|
|
Cisco's serial tunnel (STUN) feature allows Synchronous Data Link Control (SDLC) or High-Level Data-Link Control (HDLC) devices to connect to one another through a multiprotocol internetwork rather than through a direct serial link. STUN encapsulates SDLC frames in either the Transmission Control Protocol/Internet Protocol (TCP/IP) or the HDLC protocol. STUN provides a straight pass-through of all SDLC traffic (including control frames, such as Receiver Ready) end-to-end between Synchronous Network Architecture (SNA) devices.
Cisco's SDLC Local Acknowledgment provides local termination of the SDLC session, so that control frames no longer travel the WAN backbone networks. This means end nodes do not time out, and a loss of sessions does not occur. You can configure your network with STUN, or with STUN and SDLC Local Acknowledgment. To enable SDLC Local Acknowledgment, routers must first be enabled for STUN and configured to appear on the network as primary or secondary SDLC nodes. TCP/IP encapsulation must be enabled. Cisco's SDLC Transport feature also provides priority queuing for TCP encapsulated frames.
Use the commands in this chapter to configure STUN and SDLC Local Acknowledgment networks. For STUN configuration information and examples, refer to the "Configuring STUN" chapter in the Router Products Configuration Guide.
Use the encapsulation stun interface configuration command to enable STUN encapsulation on a specified serial interface.
encapsulation stunThis command has no arguments or keywords.
Disabled
Interface configuration
You must use this command to enable STUN on an interface. Before using this command, complete the following two tasks:
After using the encapsulation stun command, use the stun group command to place the interface in the previously defined protocol group.
This partial configuration example shows how to enable interface serial 5 for STUN traffic:
! sample stun peer name and stun protocol-group global commands
stun peer-name 131.108.254.6
stun protocol-group 2 sdlc
!
interface serial 5
! sample ip address command
no ip address
! enable the interface for STUN; must specify encapsulation stun
! command to further configure the interface
encapsulation stun
! place interface serial 5 in previously defined STUN group 2
stun group 2
! enter stun route command
stun route 7 tcp 131.108.254.7
stun group
stun peer-name
stun protocol-group
Use the locaddr-priority-list interface configuration command to establish queuing priorities based upon the address of the logical unit (LU). Use the no form of this command to cancel all previous assignments.
locaddr-priority-list list-number address-number queue-keyword| list-number | Arbitrary integer between 1 and 10 that identifies the LU address priority list. |
| address-number | Value of the LOCADDR= parameter on the LU macro, which is a 1-byte address of the LU in hexadecimal. |
| queue-keyword | Priority queue type: high, medium, normal, or low. |
No queuing priorities are established.
Interface configuration
The following example shows how to establish queuing priorities based on the address of the serial link on a STUN connection. Note that you must use the priority-group interface configuration command to assign a priority group to an input interface:
stun peer-name 131.108.254.6
stun protocol-group 1 sdlc
!
interface serial 0
no ip address
encapsulation stun
stun group 1
stun route address 4 interface serial 0 direct
locaddr priority 1
priority-group 1
!
locaddr-priority-list 1 02 high
locaddr-priority-list 1 03 high
locaddr-priority-list 1 04 medium
locaddr-priority-list 1 05 low
priority-group
Use the priority-group interface configuration command to assign a priority group to an interface. Use the no form of this command to remove assignments.
priority-group list-number| list-number | Priority list number assigned to the interface |
No priority group is assigned.
Interface configuration
The following example shows how to establish queuing priorities based on the address of the serial link on a STUN connection. Note that you must use the priority-group list interface configuration command to assign a priority group to an output interface.
! sample stun peer-name global command
stun peer-name 131.108.254.6
! sample protocol-group command for reference
stun protocol-group 1 sdlc
!
interface serial 0
! disable the ip address for interface serial 0
no ip address
! enable the interface for STUN
encapsulation stun
! sample stun group command
stun group 2
! sample stun route command
stun route address 10 tcp 131.108.254.8 local-ack priority
!
! assign priority group 1 to the input side of interface serial 0
priority-group 1
! assign a low priority to priority list 1 on serial link identified
! by group 2 and address A7
priority-list 1 stun low address 2 A7
locaddr-priority-list
priority-list ip tcp
priority-list stun address
Use the priority-list protocol ip tcp global configuration command to establish STUN queuing priorities based on the TCP port. Use the no form of this command to revert to normal priorities.
priority-list list-number protocol ip queue-keyword tcp tcp-port-number| list-number | Arbitrary integer between 1 and 10 that identifies the priority list selected by the user. |
| queue-keyword | Priority queue type: high, medium, normal, or low. |
| tcp-port-number | STUN port and priority settings are as follows: high (1994), medium (1990), normal (1991), and low (1992). |
Normal queue
Global configuration
Use the priority-list stun address command first. Priority settings created with this command are assigned to SDLC ports.
In the following example, queuing priority for address C1 using priority list 1 is set to high. A priority queue of high is assigned to the SDLC port (1994).
priority-list 1 stun high address 1 C1
priority-list 1 ip high tcp 1994
priority group
priority-list stun address
Use the priority-list stun address global configuration command to establish STUN queuing priorities based on the address of the serial link. Use the no form of this command to revert to normal priorities.
priority-list list-number stun queue-keyword address group-number address-number| list-number | Arbitrary integer between 1 and 10 that identifies the priority list selected by the user. |
| queue-keyword | Priority queue type: high, medium, normal, or low. |
| group-number | Group number that is used in the stun group command. |
| address-number | Address of the serial link. For an SDLC link, the format is a 1-byte hex value (for example, C1). For a non-SDLC link, the address format can be specified by the stun schema command. |
Normal queue
Global configuration
The priority-list command is described in greater detail in the "System Management Commands" chapter.
In the following example, queuing priority for address C1 using priority list 1 is set to high.
priority-list 1 stun high address 1 C1
priority-list ip tcp
stun group
stun schema offset length format
Use the show stun privileged EXEC command to display the current status of STUN connections.
show stunThis command has no arguments or keywords.
Privileged EXEC
The following is sample output from the show stun command:
router# show stun
This peer: 131.108.10.1
Serial0 -- 3174 Controller for test lab (group 1 [sdlc]) state rx_pkts tx_pkts drops poll
7[ 1] IF Serial1 open 20334 86440 5 8P
10[ 1] TCP 131.108.8.1 open 6771 7331 0
all[ 1] TCP 131.108.8.1 open 612301 2338550 1005
In the display, the first entry reports proxy polling enabled for address 7 and that Serial 0 is running with modulus 8 on the primary side of the link. The link has received 20,334 packets, transmitted 86,440 packets, and dropped 5 packets.
Table 23-1 describes significant fields shown in the output.
| Field | Description |
|---|---|
| This peer | Lists the peer-name or address. The interface name (as defined by the description command), its STUN group number, and the protocol associated with the group are shown on the header line. |
| STUN address | Address or the word all if the default forwarding entry is specified, followed by a repeat of the group number given for the interface. |
| Type of link | Description of link, either a serial interface using Serial Transport (IF followed by interface name), or a TCP connection to a remote router (TCP followed by IP address). |
| state | State of the link: open is the normal, working state; direct indicates a direct link to another line, as specified with the direct keyword on the stun route command. |
| rx_pkts | Number of received packets. |
| tx_pkts | Number of transmitted packets. |
| drops | Number of packets that for whatever reason had to be dropped. |
| poll | Report of the proxy poll parameters, if any. P indicates a primary and S indicates a secondary node. The number before the letter is the modulus of the link. |
Use the stun group interface configuration command to place each STUN-enabled interface on a router in a previously defined STUN group. Use the no form of this command to remove an interface from a group.
stun group group-number| group-number | Integer in the range 1 through 255 |
Disabled
Interface configuration
Before using this command, complete the following steps: 1) enable STUN on a global basis with the stun peer-name command, 2) define the protocol group in which you want to place this interface with the stun protocol-group command, and 3) enable STUN on the interface using the encapsulation stun command.
Packets will only travel between STUN-enabled interfaces that are in the same group. Once a given serial link is configured for the STUN function, it is no longer a shared multiprotocol link. All traffic that arrives on the link will be transported to the corresponding peer as determined by the current STUN configuration.
The following example places serial interface 0 in STUN group 2, which is defined to run the SDLC transport:
! sample stun peer-name global command
stun peer-name 131.108.254.6
! sample protocol-group command telling group 2 to use the SDLC protocol
stun protocol-group 2 sdlc
!
interface serial 0
! sample ip address subcommand
no ip address
! sample encapsulation stun subcommand
encapsulation stun
! place interface serial0 in previously defined STUN group 2
stun group 2
! enter stun route command
stun route 7 tcp 131.108.254.7
encapsulation stun
primary-list stun address
stun peer-name
stun protocol-group
Use the stun keepalive-count global configuration command to define the number of times to attempt a peer connection before declaring the peer connection to be down.
stun keepalive-count count| count | Number of connection attempts. The range is between 2 and 10 retries. |
Disabled
Global configuration
The following example sets the number of times to retry a connection to a peer to 4:
stun keepalive-count 4
stun remote-peer-keepalive
Use the stun peer-name global configuration command to enable STUN on IP addresses. Use the no form of this command to disable STUN on an IP address.
stun peer-name ip-address| ip-address | IP address by which this STUN peer is known to other STUN peers |
Disabled
Global configuration
You must use this command to enable any further STUN features. After using this command, complete the following steps:
Step 1 Define the protocol group in which you want to place this interface with the stun protocol-group command.
Step 2 Enable STUN on the interface using the encapsulation stun command.
Step 3 Place the interface in a STUN group with the stun group command.
The following example assigns IP address 131.108.254.6 as the STUN peer:
stun peer-name 131.108.254.6
encapsulation stun
stun group
stun protocol-group
Use the stun protocol-group global configuration command to create a protocol group. Use the no form of this command to remove an interface from the group.
stun protocol-group group-number basic | sdlc | schema [sdlc-tg]| group-number | Integer in the range 1 through 255. |
| sdlc | Indicates an SDLC protocol. |
| basic | Indicates a non-SDLC protocol. |
| schema | Indicates a custom protocol. |
| sdlc-tg | (Optional) Identifies the group as part of an SNA Transmission Group. |
No protocol group established.
Global configuration
Use the sdlc keyword to specify an SDLC protocol. You must specify either the sdlc or the sdlc-tg keyword before you can enable SDLC Local Acknowledgment. SDLC Local Acknowledgment is established with the stun route address tcp command.
Use the basic keyword to specify a non-SDLC protocol, such as HDLC.
Use the schema keyword to specify a custom protocol. (The custom protocol must have been previously created with the stun schema command.
Use the optional sdlc-tg keyword (in conjunction with the sdlc keyword) to establish an SNA transmission group. A transmission group is a set of protocol groups providing parallel links to the same pair of IBM establishment controllers. This provides redundancy of paths. In case one or more links go down, an alternate path will be used. All STUN connections in a transmission group must connect to the same IP address. SDLC Local Acknowledgment must be enabled.
The following example specifies that group 7 use the SDLC STUN protocol to route frames within that group:
stun protocol-group 7 sdlc
The following example specifies that group 5 use the basic protocol, wherein the serial addressing is unimportant and you have a point-to-point link:
stun protocol-group 5 basic
encapsulation stun
stun route address interface serial
stun route address tcp
stun schema
Use the stun remote-peer-keepalive global configuration command to enable detection of the loss of a peer.
stun remote-peer-keepalive seconds| seconds | Keepalive interval, in seconds. The range is 1 to 300 seconds. |
30 seconds
Global configuration
In the following example, the remote-peer-keepalive interval is set to 60 seconds:
stun remote-peer-keepalive 60
stun keepalive-count
Use the stun route address interface serial interface configuration command to forward all HDLC traffic of a serial interface. Use the no form of this command to disable this method of HDLC encapsulation.
stun route address address-number interface serial interface-number [direct]| address-number | Address of the serial interface. |
| interface-number | Number assigned to the serial interface. |
| direct | (Optional) Forwards all HDLC traffic on a direct STUN link. |
Disabled
Interface configuration
In the following example, serial frames with a stun-route address of 4 are forwarded through serial0 using HDLC encapsulation:
stun route address 4 interface serial0
In the following example, serial frames with stun-route address 4 are propagated through serial0 using STUN encapsulation:
stun route address 4 interface serial0 direct
stun route all interface serial
Use the stun route address tcp global configuration command to specify TCP encapsulation and optionally establish SDLC Local Acknowledgment (SDLC Transport) for STUN. Use the no form of this command to disable this method of TCP encapsulation.
stun route address address-number tcp ip-address [local-ack] [priority] [tcp-queue-max]| address-number | Number that conforms to TCP addressing conventions. |
| tcp | Specifies TCP encapsulation. |
| ip-address | IP address by which this STUN peer is known to other STUN peers that are using the TCP as the STUN encapsulation. |
| local-ack | (Optional) Enables Local Acknowledgment for STUN. |
| priority | (Optional) Establishes the four levels used in priority queuing: low, medium, normal, and high. |
| tcp-queue-max | (Optional) Sets the maximum size of the outbound TCP queue for the SDLC link. |
TCP encapsulation not established
TCP queue size default 100
Global configuration
SDLC Transport participates in SDLC windowing and retransmission through support of Local Acknowledgment. SDLC sessions require that end nodes send acknowledgments for a set amount of data frames received before allowing further data to be transmitted. Local Acknowledgment provides local termination of the SDLC session, so that control frames no longer travel the WAN backbone networks. This means end nodes do not time out, and a loss of sessions does not occur.
In the following example, a frame with a source-route address of 10 is propagated using TCP encapsulation to a device with an IP address of 131.108.8.1:
stun route address 10 tcp 131.108.8.1
stun route all tcp
Use the stun route all interface serial interface configuration command to encapsulate and forward all STUN traffic using HDLC encapsulation on a serial interface.
stun route all interface serial interface-number [direct]| interface-number | Number assigned to the serial interface. |
| direct | (Optional) Indicates that the specified interface is also a direct STUN link, rather than a serial connection to another peer. |
Disabled
Interface configuration
There must be an appropriately configured router on the other end of the designated serial line. The outgoing serial link still can be used for other kinds of traffic (the frame is not TCP encapsulated). This mode is used when TCP/IP encapsulation is not needed or when higher performance is required. Enter the serial line number connected to the router for the interface-number argument.
In the following example, all traffic on serial0 is propagated using STUN encapsulation:
! propagate serial frames through serial0 using STUN encapsulation
stun route all interface serial0
In the following example, serial1 is a direct STUN link, not a serial connection to another peer:
stun route all interface serial1 direct
stun route address interface serial
Use the stun route all tcp interface configuration command to use TCP encapsulation and forward all STUN traffic on an interface regardless of what address is contained in the serial frame.
stun route all tcp ip-address| ip-address | IP address by which this remote STUN peer is known to other STUN peers. Use the address that identifies the remote STUN peer that is connected to the far serial link. |
Disabled
Interface configuration
TCP/IP encapsulation allows movement of serial frames across arbitrary media types and topologies. This is particularly useful for building shared, multiprotocol enterprise network backbones.
In the following example, all STUN traffic received will be propagated through the bridge:
stun route all tcp 131.108.10.1
!
Use the stun schema offset length format global configuration command to define a protocol other than SDLC for use with STUN. Use the no form of this command to disable the new protocol.
stun schema name offset constant-offset length address-length format format-keyword| name | Name that defines your protocol. It can be up to 20 characters in length. |
| constant-offset | Constant offset, in bytes, for the address to be found in the frame. |
| address-length | Length in one of the following formats: decimal (4 bytes), hexadecimal (8 bytes) or octal (4 bytes). |
| format-keyword | Format to be used to specify and display addresses for routes on interfaces that use this STUN protocol. The allowable format keywords are decimal (0 through 9), hexadecimal (0 through F), and octal (0 through 7). |
Disabled
Global configuration
Use this command before defining the protocol group (stun protocol-group command). The serial protocol you define must meet the following criteria:
In the following example, a protocol named new-sdlc is created. In the protocol frame structure, the constant offset is 0, the address length is 1 byte, and the address format is hexadecimal:
stun schema new-sdlc offset 0 length 1 format hexadecimal
A dagger (+) indicates that the command is documented in another chapter.
priority-list stun +
stun protocol-group
Use the stun sdlc-role primary interface configuration command to assign the router the role of SDLC primary node. Primary nodes poll secondary nodes in a predetermined order.
stun sdlc-role primaryThis command has no arguments or keywords.
Disabled
Interface configuration
If the router is connected to a cluster controller, for example 3x74, the router should appear as a front-end processor (FEP) such as a 37x5, and must be assigned the role of a primary node.
interface serial 0
encapsulation stun
stun group 50
stun sdlc-role primary
encapsulation stun
stun sdlc-role secondary
Use the stun sdlc-role secondary interface configuration command to assign the router the role of SDLC secondary node. Secondary nodes respond to polls sent by the SDLC primary by transmitting any outgoing data they may have.
stun sdlc-role secondaryThis command has no arguments or keywords.
Unassigned
Interface configuration
If the router is connected to a front-end processor (FEP) for example 37x5, the router should appear as a cluster controller such as a 3x74, and must be assigned the role of a secondary node.
interface serial 0
encapsulation stun
stun group 50
stun sdlc-role secondary
encapsulation stun
stun sdlc-role primary
|
|