Using Virtual Templates

Problem

You want to configure dial backup by using virtual templates.

Solution

Virtual templates provide another way of configuring a central dialup host router:

dialhost#configure terminal Enter configuration commands, one per line. End with CNTL/Z. dialhost(config)#username Router1 password dialpassword dialhost(config)#interface BRI0/0 dialhost(config-if)#no ip address dialhost(config-if)#encapsulation ppp dialhost(config-if)#dialer pool-member 1 dialhost(config-if)#isdn switch-type basic-ni dialhost(config-if)#isdn point-to-point-setup dialhost(config-if)#isdn spid1 800555123400 5551234 dialhost(config-if)#isdn spid2 800555123500 5551235 dialhost(config-if)#ppp authentication chap dialhost(config-if)#ppp multilink dialhost(config-if)#exit dialhost(config)#interface Dialer1 dialhost(config-if)#no ip address dialhost(config-if)#encapsulation ppp dialhost(config-if)#dialer idle-timeout 300 dialhost(config-if)#dialer-group 1 dialhost(config-if)#no peer default ip address dialhost(config-if)#ppp authentication chap dialhost(config-if)#ppp multilink dialhost(config-if)#exit dialhost(config)#access-list 101 deny eigrp any any dialhost(config)#access-list 101 permit ip any any dialhost(config)#dialer-list 1 protocol ip list 101 dialhost(config)#router eigrp 55 dialhost(config-router)#network 10.0.0.0 dialhost(config-router)#exit dialhost(config)#interface Loopback1 dialhost(config-if)#ip address 10.1.99.1 255.255.255.0 dialhost(config-if)#exit dialhost(config)#interface Virtual-Template1 dialhost(config-if)#ip unnumbered Loopback1 dialhost(config-if)#encapsulation ppp dialhost(config-if)#ppp authentication chap dialhost(config-if)#ppp multilink dialhost(config-if)#ppp multilink load-threshold 50 either dialhost(config-if)#exit dialhost(config)#virtual-profile virtual-template 1 dialhost(config)#end dialhost#

Discussion

Virtual templates allow you to dynamically create virtual interfaces for dial purposes as they are required. This is only a benefit on routers that need to support several simultaneous connections, particularly when these connections are spread across several physical interfaces. So the ideal situation for using this configuration is a central dialup host router for a large enterprise WAN. Virtual templates are also useful in networks where large numbers of remote users dial in for access, such as in Internet Service Provider (ISP) networks.

Virtual templates are also useful in Frame Relay and ATM networks, where you can configure dynamic Switched Virtual Circuit (SVC) connections. And you can also use virtual templates for Permanent Virtual Circuit (PVC) connections when you need to use a nonstandard Layer 2 encapsulation such as PPP. We discuss these scenarios further in Chapters 10 and 16.

Compare this recipe to Recipe 13.2, where we first introduced the idea of a dialer interface to support multiple connections. In this case, our physical interface is an ISDN BRI, rather than a PRI, but in either case you could use one or several interfaces of any type that supports dialing. The first difference you should notice is that we have not configured an IP address on the Dialer interface:

dialhost(config)#interface Dialer1 dialhost(config-if)#no ip address

This is because we intend to dynamically generate virtual interfaces, which will hold the IP address information. In fact, we have created a new Loopback interface to carry the IP address for all of these virtual interfaces:

dialhost(config)#interface Loopback1 dialhost(config-if)#ip address 10.1.99.1 255.255.255.0 dialhost(config-if)#exit dialhost(config)#interface Virtual-Template1 dialhost(config-if)#ip unnumbered Loopback1 dialhost(config-if)#encapsulation ppp dialhost(config-if)#ppp authentication chap dialhost(config-if)#ppp multilink dialhost(config-if)#ppp multilink load-threshold 50 either dialhost(config-if)#exit

The configuration of the Virtual-Template interface includes all of the relevant PPP and IP information, including configuration for PPP multilink. The router will clone this Virtual-Template to create new virtual access interfaces as it needs them. Some of these virtual accesses may use PPP multilink so span several physical interfaces, so we need to include this configuration here.

Then we need to use the virtual-profile command to allow the router to use this template whenever it needs to dynamically create interfaces:

dialhost(config)#virtual-profile virtual-template 1

The final argument to this command, 1, specifies the Virtual-Template1 interface configuration.

This router can now dynamically create virtual access interfaces as it requires them. Look at the output of the show ip interface brief command when there are no calls connected:

dialhost#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.5.12 YES NVRAM up up Serial0/0 unassigned YES NVRAM administratively down down BRI0/0 unassigned YES NVRAM up up BRI0/0:1 unassigned YES unset down down BRI0/0:2 unassigned YES unset down down Virtual-Access1 unassigned YES unset down down Virtual-Template1 10.1.99.1 YES TFTP down down Dialer1 unassigned YES NVRAM up up Loopback0 192.168.57.12 YES NVRAM up up Loopback1 10.1.99.1 YES NVRAM up up dialhost#

After we bring up remote dial connection, you can see that the router has dynamically generated a new interface called Virtual-Access2:

dialhost#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 192.168.5.12 YES NVRAM up up Serial0/0 unassigned YES NVRAM administratively down down BRI0/0 unassigned YES NVRAM up up BRI0/0:1 unassigned YES unset up up BRI0/0:2 unassigned YES unset down down Virtual-Access1 unassigned YES unset down down Virtual-Template1 10.1.99.1 YES TFTP down down Virtual-Access2 10.1.99.1 YES TFTP up up Dialer1 unassigned YES NVRAM up up Loopback0 192.168.57.12 YES NVRAM up up Loopback1 10.1.99.1 YES NVRAM up up dialhost#

You can use the show vtemplate command to get additional information and statistics on your virtual templates:

dialhost#show vtemplate Virtual access subinterface creation is globally enabled Active Active Subint Pre-clone Pre-clone Interface Interface Subinterface Capable Available Limit Type --------- ------------ ------- --------- --------- --------- Vt1 1 0 Yes -- -- Serial Usage Summary Interface Subinterface --------- ------------ Current Serial in use 2 0 Current Serial free 1 1 Current Ether in use 0 0 Current Ether free 0 0 Current Tunnel in use 0 0 Current Tunnel free 0 0 Total 3 1 Cumulative created 6 8 Cumulative freed 3 8 Base virtual access interfaces: 1 Total create or clone requests: 4 Cancelled create or clone requests: 0 Current request queue size: 0 Current free pending: 0 Current recycle pending: 0 Maximum request duration: 8 msec Average request duration: 4 msec Last request duration: 8 msec Maximum processing duration: 8 msec Average processing duration: 4 msec Last processing duration: 8 msec dialhost#

This output shows that there is currently one virtual template clone in use, and that the router has created such cloned interfaces four times since it last booted. The structure of this output varies drastically, depending on which IOS version and feature set you have installed in your router. The above example shows a Version 12.4 IP Base image.

See Also

Chapters 10 and 16; Recipe 13.2