Ch. 5 – Frame Relay CCNA 4 version 3.0 Rick Graziani Cabrillo College Note to instructors • If you have downloaded this presentation from the Cisco Networking Academy Community FTP Center, this may not be my latest version of this PowerPoint. • For the latest PowerPoints for all my CCNA, CCNP, and Wireless classes, please go to my web site: http://www.cabrillo.cc.ca.us/~rgraziani/ • The username is cisco and the password is perlman for all of my materials. • If you have any questions on any of my materials or the curriculum, please feel free to email me at graziani@cabrillo.edu (I really don’t mind helping.) Also, if you run across any typos or errors in my presentations, please let me know. • I will add “(Updated – date)” next to each presentation on my web site that has been updated since these have been uploaded to the FTP center. Thanks! Rick Rick Graziani graziani@cabrillo.edu 2 Note • • • Much of the information in this presentation comes from the CCNP 2 version 3.0 module on Frame Relay. I find a lot of the information in CCNA 4 module 5 Frame Relay not very well written or not well explained. CCNP 3 does a much better job of presenting and explaining these concepts. Rick Graziani graziani@cabrillo.edu 3 Overview • Identify the components of a Frame Relay network • Explain the scope and purpose of Frame Relay • Discuss the technology of Frame Relay • Compare point-to-point and point-to-multipoint topologies • Examine the topology of a Frame Relay network • Configure a Frame Relay Permanent Virtual Circuit (PVC) • Create a Frame Relay Map on a remote network • Explain the issues of a non-broadcast multi-access • • network Describe the need for subinterfaces and how to configure them Verify and troubleshoot a Frame Relay connection Rick Graziani graziani@cabrillo.edu 4 Introducing Frame Relay • Frame Relay is a packet-switched, connection-oriented, WAN service. It operates at the data link layer of the OSI reference model. • Frame Relay uses a subset of the high-level data link control (HDLC) protocol called Link Access Procedure for Frame Relay (LAPF). • Frames carry data between user devices called data terminal equipment (DTE), and the data communications equipment (DCE) at the edge of the WAN. – It does not define the way the data is transmitted within the service provider’s Frame Relay cloud. – This is ATM in many cases! Rick Graziani graziani@cabrillo.edu 5 Frame Relay vs. X.25 • Frame Relay does not have the sequencing, windowing, and • • • • • retransmission mechanisms that are used by X.25. Without the overhead, the streamlined operation of Frame Relay outperforms X.25. Typical speeds range from 56 kbps up to 2 Mbps, although higher speeds are possible. (Up to 45 Mbps) The network providing the Frame Relay service can be either a carrierprovided public network or a privately owned network. Because it was designed to operate on high-quality digital lines, Frame Relay provides no error recovery mechanism. If there is an error in a frame it is discarded without notification. Rick Graziani graziani@cabrillo.edu 6 Introducing Frame Relay Access circuits • A Frame Relay network may be privately owned, but it is more • • • commonly provided as a service by a public carrier. It typically consists of many geographically scattered Frame Relay switches interconnected by trunk lines. Frame Relay is often used to interconnect LANs. When this is the case, a router on each LAN will be the DTE. A serial connection, such as a T1/E1 leased line, will connect the router to a Frame Relay switch of the carrier at the nearest point-of-presence for the carrier. (access circuit) Rick Graziani graziani@cabrillo.edu 7 DTE – Data Terminal Equipment • DTEs generally are considered to be terminating equipment for a • • • specific network and typically are located on the premises of the customer. The customer may also own this equipment. Examples of DTE devices are routers and Frame Relay Access Devices (FRADs). A FRAD is a specialized device designed to provide a connection between a LAN and a Frame Relay WAN. Rick Graziani graziani@cabrillo.edu 8 DCE – Data Communications Equipment UNI NNI • DCEs are carrier-owned internetworking devices. • The purpose of DCE equipment is to provide clocking and switching • • • services in a network. In most cases, these are packet switches, which are the devices that actually transmit data through the WAN. The connection between the customer and the service provider is known as the User-to-Network Interface (UNI). The Network-to-Network Interface (NNI) is used to describe how Frame Relay networks from different providers connect to each other. Rick Graziani graziani@cabrillo.edu 9 Frame Relay terminology An SVC between the same two DTEs may change. Path may change. A PVC between the same two DTEs will always be the same. Always same Path. • The connection through the Frame Relay network between two DTEs is • • • • • called a virtual circuit (VC). Switched Virtual Circuits (SVCs) are Virtual circuits may be established dynamically by sending signaling messages to the network. However, SVCs are not very common. Permanent Virtual Circuits (PVCs) are more common. PVC are VCs that have been preconfigured by the carrier are used. The switching information for a VC is stored in the memory of the switch. Rick Graziani graziani@cabrillo.edu 10 Access Circuits and Cost Savings • The FRAD or router connected to the Frame Relay network may have multiple virtual circuits connecting it to various end points. • This makes it a very cost-effective replacement for a full mesh of access lines. • Each end point needs only a single access line and interface. • More savings arise as the capacity of the access line is based on the average bandwidth requirement of the virtual circuits, rather than on the maximum bandwidth requirement. • Note: Also do not have to pay for leased line between two sites even when no traffic is being sent. Rick Graziani graziani@cabrillo.edu 11 IETF Frame Relay Frame • Cisco routers support two types of Frame Relay headers. • – Cisco, which is a 4-byte header. – IETF, which is a 2-byte header that conforms to the IETF standards. The Cisco proprietary 4-byte header is the default and cannot be used if the router is connected to another vendor's equipment across a Frame Relay network. Rick Graziani graziani@cabrillo.edu 12 IETF Frame Relay Frame Rick Graziani graziani@cabrillo.edu 13 IETF Frame Relay Frame Rick Graziani graziani@cabrillo.edu 14 DLCI • A data-link connection identifier (DLCI) identifies the logical VC • • • • between the CPE and the Frame Relay switch. The Frame Relay switch maps the DLCIs between each pair of routers to create a PVC. DLCIs have local significance, although there some implementations that use global DLCIs. DLCIs 0 to 15 and 1008 to 1023 are reserved for special purposes. Service providers assign DLCIs in the range of 16 to 1007. – DLCI 1019, 1020: Multicasts – DLCI 1023: Cisco LMI – DLCI 0: ANSI LMI Rick Graziani graziani@cabrillo.edu 15 DLCI • Your Frame Relay provider sets up the DLCI numbers to be used by the routers for establishing PVCs. Rick Graziani graziani@cabrillo.edu 16 Frame Relay bandwidth and flow control Note: • I am going to use information from CCNA version 2.0 and CCNP 2 version 3.0 to explain this topic. • I do not like how this section (5.1.4) was written as I do not think it explains the topic very well at all. Rick Graziani graziani@cabrillo.edu 17 Frame Relay bandwidth and flow control The first thing we need to do is become familiar with some of the terminology. • Local access rate – This is the clock speed or port speed of the • connection or local loop to the Frame Relay cloud. – It is the rate at which data travels into or out of the network, regardless of other settings. Committed Information Rate (CIR) – This is the rate, in bits per second, at which the Frame Relay switch agrees to transfer data. – The rate is usually averaged over a period of time, referred to as the committed rate measurement interval (Tc). – In general, the duration of Tc is proportional to the "burstiness" of the traffic. Rick Graziani graziani@cabrillo.edu 18 Frame Relay bandwidth and flow control per VC • Oversubscription – Oversubscription is when the sum of the CIRs on all the VCs exceeds the access line speed. – Oversubscription can also occur when the access line can support the sum of CIRs purchased, but not of the CIRs plus the bursting capacities of the VCs. – Oversubscription increases the likelihood that packets will be dropped. Rick Graziani graziani@cabrillo.edu 19 Frame Relay bandwidth and flow control Tc = 2 seconds Bc = 64 kbps CIR = 32 kbps • Committed burst (Bc) – The maximum number of bits that the switch • agrees to transfer during any Tc. – The higher the Bc-to-CIR ratio, the longer the switch can handle a sustained burst. – For example, if the Tc is 2 seconds and the CIR is 32 kbps, the Bc is 64 kbps. – The Tc calculation is Tc = Bc/CIR. Committed Time Interval (Tc) – Tc is not a recurrent time interval. It is used strictly to measure inbound data, during which time it acts like a sliding window. Inbound data triggers the Tc interval. Rick Graziani graziani@cabrillo.edu 20 Frame Relay bandwidth and flow control • Excess burst (Be) – This is the maximum number of uncommitted bits • that the Frame Relay switch attempts to transfer beyond the CIR. – Excessive Burst (Be) is dependent on the service offerings available from your vendor, but it is typically limited to the port speed of the local access loop. Excess Information Rate (EIR) – This defines the maximum bandwidth available to the customer, which is the CIR plus the Be. – Typically, the EIR is set to the local access rate. – In the event the provider sets the EIR to be lower than the local access rate, all frames beyond that maximum can be discarded automatically, even if there is no congestion. Rick Graziani graziani@cabrillo.edu 21 Frame Relay bandwidth and flow control • Forward Explicit Congestion Notification (FECN) – When a Frame • Relay switch recognizes congestion in the network, it sends an FECN packet to the destination device. – This indicates that congestion has occurred. Backward Explicit Congestion Notification (BECN) – When a Frame Relay switch recognizes congestion in the network, it sends a BECN packet to the source router. – This instructs the router to reduce the rate at which it is sending packets. – With Cisco IOS Release 11.2 or later, Cisco routers can respond to BECN notifications. – This topic is discussed later in this module. Rick Graziani graziani@cabrillo.edu 22 Frame Relay bandwidth and flow control • Discard eligibility (DE) bit – When the router or switch detects network congestion, it can mark the packet "Discard Eligible". – The DE bit is set on the traffic that was received after the CIR was met. – These packets are normally delivered. However, in periods of congestion, the Frame Relay switch will drop packets with the DE bit set first. Rick Graziani graziani@cabrillo.edu 23 Frame Relay bandwidth • Several factors determine the rate at which a customer can send data • • • • • • on a Frame Relay network. Foremost in limiting the maximum transmission rate is the capacity of the local loop to the provider. If the local loop is a T1, no more than 1.544 Mbps can be sent. In Frame Relay terminology, the speed of the local loop is called the local access rate. Providers use the CIR parameter to provision network resources and regulate usage. For example, a company with a T1 connection to the packet-switched network (PSN) may agree to a CIR of 768 Kbps. This means that the provider guarantees 768 Kbps of bandwidth to the customer’s link at all times. Rick Graziani graziani@cabrillo.edu 24 Frame Relay bandwidth • Typically, the higher the CIR, the higher the cost of service. • Customers can choose the CIR that is most appropriate to their • • bandwidth needs, as long as the CIR is less than or equal to the local access rate. If the CIR of the customer is less than the local access rate, the customer and provider agree on whether bursting above the CIR is allowed. If the local access rate is T1 or 1.544 Mbps, and the CIR is 768 Kbps, half of the potential bandwidth (as determined by the local access rate) remains available. Rick Graziani graziani@cabrillo.edu 25 Frame Relay bandwidth • Many providers allow their customers to purchase a CIR of 0 (zero). • This means that the provider does not guarantee any throughput. • In practice, customers usually find that their provider allows them to • • • burst over the 0 (zero) CIR virtually all of the time. If a CIR of 0 (zero) is purchased, carefully monitor performance in order to determine whether or not it is acceptable. Frame Relay allows a customer and provider to agree that under certain circumstances, the customer can “burst” over the CIR. Since burst traffic is in excess of the CIR, the provider does not guarantee that it will deliver the frames. Rick Graziani graziani@cabrillo.edu 26 Frame Relay bandwidth • Either a router or a Frame Relay switch tags each frame that is • • • • • • transmitted beyond the CIR as eligible to be discarded. When a frame is tagged DE, a single bit in the Frame Relay frame is set to 1. This bit is known as the discard eligible (DE) bit. The Frame Relay specification also includes a protocol for congestion notification. This mechanism relies on the FECN/ BECN bits in the Q.922 header of the frame. The provider’s switches or the customer’s routers can selectively set the DE bit in frames. These frames will be the first to be dropped when congestion occurs. Rick Graziani graziani@cabrillo.edu 27 LMI – Local Management Interface • LMI is a signaling standard between • • the DTE and the Frame Relay switch. LMI is responsible for managing the connection and maintaining the status between devices. LMI includes: – A keepalive mechanism, which verifies that data is flowing – A multicast mechanism, which provides the network server (router) with its local DLCI. – The multicast addressing, which can give DLCIs global rather than local significance in Frame Relay networks (not common). – A status mechanism, which provides an ongoing status on the DLCIs known to the switch Rick Graziani graziani@cabrillo.edu 28 LMI LMI • In order to deliver the first LMI services to customers as soon as • • • possible, vendors and standards committees worked separately to develop and deploy LMI in early Frame Relay implementations. The result is that there are three types of LMI, none of which is compatible with the others. Cisco, StrataCom, Northern Telecom, and Digital Equipment Corporation (Gang of Four) released one type of LMI, while the ANSI and the ITU-T each released their own versions. The LMI type must match between the provider Frame Relay switch and the customer DTE device. Rick Graziani graziani@cabrillo.edu 29 LMI LMI • In Cisco IOS releases prior to 11.2, the Frame Relay interface must be • • • manually configured to use the correct LMI type, which is furnished by the service provider. If using Cisco IOS Release 11.2 or later, the router attempts to automatically detect the type of LMI used by the provider switch. This automatic detection process is called LMI autosensing. No matter which LMI type is used, when LMI autosense is active, it sends out a full status request to the provider switch. Rick Graziani graziani@cabrillo.edu 30 LMI • Frame Relay devices can now listen in on both DLCI 1023 or Cisco • • • LMI and DLCI 0 or ANSI and ITU-T simultaneously. The order is ansi, q933a, cisco and is done in rapid succession to accommodate intelligent switches that can handle multiple formats simultaneously. The Frame Relay switch uses LMI to report the status of configured PVCs. The three possible PVC states are as follows: – Active state – Indicates that the connection is active and that routers can exchange data. – Inactive state – Indicates that the local connection to the Frame Relay switch is working, but the remote router connection to the Frame Relay switch is not working. – Deleted state – Indicates that no LMI is being received from the Frame Relay switch, or that there is no service between the CPE router and Frame Relay switch. Rick Graziani graziani@cabrillo.edu 31 DLCI Mapping to Network Address • Manual • – Manual: Administrators use a frame relay map statement. Dynamic – Inverse Address Resolution Protocol (I-ARP) provides a given DLCI and requests next-hop protocol addresses for a specific connection. – The router then updates its mapping table and uses the information in the table to forward packets on the correct route. Rick Graziani graziani@cabrillo.edu 32 Inverse ARP 2 1 • Once the router learns from the switch about available PVCs and their • • • • corresponding DLCIs, the router can send an Inverse ARP request to the other end of the PVC. (unless statically mapped – later) For each supported and configured protocol on the interface, the router sends an Inverse ARP request for each DLCI. (unless statically mapped) In effect, the Inverse ARP request asks the remote station for its Layer 3 address. At the same time, it provides the remote system with the Layer 3 address of the local system. The return information from the Inverse ARP is then used to build the Frame Relay map. Rick Graziani graziani@cabrillo.edu 33 Inverse ARP • Inverse Address Resolution Protocol (Inverse ARP) was developed to provide a mechanism for dynamic DLCI to Layer 3 address maps. • Inverse ARP works much the same way Address Resolution Protocol (ARP) works on a LAN. • However, with ARP, the device knows the Layer 3 IP address and needs to know the remote data link MAC address. • With Inverse ARP, the router knows the Layer 2 address which is the DLCI, but needs to know the remote Layer 3 IP address. Rick Graziani graziani@cabrillo.edu 34 Frame Relay Encapsulation Router(config-if)#encapsulation frame-relay {cisco | ietf} • cisco - Default. – Use this if connecting to another Cisco router. • Ietf - Select this if connecting to a non-Cisco router. – RFC 1490 Rick Graziani graziani@cabrillo.edu 35 Frame Relay LMI Router(config-if)#frame-relay lmi-type {ansi | cisco | q933a} • It is important to remember that the Frame Relay service provider • • • maps the virtual circuit within the Frame Relay network connecting the two remote customer premises equipment (CPE) devices that are typically routers. Once the CPE device, or router, and the Frame Relay switch are exchanging LMI information, the Frame Relay network has everything it needs to create the virtual circuit with the other remote router. The Frame Relay network is not like the Internet where any two devices connected to the Internet can communicate. In a Frame Relay network, before two routers can exchange information, a virtual circuit between them must be set up ahead of time by the Frame Relay service provider. Rick Graziani graziani@cabrillo.edu 36 Minimum Frame Relay Configuration 172.16.1.2 Headquarters Hub City DLCI 101 Frame Relay Network 172.16.1.1 DLCI 102 Satellite Office 1 Spokane HubCity(config)# interface serial 0 HubCity(config-if)# ip address 172.16.1.2 255.255.255.0 HubCity(config-if)# encapsulation frame-relay Spokane(config)# interface serial 0 Spokane(config-if)# ip address 172.16.1.1 255.255.255.0 Spokane(config-if)# encapsulation frame-relay Rick Graziani graziani@cabrillo.edu 37 Minimum Frame Relay Configuration 172.16.1.2 Headquarters Hub City DLCI 101 Frame Relay Network 172.16.1.1 DLCI 102 Satellite Office 1 Spokane • Cisco Router is now ready to act as a Frame-Relay DTE device. The following process occurs: 1. The interface is enabled. 2. The Frame-Relay switch announces the configured DLCI(s) to the router. 3. Inverse ARP is performed to map remote network layer addresses to the local DLCI(s). The routers can now ping each other! Rick Graziani graziani@cabrillo.edu 38 Inverse ARP 172.16.1.2 Headquarters Hub City DLCI 101 Frame Relay Network 172.16.1.1 DLCI 102 Satellite Office 1 Spokane HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active • dynamic refers to the router learning the IP address via Inverse ARP • The DLCI 101 is configured on the Frame Relay Switch by the • provider. We will see this in a moment. Rick Graziani graziani@cabrillo.edu 39 Inverse ARP Limitations 172.16.1.2 Headquarters Hub City DLCI 101 Frame Relay Network 172.16.1.1 DLCI 102 Satellite Office 1 Spokane • Inverse ARP only resolves network addresses of remote Frame-Relay • • • • • • connections that are directly connected. Inverse ARP does not work with Hub-and-Spoke connections. (We will see this in a moment.) When using dynamic address mapping, Inverse ARP requests a nexthop protocol address for each active PVC. Once the requesting router receives an Inverse ARP response, it updates its DLCI-to-Layer 3 address mapping table. Dynamic address mapping is enabled by default for all protocols enabled on a physical interface. If the Frame Relay environment supports LMI autosensing and Inverse ARP, dynamic address mapping takes place automatically. Therefore, no static address mapping is required. Rick Graziani graziani@cabrillo.edu 40 Configuring Frame Relay maps Router(config-if)#frame-relay map protocol protocol-address dlci [broadcast] [ietf | cisco] • If the environment does not support LMI autosensing and Inverse ARP, • • • • a Frame Relay map must be manually configured. Use the frame-relay map command to configure static address mapping. Once a static map for a given DLCI is configured, Inverse ARP is disabled on that DLCI. The broadcast keyword is commonly used with the frame-relay map command. The broadcast keyword provides two functions. – Forwards broadcasts when multicasting is not enabled. – Simplifies the configuration of OSPF for nonbroadcast networks that use Frame Relay. (coming) Rick Graziani graziani@cabrillo.edu 41 Frame Relay Maps By default, cisco is the default encapsulation Uses cisco encapsulation for this DLCI (not needed, default) Rick Graziani graziani@cabrillo.edu Remote IP Address Local DLCI 42 More on Frame Relay Encapsulation Applies to all DLCIs unless configured otherwise • If the Cisco encapsulation is configured on a serial interface, then by • • • default, that encapsulation applies to all VCs on that serial interface. If the equipment at the destination is Cisco and non-Cisco, configure the Cisco encapsulation on the interface and selectively configure IETF encapsulation per DLCI, or vice versa. These commands configure the Cisco Frame Relay encapsulation for all PVCs on the serial interface. Except for the PVC corresponding to DLCI 49, which is explicitly configured to use the IETF encapsulation. Rick Graziani graziani@cabrillo.edu 43 Verifying Frame Relay interface configuration • • The show interfaces serial command displays information regarding the encapsulation and the status of Layer 1 and Layer 2. It also displays information about the multicast DLCI, the DLCIs used on the Frame Relay-configured serial interface, and the DLCI used for the LMI signaling. Rick Graziani graziani@cabrillo.edu 44 show interfaces serial Atlanta(config)#interface serial 0/0 Atlanta(config-if)#description Circuit-05QHDQ101545-080TCOM-002 Atlanta(config-if)#^z Atlanta#show interfaces serial 0/0 Serial 0/0 is up, line protocol is up Hardware is MCI Serial Description Circuit-05QHDQ101545-080TCOM-002 Internet address is 150.136.190.203, subnet mask 255.255.255.0 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 uses, rely 255/255, load 1/255 • To simplify the WAN management, use the description command at the interface level to record the circuit number. Rick Graziani graziani@cabrillo.edu 45 show frame-relay pvc • The show frame-relay pvc command displays the status of each • • • configured connection, as well as traffic statistics. This command is also useful for viewing the number of Backward Explicit Congestion Notification (BECN) and Forward Explicit Congestion Notification (FECN) packets received by the router. The command show frame-relay pvc shows the status of all PVCs configured on the router. If a single PVC is specified, only the status of that PVC is shown. Rick Graziani graziani@cabrillo.edu 46 show frame-relay map • The show frame-relay map command displays the current map entries and information about the connections. Rick Graziani graziani@cabrillo.edu 47 show frame-relay lmi • The show frame-relay lmi command displays LMI traffic statistics showing the number of status messages exchanged between the local router and the Frame Relay switch. Rick Graziani graziani@cabrillo.edu 48 clear frame-relay-inarp • To clear dynamically created Frame Relay maps, which are created using Inverse ARP, use the clear frame-relay-inarp command. Rick Graziani graziani@cabrillo.edu 49 Troubleshooting the Frame Relay configuration • Use the debug frame-relay lmi command to determine whether the router and the Frame Relay switch are sending and receiving LMI packets properly. Rick Graziani graziani@cabrillo.edu 50 debug frame-relay lmi (continued) • • • • The possible values of the status field are as follows: 0x0 – Added/inactive means that the switch has this DLCI programmed but for some reason it is not usable. The reason could possibly be the other end of the PVC is down. 0x2 – Added/active means the Frame Relay switch has the DLCI and everything is operational. 0x4 – Deleted means that the Frame Relay switch does not have this DLCI programmed for the router, but that it was programmed at some point in the past. This could also be caused by the DLCIs being reversed on the router, or by the PVC being deleted by the service provider in the Frame Relay cloud. Rick Graziani graziani@cabrillo.edu 51 Frame Relay Topologies Rick Graziani graziani@cabrillo.edu 52 NBMA – Non Broadcast Multiple Access Frames between two routers are only seen by those two devices (non broadcast). Similar to a LAN, multiple computers have access to the same network and potentially to each other (multiple access). • An NBMA network is the opposite of a broadcast network. • On a broadcast network, multiple computers and devices are • • attached to a shared network cable or other medium. When one computer transmits frames, all nodes on the network "listen" to the frames, but only the node to which the frames are addressed actually receives the frames. Thus, the frames are broadcast. A nonbroadcast multiple access network is a network to which multiple computers and devices are attached, but data is transmitted directly from one computer to another over a virtual circuit or across a switching fabric. The most common examples of nonbroadcast network media include ATM (Asynchronous Transfer Mode), frame relay, and X.25. http://www.linktionary.com/ Rick Graziani graziani@cabrillo.edu 53 Star Topology • A star topology, also known as a hub and spoke configuration, is the • • • most popular Frame Relay network topology because it is the most cost-effective. In this topology, remote sites are connected to a central site that generally provides a service or application. This is the least expensive topology because it requires the fewest PVCs. In this example, the central router provides a multipoint connection, because it is typically using a single interface to interconnect multiple PVCs. Rick Graziani graziani@cabrillo.edu 54 Full Mesh Full Mesh Topology Number of Number of Connections PVCs -----------------------------2 1 4 6 6 15 8 28 10 45 • In a full mesh topology, all routers have PVCs to all other destinations. • This method, although more costly than hub and spoke, provides direct • • • connections from each site to all other sites and allows for redundancy. For example, when one link goes down, a router at site A can reroute traffic through site C. As the number of nodes in the full mesh topology increases, the topology becomes increasingly more expensive. The formula to calculate the total number of PVCs with a fully meshed WAN is [n(n - 1)]/2, where n is the number of nodes. Rick Graziani graziani@cabrillo.edu 55 A Frame-Relay Configuration Supporting Multiple Sites Headquarters Hub City Hub Router • This is known as a Hub and Spoke Topology, where the Hub router relays information between the Spoke routers. • Limits the number of PVCs needed as in a full-mesh topology (coming). Rick Graziani graziani@cabrillo.edu DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 DLCI 211 172.16.1.1 Satellite Office 1 Spokane 172.16.1.3 Spoke Routers Satellite Office 2 Spokomo 56 Headquarters Hub City Configuration using Inverse ARP HubCity interface Serial0 ip address 172.16.1.2 255.255.255.0 encapsulation frame-relay Spokane interface Serial0 ip address 172.16.1.1 255.255.255.0 encapsulation frame-relay DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo Spokomo interface Serial0 ip address 172.16.1.3 255.255.255.0 encapsulation frame-relay Rick Graziani graziani@cabrillo.edu 57 Configuration using Inverse ARP: Rick Graziani graziani@cabrillo.edu 58 Headquarters Hub City Configuration using Inverse ARP DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 102, dynamic, broadcast, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 211, dynamic, broadcast, status defined, active Rick Graziani graziani@cabrillo.edu 59 Configuration using Inverse ARP HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 102, dynamic, broadcast, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 211, dynamic, broadcast, status defined, active • Inverse ARP resolved the ip addresses for HubCity for both • • • Spokane and Spokomo Inverse ARP resolved the ip addresses for Spokane for HubCity Inverse ARP resolved the ip addresses for Spokomo for HubCity What about between Spokane and Spokomo? Rick Graziani graziani@cabrillo.edu 60 Headquarters Hub City Inverse ARP Limitations DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 DLCI 211 172.16.1.1 Satellite Office 1 Spokane 172.16.1.3 Satellite Office 2 Spokomo • Can HubCity ping both Spokane and Spokomo? Yes! • Can Spokane and Spokomo ping HubCity? Yes! • Can Spokane and Spokomo ping each other? No! The Spoke routers’ serial interfaces (Spokane and Spokomo) drop the ICMP packets because there is no DLCI-to-IP address mapping for the destination address. Solutions to the limitations of Inverse ARP 1. Add an additional PVC between Spokane and Spokomo (Full Mesh) 2. Configure Frame-Relay Map Statements 3. Configure Point-to-Point Subinterfaces. Rick Graziani graziani@cabrillo.edu 61 Frame Relay Map Statements Router(config-if)#frame-relay map protocol protocol-address dlci [broadcast] [ietf | cisco] Instead of using additional PVCs, Frame-Relay map statements can be used to: • Statically map local DLCIs to an unknown remote network layer addresses. • Also used when the remote router does not support Inverse ARP Rick Graziani graziani@cabrillo.edu 62 HubCity interface Serial0 ip address 172.16.1.2 255.255.255.0 encapsulation frame-relay (Inverse-ARP still works here) Frame-Relay Map Statements Headquarters Hub City Spokane interface Serial0 ip address 172.16.1.1 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.3 102 frame-relay map ip 172.16.1.2 102 Spokomo interface Serial0 ip address 172.16.1.3 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.1 211 frame-relay map ip 172.16.1.2 211 DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo Notice that the routers are configured to use either IARP or Frame Relay maps. Using both on the same interface will cause problems. Rick Graziani graziani@cabrillo.edu 63 Mixing Inverse ARP and Frame Relay Map Statements Headquarters Hub City DLCI 101 DLCI 112 172.16.1.2 Inverse ARP Frame Relay Network Frame Relay maps DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo • The previous configuration works fine and all routers can ping each • • other. What if we were to use I-ARP between the spoke routers and the hub, and frame relay map statements between the two spokes? There would be a problem! Rick Graziani graziani@cabrillo.edu 64 Mixing Inverse ARP and Frame Relay Map Statements Headquarters Hub City HubCity interface Serial0 ip address 172.16.1.2 255.255.255.0 encapsulation frame-relay DLCI 101 172.16.1.2 Spokane interface Serial0 ip address 172.16.1.1 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.3 102 Spokomo interface Serial0 ip address 172.16.1.3 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.1 211 Rick Graziani graziani@cabrillo.edu DLCI 112 Frame Relay Network DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo 65 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 102, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 102, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 211, broadcast, status defined, active Serial0 (up): ip 172.16.1.1 dlci 211, status defined, active Rick Graziani graziani@cabrillo.edu dynamic, dynamic, dynamic, static, CISCO, dynamic, static, CISCO, 66 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 102, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 102, static, CISCO, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 211, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.1 dlci 211, static, CISCO, status defined, active Good News: • Everything looks fine! • Now all routers can ping each other! Bad News: • Problem when using Frame-Relay map statements AND Inverse ARP. • This will only work until the router is reloaded, here is why... Rick Graziani graziani@cabrillo.edu 67 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 102, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 102, static, CISCO, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.2 dlci 211, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.1 dlci 211, static, CISCO, status defined, active Frame-Relay Map Statement Rule: • When a Frame-Relay map statement is configured for a particular protocol (IP, IPX, …) Inverse-ARP will be disabled for that specific protocol, only for the DLCI referenced in the Frame-Relay map statement. Rick Graziani graziani@cabrillo.edu 68 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show Serial0 (up): Serial0 (up): Spokane# show Serial0 (up): Serial0 (up): Spokomo# show Serial0 (up): Serial0 (up): • • • • frame-relay map ip 172.16.1.1 dlci ip 172.16.1.3 dlci frame-relay map ip 172.16.1.2 dlci ip 172.16.1.3 dlci frame-relay map ip 172.16.1.2 dlci ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active 112, dynamic, broadcast, status defined, active 102, dynamic, broadcast, status defined, active 102, static, CISCO, status defined, active 211, dynamic, broadcast, status defined, active 211, static, CISCO, status defined, active The previous solution worked only because the Inverse ARP had taken place between Spokane and HubCity, and between Spokomo and HubCity, before the Frame-Relay map statements were added. (The Frame-Relay map statement was added after the Inverse ARP took place.) Both the Inverse-ARP and Frame-Relay map statements are in effect. Once the router is reloaded (rebooted) the Inverse-ARP will never occur because of the configured Frame-Relay map statement. (assuming the running-config is copied to the startup-config) Rule: Inverse-ARP will be disabled for that specific protocol, for the DLCI referenced in the Frame-Relay map statement. Rick Graziani graziani@cabrillo.edu 69 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show frame-relay map (after reload) Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map NOW MISSING: Serial0 (up): ip 172.16.1.2 dlci 102, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 102, static, CISCO, status defined, active Spokomo# show frame-relay map NOW MISSING: Serial0 (up): ip 172.16.1.2 dlci 211, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.1 dlci 211, static, CISCO, status defined, active Rick Graziani graziani@cabrillo.edu 70 Mixing Inverse ARP and Frame Relay Map Statements HubCity# show frame-relay map (after reload) Serial0 (up): ip 172.16.1.1 dlci 101, dynamic, broadcast, status defined, active Serial0 (up): ip 172.16.1.3 dlci 112, dynamic, broadcast, status defined, active Spokane# show frame-relay map Serial0 (up): ip 172.16.1.3 dlci 102, static, CISCO, status defined, active Spokomo# show frame-relay map Serial0 (up): ip 172.16.1.1 dlci 211, static, CISCO, status defined, active Spokane and Spokomo can no longer ping HubCity because they do not have a dlci-to-IP mapping for the other’s IP address! Rick Graziani graziani@cabrillo.edu 71 HubCity interface Serial0 ip address 172.16.1.2 255.255.255.0 encapsulation frame-relay (Inverse-ARP still works here) Frame-Relay Map Statements Headquarters Hub City Spokane interface Serial0 ip address 172.16.1.1 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.3 102 frame-relay map ip 172.16.1.2 102 Spokomo interface Serial0 ip address 172.16.1.3 255.255.255.0 encapsulation frame-relay frame-relay map ip 172.16.1.1 211 frame-relay map ip 172.16.1.2 211 DLCI 101 DLCI 112 172.16.1.2 Frame Relay Network DLCI 102 172.16.1.1 Satellite Office 1 Spokane DLCI 211 172.16.1.3 Satellite Office 2 Spokomo Solution: Do not mix IARP with Frame Relay maps statements. If need be use Frame-Relay map statements instead of IARP. Rick Graziani graziani@cabrillo.edu 72 Reachability issues with routing updates Frame Relay is an NBMA Network • An NBMA network is a multiaccess network, which means more than • • • • two nodes can connect to the network. Ethernet is another example of a multiaccess architecture. In an Ethernet LAN, all nodes see all broadcast and multicast frames. However, in a nonbroadcast network such as Frame Relay, nodes cannot see broadcasts of other nodes unless they are directly connected by a virtual circuit. This means that Branch A cannot directly see the broadcasts from Branch B, because they are connected using a hub and spoke topology. Rick Graziani graziani@cabrillo.edu 73 Reachability issues with routing updates Split Horizon prohibits routing updates received on an interface from exiting that same interface. • The Central router must receive the broadcast from Branch A and then • • send its own broadcast to Branch B. In this example, there are problems with routing protocols because of the split horizon rule. A full mesh topology with virtual circuits between every site would solve this problem, but having additional virtual circuits is more costly and does not scale well. Rick Graziani graziani@cabrillo.edu 74 Reachability issues with routing updates Split Horizon prohibits routing updates received on an interface from exiting that same interface. • Using a hub and spoke topology, the split horizon rule reduces the • • • • chance of a routing loop with distance vector routing protocols. It prevents a routing update received on an interface from being forwarded through the same interface. If the Central router learns about Network X from Branch A, that update is learned via S0/0. According to the split horizon rule, Central could not update Branch B or Branch C about Network X. This is because that update would be sent out the S0/0 interface, which is the same interface that received the update. Rick Graziani graziani@cabrillo.edu 75 One Solution: Disable Split Horizon Router(config-if)#no ip split-horizon Router(config-if)#ip split-horizon • To remedy this situation, turn off split horizon for IP. • When configuring a serial interface for Frame Relay encapsulation, • • • split horizon for IP is automatically turned off. Of course, with split horizon disabled, the protection it affords against routing loops is lost. Split horizon is only an issue with distance vector routing protocols like RIP, IGRP and EIGRP. It has no effect on link state routing protocols like OSPF and IS-IS. Rick Graziani graziani@cabrillo.edu 76 Another Solution for split horizon issue: subinterfaces • To enable the forwarding of broadcast routing updates in a Frame • • • • • Relay network, configure the router with subinterfaces. Subinterfaces are logical subdivisions of a physical interface. In split-horizon routing environments, routing updates received on one subinterface can be sent out on another subinterface. With subinterface configuration, each PVC can be configured as a point-to-point connection. This allows each subinterface to act similar to a leased line. This is because each point-to-point subinterface is treated as a separate physical interface. Rick Graziani graziani@cabrillo.edu 77 Mulitpoint Point-to-point • A key reason for using subinterfaces is to allow distance vector routing • protocols to perform properly in an environment in which split horizon is activated. There are two types of Frame Relay subinterfaces. – Point-to-point – multipoint Rick Graziani graziani@cabrillo.edu 78 Mulitpoint Point-to-point • Physical interfaces: With a hub and spoke topology Split Horizon will • • prevent the hub router from propagating routes learned from one spoke router to another spoke router. Point-to-point subinterfaces: Each subinterface is on its own subnet. Broadcasts and Split Horizon not a problem because each point-topoint connection is its own subnet. Multipoint subinterfaces: All participating subinterfaces would be in the same subnet. Broadcasts and routing updates are also subject to the Split Horizon Rule and may pose a problem. Rick Graziani graziani@cabrillo.edu 79 Configuring Frame Relay subinterfaces RTA(config)#interface s0/0 RTA(config-if)#encapsulation frame-relay ietf Router(config-if)#interface serial number subinterface-number {multipoint | point-to-point} Router(config-subif)# frame-relay interface-dlci dlci-number • Subinterface can be configured after the physical interface has been • • • • configured for Frame Relay encapsulation Subinterface numbers can be specified in interface configuration mode or global configuration mode. subinterface number can be between 1 and 4294967295. At this point in the subinterface configuration, either configure a static Frame Relay map or use the frame-relay interface-dlci command. The frame-relay interface-dlci command associates the selected subinterface with a DLCI. Rick Graziani graziani@cabrillo.edu 80 Configuring Frame Relay subinterfaces • The frame-relay interface-dlci command is required for all • • • point-to-point subinterfaces. It is also required for multipoint subinterfaces for which inverse ARP is enabled. It is not required for multipoint subinterfaces that are configured with static route maps. It can not be used on physical interfaces. Rick Graziani graziani@cabrillo.edu 81 Show frame-relay map Point-to-point subinterfaces are listed as a “point-to-point dlci” Router#show frame-relay map Serial0.1 (up): point-to-point dlci, dlci 301 (0xCB, 0x30B0), broadcast status defined, active With multipoint subinterfaces, they are listed as an inverse ARP entry, “dynamic” Router#show frame-relay map Serial0 (up): ip 172.30.2.1 dlci, 301 (0x12D, 0x48D0), dynamic,, broadcast status defined, active Rick Graziani graziani@cabrillo.edu 82 Point-to-point Subinterfaces Mulitpoint Point-to-point Point-to-point subinterfaces are like conventional point-to-point interfaces (PPP, …) and have no concept of (do not need): • Inverse-ARP • mapping of local DLCI address to remote network address (frame-relay map statements) Frame-Relay service supplies multiple PVCs over a single physical interface and point-to-point subinterfaces subdivide each PVC as if it were a physical point-to-point interface. Point-to-point subinterfaces completely bypass the local DLCI to remote network address mapping issue. Rick Graziani graziani@cabrillo.edu 83 Point-to-point Subinterfaces Mulitpoint Point-to-point With point-to-point subinterfaces you: • Cannot have multiple DLCIs associated with a single point-to-point subinterface • Cannot use frame-relay map statements • Cannot use Inverse-ARP • Can use the frame-relay interface dlci statement (for both point-topoint and multipoint) Rick Graziani graziani@cabrillo.edu 84 Point-to-point Subinterfaces Each subinterface is on a separate network or subnet with a single remote router at the other end of the PVC. 172.30.1.0/24 172.30.2.0/24 172.30.3.0/24 Rick Graziani graziani@cabrillo.edu 85 172.30.1.1/24 172.30.2.1/24 172.30.3.1/24 S0 S1 S2 172.30.1.2/24 172.30.2.2/24 172.30.3.2/24 Site A Site B Site C • Point-to-point subinterfaces are equivalent to using multiple physical “point to point” interfaces. Rick Graziani graziani@cabrillo.edu 86 Point-to-point Subinterfaces • A single subinterface is used to establish one PVC connection to another physical or subinterface on a remote router. • In this case, the interfaces would be: – In the same subnet and – Each interface would have a single DLCI • Each point-to-point connection is its own subnet. • In this environment, broadcasts are not a problem because the routers are point-to-point and act like a leased line. Rick Graziani graziani@cabrillo.edu 87 Point-to-point Subinterfaces Point-to-point subinterface configuration, minimum of two commands: Router(config)# interface Serial0.1 point-to-point Router(config-subif)# frame-relay interface-dlci dlci Rules: 1. No Frame-Relay map statements can be used with point-to-point subinterfaces. 2. One and only one DLCI can be associated with a single point-to-point subinterface By the way, encapsulation is done only at the physical interface: interface Serial0 no ip address encapsulation frame-relay Rick Graziani graziani@cabrillo.edu 88 Each subinterface on Hub router requires a separate subnet (or network) • Each subinterface on Hub router is treated like a regular physical point-to-point interface, so split horizon does not need to be disabled. Point-to-Point Subinterfaces at the Hub and Spokes Headquarters Hub City Interface Serial0 (for all routers) encapsulation frame-relay no ip address DLCI 301 HubCity interface Serial0.1 point-to-point ip address 172.16.1.1 255.255.255.0 encapsulation frame-relay frame-relay interface dlci 301 Serial 0.1 172.16.1.1/24 DLCI 302 Serial 0.2 172.16.2.1/24 Frame Relay Network interface Serial0.2 point-to-point ip address 172.16.2.1 255.255.255.0 encapsulation frame-relay frame-relay interface dlci 302 DLCI 103 Spokane interface Serial0.1 point-to-point ip address 172.16.1.2 255.255.255.0 frame-relay interface dlci 103 Spokomo interface Serial0.1 point-to-point ip address 172.16.2.2 255.255.255.0 frame-relay interface dlci 203 Rick Graziani graziani@cabrillo.edu Serial 0.1 172.16.1.2/24 DLCI 203 Two subnets Satellite Office 1 Spokane Serial 0.1 172.16.2.2/24 Satellite Office 2 Spokomo 89 Multipoint Subinterfaces Mulitpoint Point-to-point Share many of the same characteristics as a physical Frame-Relay interface With multipoint subinterface you can have: • can have multiple DLCIs assigned to it. • can use frame-relay map & interface dlci statements • can use Inverse-ARP Remember, with point-to-point subinterfaces you: • cannot have multiple DLCIs associated with a single point-to-point subinterface • cannot use frame-relay map statements • cannot use Inverse-ARP • (can use the frame-relay interface dlci statement for both point-to-point and multipoint) Rick Graziani graziani@cabrillo.edu 90 Multipoint subinterfaces Each subinterface is on a separate network or subnet but may have multiple connections, with a different DLCI for each connection. 172.30.1.0/24 172.30.2.0/24 172.30.3.0/24 Split horizon still an issue on each Multipoint subinterface. Rick Graziani graziani@cabrillo.edu 91 172.30.1.1/24 172.30.2.1/24 172.30.3.1/24 S0 S1 S2 172.30.1.2/24 172.30.3.3/24 Site A1 Site C2 172.30.3.2/24 172.30.1.3/24 Site A2 172.30.2.2/24 172.30.2.3/24 Site C1 Site B1 Site B2 • Multipoint subinterfaces are equivalent to using multiple physical “hub to spoke” interfaces. Rick Graziani graziani@cabrillo.edu 92 Notes • Highly scalable solution Multipoint subinterface at the Hub and Point-to-Point Subinterfaces at the Spokes • Disable Split Horizon on Hub router when running a distance vector routing protocol Headquarters Hub City Interface Serial0 (for all routers) encapsulation frame-relay no ip address DLCI 301 HubCity interface Serial0.1 mulitpoint ip address 172.16.3.3 255.255.255.0 frame-relay interface-dlci 301 frame-relay interface-dlci 302 no ip split-horizon DLCI 302 Serial 0 172.16.3.3 Frame Relay Network Spokane interface Serial0.1 point-to-point ip address 172.16.3.1 255.255.255.0 frame-relay interface-dlci 103 DLCI 103 Spokomo interface Serial0.1 point-to-point ip address 172.16.3.2 255.255.255.0 frame-relay interface-dlci 203 Serial 0 172.16.3.1 Satellite Office 1 Spokane Rick Graziani graziani@cabrillo.edu DLCI 203 One subnet Serial 0 172.16.3.2 Satellite Office 2 Spokomo 93 Ch. 5 – Frame Relay CCNA 4 version 3.0 Rick Graziani Cabrillo College