Three identical Cisco 1760 routers for experimental purposes, interconnected via both 100 Mbps Ethernet and 128 kbps sync serial.
| Cisco1760-top | 2x WIC-2A/S, MOD1700-VPN |
|---|---|
| Cisco1760-mid | 1x WIC-2A/S, WIC-1DSU-T1-V2, VIC-2FXS, PVDM-256K-8 |
| Cisco1760-btm | 1x WIC-2A/S, WIC-1DSU-T1-V2, WIC-1E |
Cisco1760-top accepts X.25 PAD calls via Telebahn at 471041, as well as Telnet connections via dn42.
ciscoplug.sym) for remote reboot.
Cisco1760-top#show version Cisco IOS Software, C1700 Software (C1700-Y-M), Version 12.4(17a), RELEASE SOFTWARE (fc2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 07-Nov-07 11:00 by prod_rel_team ROM: System Bootstrap, Version 12.2(7r)XM2, RELEASE SOFTWARE (fc1) Cisco1760-top uptime is 2 days, 11 hours, 32 minutes System returned to ROM by power-on System restarted at 11:48:27 EET Mon Dec 23 2024 System image file is "flash:c1700-y-mz.124-17a.bin" Cisco 1760 (MPC860P) processor (revision 0x600) with 180224K/16384K bytes of memory. Processor board ID FOC09100TKX (3107495960), with hardware revision 0000 MPC860P processor: part number 5, mask 2 1 FastEthernet interface 4 Low-speed serial(sync/async) interfaces 32K bytes of NVRAM. 32768K bytes of processor board System flash (Read/Write)
Cisco1760-btm#show cdp neighbor
Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge
S - Switch, H - Host, I - IGMP, r - Repeater
Device ID Local Intrfce Holdtme Capability Platform Port ID
Cisco1760-top Ser 0/1 130 R S 1760 Ser 1/1
Cisco1760-top Fas 0/0 130 R S 1760 Fas 0/0
Cisco1760-mid Fas 0/0 143 R S 1760 Fas 0/0
DuneGW Fas 0/0 112 R MikroTik bridge1/ether4-cisco
SHORE Fas 0/0 115 H Windows 5 Ethernet
RUT200 Eth 1/0 96 R S H Linux eth0.1
Dune.sym Fas 0/0 144 S VMware ES vmnic0
WIC-2A/S is a two-port synchronous serial card, using Cisco proprietary low-profile "Smart Serial" connectors to fit two of them. It can act as either DTE or DCE (autodetected from cable) and has an internal CSU/DSU – which means it can act as a clock source which allows two routers to be connected back-to-back; this is enabled using clock rate ... (ordinarily the network provides clocking). Each port can also work in async (RS-232) mode (hence the "A" in "A/S"), although I could not find suitable cables for that.
Use show diag to verify cable type (Cisco Smart Serial ports rely on the cable to indicate DTE vs DCE) and configure one side (typically the DCE side) to provide a clock signal using clock rate 128000.
Cisco1760-top#show controllers serial 1/0 Interface Serial1/0 Hardware is PowerQUICC MPC860 DCE V.35, clock rate 128000 ...
Cisco1760-btm#show controllers serial 0/0 Interface Serial0/0 Hardware is PowerQUICC MPC860 DTE V.35 TX and RX clocks detected ...
(These two interfaces are connected using actual V.35 cables CAB-SS-V35MT and CAB-SS-V35FC mated together, though knockoff "CAB-SS-2626 crossover" cables available on eBay also pretend to be the same thing.)
Each card shows up as two Serial interfaces which can be used in broadly two ways: either as a simple point-to-point link carrying IP/IPX/CLNS/AppleTalk traffic (using HDLC or PPP framing), or as part of an X.25 or Frame Relay network which supports multiple virtual circuits to different destinations (potentially across several routers), each carrying any of the aforementioned protocols. The latter is generally more interesting. (X.25, of course, can also be used for "terminal" (PAD) calls using pad, this is demonstrated in the Telebahn page.)
There isn't much to show for IPv4 over serial links:
Cisco1760-btm#show running-config interface Serial0/1 interface Serial0/1 ! encapsulation hdlc is already the default so it is not shown ip address 10.147.241.46 255.255.255.252 end
Far more interesting is an IP-over-X.25 example. X.25 is a circuit-switched network, so there has to be a dedicated virtual circuit to each IP destination (defined manually using x25 map as there is no ARP). In this case we happen to be directly connected to 471041 but in reality such circuits would be defined to faraway routers through a Public Data Network. (IOS supports X.25 switching so it is possible to build one, provided you have enough routers and enough Serial interfaces.)
Cisco1760-btm#show run int s0/0 interface Serial0/0 encapsulation x25 x25 address 471043 x25 map ip 10.147.241.45 471041 broadcast ip address 10.147.241.46 255.255.255.252 ip ospf network point-to-point end
The broadcast keyword saves from having to manually define OSPF neighbors by emulating broadcast capability (but since we only have one peer, ip ospf network point-to-point makes adjacency forming faster by skipping DR/BDR election).
X.25 is statically-routed, but Cisco IOS assumes a default route through the first interface. If we want to be explicit though, we can define a route (using regex match!) and prevent the default routing. ('Clear' as in 'clearing the call' is an X.25 term for closing or refusing to set up a circuit.)
x25 route ^471 Serial0/0 x25 route .* clear
Now the interface is up, both at the LAPB link layer and the X.25 network layer (...which then acts as link layer or "local network layer" for IP and other inter-network protocols):
Cisco1760-btm#show int s0/0
Serial0/0 is up, line protocol is up
Hardware is PowerQUICC Serial
Description: ==> Cisco-top (Se1/0)
Internet address is 10.147.241.46/30
MTU 1500 bytes, BW 128 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation X25, loopback not set
X.25 DTE, version 1984, address 471043, state R1, modulo 8, timer 0
Defaults: idle VC timeout 0 [...]
Timers: T20 180, T21 200, T22 180, T23 180
Channels: Incoming-only none, Two-way 1-1024, Outgoing-only none
RESTARTs 0/0 CALLs 0+0/1+0/0+0 DIAGs 0/0
LAPB DTE, state CONNECT, modulo 8, k 7, N1 12056, N2 20
T1 3000, T2 0, interface outage (partial T3) 0, T4 0
VS 6, VR 3, tx NR 3, Remote VR 6, Retransmissions 0
Queues: U/S frames 0, I frames 0, unack. 0, reTx 0
IFRAMEs 1814/1715 RNRs 0/0 REJs 0/0 SABM/Es 0/1 FRMRs 0/0 DISCs 0/0
Last input 00:00:06, output 00:00:06, output hang never
Last clearing of "show interface" counters 03:03:49
[...]
DCD=up DSR=up DTR=up RTS=up CTS=up
Any IP activity causes a virtual circuit to be immediately brought up.
Cisco1760-btm#show x25 map Serial0/0: X.121 471041 <-> ip 10.147.241.45 permanent, broadcast, 1 VC: 1 Cisco1760-btm#show x25 vc SVC 1, State: D1, Interface: Serial0/0 Started 03:07:27, last input 00:00:07, output 00:00:06 Connects 471041 <-> ip 10.147.241.45 Call PID ietf, Data PID none Window size input: 2, output: 2 Packet size input: 128, output: 128 PS: 5 PR: 1 ACK: 1 Remote PR: 4 RCNT: 0 RNR: no P/D state timeouts: 0 timer (secs): 0 data bytes 131999/135344 packets 1581/1609 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0
Another option is Frame Relay, which is essentially "X.25 lite" and is the predecesor to MPLS.
WIC-1DSU-T1-V2 is a single-port T1 card with a RJ-48C port. It too can provide clocking for back-to-back connections, and the "V2" variant adds explicit support for short cables.
RJ-48C is practically the same physical connector as RJ-45 (although the pairs are arranged differently), so it is easy to make a "cross-over" cable by swapping pairs 1-2 and 4-5 [sic].
It is a non-"channelized" interface (i.e. not using T1 timeslots to multiplex several channels), so unlike what the documentation might suggest, this specific WIC is not seen as a "T1" interface by IOS 12.4 and there is no controller T1 config section with this card. Instead it is recognized as a plain serial interface which has a "service module", so the low-level configuration looks like this:
interface Serial1/0 service-module t1 cablelength short 110ft service-module t1 clock source internal encapsulation ... ip address ... end
Cisco1760-mid#show controllers serial 1/0
Interface Serial1/0
Hardware is PowerQUICC MPC860 with Integrated FT1 CSU/DSU module
TX and RX clocks detected.
... (lots of internal firmware registers follow)
Cisco1760-mid#show service-module s1/0
Interface Serial1/0
Module type is T1/fractional
Hardware revision is 1.2, Software revision is 20100818,
Image checksum is 0x434803, Protocol revision is 0.1
Receiver has no alarms.
Framing is ESF, Line Code is B8ZS, Current clock source is internal,
Fraction has 24 timeslots (64 Kbits/sec each), Net bandwidth is 1536 Kbits/sec.
... (packet counters follow)
As it is a Serial interface, it behaves exactly like WIC-2A/S in other ways (that is, it can be configured for X.25 or IP-in-HDLC or anything else).
The AUX port is a fully functioning RS-232 serial port with most (not all) control lines. It can be used for inbound access to IOS EXEC (like a second console port), or outbound access to some other device (acting as a terminal server and letting you connect to another router's console port).
It can also be converted into a network interface which can speak PPP. (The name of the Async interface again depends on the global line number shown by show line.)
line aux 0 no exec interface Async5 async mode dedicated encapsulation ppp ip address 10.147.241.30 255.255.255.252 routing dynamic
But in case you were wondering – no, it is not possible to use encapsulation x25 with an Async interface. Perhaps there is no technical reason why it couldn't be done, but as far as I know it simply wasn't part of the specification. Instead a PAD would act as a gateway into the X.25-based PDN by providing the arcane text-based interface defined in X.28 (which IOS can pretend to be, via the x28 command).
WIC-1ENET is a one-port 10BASE-T Ethernet card. It does not support auto-negotiation (not even for duplex) and certainly not auto-crossover.
Cisco1760-btm#show interface Ethernet 1/0 (TODO; I forgot to grab the output when I swapped it for the WIC-T1)
I don't know much about those yet. They translate analog voice to VoIP (over SIP or H.323, both of which Cisco IOS has built-in support for).
VIC-2FXS is a two-port "Foreign Exchange Station" card, which means it connects to a Foreign Exchange Station – that is, an analog telephone or fax device – providing it with dial tone and ring voltage. (Its counterpart which connects to a Foreign Exchange Office and receives dial tone would be a VIC-2FXO.)
Cisco1760-mid#show voice port summary
IN OUT
PORT CH SIG-TYPE ADMIN OPER STATUS STATUS EC
=============== == ============ ===== ==== ======== ======== ==
2/0 -- fxs-ls up dorm on-hook idle y
2/1 -- fxs-ls up dorm on-hook idle y
PVDMs are an internal expansion module that provides a set of DSPs – digital signal processing chips – which handle audio codecs such as G.729 for the installed VICs. The PVDM-256K-8 has two DSP modules, which is apparently enough for 4 analog ports or a single ISDN VIC (the largest is PVDM-256K-20HD and a Cisco 1760 has two slots for them).
Cisco1760-mid#show controllers voice dsp 0
This is an IPsec VPN accelerator module which supports 3DES (but not AES), allegedly at a rate of ~80 Mbps. As with anything involving cryptography, it requires an IOS with "K9" features.
Cisco1760-top#show diag
Slot 3:
Virtual Private Network (VPN) Module Port adapter, 1 port
EEPROM contents at hardware discovery:
Hardware Revision : 2.1
Part Number : 73-4586-02
Product (FRU) Number : MOD1700-VPN=
...
Cisco1760-top#show crypto engine brief
crypto engine name: Virtual Private Network (VPN) Module
crypto engine type: hardware
State: Enabled
Location: em 3
Compression: Yes
DES: Yes
3 DES: Yes
AES CBC: No
AES CNTR: No
Cisco1760-top#show crypto eli
Hardware Encryption Layer : ACTIVE
Number of crypto engines = 1 .
CryptoEngine-0 (slot-3) details.
Capability-IPSec : IPPCP, 3DES, NoAES, NoRSA
IKE-Session : 0 active, 200 max, 0 failed
DH-Key : 0 active, 100 max, 0 failed
IPSec-Session : 0 active, 400 max, 0 failed