Solved

Bridging 4 networks on 1 serial

Posted on 2002-05-24
10
283 Views
Last Modified: 2013-11-29
I currently have a 2 clients, they share 2 buildings connected via a serial (HDLC).  They both use IPX and wish to bridge their networks.  Here is a simple diagram:

Company A            Company B
  |                     |
  |                     |
Eth0                  Eth1
  |                     |
  -----Cisco 1605(1)-----
             |
          Serial 0
             |
           HDLC
             |
          Serial 0
             |
  -----Cisco 1605(2)-----
  |                     |
Eth0                  Eth1
  |                     |
Company A           Company B


Company A wishes to bridge their network together so they don't have to purchase another novell server to handle the IPX on the other network.  The same goes for company B.

Is this possible with a cisco 1605?  And how is it done?  Is there a way to add 2 bridge groups to 1 serial port in a cisco 1605?







0
Comment
Question by:seanselman
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 11

Expert Comment

by:geoffryn
Comment Utility
Why not route IPX and use the router to advertise the SAP on the remote network?
0
 

Author Comment

by:seanselman
Comment Utility
Both companies have their own networks and should not be able to see each others.  We need to have 2 seperate bridge groups (one for each company), both on the same serial 0 interface.

Basically, is there a way to put 2 bridge groups on serial 0 of a cisco 1605?
0
 
LVL 11

Expert Comment

by:geoffryn
Comment Utility
I get it.  You can definitely do this using frame relay and subinterfaces.  I assume that you are using PPP?
0
 

Author Comment

by:seanselman
Comment Utility
We know you can with frame relay.  This is a serial HDLC private leased line.
0
 

Expert Comment

by:helmet_js
Comment Utility
1) IPX + Bridging Across a T1 == BAD
2) 1600 Series routers support "up to T1" but for this application a 1605 is a bit small.
3) Route IPX and apply an access-list to every ethernet interface.  Keep the access-list very simple.  Use ipx sap commands to advertise services at the other site.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:seanselman
Comment Utility
We understand the performance shortcomings.  The client has been advised none the less, wants to know if this is possible to put 2 bridge groups on serial 0 of a cisco 1605.
0
 
LVL 1

Expert Comment

by:mmedwid
Comment Utility
I don't get the objection to routing if they're already comfortable with have the traffic of each other terminating to the same router. (A truly strange security decision.) To keep each company for seeing the advertisements of the other - just put in some access lists and off they go.  ??
0
 

Accepted Solution

by:
helmet_js earned 200 total points
Comment Utility
There is no way with a ptp using HDLC (or ppp)encapsulation that you can segment 2 bridge-groups.  It would "work" across Frame Relay or ATM because there is a mechanism to segment the physical link into logical links using pvc's.  So even if one were able to have a a ptp hdlc link assigned to 2 bridge-groups it would essentially be one bridge group anyway.

Having that been said, there is one option that you could consider if you are still stuck on bridging (which is a bad IDEA) and that would be the use of 2 GRE tunnels and bridge your IPX inside of IP. In this case there would not be anything special configured on the serial interface (just an IP address).  You would probabably want to create 2 loopback interfaces on each router so each tunnel can have a seperate orginating and destination address. The tunnels would be pretty simple to setup.  

example tunnel config (I hope I didn't leave anything out)
site 1

interface ethernet 0
IPX junk Cust A here
brige-group 1
!
interface ethernet 1
IPX junk Cust B here
brige-group 2
!
interface serial 0
encapsulation hdlc
ip address 192.168.1.9 255.255.255.252
!
interface loopback1
ip address 192.168.1.2 255.255.255.255
!
interface loopback2
ip address 192.168.1.3 255.255.255.255

interface tunnel 1
tunnel source loopback1
tunnel destination 192.168.1.4 255.255.255.255
bridge-group 1
!
interface tunnel 2
tunnel source loopback1
tunnel destination 192.168.1.5 255.255.255.255
bridge-group 2
!
ip route 192.168.1.2 255.255.255.254 192.168.1.10
bridge 1 bridge ieee
bridge 2 bridge ieee

site 2

interface ethernet 0
IPX junk Cust A here
brige-group 1
!
interface ethernet 1
IPX junk Cust B here
brige-group 2
!
interface serial 0
encapsulation hdlc
ip address 192.168.1.10 255.255.255.252
!
interface loopback1
ip address 192.168.1.4 255.255.255.255
!
interface loopback2
ip address 192.168.1.5 255.255.255.255

interface tunnel 1
tunnel source loopback1
tunnel destination 192.168.1.2 255.255.255.255
bridge-group 1
!
interface tunnel 2
tunnel source loopback1
tunnel destination 192.168.1.3 255.255.255.255
bridge-group 2
!
ip route 192.168.1.4 255.255.255.254 192.168.1.9
bridge 1 bridge ieee
bridge 2 bridge ieee
0
 
LVL 79

Expert Comment

by:lrmoore
Comment Utility
helmet_js,
I like the way you think. This is a possible workaround without adding much workload on the 1605's.

However, in your config, did you intend to use different tunnel souces for the tunnel interfaces, i.e.:

interface tunnel 1
 tunnel source loopback 1

interface tunnel 2
 tunnel source loopback 2


0
 

Author Comment

by:seanselman
Comment Utility
I was thinking along the same lines...  I was just wondering if there was another way.
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Join & Write a Comment

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now