|
|
This chapter describes the commands required to configure global dialer lists required for preparing the router to bridge or route over a dial-on-demand link.
For other commands required to prepare the router to bridge or route over dial-on-demand links, see the "Transparent Bridging" chapter of the Bridging and IBM Routing Command Reference, and the relevant protocol chapters of the Network Protocols Command Reference, Part 1, Network Protocols Command Reference, Part 2, and Network Protocols Command Reference, Part 3.
For preparation tasks and examples, refer to the "Deciding and Preparing to Configure DDR" chapter in the Dial Solutions Configuration Guide, and the relevant protocol chapters of the Network Protocols Configuration Guide, Part 1, Network Protocols Configuration Guide, Part 2, and Network Protocols Configuration Guide, Part 3.
To define a DDR dialer list to control dialing by protocol or by a combination of a protocol and a previously defined access list, use the dialer-list protocol global configuration command. To delete a dialer list, use the no form of this command.
dialer-list dialer-group protocol protocol-name {permit | deny | list access-list-number || dialer-group | Number of a dialer access group identified in any dialer-group interface configuration command. |
| protocol-name | One of the following protocol keywords: appletalk, bridge, clns, clns_es, clns_is, decnet, decnet_router-L1, decnet_router-L2, decnet_node, ip, ipx, vines, or xns. |
| permit | Permits access to an entire protocol. |
| deny | Denies access to an entire protocol. |
| list | Specifies that an access list will be used for defining a granularity finer than an entire protocol. |
| access-list-number | Access list numbers specified in any DECnet, Banyan VINES, IP, Novell IPX, or XNS standard or extended access lists, including Novell IPX extended service access point (SAP) access lists and bridging types. See Table 102 for the supported access list types and numbers. |
| access-group | Filter list name used in the clns filter-set and clns access-group commands. |
No dialer lists are defined.
Global configuration
This command first appeared in Cisco IOS Release 10.0. The list command and access-list-number and access-group arguments first appeared in Cisco IOS Release 10.3.
The various no forms of this command have the following effects:
The dialer-list protocol form of this command permits or denies access to an entire protocol. The dialer-list protocol list form of this command provides a finer permission granularity and also supports protocols that were not previously supported.
Table 102 lists the access list types and numbers that the dialer-list protocol list command supports. The table does not include ISO CLNS because that protocol uses filter names instead of predefined access list numbers.
| Access List Type | Access List Number Range (decimal) |
|---|---|
| AppleTalk | 600-699 |
| Banyan VINES (standard) | 1-100 |
| Banyan VINES (extended) | 101-200 |
| DECnet | 300-399 |
| IP (standard) | 1-99 |
| IP (extended) | 100-199 |
| Novell IPX (standard) | 800-899 |
| Novell IPX (extended) | 900-999 |
| Transparent Bridging | 200-299 |
| XNS | 500-599 |
Dialing occurs when an interesting packet (one that matches access list specifications) needs to be output on an interface. Using the standard access list method, packets can be classified as interesting or uninteresting. In the following example, IGRP TCP/IP routing protocol updates are not classified as interesting and do not initiate calls:
access-list 101 deny igrp 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.0
The following example classifies all other IP packets as interesting and permits them to initiate calls:
access-list 101 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
Then the following command places list 101 into dialer access group 1:
dialer-list 1 protocol ip list 101
In the following example, DECnet access lists allow any DECnet packets with source area 10 and destination area 20 to trigger calls:
access-list 301 permit 10.0 0.1023 10.0 0.1023 access-list 301 permit 10.0 0.1023 20.0 0.1023
Then the following command places access list 301 into dialer access group 1:
dialer-list 1 protocol decnet list 301
In the following example, both IP and VINES access lists are defined. The IP access lists define IGRP packets as uninteresting, but permits all other IP packets to trigger calls. The VINES access lists do not allow Routing Table Protocol (RTP) routing updates to trigger calls, but allow any other data packets to trigger calls.
access-list 101 deny igrp 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 access-list 101 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 ! vines access-list 107 deny RTP 00000000:0000 FFFFFFFF:FFFF 00000000:0000 FFFFFFFF:FFFF vines access-list 107 permit IP 00000000:0000 FFFFFFFF:FFFF 00000000:0000 FFFFFFFF:FFFF
Then the following two commands place the IP and VINES access lists into dialer access group 1:
dialer-list 1 protocol ip list 101 dialer-list 1 protocol vines list 107
In the following example, a Connectionless Network Service (CLNS) filter is defined and then the filter is placed in dialer access group 1:
clns filter-set ddrline permit 47.0004.0001.... ! dialer-list 1 protocol clns list ddrline
You can use the master indexes or search online to find documentation of related commands.
access-list
clns filter-set
dialer-group
vines access-list
|
|