Solved

Bridging 4 networks on 1 serial

Posted on 2002-05-24
10
291 Views
Last Modified: 2013-11-29
I currently have a 2 clients, they share 2 buildings connected via a serial (HDLC).  They both use IPX and wish to bridge their networks.  Here is a simple diagram:

Company A            Company B
  |                     |
  |                     |
Eth0                  Eth1
  |                     |
  -----Cisco 1605(1)-----
             |
          Serial 0
             |
           HDLC
             |
          Serial 0
             |
  -----Cisco 1605(2)-----
  |                     |
Eth0                  Eth1
  |                     |
Company A           Company B


Company A wishes to bridge their network together so they don't have to purchase another novell server to handle the IPX on the other network.  The same goes for company B.

Is this possible with a cisco 1605?  And how is it done?  Is there a way to add 2 bridge groups to 1 serial port in a cisco 1605?







0
Comment
Question by:seanselman
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 11

Expert Comment

by:geoffryn
ID: 7032796
Why not route IPX and use the router to advertise the SAP on the remote network?
0
 

Author Comment

by:seanselman
ID: 7032914
Both companies have their own networks and should not be able to see each others.  We need to have 2 seperate bridge groups (one for each company), both on the same serial 0 interface.

Basically, is there a way to put 2 bridge groups on serial 0 of a cisco 1605?
0
 
LVL 11

Expert Comment

by:geoffryn
ID: 7032963
I get it.  You can definitely do this using frame relay and subinterfaces.  I assume that you are using PPP?
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:seanselman
ID: 7033074
We know you can with frame relay.  This is a serial HDLC private leased line.
0
 

Expert Comment

by:helmet_js
ID: 7033220
1) IPX + Bridging Across a T1 == BAD
2) 1600 Series routers support "up to T1" but for this application a 1605 is a bit small.
3) Route IPX and apply an access-list to every ethernet interface.  Keep the access-list very simple.  Use ipx sap commands to advertise services at the other site.
0
 

Author Comment

by:seanselman
ID: 7033235
We understand the performance shortcomings.  The client has been advised none the less, wants to know if this is possible to put 2 bridge groups on serial 0 of a cisco 1605.
0
 
LVL 1

Expert Comment

by:mmedwid
ID: 7033363
I don't get the objection to routing if they're already comfortable with have the traffic of each other terminating to the same router. (A truly strange security decision.) To keep each company for seeing the advertisements of the other - just put in some access lists and off they go.  ??
0
 

Accepted Solution

by:
helmet_js earned 200 total points
ID: 7033731
There is no way with a ptp using HDLC (or ppp)encapsulation that you can segment 2 bridge-groups.  It would "work" across Frame Relay or ATM because there is a mechanism to segment the physical link into logical links using pvc's.  So even if one were able to have a a ptp hdlc link assigned to 2 bridge-groups it would essentially be one bridge group anyway.

Having that been said, there is one option that you could consider if you are still stuck on bridging (which is a bad IDEA) and that would be the use of 2 GRE tunnels and bridge your IPX inside of IP. In this case there would not be anything special configured on the serial interface (just an IP address).  You would probabably want to create 2 loopback interfaces on each router so each tunnel can have a seperate orginating and destination address. The tunnels would be pretty simple to setup.  

example tunnel config (I hope I didn't leave anything out)
site 1

interface ethernet 0
IPX junk Cust A here
brige-group 1
!
interface ethernet 1
IPX junk Cust B here
brige-group 2
!
interface serial 0
encapsulation hdlc
ip address 192.168.1.9 255.255.255.252
!
interface loopback1
ip address 192.168.1.2 255.255.255.255
!
interface loopback2
ip address 192.168.1.3 255.255.255.255

interface tunnel 1
tunnel source loopback1
tunnel destination 192.168.1.4 255.255.255.255
bridge-group 1
!
interface tunnel 2
tunnel source loopback1
tunnel destination 192.168.1.5 255.255.255.255
bridge-group 2
!
ip route 192.168.1.2 255.255.255.254 192.168.1.10
bridge 1 bridge ieee
bridge 2 bridge ieee

site 2

interface ethernet 0
IPX junk Cust A here
brige-group 1
!
interface ethernet 1
IPX junk Cust B here
brige-group 2
!
interface serial 0
encapsulation hdlc
ip address 192.168.1.10 255.255.255.252
!
interface loopback1
ip address 192.168.1.4 255.255.255.255
!
interface loopback2
ip address 192.168.1.5 255.255.255.255

interface tunnel 1
tunnel source loopback1
tunnel destination 192.168.1.2 255.255.255.255
bridge-group 1
!
interface tunnel 2
tunnel source loopback1
tunnel destination 192.168.1.3 255.255.255.255
bridge-group 2
!
ip route 192.168.1.4 255.255.255.254 192.168.1.9
bridge 1 bridge ieee
bridge 2 bridge ieee
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 7035172
helmet_js,
I like the way you think. This is a possible workaround without adding much workload on the 1605's.

However, in your config, did you intend to use different tunnel souces for the tunnel interfaces, i.e.:

interface tunnel 1
 tunnel source loopback 1

interface tunnel 2
 tunnel source loopback 2


0
 

Author Comment

by:seanselman
ID: 7042355
I was thinking along the same lines...  I was just wondering if there was another way.
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Arrow Electronics was searching for a KVM  (Keyboard/Video/Mouse) switch that could display on one single monitor the current status of all units being tested on the rack.
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question