长距离以太网 (LRE) 和数字用户线 (xDSL) : 非对称数字用户线 (ADSL)

配置 Cisco 1700/2600/3600 ADSL WIC 作为使用 NAT 的 PPPoE 客户端

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 22 日) | 反馈


目录


简介

Cisco 1700、2600 和 3600 系列路由器支持非对称数字用户线 (ADSL) WAN 接口卡 (WIC)。全部三平台根本配置同样。然而,有差异在硬件方面和在为每一个要求的思科IOS�软件版本。在本文中, Cisco 1700、2600及3600呼叫“Cisco ADSL WIC”。

先决条件

要求

本文档没有任何特定的要求。

使用的组件

本文档中的信息基于以下软件和硬件版本:

  • Cisco 6400 UAC-NRP IOS软件版本12.1(3)DC1

  • Cisco 6400 UAC-NSP IOS软件版本12.1(3)DB

  • Cisco 6130 DSLAM-NI2 IOS软件版本12.1(5)DA

要支持在Cisco2600/3600上的ADSL WIC,需要这些硬件: :

2600 3600
机箱WIC槽 NM-1FE1R2W
NM-2W NM-1FE2W
  NM-2FE2W
  NM-2W

重要信息:对于Cisco3600,此硬件不支持ADSL WIC :

  • NM-1E1R2W

  • NM-1E2W

  • NM-2E2W

为支持 ADSL WIC,至少需要以下思科 IOS 软件版本:

  • Cisco IOS软件版本12.1(5)yb (仅加强版本)在Cisco2600/3600

  • Cisco IOS软件版本IOS 12.1(3)XP或以上(仅加强版本或ADSL功能集)在Cisco 1700。ADSL特性集可以通过镜像名中的"y7"来识别。例如, c1700-sy7-mz.121-3.XP.bin。

  • 当您下载Cisco 1700的时镜像,请确保您选择镜像名称1700。不要下载1720或1750镜像。这些功能不支持ADSL WIC。

要支持以太网点对点协议(PPPoE),您必须有ADSL+PLUS特性组。ADSL专用属性集不支持在Cisco 1700的PPPoE。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

背景信息

在Cisco IOS软件版本12.1(3)XG, PPPoE客户端功能为Cisco ADSL WIC介绍。此功能允许PPPoE功能被移动到路由器。多台PC可以在Cisco ADSL WIC后安装。在他们的流量发送给PPPoE会话前,可以加密,过滤,等等。并且,网络地址转换(NAT)能运行。

本文显示在异步传输模式(ATM)接口配置的PPPoE客户端(DSL接口) Cisco ADSL WIC。

Cisco 6400节点路由处理器(NRP)的配置也可用在作为带有ATM接口的聚集器的路由器上。

配置

此部分提供本文描述的功能的配置信息。

注意: 要寻找关于本文中指令的其他信息,请使用命令查找工具(注册用户)。

网络图

本文档使用以下网络设置:

/image/gif/paws/12964/wicadsl_pppoe_client.gif

配置

PPPoE在Cisco ADSL WIC配置用虚拟专用拨号网络(VPDN)命令。保证您首先配置这些命令。

注意: 关于如何更改最大传输单元(MTU)的大小的信息,参考在PPPoE拨入连通性的故障排除MTU大小

本文档使用以下配置:

Cisco ADSL WIC
!
vpdn enable
no vpdn logging
!
vpdn-group pppoe
  request-dialin

!--- You are the PPPoE client that asks to establish a session
!--- with the aggregation unit (6400 NRP). These VPDN commands
!--- are not needed with Cisco IOS Software Release 12.2(13)T
!--- or later.

   protocol pppoe
!

!--- Internal Ethernet network.

!
interface FastEthernet0
 ip address 10.92.1.182 255.255.255.0
 ip nat inside

!--- DSL interface.

!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 bundle-enable
 dsl operating-mode auto
 hold-queue 224 in

!--- All defaults.
!--- PPPoE runs on top of AAL5SNAP. However, the
!--- encap aal5snap command is not used.

!
interface ATM0.1 point-to-point
 pvc 1/1
  pppoe-client dial-pool-number 1

!--- pvc 1/1 is an example value that must be changed to match
!--- the value used by the ISP.

 !

!--- The PPPoE client code ties into a dialer interface upon
!--- which a virtual-access interface is cloned.

!
interface Dialer1
 ip address negotiated
 ip mtu 1492

!--- Ethernet MTU default = 1500 (1492 + PPPoE headers = 1500)

 ip nat outside
 encapsulation ppp
 dialer pool 1

!--- Ties to the ATM interface.

 ppp authentication chap callin
 ppp chap hostname <username>
 ppp chap password <password>
!

!--- The ISP instructs you about the type of authentication
!--- to use.
!--- To change from PPP Challenge Handshake Authentication
!--- Protocol (CHAP) to PPP Password Authentication Protocol
!--- (PAP), replace these three lines:
!---    ppp authentication chap callin
!---    ppp chap hostname <username>
!---    ppp chap password <password>
!--- with these two lines:
!---    ppp authentication pap callin
!---    ppp pap sent-username <username> password <password>
!--- For NAT, overload on the Dialer1 interface and add a
!--- default route out, because the dialer IP address can
!--- change.

ip nat inside source list 1 interface Dialer1 overload 
ip classless 
ip route 0.0.0.0 0.0.0.0 dialer1 
no ip http server 
! 
access-list 1 permit 10.92.1.0 0.0.0.255 

!--- For NAT. 

! 

Cisco 6400
Cisco 6400 ***
local ppp user

!--- You can also use aaa.

username <username> password <password>

!--- Begin with the VPDN commands. Notice that you bind the
!--- PPPoE here to a virtual-template, instead of on the ATM
!--- interface. You can not (at this time) use more than one 
!--- virtual-template (or VPDN group) for PPPoE beginning with
!--- the VPDN commands.

vpdn enable
no vpdn logging
!
vpdn-group pppoe
 accept-dialin

!--- PPPoE server mode.

  protocol pppoe
  virtual-template 1
!
!
interface ATM0/0/0
 no ip address
 no atm ilmi-keepalive
 hold-queue 500 in

!--- The binding to the virtual-template interface is
!--- configured in the VPDN group.

!
interface ATM0/0/0.182 point-to-point
 pvc 1/82
  encapsulation aal5snap

!--- This needs the command on the server side.

  protocol pppoe
 !
!

!--- Virtual-template is used instead of dialer interface.

!
interface Virtual-Template1
 ip unnumbered Loopback10
 ip mtu 1492
 peer default ip address pool ippool
 ppp authentication chap
!
!
interface Loopback10
 ip address 8.8.8.1 255.255.255.0
!
ip local pool ippool 9.9.9.1 9.9.9.5

验证

当前没有可用于此配置的验证过程。

故障排除

使用本部分可排除配置故障。

命令输出解释程序仅限注册用户)(OIT) 支持某些 show 命令。使用 OIT 可查看对 show 命令输出的分析。

注意: 使用 debug 命令之前,请参阅有关 Debug 命令的重要信息

调试PPPoE客户端

要调试Cisco ADSL WIC或Cisco 6400的PPPoE客户端,您必须考虑协议栈。您能在底部开始排除故障。

  1. DSL物理层:

    确保线路是上和培训。

    show interface atm0
    ATM0 is up, line protocol is up
      Hardware is PQUICC_SAR (with Alcatel ADSL Module)
    
    show dsl interface atm0
    
    !--- Look for “Showtime” in the first few lines.
    
    ATU-R (DS)
    ATU-C (US)
    Modem Status:    Showtime (DMTDSL_SHOWTIME)
    
  2. ATM层:

    如果ATM接口是UP,请发出debug atm packet命令发现任何是否自ISP进来。

    注意: 您看不到输出数据包用此命令由于方式数据包处理。

    您需要发现输出类似于此,与同一个类型, SAP, CTL,并且显示该流入的ATM信息包的OUI字段是AAL5SNAP :

    debug atm packet
    03:21:32: ATM0(I):
    VCD:0x2 VPI:0x1 VCI:0x1 Type:0x0 SAP:AAAA CTL:03 OUI:0080C2 TYPE:0007 Length:0x30
    03:21:32: 0000 0050 7359 35B7 0001 96A4 84AC 8864 1100 0001 000E C021 09AB 000C 0235
    03:21:32: 279F 0000 0000
    03:21:32:
  3. 以太网层:

    完整以太网帧在AAL5SNAP数据包。debug ethernet packet命令。然而,您需要执行一些VPDN调试(Cisco IOS软件版本12.2(13)T的PPPoE调试或以上)发现PPPoE帧。

    供参考,是的以太网帧PPPoE帧包含这两以太网类型之一:

    • 0x8863以太网类型= PPPoE控制信息包(处理PPPoE会话)

    • 0x8864以太网类型= PPPOE信息包(包含PPP数据包)

    一重要提示是有PPPoE的两会话。PPPoE会话,是VPDN L2TP类型会话和PPP会话。为了设立PPPoE,您有一个PPPoE会话建立阶段和一个PPP会话建立阶段。

    终端通常介入一个PPP终止阶段和一个PPPoE终止阶段。

    PPPoE建立阶段识别PPPoE客户端和服务器(MAC地址)并且分配会话ID。在那完成后,正常PPP建立出现正如其他PPP连接。

    调试,使用VPDN PPPoE调试(Cisco IOS软件版本12.2(13)T的PPPoE调试或以上)确定PPPoE连接阶段是否是成功的。

    #debug vpdn pppoe-events (debug pppoe events)
    06:17:58: Sending PADI: vc=1/1
    
    !--- A broadcast Ethernet frame (in this case encapsulated in ATM)
    !--- requests a PPPoE server, “Are there any PPPoE servers out there?”
    
    06:18:00:  PPPOE: we've got our pado and the pado timer went off
    
    !--- This is a unicast reply from a PPPoE server
    !--- (very similar to a DHCP offer).
    
    06:18:00: OUT PADR from PPPoE tunnel
    
    !--- This is a unicast reply that accepts the offer.
    
    06:18:00: IN PADS from PPPoE tunnel
    
    !--- This is a confirmation and completes the establishment.
    
    

    PPP建立开始作为其他PPP开始。在PPPoE会话建立后,请发出show vpdn命令(请显示Cisco IOS软件版本12.2(13)T的pppe会话或以后)得到状态。

    # show vpdn (show pppoe session)
    %No active L2TP tunnels
    %No active L2F tunnels
    
    PPPoE Tunnel and Session Information Total tunnels 1 sessions 1
    
    PPPoE Tunnel Information
    
    Session count: 1
    
    PPPoE Session Information
    SID      RemMAC          LocMAC      Intf    VASt   OIntf   VC
    1    0050.7359.35b7  0001.96a4.84ac  Vi1     UP     AT0     11
    

    通过show vpdn session all (请显示PPPoE会话全部)命令获得信息包计数信息。

    show vpdn session all (show pppoe session all)
    %No active L2TP tunnels
    %No active L2F tunnels
    
    PPPoE Session Information Total tunnels 1 sessions 1
    
    session id: 1
    local MAC address: 0001.96a4.84ac, remote MAC address: 0050.7359.35b7
    virtual access interface: Vi1, outgoing interface: AT0, vc: 1/1
        1656 packets sent, 1655 received, 24516 bytes sent, 24486 received
    

    其它调试命令:

    • debug vpdn pppoe-data (debug pppoe数据)

    • debug vpdn pppoe-error (debug pppoe错误)

    • debug vpdn pppoe数据包(debug pppoe数据包)

  4. PPP层:

    在PPPoE会话建立后, PPP调试是相同的为其他PPP建立。

    使用同样debug ppp negotiationdebug ppp authentication指令。以下是示例输出。

    注意: 在此示例,主机名是“client1”。远程Cisco 6400的名称是“nrp-b”。

    06:36:03: Vi1 PPP: Treating connection as a callout
    06:36:03: Vi1 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load]
    06:36:03: Vi1 PPP: No remote authentication for call-out
    06:36:03: Vi1 LCP: O CONFREQ [Closed] id 1 len 10
    06:36:03: Vi1 LCP:    MagicNumber 0x03013D43 (0x050603013D43)
    06:36:03: Vi1 LCP: I CONFACK [REQsent] id 1 len 10
    06:36:03: Vi1 LCP:    MagicNumber 0x03013D43 (0x050603013D43)
    06:36:05: Vi1 LCP: I CONFREQ [ACKrcvd] id 2 len 15
    06:36:05: Vi1 LCP:    AuthProto CHAP (0x0305C22305)
    06:36:05: Vi1 LCP:    MagicNumber 0x65E315E5 (0x050665E315E5)
    06:36:05: Vi1 LCP: O CONFACK [ACKrcvd] id 2 len 15
    06:36:05: Vi1 LCP:    AuthProto CHAP (0x0305C22305)
    06:36:05: Vi1 LCP:    MagicNumber 0x65E315E5 (0x050665E315E5)
    06:36:05: Vi1 LCP: State is Open
    06:36:05: Vi1 PPP: Phase is AUTHENTICATING, by the peer [0 sess, 1 load]
    06:36:05: Vi1 CHAP: I CHALLENGE id 9 len 26 from "nrp-b"
    06:36:05: Vi1 CHAP: Using alternate hostname client1
    06:36:05: Vi1 CHAP: Username nrp-b not found
    06:36:05: Vi1 CHAP: Using default password
    06:36:05: Vi1 CHAP: O RESPONSE id 9 len 28 from "client1"
    06:36:05: Vi1 CHAP: I SUCCESS id 9 len 4
    06:36:05: Vi1 PPP: Phase is FORWARDING [0 sess, 1 load]
    06:36:05: Vi1 PPP: Phase is AUTHENTICATING [0 sess, 1 load]
    06:36:05: Vi1 PPP: Phase is UP [0 sess, 1 load]
    06:36:05: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
    06:36:05: Vi1 IPCP:    Address 0.0.0.0 (0x030600000000)
    06:36:05: Vi1 CDPCP: O CONFREQ [Closed] id 1 len 4
    06:36:05: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10
    06:36:05: Vi1 IPCP:    Address 8.8.8.1 (0x030608080801)
    06:36:05: Vi1 IPCP:    Address 8.8.8.1 (0x030608080801)
    06:36:05: Vi1 IPCP:    Address 9.9.9.2 (0x030609090902)
    06:36:05: Vi1 IPCP: O CONFREQ [ACKsent] id 2 len 10
    06:36:05: Vi1 IPCP:    Address 9.9.9.2 (0x030609090902)
    06:36:05: Vi1 LCP: I PROTREJ [Open] id 3 len 10 protocol CDPCP (0x820701010004)
    06:36:05: Vi1 CDPCP: State is Closed
    06:36:05: Vi1 IPCP: I CONFACK [ACKsent] id 2 len 10
    06:36:05: Vi1 IPCP:    Address 9.9.9.2 (0x030609090902)
    06:36:05: Vi1 IPCP: State is Open
    06:36:05: Di1 IPCP: Install negotiated IP interface address 9.9.9.2
    06:36:05: Di1 IPCP: Install route to 8.8.8.1
    06:36:06: %LINEPROTO-5-UPDOWN: Line protocol on
    Interface Virtual-Access1, changed state to up

调试PPPoE服务器

要调试Cisco 6400 (PPPoE服务器),请使用使用Cisco ADSL WIC的同一个自上而上的过程(客户端)。差异在DSL物理层,您需要检查DSLAM。

  1. DSL物理层:

    检查DSL物理层,您需要查看DSLAM上的DSL统计数据。对于Cisco DSLAMs,请发出show dsl interface命令

  2. ATM层:

    在Cisco 6400侧,您能也发出debug atm packet命令。启用特定PVC的Cisco 6400。

    debug atm packet interface atm 0/0/0.182 vc 1/82
    

    您需要发现输出类似于此,与同一个类型, SAP, CTL,并且显示该流入的ATM信息包的OUI字段是AAL5SNAP :

    4d04h: ATM0/0/0.182(I):
    VCD:0x3 VPI:0x1 VCI:0x52 Type:0x900 SAP:AAAA CTL:03 OUI:0080C2 TYPE:0007 Length:0x30
    4d04h: 0000 0001 96A4 84AC 0050 7359 35B7 8864 1100 0001 000E C021 0A2E 000C 65E3
    4d04h: 15E5 0000 0000

    注意: 您看不到输出数据包用此命令由于方式数据包处理。

  3. 以太网层:

    同样VPDN显示命令,并且在Cisco ADSL WIC使用的调试在Cisco 6400可以用于查看PPPoE建立。

    # debug vpdn pppoe-events (debug pppoe events)
    4d04h: IN PADI from PPPoE tunnel
    
    4d04h: OUT PADO from PPPoE tunnel
    
    4d04h: IN PADR from PPPoE tunnel
    
    4d04h: PPPoE: Create session
    4d04h: PPPoE: VPN session created.
    
    4d04h: OUT PADS from PPPoE tunnel
    
    # show vpdn
    %No active L2TP tunnels
    %No active L2F tunnels
    
    PPPoE Tunnel and Session Information Total tunnels 1 sessions 1
    
    PPPoE Tunnel Information
    
    Session count: 1
    
    PPPoE Session Information
    SID        RemMAC          LocMAC       Intf    VASt   OIntf        VC
    1       0001.96a4.84ac  0050.7359.35b7  Vi4     UP     AT0/0/0 1    82
    
    # show vpdn session all
    
    nrp-b# show vpdn session all
    %No active L2TP tunnels
    %No active L2F tunnels
    
    PPPoE Session Information Total tunnels 1 sessions 1
    
    session id: 1
    local MAC address: 0050.7359.35b7, remote MAC address: 0001.96a4.84ac
    virtual access interface: Vi4, outgoing interface: AT0/0/0, vc: 1/82
        30 packets sent, 28 received, 422 bytes sent, 395 received
    

    其它调试命令:

    • debug vpdn pppoe-data (debug pppoe数据)

    • debug vpdn pppoe-error (debug pppoe错误)

    • debug vpdn pppoe数据包(debug pppoe数据包)

  4. PPP层:

    这是对应于从Cisco ADSL WIC的更早的调试从Cisco 6400的PPP debug输出:

    debug ppp negotiation and debug ppp authentication
    4d04h: Vi2 PPP: Treating connection as a dedicated line
    4d04h: Vi2 PPP: Phase is ESTABLISHING, Active Open [0 sess, 1 load]
    4d04h: Vi2 LCP: O CONFREQ [Closed] id 1 len 15
    4d04h: Vi2 LCP:    AuthProto CHAP (0x0305C22305)
    4d04h: Vi2 LCP:    MagicNumber 0x65F62814 (0x050665F62814)
    4d04h: Vi2 LCP: I CONFREQ [REQsent] id 1 len 10
    4d04h: Vi2 LCP:    MagicNumber 0x03144FF9 (0x050603144FF9)
    4d04h: Vi2 LCP: O CONFACK [REQsent] id 1 len 10
    4d04h: Vi2 LCP:    MagicNumber 0x03144FF9 (0x050603144FF9)
    4d04h: Vi3 LCP: I ECHOREQ [Open] id 60 len 8 magic 0xA60C0000
    4d04h: Vi3 LCP: O ECHOREP [Open] id 60 len 8 magic 0x51A0BEF6
    4d04h: Vi2 LCP: TIMEout: State ACKsent
    4d04h: Vi2 LCP: O CONFREQ [ACKsent] id 2 len 15
    4d04h: Vi2 LCP:    AuthProto CHAP (0x0305C22305)
    4d04h: Vi2 LCP:    MagicNumber 0x65F62814 (0x050665F62814)
    4d04h: Vi2 LCP: I CONFACK [ACKsent] id 2 len 15
    4d04h: Vi2 LCP:    AuthProto CHAP (0x0305C22305)
    4d04h: Vi2 LCP:    MagicNumber 0x65F62814 (0x050665F62814)
    4d04h: Vi2 LCP: State is Open
    4d04h: Vi2 PPP: Phase is AUTHENTICATING, by this end [0 sess, 1 load]
    4d04h: Vi2 CHAP: O CHALLENGE id 10 len 26 from "nrp-b"
    4d04h: Vi2 CHAP: I RESPONSE id 10 len 28 from "client1"
    4d04h: Vi2 PPP: Phase is FORWARDING [0 sess, 1 load]
    4d04h: Vi2 PPP: Phase is AUTHENTICATING [0 sess, 1 load]
    4d04h: Vi2 CHAP: O SUCCESS id 10 len 4
    4d04h: Vi2 PPP: Phase is UP [0 sess, 1 load]
    4d04h: Vi2 IPCP: O CONFREQ [Closed] id 1 len 10
    4d04h: Vi2 IPCP:    Address 8.8.8.1 (0x030608080801)
    4d04h: Vi2 IPCP: I CONFREQ [REQsent] id 1 len 10
    4d04h: Vi2 IPCP:    Address 0.0.0.0 (0x030600000000)
    4d04h: Vi2 IPCP: Pool returned 9.9.9.2
    4d04h: Vi2 IPCP: O CONFNAK [REQsent] id 1 len 10
    4d04h: Vi2 IPCP:    Address 9.9.9.2 (0x030609090902)
    4d04h: Vi2 CDPCP: I CONFREQ [Not negotiated] id 1 len 4
    4d04h: Vi2 LCP: O PROTREJ [Open] id 3 len 10 protocol CDPCP (0x820701010004)
    4d04h: Vi2 IPCP: I CONFACK [REQsent] id 1 len 10
    4d04h: Vi2 IPCP:    Address 8.8.8.1 (0x030608080801)
    4d04h: Vi2 IPCP: I CONFREQ [ACKrcvd] id 2 len 10
    4d04h: Vi2 IPCP:    Address 9.9.9.2 (0x030609090902)
    4d04h: Vi2 IPCP: O CONFACK [ACKrcvd] id 2 len 10
    4d04h: Vi2 IPCP:    Address 9.9.9.2 (0x030609090902)
    4d04h: Vi2 IPCP: State is Open
    4d04h: Vi2 IPCP: Install route to 9.9.9.2
    4d04h: %LINEPROTO-5-UPDOWN: Line protocol on Interface
    Virtual-Access2, changed state to up

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 12964