Cisco IOS Broadband Access Aggregation and DSL Configuration Guide, Release 12.2SR
PPPoE Session Limit Local Override
Downloads: This chapterpdf (PDF - 151.0KB) | Feedback

PPPoE - Session Limit Local Override

Table Of Contents

PPPoE - Session Limit Local Override

Finding Feature Information

Contents

Information About PPPoE Session Limit Local Override

How PPPoE Session Limit Local Override Works

How to Configure PPPoE Session Limit Local Override

Enabling PPPoE Session Limit Local Override

Prerequisites

Restrictions

Configuration Examples for PPPoE Session Limit Local Override

Enabling PPPoE Session Limit Local Override: Example

Additional References

Related Documents

Standards

MIBs

Technical Assistance

Feature Information for PPPoE Session Limit Local Override


PPPoE - Session Limit Local Override


First Published: June 28, 2007
Last Updated: November 20, 2009

The PPP over Ethernet (PPPoE) Session Limit Local Override feature enables the session limit configured locally on the broadband remote access server (BRAS) or Layer2 Tunneling Protocol (L2TP) access concentrator (LAC) to override the per-NAS-port session limit downloaded from the RADIUS server when the preauthorization is enabled.

Finding Feature Information

Your software release may not support all of the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for PPPoE Session Limit Local Override" section.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Contents

Information About PPPoE Session Limit Local Override

How to Configure PPPoE Session Limit Local Override

Configuration Examples for PPPoE Session Limit Local Override

Additional References

Feature Information for PPPoE Session Limit Local Override

Information About PPPoE Session Limit Local Override

To configure the PPPoE Session Limit Local Override feature, you should understand the following

concept:

How PPPoE Session Limit Local Override Works

How PPPoE Session Limit Local Override Works

PPPoE session limits are downloaded from the RADIUS server when you enable preauthorization on the LAC using the subscriber access pppoe pre-authorize nas-port-id command. By enabling preauthorization, you limit the number of PPPoE sessions on a specific permanent virtual circuit (PVC) or VLAN; that is, the PPPoE per-NAS-port session limit downloaded from the RADIUS server takes precedence over locally configured (port-based) session limits, such as per-VC and per-VLAN session limits.

The PPPoE Session Limit Local Override feature enables the local session limit configured at the BRAS to override the per-NAS-port session limit configured at the RADIUS server when preauthorization is configured.


Note The PPPoE Session Limit Local Override feature is useful only when you have configured preauthorization on the BRAS or LAC.


To enable the PPPoE Session Limit Local Override feature, configure the sessions pre-auth limit ignore command under the broadband access (BBA) group associated with the interface. When the PPPoE Session Limit Local Override feature is enabled, the locally configured session limit is applied before PPP is started; that is before the BRAS sends out a PPPoE Active Discovery Offer (PADO) packet to the client, advertising a list of available services.

When preauthorization is configured without the PPPoE Session Limit Local Override feature enabled, the client receives an authentication failure response from the BRAS when there is no session limit downloaded from the RADIUS server and the locally configured session limit is exceeded. The BRAS waits to apply locally configured limits until PPP negotiation is completed. When a call is finally rejected, the client receives the authentication failure response, resulting in session failure, with no ability to distinguish whether the session failure results from a Challenge Handshake Authentication Protocol (CHAP) authentication failure or a PPPoE session limit having been exceeded. The PPPoE Session Limit Local Override feature allows for differentiation between the handling of per-NAS-port failures and session limiting failures.

If you enable the PPPoE Session Limit Local Override feature, but there are no locally configured per-port session limits, then per-NAS-port session limits downloaded from the RADIUS server are applied.

For more information on how to configure preauthorization and per-NAS-port session limit, see the Establishing PPPoE Session Limit per NAS Port document.

How to Configure PPPoE Session Limit Local Override

This section contains the following procedures:

Enabling PPPoE Session Limit Local Override

Enabling PPPoE Session Limit Local Override

Enable the PPPoE Session Limit Local Override feature to allow the local session limit configured on the BRAS to override the per-NAS-port session limit downloaded from the RADIUS server.

Prerequisites

The sessions pre-auth limit ignore command should have been configured under the broadband access (BBA) group associated with the interface.

Restrictions

If there are no locally configured per-port session limits, then per-NAS port session limits downloaded from the RADIUS server are applied.

SUMMARY STEPS

1. enable

2. configure terminal

3. bba-group pppoe group-name

4. sessions per-vc limit per-vc-limit

5. sessions pre-auth limit ignore

6. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

bba-group pppoe group-name

Example:

Router(config)# bba-group pppoe test

Creates a PPPoE profile and enters BBA group configuration mode.

group-name—Name of the PPPoE profile.

Step 4 

sessions per-vc limit per-vc-limit

Example:

Router(config-bba-group)# sessions per-vc limit 3

Limits the number of PPPoE sessions per VC in a PPPoE profile.

per-vc-limit—Maximum number of PPPoE sessions that can be established over an ATM PVC. The default is 100.

Step 5 

sessions pre-auth limit ignore

Example:

Router(config-bba-group)# sessions pre-auth limit ignore

Enables the PPPoE Session Limit Local Override feature. The locally configured limit overrides the per-NAS-port session limit configured at the RADIUS server.

Step 6 

end

Example:

Router(config-bba-group)# end

(Optional) Exits BBA group configuration mode and returns to privileged EXEC mode.

Configuration Examples for PPPoE Session Limit Local Override

Enabling PPPoE Session Limit Local Override: Example

Enabling PPPoE Session Limit Local Override: Example

The following example creates a PPPoE group named test, configures a limit of three sessions per VC, and enables the PPPoE Session Limit Local Override feature in bba-group configuration mode. The running configuration shows that the sessions pre-auth limit ignore command was used to enable this feature.

Router(config)# bba-group pppoe test
Router(config-bba-group)# sessions per-vc limit 3
Router(config-bba-group)# sessions pre-auth limit ignore 
.
.
!
bba-group pppoe test
virtual-template 2
sessions per-vc limit 3
sessions pre-auth limit ignore
!
.

Additional References

The following sections provide references related to the PPPoE Session Limit Local Override feature.

Related Documents

Related Topic
Document Title

Establishing PPPoE Session Limits per NAS Port

Cisco IOS Broadband Access Aggregation and DSL Configuration Guide


Standards

Standard
Title

None


MIBs

MIB
MIBs Link

None

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs


Technical Assistance

Description
Link

The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies.

To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.

Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.

http://www.cisco.com/techsupport


Feature Information for PPPoE Session Limit Local Override

Table 1 lists the features in this module and provides links to specific configuration information.

Only features that were introduced or modified in Cisco IOS Releases 12.2(1) or 12.0(3)S or a later release appear in the table.

Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.

Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.


Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.


Table 1 Feature Information for PPPoE Session Limit Local Override 

Feature Name
Releases
Feature Information

PPPoE Session Limit Local Override

12.4(15)T
12.2(33)SB
15.0(1)M
12.2(33)SRE

The PPPoE Session Limit Local Override feature enables the local session limit configured on the BRAS or LAC to override the per-NAS-port session limit downloaded from the RADIUS server when preauthorization is configured.

The following command was introduced by this feature: sessions pre-auth limit ignore

In Cisco IOS Release 12.2(33)SB, support was added for the Cisco 10000 router.