dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
7094
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to wxmanmichael

MVM

to wxmanmichael

Re: [Config] Configuration 867VAE-K9 PPPoA CenturyLink

@bigsy
Thanks for clarifying that man!
said by wxmanmichael:

I turned to Cisco's PAGP, found it was proprietary and limited to connections between Cisco NE's but also discovered that it's described as "logical aggregation of Ethernet switch ports."

Suffice to say PAGP is Cisco-proprietary and best used if all your gear is Cisco. LACP is the IEEE-standard version.
The end result -- binding multiple xEthernet interfaces together logically -- is the same.

If that was a Cisco IOS switch (29xx / 35xx / 37xx series) you had in your diagram, I suspect you could set a PAGP
channel between your 867 and it easily.

Regards

wxmanmichael
Premium Member
join:2014-05-15
Minneapolis, MN

wxmanmichael to bigsy

Premium Member

to bigsy
That's perfect. It illustrates the use of those interfaces very clearly. Someone like me, without experience of using and configuring these labeled interfaces, may be as hard pressed to untangle Cisco configuration as possibility from understanding networking terms (like, "GE," "Fast Ethernet," different protocols, and even how a DSLAM operates.

The difference between theoretical knowledge (and I have too much of that) and the way that theoretical knowledge is implemented in Cisco gear (and I have very little of that) is profound. I certainly can't blame Cisco since it makes the CPE and can define it in any manner it judges to be convenient.

But it is challenging until a Cisco "ignoramus" like me gains a foothold!

Thanks, bigsy!
wxmanmichael

wxmanmichael to aryoba

Premium Member

to aryoba
Thanks aryoba! I'd like to toss all my non-Cisco CPE into the waste basket and replace it with Cisco equipment! Next time, Cisco. This may be the answer to the NIC-bonding process in Linux. This is also the kind of resource that's so vital but which never seems to appear in a search engine!

If these resources don't appear near the top (or near the bottom, either), I guess the only reason for the dreck to reappear are the commercial coding in the Web page. Somehow, we need to bring back paper documentation!
HELLFIRE
MVM
join:2009-11-25

HELLFIRE

MVM

I learned long ago...

documentation n. From an ancient and obscure dialect that translates roughly as "for some other poor schmuck to do."

*sighs*

Regards

wxmanmichael
Premium Member
join:2014-05-15
Minneapolis, MN

wxmanmichael

Premium Member

Click for full size
network6.jpg
(Realized again that this forum doesn't seem to keep drafts! So, here goes again!)

After Hellfire's notes regarding the Cisco 867 interfaces I realized I could create a layout much better suited to my needs and one utilizing the Cisco much more completely. I enclosed an abbreviated scan, BTW.

This layout uses the switched interfaces (FE0 - FE3) for the public subnetwork. It feeds the WiFi zone, the DMZ and other NEs I use or may add. The routed interfaces (GE0 - GE1) are then used for the private subnetwork. In previous layouts, the 867 was used mostly as an ATU-R and was situated on the edge. This layout moves the ATU-R concept to the edge but moves the 867's capacities into the center of the networks' functions.

At the same time, the 867 moves as close to the DSLAM (at least in logical form) as possible. That means I may be able to utilize LCAP (or whatever those letters may be...) and still use NIC bonding within my network. It requires using IOS NAT/PAT, ACL, and firewall capacities but that's an efficiency as long as I also can use iptables within these two subnetworks.

The 867 now functions as a managed switch, as a router, and as a gateway (I think), and I suspect it's the way it's intended. If I decided to increase throughput and/or speed in the future, this is a concept I can retain even if I need to replace CPE with more capacity. This layout also offers more security.

I still won't be able to keep out the Chinese and the NSA (as if they care...) but I can buttress security in the future. Besides, this is complex enough that I'm think of starting a "Networking School" with the NSA as students... Nah, just kidding!!
HELLFIRE
MVM
join:2009-11-25

HELLFIRE to wxmanmichael

MVM

to wxmanmichael
Guessing this is where you drop the bombshell on us and ask "how do I configure this," huh? :)

Just to check about LACP capability on the switch interfaces, go into config mode on the 867 and try this :

router#
config t
interface port-channel ?
 

-or-

router#
config t
int fasteth [0 - 3]
channel-group ?
 

and see if it takes either command. If it does, you should be in business for LACP.

Regards

wxmanmichael
Premium Member
join:2014-05-15
Minneapolis, MN

wxmanmichael

Premium Member

Well, how about that! It takes the first one and give me an error only when I didn't follow the command with an argument. Good deal!

I wasn't going to drop any bombshells, but I appreciate it! It sure gives me even more flexibility! I love it!
wxmanmichael

wxmanmichael to HELLFIRE

Premium Member

to HELLFIRE
Well put re: documentation. Writing (clearly) is hard work. VERY hard work! No wonder I put it off until right before the due date in 8th grade through sophomore year as undergraduate!
wxmanmichael

wxmanmichael

Premium Member

I'm back to being stupid again! I'm following the Cisco configuration example related to the 860-880 routers at www.cisco.com/c/en/us/td/docs/routers/access/800/860-880-890/software/configuration/guide/SCG880-860/routconf.html#98631 and running into a problem. Perhaps the best way to move ahead is to clear the configuration I have entered but let me ask in addition: here's the error I receive:

mrciscorouter(config)#interface atm0.1 point-to-point
mrciscorouter(config-subif)#ip address 208.42.28.45 255.255.255.248
% 208.42.28.40 overlaps with ATM0
mrciscorouter(config-subif)#
Obviously the two interfaces (ATM0 and ATM0.1) have the same IP address BUT why is there an "ATM0" and an "ATM0.1"? Which of the interface designations is the proper reference? (I have a block of addresses: 208.42.28.40/29)
aryoba
MVM
join:2002-08-22

aryoba

MVM

As I stated in early post that the 208.42.28.40/29 subnet was your LAN; therefore it ought not to be assigned under the WAN interface which was the ATM. Instead the subnet has to be within your internal network, as NAT-ed IP subnet, or assigned on some router's VLAN or GE interfaces.