Cisco First Hop Redundancy Protocols: HSRP, VRRP, GLBP

Overview

When designing a network, one of the common things to focus on after simple access is how the network will deal with failure. Part of this process is trying to build as much redundancy into the design as financially possible, while also maintaining performance and manageability. From the client’s perspective, the first piece of the network they deal without, outside of their local subnet, is the default gateway; if this gateway were to go down, then access to an entire subnet (at least) would go down. One of the ways to deal with this is to implement a first hop redundancy protocol. On Cisco equipment, there are a couple of different options to choose from, including Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP) and Gateway Load Balancing Protocol (GLBP). This article gives an overview of these options and how they differ.

Hot Standby Router Protocol (HSRP)

HSRP is a Cisco proprietary protocol that enables the network engineer to configure multiple redundant routers that exist on the same subnet; each can be used as a gateway for the devices on the subnet. Without HSRP, each of the devices on the subnet would need to be individually configured to use a specific gateway, effectively not providing redundancy but limiting the number of clients that would be affected if a router were to go down. With HSRP, a group of routers (gateways) will be configured together, and a single HSRP virtual IP address and MAC address will be created that are used by the devices on the subnet. The different routers in the HSRP will communicate to a select single active gateway that handles all live traffic. At this point, a single standby gateway is also selected. This standby gateway communicates with the active gateway via multicast and will detect should the active gateway fail. When this happens, one of the standby gateways will take over the duties of the active gateway and continue traffic forwarding without much (if any) delay. When this happens, a new standby gateway is also selected.

Virtual Router Redundancy Protocol (VRRP)

VRRP is an open standard that can be used in environments where equipment from multiple vendors exists. Its operation is similar to HSRP but differs in a couple of ways. In VRRP, like with HSRP, a group is configured that contains a number of routers (gateways); one will be selected by the network engineer to be the master. The master router’s physical IP address of the interface connecting the subnet is used by the clients as a default gateway. The backup members of the VRRP group will communicate with the master gateway and take over the duties of forwarding traffic, should the master fail. The IP address used always belongs to the master router which is referred to as the IP address owner. When the master router recovers, it will take back the duties of routing for that IP address.

It is possible to have multiple VRRP groups on a single subnet, which can be used to spread the load of the traffic coming off of a subnet. However, this must be done manually at the client’s location, by changing their default gateway addresses.

Gateway Load Balancing Protocol (GLBP)

GLBP is another Cisco proprietary protocol that can be used for first hop redundancy. GLBP offers something that the first two does not: dynamic load balancing. With GLBP, unlike HSRP or VRRP, all of the routers that exist within the GLBP group are active and are forwarding traffic. When a GLBP group is configured, one of the routers within the group will be elected as the Active Virtual Gateway (AVG); each of the other routers will back up the AVG, should it fail. The AVG is responsible for assigning virtual MAC addresses to each of the members of the GLBP group; each of these members is referred to as an Active Virtual Forwarder (AVF). The AVG is responsible for responding to ARP request by subnet devices, and selecting which group’s router will handle the traffic. The IP address of the default gateway is the same across all of the subnet devices; this IP address is virtual. When the device ARPs for a MAC address, the AVG will respond with one of the virtual MAC addresses. This way, the AVG is able to control which router will handle the load of each individual subnet device.

Protocol Features		HSRP (Hot Standby Router protocol)	VRRP (Virtual Redundancy Router Protocol)	GLBP (Gateway Load Balancing Protocol)
Router role		– 1 active router.- 1 standby router.- 1 or more listening routers.	– 1 master router.- 1 or more backup routers.	– 1 AVG (Active Virtual Gateway).- up to 4 AVF routers on the group (Active Virtual Forwarder) passing traffic.- up to 1024 virtual routers (GLBP groups) per physical interface.
Router role		– Use virtual ip address.	– Can use real router ip address, if not, the one with highest priority become master.	– Use virtual ip address.
Scope		Cisco proprietary	IEEE standard	Cisco proprietary
Election		Active Router: 1-Highest Priority 2-Highest IP (tiebreaker)	Master Router: (*) 1-Highest Priority 2-Highest IP (tiebreaker)	Active Virtual Gateway: 1-Highest Priority 2-Highest IP (tiebreaker)
Optimization features	Tracking	yes	yes	yes
	Preempt	yes	yes	yes
	Timer adjustments	yes	yes	yes
Traffic type		224.0.0.2 – udp 1985 (version1) 224.0.0.102-udp 1985 (version2)	224.0.0.18 – IP 112	224.0.0.102 udp 3222
Timers		Hello – 3 seconds	Advertisement – 1 second	Hello – 3 seconds
		(Hold) 10 seconds	(Master Down Interval)3 * Advertisement + skew time	(Hold) 10 seconds
		(Hold) 10 seconds	(Skew time)(256-priority) / 256	(Hold) 10 seconds
Load-balancing functionality		– Multiple HSRP group per interface/SVI/routed int.	– Multiple VRRP group per interface/SVI/routed int.	Load-balancing oriented- Weighted algorithm.- Host-dependent algorithm.- Round-Robin algorithm (default).
Load-balancing functionality		Requires appropriate distribution of Virtual GW IP per Clients for optimal load-balancing.(generally through DHCP)	Requires appropriate distribution of Virtual GW IP per Clients for optimal load-balancing.(generally through DHCP)	Clients are transparently updated with virtual MAC according to load-balancing algorithm through ARP requesting a unique virtual gateway.

* If the group VRRP Virtual IP on the master (higher priority) is the real IP configured on a different VRRP (Backup with lower priority) IOS will manage to make the VRRP router with the real IP, the master, by setting its priority to 255, knowing that the configurable range is [1-254].

http://www.youtube.com/watch?v=qzWQ9jN-Lkc

http://www.youtube.com/watch?v=3SKfuKrdqfc

Access Lists on Switches

PDF Document

The switch supports the following four types of ACLs for traffic filtering:

Router ACL
Port ACL
VLAN ACL
MAC ACL

Router ACL

As the name implies, Router ACLs are similar to the IOS ACL discussed in Chapter 2, “Access Control,” and can be used to filter network traffic on the switched virtual interfaces (SVI). (SVI interfaces are Layer 3 interfaces on VLANs, on Layer 3 physical interfaces, and on Layer 3 EtherChannel interfaces.) Both standard and extended ACLs are supported.

Port ACL

Port ACLs are similar to Router ACLs but are supported on physical interfaces and configured on Layer 2 interfaces on a switch. Port ACL supports only inbound traffic filtering. Port ACL can be configured as three type access lists: standard, extended, and MAC-extended.

Processing of the Port ACL is similar to that of the Router ACLs; the switch examines ACLs associated with features configured on a given interface and permits or denies packet forwarding based on packet-matching criteria in the ACL.

When applied to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When applied to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs.

The main benefit with Port ACL is that it can filter IP traffic (using IP access lists) and non-IP traffic (using MAC access list). Both types of filtering can be achieved—that is, a Layer 2 interface can have both an IP access list and a MAC access list applied to it at the same time.

VLAN ACL (VACL)

VLAN ACL (also called VLAN map) provides packet filtering for all types of traffic that are bridged within a VLAN or routed into or out of the VLAN. Unlike Router ACL, VACL is not defined by a direction (input or output). All packets entering the VLAN (bridged or routed) are checked against the VACL. It is possible to filter traffic based on the direction of the traffic by combining VACLs and Private VLAN features.

VACLs are processed in hardware, so there is no performance penalty in processing them. Therefore, they are also referred to as wire-speed ACLs. The forwarding rate remains unchanged regardless of the size of the access list because the lookup of VACLs is performed in hardware.

VACL on a Bridged Port

Figure 4-2 illustrates where the VACL is processed when VACL is applied on a bridged port for traffic from Host A in VLAN 5 that is communicating to Host B in VLAN 10 through the switch.

VACL on a Routed Port

Figure 4-3 illustrates how IOS ACL and VACL are applied on routed packets and Layer 3 switched packets. Following is the order of processing:

VACL for input VLAN
Input IOS ACL
Output IOS ACL
VACL for output VLAN

Configuring VACL

Perform the following steps to configure and apply a VACL (VLAN access map) on the switch:

Define the standard or extended access list to be used in VACL.
Define a VLAN access map.
Configure a match clause in a VLAN access map sequence.
Configure an action clause in a VLAN access map sequence.
Apply the VLAN access map to the specified VLANs.
Display VLAN access map information.

Example 4-6 shows how to define and apply a VACL to drop packets matching access list 1 from network 192.168.1.0/24; all other packets matching access list 2 are forwarded. The VACL is applied to VLANs 5 through 10.

Example 4-6. VACL Configuration Example

Switch(config)#access-list 1 permit 192.168.1.0 0.0.0.255
Switch(config)#access-list 2 permit any
Switch(config)#vlan access-map mymap 10
Switch(config-access-map)#match ip address 1
Switch(config-access-map)#action drop
Switch(config-access-map)#exit
Switch(config)#vlan access-map mymap 20
Switch(config-access-map)#match ip address 2
Switch(config-access-map)#action forward
Switch(config-access-map)#exit
Switch(config)# vlan filter mymap vlan-list 5-10
Switch(config-access-map)#end

Switch# show vlan access-map
Vlan access-map "mymap"  10                              
  Match clauses:                                         
    ip address: 1                                        
  Action:                                                
    drop                                                 
Vlan access-map "mymap"  20                              
  Match clauses:                                         
    ip address: 2                                        
  Action:                                                
    Forward                                              

Switch# show vlan filter
VLAN Map mymap is filtering VLANs:                       
  5-10

MAC ACL

MAC ACL, also known as Ethernet ACL, can filter non-IP traffic on a VLAN and on a physical Layer 2 interface by using MAC addresses in a named MAC extended ACL. The steps to configure a MAC ACL are similar to those of extended named ACLs. MAC ACL supports only inbound traffic filtering.

To define the MAC Extended ACL, use the mac access-list extended command. Several non-IP protocols are supported.

After the MAC ACL is created, it can be applied to a Layer 2 interface using the mac access-group [acl-name] in command to filter non-IP traffic received on the interface.

Example 4-7 shows how to define and apply a MAC ACL to drop all (non-IP) AppleTalk Address Resolution Protocol (AARP) packets, allowing all other types of traffic.

Example 4-7. MAC ACL Configuration Example

Switch(config)# mac access-list extended my-mac-acl
Switch(config-ext-macl)# deny any any aarp
Switch(config-ext-macl)# permit any any
Switch(config-ext-macl)# exit
Switch(config)# interface Fastethernet0/10
Switch(config-if)# mac access-group my-mac-acl in
Switch(config-if)# end
Switch#

Load Balancers (Kemp/F5)

KEMP Technologies, Inc. was founded in 2000 in Bethpage, New York and operates in the application delivery industry.^[1] The company creates load balancing products which balance user traffic between multiple servers in an organization, business or managed service provider’s infrastructure

KEMP’s load balancers are primarily used by small-to-medium businesses,^[4] including law firms^[5] and banks.^[6] The product line supports Microsoft services such as Exchange 2010^[7] and Lync 2010.^[8] The company also offers geographic^[9] and virtualized^[10] load balancing.

Kemp’s LoadMaster product is a load balancer^[11] built on its own hardware platform.

Extended Ping, extended tracert/Ping, tracert, netstat, nslookup, ipconfig

Specifying a different source to generate the pings
R1#ping 10.1.1.1 source 192.168.1.2

Router A>enable
Router A#ping
Protocol [ip]:
Target IP address: 192.168.40.1

!--- The address to ping.

Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.16.23.2 

!---Ping packets are sourced from this address.

Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 162.108.21.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/97/132 ms  

!--- Ping is successful.

Router A>enable
Router A#traceroute
Protocol [ip]:
Target IP address: 192.168.40.2   

!--- The address to which the path is traced.

Source address: 172.16.23.2
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 192.168.40.2

  1 172.31.20.2 16 msec 16 msec 16 msec
  2 172.20.10.2 28 msec 28 msec 32 msec
  3 192.168.40.2 32 msec 28 msec *   

!--- The traceroute is successful.

module/slot/port –

Introduction

This document explains the interface numbering scheme used in Cisco 1800, Cisco 2800 and Cisco 3800 Series Routers. It also includes line numbering associated with async interfaces.

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

The information in this document is based on these hardware versions:

Cisco 1800 Series Routers
Cisco 2800 Series Routers
Cisco 3800 Series Routers

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Conventions

For more information on document conventions, refer to the Cisco Technical Tips Conventions.

Change in Interface and Line Numbering Convention

Existing router platforms (earlier than Cisco 1800, Cisco 2800, and Cisco 3800) contain a limitation. In some situations, such as when you insert WIC(s) out of order, the configuration of one WIC interface can be lost or applied to another WIC interface.

Example: Assume that you have a serial WIC-2T in WIC slot 1 and WIC slot 0 is empty. The interfaces are named serial 0/0 and serial 0/1. If you insert another WIC-2T into slot 0, the new WIC interfaces are named serial 0/0 and serial 0/1. The old WIC interfaces become serial 0/2 and serial 0/3. Therefore, the old WIC interface configuration moves to the new WIC interfaces.

Refer to How Async Lines are Numbered in Cisco 3600 Series Routers for more information.

In order to overcome this limitation, Cisco 1800, Cisco 2800, and Cisco3800 series platforms now have a three-tiered interface numbering format (slot/subslot/port) for interfaces on WIC slots only.

Note: The slot information for the Cisco 3800 series is the same as the 2800/1800 interface and line numbering. See New Interface and Line Number Conventions for information on interface and line numbering.

New Interface and Line Number Conventions

This section describes the new conventions for interface and line numbering.

The interface numbering scheme is the same for async interfaces and non-async interfaces. To configure the line associated with an async interface, use the interface number to specify the async line.
For example, line 0/0/0 specifies the line associated with interface serial 0/0/0 on a WIC-2A/S in slot 0. Similarly, line 0/1/1 specifies the line associated with interface async 0/1/1 on a WIC-2AM in slot 1.

Note: This document uses the following words interchangeably:
- Network-module-slot and slot.
- Interface-card-slot and subslot.
Ports on network modules are numbered like this:
interface-number = network-module-slot/port

OR

interface-number = slot/port
Ports on interface cards (such as WICs, VWICs and HWICs) installed directly in chassis slots is given here:
interface-number = 0/interface-card-slot/port

OR

interface-number = 0/subslot/port
This numbering convention is used for ports on interface cards that are installed in network module slots:
interface-number = network-module-slot/interface-card-slot/port

OR

interface-number = slot/subslot/port

Note: The slot/subslot/port format only applies to WIC interfaces. Interfaces that are native to the network modules still use only the slot/port format. That is:
- <interface-name> slot/port is used whenever the interfaces are native on the network module.
- <interface-name> slot/subslot/port is used whenever the interfaces are on the WIC slot of a network module (NM).
Here is an example for numbering when the motherboard slot number is always 0. The native interfaces on the motherboard are numbered like this:
- Fa0/0, Fa0/1 on Cisco 2811.
- Gi0/0, and Gi0/1 on Cisco 2821 and Cisco 2851.
The Motherboard WIC slots are numbered from 0 to 3. The number increments from right to left, and from bottom to top.
```
WIC 0 ports: <interface>0/0/0, <interface>0/0/1
WIC 1 ports: <interface>0/1/0, <interface>0/1/1
WIC 2 ports: <interface>0/2/0, <interface>0/2/1
WIC 3 ports: <interface>0/3/0, <interface>0/3/1
```
Slot numbers for other slots increase from bottom to top, then right to left. Subslot numbers and port numbers within a slot also increase from bottom to top, then right to left.

Examples

Interfaces native to an extension network module (ENM):

<interface>1/0, <interface>1/1

If the ENM carries WIC cards, the WIC slot numbers start from 0:

WIC 0 ports: <interface> 1/0/0, <interface> 1/0/1
WIC 1 ports: <interface> 1/1/0, <interface> 1/1/1

The extension voice module (EVM) slot analog interfaces are numbered from voice-port 2/0/0 to voice-port 2/0/23, following the NM-HDA convention.

Interface Numbering

This section lists the interface numbering details for Cisco routers.

Table 1 – Interface Numbering on Cisco 1841

Slot Number	Slot Type	Slot Numbering Range	Example¹
Onboard Ports	Fast Ethernet	0/0 and 0/1	interface fastethernet 0/0
Slot 0	HWIC/WIC/VWIC²	0/0/0 to 0/0/3	interface serial 0/0/0 line async 0/0/0
Slot 1	HWIC/WIC/VWIC²	0/1/0 to 0/1/3	interface serial 0/1/0 line async 0/1/0
¹ The interfaces listed here are examples only. Other possible interface types are not listed. ² VWICs are data-only in a Cisco 1841 router.

Table 2 – Interface Numbering on Cisco 2801 Series Routers

Slot Number	Slot Type	Interface Numbering Range
Onboard ports	Fast Ethernet	0/0 and 0/1
0	VIC / VWIC (voice only)²	0/0/0 to 0/0/3
1	HWIC / WIC / VIC / VWIC¹	0/1/0 to 0/1/3 (single-wide HWIC) 0/1/0 to 0/1/7 (double-wide HWIC)
2	WIC / VIC / VWIC¹	0/2/0 to 0/2/3
3	HWIC / WIC / VIC / VWIC¹	0/3/0 to 0/3/3 (single-wide HWIC) 0/3/0 to 0/3/7 (double-wide HWIC)
¹A VWIC in slots 1, 2, and 3 can operate in both data and voice mode; in slot 0, a VWIC can only operate in voice mode. ² Slot 0 in 2801 can be configured for voice only; thus PRI configurations with VWIC is not possible.Slot 0 can be configured for CAS signaling.

Table 3 – Interface Numbering on Cisco 2811, Cisco 2821, and Cisco 2851 Integrated Services Routers

Port Location	Interface Numbering Scheme	Examples^{1, 2}
Built into the chassis front panel	Interface-type port	usb 0 usb 1
Built into the chassis rear panel	Interface-type0 / port	interface fa 0/x interface gi 0/x
In an interface card (HWIC, HWIC-D, WIC, VWIC, VIC) plugged directly into an HWIC slot in a chassis	Interface-type0 / interface-card-slot³ / portNote: Interface card slots built into the chassis are labeled HWIC slot-number on Cisco 2800 series routers.	interface serial 0/x/y interface async 0/x/y line 0/x/y interface fa 0/x/y voice-port 0/x/y See footnote⁴
In an interface card (WIC, VWIC, VIC) plugged into a slot in a network module	Interface-type1 ⁵/ interface-card-slot / port	controller t1 1/x/y voice-port 1/x/y interface serial 1/x/y interface async 1/x/y line 1/x/y See footnote⁴
Built into a network module (NME, NME-X, NMD, NME-XD)	Interface-type1 ⁵/ port	interface gi 1/x interface serial 1/x interface async 1/x line 1/x See footnote⁴
FXS or FXO port in an EVM	Interface-type2 ⁶/ 0 ⁷/ port FXS/DID port numbers 0 to7 are built into the EVM. FXS/FXO port numbers 8 to15 are in expansion module 0. FXS/FXO port numbers 16to 23 are in expansion module 1.	voice-port 2/0/x
Voice port in a BRI expansion module (internal slot) in an EVM	Interface-type2 ⁶/ 0 ⁷/ port Port numbers are 8 to 11 in expansion module 0. Port numbers are 16 to 19 in expansion module 1.	voice-port 2/0/x
BRI interface in a BRI expansion module (internal slot) in an EVM	Interface-type2 ⁶/ port Port numbers are0 to 3 if one expansion module is installed. Port numbers are0 to 7 if two expansion modules are installed.	interface bri 2/x
¹Interface abbreviations: fa = Fast Ethernet; gi = Gigabit Ethernet; usb = universal serial bus; bri = ISDN basic rate interface. ² The interfaces listed here are examples only. Other possible interface types are not listed. ³ Interface card slot numbers for double-width (HWIC-D) slots are 1 and 3 only. ⁴Specify the line number in the Cisco IOS CLI by using the interface number for the associated asynchronous serial interface. ⁵ “1” is the network module slot number in all Cisco 2800 series routers. ⁶ “2” is the EVM slot number in Cisco 2821 and Cisco 2851 routers.

Interface Numbering on Various Cisco Routers

This section provides information on interface numbering on various platforms.

Cisco 2811 Platform

Figure 1 shows the interface numbering on Cisco 2811 platform with:

HWICD-9FE in WIC slot 1.
VWIC-2MFT-T1 in WIC slot 2.
VIC2-2FXS in WIC slot 3.
NM-HDV2-1T1/E1 which has 1 NATIVE T1/E1 port & VWIC-2MFT-T1 in its WIC slot 0.

Figure 1 – Interface Numbering on Cisco 2811 Platform

Cisco 2851 Platform

Figure 2 shows the interface numbering on Cisco 2851 platform with:

HWIC-1GE in WIC slot 0.
HWIC-4T in WIC slot 1.
WIC-1SHDSL in WIC slot 2.
VWIC-2MFT-T1 in WIC slot 3.
NMD-36ESW in ENM slot 1 and EVM-HD-8FXS/DID in EVM slot.

Figure 2 – Interface Numbering on Cisco 2851 Platform

Slots on Cisco 1841, 2801, 2811, 2821, 2851 Routers

This section illustrates the positions of the various slots on Cisco 1841, 2801, 2811, 2821, 2851 routers.

Figure 3 – Rear Panel of the Cisco 1841 Router

1	Input power connection	8	CompactFlash memory card slot
2	On/Off switch	9	CompactFlash (CF) LED
3	Slot 0 (WIC, VWIC—data only, or HWIC)	10	AIM LED
4	Console port	11	USB port
5	Fast Ethernet ports and LEDs	12	Aux port
6	Kensington^TM security slot	13	Chassis ground connection
7	Slot 1 (WIC, VWIC—data only, or HWIC)

Figure 4 – Front Panel of the Cisco 2801 Router

1	Slot 0 (VIC or VWIC, for voice only)	8	Auxiliary Power (AUX/PWR) LED
2	Slot 1 (WIC, VIC, VWIC, or HWIC)	9	Universal serial bus (USB) port
3	Slot 2 (WIC, VIC, or VWIC)	10	AIM/PVDM LEDs
4	Slot 3 (WIC, VIC, VWIC, or HWIC)	11	Auxiliary port
5	Console port	12	Compact flash (CF) LED
6	Fast Ethernet ports and LEDs	13	External CompactFlash memory card slot
7	System LEDs	14	Removable center card guides to allow double-wide HWIC-D installation

Note: Double-wide HWICs can go into slots 0 and 1 or slots 2 and 3.

Figure 6 – Rear Panel of Cisco 2811 Router

1	Screw holes for ground lug	5	High-speed WAN interface card slot 1
2	Fast Ethernet port 0/0	6	High-speed WAN interface card slot 2
3	Fast Ethernet port 0/1	7	High-speed WAN interface card slot 3
4	High-speed WAN interface card slot 0	8	NME slot¹

¹ The network module slot is compatible with Cisco network modules of type NM (network module) and NME (network module enhanced).

Figure 7 – Rear Panel of the Cisco 2821 Router

1	Gigabit Ethernet port 0/0	6	High-speed WAN interface card slot 3
2	Gigabit Ethernet port 0/1	7	EVM slot ONLY
3	High-speed WAN interface card slot 0	8	NME slot¹
4	High-speed WAN interface card slot 1	9	Screw holes for ground lug
5	High-speed WAN interface card slot 2

¹ The network module slot is compatible with Cisco network modules of type NM, NME, and NME-X (enhanced extended).

Figure 8 – Rear Panel of the Cisco 2851 Router

1	Gigabit Ethernet port 0/0	6	High-speed WAN interface card slot 3
2	Gigabit Ethernet port 0/1	7	EVM slot ONLY
3	High-speed WAN interface card slot 0	8	NME slot¹
4	High-speed WAN interface card slot 1	9	Screw holes for ground lug
5	High-speed WAN interface card slot 2

¹ The network module slot is compatible with Cisco network modules of type NM, NME, NME-X, NMD (double-wide), and NME-XD (enhanced extended double-wide).

Note: When you look up commands in the Cisco IOS command references, note that:

Commands for the 1700 apply to the 1800.
Commands for the 2600 apply to the 2800.
Commands for the 3700 apply to the 3800.

Line Numbering

To configure the line associated with an async interface, simply use the interface number to specify the async line.

Example 1

To configure port 22 of an NM-32A in network module slot 1, enter:

Router(config)# interface async 1/22     
    (followed by configuring the async interface parameters)

Router(config-if)# exit
Router(config)# line 1/22
    (followed by configuring the line parameters)
Router(config-line)# end

Router# show line 1/22
   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
  1/22   88 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
Line 1/22, Location: "", Type: ""

!--- The remaining output has been deleted.

Example 2

To configure port 0 of a WIC-2A/S in HWIC slot 3, enter:

Router(config)# interface serial 0/3/0
Router(config-if)# physical-layer async

!--- This command allows this line to appear in show line output.
!--- You can then configure the async interface parameters.

Router(config-if)# exit

Router(config)# line 0/3/0

!--- Followed by configuring the line parameters.

Router(config-line)# end

Router# show line 0/3/0
 Tty Line Typ    Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
 0/3/0   50 TTY  9600/9600  -    -      -    -    -     0      0    0/0    Se0/3/0
Line 0/3/0, Location: "", Type: ""

!--- The remaining output has been deleted.

Example 3

When you use async interfaces, such as an NM-32A, the lines are listed as slot/num.

Router(config)#line 1/0 1/31
Router(config-line)#

And lines can be cleared in this format

Router#clear  line ?
  <0-326>      Line number
  async-queue  Clear queued rotary async lines
  aux          Auxiliary line
  console      Primary terminal line
  tty          Terminal controller
  vty          Virtual terminal
  x/y          Slot/Port for Modems
  x/y/z        Slot/Subslot/Port for Modems

The show line command output is explained here:

The “Tty” column displays the interface number (which is the same number we use to identify the line).
The “Line” column displays the actual line number. The actual line number associated with each interface is determined by complicated equations that vary according to the hardware setup (such as a network module, interface card or interface card in a network module).
On these platforms, the line numbers have limited significance. The same can be used in the reverse telnet process. Ideally, rotary under the line configuration should be widely used for reverse telnet applications.
For asynchronous or synchronous ports, such as those on the WIC-2A/S, NM-4A/S, NM-8A/S, and NM-16A/S, you must enter the physical-layer async command in serial interface configuration mode before the associated async line can appear in the show line command output (see Example 2).

Router# show line 
   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns Int
*    0    0 CTY              -    -      -    -    -     0      0    0/0     -
     1    1 AUX   9600/9600  -    -      -    -    -     0      0    0/0     -
 0/3/0   50 TTY   9600/9600  -    -      -    -    -     0      0    0/0   Se0/3/0
 0/3/1   51 TTY   9600/9600  -    -      -    -    -     0      1    0/0   Se0/3/1
   1/0   66 TTY   9600/9600  -    -      -    -    -     0      0    0/0     -
   1/1   67 TTY   9600/9600  -    -      -    -    -     0      0    0/0     -

  1/29   95 TTY   9600/9600  -    -      -    -    -     0      0    0/0     -
  1/30   96 TTY   9600/9600  -    -      -    -    -     0      0    0/0     -
  1/31   97 TTY   9600/9600  -    -      -    -    -     0      0    0/0     -
   322  322 VTY              -    -      -    -    -     0      0    0/0     -
   323  323 VTY              -    -      -    -    -     0      0    0/0     -
   324  324 VTY              -    -      -    -    -     0      0    0/0     -
   325  325 VTY              -    -      -    -    -     0      0    0/0     -
   326  326 VTY              -    -      -    -    -     0      0    0/0     -

   Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int

Line(s) not in async mode -or- with no hardware support:
2-49, 52-65, 98-321

ISDN2 and ISDN30

http://networkengineer.me/2014/03/03/e1e-carrier-isdn-pri-integrated-services-digital-network-private-rate-interface/

Integrated Services for Digital Network (ISDN) is a set of communication standards for simultaneous digital transmission of voice, video, data, and other network services over the traditional circuits of the public switched telephone network

The key feature of ISDN is that it integrates speech and data on the same lines, adding features that were not available in the classic telephone system. There are several kinds of access interfaces to ISDN defined as Basic Rate Interface (BRI), Primary Rate Interface (PRI),

ISDN is a circuit-switched telephone network system, which also provides access to packet switched networks, designed to allow digital transmission of voice and data over ordinary telephone copper wires, resulting in potentially better voice quality than an analog phone can provide. It offers circuit-switched connections (for either voice or data), and packet-switched connections (for data), in increments of 64 kilobit/s

Primary Rate Interface

The other ISDN access available is the Primary Rate Interface (PRI), which is carried over an E1 (2048 kbit/s) in most parts of the world. An E1 is 30 ‘B’ channels of 64 kbit/s, one ‘D’ channel of 64 kbit/s and a timing and alarm channel of 64 kbit/s.

In North America PRI service is delivered on one or more T1 carriers (often referred to as 23B+D) of 1544 kbit/s (24 channels). A PRI has 23 ‘B’ channels and 1 ‘D’ channel for signalling (Japan uses a circuit called a J1, which is similar to a T1). Inter-changeably but incorrectly, a PRI is referred to as T1 because it uses the T1 carrier format. A true T1 (commonly called “Analog T1” to avoid confusion) uses 24 channels of 64 kbit/s of in-band signaling. Each channel uses 56 kb for data and voice and 8 kb for signaling and messaging. PRI uses out of band signaling which provides the 23 B channels with clear 64 kb for voice and data and one 64 kb ‘D’ channel for signaling and messaging. In North America, Non-Facility Associated Signalling allows two or more PRIs to be controlled by a single D channel, and is sometimes called “23B+D + n*24B”. D-channel backup allows for a second D channel in case the primary fails. NFAS is commonly used on aT3.

PRI-ISDN is popular throughout the world, especially for connecting PBXs to PSTN.

While the North American PSTN can use PRI or Analog T1 format from PBX to PBX, the POTS or BRI can be delivered to a business or residence. North American PSTN can connect from PBX to PBX via Analog T1, T3, PRI, OC3, etc…

Even though many network professionals use the term “ISDN” to refer to the lower-bandwidth BRI circuit, in North America BRI is relatively uncommon whilst PRI circuits serving PBXs are commonplace.

Bearer channels

The bearer channel (B) is a standard 64 kbit/s voice channel of 8 bits sampled at 8 kHz with G.711 encoding. B-Channels can also be used to carry data, since they are nothing more than digital channels.

Each one of these channels is known as a DS0.

Most B channels can carry a 64 kbit/s signal, but some were limited to 56K because they traveled over RBS lines. This was commonplace in the 20th century, but has since become less so.

Signaling channel

The signaling channel (D) uses Q.931 for signaling with the other side of the link.

United Kingdom

In the United Kingdom, British Telecom (BT) provides ISDN2 (BRI) as well as ISDN30 (PRI).

In ISDN, there are two types of channels, B (for “bearer”) and D (for “data”). B channels are used for data (which may include voice), and D channels are intended for signaling and control (but can also be used for data).

There are two ISDN implementations. Basic Rate Interface (BRI), also called basic rate access (BRA) — consists of two B channels, each with bandwidth of 64 kbit/s, and one D channel with a bandwidth of 16 kbit/s. Together these three channels can be designated as 2B+D. Primary Rate Interface (PRI), also called primary rate access (PRA) in Europe — contains a greater number of B channels and a D channel with a bandwidth of 64 kbit/s. The number of B channels for PRI varies according to the nation: in North America and Japan it is 23B+1D, with an aggregate bit rate of 1.544 Mbit/s (T1); in Europe, India and Australia it is 30B+1D, with an aggregate bit rate of 2.048 Mbit/s (E1).

WHAT IS THE DIFFERENCE BETWEEN ISDN2 AND ISDN30?

ISDN2 is also called Basic Rate Interface or BRI for short.
ISDN30 is also called Primary Rate Interface or PRI for short.

ISDN2 has a minimum installation of 2 channels
ISDN30 has a minimum installation of 8 channels.

ISDN2 doesn’t have a maximum number of channels, but rarely goes over 8. This is because at 8 channels, ISDN30 becomes cheaper. The only exception might be in more remote locations where ISDN30 isn’t available.

So typically if you want 2/4/6/8 channels you’ll go for ISDN2, if you want 8 or more channels you’ll go for ISDN30. Simple*.

The functionality of ISDN2e and ISDN30 is very similar. ISDN2e is supplied in multiples of two lines. You can expand further in multiples of two, but each expansion requires a visit from BT (two week lead-time) plus system programming. If you require 6 lines or less on your telephone system and it is likely that this figure will not increase, then ISDN2e is usually adequate. For larger organisations, the correct solution is ISDN30. ISDN30 is delivered as ‘a site connection’, you merely specify how many lines you want (eight is the minimum). One advantage of ISDN30 is the use of fibre optic cable, which is more reliable than traditional copper wire. (note ISDN30 is quite often now supplied on copper).