CiscoForums.it

I Have one Cisco 1721 with one card Model: WIC-1ADSL for Analogic connection to one ISP.
Recently I have bouth another card Model: WIC-1ADSL-I-DG for RDIS connection for another ISP.

I have configured both and when i put one interface is administratively shutdown example ATM0,
the ATM1 works well.

When I put the interface ATM1 in shutdown, the ATM0 works fine.

But when I put the two cards in no shutdown, only the card ATM1 (WIC-1ADSL-I-DG) works fine, the Virtual-Access1 is bound to Dialer2. But the ATM0 (WIC-1ADSL) don't work and don't have any Virtual-Access.

Do You Know any reason for this thing appends?
Could be The DRAM?
IOS is version 12.3

Note: I have found this thing in this forum
http://www.ciscoforums.it/viewtopic.php?p=4704
maybe could happend the same in 1721?

Hi.
First of all, I'd like to inform you this is an italian forum. I have no problem in answering your questions, but I'd like you to know you won't get much attention from most members as far as you speak english.
There's no real reason for the router not bringing up both at the same time. BUT, one thing for sure, both links bring to 0.0.0.0 and this means, as far as your provider doesn't offer you a protocol to share the load, one link will work, and the other will be used as backup line. If the main goes down, the other one will take care of the traffic.
If you post your configuration, maybe we could have a look.

Ciao,

You could talk in Italian i understand but, i have difficulties in writing.
Note that i have uma analogic line from one provider and one RDIS line from another provider.
And I don't wont to make load balancing i want to work independently with 2 VPN IPSec in one line and with 2 VPN IPSec in another line.
You are tellling me that it's not possible if we have diferent DSL and diferent providers?

Thank's

Rui Mané

Hello ruimane, have you tryed to configure both ATM interfaces and bring them up at the same time ?Can you show us the result of a sh run ?

Bye.

Here is the configuration without the VPN IPSec:


Cisco1721_VPN#sh running-config
Building configuration...

Current configuration : 3059 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1721_VPN
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$5Chi$0xErwA0wC385hUcy87H6V0
!
username adsl_router password xxxxxxxx
aaa new-model
!
!
aaa authorization network branch local
aaa session-id common
ip subnet-zero
no ip source-route
!
!
!
!
ip cef
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 3600
ip inspect name myfw udp timeout 3600
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
no scripting tcl init
no scripting tcl encdir
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/35
pppoe-client dial-pool-number 1
!
dsl operating-mode ansi-dmt
!
interface ATM1
no ip address
no atm ilmi-keepalive
pvc 0/35
pppoe-client dial-pool-number 2
!
dsl operating-mode auto tone low
!
interface FastEthernet0
ip address 172.31.51.252 255.255.0.0
speed auto
!
interface Dialer1
ip address 62.xx.xxx.xx 255.255.255.252
ip mtu 1492
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp pap sent-username USERNAME password
!
interface Dialer2
shutdown
ip address 83.yy.yyy.yy 255.255.255.252
ip mtu 1492
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 2
dialer-group 2
ppp pap sent-username USERNAME password
!
ip local pool testpool 10.0.0.2 10.0.0.10
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer2
no ip http server
ip http secure-server
!
dialer-list 1 protocol ip permit
dialer-list 2 protocol ip permit
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
no scheduler allocate
!
end


Thank's for all

Rui Mané

ruimane ha scritto:interface Dialer1
ip mtu 1492
ip tcp adjust-mss 1452

ruimane ha scritto:interface Dialer2
ip mtu 1492
ip tcp adjust-mss 1452

Why 1452 instead of 1500 ?

ruimane ha scritto:ip local pool testpool 10.0.0.2 10.0.0.10

?

ruimane ha scritto:ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 Dialer2

Two DG?It must work as Round Robin mode?


When you connect both ATM connection you can see two carrier?With one in shut the other work well?

Bye.

Ciao SithDrew

Question: ip tcp adjust-mss 1452?
Answer: This is recommended by for all the PC's in the LAN have Access to the Internet, becouse if you don't put this you must change the MTU(Maximum Transmission Unit) in the PC, with by example the sotware Dr. TCP utility that you can download in http://www.dslreports.com/front/drtcp.html

Question: ip local pool testpool 10.0.0.2 10.0.0.10?
Answer: this is becouse i have Dial-in to and i have a Virtual-template1 that i don't have put here. For users have remote access from home.

Question: ip route 0.0.0.0 0.0.0.0 Dialer1 and ip route 0.0.0.0 0.0.0.0 Dialer2?
Answer: this is for i test the ping from outside if the external ip in up and running after i finish this tests i will change the default GW only for 0.0.0.0 0.0.0.0 Dialer1 and put adicional routes for the others sites of the VPN, and i put also ip cef to make this.

Question: It must work as Round Robin mode?
Answer: No must work like 2 independent lines.

Question: When you connect both ATM connection you can see two carrier?With one in shut the other work well?
Answer: When i connect the two only one stay ok that is the Dialer2 that stay bound to Virtual-Access1.
When i put the ATM1 and Dialer2 in shutdown the Dialer1 bound to Virtual-access1 and stay ok.
When i put the ATM0 and Dialer1 in shutdown the Dialer2 bound to Virtual-access1 and stay ok.

Thank's

Rui Mané

Answer: This is recommended by for all the PC's in the LAN have Access to the Internet, becouse if you don't put this you must change the MTU(Maximum Transmission Unit) in the PC, with by example the sotware Dr. TCP utility that you can download in http://www.dslreports.com/front/drtcp.html

Actually, under all the OSes I had to fight with, 1500 is the default. I can't see a reason for putting the mtu at 1492, unless the router is not able to reencapsulate the packets... which is hard to believe.
Actually I can't see a reason for this thing not to be working. The only, and unprobable reason I can see is... the two wan addresses are not in the same network, right? ok, that would be ridiculous... and this question is ridiculous too.

Maybe coul be from the DRAM?
The Cisco 1721 have:
FLASH -> 32MB (total) 20MB (free)
DRAM -> 64MB (total) 22MB (free)
This with the IOS version 12.3(2)XE and the card WIC-1ADSL running only.

In the specifications of the card (WIC-1ADSL-I-DG):
The Hardware Requirements are:
FLASH -> 16MB
DRAM -> 64MB

If we verify the DRAM free is only 22 MB. What you say about this?

Thank's

Don't think so. Have you verified my dumb question?

From the Link above:
PPPoE MTU Adjustment Command Syntax Change

The syntax of the ip adjust-mss command has changed to the following command syntax:

ip tcp adjust-mss mss

where mss must be 1452 or less to fix the PPPoE Maximum Transmission Unit (MTU) problem.

http://www.cisco.com/en/US/products/sw/ ... html#27409

From the Link above:

Troubleshooting MTU Size in PPPoE Dialin Connectivity (Becouse i have to Dialin in the 1721)

Why the MTU Size Must Be Changed

When a user requests a web site, a client/server negotiation occurs between the PC and the web server that hosts the web site. During the negotiation, a maximum MTU size is negotiated. Since the PC negotiates and its default MTU size is 1500 bytes (Windows 3x, 9x, NT, ME, and so forth), the web server negotiates an MTU size of 1500 bytes. Therefore, regardless of the MTU size you configure on the router, the web server still sends packets up to 1500 bytes in size.

The reason why some pages do not fully load is that the router fragments IP packets if the PC MTU is misconfigured and a packet greater than 1492 bytes is sent to the router. This fragmentation does not occur on the return path through the universal access concentrator (UAC) (Cisco 6400 or 7200). When the UAC receives a packet greater than 1492 bytes, the packet is dropped, and the UAC generates and sends an Internet Control Message Protocol (ICMP) message to the web server that sent the oversized packet. The ICMP informs the web server that it sent an oversized packet and that it needs to resend the packet with a smaller MTU.

http://www.cisco.com/warp/public/794/ro ... tml#topic4

Note: For this reason im going to try it only the
ip mtu 1500, and let stay the ip tcp adjust-mss 1452, i think it's this configuration that you want that i try?

Thank's

Rui Mané