长距离以太网 (LRE) 和数字用户线 (xDSL) : 非对称数字用户线 (ADSL)

使用以太网WIC作为PPPoE客户端用NAT的Cisco 1700路由器的配置和故障排除

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 23 日) | 反馈


目录


简介

本文显示如何配置Cisco 1700使用以太网广域网接口卡(WIC-1ENET)作为有网络地址转换(NAT)的一个以太网点对点协议(PPPoE)客户端。

先决条件

要求

本文档没有任何特定的要求。

使用的组件

本文档中的信息基于以下软件和硬件版本:

  • Cisco IOS�软件版本12.1(3) XT1或以上支持Cisco 1700 WIC-1ENET。

  • 对于此配置示例, Cisco 6400通用访问集中器-节点路由处理器(UAC-NRP)运行Cisco IOS软件版本12.1(3)dc1。

要支持PPPoE,您必须有ADSL+PLUS特性组。ADSL专用属性集不支持在Cisco 1700的PPPoE。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

背景理论

WIC-1ENET是为Cisco 1700系列路由器开发的10BASE-T卡。WIC-1ENET为Cisco 1700提供第二个以太网接口,帮助以所有数字用户线路DSL或有线调制解调器使用Cisco IOS软件各种功能。

PPPoE客户端功能允许将移动的PPPoE功能向路由器。多台PC可以在Cisco 1700快速以太网接口后安装,并且,在他们的流量发送给PPPoE会话前,可以加密,过滤,等等,并且NAT能运行。运行在路由器的PPPoE取消使用在PC。的PPPoE客户端软件需要

处理器要求

MPC860微处理器的Revision B5要求。此处理器用于在十一月被发运的所有Cisco 1700系列路由器21以后, 1999。开始与的Cisco 1700序列号制造了与式样MPC860 Revision B5微处理器。

日期代码被建立到序列号。格式是LLLYYWWSSSS, where:

  • LLL是单元被构建的位置。

  • YY是年单元被构建了(1997=01、1998=02、1999=03, 2000=04)。

  • WW是年的工作周单元被构建了。

  • SSSS是序列号。

处理器版本信息显示在启动。您能通过发出show version命令也验证处理器版本在Router-提示符。

内存要求

要运行支持思科WIC-1ENET的Cisco 1700 IOS镜像,路由器必须有最低限度的闪存和DRAM。关于在内存要求的详细信息每镜像的,参考Cisco 1700系列路由器的版本注释Cisco IOS版本12.1(3)XT1的

WIC-1ENET 限制和不支持的功能

  • 平台不支持除Cisco 1700之外, WIC-1ENET。

  • 支持仅双绞线RJ-45连接;没有Attachment Unit Interface (AUI)或BNC接口支持。

  • 没有自动协商(自适应)在半双工和全双工模式之间。

  • 当主机在ROMMON时, WIC-1ENET不可能用于TFTP文件下载。

  • 当在ROMmon模式时, WIC-1ENET没有由Cisco 1700认可。

  • 当前Cisco IOS软件在Cisco 1700的Slot0软件支持仅WIC-1ENET。

配置

本部分提供有关如何配置本文档所述功能的信息。

PPPoE客户端在Cisco 1700配置用虚拟专用拨号网络(VPDN)命令。(VPDN命令为Cisco IOS软件版本12.2(13)T不是需要的或以后。)确保您首先配置这些命令。

注意: 关于更改最大传输单元(MTU)的大小的信息,参考在PPPoE拨入连通性的故障排除MTU大小

网络图

本文档使用以下网络设置:

/image/gif/paws/12956/wic_1enet.gif

配置

本文档使用以下配置:

Cisco 1700
! 
vpdn enable 
no vpdn logging
! 
vpdn-group pppoe 
�request-dialin�� 

!--- The PPPoE client requests to establish�� 
!--- a session with the aggregation unit (6400 NRP).
!--- These VPDN commands are not needed with 
!--- Cisco IOS Software Release 12.2(13)T or later.

��protocol pppoe 
! 
int Dialer1
 ip address negotiated
 encapsulation ppp
 ip mtu 1492

!--- The Ethernet MTU is 1500 by default 
!--- (1492 + PPPoE headers = 1500).

 ip nat outside
 dialer pool 1

!--- This ties to interface Ethernet0.

 dialer-group 1
 ppp authentication chap callin
 ppp chap hostname <username>
ppp chap password <password>
!

!--- The ISP instructs you regarding 
!--- the type of authentication to use.
!--- To change from PPP Challenge Handshake Authentication 
!--- Protocol(CHAP) to PPP Password Authentication Protocol (PAP),
!--- replace these three lines:
!--- ppp authentication chap callin
!--- ppp chap hostname 
!--- ppp chap password 
!--- with these two lines:
!--- ppp authentication pap callin.

ppp pap sent-username <username> password <password>�

!
dialer-list 1 protocol ip permit
!

!--- This is the internal Ethernet network.

interface FastEthernet0
 ip address 10.0.0.1 255.255.255.0
 ip nat inside
!
interface Ethernet0
 pppoe enable
 pppoe-client dial-pool-number 1

!--- The PPPoE client code ties into a dialer 
!--- interface upon which a virtual-access 
!--- interface is cloned.

!

!--- For NAT, you overload on the 
!--- Dialer1 interface and add a default route
!--- out of the Dialer1 interface because
!--- the IP address can change.


ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 dialer1
no ip http server
!
dialer-list 1 protocol ip permit
access-list 1 permit 10.0.0.0 0.0.0.255

!--- This is for NAT.

!

Cisco 6400
*** local ppp user 

!--- Or, you can use AAA.

username <username> password <password>

!--- Begin with the VPDN commands. 
!--- Notice that you are binding the PPPoE here to 
!--- a virtual-template instead of on the ATM interface. 
!--- You cannot (at this time) use more than one 
!--- virtual-template (or VPDN group) for PPPoE� 
!--- beginning with the VPDN commands.

vpdn enable 
no vpdn logging 
! 
vpdn-group pppoe 
�accept-dialin 

!--- This is PPPoE server mode.

�protocol pppoe 
�virtual-template 1 
! 
! 
interface ATM0/0/0 
�no ip address 
�no atm ilmi-keepalive 
�hold-queue 500 in 

!--- The binding to the virtual-template 
!--- interface is configured in the VPDN group.

! 
interface ATM0/0/0.182 point-to-point 
�pvc 1/82 
��encapsulation aal5snap

!--- You need the command on the server side. 

� protocol pppoe 
�! 
! 

!--- Virtual-template is used instead of dialer interface. 

! 
interface Virtual-Template1 
�ip unnumbered Loopback10 
�ip mtu 1492 
�peer default ip address pool ippool 
�ppp authentication chap 
! 
! 
interface Loopback10 
�ip address 8.8.8.1 255.255.255.0 
! 
ip local pool ippool 9.9.9.1 9.9.9.5

验证

当前没有可用于此配置的验证过程。

调试 PPPoE 客户端

本部分提供的信息可用于对配置进行故障排除。

要调试Cisco 1700 (PPPoE客户端),您必须考虑协议栈。

  • Layer4 - PPP层

  • 第3层-以太网层

  • Layer2 - ATM层

  • 第1层- DSL物理层

您可能在底部排除故障开始处。因为DSL和ATM层发生在DSL客户端前置设备(CPE),您需要排除故障以太网和仅PPP层Cisco 1700的,如下所示。

以太网层

完整以太网帧在ATM适配第5层(AAL5)子网访问协议(SNAP)数据包。debug ethernet packet命令,但是您应该执行一些VPDN调试(Cisco IOS软件版本12.2(13)T的PPPoE调试或以上)发现PPPoE帧。

作为参考,实际是PPPoE帧的以太网帧包含二种以太网类型中的一种。

  • 0x8863以太网类型= PPPoE控制信息包(处理PPPoE会话)

  • 0x8864以太网类型= PPPOE信息包(包含PPP数据包)

一重要提示是有PPPoE的两会话:是VPDN Layer Two Tunneling Protocol的PPPoE会话(L2TP)-type会话和PPP会话。因此,设立PPPoE,有PPPoE会话建立阶段和PPP会话建立阶段。

终端通常介入一个PPP终止阶段和一个PPPoE终止阶段。

PPPoE建立阶段包括识别PPPoE客户端和服务器的MAC地址和分配会话ID。在那完成后,正常PPP建立出现正如其他PPP连接。

要调试,您能使用VPDN PPPoE调试(Cisco IOS软件版本12.2(13)T的PPPoE调试或以上)确定PPPoE连接阶段是否是成功的。

# debug vpdn pppoe-events (debug pppoe events)

06:17:58: Sending PADI: vc=1/1

!--- A broadcast Ethernet frame (in this case, encapsulated in ATM) 
!--- requests a PPPoE server, "Are there any PPPoE servers out there?" 


06:18:00:  PPPOE: we've got our pado and the pado timer went off 

!--- This is a unicast reply from a PPPoE server (very similar to 
!--- a DHCP offer).


06:18:00: OUT PADR from PPPoE tunnel

!--- This is a unicast reply accepting the offer.


06:18:00: IN PADS from PPPoE tunnel

!--- This is a confirmation that completes the establishment.

PPP建立在其他PPP开始当前开始,正如。在PPPoE会话建立后,您能发出show vpdn命令得到状态。

# show vpdn (show pppoe session)
%No active L2TP tunnels 
%No active L2F tunnels 

PPPoE Tunnel and Session Information Total tunnels 1 sessions 1

PPPoE Tunnel Information

Session count: 1

PPPoE Session Information
SID        RemMAC          LocMAC       Intf    VASt   OIntf    VC 
1       0050.7359.35b7  0001.96a4.84ac  Vi1     UP     AT0    1    1

使用show vpdn session all (请显示PPPoE会话全部)命令,您能获得信息包计数信息。

show vpdn session all (show pppoe session all)
%No active L2TP tunnels
%No active L2F tunnels

PPPoE Session Information Total tunnels 1 sessions 1

session id: 1
local MAC address: 0001.96a4.84ac, remote MAC address: 0050.7359.35b7 
virtual access interface: Vi1, outgoing interface: AT0, vc: 1/1 
    1656 packets sent, 1655 received, 24516 bytes sent, 24486 received

其它调试命令:

  • debug vpdn pppoe-data (debug pppoe数据)

  • debug pppoe-errors (debug pppoe错误)

  • debug pppoe-packets (debug pppoe数据包)

PPP 层

建立PPPoE会话之后,PPP调试与其他PPP建立模式相同。

使用同样debug ppp negotiationdebug ppp authentication指令。下面是一个输出示例:

注意: 在此示例,主机名是"client1",并且远程Cisco 6400的名称是“nrp-b”。

06:36:03: Vi1 PPP: Treating connection as a callout
06:36:03: Vi1 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load]
06:36:03: Vi1 PPP: No remote authentication for call-out
06:36:03: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
06:36:03: Vi1 LCP:��� MagicNumber 0x03013D43 (0x050603013D43) 
06:36:03: Vi1 LCP: I CONFACK [REQsent] id 1 len 10
06:36:03: Vi1 LCP:��� MagicNumber 0x03013D43 (0x050603013D43) 
06:36:05: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 15
06:36:05: Vi1 LCP:� ��AuthProto CHAP (0x0305C22305)
06:36:05: Vi1 LCP:��� MagicNumber 0x65E315E5 (0x050665E315E5) 
06:36:05: Vi1 LCP: O CONFACK [ACKrcvd] id 2 len 15
06:36:05: Vi1 LCP:��� AuthProto CHAP (0x0305C22305)
06:36:05: Vi1 LCP:��� MagicNumber 0x65E315E5 (0x050665E315E5) 
06:36:05: Vi1 LCP: State is Open
06:36:05: Vi1 PPP: Phase is AUTHENTICATING, by the peer [0 sess, 1 load]
06:36:05: Vi1 CHAP: I CHALLENGE id 9 len 26 from "nrp-b" 
06:36:05: Vi1 CHAP: Using alternate hostname client1
06:36:05: Vi1 CHAP: Username nrp-b not found
06:36:05: Vi1 CHAP: Using default password
06:36:05: Vi1 CHAP: O RESPONSE id 9 len 28 from "client1"
06:36:05: Vi1 CHAP: I SUCCESS id 9 len 4
06:36:05: Vi1 PPP: Phase is FORWARDING [0 sess, 1 load]
06:36:05: Vi1 PPP: Phase is AUTHENTICATING [0 sess, 1 load]
06:36:05: Vi1 PPP: Phase is UP [0 sess, 1 load]
06:36:05: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
06:36:05: Vi1 IPCP:��� Address 0.0.0.0 (0x030600000000)
06:36:05: Vi1 CDPCP: O CONFREQ [Closed] id 1 len 4
06:36:05: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10
06:36:05: Vi1 IPCP:��� Address 8.8.8.1 (0x030608080801)
06:36:05: Vi1 IPCP:��� Address 8.8.8.1 (0x030608080801)
06:36:05: Vi1 IPCP:��� Address 9.9.9.2 (0x030609090902)
06:36:05: Vi1 IPCP: O CONFREQ [ACKsent] id 2 len 10
06:36:05: Vi1 IPCP:� ��Address 9.9.9.2 (0x030609090902)
06:36:05: Vi1 LCP: I PROTREJ [Open] id 3 len 10 protocol CDPCP (0x820701010004) 
06:36:05: Vi1 CDPCP: State is Closed
06:36:05: Vi1 IPCP: I CONFACK [ACKsent] id 2 len 10
06:36:05: Vi1 IPCP:��� Address 9.9.9.2 (0x030609090902)
06:36:05: Vi1 IPCP: State is Open
06:36:05: Di1 IPCP: Install negotiated IP interface address 9.9.9.2
06:36:05: Di1 IPCP: Install route to 8.8.8.1
06:36:06: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access1, changed 
 state to up

调试 PPPoE 服务器

要调试Cisco 6400 (PPPoE服务器),您能使用用于Cisco 1700的同一个自上而上的过程(PPPoE客户端)。

  • Layer4 - PPP层

  • 第3层-以太网层

  • Layer2 - ATM层

  • 第1层- DSL物理层

差异是您当前排除故障在数字用户线路访问multiplier (DSLAM)的DSL层和在Cisco 6400的ATM层,如下所示。

DSL 物理层

检查DSL物理层,您需要查看DSLAM上的DSL统计数据。对于Cisco DSLAMs,可以使用show dsl interface命令

ATM 层

在Cisco 6400侧,您能也使用debug atm packet命令和为特定PVC启用Cisco 6400。

debug atm packet interface atm 0/0/0.182 vc 1/82 

您应该看到以下类似输出,同样的类型、SAP、CTL和OUI字段显示了流入的ATM信息包是AAL6SNAP。

4d04h: ATM0/0/0.182(I):
VCD:0x3 VPI:0x1 VCI:0x52 Type:0x900 SAP:AAAA CTL:03 OUI:0080C2 TYPE:0007 Length:0x30
4d04h: 0000 0001 96A4 84AC 0050 7359 35B7 8864 1100 0001 000E C021 0A2E 000C 65E3
4d04h: 15E5 0000 0000

注意: 您看不到输出数据包用此命令由于数据包处理的方法。

以太网层

同样VPDN显示,并且在Cisco 1700使用的调试指令在Cisco 6400可以用于查看PPPoE建立。

# debug vpdn pppoe-events (debug pppoe events)

4d04h: IN PADI from PPPoE tunnel

4d04h: OUT PADO from PPPoE tunnel

4d04h: IN PADR from PPPoE tunnel

4d04h: PPPoE: Create session
4d04h: PPPoE: VPN session created.

4d04h: OUT PADS from PPPoE tunnel


# show vpdn (show pppoe session)
%No active L2TP tunnels
%No active L2F tunnels

PPPoE Tunnel and Session Information Total tunnels 1 sessions 1

PPPoE Tunnel Information

Session count: 1
PPPoE Session Information
SID        RemMAC          LocMAC       Intf    VASt   OIntf    VC
1       0001.96a4.84ac  0050.7359.35b7  Vi4     UP     AT0/0/0 1   82


nrp-b# 
show vpdn session all (show pppoe session all)
%No active L2TP tunnels
%No active L2F tunnels

PPPoE Session Information Total tunnels 1 sessions 1
 
session id: 1
local MAC address: 0050.7359.35b7, remote MAC address: 0001.96a4.84ac
virtual access interface: Vi4, outgoing interface: AT0/0/0, vc: 1/82
    30 packets sent, 28 received, 422 bytes sent, 395 received

这些是其它调试命令:

  • debug vpdn pppoe-data (debug pppoe数据)

  • debug pppoe-errors (debug pppoe数据)

  • debug pppoe-packets (debug pppoe数据包)

PPP 层

这是对应于从Cisco 1700的更早的调试从Cisco 6400的一PPP debug输出

debug ppp negotiation and debug ppp authentication

4d04h: Vi2 PPP: Treating connection as a dedicated line 
4d04h: Vi2 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load] 
4d04h: Vi2 LCP: O CONFREQ [Closed] id 1 len 15 
4d04h: Vi2 LCP:��� AuthProto CHAP (0x0305C22305) 
4d04h: Vi2 LCP:��� MagicNumber 0x65F62814 (0x050665F62814) 
4d04h: Vi2 LCP: I CONFREQ [REQsent] id 1 len 10 
4d04h: Vi2 LCP:��� MagicNumber 0x03144FF9 (0x050603144FF9) 
4d04h: Vi2 LCP: O CONFACK [REQsent] id 1 len 10 
4d04h: Vi2 LCP:� ��MagicNumber 0x03144FF9 (0x050603144FF9) 
4d04h: Vi3 LCP: I ECHOREQ [Open] id 60 len 8 magic 0xA60C0000 
4d04h: Vi3 LCP: O ECHOREP [Open] id 60 len 8 magic 0x51A0BEF6 
4d04h: Vi2 LCP: TIMEout: State ACKsent 
4d04h: Vi2 LCP: O CONFREQ [ACKsent] id 2 len 15 
4d04h: Vi2 LCP:��� AuthProto CHAP (0x0305C22305) 
4d04h: Vi2 LCP:��� MagicNumber 0x65F62814 (0x050665F62814) 
4d04h: Vi2 LCP: I CONFACK [ACKsent] id 2 len 15 
4d04h: Vi2 LCP:��� AuthProto CHAP (0x0305C22305) 
4d04h: Vi2 LCP:��� MagicNumber 0x65F62814 (0x050665F62814) 
4d04h: Vi2 LCP: State is Open 
4d04h: Vi2 PPP: Phase is AUTHENTICATING, by this end [0 sess, 1 load] 
4d04h: Vi2 CHAP: O CHALLENGE id 10 len 26 from "nrp-b" 
4d04h: Vi2 CHAP: I RESPONSE id 10 len 28 from "client1" 
4d04h: Vi2 PPP: Phase is FORWARDING [0 sess, 1 load] 
4d04h: Vi2 PPP: Phase is AUTHENTICATING [0 sess, 1 load] 
4d04h: Vi2 CHAP: O SUCCESS id 10 len 4 
4d04h: Vi2 PPP: Phase is UP [0 sess, 1 load] 
4d04h: Vi2 IPCP: O CONFREQ [Closed] id 1 len 10 
4d04h: Vi2 IPCP:��� Address 8.8.8.1 (0x030608080801) 
4d04h: Vi2 IPCP: I CONFREQ [REQsent] id 1 len 10 
4d04h: Vi2 IPCP:��� Address 0.0.0.0 (0x030600000000) 
4d04h: Vi2 IPCP: Pool returned 9.9.9.2 
4d04h: Vi2 IPCP: O CONFNAK [REQsent] id 1 len 10 
4d04h: Vi2 IPCP: ���Address 9.9.9.2 (0x030609090902) 
4d04h: Vi2 CDPCP: I CONFREQ [Not negotiated] id 1 len 4 
4d04h: Vi2 LCP: O PROTREJ [Open] id 3 len 10 protocol CDPCP (0x820701010004) 
4d04h: Vi2 IPCP: I CONFACK [REQsent] id 1 len 10 
4d04h: Vi2 IPCP:��� Address 8.8.8.1 (0x030608080801) 
4d04h: Vi2 IPCP: I CONFREQ [ACKrcvd] id 2 len 10 
4d04h: Vi2 IPCP:��� Address 9.9.9.2 (0x030609090902) 
4d04h: Vi2 IPCP: O CONFACK [ACKrcvd] id 2 len 10 
4d04h: Vi2 IPCP:��� Address 9.9.9.2 (0x030609090902) 
4d04h: Vi2 IPCP: State is Open 
4d04h: Vi2 IPCP: Install route to 9.9.9.2 
4d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed 
 state to up

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 12956