Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.
Solved
Cisco 1721 Paying for two t1's but only able to use 1 t1. Same provider on T's.
Posted on 2006-06-22
Looking for a solution to use 2nd t1. Currently it does not even hit 1% bandwith. Config could be worked on for possible solution? Current setup is as follows: 2 seperate t1 lines going into 2 wic cards on 1721 router....then to a switch...then to a pix 501. Serial 0 runs 95% consistenly, Serial 1 is pretty much dead 0%. Current config file below. Maybe I can get a 2nd router and throw in in the switch as well? As you can see I am clueless? Thank you
version 12.3
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HB1721RTR
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
!
!
ip tcp synwait-time 10
ip name-server 209.144.50.127
ip name-server 209.144.50.140
!
!
no ip bootp server
ip cef
!
!
!
!
interface FastEthernet0
description $FW_INSIDE$
ip address 64.243.182.65 255.255.255.224
no ip redirects
speed auto
full-duplex
no cdp enable
!
interface Serial0
description $FW_OUTSIDE$
ip address 64.240.176.242 255.255.255.248
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.240.176.241 211 broadcast IETF
frame-relay lmi-type ansi
!
interface Serial1
description $FW_OUTSIDE$
ip address 64.242.15.110 255.255.255.252
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.242.15.109 210 broadcast IETF
frame-relay lmi-type ansi
!
ip classless
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
access-list 1 permit 10.10.0.0 0.0.255.255
access-list 10 permit 64.243.182.66
access-list 10 permit 206.117.136.91
access-list 10 permit 206.117.136.88
access-list 101 remark SDM_ACL Category=17
access-list 101 permit udp host 209.144.50.140 eq domain any
access-list 101 permit udp host 209.144.50.127 eq domain any
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 593
access-list 101 deny tcp any any eq 4444
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 120 permit udp any any eq 1813
no cdp run
version 12.3
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HB1721RTR
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
!
!
ip tcp synwait-time 10
ip name-server 209.144.50.127
ip name-server 209.144.50.140
!
!
no ip bootp server
ip cef
!
!
!
!
interface FastEthernet0
description $FW_INSIDE$
ip address 64.243.182.65 255.255.255.224
no ip redirects
speed auto
full-duplex
no cdp enable
!
interface Serial0
description $FW_OUTSIDE$
ip address 64.240.176.242 255.255.255.248
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.240.176.241 211 broadcast IETF
frame-relay lmi-type ansi
!
interface Serial1
description $FW_OUTSIDE$
ip address 64.242.15.110 255.255.255.252
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.242.15.109 210 broadcast IETF
frame-relay lmi-type ansi
!
ip classless
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
access-list 1 permit 10.10.0.0 0.0.255.255
access-list 10 permit 64.243.182.66
access-list 10 permit 206.117.136.91
access-list 10 permit 206.117.136.88
access-list 101 remark SDM_ACL Category=17
access-list 101 permit udp host 209.144.50.140 eq domain any
access-list 101 permit udp host 209.144.50.127 eq domain any
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 593
access-list 101 deny tcp any any eq 4444
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 120 permit udp any any eq 1813
no cdp run
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
2
4 Comments
ok so looks like your route shows that everything is going out serial 0 is this provider the same for s0 as s1?
Thanks
Scott
Thanks
Scott
The default route is out serial 0 so if it is heading out of your network the router only sees one link... if the serial 1 is going to a different provider then you need to look into running BGP and that would help balance the load.
Thanks
Scott
Thanks
Scott
If you add a second equal cost default route using the other T1 you will get some outbound load balancing. You will need to talk to your provider about inbound load balancing.
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip route 0.0.0.0 0.0.0.0 64.242.15.109
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip route 0.0.0.0 0.0.0.0 64.242.15.109
CEF (Cisco Express Forwarding) is already enabled on your router and just add the 2 routes as mentioned above. Then call up your service provider and talk to them, say that 'you need load balancing done on these 2 links using cisco cef'. They will configure it on their side router. Once done, the traffic should go 50% split on each links...
Cheers,
Rajesh
Cheers,
Rajesh
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
We've been using the Cisco/Linksys RV042 for years as:
- an internet Gateway
- a site-to-site VPN device
- a leased line site-to-site subnet-to-subnet interface
(And, here I'm assuming that any RV0xx behaves the same way as an RV042. So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month7 days, 23 hours left to enroll
610 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.