1(config-if)#loopback line payload
Loopback in progress
Router1(config-if)#no loopback line

The following example shows the output when you loop a packet in switched mode without an active connection:

Router1(config-if)#service-module 56k network-type switched
Router1(config-if)#loopback line payload
Need active connection for this type of loopback
% Service module configuration command failed: WRONG FORMAT.

Enable Loopback DTE

To loop packets back to DTE from within the local CSU/DSU, perform the following task:

Packets are looped from within the CSU/DSU back to the serial interface of the router. Send a test ping to see if the packets successfully looped back. To cancel the loopback test, use the no loopback dte command.

When using the 4-wire 56/64-kbps CSU/DSU module, an out-of-service signal is transmitted to the remote CSU/DSU.

Examples

The following example loops a packet from a module to the serial interface:

Router1(config-if)#loopback dte
Loopback in progress
Router1#ping 12.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/28 ms

Perform Loopback Remote (Interface)

To loop packets at the remote CSU/DSU, perform the following task:

This command applies only when the remote CSU/DSU device is configured for this function. It is used for testing the data communication channels along with or without remote CSU/DSU circuitry. The loopback is usually performed at the line port, rather than the DTE port, of the remote CSU/DSU.

FT1/T1 CSU/DSU Module

On the integrated FT1/T1 CSU/DSU module installed on a Cisco 2524 and Cisco 2525 router, the loopback remote full command sends the loopup code to the remote CSU/DSU. The remote CSU/DSU performs a full-bandwidth loopback through the CSU portion of the module. The loopback remote payload command sends the loopup code on the configured timeslots, while maintaining the D4-extended super framing. The remote CSU/DSU performs the equivalent of a loopback line payload request. The remote CSU/DSU loops back only those timeslots that are configured of the remote end. This loopback reframes the data link, regenerates the signal, and corrects bi polar violations and extended super frame CRC errors. The loopback remote smart-jack command sends a loopup code to the remote smart jack. You cannot put the local smart jack into loopback.

Failure to loopup or initiate a remote loopback request could be caused by enabling the no service-module t1 remote-loopback command or having an alternate remote-loopback code configured on the remote end. When the loopback is terminated, the result of the pattern test is displayed.

2- and 4-Wire 56/64-kbps CSU/DSU Modules

On the 2- and 4-wire 56/64-kbps CSU/DSU modules installed on a Cisco 2524 or Cisco 2525 router, an active connection is required before a loopup can be initiated while in switched mode. When transmitting V.54 loopbacks, the remote device is commanded into loopback using V.54 messages. Failure to loopup or initiate a remote loopback request could be caused by enabling the no service-module 56k remote-loopback command.

To show interfaces currently in loopback operation, use the show interfaces loopback EXEC command.

Configure 2-Wire and 4-Wire 56/64 kbps CSU/DSU Service Modules

This section describes how to configure 2- and 4-wire 56/64 kbps service modules. The following tasks are described:

• Set the Clock Source

• Set the Network Line Speed

• Enable Scrambled Data Coding

• Change between Digital Data Service (DDS) and Switched Dial-up Modes

• Enable Acceptance of a Remote Loopback Request

• Select a Service Provider

Set the Clock Source

To configure the clock source for a 4-wire 56/64-kbps CSU/DSU module, perform the following task:

Use the no form of this command to enable the line clock, which is the default.

Setting the Clock Source Example

The following example shows a router using internal clocking while transmitting frames at 38.4 kbps.

Router1(config-if)#service-module 56k clock source internal
Router1(config-if)#service-module 56k clock rate 38.4

Set the Network Line Speed

Configure the line with the following speeds: 2.4, 4.8, 9.6, 19.2, 38.4, 56, and 64 . The 64-kbps line speed cannot be used with back-to-back digital data service (DDS) lines. The sub-rate line speeds are determined by the service provider.

Only the 56-kbps line speed is available in switched mode, which is enabled using the service-module 56k network-type interface configuration command on the 4-wire CSU/DSU. The 2-wire CSU/DSU default is set to switched mode.

The auto linespeed enables the CSU/DSU to decipher current line speed from the sealing current running on the network. Back-to-back DDS lines do not have sealing current, therefore use auto only when transmitting over telco DDS lines and the clocking source is taken from the line.

Use the no form of this command to enable a network line speed of 56 kbps, which is the default.

Set the Network Line Speed Example

The following example displays two routers connected in back-to-back DDS mode. However, the configuration fails because the auto rate is used.

Router1(config-if)#service-module 56k clock source internal
Router1(config-if)#service-module 56k clock rate 38.4
Router2(config-if)#service-module 56k clock rate auto
% WARNING - auto rate will not work in back-to-back DDS.
a1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.....		
Success rate is 0 percent (0/5)
Router2(config-if)#service-module 56k clock rate 38.4 
Router1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/54/56 ms

When transferring from DDS mode to switched mode, you must set the correct clock rate, as shown in the following example:

Router2(config-if)#service-module 56k network-type dds
Router2(config-if)#service-module 56k clock rate 38.4
Router2(config-if)#service-module 56k network-type switched
% Have to use 56k or auto clock rate for switched mode
% Service module configuration command failed: WRONG FORMAT.
Router2(config-if)#service-module 56k clock rate auto
% WARNING - auto rate will not work in back-to-back DDS.
Router2(config-if)#service-module 56k network-type switched

Enable Scrambled Data Coding

To prevent application data from replicating loopback codes when operating at 64-kbps on a 4-wire CSU/DSU, perform the following task in interface configuration mode:

Enable the scrambled configuration only in 64-kbps digital data service (DDS) mode. If the network type is set to switched, the configuration is refused.

If you transmit scrambled bit codes, both CSU/DSUs must have this command configured for successful communication.

To enable normal data transmission for the 4-wire 56/64-kbps module, perform the following task, which is the default, in interface configuration mode:

Enable Scrambled Data Coding Example

The following example scrambles bit codes in 64 kbps DDS mode:

Router(config-if)# service-module 56k clock rate 56
Router(config-if)# service-module 56k data-coding scrambled
Can configure scrambler only in 64k speed DDS mode
% Service module configuration command failed: WRONG FORMAT.
Router(config-if)# service-module 56k clock rate 64
% WARNING - 64k mode will not work in back-to-back DDS.
Router(config-if)# service-module 56k data-coding scrambled

Change between Digital Data Service (DDS) and Switched Dial-up Modes

To transmit packets in switched dial-up mode or DDS mode using the 4-wire 56/64-kbps CSU/DSU module, perform the following task in interface configuration mode:

Use the no form of these commands to transmit from a dedicated leased line in DDS mode. DDS is enabled by default for the 4-wire CSU/DSU. Switched is enabled by default for the 2-wire CSU/DSU.

In switched mode, you need additional dialer configuration commands to configure dial-out numbers. Before you enable the service-module 56k network-type switched command, both CSU/DSU's must use a clock source coming from the line and the clock rate configured to auto or 56k kbps. If the clock rate is not set correctly, this command will not be accepted.

The 2- and 4-wire 56/64-kbps CSU/DSU modules accept V.25 bis dial commands, which are configured using the dialer in-band command.

Enable Switched Dial-up Mode Example

The following example displays transmission in switched dial-up mode:

Router(config-if)# service-module 56k clock rate 19.2
Router(config-if)# service-module 56k network-type switched
% Have to use 56k or auto clock rate for switched mode
% Service module configuration command failed: WRONG FORMAT.
Router(config-if)# service-module 56k clock rate auto
Router(config-if)# service-module 56k network-type switched
Router(config-if)# dialer in-band
Router(config-if)# dialer string 2576666
Router(config-if)# dialer-group 1

Enable Acceptance of a Remote Loopback Request

To enable the acceptance of a remote loopback request on a 2- or 4-wire 56/64-kbps CSU/DSU module, perform the following task in interface configuration mode:

The no service-module 56k remote-loopback command prevents the local CSU/DSU from being placed into loopback by remote devices on the line. Unlike the T1 module, the 2- or 4-wire 56/64-kbps CSU/DSU module can still initiate remote loopbacks with the no form of this command configured.

Remote Loopback Request Example

The following example enables you to transmit and receive remote loopbacks using the service-module 56k remote-loopback command:

Router(config-if)#service-module 56k remote-loopback
Router(config-if)#
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
%LINK-3-UPDOWN: Interface Serial0, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
%LINK-3-UPDOWN: Interface Serial0, changed state to up
%SERVICE_MODULE-5-LOOPUPREMOTE: Unit 0 - Remote unit placed in loopback

Select a Service Provider

To select a service provider to use with a 2- or 4-wire 56/64 kbps dial-up line, perform the following task in interface configuration mode:

The att keyword specifies AT&T or another digital network service provider as the line carrier, which is the default for the 4-wire 56/64-kbps CSU/DSU module. The sprint keyword specifies Sprint or another service provider whose network carries mixed voice and data as the line carrier, which is the default for the 2-wire switched 56-kbps CSU/DSU module.

In a Sprint network, echo-canceler tones are sent during call setup to prevent echo cancelers from damaging digital data. The transmission of these cancelers may increase call setup times by 8 seconds on the 4-wire module. Having echo cancellation enabled does not affect data traffic.

This configuration command is ignored if the network type is DDS.

Use the no form of this command to enable the default service provider. AT&T is enabled by default on the 4-wire 56/64 module. Sprint is enabled by default on the 2-wire switched 56 module.

Select a Service Provider Example

The following example selects AT&T as the service provider:

Router(config-if)# service-module 56k network-type switched
Router(config-if)# service-module 56k switched-carrier att

Configure an ATM Interface

See the "Configuring ATM" chapter for information on how to configure an Asynchronous Transfer Mode (ATM) interface.

See also the section "Invoke ATM over a Serial Line" in the section "Configure a Synchronous Serial Interface" later in this chapter.

Configure Channelized E1

Support for channelized E1 is provided on the following platforms:

• Cisco 7000 series--by means of a MultiChannel Interface Processor (MIP) and a CxBus channelized E1 adapter (CX-MIP-CE1). The Cisco 7000 MIP can support one or two CX-MIP-CE1 adapters.

• Cisco 4000 series--by means of up to three channelized E1 controllers, each providing one physical interface (adapter) to the network when running as a channelized interface card. (When used to run ISDN PRI, only one Network Processor Module (NPM) can be used in the Cisco 4000 and two NPMs can be used in the Cisco 4500.)

Each E1 adapter can support a maximum of 30 channel groups. The Cisco 7000 MIP can support one or two adapters, providing a maximum of 60 channel groups per MIP. The Cisco 4000 can support one adapter, providing a maximum of 30 channel groups. Each channel group is presented to the system as a serial interface that can be configured individually. In effect, up to 30 E1 circuits are multiplexed to each hardware adapter.

Use the show controllers e1 EXEC command to display current E1 status. This command provides a report for each physical interface configured to support channelized E1.

Channelized E1 supports the following WAN protocols:

Channelized E1 Task List

Using channelized E1 controller and serial interface configuration commands, you can perform the tasks in the following sections to configure channelized E1:

• Configure the E1 Controller

• Define the Line Code

• Define the Framing Characteristics

• Define the E1 Channel Groups

• Configure the Channelized E1 Channel Groups

See the end of this chapter for "Interface Configuration Examples."

Configure the E1 Controller

To configure the E1 physical characteristics, you first define the location of the controller in the router. A Cisco 7000 router can have up to four MIP and eight CX-MIP-CE1 interfaces. A Cisco 7010 router can have up to three MIP and six CX-MIP-CE1 interfaces. The Cisco 4000 series routers can support up to three network processor module (NPM) cards, each with one interface when running it as a channelized interface card. However, when the card is used to run ISDN PRI, only one NPM can be used in the Cisco 4000 and two NPMs can be used in the Cisco 4500.

Perform the following task in global configuration mode to define the E1 controller and to enter controller configuration mode:

Define the Line Code

Perform the following task in controller configuration mode to define the line code as either alternate mark inversion (AMI) or HDB3:

Contact your local telephone service provider to determine the line-code requirements of the physical E1 line. The E1 controller values must match the service provided by the telephone company.

Define the Framing Characteristics

Perform the following task in controller configuration mode to define the framing characteristics as either CRC4 or no-CRC4, or as the version of E1 framing used in Australia only:

Contact your local telephone service provider to determine the framing requirements of the physical E1 line. The E1 controller values must match the service provided by the telephone company.

Define the E1 Channel Groups

You can define up to 30 channel groups for each E1 adapter. You must define the timeslots that belong with each channel group. Channel groups are numbered 0 to 30, and timeslots are numbered 1 to 31. Perform the following task in controller configuration mode to define the channel groups and timeslots:

Working with your local service provider, you can create channel-groups with from one to 31 timeslots. These timeslots can be in any order, contiguous or noncontiguous. Channel-group speeds can be 48 kbps, 56 kbps, or 64 kbps; the default is 64 kbps if the speed is not specified. The speed you choose must match the speed specified by your service provider. 7

Configure the Channelized E1 Channel Groups

After you define the E1 channel groups, you can configure each channel group as a serial interface. In other words, you can think of each channel group as a virtual serial interface. Subinterface configuration on the created interface is also supported. Perform the following task either in global configuration mode or controller configuration mode to enter interface configuration mode and configure the serial interface that corresponds to a channel group:

Configure Channelized T1

Support for channelized T1 (also referred to as fractional T1) is provided on the following platforms:

• Cisco 7000 series by means of a MultiChannel Interface Processor (MIP) and a CxBus channelized T1 adapter (CxCT1). The Cisco 7000 MIP can support one or two CxCT1 adapters.

• Cisco 4000 series by means of a single channelized T1 adapter.

Each T1 adapter can support a maximum of 24 DS0 channel groups. Each channel group is presented to the system as a serial interface that can be configured individually. The Cisco 7000 MIP can support one or two CxCT1 adapters, providing a maximum of 48 channel groups per MIP. The Cisco 4000 supports a one adapter, providing a maximum of 24 channel groups. In effect, up to 24 DS0 circuits are multiplexed to a single hardware adapter.

Use the show controllers t1 EXEC command to display current T1 status. This command provides a report for each physical interface configured to support channelized T1.

Channelized T1 supports the following WAN protocols:

Channelized T1 Task List

Using channelized T1 controller and serial interface configuration commands, you can perform the tasks in the following sections to configure channelized T1:

• Configure the T1 Controller

• Define the Line Code

• Define the Framing Characteristics

• Define the Clock Source

• Define the T1 Channel Groups

• Configure the Channelized T1 Channel Groups

See the end of this chapter for "Interface Configuration Examples."

Configure the T1 Controller

To configure the T1 physical characteristics, you first define the physical location of the MIP and CxCT1 in the Cisco 7000 series router. A Cisco 7000 router can have up to four MIP and eight CxCT1 interfaces. A Cisco 7010 router can have up to three MIP and six CxCT1 interfaces. The Cisco 4000 series routers can support up to three network processor module (NPM) cards, each with one interface when running it as a channelized interface card. However, when the card is used to run ISDN PRI, only one NPM can be used in the Cisco 4000 and two NPMs can be used in the Cisco 4500.

Perform the following task in global configuration mode to define the T1 controller and to enter controller configuration mode:

Define the Line Code

Perform the following task in controller configuration mode to define the line code as either alternate mark inversion (AMI) or bipolar 8 zero substitution (B8ZS):

Contact your local telephone service provider to determine the line-code requirements of the physical T1 line. The T1 controller values must match the service provided by the telephone company.

Define the Framing Characteristics

Perform the following task in controller configuration mode to define the framing characteristics as either super frame (SF) or extended super frame (ESF):

Contact your local telephone service provider to determine the framing requirements of the physical T1 line. The T1 controller values must match the service provided by the telephone company.

Define the Clock Source

Under normal usage, skip this step. You must define the clock source only when connecting two devices back-to-back for testing purposes. The clock source normally comes from the T1 line rather than from the router interface, but when you connect two routers back-to-back for testing purposes, one device supplies an internal clock source. To define the clock source, perform the following task in controller configuration mode:

Define the T1 Channel Groups

You can define up to 24 channel groups for each T1 adapter.You must define the timeslots that belong with each channel group. Channel groups are numbered 0 to 23, and timeslots are numbered 1 to 24. Perform the following task in controller configuration mode to define the channel groups and timeslots:

Working with your local service provider, you can create channel-groups with from one to 24 timeslots. These timeslots can be in any order, contiguous or noncontiguous. In the United States, channel-group speeds can be either 56 kbps or 64 kbps; the default is 56 kbps. If 64 kbps is used, it is recommended to be used with framing type of ESF and a linecode of B8ZS. The speed you select must match the speed provided by the telephone company.

Configure the Channelized T1 Channel Groups

After you define the T1 channel groups, you can configure each channel group as a serial interface. In other words, you can think of each channel group as a virtual serial interface. Subinterface configuration is also supported on the created serial interface. Perform the following task either in global configuration mode or controller configuration mode to enter interface configuration mode and configure the serial interface that corresponds to a channel group:

Configure a Dialer Interface

See the chapter "Configuring DDR" for information about how to configure a dialer interface.

Configure an Ethernet Interface

Support for the Ethernet interface is supplied on one of the following Ethernet network interface cards or systems:

• The Multiport Communications Interface (MCI) card in the modular routers, which provides one Ethernet connector compatible with Ethernet Versions 1 and 2 and the IEEE 802.3 protocol.

• The Multiport Ethernet Controller (CSC-MEC) interface card in the modular routers, which provides two, four, or six high-speed Ethernet connectors compatible with Ethernet Versions 1 and 2 and the IEEE 802.3 protocol.

• An integrated Ethernet controller on the Cisco 2500 series and Cisco 3000 models.

• An integrated Ethernet controller on the Cisco 1003 model.

• A 6-port Ethernet network interface module (NIM).

• On the Cisco 7000 series, the high-speed Ethernet interface processor (EIP) for two, four, or six AUI ports. The EIP ports are in compliance with Ethernet versions 1 and 2 and the IEEE 802.3 specifications.

Use the show interfaces, show controllers mci, and show controllers cbus EXEC commands to display the Ethernet port numbers. These commands provide a report for each interface supported by the router.

Ethernet Interface Task List

Perform the tasks in the following sections to configure features on an Ethernet interface. The first task is required; the remaining tasks are optional.

• Specify an Ethernet Interface

• Configure Ethernet Encapsulation

• Configure the Ethernet Network Interface Module on the Cisco 4000

• Extend the 10BaseT Capability

Specify an Ethernet Interface

To specify an Ethernet interface and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Configure Ethernet Encapsulation

Currently, there are three common Ethernet encapsulation methods:

• The standard ARPA Ethernet Version 2.0 encapsulation, which uses a 16-bit protocol type code (the default encapsulation method)

• SAP IEEE 802.3 encapsulation, in which the type code becomes the frame length for the IEEE 802.2 LLC encapsulation (destination and source Service Access Points, and a control byte)

• The SNAP method, as specified in RFC 1042, which allows Ethernet protocols to run on IEEE 802.2 media

For an example of selecting Ethernet encapsulation, see the section "Enabling Ethernet Encapsulation Example" at the end of this chapter. See also the chapters describing specific protocols or applications.

Configure the Ethernet Network Interface Module on the Cisco 4000

You can specify the type of Ethernet network interface module (NIM) configuration on the Cisco 4000. To do so, perform one of the following tasks in interface configuration mode:

Extend the 10BaseT Capability

On a Cisco 4000 or Cisco 4500, you can extend the twisted-pair 10BaseT capability beyond the standard 100 meters by reducing the squelch (signal cutoff time). This feature applies only to the LANCE controller 10BaseT interfaces. LANCE is the AMD controller chip for the Cisco 4000 and Cisco 4500 Ethernet interface.

Configure a Fast Ethernet Interface

Fast Ethernet

The Cisco 7000 series supports the Fast Ethernet interface if it has a Fast Ethernet Interface Processor (FEIP). The FEIP enables the router to communicate at speeds of 100 Mbps with network devices such as switches, servers, and other routers.

Use the show interfaces fastethernet command to display the Fast Ethernet slots and ports. The FEIP defaults to half-duplex mode and media type 10BaseTX.

Fast Ethernet Encapsulation Methods

The Fast Ethernet encapsulation methods are the same as the Ethernet encapsulation methods. See the section "Configure Ethernet Encapsulation."

Configure a Fiber Distributed Data Interface (FDDI)

The Fiber Distributed Data Interface (FDDI) is an ANSI-defined standard for timed 100-Mbps token passing over fiber-optic cable. An FDDI network consists of two counter token-passing fiber-optic rings. On most networks, the primary ring is used for data communication and the secondary ring is used as a hot standby. The FDDI standard sets a total fiber length of 200 kilometers. (The maximum circumference of the FDDI network is only half the specified kilometers because of the wrapping or looping back of the signal that occurs during fault isolation.)

The FDDI standard allows a maximum of 500 stations with a maximum distance between active stations of two kilometers when interconnecting them with multimode fiber or ten kilometers when interconnected via single mode fiber, both of which are supported by our FDDI interface controllers. The FDDI frame can contain a minimum of 17 bytes and a maximum of 4500 bytes. Our implementation of FDDI supports Station Management (SMT) Version 7.3 of the X3T9.5 FDDI specification, offering a single MAC dual-attach interface that supports the fault-recovery methods of the dual attachment stations (DASs). The mid-range platforms also support single attachment stations (SASs).

• The CSC-FCI interface card, which operates with the standard modular router controller complex

• The CSC-C2/FCIT interface card, which operates with the ciscoBus2 controller complex

• On the Cisco 4000 series, the high-speed multimode-to-multimode, single mode-to-single mode, multimode-to-single mode, or single mode-to-multimode FDDI DAS Network Interface Module (NIM), and also the multimode FDDI SAS NIM.

• On the Cisco 7000 series, the high-speed multimode-to-multimode, single mode-to-single mode, multimode-to-single mode, or single mode-to-multimode FDDI Interface Processor (FIP)

We also provide support for some of the FDDI MIB variables as described in RFC 1285, "FDDI Management Information Base," published in January 1992 by Jeffrey D. Case of the University of Tennessee and SNMP Research, Inc. One such variable that we support is snmpFddiSMTCFState.

FDDI interface configuration is not required for dual homing. The FDDI interface recognizes that it is attached to two M ports on the concentrators and automatically supports dual homing.

Using Connection Management (CMT) Information

Connection Management (CMT) is an FDDI process that handles the transition of the ring through its various states (off, on, active, connect, and so on) as defined by the X3T9.5 specification. The FIP provides CMT functions in microcode.

A partial sample output of the show interfaces fddi command follows, along with an explanation of how to interpret the CMT information in the output.

Phy-A state is active, neighbor is B, cmt signal bits 08/20C, status ALS
Phy-B state is active, neighbor is A, cmt signal bits 20C/08, status ILS
CFM is thru A, token rotation 5000 usec, ring operational 0:01:42
Upstream neighbor 0800.2008.C52E, downstream neighbor 0800.2008.C52E

FDDI Task List

Perform the tasks in the following sections to configure an FDDI interface. The first task is required; the remaining tasks are optional.

• Specify an FDDI

• Enable FDDI Bridging Encapsulation

• Set the Token Rotation Time

• Set the Transmission Valid Timer

• Control the Transmission Timer

• Modify the C-Min Timer

• Modify the TB-Min Timer

• Modify the FDDI Timeout Timer

• Control SMT Frame Processing

• Enable Duplicate Address Checking

• Set the Bit Control

• Control the CMT Microcode

• Start and Stop FDDI

• Control the FDDI SMT Message Queue Size

• Preallocate Buffers for Bursty FDDI Traffic

Specify an FDDI

To specify an FDDI interface and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Enable FDDI Bridging Encapsulation

Our FDDI by default uses the SNAP encapsulation format defined in RFC 1042. It is not necessary to define an encapsulation method for this interface when using the CSC-FCI interface card or FIP.

The CSC-C2/FCIT interface card and FIP fully support transparent and translational bridging for the following configurations:

Enabling FDDI bridging encapsulation places the CSC-C2/FCIT interface or FIP into encapsulation mode when doing bridging. In transparent mode, the FCIT interface or FIP interoperates with earlier versions of the CSC-FCI encapsulating interfaces when performing bridging functions on the same ring. When using the CSC-C2/FCIT interface card or FIP, you can specify the encapsulation method by performing the following task in interface configuration mode:

Set the Token Rotation Time

You can set the FDDI token rotation time to control ring scheduling during normal operation and to detect and recover from serious ring error situations. To do so, perform the following task in interface configuration mode:

The FDDI standard restricts the allowed time to be greater than 4000 microseconds and less than 165,000 microseconds. As defined in the X3T9.5 specification, the value remaining in the token rotation timer (TRT) is loaded into the token holding timer (THT). Combining the values of these two timers provides the means to determine the amount of bandwidth available for subsequent transmissions.

Set the Transmission Valid Timer

You can set the transmission timer to recover from a transient ring error by performing the following task in interface configuration mode:

Control the Transmission Timer

You can set the FDDI control transmission timer to control the FDDI TL-Min time, which is the minimum time to transmit a Physical Sublayer or PHY line state before advancing to the next Physical Connection Management or PCM state as defined by the X3T9.5 specification. To do so, perform the following task in interface configuration mode:

Modify the C-Min Timer

You can modify the C-Min timer on the PCM from its default value of 1600 microseconds by performing the following task in interface configuration mode:

Modify the TB-Min Timer

You can change the TB-Min timer in the PCM from its default value of 100 milliseconds. To do so, perform the following task in interface configuration mode:

Modify the FDDI Timeout Timer

You can change the FDDI timeout timer in the PCM from its default value of 100 milliseconds. To do so, perform the following task in interface configuration mode:

Control SMT Frame Processing

You can disable and reenable SMT frame processing for diagnostic purposes. To do so, perform one of the following tasks in interface configuration mode:

Enable Duplicate Address Checking

You can enable the duplicate address detection capability on the FDDI. If the FDDI finds a duplicate address, it displays an error message and shuts down the interface. To enable duplicate address checking, perform the following task in interface configuration mode:

Set the Bit Control

You can set the FDDI bit control to control the information transmitted during the Connection Management (CMT) signaling phase. To do so, perform the following task in interface configuration mode:

Control the CMT Microcode

You can control whether the CMT onboard functions are on or off. The CSC-FCI and CSC-C2/FCIT interface cards and FIP provide CMT functions in microcode. These functions are separate from those provided on the processor card and are accessed through EXEC commands.

The default is for the FCIT and FIP CMT functions to be on. A typical reason to disable is when you work with new FDDI equipment and have problems bringing up the ring. If you disable the CMT microcode, the following actions occur:

Start and Stop FDDI

In normal operation, the FDDI interface is operational once the interface is connected and configured. You can start and stop the processes that perform the CMT function and allow the ring on one fiber to be stopped. To do so, perform either of the following tasks in EXEC mode:

Do not do either of the preceding tasks during normal operation of FDDI; they are performed during interoperability tests.

Control the FDDI SMT Message Queue Size

You can set the maximum number of unprocessed FDDI Station Management (SMT) frames that will be held for processing. Setting this number is useful if the router you are configuring gets bursts of messages arriving faster than the router can process them. To set the number of frames, perform the following task in global configuration mode:

Preallocate Buffers for Bursty FDDI Traffic

The FCI card preallocates three buffers to handle bursty FDDI traffic (for example, NFS bursty traffic). You can change the number of preallocated buffers by performing the following task in interface configuration mode:

Configure a High-Speed Serial Interface (HSSI)

The High-Speed Serial Interface (HSSI) consists of the following components:

• The CSC-HSCI controller card, which is ciscoBus-resident.

• The CSC-HSA, which is a back-panel applique.

The controller card provides a single, full-duplex, synchronous serial interface capable of transmitting and receiving data at up to 52 megabits per second (Mbps). The HSSI is an approved standard (ANSI/EIA RS-613) providing connectivity to T3 (DS-3), E3, SMDS (at a DS-3 route), and other high-speed wide-area services through a DSU or line termination unit.

• The high-speed, full-duplex, synchronous serial interface is supported only on our modular network server products.

• The ciscoBus card can query the appliques to determine their types. However, it does so only at system startup, so the appliques must be attached when the system is started. Issue a show controllers cbus command to determine how the HSSI card has identified them. The command also will show the capabilities of the card and report controller-related failures.

• On the Cisco 7000 series, the HSSI Interface Processor (HIP), which provides a single HSSI network interface for the Cisco 7000. The network interface resides on a modular interface processor that provides a direct connection between the high-speed Cisco Extended Bus (CxBus) and an external network.

HSSI Task List

Perform the tasks in the following sections to configure an HSSI interface. The first task is required; the remaining tasks are optional.

• Specify an HSSI

• Specify HSSI Encapsulation

• Invoke ATM on an HSSI Line

• Convert HSSI to Clock Master

Specify an HSSI

To specify an HSSI and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Specify HSSI Encapsulation

The HSSI supports the serial encapsulation methods, except for X.25-based encapsulations. The default method is HDLC. You can define the encapsulation method by performing the following task in interface configuration mode:

For information about PPP, see the section "Configure PPP" in the section "Configure a Synchronous Serial Interface" later in this chapter.

Invoke ATM on an HSSI Line

If you have an ATM DSU, you can invoke ATM over a HSSI line.You do so by mapping an ATM virtual path identifier (VPI) and virtual channel identifier (VCI) to a DXI frame address. ATM-DXI encapsulation defines a data exchange interface that allows a DTE (such as a router) and a DCE (such as an ATM DSU) to cooperate to provide a User-Network Interface (UNI) for ATM networks.

You can also configure the atm-dxi map command on a serial interface.

To configure an ATM interface using an AIP card, see the chapter "Configuring ATM."

Convert HSSI to Clock Master

You can convert the HSSI interface into a 45-MHz clock master by performing the following task in interface configuration mode:

Configure a Hub Interface

The Cisco 2500 series includes routers that have hub functionality for an Ethernet interface. The hub is a multiport repeater. The advantage of an Ethernet interface over a hub is that the hub provides a star-wiring physical network configuration while the Ethernet interface provides 10BaseT physical network configuration. The router models with hub ports and their configurations are as follows:

We provide SNMP management of the Ethernet hub as specified in RFC 1516.

• Enable a Hub Port

• Disable or Enable Automatic Receiver Polarity Reversal

• Disable or Enable the Link Test Function

• Enable Source Address Control

See the "Hub Configuration Examples" section the end of this chapter.

Enable a Hub Port

To enable a hub port, perform the following tasks in global configuration mode:

Disable or Enable Automatic Receiver Polarity Reversal

On Ethernet hub ports only, the hub ports can invert, or correct, the polarity of the received data if the port detects that the received data packet waveform polarity is reversed due to a wiring error. This receive circuitry polarity correction allows the hub to repeat subsequent packets with correct polarity. When enabled, this function is executed once after reset of a link fail state.

Automatic receiver polarity reversal is enabled by default. To disable this feature on a per-port basis, perform the following task in hub configuration mode:

Disable or Enable the Link Test Function

The link test function applies to Ethernet hub ports only. The Ethernet ports implement the link test function as specified in the 802.3 10BaseT standard. The hub ports will transmit link test pulses to any attached twisted pair device if the port has been inactive for more than 8 to 17 milliseconds.

Enable Source Address Control

On an Ethernet hub port only, you can configure a security measure such that the port accepts packets only from a specific MAC address. For example, suppose your workstation is connected to port 3 on a hub, and source address control is enabled on port 3. Your workstation has access to the network because the hub accepts from port 3 any packet bearing your workstation's MAC address. Any packets arriving with a different MAC address cause the port to be disabled. The port is reenabled after 1 minute and the MAC address of incoming packets is checked again.

See the examples of establishing source address control at the end of this chapter in "Hub Configuration Examples."

Configure an ISDN Basic BRI, MBRI, or PRI Interface

ISDN Primary Rate Interface (PRI) is supported on the Cisco 4000, the Cisco 4500, and the Cisco 7000 series routers using T1 or E1 versions of the Multichannel Interface Processor (MIP) card in conjunction with PRI signaling software. Channelized T1 ISDN PRI offers 23 B-channels and 1 D-channel. Channelized E1 ISDN PRI offers 30 B-channels and 1 D-channel.

The Integrated Services Digital Network (ISDN) Basic Rate Interface (BRI) is supported on the Cisco 1003 model, Cisco 2500 series, Cisco 3000 series, and Cisco 4000 series routers. ISDN Multiport BRI (MBRI) is supported on the Cisco 4000 and Cisco 4500 only, which have a multichannel NIM. The multichannel card supports one or two BRI port adapters, providing either 4 or 8 ports, respectively.

Configure a LAN Extender Interface

The Cisco 1001 and Cisco 1002 LAN Extenders are two-port chassis that connects a remote Ethernet LAN to a core router at a central site (see Figure 6-2). The LAN Extender is intended for small networks at remote sites.

The remote site can have one Ethernet network. The core router can be a Cisco 2500 series, Cisco 4000 series, Cisco 4500 series, Cisco 4700 series, Cisco 7000 series, or AGS+ router running Cisco IOS Release 10.2(2) or later, which support the LAN Extender host software. The connection between the LAN Extender and the core router is made via a short leased serial line, typically a 56-kbps or 64-kbps line. However, the connection can also be via T1 or E1 lines.

Figure 6-3 is an expanded view of Figure 6-2 that shows all the components of the LAN Extender connection to a core router. On the left is the core router, which is connected to the LAN Extender as well as to other networks. In the core router, you configure a LAN Extender interface, which is a logical interface that connects the core router to the LAN Extender chassis. In the core router, you also configure a serial interface, which is the physical interface that connects the core router to the LAN Extender. You then bind, or associate, the LAN Extender interface to the physical serial interface.

Figure 6-3 shows the actual physical connection between the core router and the LAN Extender. The serial interface on the core router is connected by a leased serial line to a serial port on the LAN Extender. This creates a virtual Ethernet connection, which is analogous to having inserted an Ethernet interface processor into the core router.

Figure 6-3: Expanded View of Cisco 1000 Series LAN Extender Connection

Although there is a physical connection between the core router and the LAN Extender, what you actually manage is a remote Ethernet LAN. Figure 6-4 shows the connection you are managing, which is a LAN Extender interface connected to an Ethernet network. The virtual Ethernet connection (the serial interface and LAN Extender) has been removed from the figure, and points A and B, which in Figure 6-3 were separated by the virtual Ethernet connection, are now adjacent. All LAN Extender interface configuration tasks described in this chapter apply to the interface configuration shown in Figure 6-4.

Figure 6-4: LAN Extender Interface Connected to an Ethernet Network

After the LAN Extender has been installed at the remote site, you need to obtain its MAC address. Each LAN Extender is preconfigured with a permanent (burned-in) MAC address. The address is assigned at the factory; you cannot change it. The MAC address is printed on the LAN Extender's packing box. (If necessary, you can also display the MAC address with the debug ppp negotiation command.) The first three octets of the MAC address (the vendor code) are always the hexadecimal digits 00.00.0C.

The LAN Extender and core router communicate using the Point-to-Point Protocol (PPP). Before you can configure the LAN Extender from the core router, you must first enable PPP encapsulation on the serial interface to which the LAN Extender is connected.

To configure the LAN Extender, you configure a logical LAN Extender interface on the core router and assign the MAC address from your LAN Extender to that interface. Subsequently, during the PPP negotiation on the serial line, the LAN Extender sends its preconfigured MAC address to the core router. The core router then searches for an available (preconfigured) LAN Extender interface, seeking one to which you have already assigned that MAC address. If the core router finds a match, it binds, or associates, that LAN Extender interface to the serial line on which that MAC address was negotiated. At this point, the LAN Extender interface is created and is operational. If the MAC address does not match one that is configured, the connection request is rejected. Figure 6-5 illustrates this binding process.

LAN Extender Interface Configuration Task List

To configure a LAN Extender interface, perform the tasks described in the following sections. The first task is required; the remainder are optional.

• Configure and Create a LAN Extender Interface

• Define Packet Filters

• Control Priority Queuing

• Control the Sending of Commands to the LAN Extender

• Shut Down and Restart the LAN Extender's Ethernet Interface

• Restart the LAN Extender

• Download a Software Image to the LAN Extender

• Troubleshoot the LAN Extender

To monitor the LAN Extender interface, see the section "Monitor and Maintain the Interface" later in this chapter. For configuration examples, see the "Enabling a LAN Extender Interface Example" and the "LAN Extender Interface Access List Examples" sections at the end of this chapter.

Configure and Create a LAN Extender Interface

To configure and create a LAN Extender interface, you configure the LAN Extender interface itself and the serial interface to which the LAN Extender is physically connected. The order in which you configure these two interface interfaces does not matter. However, you must first configure both interfaces in order for the LAN Extender interface to bind (associate) to the serial interface.

Note that there is no correlation between the number of the serial interface and the number of the LAN Extender interface. These interfaces can have the same or different numbers.

Define Packet Filters

You can configure specific administrative filters that filter frames based on their source MAC address. The LAN Extender forwards packets between a remote LAN and a core router. It examines frames and transmits them through the internetwork according to the destination address, and it does not forward a frame back to its originating network segment.

You define filters on the LAN Extender interface in order to control which packets from the remote Ethernet LAN are permitted to pass to the core router. (See Figure 6-6.) These filters are applied only on traffic passing from the remote LAN to the core router. Filtering on the LAN Extender interface is actually performed in the LAN Extender, not on the core router. This means that the filtering is done using the LAN Extender CPU, thus off-loading the function from the core router. This process also saves bandwidth on the WAN, because only the desired packets are forwarded from the LAN Extender to the core router. Whenever possible, you should perform packet filtering on the LAN Extender.

Figure 6-6: Packet Filtering on the LAN Extender

You can also define filters on the core router to control which packets from the LAN Extender interface are permitted to pass to other interfaces on the core router. (See Figure 6-7.) You do this using the standard filters available on the router. This means that all packets are sent across the WAN before being filtered and that the filtering is done using the core router's CPU.

Figure 6-7: Packet Filtering on the Core Router

• Filter by MAC Address and Vendor Code

• Filter by Protocol Type

When defining access lists, keep the following points in mind:

• You can assign only one vendor code access list and only one protocol type access list to an interface.

• The conditions in the access list are applied to all outgoing packets from the LAN Extender.

• The entries in an access list are scanned in the order you enter them. The first entry that matches the outgoing packet is used.

• An implicit "deny everything" entry is automatically defined at the end of an access list unless you include an explicit "permit everything" entry at the end of the list. This means that unless you have an entry at the end of an access list that explicitly permits all packets that do no match any of the other conditions in the access list, these packets will not be forwarded out the interface.

• All new entries to an existing list are placed at the end of the list. You cannot add an entry to the middle of a list.

• If you do not define any access lists on an interface, it is as if you had defined an access lists with only a "permit all" entry. All traffic passes across the interface.

Filter by MAC Address and Vendor Code

You can create access lists to administratively filter MAC addresses. These access lists can filter groups of MAC addresses, including those with particular vendor codes. There is no noticeable performance loss in using these access lists, and the lists can be of indefinite length. You can filter groups of MAC addresses with particular vendor codes by performing the tasks that follow:

Step 1 Create a vendor code access list.

Step 2 Apply an access list to an interface.

To create a vendor code access list, perform the following task in global configuration mode:

Once you have defined an access list to filter by a particular vendor code, you can assign this list to a particular LAN Extender interface so that the interface will then filter based on the MAC source addresses of packets received on that LAN Extender interface. To apply the access list to an interface, perform the following task in interface configuration mode:

For an example of creating an access list and applying it to a LAN Extender interface, see the section "LAN Extender Interface Access List Examples" in the section "Interface Configuration Examples" at the end of this chapter.

Filter by Protocol Type

You can filter by creating a type-code access list and applying it to a LAN Extender interface.

The LAN Extender interface can filter only on bytes 13 and 14 of the Ethernet frame. In Ethernet packets, these two bytes are the type field. For a list of Ethernet type codes, refer to the "Ethernet Type Codes" appendix in the Router Products Command Reference publication. In 802.3 packets, these two bytes are the length field.

To filter by protocol type, perform the following tasks:

Step 1 Create a protocol-type access list.

Step 2 Apply the access list to an interface.

To create a protocol-type access list, perform the following task in global configuration mode:

To apply an access list to an interface, perform the following task in interface configuration mode:

For an example of creating an access list and applying it to a LAN Extender interface, see the section "LAN Extender Interface Access List Examples" in the section "Interface Configuration Examples" at the end of this chapter.

Control Priority Queuing

Priority output queuing is an optimization mechanism that allows you to set priorities on the type of traffic passing through the network. Packets are classified according to various criteria, including protocol and subprotocol type. Packets are then queued on one of four output queues. For more information about priority queuing, refer to the "Managing the System" chapter.

To control priority queuing on a LAN Extender interface, perform the following tasks:

• Set the priority by protocol type.

• Assign a priority group to an interface.

To establish queuing priorities based on the protocol type, perform the following task in global configuration mode:

Control the Sending of Commands to the LAN Extender

Each time the core router sends a command to the LAN Extender, the LAN Extender responds with an acknowledgment. The core router waits for the acknowledgment for a predetermined amount of time. If it does not receive an acknowledgment in this time period, the core router resends the command.

By default, the core router waits 2 seconds for an acknowledgment from the LAN Extender. You might want to change this interval if your connection to the LAN Extender requires a different amount time.To determine whether commands to the LAN Extender are timing out, use the debug lex rcmd privileged EXEC command. To change this interval, perform the following task in interface configuration mode:

By default, the core router sends each command ten times before giving up. The core router displays an error message when it gives up sending commands to the LAN Extender. To change this default, perform the following task in interface configuration mode:

Shut Down and Restart the LAN Extender's Ethernet Interface

From the core router, you can shut down the LAN Extender's Ethernet interface. This stops traffic on the remote Ethernet LAN from reaching the core router, but leaves the LAN Extender interface that you created intact.

Note that logically it makes no sense to shut down the serial interface on the LAN Extender. There are no commands that might allow you to do this.

To shut down the LAN Extender's Ethernet interface, perform the following task in interface configuration mode:

Restart the LAN Extender

To reboot the LAN Extender and reload the software, perform the following task in privileged EXEC mode:

Download a Software Image to the LAN Extender

When the LAN Extender is powered on, it runs the software image that is shipped with the unit. You can download a new software image from Flash memory on the core router or from a TFTP server or from Flash memory on the core router to the LAN Extender.

To download a software image to the LAN Extender, perform one of the following tasks in privileged EXEC mode:

Troubleshoot the LAN Extender

The primary means of troubleshooting the LAN Extender is by using the light emitting diodes (LEDs) that are present on the chassis. This section will help you assist the remote user at the LAN Extender site who can observe the LEDs.

The key to problem solving is to try to isolate the problem to a specific subsystem. By comparing what the system is doing to what it should be doing, the task of isolating a problem is greatly simplified.

The Cisco 1000 series LAN Extender uses multiple LEDs to indicate its current operating condition. By observing the LEDs, any fault conditions that the unit is encountering can be observed. The system LEDs are located on the front panel of your LAN Extender (see Figure 6-8).

When there is a problem with the LAN Extender, a user at the remote site should contact you and report the condition of the LEDs located on the front panel of the LAN Extender. You can then use this information to diagnose or verify the operation of the system. Table 6-1 explains the LEDs.

Configure a Loopback Interface

You can specify a software-only interface called a loopback interface that emulates an interface that is always up. It is supported on all platforms. A loopback interface is a virtual interface that is always up and allows BGP and RSRB sessions to stay up even if the outbound interface is down.

You can use the loopback interface as the termination address for BGP sessions, for RSRB connections, or for establishing a Telnet session from the router's console to its auxiliary port when all other interfaces are down. In applications where other routers will attempt to reach this loopback interface, you should configure a routing protocol to distribute the subnet assigned to the loopback address.

See the section "Run Interface Loopback Diagnostics" later in this chapter.

Configure a Null Interface

The router supports a "null" interface. This pseudo-interface functions similarly to the null devices available on most operating systems. This interface is always up and can never forward or receive traffic; encapsulation always fails. The only interface configuration command that you can specify for the null interface is no ip redirects.

ip route 127.0.0.0 255.0.0.0 null 0

Configure a Synchronous Serial Interface

Support for the synchronous serial interface is supplied on the following serial network interface cards or systems:

• The Multiport Communications Interface (CSC-MCI), a single card that provides up to two  high-speed synchronous serial port connectors that support RS-232, V.35, RS-449, and X.21 connections

• The Serial Port Communications Interface (CSC-SCI), a single card that provides up to four high-speed serial ports that support RS-232, V.35, RS-449, and X.21 connections

• The high-speed synchronous serial interface on the Cisco 2500 series and Cisco 3000 series

• The four-port serial NIM on the Cisco 4000, available in two configurations:

  • A universal cable support (5/1 applique)

  • G.703 support (G.703 applique)

• On the Cisco 7000 series, the Fast Serial Interface Processor (FSIP) for four or eight channel-independent, synchronous serial ports that support full-duplex operation at DS-1 (1.544 Mbps) and E-1 (2.048 Mbps) speeds. Each port supports any of the available interface types (RS-232, RS-449, V.35, X.21, RS-530, and G.703), and each can be configured individually to operate with either internal or external timing signals.

The MCI and SCI cards can query the appliques to determine their types for use in reports displayed by the EXEC show commands. However, they do so only at system startup, so the appliques must be attached when the system is started. Use the show interfaces and show controllers mci EXEC commands to display the serial port numbers. These commands provide a report for each interface the router supports.

Synchronous Serial Task List

Perform the tasks in the following sections to configure a synchronous serial interface. The first task is required; the remaining tasks are optional.

• Specify a Synchronous Serial Interface

• Specify Synchronous Serial Encapsulation

• Configure PPP

• Configure Compression of PPP Data

• Configure Compression of LAPB Data

• Configure Compression of HDLC Data

• Invoke ATM over a Serial Line

• Configure the CRC

• Use the NRZI Line-Coding Format

• Enable the Internal Clock

• Invert the Transmit Clock Signal

• Set Transmit Delay

• Configure DTR Signal Pulsing

• Ignore DCD and Monitor DSR as Line Up/Down Indicator

• Configure the Clock Rate on DCE Appliques

• Specify the Serial Network Interface Module Timing

• Specify G.703 Interface Options

Specify a Synchronous Serial Interface

To specify a synchronous serial interface and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Specify Synchronous Serial Encapsulation

By default, synchronous serial lines use the High-Level Data Link Control (HDLC) serial encapsulation method, which provides the synchronous framing and error detection functions of HDLC without windowing or retransmission. The synchronous serial interfaces support the following serial encapsulation methods:

• Asynchronous Transfer Mode-Data Exchange Interface (ATM-DXI)

• High-Level Data Link Control (HDLC)

• Frame Relay

• Point-to-Point Protocol (PPP)

• Synchronous Data Link Control (SDLC)

• Switched Multimegabit Data Services (SMDS)

• Cisco Serial Tunnel (STUN)

• X.25-based encapsulations

You can define the encapsulation method by performing the following task in interface configuration mode:

By default, synchronous interfaces operate in full-duplex mode. To configure an SDLC interface for half-duplex mode, perform the following task in interface configuration mode:

BSC is a half-duplex protocol. Each block of transmission is acknowledged explicitly. To avoid the problem associated with simultaneous transmission, there is an implicit role of primary and secondary station. The primary resends the last block if there is no response from the secondary within the period of block receive timeout.

Encapsulation methods are set according to the type of protocol or application you configure on your router. ATM-DXI is described in this chapter in the section "Invoke ATM over a Serial Line." PPP is described in the next section, "Configure PPP." The remaining methods are defined in their respective chapters describing the protocols or applications. Serial encapsulation methods are also discussed in the Router Products Command Reference publication in the chapter entitled "Interface Commands" under the encapsulation command.

Configure PPP

The Point-to-Point Protocol (PPP), described in RFCs 1331 and 1332, is a method of encapsulating network layer protocol information over point-to-point links. You can configure PPP on the following types of interfaces:

The software provides PPP as an encapsulation method. It also provides the Challenge Handshake Authentication Protocol (CHAP) and Password Authentication Protocol (PAP) on serial interfaces running PPP encapsulation. The following sections describe the tasks to configure these features.

Magic Number support is available on all serial interfaces. When using PPP, PPP will always attempt to negotiate for Magic Numbers, which are used to detect looped-back nets. The link might or might not be taken down upon looped-back detection, depending on the use of the down-when-looped command.

• Enable PPP Encapsulation

• Enable CHAP or PAP Authentication

• Enable Link Quality Monitoring (LQM)

• Disable or Reenable Peer Neighbor Routes

• Configure Compression of PPP Data

• Configure PPP Reliable Link

Enable PPP Encapsulation

You can enable PPP on serial lines to encapsulate IP and SLIP datagrams. To do so, perform the following task in interface configuration mode:

PPP echo requests are used as keepalives to minimize disruptions to the end users of your network. The no keepalive command can be used to disable echo requests.

Enable CHAP or PAP Authentication

Access control using Challenge Handshake Authentication Protocol (CHAP) or Password Authentication Protocol (PAP) is available on all serial interfaces that use PPP encapsulation. The authentication feature reduces the risk of security violations on your router. You can configure either CHAP or PAP for the interface.

The optional keyword if-needed can be used only with TACACS or extended TACACS. The optional keyword list-name can only be used with AAA/TACACS+. CHAP is specified in RFC 1334. It is an additional authentication phase of the PPP Link Control Protocol.

 
Caution If you use a list-name that has not been configured with the

For an example of CHAP, see the section "CHAP with an Encrypted Password Examples" at the end of this chapter. CHAP and PAP are specified in RFC 1334, "The PPP Authentication Protocols." CHAP is specified as an additional authentication phase of the PPP Link Control Protocol.

Enable Link Quality Monitoring (LQM)

Link Quality Monitoring (LQM) is available on all serial interfaces running PPP. LQM will monitor the link quality, and if the quality drops below a configured percentage, the link will be taken down. The percentages are calculated for both the incoming and outgoing directions. The outgoing quality is calculated by comparing the total number of packets and bytes sent with the total number of packets and bytes received by the peer. The incoming quality is calculated by comparing the total number of packets and bytes received with the total number of packets and bytes sent by the peer.

When LQM is enabled, Link Quality Reports (LQRs) are sent every keepalive period. LQRs are sent in place of keepalives. All incoming keepalives are responded to properly. If LQM is not configured, keepalives are sent every keepalive period and all incoming LQRs are responded to with an LQR.

LQR is specified in RFC 1333, "PPP Link Quality Monitoring," by William A. Simpson of Computer Systems Consulting Services.

Disable or Reenable Peer Neighbor Routes

The Cisco IOS software automatically creates neighbor routes by default; that is, it automatically sets up a route to the peer address on a point-to-point interface when the PPP IPCP negotiation is completed.

Configure Compression of PPP Data

You can configure point-to-point software compression on serial interfaces that use PPP encapsulation. Compression reduces the size of a PPP frame via lossless data compression. The compression algorithm used is a predictor algorithm (the RAND algorithm), which uses a compression dictionary to predict what the next character in the frame will be.

Compression is performed in software and might significantly affect system performance. We recommend that you disable compression if CPU load exceeds 65 percent. To display the CPU load, use the show process cpu EXEC command.

Configure PPP Reliable Link

PPP reliable link is Cisco's implementation of RFC 1663, "PPP Reliable Transmission," which defines a method of negotiating and using Numbered Mode LAPB to provide a reliable serial link. Numbered Mode LAPB provides retransmission of errored packets across the serial link.

Restrictions

PPP reliable link does not work with Multilink PPP.

PPP reliable link is not available on asynchronous serial interfaces.

Troubleshooting

You can determine whether LAPB has been established on a connection by using the show interface command. You can troubleshoot PPP reliable link by using the debug lapb command and the debug ppp negotiations, debug ppp errors, and debug ppp packets commands.

Configure Compression of LAPB Data

You can configure point-to-point software compression on serial interfaces that use LAPB or multi-LAPB encapsulation. Compression reduces the size of a LAPB or multi-LAPB frame via lossless data compression. The compression algorithm used is a predictor algorithm (the RAND algorithm), which uses a compression dictionary to predict what the next character in the frame will be.

Compression is performed in software and may significantly affect system performance. We recommend that you disable compression if CPU load exceeds 65 percent. To display the CPU load, use the show process cpu EXEC command.

interface serial 0
encapsulation lapb
compress predictor
mtu 1509
lapb n1 12072

Configure Compression of HDLC Data

You can configure point-to-point software compression on serial interfaces that use HDLC encapsulation. Compression reduces the size of a HDLC frame via lossless data compression. The compression algorithm used is a Stacker (LZS) algorithm.

Compression is performed in software and might significantly affect system performance. We recommend that you disable compression if CPU load exceeds 65 percent. To display the CPU load, use the show process cpu EXEC command.

Invoke ATM over a Serial Line

If you have an ATM DSU, you can invoke ATM over a serial line.You do so by mapping an ATM virtual path identifier (VPI) and virtual channel identifier (VCI) to a DXI frame address. ATM-DXI encapsulation defines a data exchange interface that allows a DTE (such as a router) and a DCE (such as an ATM DSU) to cooperate to provide a User-Network Interface (UNI) for ATM networks.

You can also configure the atm-dxi map command on a HSSI interface.

To configure an ATM interface using an AIP card, see the chapter "Configuring ATM."

Configure the CRC

The cyclic redundancy check (CRC) on a serial interface defaults to a length of 16 bits. To change the length of the CRC to 32 bits on an FSIP or HIP of the Cisco 7000 series only, complete the following task in interface configuration mode:

Use the NRZI Line-Coding Format

All FSIP interface types on the Cisco 7000 support nonreturn-to-zero (NRZ) and nonreturn-to-zero inverted (NRZI) format. This is a line-coding format that is required for serial connections in some environments. NRZ encoding is most common. NRZI encoding is used primarily with RS-232 connections in IBM environments.

The default configuration for all serial interfaces is NRZ format. The default is no nrzi-encoding. To enable NRZI format, complete the following task in interface configuration mode:

Enable the Internal Clock

When a DTE does not return a transmit clock, use the following interface configuration command on the Cisco 7000 series to enable the internally generated clock on a serial interface:

Invert the Transmit Clock Signal

Delays between the SCTE clock and data transmission indicate that the transmit clock signal might not be appropriate for the interface rate and length of cable being used. Different ends of the wire may have variances that differ slightly. Invert the clock signal to compensate for these factors by completing the following task in interface configuration mode on a Cisco 7000 series:

Set Transmit Delay

It is possible to send back-to-back data packets over serial interfaces faster than some hosts can receive them. You can specify a minimum dead time after transmitting a packet to alleviate this condition. This setting is available for serial interfaces on the MCI and SCI interface cards and for the HSSI or MIP. Perform one of the following tasks, as appropriate for your system, in interface configuration mode:

Configure DTR Signal Pulsing

You can configure pulsing DTR signals on all serial interfaces.When the serial line protocol goes down (for example, because of loss of synchronization) the interface hardware is reset and the DTR signal is held inactive for at least the specified interval. This function is useful for handling encrypting or other similar devices that use the toggling of the DTR signal to resynchronize.To configure DTR signal pulsing, perform the following task in interface configuration mode:

Ignore DCD and Monitor DSR as Line Up/Down Indicator

This task applies to Quad Serial NIM interfaces on the Cisco 4000 series and Hitachi-based serial interfaces on the Cisco 2500 series and Cisco 3000 series.

By default, when the serial interface is operating in DTE mode, it monitors the Data Carrier Detect (DCD) signal as the line up/down indicator. By default, the attached DCE device sends the DCD signal. When the DTE interface detects the DCD signal, it changes the state of the interface to up.

In some configurations, such as an SDLC multidrop environment, the DCE device sends the Data Set Ready (DSR) signal instead of the DCD signal, which prevents the interface from coming up. To tell the interface to monitor the DSR signal instead of the DCD signal as the line up/down indicator, perform the following task in interface configuration mode:

Configure the Clock Rate on DCE Appliques

You can configure the clock rate for appliques (connector hardware) on the serial interface of the MCI and SCI cards to an acceptable bit rate. To do so, perform the following task in interface configuration mode:

Specify the Serial Network Interface Module Timing

On Cisco 4000 series routers, you can specify the serial Network Interface Module timing signal configuration. When the board is operating as a DCE and the DTE provides terminal timing (SCTE or TT), you can configure the DCE to use SCTE from the DTE. When running the line at high speeds and long distances, this strategy prevents phase shifting of the data with respect to the clock.

To configure the DCE to use SCTE from the DTE, perform the following task in interface configuration mode:

When the board is operating as a DTE, you can invert the TXC clock signal it gets from the DCE that the DTE uses to transmit data. Invert the clock signal if the DCE cannot receive SCTE from the DTE, the data is running at high speeds, and the transmission line is long. Again, this prevents phase shifting of the data with respect to the clock.

To configure the interface so that the router inverts the TXC clock signal, perform the following task in interface configuration mode:

Specify G.703 Interface Options

This section describes the optional tasks for configuring a G.703-E1 interface on a Cisco 4000 router or Cisco 7000 series router.

• Enable Framed Mode

• Enable CRC4 Generation

• Use Time Slot 16 for Data

• Specify a Clock

Enable Framed Mode

G.703-E1 interfaces have two modes of operation: framed and unframed. By default, G.703-E1 interfaces are configured for unframed mode. To enable framed mode, perform the following task in interface configuration mode:

Enable CRC4 Generation

By default, the G.703-E1 CRC4 is not generated. To enable generation of the G.703-E1 CRC4, which is useful for checking data integrity while operating in framed mode, perform the following task in interface configuration mode:

Use Time Slot 16 for Data

By default, time slot 16 is used for signaling. It can also be used for data. To control the use of time slot 16 for data, perform the following task in interface configuration mode:

Specify a Clock

A G.703-E1 interface can clock its transmitted data from either its internal clock or from a clock recovered from the line's receive data stream. By default, the applique uses the line's receive data stream. To control which clock is used, perform the following task in interface configuration mode:

Configure a Token Ring Interface

Support for the Token Ring interface is supplied on one of our Token Ring network interface cards:

• The 4/16-Mbps Token Ring cards, which interconnect network servers to IEEE 802.5 and IBM-compatible Token Ring media at speeds of 4 or 16 Mbps. The 4/16-Mbps cards are the CSC-C2CTR,CSC-R16 (or CSC-R16M), CSC-1R, and CSC-2R (dual Token Ring card).

• On the Cisco 7000 series, the high-speed Token Ring Interface Processor (TRIP) that has two or four DB-9 ports and interconnects network servers to IEEE 802.5 and IBM-compatible Token Ring media.

The Token Ring interface supports both routing (Layer 3 switching) and source-route bridging (Layer 2 switching). The use of routing and bridging is on a per-protocol basis. For example, IP traffic could be routed while SNA traffic is bridged. The routing support interacts correctly with source-route bridges.

Support for the Token Ring MIB variables is provided as described in RFC 1231, "IEEE 802.5 Token Ring MIB," by K. McCloghrie, R. Fox, and E. Decker, May 1991. The mandatory Interface Table and Statistics Table are implemented, but the optional Timer Table of the Token Ring MIB is not. The Token Ring MIB has been implemented for the TRIP.

Use the show interfaces, show controllers token, and show controllers cbus EXEC commands to display the Token Ring numbers. These commands provide a report for each ring supported by the router.

The Token Ring interface by default uses the SNAP encapsulation format defined in RFC 1042. It is not necessary to define an encapsulation method for this interface.

Token Ring Task List

Perform the tasks in the following sections configure a Token Ring interface. The first task is required; the remaining tasks are optional, unless you are configuring a Token Ring on the CSC-1R or CSC-2R, in which case you must also select a Token Ring speed.

• Specify a Token Ring Interface

• Select the Token Ring Speed

• Enable Early Token Release

• Configure PCbus Token Ring Interface Management

Specify a Token Ring Interface

To specify a Token Ring interface and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Select the Token Ring Speed

The Token Ring interface on the CSC-1R and CSC-2R can run at either 4 or 16 Mbps. These Token Ring interfaces do not default to any particular ring speed; you must select the speed the first time you use them.

Enable Early Token Release

Our Token Ring interfaces support early token release, a method whereby the interface releases the token back onto the ring immediately after transmitting rather than waiting for the frame to return. This feature can help to increase the total bandwidth of the Token Ring. To configure the interface for early token release, perform the following task in interface configuration mode:

Configure PCbus Token Ring Interface Management

The Token Ring interface on the AccessPro PC card can be managed by a remote LAN manager over the PCbus interface. Currently, the LanOptics Hub Networking Management software running on an IBM compatible PC is supported.

To enable LanOptics Hub Networking Management of a PCbus Token Ring interface, perform the following task in interface configuration mode:

Configure a Tunnel Interface

Tunneling provides a way to encapsulate arbitrary packets inside of a transport protocol. This feature is implemented as a virtual interface to provide a simple interface for configuration. The tunnel interface is not tied to specific "passenger" or "transport" protocols, but rather, it is an architecture that is designed to provide the services necessary to implement any standard point-to-point encapsulation scheme. Because tunnels are point-to-point links, you must configure a separate tunnel for each link.

Tunneling has three primary components:

• Passenger protocol, which is the protocol you are encapsulating (AppleTalk, Banyan VINES, CLNP, DECnet, IP, or IPX)

• Carrier protocol, which is one of the following encapsulation protocols:

  • Generic route encapsulation (GRE), Cisco's multiprotocol carrier protocol

  • Cayman, a proprietary protocol for AppleTalk over IP

  • EON, a standard for carrying CLNP over IP networks

  • NOS, IP over IP compatible with the popular KA9Q program

• Transport protocol, which is the protocol used to carry the encapsulated protocol (IP only)

Figure 6-9 illustrates IP tunneling terminology and concepts.

IP Tunneling Terminology and Concepts

To understand the process of tunneling, consider connecting two AppleTalk networks with a non-AppleTalk backbone, such as IP. The relatively high bandwidth consumed by the broadcasting of Routing Table Maintenance Protocol (RTMP) data packets can severely hamper the backbone's network performance. This problem can be solved by tunneling AppleTalk through a foreign protocol, such as IP. Tunneling encapsulates an AppleTalk packet inside the foreign protocol packet, which is then sent across the backbone to a destination router. The destination router then de-encapsulates the AppleTalk packet and, if necessary, routes the packet to a normal AppleTalk network. Because the encapsulated AppleTalk packet is sent in a directed manner to a remote IP address, bandwidth usage is greatly reduced. Furthermore, the encapsulated packet benefits from any features normally enjoyed by IP packets, including default routes and load balancing.

Advantages of Tunneling

There are several situations where encapsulating traffic in another protocol is useful:

• To provide multiprotocol local networks over a single-protocol backbone

• To provide workarounds for networks containing protocols that have limited hop counts; for example, AppleTalk (see Figure 6-10)

• To connect discontinuous subnetworks

• To allow virtual private networks across wide-area networks (WANs)

Special Considerations

The following are considerations and precautions to observe when configuring tunneling:

• Encapsulation and decapsulation at the tunnel endpoints are slow operations; currently only processor switching is supported.

• Be cautious in your configuration and take into account security and topology issues. Be careful not to violate access control lists. You can configure a tunnel with a source and destination that is not restricted by firewall access routers.

• Tunneling might create problems with transport protocols with limited timers (for example, DECnet) due to increased latency.

• Be aware of the environments across which you create tunnels. You might be tunneling across fast FDDI rings or through slow 9600-bps phone lines; some passenger protocols behave poorly in mixed media networks.

• Multiple point-to-point tunnels can saturate the physical link with routing information.

• Routing protocols that make their decisions based solely on hop count will often prefer a tunnel over a multipoint real link. A tunnel might appear to be a one-hop, point-to-point link and have the lowest-cost path, but may actually cost more. For example, in the topology shown in
  Figure 6-11, packets from Host 1 will travel across networks w, q, and z to get to Host 2 instead of taking the path w, x, y, z because it "appears" shorter.

• An even worse problem will occur if routing information from the tunneled network mixes with the transport networks' information. In this case, the best path to the "tunnel destination" is via the tunnel itself. This is called a recursive route and will cause the tunnel interface to temporarily shut down. To avoid recursive routing problems, keep passenger and transport network routing information disjointed:

  • Use a different AS number or tag.

  • Use a different routing protocol.

  • Use static routes to override the first hop (but watch for routing loops).

• If you see line protocol down, as in the following example, it might be because of a recursive route:

%TUN-RECURDOWN Interface Tunnel 0
temporarily disabled due to recursive routing

IP Tunneling Task List

If you want to configure IP tunneling, you must perform at least the first three tasks in the following sections. The remaining tunnel configuration tasks are optional.

• Specify the Tunnel Interface

• Configure the Tunnel Source

• Configure the Tunnel Destination

• Configure the Tunnel Mode

• Configure End-to-End Checksumming

• Configure a Tunnel Identification Key

• Configure a Tunnel Interface to Drop Out-of-Order Datagrams

For commands that monitor IP tunnels, see the section "Monitor and Maintain the Interface" later in this chapter. For examples of configuring tunnels, see the section "IP Tunneling Examples" at the end of this chapter.

Specify the Tunnel Interface

To specify a tunnel interface and enter interface configuration mode, perform one of the following tasks in global configuration mode:

Configure the Tunnel Source

You must specify the tunnel interface's source address by performing the following task in interface configuration mode:

Configure the Tunnel Destination

You must specify the tunnel interface's destination by performing the following task in interface configuration mode:

Configure the Tunnel Mode

The encapsulation mode for the tunnel interface defaults to generic route encapsulation (GRE), so this task is considered optional. However, if you want a mode other than GRE, you must configure it by performing the following task in interface configuration mode:

If you are tunneling AppleTalk, you must use either the AppleTalk Update Routing Protocol (AURP), Cayman or GRE tunneling mode. Cayman tunneling is designed by Cayman Systems, and enables routers to interoperate with Cayman GatorBoxes. You can have our routers at either end of the tunnel, or you can have a GatorBox at one end and our router at the other end. Use Distance Vector Multicast Routing Protocol (DVMRP) mode when a router connects to a mrouted router to run DVMRP over a tunnel. It is required to configure Protocol-Independent Multicast (PIM) and an IP address on a DVMRP tunnel.

 
Caution Do not configure a Cayman tunnel with an AppleTalk network address.

If you use GRE, you must have only our routers at both ends of the tunnel connection. When using GRE to tunnel AppleTalk, you must configure an AppleTalk network address and a zone. Perform the following tasks to tunnel AppleTalk using GRE:

Configure End-to-End Checksumming

Some passenger protocols rely on media checksums to provide data integrity. By default, the tunnel does not guarantee packet integrity. By enabling end-to-end checksums, the routers will drop corrupted packets. To enable such checksums on a tunnel interface, perform the following task in interface configuration mode:

Configure a Tunnel Identification Key

You can optionally enable an ID key for a tunnel interface. This key must be set to the same value on the tunnel endpoints. Tunnel ID keys can be used as a form of weak security to prevent misconfiguration or injection of packets from a foreign source.

The tunnel ID key is available with GRE only.

To configure a tunnel ID key, perform the following task in interface configuration mode:

Configure a Tunnel Interface to Drop Out-of-Order Datagrams

You can optionally configure a tunnel interface to drop datagrams that arrive out of order. This is useful when carrying passenger protocols that behave poorly when they receive packets out of order (for example, LLC2-based protocols). This option is available with GRE only.

To use this option, perform the following task in interface configuration mode:

Understand Subinterfaces

Configuring multiple virtual interfaces, or subinterfaces, on a single physical interface allows greater flexibility and connectivity on the network. A subinterface is a mechanism that allows a single physical interface to support multiple logical interfaces or networks. That is, several logical interfaces or networks can be associated with a single hardware interface. Subinterfaces are implemented in various WAN and LAN protocols, including ATM, Frame Relay, SMDS, X.25, and Novell IPX. For more information about using subinterfaces, refer to the appropriate protocol chapter.

Configure IP Address Pooling on Point-to-Point Links

Point-to-point interfaces must be able to provide a remote node with its IP address through the IP Control Protocol (IPCP) address negotiation process. The IP address can be obtained from a variety of sources. The address can be configured through the command line, entered with an EXEC-level command, or provided by TACACS+, DHCP, or from a locally administered pool.

IP address pooling provides a pool of IP addresses from which an incoming interface can provide an IP address to a remote node through the IP Control Protocol (IPCP) address negotiation process. It also enhances the flexibility of configuration by allowing multiple types of pooling to be active simultaneously.

The IP address pooling feature now allows configuration of a global default address pooling mechanism, a per-interface configuration of the mechanism to use, and a per-interface configuration of a specific address or pool name to use.

Peer Address Allocation

A peer IP address can be allocated to an interface through several methods:

• Dialer map lookup--This method is used only if the peer requests an IP address, no other peer IP address has been assigned, and the interface is a member of a dialer group.

• PPP or SLIP EXEC command--An asynchronous dial-up user can enter a peer IP address or hostname when PPP or SLIP is invoked from the command line. The address is used for the current session and then discarded.

• IPCP negotiation--If the peer presents a peer IP address during IPCP address negotiation and no other peer address is assigned, the presented address is acknowledged and used in the current session.

• Chat script--The IP address in the dialer map command entry that started the script is assigned to the interface and overrides any previously assigned peer IP address.

• VTY/protocol translation--The translate command can define the peer IP address for a VTY (pseudo asynchronous interface).

• Default IP address--The peer default ip address command and the member peer default ip address command can be used to define default peer IP addresses.

• TACACS+ assigned IP address--During the authorization phase of IPCP address negotiation, TACACS+ can return an IP address to be used by the user being authenticated on a dial-up interface. This address overrides any default IP address and prevents pooling from taking place.

• DHCP retrieved IP address--If configured, the router acts as a proxy client for the dial-up user and retrieves an IP address from a DHCP server. That address is returned to the DHCP server when the timer expires or when the interface goes down.

• Local address pool--The local address pool contains a set of contiguous IP addresses (a maximum of 256 addresses) stored in two queues. The free queue contains addresses available to be assigned and the used queue contains addresses that are in use. Addresses are stored to the free queue in first-in first-out (FIFO) order to minimize the chance the address will be reused and to allow a peer to reconnect using the same address as used in the last connection. If the address is available, it is assigned; if not, another address from the free queue is assigned.

The pool configured for the interface is used, unless TACACS+ returns a pool name as part of AAA. If no pool is associated with a given interface, the global pool named default is used.

Precedence Rules

The following precedence rules of peer IP address support determine which address is used. Precedence is listed from highest to lowest:

• AAA/TACACS+ provided address or address from the pool named by AAA/TACACS+.

• An address from a local IP address pool or DHCP (typically not allocated unless no other address exists).

• Dialer map lookup address (not done unless no other address exists).

• Address from an EXEC-level PPP or SLIP command or from a chat script.

• Configured address from the peer default ip address command or address from the protocol translate command.

• Peer provided address from IPCP negotiation (not accepted unless no other address exists).

Interfaces Affected

This feature is available on all asynchronous serial, synchronous serial, ISDN BRI, and ISDN PRI interfaces running PPP or SLIP.

Choose the IP Address Assignment Method

The IP address pooling feature now allows configuration of a global default address pooling mechanism, a per-interface configuration of the mechanism to use, and a per-interface configuration of a specific address or pool name to use.

You can define the IP address pooling mechanism to be used on router interfaces as described in the following sections:

• Define the Global Default Mechanism

• Configure Per-Interface IP Address Assignment

Define the Global Default Mechanism

The Global Default Mechanism applies to all point-to-point interfaces (asynchronous, synchronous, ISDN BRI, ISDN PRI, and dialer interfaces) that support PPP encapsulation and that are not configured for IP address pooling. You can define the Global Default Mechanism to be either DHCP or local address pooling.

To configure the Global Default Mechanism for IP address pooling, perform the tasks in one of following sections:

• Define DHCP as the Global Default Mechanism

• Define Local Address Pooling as the Global Default Mechanism

After you have defined a Global Default Mechanism, you can disable it on a specific interface by configuring the interface for some other pooling mechanism. You can define a local pool other than the default pool for the interface or you can configure the interface with a specific IP address to be used for dial-in peers.

Define DHCP as the Global Default Mechanism

The Dynamic Host Configuration Protocol (DHCP) specifies the following components:

• A DHCP server--A host-based DHCP server configured to accept and process requests for temporary IP addresses

• A DHCP proxy-client--A Cisco access server configured to arbitrate DHCP calls between the DHCP server and the DHCP client. The DHCP client-proxy feature manages a pool of IP addresses available to dial-in clients without a known IP address.

To enable DHCP as the Global Default Mechanism, complete the following tasks in global configuration mode:

In Step 2, you can provide as few as one or as many as ten DHCP servers for the proxy-client (the Cisco router or access server) to use. DHCP servers provide temporary IP addresses.

Define Local Address Pooling as the Global Default Mechanism

To specify local pooling as the Global Default Mechanism to use, complete the following tasks in global configuration mode:

If no other pool is defined, the local pool called default is used.

Configure Per-Interface IP Address Assignment

When you have defined a Global Default Mechanism for assigning IP addresses to dial-in peers, you can then configure the few interfaces for which it is important to have a nondefault configuration.

You can define a nondefault address pool for use by this specific interface, you can define DHCP on this interface even if you have defined local pooling as the Global Default Mechanism, or you can specify one IP address to be assigned to all dial-in peers on this interface.

To define a nondefault address pool for use on this interface, perform the following tasks beginning in global configuration mode:

To define DHCP as the IP address mechanism for this interface, complete the following tasks beginning in global configuration mode:

To define a specific IP address to be assigned to all dial-in peers on this interface, complete the following tasks beginning in global configuration mode:

Configure Features Available on Any Interface

The following sections describe optional tasks that you can perform on any type of interface:

• Add a Description for an Interface

• Configure MOP

• Control Interface Hold-Queue Limits

• Set Bandwidth

• Set Interface Delay

• Adjust Timers

• Limit Transmit Queue Size

• Adjust Maximum Packet Size or MTU Size

Add a Description for an Interface

You can add a description about an interface to help you remember what is attached to it. This description is meant solely as a comment to help identify what the interface is being used for. The description will appear in the output of the following commands: show configuration, show running-config, and show interfaces. When you add a description for a T1 controller interface, it will appear in the output of the show controllers t1 and show running-config commands.

For examples of adding interface descriptions, see the section "Interface Descriptions Examples" at the end of this chapter.

Configure MOP

You can enable MOP on an interface by performing the following task in interface configuration mode:

You can enable an interface to send out periodic MOP system identification messages on an interface by performing the following task in interface configuration mode:

Control Interface Hold-Queue Limits  

Each interface has a hold-queue limit. This limit is the number of data packets that the interface can store in its hold queue before rejecting new packets. When the interface empties one or more packets from the hold queue, it can accept new packets again. You can specify the hold-queue limit of an interface in interface configuration mode as follows:

Set Bandwidth

Higher-level protocols use bandwidth information to make operating decisions. For example, IGRP uses the minimum path bandwidth to determine a routing metric. TCP adjusts initial retransmission parameters based on the apparent bandwidth of the outgoing interface. Perform the following task in interface configuration mode to set a bandwidth value for an interface:

The bandwidth setting is a routing parameter only; it does not affect the physical interface.

Set Interface Delay

Higher-level protocols might use delay information to make operating decisions. For example, IGRP can use delay information to differentiate between a satellite link and a land link. To set a delay value for an interface, perform the following task in interface configuration mode:

Setting the delay value sets an informational parameter only; you cannot adjust the actual delay of an interface with this configuration command.

Adjust Timers

To adjust the frequency of update messages, perform the following task in interface configuration mode:

You also can configure the keepalive interval, the frequency at which the router sends messages to itself (Ethernet and Token Ring) or to the other end (HDLC-serial, PPP-serial) to ensure that a network interface is alive. The interval in some previous software versions was 10 seconds; it is now adjustable in one-second increments down to one second. An interface is declared down after three update intervals have passed without receiving a keepalive packet.

Limit Transmit Queue Size

You can control the size of the transmit queue available to a specified interface on the MCI and SCI cards. To limit the size, perform the following task in interface configuration mode:

Adjust Maximum Packet Size or MTU Size

Each interface has a default maximum packet size or maximum transmission unit (MTU) size. This number generally defaults to 1500 bytes. On serial interfaces, the MTU size varies, but cannot be set smaller than 64 bytes. To adjust the maximum packet size, perform the following task in interface configuration mode:

Configure Dial Backup Service 

The dial backup service provides protection against WAN downtime by allowing you to configure a backup serial line via a circuit-switched connection.

To configure dial backup, perform the following tasks in interface configuration mode:

See examples of configuring dial backup service in the sections "Dial Backup Service When the Primary Line Goes Down Examples," "Dial Backup Service When the Primary Line Reaches Threshold Examples," and "Dial Backup Service When the Primary Line Exceeds Threshold Examples" at the end of this chapter. See also the chapter "Configuring DDR."

Configure Loopback Detection

When an interface has a backup interface configured, it is often desirable that the backup interface be enabled when the primary interface is either down or in loopback. By default, the backup is only enabled if the primary interface is down. By using the down-when-looped command, the backup interface will also be enabled if the primary interface is in loopback. To achieve this condition, perform the following task in interface configuration mode:

If testing an interface with the loopback command, you should not have loopback detection configured, or packets will not be transmitted out the interface that is being tested.

Understand Online Insertion and Removal (OIR)

The Cisco 7000 series online insertion and removal (OIR) feature allows you to remove and replace CxBus interface processors while the system is on line. You can shut down the interface processor before removal and restart it after insertion without causing other software or interfaces to shut down.

You do not need to notify the software that you are going to remove or install an interface processor. When the route processor is notified by the system that an interface processor has been removed or installed, it stops routing and scans the system for a configuration change. All interface processors are initialized, and each interface type is verified against the system configuration; then the system runs diagnostics on the new interface. There is no disruption to normal operation during interface processor insertion or removal.

Only an interface of a type that has been configured previously will be brought on line; others require configuration. If a newly installed interface processor does not match the system configuration, the interface is left in an administratively down state until the system operator configures the system with the new interfaces.

Hardware (MAC-level) addresses for all interfaces on the Cisco 7000 are stored on an electronically erasable programmable read-only memory (EEPROM) component in the Route Processor (RP) instead of on the individual interface boards. An address allocator in the EEPROM contains a sequential block of 40 addresses (5 interface slots times a maximum of 8 possible ports per slot). Each address is assigned to a specific slot and port address in the chassis, regardless of how the interfaces are configured. This allows interfaces to be replaced online without requiring the system to update routing tables and data structures. Regardless of the types of interfaces installed, the hardware addresses do not change unless you replace the system RP. If you do replace the RP, the hardware addresses of all ports change to those specified in the address allocator on the new RP.

Understand Fast, Autonomous, and SSE Switching Support

Switching is the process by which packets in a router are forwarded. Our routers support four kinds of switching: process switching, fast switching, autonomous switching, and silicon switching. For more information about switching and about which platforms, interfaces, and protocols support which types of switching, refer to the "Switching" appendix in the Router Products Command Reference publication.

Monitor and Maintain the Interface

You can perform the tasks in the following sections to monitor and maintain the interfaces:

• Monitor Interface Status

• Monitor the Interface Port

• Monitor the T1 or E1 Controller

• Monitor the LAN Extender Interface

• Monitor and Maintain a Hub

• Monitor IP Tunnels

• Clear and Reset the Interface

• Shut Down and Restart the Interface

• Display Diagnostic Information (Cisco 7000 Family Only)

• Run Interface Loopback Diagnostics

Monitor Interface Status

The software contains commands that you can enter at the EXEC prompt to display information about the interface including the version of the software and the hardware, the controller status, and statistics about the interfaces. The following table lists some of the interface monitoring tasks. (You can display the full list of show commands by entering the show ? command at the EXEC prompt.) These commands are fully described in the Router Products Command Reference publication.

Perform the following commands in EXEC mode:

Monitor the Interface Port

This section applies to the Cisco 7000 series only. The port adapter cable connected to each port determines the electrical interface type and mode of the port. The default mode of the ports is DCE, which allows you to perform a loopback test on any port without having to attach a port adapter cable. Although DCE is the default, there is no default clock rate set on the interfaces. When there is no cable attached to a port, the software actually identifies the port as "Universal, Cable Unattached" rather than either as a DTE or DCE interface.

Use the show controller cxbus command to show information about the interface port. The following example shows an interface port (2/0) that has an RS-232 DTE cable attached and a second port (2/1) that does not have a cable attached:

Cisco 7000# show controller cxbus
Switch Processor 7, hardware version 11.1 microcode version 1.4
 512 Kbytes of main memory, 128 Kbytes cache memory, 299 1520 byte buffers
 Restarts: 0 line down, 0 hung output, 0 controller error
FSIP 2, hardware version 3, microcode version 1.0
 Interface 16 - Serial2/0, electrical interface is RS-232 DTE
  31 buffer RX queue threshold, 101 buffer TX queue limit, buffer size 1520
  Transmitter delay is 0 microseconds
 Interface 17 -Serial2/1, electrical interface is Universal (cable unattached)
  31 buffer RX queue threshold, 101 buffer TX queue limit, buffer size 1520

To change the electrical interface type or mode of a port online, replace the serial adapter cable and use software commands to restart the interface and, if necessary, reconfigure the port for the new interface. At system startup or restart, the FSIP polls the interfaces and determines the electrical interface type of each port (according to the type of port adapter cable attached). However, it does not necessarily repoll an interface when you change the adapter cable online. To ensure that the system recognizes the new interface type, shut down and reenable the interface after changing the cable.

Monitor the T1 or E1 Controller

This section applies to the Cisco 7000 series only. Because the T1 or E1 line itself is viewed as the controller, perform the following task in EXEC mode to display information about activity on the T1 or E1 line.

Alarms, line conditions, and other errors are displayed. The data is updated every 10 seconds. Every 15 minutes, the cumulative data is stored and retained for 24 hours. This means at any one time, up to 96 15-minute accumulations are counted in the data display.

Monitor the LAN Extender Interface

To monitor the LAN Extender interface, the Ethernet interface that resides on the LAN Extender, the serial interface that resides on the LAN Extender, or the serial interface connected to the LAN Extender, perform one or more of the following tasks at the EXEC prompt:

Monitor and Maintain a Hub

You can perform the tasks in the following sections to monitor and maintain the hub:

• Shut Down the Hub Port

• Reset the Hub or Clear the Hub Counters

• Monitor the Hub

Shut Down the Hub Port

To shut down or disable a hub port, perform the following tasks, beginning in global configuration mode: