Defining Connection Access
DDR is commonly configured as a hub and spoke network, where remote sites dial a central site to exchange data. Depending on the needs, the central site can also be the one to contact the remote sites to retrieve data. Calls are initiated on a per need basis and are shut down once the transmission is terminated. Access Control Lists (ACLs) can be used to restrict which type of traffic is allowed to establish a connection. ACLs can be refined so that the interface is brought up only when the connection established matches a specific set of criteria. These specific criteria are essential to minimizing connections which would otherwise be initiated needlessly, thereby minimizing cost.
When using dynamic routing protocols to discover remote networks, it is crucial to configure interesting traffic accordingly; otherwise the connection will be initiated on every dynamic routing update. Depending on the protocol being used this could occur as often as once every 60 seconds. Additionally, it is equally crucial to filter out any native Ethernet traffic which would otherwise cause an unwanted connection to initialize.
ACLs can also restrict the establishment of a link depending on the destination host being contacted and the host trying to establish the connection. For example, if only certain users are to be allowed to establish connections, but all users should have intranet access, then ACLs can be configured so that only the computers of the select users are allowed access.
Furthermore, ACLs can be configured so that only connections to a specific destination will be initialized. For example, if a hypothetical user Alice wants to connect to a Destination X and a hypothetical User Bob wants to connect to Destination Y, but traffic to destination X is not considered interesting, then only Bob would be able to establish a WAN connection.
Interesting traffic can also be defined such that only SSH packets are allowed to establish the link. In that case, then all other packets trying to access valid destinations will be discarded. When configuring dynamic routing protocols to communicate over a DDR connection, their update packets must be classified as interesting traffic. Depending on the dynamic routing protocol being used, setting their updates as interesting traffic might cause the connection to be initialized often.
For example RIP v1, which updates every 30 seconds, would cause the connection to be initialized on every update. It is common to see static routes defined for these connections in order to avoid extra service charges. Other routing protocols such as Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) only send updates when a connection changes. These routing protocols are ideal for DDR and must be configured with "default-information originate" on a Cisco router.
Read more about this topic: Dial-on-demand Routing
Famous quotes containing the words defining, connection and/or access:
“The industrial world would be a more peaceful place if workers were called in as collaborators in the process of establishing standards and defining shop practices, matters which surely affect their interests and well-being fully as much as they affect those of employers and consumers.”
—Mary Barnett Gilson (1877–?)
“Much is made of the accelerating brutality of young people’s crimes, but rarely does our concern for dangerous children translate into concern for children in danger. We fail to make the connection between the use of force on children themselves, and violent antisocial behavior, or the connection between watching father batter mother and the child deducing a link between violence and masculinity.”
—Letty Cottin Pogrebin (20th century)
“Oh, the holiness of always being the injured party. The historically oppressed can find not only sanctity but safety in the state of victimization. When access to a better life has been denied often enough, and successfully enough, one can use the rejection as an excuse to cease all efforts. After all, one reckons, “they” don’t want me, “they” accept their own mediocrity and refuse my best, “they” don’t deserve me.”
—Maya Angelou (b. 1928)