Cisco Active Network Abstraction Technology Support and Information Model Reference Manual, 3.6.5
Layer 2 Tunnel Protocol (L2TP)
Downloads: This chapterpdf (PDF - 130.0KB) The complete bookPDF (PDF - 1.89MB) | Feedback

Layer 2 Tunnel Protocol (L2TP)

Table Of Contents

Layer 2 Tunnel Protocol (L2TP)

Technology Description

L2TP

Inventory and Information Model Objects (IMOs)

Layer 2 Tunnel Protocol Interface

Layer 2 Tunnel Protocol Session Entry

Vendor-Specific Inventory and Information Model Objects

Redback's Layer 2 Tunnel Protocol Peer

Redback's Layer 2 Tunnel Protocol Group

Redback's Layer 2 Tunnel Protocol Domain Entry

Network Topology

Service Alarms


Layer 2 Tunnel Protocol (L2TP)


This chapter describes the level of support that Cisco ANA provides for L2TP, as follows:

Technology Description

Inventory and Information Model Objects (IMOs)

Vendor-Specific Inventory and Information Model Objects

Network Topology

Service Alarms


Note L2TP technology for Cisco devices is currently not supported.


Technology Description

L2TP

L2TP acts like a Data Link layer (Layer 2) protocol for tunneling network traffic between two peers over an existing network (usually the Internet). The two endpoints of an L2TP tunnel are the initiator of the tunnel, the L2TP Access Concentrator (LAC), and the L2TP Network Server (LNS), which waits for new tunnels. Once a tunnel is established, the network traffic between the peers is bidirectional.

L2TP is in fact a Session Layer (Layer 5) protocol, as the entire L2TP packet is sent within a UDP datagram, while it is common to carry Point-to-Point Protocol (PPP) sessions within an L2TP tunnel. L2TP does not by itself provide confidentiality or strong authentication. IPsec is often used to secure L2TP packets by providing confidentiality, authentication and integrity.

Inventory and Information Model Objects (IMOs)

This section describes the following IMOs:

Layer 2 Tunnel Protocol Interface (IL2TPTunnel)

Layer 2 Tunnel Protocol Session Entry (IL2TPSessionEntry)

Layer 2 Tunnel Protocol Interface

The following Layer 2 Tunnel Protocol Interface object represents one edge of an L2TP Tunnel. It aggregates multiple Layer 2 Tunnel Protocol Session Entries, which it is bound to by its Session Table attributes, while being aggregated by a Layer 2 Tunnel Protocol Peer, from which it is created or cloned.

Table 8-1 Layer 2 Tunnel Protocol Interface (IL2TPTunnel)

Attribute Name
Attribute Description
Scheme
Polling Interval

Local and Remote Tunnel Identifications

Local and remote tunnel identifications

Product

Configuration

Local and Remote Tunnel Names

Local and remote tunnel names

Product

Configuration

Remote Address

Remote IP address

Product

Configuration

Control Errors

Control errors count

Product

Configuration

Last Error Code

Last error code value which cause tunnel disconnection

Product

Configuration

Tunnel State

Tunnel state (Unknown, Idle, Connecting, Established, Disconnecting)

Product

Configuration

Sessions Count

Current sessions count

Product

Configuration

Sessions Table

Array of Layer 2 Tunnel Protocol Session Entries

Product

Configuration


Layer 2 Tunnel Protocol Session Entry

The following Layer 2 Tunnel Protocol Session Entry object represents a session within an L2TP Tunnel. It is primarily accessed by the Layer 2 Tunnel Protocol Interface in which it is contained.

Table 8-2 Layer 2 Tunnel Protocol Session Entry (IL2TPSessionEntry)

Attribute Name
Attribute Description
Scheme
Polling Interval

Local and Remote Session Identifications

Local and remote session identifications

Product

Configuration

Subscriber Name

Subscriber name

Product

Configuration

Session Type

Session type (Unknown, LAC, LNS)

Product

Configuration

Session State

Session state (Unknown, Idle, Connecting, Established, Disconnecting)

Product

Configuration

Input and Output Data Counters

Input and output data octets and packets counters

Product

Configuration


Vendor-Specific Inventory and Information Model Objects

Vendor-specific Information Model Objects are implemented only for specific devices of the vendor.

The following sections describe the objects of specific vendors:

Redback's Layer 2 Tunnel Protocol Peer

Redback's Layer 2 Tunnel Protocol Group

Redback's Layer 2 Tunnel Protocol Domain Entry

Redback's Layer 2 Tunnel Protocol Peer

Redback's Layer 2 Tunnel Protocol Peer object describes a logical component, aggregating multiple Layer 2 Tunnel Protocol Interfaces with their configuration, which it is being bound to by its Logical Sons attribute. It is used primarily for managing the creation of L2TP Tunnels.

Table 8-3 Redback's Layer 2 Tunnel Protocol Peer (IL2TPPeer)

Attribute Name
Attribute Description
Scheme
Polling Interval

Local and Peer Addresses

Local and peer IP addresses

Product

Configuration

Local and Peer Names

Local and peer names

Product

Configuration

Tunnel Type

Tunnel type (Unknown, LAC, LNS)

Product

Configuration

Tunnel Mode

Tunnel mode (Null, Static, Dynamic)

Product

Configuration

Maximum and Current Tunnels Counts

Maximum and current tunnel counts

Product

Configuration

Maximum and Current Sessions Counts

Maximum and current session counts

Product

Configuration

Session Authentication Type

Session authentication type (Null, None, Simple, Challenge)

Product

Configuration

Tunnel Password

Tunnel password for the authentication phase of the tunnel establishment

Product

Configuration

RADIUS Identification

Remote Authentication Dial In User Service (RADIUS) identification

Product

Configuration

Hello Time Interval

Time interval in which hello (keep-alive) packets should be sent

Product

Configuration

Control Errors

Control errors count

Product

Configuration

Media Type

Underlying media type (Null, Other, None, UDPLP, Frame Relay, ATM)

Product

Configuration

Group Identification

Object Identification (OID) of layer 2 tunnel protocol group (IL2TPGroup)

Product

Configuration

Domains Table

Array of Layer 2 Tunnel Protocol Domain Entries

Product

Configuration

Logical Sons

Array of aggregated Layer 2 Tunnel Protocol Interface

Product

N/A


Redback's Layer 2 Tunnel Protocol Group

Redback's Layer 2 Tunnel Protocol Group object describes a logical component, load balancing multiple Redback's Layer 2 Tunnel Protocol Peers, which are grouped by its Peer List attribute. It is aggregated by a Traffic Descriptor Container object.

Table 8-4 Redback's Layer 2 Tunnel Protocol Group (IL2TPGroup) 

Attribute Name
Attribute Description
Scheme
Polling Interval

Group Name

Layer 2 tunnel protocol group name

Product

Configuration

Tunnel Algorithm

Tunnel algorithm

Product

Configuration

Dead Time

Dead time

Product

Configuration

RADIUS Identification

Remote Authentication Dial In User Service (RADIUS) identification

Product

Configuration

Peers List

Array of Redback's Layer 2 Tunnel Protocol Peers

Product

Configuration

Domains Table

Array of Layer 2 Tunnel Protocol Domain Entries

Product

Configuration


Redback's Layer 2 Tunnel Protocol Domain Entry

Redback's Layer 2 Tunnel Protocol Domain Entry object describes an Internet Domain, in which members are allowed to open L2TP Sessions within L2TP Tunnels, aggregated by either L2TP Peers or further by L2TP Groups containing this domain. It is aggregated by a Traffic Descriptor Container object.

Table 8-5 Redback's Layer 2 Tunnel Protocol Domain Entry (IL2TPDomainEntry)

Attribute Name
Attribute Description
Scheme
Polling Interval

Domain Name

Layer 2 tunnel protocol domain name

Product

Configuration

Attached To Object

Object Identifier (OID) of either a Redback's Layer 2 Tunnel Protocol Peer or a Redback's Layer 2 Tunnel Protocol Group this domain is attached to

Product

Configuration


Network Topology

Cisco ANA does not support discovery or manual configuration of Layer 2 Tunnelling Protocol (L2TP) Data Link layer topology.

Service Alarms

Table 8-6 lists the L2TP technology alarms.

Table 8-6 LT2P Alarms Summary

Alarm
Severity
Description
Up Alarm

L2TP Peer Is Not Established

Major

The state of a statically configured L2TP tunnel is changed from "established" to anything else. Such a failure may be as the result of a configuration or network problem. The Up alarm is issued when this problem has been fixed.

L2TP Peer is Established

L2TP Peer Was Removed

Info

A dynamically configured L2TP tunnel was removed from a device. This alarm is not issued as a ticket, but it invokes a correlation flow and can be viewed in Cisco ANA EventVision. It also appears in the Cisco ANA NetworkVision application only if correlated to another alarm, such as Link Down or Port Down.

None

L2TP Sessions Count Exceeded

Major

The current percentage of the number of sessions in the L2TP peer has exceeded the maximum configurable threshold. The maximum number of sessions allowed for a single peer is defined by the L2TP peer and L2TP tunnel configuration parameters. The Up alarm when the current percentage of the number of sessions is below the configured threshold.

L2TP Sessions Count Returned to Normal


For detailed information about alarms and correlation, see the Cisco Active Network Abstraction 3.6.5 User Guide.