拨号和接入 : 虚拟专用拨号网络 (VPDN)

L2TP与多链路PPP的负载均衡和故障切换

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 22 日) | 反馈


目录


简介

本文描述使用负载均衡和故障切换的功能以多链路点对点协议(PPP)第2层隧道协议。

先决条件

要求

本文档的读者应掌握以下这些主题的相关知识:

  • 虚拟专用拨号网络(VPDN)

  • L2TP

  • PPP

  • PPP 多链路

使用的组件

本文档不限于特定的软件和硬件版本。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

背景

当运行在多同时PPP链路间时,多链路PPP允许拆分,再结合和定序数据包。在传输末端,多链路PPP提供单个数据包的分段到在多PPP链路间将传送的多个信息包。在接收末端,多链路PPP提供数据包从多PPP链路重新召集回到其原始信息包。要协商多链路,两对等体必须同意他们多链路支持,即,能组合多条物理链路到单个逻辑链接(经常被称为‘套件’)。用于的链路控制协议(LCP)选项表明对等体是启用的多链路是Max-Receive-Reconstructed-Unit (MRRU)。

下面的表在LCP协商最后阶段显示思科IOS�从两个已启用多链路设备的软件debug输出。正如你看到的两个发送包含MRRU选项的CONFACKS表明在此PPP会话期间,多链路将使用。端点分辨器也包括,虽然如此执行是不必要的。

注意: 端点分辨器可以用于命名多链路捆绑,虽然默认Cisco IOS软件行为是使用仅认证的用户名。

/image/gif/paws/23982/23982a.bmp

如果遇到L2TP接入集中器的情况(LAC)使用了负载均衡并且建立隧道多链路对等体的B信道对多个隧道终端,您看到多链路捆绑主控接口的每个LNS实例。对等体开始到分段的信息包并且在成员链接同时发送这些。每个LNS接收片段和尝试再结合,定序出故障,并且丢失的片段报告。结果,数据不可以通过。在这些情形中,有需求通知在关于连接多链路用户的状态的负载均衡涉及的其他LNSs。要执行此, LNS需要被放置到多机箱多链路PPP (MMP) ‘堆栈组’。MMP功能根据堆栈组竞标协议(SGBP)和第2层转发(L2F)多链路呼叫所有权的协议提供和投标在接受的呼叫之前。vpdn multihop命令要求允许从远程主机生成的数据包横断超过一个通道。

当LNS在完成验证之前时收到多链路呼叫,是命名对于多链路捆绑名称)的Cisco IOS软件默认的用户名远程(通过对SGBP。SGBP为查询在堆栈组内提供一机制一呼叫的现有所有权。如果接受呼叫的堆栈组成员不是现有所有者, SGBP使用一个命令过程解决所有权以堆叠的其他成员。投标是为特定用户,不是单个连接。默认情况下,收到第一个呼叫的堆栈组成员总是赢取命令过程并且控制所有后续呼叫所有权从该用户的。这是不管终止的LNS (由配置,更改SGBP出价进程的行为,影响是可能的谁将赢取命令过程并且拥有呼叫)。当从用户的所有呼叫被断开时,重要的所有权被放弃。一新的呼叫从同一个用户再开始命令过程与一新的主控的解决方法。

与多链路PPP连接顺序的负载均衡

  1. 一个远程苏活区用户'2500-1'发出一次多链路呼叫,单个信道,到LAC。建立 PPP 链路。

  2. LCP协商(MRRUs在CONFACKS包括),并且隧道信息从与用于负载均衡的隧道终点的RADIUS下载。

    当第一个非活动地址和连接转发,隧道终点'10.51.6.59'选择。通道和会话建立。

  3. LNS创建虚拟访问接口2终止L2TP通道。�

    开始以pppKeepalivemtu记录日志默认的仅命令从虚拟模板复制。Virtual-template 1有配置的PPP多链路。在ICCN传送的LCP配置信息是牵强的在虚拟访问接口PPP堆叠上(这包括LAC协商的MRRU)。

  4. LNS在ICCN使用代理验证答复AVP - 33,传送,开始所有现有多链路捆绑的SGBP出价进程与名称'2500-1'。

    精通查询开放投标为与默认种子投标的套件'2500-1'发送50。�

    与精通投标的Sgbp member '10.51.6.61'回复0 (精通拒绝),尽管没有'2500-1'的一个现有套件。�

    '10.51.6.59' (本地)为'2500-1'当前是重要。一旦所有权的解决方法完成,精通查询close用精通投标声明值为10000传送。

  5. AAA/PPP认证和授权然后发生。RADIUS访问请求发送。

  6. 虚拟访问接口1为多链路捆绑主控创建和从virtual-template 1被克隆。

  7. PPP IPCP协商完成并且宣称的开始,路由安装的主机。远程用户此时已连接,可以开始传输流量。

  8. 由于带宽需求,远程苏活区用户'2500-1'发出第二次多链路呼叫对LAC。

  9. RADIUS再被查询隧道信息。根据负载均衡逻辑,下个非活动隧道终点'10.51.6.61'选择。通道和会话建立。

  10. LNS创建虚拟访问接口1终止L2TP通道。�

    Virtual-template 1用于克隆(安排‘PPP多链路’配置),在ICCN传送的LCP配置信息是牵强的在虚拟访问接口PPP堆叠上(这包括LAC协商的MRRU)。

  11. SGBP出价为与名称'2500-1'的所有现有多链路捆绑开始通过发送套件的'2500-1'精通查询投标与默认种子投标50。

  12. As'10.51.6.59'为会员投标有声明值为10000的'2500-1'已经是重要。�

    '10.51.6.61'当前寄PPP连接给'10.51.6.59'。

    L2F通道从'10.51.6.61'打开到'10.51.6.59' (多机箱多链路PPP的默认隧道协议是L2F)。

    通道验证使用Sgbp group用户名‘多跳’。开始L2F通道和会话。

  13. PPP会话是L2F转发对'10.51.6.59'。虚拟访问接口3创建终止L2F通道和从virtual-template 1被克隆。

  14. LAC协商的LCP状态被重赛在虚拟访问PPP堆叠上,并且包括同意的MRRU选项。

  15. AAA/PPP认证和授权然后发生。RADIUS访问请求发送。

  16. 验证完成,并且虚拟访问接口3被添加到多链路捆绑主控。

/image/gif/paws/23982/23982b.bmp

实验室测试-与多链路PPP的LNS负载均衡

RADIUS配置文件

本文使用在Merit RADIUS服务器3.6B的此RADIUS用户和通道配置文件:

2500-1 Password = "cisco" 
Service-Type = Framed,
Framed-Protocol = PPP,
Framed-IP-Address = 255.255.255.255
dnis:614629 Password = "cisco"
Service-Type = Outbound,
Cisco:Avpair = "vpdn:tunnel-type=l2tp",
Cisco:Avpair = "vpdn:tunnel-id=hgw",
Cisco:Avpair = "vpdn:ip-addresses=10.51.6.61,10.51.6.59",
Cisco:Avpair = "vpdn:l2tp-tunnel-password=hello"

LAC 配置

LAC配置同先前配置一样。

LNS -堆栈组多跳的配置(10.51.6.59和10.51.6.61)

hostname nsa-7200-2 (10.51.6.61)
username MULTIHOP password 0 cisco

!--- The stack name/password is used to authenticate the SGBP connections between 
!--- all member routers. As RADIUS has no concept of SendAuth , the stack name 
!--- password needs to be defined locally.

sgbp group MULTIHOP

!--- The stack group is given a unique username, the name 'MULTIHOP' must be 
!--- unique within a domain and only one stack group is allowed per router.

sgbp member nsa-7200-3 10.51.6.59

!--- The stack member '10.51.6.59' is defined.

vpdn multihop

!--- Enables the LNS to forward Multilink PPP links to Stack Group members that 
!--- already own existing bundle Masters for that session.

multilink virtual-template 1

!--- The Multilink Bundle Interface will clone from the Virtual Template 1.

interface Virtual-Template1
ip unnumbered Ethernet3/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp chap hostname nsa-7200-2
ppp multilink
hostname nsa-7200-3 (10.51.6.59)
!
username MULTIHOP password 0 cisco
!
sgbp group MULTIHOP
sgbp member nsa-7200-2 10.51.6.61
vpdn multihop
!
multilink virtual-template 1
!
interface Virtual-Template1
ip unnumbered Ethernet3/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp chap hostname nsa-7200-3
ppp multilink

从LAC采取的调试

Jan 1 00:01:01.039: %LINK-3-UPDOWN: Interface Serial0:0, 
changed state to up
Jan 1 00:01:01.235: Se0:0 PPP: Treating connection as a callin
Jan 1 00:01:01.235: Se0:0 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:01.239: Se0:0 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:01.239: Se0:0 LCP: State is Listen
Jan 1 00:01:01.239: Se0:0 LCP: I CONFREQ [Listen] id 22 len 23
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.239: Se0:0 LCP: O CONFREQ [Listen] id 27 len 28
Jan 1 00:01:01.239: Se0:0 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.239: Se0:0 LCP: O CONFACK [Listen] id 22 len 23
Jan 1 00:01:01.239: Se0:0 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.239: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.239: Se0:0 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.287: Se0:0 LCP: I CONFACK [ACKsent] id 27 len 28
Jan 1 00:01:01.287: Se0:0 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.287: Se0:0 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.287: Se0:0 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.287: Se0:0 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.287: Se0:0 LCP: State is Open
Jan 1 00:01:01.287: Se0:0 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:01.287: Se0:0 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:01.287: Se0:0 CHAP: O CHALLENGE id 17 len 27 from "5300-1"
Jan 1 00:01:01.315: Se0:0 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:01.315: Se0:0 PPP: Phase is FORWARDING
Jan 1 00:01:01.315: Se0:0 VPDN: Got DNIS string 614629
Jan 1 00:01:01.315: Se0:0 VPDN: Looking for tunnel -- dnis:614629 --
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): Port='Serial0:0' 
list='default' service=NET
Jan 1 00:01:01.315: AAA/AUTHOR/VPDN: Serial0:0 (552916761) user='dnis:614629'
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): send AV service=ppp
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): send AV protocol=vpdn
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): found list "default"
Jan 1 00:01:01.315: Serial0:0 AAA/AUTHOR/VPDN (552916761): Method=NSA_LAB (radius)
Jan 1 00:01:01.319: RADIUS: Initial Transmit Serial0:0 id 34 10.51.6.3:1645, 
Access-Request, len 112
Jan 1 00:01:01.319: Attribute 4 6 0A330644
Jan 1 00:01:01.319: Attribute 5 6 00000000
Jan 1 00:01:01.319: Attribute 26 17 00000009020B5365
Jan 1 00:01:01.319: Attribute 61 6 00000002
Jan 1 00:01:01.319: Attribute 1 13 646E6973
Jan 1 00:01:01.319: Attribute 30 8 36313436
Jan 1 00:01:01.319: Attribute 31 12 32303835
Jan 1 00:01:01.319: Attribute 2 18 B8DE6FA3
Jan 1 00:01:01.319: Attribute 6 6 00000005
Jan 1 00:01:01.323: RADIUS: Received from id 34 10.51.6.3:1645, 
Access-Accept, len 167
Jan 1 00:01:01.323: Attribute 6 6 00000005
Jan 1 00:01:01.323: Attribute 26 29 0000000901177670
Jan 1 00:01:01.323: Attribute 26 26 0000000901147670
Jan 1 00:01:01.323: Attribute 26 47 0000000901297670
Jan 1 00:01:01.327: Attribute 26 39 0000000901217670
Jan 1 00:01:01.327: RADIUS: saved authorization data for user 620DAD68 
at 619E9BC0
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:tunnel-type=l2tp"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:tunnel-id=hgw"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:ip-addresses=
10.51.6.61,10.51.6.59"
Jan 1 00:01:01.327: RADIUS: cisco AVPair "vpdn:l2tp-tunnel-password=hello"
Jan 1 00:01:01.327: AAA/AUTHOR (552916761): Post authorization status 
= PASS_ADD
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV service=ppp
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV protocol=vpdn
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV tunnel-type=l2tp
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV tunnel-id=hgw
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV ip-addresses=
10.51.6.61,10.51.6.59
Jan 1 00:01:01.327: AAA/AUTHOR/VPDN: Processing AV l2tp-tunnel-password=hello
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: Got tunnel info for dnis:614629
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: LAC hgw
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: l2tp-busy-disconnect yes
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: l2tp-tunnel-password xxxxxx
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: 2 IP addresses
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: IP 10.51.6.61 Priority 1
Jan 1 00:01:01.327: Se0:0 VPDN/RPMS/: IP 10.51.6.59 Priority 1
Jan 1 00:01:01.331: Se0:0 VPDN/: curlvl 1 Address 1: 10.51.6.59, priority 1 
Jan 1 00:01:01.331: Se0:0 VPDN/: Select non-active address 10.51.6.59, 
priority 1
Jan 1 00:01:01.331: Se0:0 VPDN: Find LNS process created
Jan 1 00:01:01.331: Tnl 5105 L2TP: SM State idle
Jan 1 00:01:01.331: Tnl 5105 L2TP: O SCCRQ 
Jan 1 00:01:01.331: Tnl 5105 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:01.331: Tnl 5105 L2TP: SM State wait-ctl-reply
Jan 1 00:01:01.331: Se0:0 VPDN: Forward to address 10.51.6.59
Jan 1 00:01:01.331: Se0:0 VPDN: Pending
Jan 1 00:01:01.331: Se0:0 VPDN: Process created
Jan 1 00:01:01.335: Tnl 5105 L2TP: I SCCRP from l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Got a challenge from remote peer, 
l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Got a response from remote peer, 
l2tp-gw
Jan 1 00:01:01.335: Tnl 5105 L2TP: Tunnel Authentication success
Jan 1 00:01:01.339: Tnl 5105 L2TP: Tunnel state change from 
wait-ctl-reply to established
Jan 1 00:01:01.339: Tnl 5105 L2TP: O SCCCN to l2tp-gw tnlid 24230
Jan 1 00:01:01.339: Tnl 5105 L2TP: SM State established
Jan 1 00:01:01.339: Se0:0 VPDN: Forwarding...
Jan 1 00:01:01.339: Tnl/Cl 5105/18 L2TP: Session FS enabled
Jan 1 00:01:01.339: Tnl/Cl 5105/18 L2TP: Session state change from idle 
to wait-for-tunnel
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: Create session
Jan 1 00:01:01.339: Tnl 5105 L2TP: SM State established
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: O ICRQ to l2tp-gw 24230/0
Jan 1 00:01:01.339: Se0:0 Tnl/Cl 5105/18 L2TP: Session state change from 
wait-for-tunnel to wait-reply
Jan 1 00:01:01.339: Se0:0 VPDN: 2500-1 is forwarded
Jan 1 00:01:01.343: Se0:0 Tnl/Cl 5105/18 L2TP: O ICCN to l2tp-gw 24230/41
Jan 1 00:01:01.347: Se0:0 Tnl/Cl 5105/18 L2TP: Session state change from 
wait-reply to established
Jan 1 00:01:02.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:0, 
changed state to up

!--- Second Multilink Call is placed by the remote user.

Jan 1 00:01:03.123: %LINK-3-UPDOWN: Interface Serial0:1, 
changed state to up
Jan 1 00:01:03.127: %ISDN-6-CONNECT: Interface Serial0:0 
is now connected to 2085730592 2500-1
Jan 1 00:01:03.351: Se0:1 PPP: Treating connection as a callin
Jan 1 00:01:03.351: Se0:1 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:03.351: Se0:1 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:03.351: Se0:1 LCP: State is Listen
Jan 1 00:01:03.351: Se0:1 LCP: I CONFREQ [Listen] id 3 len 23
Jan 1 00:01:03.351: Se0:1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:03.351: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.351: Se0:1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:03.351: Se0:1 LCP: O CONFREQ [Listen] id 3 len 28
Jan 1 00:01:03.351: Se0:1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:03.351: Se0:1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:03.351: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.351: Se0:1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:03.355: Se0:1 LCP: O CONFACK [Listen] id 3 len 23
Jan 1 00:01:03.355: Se0:1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:03.355: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.355: Se0:1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:03.403: Se0:1 LCP: I CONFACK [ACKsent] id 3 len 28
Jan 1 00:01:03.403: Se0:1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:03.403: Se0:1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:03.403: Se0:1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:03.403: Se0:1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:03.403: Se0:1 LCP: State is Open
Jan 1 00:01:03.403: Se0:1 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:03.403: Se0:1 CHAP: Using alternate hostname 5300-1
Jan 1 00:01:03.407: Se0:1 CHAP: O CHALLENGE id 3 len 27 from "5300-1"
Jan 1 00:01:03.435: Se0:1 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:03.435: Se0:1 PPP: Phase is FORWARDING
Jan 1 00:01:03.435: Se0:1 VPDN: Got DNIS string 614629
Jan 1 00:01:03.435: Se0:1 VPDN: Looking for tunnel -- dnis:614629 --
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): Port='Serial0:1' 
list='default' service=NET
Jan 1 00:01:03.435: AAA/AUTHOR/VPDN: Serial0:1 (4201608973) user='dnis:614629'
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): send AV service=ppp
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): send AV protocol=vpdn
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): found list "default"
Jan 1 00:01:03.435: Serial0:1 AAA/AUTHOR/VPDN (4201608973): Method=NSA_LAB (radius)
Jan 1 00:01:03.439: RADIUS: Initial Transmit Serial0:1 id 35 10.51.6.3:1645, 
Access-Request, len 112
Jan 1 00:01:03.439: Attribute 4 6 0A330644
Jan 1 00:01:03.439: Attribute 5 6 00000001
Jan 1 00:01:03.439: Attribute 26 17 00000009020B5365
Jan 1 00:01:03.439: Attribute 61 6 00000002
Jan 1 00:01:03.439: Attribute 1 13 646E6973
Jan 1 00:01:03.439: Attribute 30 8 36313436
Jan 1 00:01:03.439: Attribute 31 12 32303835
Jan 1 00:01:03.439: Attribute 2 18 0FC856FB
Jan 1 00:01:03.439: Attribute 6 6 00000005
Jan 1 00:01:03.443: RADIUS: Received from id 35 10.51.6.3:1645, 
Access-Accept, len 167
Jan 1 00:01:03.443: Attribute 6 6 00000005
Jan 1 00:01:03.443: Attribute 26 29 0000000901177670
Jan 1 00:01:03.443: Attribute 26 26 0000000901147670
Jan 1 00:01:03.443: Attribute 26 47 0000000901297670
Jan 1 00:01:03.443: Attribute 26 39 0000000901217670
Jan 1 00:01:03.443: RADIUS: saved authorization data for user 
62127900 at 61CD10A0
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:tunnel-type=l2tp"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:tunnel-id=hgw"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:ip-addresses=
10.51.6.61,10.51.6.59"
Jan 1 00:01:03.443: RADIUS: cisco AVPair "vpdn:l2tp-tunnel-password=hello"
Jan 1 00:01:03.443: AAA/AUTHOR (4201608973): Post authorization status 
= PASS_ADD
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV service=ppp
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV protocol=vpdn
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV tunnel-type=l2tp
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV tunnel-id=hgw
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV ip-addresses=
10.51.6.61,10.51.6.59
Jan 1 00:01:03.443: AAA/AUTHOR/VPDN: Processing AV l2tp-tunnel-password=hello
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: Got tunnel info for dnis:614629
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: LAC hgw
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: l2tp-busy-disconnect yes
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: l2tp-tunnel-password xxxxxx
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: 2 IP addresses
Jan 1 00:01:03.443: Se0:1 VPDN/RPMS/: IP 10.51.6.61 Priority 1
Jan 1 00:01:03.447: Se0:1 VPDN/RPMS/: IP 10.51.6.59 Priority 1
Jan 1 00:01:03.447: Se0:1 VPDN/: curlvl 1 Address 1: 10.51.6.59, priority 1 
Jan 1 00:01:03.447: Se0:1 VPDN/: curlvl 1 Address 0: 10.51.6.61, priority 1 
Jan 1 00:01:03.447: Se0:1 VPDN/: Select non-active address 10.51.6.61, 
priority 1
Jan 1 00:01:03.447: Se0:1 VPDN: Find LNS process created
Jan 1 00:01:03.447: Tnl 49388 L2TP: SM State idle
Jan 1 00:01:03.447: Tnl 49388 L2TP: O SCCRQ 
Jan 1 00:01:03.447: Tnl 49388 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:03.447: Tnl 49388 L2TP: SM State wait-ctl-reply
Jan 1 00:01:03.447: Se0:1 VPDN: Forward to address 10.51.6.61
Jan 1 00:01:03.447: Se0:1 VPDN: Pending
Jan 1 00:01:03.447: Se0:1 VPDN: Process created
Jan 1 00:01:03.451: Tnl 49388 L2TP: I SCCRP from l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Got a challenge from remote peer, 
l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Got a response from remote peer, 
l2tp-gw
Jan 1 00:01:03.451: Tnl 49388 L2TP: Tunnel Authentication success
Jan 1 00:01:03.451: Tnl 49388 L2TP: Tunnel state change from 
wait-ctl-reply to established
Jan 1 00:01:03.451: Tnl 49388 L2TP: O SCCCN to l2tp-gw tnlid 43591
Jan 1 00:01:03.455: Tnl 49388 L2TP: SM State established
Jan 1 00:01:03.455: Se0:1 VPDN: Forwarding...
Jan 1 00:01:03.455: Tnl/Cl 49388/19 L2TP: Session FS enabled
Jan 1 00:01:03.455: Tnl/Cl 49388/19 L2TP: Session state change from 
idle to wait-for-tunnel
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: Create session
Jan 1 00:01:03.455: Tnl 49388 L2TP: SM State established
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: O ICRQ to l2tp-gw 43591/0
Jan 1 00:01:03.455: Se0:1 Tnl/Cl 49388/19 L2TP: Session state change from 
wait-for-tunnel to wait-reply
Jan 1 00:01:03.455: Se0:1 VPDN: 2500-1 is forwarded
Jan 1 00:01:03.459: Se0:1 Tnl/Cl 49388/19 L2TP: O ICCN to l2tp-gw 43591/19
Jan 1 00:01:03.463: Se0:1 Tnl/Cl 49388/19 L2TP: Session state change from 
wait-reply to established
Jan 1 00:01:04.455: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:1, 
changed state to up
Jan 1 00:01:09.127: %ISDN-6-CONNECT: Interface Serial0:1 is now connected to 
2085730592 2500-1

/image/gif/paws/23982/23982c.bmp

从LNS采取的调试- 10.51.6.59

Jan 1 00:01:01.783: L2TP: I SCCRQ from hgw tnl 5105
Jan 1 00:01:01.783: Tnl 24230 L2TP: Got a challenge in SCCRQ, hgw
Jan 1 00:01:01.783: Tnl 24230 L2TP: New tunnel created for remote hgw, 
address10.51.6.68
Jan 1 00:01:01.783: Tnl 24230 L2TP: O SCCRP to hgw tnlid 5105
Jan 1 00:01:01.783: Tnl 24230 L2TP: Tunnel state change from idle 
to wait-ctl-reply
Jan 1 00:01:01.787: Tnl 24230 L2TP: I SCCCN from hgw tnl 5105
Jan 1 00:01:01.787: Tnl 24230 L2TP: Got a Challenge Response in SCCCN from hgw
Jan 1 00:01:01.787: Tnl 24230 L2TP: Tunnel Authentication success
Jan 1 00:01:01.787: Tnl 24230 L2TP: Tunnel state change from wait-ctl-reply 
to established
Jan 1 00:01:01.787: Tnl 24230 L2TP: SM State established
Jan 1 00:01:01.791: Tnl 24230 L2TP: I ICRQ from hgw tnl 5105
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: Session FS enabled
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: Session state change from idle 
to wait-connect
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: New session created
Jan 1 00:01:01.791: Tnl/Cl 24230/41 L2TP: O ICRP to hgw 5105/18
Jan 1 00:01:01.795: Tnl/Cl 24230/41 L2TP: I ICCN from hgw tnl 5105, cl 18
Jan 1 00:01:01.795: Tnl/Cl 24230/41 L2TP: Session state change from wait-connect 
to established
Jan 1 00:01:01.795: Vi2 VPDN: Virtual interface created for 2500-1
Jan 1 00:01:01.795: Vi2 PPP: Phase is DOWN, Setup
Jan 1 00:01:01.799: Vi2 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:01.799: Vi2 VTEMPLATE: 
************* CLONE VACCESS2 *****************
Jan 1 00:01:01.799: Vi2 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access2
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end
Jan 1 00:01:01.835: %LINK-3-UPDOWN: Interface Virtual-Access2, 
changed state to up
Jan 1 00:01:01.835: Vi2 PPP: Using set call direction
Jan 1 00:01:01.835: Vi2 PPP: Treating connection as a callin
Jan 1 00:01:01.835: Vi2 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:01.835: Vi2 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:01.835: Vi2 LCP: State is Listen
Jan 1 00:01:01.835: Vi2 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:01.835: Vi2 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:01.835: Vi2 LCP: MagicNumber 0x15C13318 (0x050615C13318)
Jan 1 00:01:01.835: Vi2 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.835: Vi2 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:01.835: Vi2 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:01.835: Vi2 LCP: I FORCED CONFACK len 19
Jan 1 00:01:01.835: Vi2 LCP: MagicNumber 0x31BFC605 (0x050631BFC605)
Jan 1 00:01:01.835: Vi2 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:01.835: Vi2 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:01.835: Vi2 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:01.835: Vi2 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:01.835: Vi2 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:01.835: Vi2 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-3"
Jan 1 00:01:01.835: Vi2 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:01.835: Vi2 PPP: Phase is FORWARDING
Jan 1 00:01:01.835: Vi2 VPDN: Looking for tunnel -- --
Jan 1 00:01:01.839: Vi2 VPDN: Looking for tunnel -- --
Jan 1 00:01:01.839: %SGBP-7-NEWL: Local query #53 for 2500-1, count 1, 
ourbid 50
Jan 1 00:01:01.839: Vi2 VPDN: Continue using SGBP for 2500-1
Jan 1 00:01:01.839: Vi2 VPDN: Pending
Jan 1 00:01:01.839: Vi2 VPDN: Process created
Jan 1 00:01:02.091: %SGBP-7-DONE: Query #53 for bundle 2500-1, count 1, 
master is local
Jan 1 00:01:02.091: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid: 10000
Jan 1 00:01:02.091: %SGBP-7-PB: 10.51.6.61 State: Rcvd Bid: 000 Retry: 0
Jan 1 00:01:02.091: Vi2 VPDN: Not forwarded
Jan 1 00:01:02.091: Vi2 PPP: Phase is AUTHENTICATING
Jan 1 00:01:02.091: Vi2 CHAP: I RESPONSE id 17 len 27 from "2500-1"
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): port='Virtual-Access2' 
list='vpdn' action=LOGI service=PPP
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): found list vpdn
Jan 1 00:01:02.091: AAA/AUTHEN/START (3376880111): Method=radius (radius)
Jan 1 00:01:02.091: RADIUS: Initial Transmit Virtual-Access2 
id 15 10.51.6.3:1645, Access-Request, len 97
Jan 1 00:01:02.091: Attribute 4 6 0A33063B
Jan 1 00:01:02.091: Attribute 5 6 00000002
Jan 1 00:01:02.091: Attribute 61 6 00000005
Jan 1 00:01:02.091: Attribute 1 8 32353030
Jan 1 00:01:02.091: Attribute 30 8 36313436
Jan 1 00:01:02.091: Attribute 31 12 32303835
Jan 1 00:01:02.091: Attribute 3 19 110F710D
Jan 1 00:01:02.091: Attribute 6 6 00000002
Jan 1 00:01:02.091: Attribute 7 6 00000001
Jan 1 00:01:02.095: RADIUS: Received from id 15 10.51.6.3:1645, 
Access-Accept, len 38
Jan 1 00:01:02.095: Attribute 6 6 00000002
Jan 1 00:01:02.095: Attribute 7 6 00000001
Jan 1 00:01:02.095: Attribute 8 6 FFFFFFFF
Jan 1 00:01:02.095: AAA/AUTHEN (3376880111): status = PASS
Jan 1 00:01:02.095: Vi2 AAA/AUTHOR/LCP: Authorize LCP
Jan 1 00:01:02.095: Vi2 AAA/AUTHOR/LCP (2242497288): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.099: AAA/AUTHOR/LCP: Vi2 (2242497288) user='2500-1'
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): send AV service=ppp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): send AV protocol=lcp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): found list "vpdn"
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP (2242497288): Method=radius (radius)
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR (2242497288): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/LCP: Processing AV service=ppp
Jan 1 00:01:02.099: Vi2 CHAP: O SUCCESS id 17 len 4
Jan 1 00:01:02.099: Vi2 PPP: Phase is VIRTUALIZED
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.099: AAA/AUTHOR/MLP: Vi2 (2616761311) user='2500-1'
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): send AV service=ppp
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): send AV protocol=multilink
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): found list "vpdn"
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR/MLP (2616761311): Method=radius (radius)
Jan 1 00:01:02.099: Vi2 AAA/AUTHOR (2616761311): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.099: Vi1 VTEMPLATE: Set default settings with ip unnumbered
Jan 1 00:01:02.115: Vi1 VTEMPLATE: Hardware address 0010.0ba5.f800
Jan 1 00:01:02.115: Vi1 PPP: Phase is DOWN, Setup
Jan 1 00:01:02.119: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:02.119: Vi1 VTEMPLATE: 
************* CLONE VACCESS1 *****************
Jan 1 00:01:02.119: Vi1 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access1
default ip address
no ip address
encap ppp
ip unnumbered Ethernet5/0
peer default ip address pool default
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end

Jan 1 00:01:02.179: Vi2 IPCP: Packet buffered while building 
MLP bundle interface
Jan 1 00:01:02.179: %LINK-3-UPDOWN: Interface Virtual-Access1, 
changed state to up
Jan 1 00:01:02.179: Vi1 PPP: Treating connection as a dedicated line
Jan 1 00:01:02.179: Vi1 PPP: Phase is ESTABLISHING, Active Open
Jan 1 00:01:02.179: Vi1 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: (0): LCP succeeds trivially
Jan 1 00:01:02.179: Vi1 LCP: O CONFREQ [Closed] id 1 len 32
Jan 1 00:01:02.179: Vi1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:02.179: Vi1 LCP: MagicNumber 0x1F5A340B (0x05061F5A340B)
Jan 1 00:01:02.179: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:02.179: Vi1 LCP: EndpointDisc 1 Local 
(0x130D016E73612D373230302D33)
Jan 1 00:01:02.179: AAA/AUTHOR/MLP Vi1: Processing AV service=ppp
Jan 1 00:01:02.179: Vi1 VPDN: Virtual interface iteration
Jan 1 00:01:02.179: Vi1 PPP: Phase is UP
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: (0): Can we start IPCP?
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.179: AAA/AUTHOR/FSM: Vi1 (2530889481) user='2500-1'
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): send AV service=ppp
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): send AV protocol=ip
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): found list "vpdn"
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM (2530889481): Method=radius (radius)
Jan 1 00:01:02.179: RADIUS: allowing negotiated framed address
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR (2530889481): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.179: Vi1 AAA/AUTHOR/FSM: We can start IPCP
Jan 1 00:01:02.183: Vi1 IPCP: O CONFREQ [Closed] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.51.6.59 (0x03060A33063B)
Jan 1 00:01:02.183: Vi1 MLP: Added first link Vi2 to bundle 2500-1
Jan 1 00:01:02.183: Vi2 IPCP: Redirect packet to Vi1
Jan 1 00:01:02.183: Vi1 IPCP: I CONFREQ [REQsent] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.10.53.2 (0x03060A0A3502)
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Start. Her address 10.10.53.2, 
we want 0.0.0.0
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): Port='Virtual-Access2' 
list='vpdn' service=NET
Jan 1 00:01:02.183: AAA/AUTHOR/IPCP: Vi1 (2777739044) user='2500-1'
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV service=ppp
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV protocol=ip
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): send AV addr*10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): found list "vpdn"
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP (2777739044): Method=radius (radius)
Jan 1 00:01:02.183: RADIUS: allowing negotiated framed address 10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR (2777739044): Post authorization status 
= PASS_REPL
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Processing AV service=ppp
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Processing AV addr=10.10.53.2
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Authorization succeeded
Jan 1 00:01:02.183: Vi1 AAA/AUTHOR/IPCP: Done. Her address 10.10.53.2, 
we want 10.10.53.2
Jan 1 00:01:02.183: Vi1 IPCP: O CONFACK [REQsent] id 1 len 10
Jan 1 00:01:02.183: Vi1 IPCP: Address 10.10.53.2 (0x03060A0A3502)
Jan 1 00:01:02.211: Vi1 IPCP: I CONFACK [ACKsent] id 1 len 10
Jan 1 00:01:02.211: Vi1 IPCP: Address 10.51.6.59 (0x03060A33063B)
Jan 1 00:01:02.211: Vi1 IPCP: State is Open
Jan 1 00:01:02.211: Vi1 AAA/AUTHOR/PER-USER: Event IP_UP
Jan 1 00:01:02.211: Vi1 AAA/AUTHOR: IP_UP
Jan 1 00:01:02.211: Vi1 AAA/PER-USER: processing author params.
Jan 1 00:01:02.215: Vi1 IPCP: Install route to 10.10.53.2
Jan 1 00:01:03.099: %LINEPROTO-5-UPDOWN: 
Line protocol on Interface Virtual-Access2, changed state to up
Jan 1 00:01:03.179: %LINEPROTO-5-UPDOWN: 
Line protocol on Interface Virtual-Access1, changed state to up
Jan 1 00:01:04.163: %SGBP-7-NEWP: 
Peer query #54 for 2500-1, count 1, peerbid 50, ourbid 10000
Jan 1 00:01:04.363: %SGBP-7-DONE: 
Query #54 for bundle 2500-1, count 0, master is local
Jan 1 00:01:04.367: L2X: L2F_CONF received
Jan 1 00:01:04.367: Tnl 46 L2F: Received L2F-CONF from MULTIHOP
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): found list default
Jan 1 00:01:04.367: AAA/AUTHEN/START (1546583827): Method=LOCAL
Jan 1 00:01:04.367: AAA/AUTHEN (1546583827): status = PASS
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): found list default
Jan 1 00:01:04.367: AAA/AUTHEN/START (3291965384): Method=LOCAL
Jan 1 00:01:04.367: AAA/AUTHEN (3291965384): status = PASS
Jan 1 00:01:04.367: Tnl 46 L2F: 
Opened UDP socket to 10.51.6.61 using source 10.51.6.59
Jan 1 00:01:04.367: Tnl 46 L2F: 
Tunnel MULTIHOP state change from closed state opening
Jan 1 00:01:04.367: Tnl 46 L2F: Sending L2F-CONF to peer
Jan 1 00:01:04.375: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.375: Tnl 46 L2F: 
OPEN from MULTIHOP received for tunnel in state opening
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): 
port='' list='default' action=LOGIN service=PPP
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): found list default
Jan 1 00:01:04.375: AAA/AUTHEN/START (3210024667): Method=LOCAL
Jan 1 00:01:04.375: AAA/AUTHEN (3210024667): status = PASS
Jan 1 00:01:04.375: VPDN: Chap authentication succeeded for MULTIHOP
Jan 1 00:01:04.375: Tnl 46 L2F: 
Tunnel MULTIHOP state change from opening state open
Jan 1 00:01:04.375: Tnl 46 L2F: Replying to MULTIHOP with L2F-OPEN
Jan 1 00:01:04.379: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.379: Tnl 46 L2F: New OPEN received for Session 12
Jan 1 00:01:04.379: 2500-1Tnl/Cl 46/12 L2F: 
Session state change from closed to opening
Jan 1 00:01:04.379: Vi3 VTEMPLATE: Hardware address 0010.0ba5.f800
Jan 1 00:01:04.379: Vi3 VPDN: 
Virtual interface created for 2500-1 bandwidth 64 Kbps
Jan 1 00:01:04.379: Vi3 PPP: Phase is DOWN, Setup
Jan 1 00:01:04.379: Vi3 VTEMPLATE: 
Has a new cloneblk vtemplate, now it has vtemplate
Jan 1 00:01:04.379: Vi3 VTEMPLATE: 
************* CLONE VACCESS3 *****************
Jan 1 00:01:04.379: Vi3 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access3
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-3
end

Jan 1 00:01:04.419: %LINK-3-UPDOWN: Interface Virtual-Access3, 
changed state to up
Jan 1 00:01:04.419: Vi3 PPP: Using set call direction
Jan 1 00:01:04.419: Vi3 PPP: Treating connection as a callin
Jan 1 00:01:04.419: Vi3 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:04.419: Vi3 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:04.419: Vi3 LCP: State is Listen
Jan 1 00:01:04.419: Vi3 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:04.419: Vi3 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:04.419: Vi3 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:04.419: Vi3 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.419: Vi3 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:04.419: Vi3 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:04.419: Vi3 LCP: I FORCED CONFACK len 19
Jan 1 00:01:04.419: Vi3 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:04.419: Vi3 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.419: Vi3 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:04.419: Vi3 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:04.419: Vi3 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:04.419: Vi3 CHAP: Using alternate hostname nsa-7200-3
Jan 1 00:01:04.419: Vi3 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-3"
Jan 1 00:01:04.419: Vi3 Tnl/Cl 46/12 L2F: 
Transfer NAS-Rate L2F/64000/64000 to LCP
Jan 1 00:01:04.419: Vi3 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:04.419: Vi3 PPP: Phase is FORWARDING
Jan 1 00:01:04.423: Vi3 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.423: Vi3 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.423: Vi3 VPDN: Multihop illegal for Multichassis Multilink

!--- This debug message is generated as the Cisco IOS software checks to see 
!--- if the second and first hops are already an existing Multichassis tunnel.
!--- If so, the tunnel is disallowed.

Jan 1 00:01:04.423: Vi3 VPDN: Continue PPP authentication for 2500-1
Jan 1 00:01:04.423: Vi3 PPP: Phase is AUTHENTICATING
Jan 1 00:01:04.423: Vi3 Tnl/Cl 46/12 L2F: Created VA for Mid, 
Replying with OPEN
Jan 1 00:01:04.423: Vi3 Tnl/Cl 46/12 L2F: 
Session state change from opening to open
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): 
port='Virtual-Access3' list='vpdn' action=LOGIN service=PPP
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): found list vpdn
Jan 1 00:01:04.423: AAA/AUTHEN/START (578160697): Method=radius (radius)
Jan 1 00:01:04.423: RADIUS: Initial Transmit Virtual-Access3
 id 16 10.51.6.3:1645, Access-Request, len 97
Jan 1 00:01:04.423: Attribute 4 6 0A33063B
Jan 1 00:01:04.423: Attribute 5 6 00000003
Jan 1 00:01:04.423: Attribute 61 6 00000005
Jan 1 00:01:04.423: Attribute 1 8 32353030
Jan 1 00:01:04.423: Attribute 30 8 36313436
Jan 1 00:01:04.423: Attribute 31 12 32303835
Jan 1 00:01:04.423: Attribute 3 19 03A99FFB
Jan 1 00:01:04.423: Attribute 6 6 00000002
Jan 1 00:01:04.423: Attribute 7 6 00000001
Jan 1 00:01:04.427: RADIUS: Received from id 16 10.51.6.3:1645, 
Access-Accept,len 38
Jan 1 00:01:04.427: Attribute 6 6 00000002
Jan 1 00:01:04.427: Attribute 7 6 00000001
Jan 1 00:01:04.427: Attribute 8 6 FFFFFFFF
Jan 1 00:01:04.427: AAA/AUTHEN (578160697): status = PASS
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP: Authorize LCP
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): Port='Virtual-Access3' 
list='vpdn' service=NET
Jan 1 00:01:04.427: AAA/AUTHOR/LCP: Vi3 (2032781798) user='2500-1'
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): send AV service=ppp
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): send AV protocol=lcp
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): found list "vpdn"
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP (2032781798): Method=radius (radius)
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR (2032781798): 
Post authorization status = PASS_REPL
Jan 1 00:01:04.427: Vi3 AAA/AUTHOR/LCP: Processing AV service=ppp
Jan 1 00:01:04.427: Vi3 CHAP: O SUCCESS id 3 len 4
Jan 1 00:01:04.427: Vi3 PPP: Phase is VIRTUALIZED
Jan 1 00:01:04.427: Vi1 MLP: Added link Vi3 to bundle 2500-1
Jan 1 00:01:04.491: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid:10000
Jan 1 00:01:04.491: %SGBP-7-PB: 10.51.6.61 State: Closed Bid: 050 Retry: 1
Jan 1 00:01:05.427: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, 
changed state to up

/image/gif/paws/23982/23982d.bmp

从LNS采取的调试- 10.51.6.61

Jan 1 00:01:02.399: %SGBP-7-NEWP: Peer query #53 for 2500-1, 
count 1, peerbid 5 0, ourbid 0
Jan 1 00:01:04.411: L2TP: I SCCRQ from hgw tnl 49388
Jan 1 00:01:04.411: Tnl 43591 L2TP: Got a challenge in SCCRQ, hgw
Jan 1 00:01:04.411: Tnl 43591 L2TP: New tunnel created for remote hgw, 
address 10.51.6.68
Jan 1 00:01:04.411: Tnl 43591 L2TP: O SCCRP to hgw tnlid 49388
Jan 1 00:01:04.411: Tnl 43591 L2TP: Tunnel state change from idle to 
wait-ctl-reply
Jan 1 00:01:04.415: Tnl 43591 L2TP: I SCCCN from hgw tnl 49388
Jan 1 00:01:04.415: Tnl 43591 L2TP: Got a Challenge Response in SCCCN from hgw
Jan 1 00:01:04.415: Tnl 43591 L2TP: Tunnel Authentication success
Jan 1 00:01:04.415: Tnl 43591 L2TP: Tunnel state change from wait-ctl-reply 
to established
Jan 1 00:01:04.415: Tnl 43591 L2TP: SM State established
Jan 1 00:01:04.419: Tnl 43591 L2TP: I ICRQ from hgw tnl 49388
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: Session FS enabled
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: Session state change from idle 
to wait-connect
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: New session created
Jan 1 00:01:04.419: Tnl/Cl 43591/19 L2TP: O ICRP to hgw 49388/19
Jan 1 00:01:04.423: Tnl/Cl 43591/19 L2TP: I ICCN from hgw tnl 49388, cl 19
Jan 1 00:01:04.423: Tnl/Cl 43591/19 L2TP: Session state change from 
wait-connect to established
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Hardware address 0090.b121.0c00
Jan 1 00:01:04.423: Vi1 VPDN: Virtual interface created for 2500-1
Jan 1 00:01:04.423: Vi1 PPP: Phase is DOWN, Setup
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Has a new cloneblk vtemplate, 
now it has vtemplate
Jan 1 00:01:04.423: Vi1 VTEMPLATE: 
************* CLONE VACCESS1 *****************
Jan 1 00:01:04.423: Vi1 VTEMPLATE: Clone from Virtual-Template1
interface Virtual-Access1
default ip address
ppp authentication chap vpdn
ppp authorization vpdn
ppp multilink
pp chap hostname nsa-7200-2
end

Jan 1 00:01:04.479: %LINK-3-UPDOWN: Interface Virtual-Access1, 
changed state to up
Jan 1 00:01:04.479: Vi1 PPP: Using set call direction
Jan 1 00:01:04.479: Vi1 PPP: Treating connection as a callin
Jan 1 00:01:04.479: Vi1 PPP: Phase is ESTABLISHING, Passive Open
Jan 1 00:01:04.479: Vi1 CHAP: Using alternate hostname nsa-7200-2
Jan 1 00:01:04.479: Vi1 LCP: State is Listen
Jan 1 00:01:04.479: Vi1 VPDN: Bind interface direction=2
Jan 1 00:01:04.479: Vi1 LCP: I FORCED CONFREQ len 24
Jan 1 00:01:04.479: Vi1 LCP: AuthProto CHAP (0x0305C22305)
Jan 1 00:01:04.479: Vi1 LCP: MagicNumber 0x15C13B5D (0x050615C13B5D)
Jan 1 00:01:04.479: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.479: Vi1 LCP: EndpointDisc 1 Local (0x130901353330302D31)
Jan 1 00:01:04.479: Vi1 VPDN: PPP LCP accepted rcv CONFACK
Jan 1 00:01:04.479: Vi1 LCP: I FORCED CONFACK len 19
Jan 1 00:01:04.479: Vi1 LCP: MagicNumber 0x31BFCE57 (0x050631BFCE57)
Jan 1 00:01:04.479: Vi1 LCP: MRRU 1524 (0x110405F4)
Jan 1 00:01:04.479: Vi1 LCP: EndpointDisc 1 Local (0x130901323530302D31)
Jan 1 00:01:04.479: Vi1 VPDN: PPP LCP accepted sent CONFACK
Jan 1 00:01:04.479: Vi1 PPP: Phase is AUTHENTICATING, by this end
Jan 1 00:01:04.483: Vi1 CHAP: O CHALLENGE id 3 len 31 from "nsa-7200-2"
Jan 1 00:01:04.483: Vi1 CHAP: I RESPONSE id 3 len 27 from "2500-1"
Jan 1 00:01:04.483: Vi1 PPP: Phase is FORWARDING
Jan 1 00:01:04.483: Vi1 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.483: Vi1 VPDN: Looking for tunnel -- --
Jan 1 00:01:04.483: %SGBP-7-NEWL: Local query #54 for 2500-1, count 1,
 ourbid 50
Jan 1 00:01:04.483: Vi1 VPDN: Continue using SGBP for 2500-1
Jan 1 00:01:04.483: Vi1 VPDN: Pending
Jan 1 00:01:04.483: Vi1 VPDN: Process created
Jan 1 00:01:04.875: %SGBP-7-DONE: Query #54 for bundle 2500-1, count 1, 
master is 10.51.6.59
Jan 1 00:01:04.875: %SGBP-7-MQB: Bundle: 2500-1 State: Done OurBid: 050
Jan 1 00:01:04.875: %SGBP-7-PB: 10.51.6.59 State: Closed Bid: 10000 Retry: 0
Jan 1 00:01:04.875: Vi1 VPDN: Forwarding...
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session_create: Tunnel in closed state
Jan 1 00:01:04.875: Tnl 46 L2F: 
UDP socket opened to 10.51.6.59 using source 10.51.6.61
Jan 1 00:01:04.875: Tnl 46 L2F: 
Tunnel MULTIHOP state change from closed stateopening
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from closed to waiting_for_tunnel
Jan 1 00:01:04.875: Vi1 Tnl/Cl 46/12 L2F: 
Session_create: Closed Tunnel being Re-Opened
Jan 1 00:01:04.875: Vi1 VPDN: 2500-1 is forwarded
Jan 1 00:01:04.879: Tnl 46 L2F: L2F_CONF received
Jan 1 00:01:04.879: Tnl 46 L2F: Received L2F-CONF from MULTIHOP
Jan 1 00:01:04.879: AAA/AUTHEN/START (3039224583): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.883: AAA/AUTHEN/START (3039224583): found list default
Jan 1 00:01:04.883: AAA/AUTHEN/START (3039224583): Method=LOCAL
Jan 1 00:01:04.883: AAA/AUTHEN (3039224583): status = PASS
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): 
port='' list='default' action=SENDAUTH service=PPP
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): found list default
Jan 1 00:01:04.883: AAA/AUTHEN/START (3797117540): Method=LOCAL
Jan 1 00:01:04.883: AAA/AUTHEN (3797117540): status = PASS
Jan 1 00:01:04.883: Tnl 46 L2F: 
Tunnel MULTIHOP state change from opening state open
Jan 1 00:01:04.883: Tnl 46 L2F: 
Replying with L2F-OPEN, Tunnel in Open-Wait
Jan 1 00:01:04.887: Tnl 46 L2F: L2F_OPEN received
Jan 1 00:01:04.887: Tnl 46 L2F: OPEN from MULTIHOP 
received for tunnel in state open
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): 
port='' list='default' action=LOGIN service=PPP
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): found list default
Jan 1 00:01:04.887: AAA/AUTHEN/START (228147723): Method=LOCAL
Jan 1 00:01:04.887: AAA/AUTHEN (228147723): status = PASS
Jan 1 00:01:04.887: VPDN: Chap authentication succeeded for MULTIHOP
Jan 1 00:01:04.887: Tnl 46 L2F: 
Tunnel MULTIHOP state change from open state open
Jan 1 00:01:04.887: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from waiting_for_tunnel to opening
Jan 1 00:01:04.887: Vi1 Tnl/Cl 46/12 L2F: 
Sending OPEN for Open-Waiting Session
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: L2F_OPEN received
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
OPEN received for existing session in state opening
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
Session state change from opening to open
Jan 1 00:01:04.935: Vi1 Tnl/Cl 46/12 L2F: 
MID synced NAS/HG Clid=46/46 Mid=12
Jan 1 00:01:04.935: Vi1 PPP: Phase is FORWARDED
Jan 1 00:01:05.875: %LINEPROTO-5-UPDOWN: Line protocol on Interface 
Virtual-Access1, changed state to up

/image/gif/paws/23982/23982e.bmp

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 23982