Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > connecting offices, same workgroup

Reply
Thread Tools

connecting offices, same workgroup

 
 
Jason
Guest
Posts: n/a
 
      05-13-2004
I am wanting to connect 2 offices via a T1 and allow them to be on the
same LAN and workgroup. Right now they are bridged using 2 cisco 2610
routers that belong to the ISP and we can't configure.
The problem is that we run VOIP and each office has its own phone
system, as a result our T1 is saturated with multicast traffic.
Can someone suggest the best way to clean up the T1 while still
maintaining the common workgroup and appearance that they are apart of
the same office?
I am thinking of adding 2 more routers 1700 series and create a bridge
as well as apply some access lists and filtering. Is this plausable
or smart?
 
Reply With Quote
 
 
 
 
Scooby
Guest
Posts: n/a
 
      05-13-2004
"Jason" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) om...
> I am wanting to connect 2 offices via a T1 and allow them to be on the
> same LAN and workgroup. Right now they are bridged using 2 cisco 2610
> routers that belong to the ISP and we can't configure.
> The problem is that we run VOIP and each office has its own phone
> system, as a result our T1 is saturated with multicast traffic.
> Can someone suggest the best way to clean up the T1 while still
> maintaining the common workgroup and appearance that they are apart of
> the same office?
> I am thinking of adding 2 more routers 1700 series and create a bridge
> as well as apply some access lists and filtering. Is this plausable
> or smart?


Jason,

Are you sure that multicast traffic is what the problem is? I would venture
to guess that broadcasts are a bigger problem. When bridging sites, you are
sharing a broadcast domain. I think if you want to add routers, use them to
route and separate the broadcast domains. You can also control the
multicasts as well, if that in fact is your problem. Creating another
bridge does little to help your problem. Why do you need them to be on the
same LAN and workgroup? There are exceptions to almost every rule, but WANs
should be routed.

Jim


 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      05-13-2004
In article <(E-Mail Removed) >,
Jason <(E-Mail Removed)> wrote:
:I am wanting to connect 2 offices via a T1 and allow them to be on the
:same LAN and workgroup. Right now they are bridged using 2 cisco 2610
:routers that belong to the ISP and we can't configure.
:The problem is that we run VOIP and each office has its own phone
:system, as a result our T1 is saturated with multicast traffic.

You didn't mention VOIP before. For successful VOIP, you want QoS,
which current versions of the PIX (that I suggested in your previous
thread) do not support.

:Can someone suggest the best way to clean up the T1 while still
:maintaining the common workgroup and appearance that they are apart of
:the same office?

Sounds like you are using Netbios traffic for your workgroup. If so,
then what I'm told is Active Directory requires much less broadcast
traffic.

:I am thinking of adding 2 more routers 1700 series and create a bridge
:as well as apply some access lists and filtering. Is this plausable
r smart?

NETBIOS relies upon broadcast traffic to lock resources. If you are
all one workgroup, you -need- those broadcasts to get to all points,
or else your Workgroup is not going to work correctly. And you
need at least some of those ARPs to cross the bridge -- filtering
those down would require some fancy filters.

What kind of other broadcast traffic do you have, and what kind of filtering
were you thinking of putting in place? Can you give an example of an
filter that you would put in place if you could? You cannot easily
filter bridges on anything other than MAC address, MAC vendor code, or
protocol type. You can filter based upon arbitrary bytes within the packet,
but keep in mind that IP addresses and tcp or udp port numbers are not
really at constant offsets within packets (and you don't have any
"and" operation to be able to check for just the protocol number in one
test and the port number in another test on the same line.)


The 1721 routers handle transparent bridging in the IP feature set
as of 12.2(T1 -- just don't turn on IP routing, and put the appropriate
interfaces into the same bridge-group. Presumably you would plug in
whatever goes into your 2600s into the 1721, and plug the other interface
of the 1721 into your 2600s. That'd get you frame-level filtering, but
not IP level.


===========
Ah.... significant update to the above. As of 12.3(7)T [very new!!]
the 1721 supports 'Transparent IOS Firewall', which *does* allow you
to configure IP access-lists on what is forwarded.

http://www.cisco.com/en/US/products/...0801ee193.html

--
Aleph sub {Aleph sub null} little, Aleph sub {Aleph sub one} little,
Aleph sub {Aleph sub two} little infinities...
 
Reply With Quote
 
Jason
Guest
Posts: n/a
 
      05-14-2004
The traffic that I am most concerned with filtering is the broadcast
and multicast traffic given off by the phone systems. This includes
Music on Hold. I know that we can probably filter out alot of it
using MAC addresses but I would like some options available for
impleminting other types of filters perhaps based on IP address.
I don't really want to filter anything involving the PCs on the
workgroup. The most I would ever do is want to block specific PCs
from accessing the internet.
I mentioned wanting to manage the traffic. This is because right now
sending email is problematic, we can only send packets of 1400 bytes
across the T1 and email is trying to send at 1510. So I would like to
manipulate that.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't get 2 computers in same workgroup =?Utf-8?B?VGVycnk=?= Wireless Networking 14 12-21-2008 08:16 PM
Cannot see workgroup computers by ''view workgroup computers'' - important! kimiraikkonen Computer Support 5 02-07-2007 12:06 PM
Trouble connecting at same time on router. Lee Davison Computer Support 5 10-07-2005 08:24 PM
Can't access other pcs in same workgroup (router?) contech24 Computer Support 2 02-21-2004 06:52 PM
Access snap-in of another computer in the same workgroup Alan MCSE 2 08-13-2003 03:15 PM



Advertisments