Figure 2 shows a BAN Type 1 (bridged) connection. In this illustration, the router does not terminate the LLC2 traffic it receives from attached end nodes. Instead, the router converts the whatever frames it receives to bridged Token Ring format (RFC 1490) frames, and bridges directly to the NCP.

Figure 2 BAN Type 1: The Router as an LLC-2 Bridge

In this case, the router acts as a bridge between the FEP and end stations. DLSw does not terminate LLC2 session at the router, as in BAN Type 2. End station frames can be Token Ring, SDLC, Ethernet, or FDDI format, provided the bridge is configured to support that type of frame.

Figure 3 shows a BAN Type 2 (Virtual BAN DLSw) connection. In this illustration, the DLSw router does not function as a bridge. The router terminates the LLC2 traffic received from attached end nodes. At the same time, the router establishes a new LLC2 connection to the NCP over the

Frame Relay network. Thus, though two LLC2 connections exist within the transaction, the break between them is transparent both to the NCP and the end nodes. The result is a virtual LLC2 connection between NCP and end nodes.

Figure 3 BAN Type 2: Local DLSw Conversion

Which Method Should You Use?

Straight bridging of frames (BAN Type 1) is generally preferable. This method provides fast delivery of data with minimal network overhead. However, there are exceptions to this rule. If usage on a DLCI is too high, session timeouts may occur in a bridged configuration.

Conversely, session timeouts rarely occur in a DLSw-terminated configuration (BAN Type 2), since this type of configuration terminates and then recreates LLC2 sessions at the local (DLSw) router. For this reason, you may want to use DLSw-terminated BAN in situations where reducing the possibility of session timeouts is a concern. When running in DLSw-terminated mode, the router terminates all traffic on the DLCI. This mode also limits the number of remote end stations the BAN configuration can support.

Using BAN

To configure BAN, follow these steps:

: 1. Configure the router for Frame Relay (FR)
: 2. Configure the router for Adaptive Source Route Bridging (ASRT)
: 3. Configure the router for BAN
: 4. Open Service Access Points (SAPs) on the FR and LAN interfaces

These steps are documented in the example that follows.

This example assumes that you are setting up a single DLCI to carry BAN traffic. Depending on your circumstances and needs, you may want to set up multiple DLCIs for the sake of redundancy, or to increase total bandwidth to the IBM environment. See Setting Up Multiple DLCIs.

Configuring Frame Relay

To access the Frame Relay configuration area, use the network command at the Config> prompt as shown:

Config>network 2
Frame Relay user configuration
FR Config>

At the FR Config> prompt, add a permanent circuit. The router prompts you for a circuit number, which is the DLCI number. The router then prompts you for a committed information rate, and for a circuit name.

The circuit name is extremely important. It tells the bridge which DLCI to use for BAN frames. In doing so, it provides the linkage between the router (which is acting as a bridge in this case) and the FR protocol.

FR Config>add permanent
Circuit number  [16]? 20   
Committed Information Rate in bps  [64000]? 
Assign circuit name []? 20-ncp10        
Is circuit required for interface operation? [N]?

You should assign a circuit name that identifies the IBM NCP in some obvious way (as in this example, where the assigned circuit name is
20-ncp10). You should also use a name that has 8 characters or fewer. Choosing a short name may prevent it from being truncated on some bridge configuration screens.

The DLCI you create by assigning a circuit number and name becomes the PVC that connects Proteon's router with the IBM FEP when using BAN. The next step consists of configuring this PVC as a bridge port.

Note: If you want to set up multiple BAN DLCIs connected to the same or different FEPs, you have to configure Frame Relay separately for each DLCI. See Setting Up Multiple DLCIs.

Configuring the Router for Adaptive Source Route Bridging

Next, configure the PVC as a bridge port. To do this, enter protocol bridge at the Config> prompt.

Config>protocol bridge
Adaptive Source Routing Transparent Bridge user configuration
Bridge config>

At the Bridge Config> prompt, add a port. The router prompts you for an interface number. The number you assign is the FR interface number on the bridge. The router then prompts you for a port number and for a circuit name. You must assign the same circuit name as you did when configuring the router for bridging over FR in step 1.

Bridge config>add port
Interface Number [0]? 2
Port Number [5]? 
Assign circuit name []? 20-ncp10

The next step consists of enabling source routing and defining source routing segment numbers for the FR port.

Bridge config>enable source routing
Port Number [3]? 5
Segment Number for the port in hex(1 - FFF) [1]? 456
Bridge Virtual Segment Number in hex(1 - FFF) [1]? 789

Then, disable transparent bridging on the bridge port as shown:

Bridge config>disable transparent bridging
Port Number [3]? 5

Configuring the Router for BAN

You configure BAN from the Bridge config> prompt. The addition of a BAN port is not verified until you restart the router. Note that, as in steps 1 and 2, bridge port 5 is the port used throughout this step.

Config> protocol bridge
Bridge config>ban
BAN (Boundary Access Node) configuration

At the BAN config> prompt, add the port number (5) on which you want to enable BAN. The router prompts you to enter a BAN DLCI MAC address and the Boundary Node Identifier address:

BAN config>add 5                                     
Enter the BAN DLCI MAC Address []? 400000000001   
Enter the Boundary Node Identifier MAC Address [4FFF00000000]?

In this example, 400000000001 is the MAC address of the DLCI: this is the address to which attached end stations send data. The other address, 4FFF00000000, is the default Boundary Node Identifier Address. To accept it, press Enter.

Note: You should always choose the default Boundary Node Identifier address unless the Boundary Node Identifier address of the receiving FEP has changed. This is because the Boundary Node Identifier address must match the corresponding value in the NCP definition. This value is specified by the LOCADD keyword of the LINE statement that defines the physical Frame Relay connection.

Specifying the Type of BAN Connection You Need

The next prompt asks you to specify which type of BAN connection you want to add, bridged (described earlier as BAN Type 1) or DLSw-terminated (Type 2). Type 1, straight bridging, is the default. You should accept the default unless you want inbound traffic to be terminated at the router.

After you enter b (bridged) or t (terminated), the router informs you that the BAN port has been added. The default choice is b .

Do you want the traffic bridged (b) or DLSw terminated (t) (b/t) [b]?
BAN port record added.

Opening Service Access Points (SAPs)

To use BAN, you must open the Service Access Points (SAPs) associated with the FR interface, and the LAN interface. If you fail to open these SAPs, you will not be able to use BAN. Failure to open all SAPs is often the cause of configuration problems.

Open the SAPs from the DLSw config> prompt as follows:

DLSw config>open
Interface # [0]?   
Enter SAP in hex (range 0-ff) [0]? 4

Issuing the open command for interface 0 opens the SAP on the LAN interface. You issue the same command to open the SAP on the FR interface. Note that in each case, you enter 4 to open a SAP.

DLSw config>open
Interface # [2]?       
Enter SAP in hex (range 0-ff) [0]? 4

Using Multiple DLCIs for BAN Traffic

While one DLCI is usually sufficient to handle BAN traffic to and from the IBM environment, setting up two or more DLCIs may prove useful in some circumstances.

Benefits of Setting Up a Fault-tolerant BAN Connection

Redundant connections to multiple NCPs protect against a single NCP failure. In addition, sharing BAN traffic among several DLCIs reduces the chance of one NCP becoming overloaded. In a redundant DLCI configuration, PU Type 2.0 and 2.1 end stations can pass BAN traffic to different NCPs, as shown in Figure 4.

Figure 4 BAN Configuration with Multiple DLCIs to Different FEPs

Setting Up Multiple DLCIs

Setting up multiple DLCIs is a simple matter, particularly if you do it during the initial BAN configuration.

In setting up multiple connections, keep in mind that each Frame Relay DLCI corresponds with a specific FEP in the IBM environment. To pass BAN frames to that FEP, you must specify the correct circuit number when establishing the Frame Relay connection. Your Frame Relay provider can tell you the circuit number for each of your connections.

To set up DLCI connections to different FEPs (Scenario 1, above) you must:

1. Within the Frame Relay configuration:

Define another Frame Relay DLCI on a second bridge port.

2. Within the ASRT configuration:

Add a bridge port for that DLCI.

3. Configure the bridge port for BAN, as shown earlier in this chapter.

Checking the BAN Configuration

When you restart the router, the BAN bridge appears as a FR bridge port with source-routing behavior. Check the BAN configuration with the list command as shown here:

BAN config>list

bridge  BAN                Boundary              bridged or     
port    DLCI MAC Address   Node Identifier       DLSw terminated  
5       40:00:00:00:00:01  4F:FF:00:00:00:00     bridged

As this example shows, the list command displays each aspect of the BAN configuration, giving the bridge port (5, in this case) the MAC addresses of the router and the NCP, and whether the port is bridged or DLSw terminated.

To check to see that BAN has initialized properly on startup, you can use the router's monitoring environment (at monitor) as follows:

+protocol bridge
Bridge>ban
BAN (Boundary Access Node) console
BAN>list

bridge  BAN                Boundary           bridged or     
port    DLCI MAC Address   Node Identifier    DLSw terminated  Status
5       40:00:00:00:00:01  4F:FF:00:00:00:00  bridged          Init Fail

BAN has three associated status messages:

Init Fail indicates that a configuration problem exists.
Up indicates that the FR DLCI is up and running.
Down indicates that the DLCI is not running.

If you receive a status other than Up you should check the router's ELS messages to diagnose the problem. The following section explains how to enable ELS messages.

Enabling BAN Event Logging System Messages

After initial BAN configuration and restart, it is a good idea to enable ELS messages to see whether the configuration is working as planned. You can enable BAN-specific messages from the Config> prompt as shown:

Config>event                                 
Event Logging System user configuration
ELS config>display subsystem ban all

Entering this command displays all BAN subsystem messages. This causes ELS to notify you of all BAN-related behavior. After running BAN for a while, you may want to turn off some messages.

You can switch off specific ELS BAN messages using the nodisplay command and the specific message number. This example illustrates how to turn off the ban.9 message.

ELS config>nodisplay event ban.9

For a list and explanation of all BAN-related messages, see the Event Logging System (ELS) Messages in the Online Library.

BAN Configuration and Monitoring Commands

Accessing the BAN Configuration Environment

Use the router's configuration process to change the configuration of the router. The new configuration takes effect when the router is restarted.

To enter the configuration environment, enter configure at the * prompt. This brings you to the Config> prompt:

MOS Operator Control

* configuration
Gateway user configuration
Config>

If the Config> prompt does not appear immediately, press Enter again.

Enter all BAN configuration commands at the BAN config> prompt. Access this prompt by entering ban at either the DLSw config> or ASRT config> prompt as shown:

Config>protocol dls
DLSw protocol user configuration
DLSw config>ban
BAN config>

Accessing the BAN Monitoring Environment

To enter the monitoring process, enter monitor at the * prompt. This brings you to the + prompt:

MOS Operator Control

* monitor
+

Enter BAN monitoring commands at the BAN> prompt. To access this prompt, enter ban at the DLSW> or Bridge> prompt.

+ protocol dls
DLSW>ban
BAN>

BAN Commands

Enter BAN configuration commands at the BAN config> prompt and monitoring commands at the BAN> prompt. Table 1 lists the BAN configuration and monitoring commands.

Table 1 BAN Commands
Command	Function
Add [C]	Add a BAN port
Delete [C]	Deletes a BAN port.
List [C] [M]	Displays the existing BAN configuration, and informs you whether the port has initialized properly.
Exit [C] [M]	Exits the BAN configuration process and returns you to the `DLSw config>` or `Bridge config>` process.

Add [C]

Use the add command to add a BAN port.

Syntax: add port #

Example: add 2

Enter the BAN DLCI MAC Address []? 400000000001   
Enter the Boundary Node Identifier MAC Address [4FFF00000000] ?

Do you want the traffic bridged (b) or DLSw terminated (t) (b/t) [b]?  

BAN port record added.

Delete [C]

Deletes a previously added BAN port from the configuration.

Syntax: delete port#

Example: delete 2

List [C] [M]

Use the list command to display information on the existing BAN configuration, or to assess whether the DLCI is functioning properly.

Syntax: list

List [C]

When issued in the BAN configuration module, list provides general information on the BAN configuration.

Example: list

bridge  BAN                Boundary              bridged or     
port    DLCI MAC Address   Node Identifier       DLSw terminated  
5       40:00:00:00:00:01  4F:FF:00:00:00:00     bridged

To check to see that BAN has initialized properly on startup, you can use the router's monitoring environment (at monitor) as follows:

List [M]

When issued in the BAN monitoring module, list provides general information on the BAN configuration. The command also informs you whether each BAN port has initialized properly.

Example: list

bridge  BAN                Boundary           bridged or     
port    DLCI MAC Address   Node Identifier    DLSw terminated  Status
5       40:00:00:00:00:01  4F:FF:00:00:00:00  bridged          Init Fail