-
Cisco IOS Dial Technologies Command Reference, Release 12.3
-
Introduction
-
Dial Technologies Commands: A through cas-group
-
Dial Technologies Commands: channel through cpp
-
Dial Technologies Commands: disconnect through H
-
Dial Technologies Commands: initiate through ipx
-
Dial Technologies Commands: isdn all through isdn x25
-
Dial Technologies Commands: L
-
Dial Technologies Commands: M
-
Dial Technologies Commands: N through pptp
-
Dial Technologies Commands: pri through R
-
Dial Technologies Commands: script through show dial
-
Dial Technologies Commands: show dsc through show line
-
Dial Technologies Commands: show modem through show nbf
-
Dial Technologies Commands: show port through show resource
-
Dial Technologies Commands: show sessions through show vtemplate
-
Dial Technologies Commands: shutdown through X
-
Table Of Contents
ip dhcp-client network-discovery
ip route (large-scale dial-out)
initiate-to
To specify an IP address that will be used for Layer 2 tunneling, use the initiate-to command in VPDN group configuration mode. To remove an IP address from the VPDN group, use the no form of this command.
initiate-to ip ip-address [limit limit-number] [priority priority-number]
no initiate-to [ip ip-address]
Syntax Description
Defaults
This command is disabled.
Command Modes
VPDN group configuration
Command History
Usage Guidelines
Before you can use this command, you must enable one of the two request VPDN subgroups by using either the request dialin or request dialout command.
An LAC configured to request dial-in can be configured with multiple initiate-to commands to enable tunneling to more than one IP address.
An LNS configured to request dial-out can be configured with multiple initiate-to commands to enable tunneling to more than one IP address.
Examples
The following example configures VPDN group 1 to request an L2TP tunnel to the peer at IP address 10.3.2.1 for tunneling dial-out calls from dialer pool 1. This group can tunnel a maximum of five simultaneous users and has the second highest priority for requesting dial-out calls.
vpdn-group 1request-dialoutprotocol l2tppool-member 1initiate-to ip 10.3.2.1 limit 5 priority 2The following example configures VPDN group 1 to request L2TP tunnels to the peers (LACs) at IP addresses 10.0.58.201 and 10.0.58.205. The two LACs configured by the initiate-to commands have differing priority values to provide failover redundancy.
vpdn-group 1accept-dialinprotocol l2tpvirtual-template 1request-dialoutprotocol l2tppool-member 1initiate-to ip 10.0.58.201 priority 1initiate-to ip 10.0.58.205 priority 100source-ip 10.0.58.211In the previous example, you would configure load balancing among the LACs by setting the priority values in the initiate-to commands to the same values.
The following partial example shows how to set parameters to control how many times an LNS will retry connecting to a LAC, and the amount of time after which the LAC will declare itself down or busy so that the LNS will try connecting to the next LAC. (Note that the l2tp tunnel commands are optional and should be used only if it becomes necessary to change the default settings for these commands.)
!vpdn enablevpdn search-order domain!vpdn-group 1...request-dialoutprotocol l2tppool-member 1initiate-to ip 10.0.58.201 priority 1initiate-to ip 10.0.58.207 priority 50initiate-to ip 10.0.58.205 priority 100l2tp tunnel retransmit initial retries 5l2tp tunnel retransmit initial timeout min 4l2tp tunnel busy timeout 420...Related Commands
interface bri
To configure a BRI interface and enter interface configuration mode, use the interface bri command in global configuration mode.
Cisco 7200 Series and 7500 Series Routers
interface bri number
interface bri slot/port
Cisco 7200 Series and 7500 Series Routers with BRI Subinterfaces Only
interface bri number.subinterface-number [multipoint | point-to-point]
interface bri slot/port.subinterface-number [multipoint | point-to-point]
X.25 on an ISDN BRI Interface
interface bri number:0
interface bri slot/port:0
Syntax Description
Defaults
The default mode for subinterfaces is multipoint.
Command Modes
Global configuration
Command History
Usage Guidelines
Subinterfaces can be configured to support partially meshed Frame Relay networks. (Refer to the Frame Relay chapters in the Cisco IOS Wide-Area Networking Configuration Guide.)
To specify the BRI interface that is created by enabling X.25 on a specified ISDN BRI interface, use the interface bri global configuration command with a subinterface 0 specification.
Examples
The following example configures BRI 0 to call and receive calls from two sites, use PPP encapsulation on outgoing calls, and use Challenge Handshake Authentication Protocol (CHAP) authentication on incoming calls:
interface bri 0encapsulation pppno keepalivedialer map ip 172.16.36.10 name EB1 234dialer map ip 172.16.36.9 name EB2 456dialer-group 1isdn spid1 41346334600101 4633460isdn spid2 41346334610101 4633461isdn T200 1000ppp authentication chapThe following example creates a BRI 0:0 interface for X.25 traffic over the D channel and then configures the new interface to carry X.25 traffic:
interface bri0isdn x25 dchannelisdn x25 static-tei 8!interface bri0:0ip address 10.1.1.2 255.255.255.0x25 address 31107000000100x25 htc 1x25 suppress-calling-addressx25 facility windowsize 2 2x25 facility packetsize 256 256x25 facility throughput 9600 9600x25 map ip 10.1.1.3 31107000000200Related Commands
interface dialer
To define a dialer rotary group, use the interface dialer command in global configuration mode.
interface dialer dialer-rotary-group-number
no interface dialer dialer-rotary-group-number
Syntax Description
Defaults
No dialer rotary groups are predefined.
Command Modes
Global configuration
Command History
Usage Guidelines
Dialer rotary groups allow you to apply a single interface configuration to a set of physical interfaces. This capability allows a group of interfaces to be used as a pool of interfaces for calling many destinations.
Once the interface configuration is propagated to a set of interfaces, those interfaces can be used to place calls using the standard dial-on-demand routing (DDR) criteria. When multiple destinations are configured, any of these interfaces can be used for outgoing calls.
Dialer rotary groups are useful in environments that require multiple calling destinations. Only the rotary group needs to be configured with the dialer map commands. The only configuration required for the interfaces is the dialer rotary-group command indicating that each interface is part of a dialer rotary group.
Although a dialer rotary group is configured as an interface, it is not a physical interface. Instead, it represents a group of interfaces. Interface configuration commands entered after the interface dialer command will be applied to all physical interfaces assigned to specified rotary groups. Individual interfaces in a dialer rotary group do not have individual addresses. The dialer interface has a protocol address, and that address is used by all interfaces in the dialer rotary group.
Examples
The following example identifies interface dialer 1 as the dialer rotary group leader. Interface dialer 1 is not a physical interface, but represents a group of interfaces. The interface configuration commands that follow apply to all interfaces included in this group.
interface dialer 1encapsulation pppauthentication chapdialer in-bandip address 10.2.3.4dialer map ip 10.2.2.5 name YYY 14155553434dialer map ip 10.3.2.6 name ZZZinterface multilink
To create a multilink bundle and enter multilink interface configuration mode to configure the bundle, use the interface multilink command in global configuration mode. To remove a multilink bundle, use the no form of this command.
interface multilink multilink-bundle-number
no interface multilink
Syntax Description
Defaults
No interfaces are configured.
Command Modes
Global configuration
Command History
Examples
The following example creates multilink bundle 1:
interface multilink 1ip address 192.168.11.4 255.255.255.192encapsulation pppppp multilinkkeepaliveRelated Commands
ppp multilink fragment disable
Disables packet fragmentation.
ppp multilink group
Restricts a physical link to joining only a designated multilink-group interface.
interface serial
To specify a serial interface created on a channelized E1 or channelized T1 controller (for ISDN PRI, channel-associated signaling, or robbed-bit signaling), use the interface serial command in global configuration mode.
Cisco 7200 Series and Cisco 7500 Series Routers
interface serial slot/port:timeslot
no interface serial slot/port:timeslot
Cisco AS5200 Series and Cisco 4000 Series Access Servers
interface serial controller-number:timeslot
no interface serial controller-number:timeslot
Syntax Description
Defaults
No default behavior or values.
Command Modes
Global configuration
Command History
Usage Guidelines
You must explicitly specify a serial interface. The D channel is always the :23 channel for T1 and the :15 channel for E1.
Examples
The following example configures channel groups on time slots 1 to 11 and ISDN PRI on time slots 12 to 24 of T1 controller 0. Then the examples configures the first two channel groups as serial interfaces 0:0 and 0:1.
controller t1 0channel-group 0 timeslot 1-6channel-group 1 timeslot 7channel-group 2 timeslot 8channel-group 3 timeslot 9-11pri-group timeslots 12-24!interface serial 0:0ip address 172.18.13.2 255.255.255.0encapsulation ppp!interface serial 0:1ip address 172.18.13.3 255.255.255.0encapsulation pppThe following example configures ISDN PRI on T1 controller 4/1 and then configures the D channel on the resulting serial interface 4/1:23:
controller t1 4/1framing crc4linecode hdb3pri-group timeslots 1-24interface serial 4/1:23ip address 172.18.13.1 255.255.255.0encapsulation pppRelated Commands
interface virtual-template
To create a virtual template interface that can be configured and applied dynamically in creating virtual access interfaces, use the interface virtual-template command in global configuration mode.
interface virtual-template number
Syntax Description
number
Number used to identify the virtual template interface. Up to 200 virtual template interfaces can be configured.
Defaults
No virtual template number is defined.
Command Modes
Global configuration
Command History
11.2 F
This command was introduced.
12.2(4)T
This command was enhanced to increase the maximum number of virtual template interfaces from 25 to 200.
Usage Guidelines
A virtual template interface is used to provide the configuration for dynamically created virtual access interfaces. It is created by users and can be saved in NVRAM.
Once the virtual template interface is created, it can be configured in the same way as a serial interface.
Virtual template interfaces can be created and applied by various applications such as virtual profiles, virtual private dialup networks (VPDN), PPP over ATM, protocol translation, and Multichassis Multilink PPP (MMP).
Examples
The following example creates and configures virtual template interface 1:
interface virtual-template 1ip unnumbered ethernet 0ppp multilinkppp authentication chapip address negotiated
To specify that the IP address for a particular interface is obtained via PPP/IPCP (IP Control Protocol) address negotiation, use the ip address negotiated command in interface configuration mode. To disable this feature, use the no form of this command.
ip address negotiated [previous]
no ip address negotiated [previous]
Syntax Description
Defaults
No default behavior or values.
Command Modes
Interface configuration
Command History
Usage Guidelines
Use the ip address negotiated interface command to enable a Cisco router to automatically negotiate its own registered WAN interface IP address from a central server (via PPP/IPCP) and to enable all remote hosts to access the global Internet using this single registered IP address.
Examples
The following example configures an asynchronous interface (interface async1) to obtain its IP address via PPP/IPCP address negotiation:
interface async1ip address negotiatedencapsulation pppRelated Commands
ip address-pool
To enable a global default address pooling mechanism used to supply IP addresses to dial-in asynchronous, synchronous, or ISDN point-to-point interfaces, use the ip address-pool command in global configuration mode. To disable IP address pooling globally on all interfaces with the default configuration, use the no form of this command.
ip address-pool {dhcp-pool | dhcp-proxy-client | local}
no ip address-pool
Syntax Description
Command Default
IP address pooling is disabled globally.
Command Modes
Global configuration
Command History
Usage Guidelines
The global default IP address pooling mechanism applies to all interfaces that have been left in the default setting of the peer default ip address command.
If any peer default ip address command other than peer default ip address pool (the default) is configured, the interface uses that mechanism and not the global default mechanism. Thus all interfaces can be independently configured, or left unconfigured so that the global default configuration applies. This flexibility minimizes the configuration effort on the part of the administrator.
The ip address-pool dhcp-pool command supports only remote access PPP sessions using an MPLS VPN. IP addresses are obtained from locally configured VRF-associated DHCP pools. A VRF VPN instance is a per-VPN routing information repository that defines the VPN membership of a customer site.
Examples
The following example specifies the DHCP on-demand address pooling mechanism as the global default mechanism for assigning peer IP addresses:
ip address-pool dhcp-poolThe following example specifies the DHCP proxy client mechanism as the global default mechanism for assigning peer IP addresses:
ip address-pool dhcp-proxy-clientThe following example specifies a local IP address pool named "default" as the global default mechanism for all interfaces that have been left in their default setting:
ip address-pool localRelated Commands
ip dhcp-client network-discovery
To control the sending of Dynamic Host Configuration Protocol (DHCP) Inform and Discover messages, use the ip dhcp-client network-discovery command in global configuration mode. To change or disable DHCP message control, use the no form of this command.
ip dhcp-client network-discovery informs number-of-messages discovers number-of-messages period seconds
no ip dhcp-client network-discovery informs number-of-messages discovers number-of-messages period seconds
Syntax Description
Defaults
0 DHCP Inform and Discover messages (network discovery is disabled when both the informs and discovers keywords are set to 0); 15-second timeout period.
Command Modes
Global configuration
Command History
Usage Guidelines
The ip dhcp-client network-discovery command allows peer routers to dynamically discover Domain Name System (DNS) and NetBIOS name server information configured on a DHCP server using PPP IP Control Protocol (IPCP) extensions. Setting the number of DHCP Inform or Discover messages to 1 or 2 determines how many times the system sends a DHCP Inform or Discover message before stopping network discovery, as follows:
•
When the number of DHCP Inform messages is set to 1, once the first Inform messages is sent the system waits for a response from the DHCP server for the specified timeout period. If there is no response from the DHCP server by the end of the timeout period, the system sends a DHCP Discover message when the number of Discover messages is not set to 0. If the number of Discover messages is set to 1, network discovery stops. If the number of Discover messages is set to 2, the system waits again for a response from the DHCP server for the specified timeout period. If there is no response from the DHCP server by the end of this second timeout period, the system sends a second DHCP Discover message and stops network discovery.
•
Network discovery also stops when the DHCP server responds to DHCP Inform and Discover messages before the configured number of messages and timeout period are exceeded.
Setting the number of messages to 0 disables sending of DHCP Inform and Discover messages, and is the same as entering the no ip dhcp-client network-discovery command. When the ip dhcp-client network-discovery command is disabled, the system falls back to the static configurations made using the async-bootp dns-server and async-bootp nb-server global configuration commands or, as a last resort, to a DNS server address assigned with the ip name-server command.
Examples
The following example sets two DHCP Inform and Discovery messages and a timeout period of
12 seconds:ip dhcp-client network-discovery informs 2 discovers 2 period 12Related Commands
ip dhcp-server
To specify which Dynamic Host Configuration Protocol (DHCP) servers to use on your network, or to specify the IP address of one or more DHCP servers available on the network, use the ip dhcp-server command in global configuration mode. To remove a DHCP server IP address, use the no form of this command.
ip dhcp-server [ip-address | name]
no ip dhcp-server [ip-address | name]
Syntax Description
Defaults
The IP limited broadcast address of 255.255.255.255 is used for transactions if no DHCP server is specified. This default allows automatic detection of DHCP servers.
Command Modes
Global configuration
Command History
Usage Guidelines
A DHCP server temporarily allocates network addresses to clients through the access server on an as-needed basis. While the client is active, the address is automatically renewed in a minimum of 20-minute increments. When the user terminates the session, the interface connection is terminated so that network resources can be quickly reused. You can specify up to ten servers on the network.
In normal situations, if a SLIP or PPP session fails (for example, if a modem line disconnects), the allocated address will be reserved temporarily to preserve the same IP address for the client when dialed back into the server. This way, the session that was accidentally terminated can often be resumed.
To use the DHCP proxy-client feature, enable your access server to be a proxy-client on asynchronous interfaces by using the ip address-pool dhcp-proxy-client command. If you want to specify which DHCP servers are used on your network, use the ip dhcp-server command to define up to ten specific DHCP servers.
Note
The ip address-pool dhcp-proxy-client command initializes proxy-client status to all interfaces defined as asynchronous on the access server. To selectively disable proxy-client status on a single asynchronous interface, use the no peer default ip address interface command.
Examples
The following command specifies a DHCP server with the IP address of 172.24.13.81:
ip dhcp-server 172.24.13.81Related Commands
ip idle-group
To configure interesting traffic on a virtual template interface for the PPP idle timer, use the ip idle-group command in interface configuration mode. To remove the configuration, use the no form of this command.
ip idle-group {access-list-number | access-list-name} {in | out}
no ip idle-group {access-list-number | access-list-name} {in | out}
Syntax Description
access-list-number
IP access list number.
access-list-name
IP access list name.
in
Classifies IP inbound traffic for the PPP idle timer.
out
Classifies IP outbound traffic for the PPP idle timer.
Defaults
No default behavior or values.
Command Modes
Interface configuration
Command History
Usage Guidelines
The ip idle-group command is applied to a virtual template interface and configures interesting traffic on either inbound or outbound traffic.
Examples
The following example specifies access list 101 as interesting for inbound IP traffic and access list 102 as interesting for outbound IP traffic:
interface virtual-template 1ppp timeout idle 60ip idle-group 101 inip idle-group 102 outRelated Commands
corlist incoming
Sets the PPP idle timeout parameters on a virtual template interface.
ip local pool
To configure a local pool of IP addresses to be used when a remote peer connects to a point-to-point interface, use the ip local pool command in global configuration mode. To remove a range of addresses from a pool (the longer of the no forms of this command), or to delete an address pool (the shorter of the no forms of this command), use one of the no forms of this command.
ip local pool {default | poolname} [low-ip-address [high-ip-address]] [group group-name] [cache-size size]
no ip local pool poolname low-ip-address [high-ip-address]
no ip local pool {default | poolname}
Syntax Description
Defaults
No address pools are configured. Any pool created without the optional group keyword is a member of the base system group.
Command Modes
Global configuration
Command History
Usage Guidelines
Use the ip local pool command to create one or more local address pools from which IP addresses are assigned when a peer connects. You may also add another range of IP addresses to an existing pool. To use a named IP address pool on an interface, use the peer default ip address pool interface configuration command. A pool name can also be assigned to a specific user using authentication, authorization, and accounting (AAA) RADIUS and TACACS functions.
If no named local IP address pool is created, a default address pool is used on all point-to-point interfaces after the ip address-pool local global configuration command is issued. If no explicit IP address pool is assigned, but pool use is requested by use of the ip address-pool local command, the special pool named "default" is used.
The optional group keyword and associated group name allows the association of an IP address pool with a named group. Any IP address pool created without the group keyword automatically becomes a member of a base system group.
An IP address pool name can be associated with only one group. Subsequent use of the same pool name, within a pool group, is treated as an extension of that pool, and any attempt to associate an existing local IP address pool name with a different pool group is rejected. Therefore, each use of a pool name is an implicit selection of the associated pool group.
Note
All IP address pools within a pool group are checked to prevent overlapping addresses; however, no checks are made between any group pool member and a pool not in a group. The specification of a named pool within a pool group allows the existence of overlapping IP addresses with pools in other groups, and with pools in the base system group, but not among pools within a group. Otherwise, processing of the IP address pools is not altered by their membership in a group. In particular, these pool names can be specified in peer commands and returned in RADIUS and AAA functions with no special processing.
IP address pools can be associated with Virtual Private Networks (VPNs). This association permits flexible IP address pool specifications that are compatible with a VPN and a VPN routing and forwarding instance (VRF).
The IP address pools can also be used with the translate commands for one-step vty-async connections and in certain AAA or TACACS+ authorization functions. Refer to the chapter "Configuring Protocol Translation and Virtual Asynchronous Devices" in the Cisco IOS Terminal Services Configuration Guide and the "System Management" part of the Cisco IOS Configuration Fundamentals Configuration Guide for more information.
IP address pools are displayed with the show ip local pool EXEC command.
Examples
The following example creates a local IP address pool named "pool2," which contains all IP addresses in the range 172.16.23.0 to 172.16.23.255:
ip local pool pool2 172.16.23.0 172.16.23.255The following example configures a pool of 1024 IP addresses:
no ip local pool defaultip local pool default 10.1.1.0 10.1.4.255
Note
The following example configures multiple ranges of IP addresses into one pool:
ip local pool default 10.1.1.0 10.1.9.255ip local pool default 10.2.1.0 10.2.9.255The following examples show how to configure two pool groups and IP address pools in the base system group:
ip local pool p1_g1 10.1.1.1 10.1.1.50 group grp1ip local pool p2_g1 10.1.1.100 10.1.1.110 group grp1ip local pool p1_g2 10.1.1.1 10.1.1.40 group grp2ip local pool lp1 10.1.1.1 10.1.1.10ip local pool p3_g1 10.1.2.1 10.1.2.30 group grp1ip local pool p2_g2 10.1.1.50 10.1.1.70 group grp2ip local pool lp2 10.1.2.1 10.1.2.10In the example:
•
•
•
Note that IP address 10.1.1.1 overlaps groups grp1, grp2, and the base system group. Also note that there is no overlap within any group including the base system group, which is unnamed.
The following examples show configurations of IP address pools and groups for use by a VPN and VRF:
ip local pool p1_vpn1 10.1.1.1 10.1.1.50 group vpn1ip local pool p2_vpn1 10.1.1.100 10.1.1.110 group vpn1ip local pool p1_vpn2 10.1.1.1 10.1.1.40 group vpn2ip local pool lp1 10.1.1.1 10.1.1.10ip local pool p3_vpn1 10.1.2.1 10.1.2.30 group vpn1ip local pool p2_vpn2 10.1.1.50 10.1.1.70 group vpn2ip local pool lp2 10.1.2.1 10.1.2.10The examples show configuration of two pool groups, including pools in the base system group, as follows:
•
•
•
Note that IP address 10.1.1.1 overlaps groups vpn1, vpn2, and the base system group. Also note that there is no overlap within any group including the base system group, which is unnamed.
The VPN needs a configuration that selects the proper group by selecting the proper pool based on remote user data. Thus, each user in a given VPN can select an address space using the pool and associated group appropriate for that VPN. Duplicate addresses in other VPNs (other group names) are not a concern, because the address space of a VPN is specific to that VPN.
In the example, a user in group vpn1 is associated with some combination of the pools p1_vpn1, p2_vpn1, and p3_vpn1, and is allocated addresses from that address space. Addresses are returned to the same pool from which they were allocated.
Related Commands
ip mtu adjust
To enable automatic adjustment of the IP maximum transmission unit (MTU) on a virtual access interface, use the ip mtu adjust command in VPDN group or VPDN template configuration mode. To disable automatic adjustment of the IP MTU, use the no form of this command.
ip mtu adjust
no ip mtu adjust
Syntax Description
This command has no arguments or keywords.
Command Default
Cisco IOS Release 12.2(3) and 12.2(4)T
Automatic adjustment of the IP MTU is enabled.
Cisco IOS Release 12.2(6) and 12.2(8)T and Later Releases
Automatic adjustment of the IP MTU is disabled.
Command Modes
VPDN group configuration
VPDN template configurationCommand History
Usage Guidelines
Enabling the ip mtu adjust command allows the router to automatically adjust the IP MTU on the virtual access interface associated with the specified virtual private dialup network (VPDN) group. The IP MTU is automatically adjusted to compensate for the size of the Layer 2 header and the MTU of the egress interface.
The IP MTU is adjusted automatically only if there is no IP MTU manually configured on the virtual template interface from which the virtual access interface is cloned. To manually configure an IP MTU on the virtual template interface, use the ip mtu command in interface configuration mode.
Examples
The following example enables automatic adjustment of the IP MTU for sessions associated with the VPDN group named cisco1:
vpdn-group cisco1ip mtu adjustRelated Commands
ip pmtu
To enable the discovery of the path maximum transmission unit (MTU) for Layer 2 traffic, use the ip pmtu command in VPDN group, VPDN template, or pseudowire class configuration mode. To disable path MTU discovery, use the no form of this command.
ip pmtu
no ip pmtu
Syntax Description
This command has no arguments or keywords.
Command Default
Path MTU discovery is disabled.
Command Modes
VPDN group configuration
VPDN template configuration
Pseudowire class configurationCommand History
Usage Guidelines
When the ip pmtu command is enabled, the Don't Fragment (DF) bit is copied from the inner IP header to the Layer 2 encapsulation header.
Enabling the ip pmtu command triggers Internet Control Message Protocol (ICMP) unreachable messages that indicate fragmentation errors in the IP backbone network carrying the tunneled traffic. If an IP packet is larger than the MTU of any interface it must pass through and the DF bit is set, the packet is dropped and an ICMP unreachable message is returned. The ICMP unreachable message indicates the MTU of the interface that was unable to forward the packet without fragmentation. This information allows the source host to reduce the size of the packet before retransmission, allowing it to fit through that interface.
Note
Crafted code 4 ICMP messages can be used to set the path MTU to an impractically low value. This will cause higher layer protocols to time out because of a very low throughput, even though the connection is still in the established state. This type of attack is classified as a throughput-reduction attack. When PMTUD is enabled, it is highly recommended that you use the vpdn pmtu command to configure a range of acceptable values for the path MTU to block PMTUD attacks.Enabling PMTUD will decrease switching performance.
When issued in VPDN group configuration mode, the ip pmtu command enables any tunnel associated with the specified virtual private dialup network (VPDN) group to participate in path MTU discovery.
When issued in VPDN template configuration mode, the ip pmtu command enables any tunnel associated with the specified VPDN template to participate in path MTU discovery.
When issued in pseudowire class configuration mode, the ip pmtu command enables any Layer 2 Tunnel Protocol Version 3 (L2TPv3) session derived from the specified pseudowire class configuration to participate in path MTU discovery.
Examples
The following example configures a VPDN group named dial-in on a Layer 2 Tunnel Protocol (L2TP) tunnel server and uses the ip pmtu command to specify that tunnels associated with this VPDN group will participate in path MTU discovery. The vpdn pmtu command is used to configure the device to accept only path MTU values ranging from 576 to 1460 bytes. The device will ignore code 4 ICMP messages that specify a path MTU outside of this range.
Router(config)# vpdn-group dial-inRouter(config-vpdn)# request-dialinRouter(config-vpdn-acc-in)# protocol l2tpRouter(config-vpdn-acc-in)# virtual-template 1!Router(config-vpdn)# l2tp security crypto-profile l2tpRouter(config-vpdn)# no l2tp tunnel authenticationRouter(config-vpdn)#
