 Feedback
|
Table Of Contents
Enabling PPPoE Relay Discovery and Service Selection Functionality
Prerequisites for Enabling PPPoE Relay Discovery and Service Selection Functionality
Information About Enabling PPPoE Relay Discovery and Service Selection Functionality
L2TP Active Discovery Relay for PPPoE
RADIUS Subscriber Profile Entry for the LAC
RADIUS VPDN Group User Profile Entry for the LNS
How to Enable PPPoE Relay Discovery and Service Selection Functionality
Configuring the LAC and Tunnel Switch for PPPoE Relay
Configuring the LNS (or Multihop Node) to Respond to Relayed PAD Messages
Configuration Examples for Enabling PPPoE Relay Discovery and Service Selection Functionality
PPPoE Relay on LAC Configuration: Example
Basic LNS Configured for PPPoE Relay: Example
Tunnel Switch (or Multihop Node) Configured to Respond to PAD Messages: Example
Tunnel Switch Configured to Relay PAD Messages: Example
RADIUS Subscriber Profile Entry for the LAC: Example
RADIUS VPDN Group User Profile Entry for the LNS: Example
Feature Information for Enabling PPPoE Relay Discovery and Service Selection Functionality
Enabling PPPoE Relay Discovery and Service Selection Functionality
First Published: May 2, 2005Last Updated: May 2, 2005The PPPoE Relay feature enables an L2TP access concentrator (LAC) to relay active discovery and service selection functionality for PPP over Ethernet (PPPoE), over a Layer 2 Tunneling Protocol (L2TP) control channel, to an L2TP network server (LNS) or tunnel switch (multihop node). The relay functionality of this feature allows the LNS or tunnel switch to advertise the services it offers to the client, thereby providing end-to-end control of services between the LNS and a PPPoE client.
inding Feature Information
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for Enabling PPPoE Relay Discovery and Service Selection Functionality" section.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Prerequisites for Enabling PPPoE Relay Discovery and Service Selection Functionality
•
•
•
•
Prerequisites for Enabling PPPoE Relay Discovery and Service Selection Functionality
•
•
•
Information About Enabling PPPoE Relay Discovery and Service Selection Functionality
To configure PPPoE relay, you need to understand the following concept:
•
L2TP Active Discovery Relay for PPPoE
The PPPoE protocol described in RFC 2516 defines a method for active discovery and service selection of devices in the network by an LAC. A PPPoE client uses these methods to discover an access concentrator in the network, and the access concentrator uses these methods to advertise the services it offers.
The PPPoE Relay feature introduced in Cisco IOS Release 12.3(4)T allows the active discovery and service selection functionality to be offered by the LNS, rather than just by the LAC. The PPPoE Relay feature implements the Network Working Group Internet-Draft titled L2TP Active Discovery Relay for PPPoE. The Internet-Draft describes how to relay PPPoE Active Discovery (PAD) and Service Relay Request (SRRQ) messages over an L2TP control channel (the tunnel). (See the "RFCs" section for information on how to access Network Working Group Internet-Drafts.)
The key benefit of the PPPoE Relay feature is end-to-end control of services between the LNS and a PPPoE client.
RADIUS Subscriber Profile Entry for the LAC
The following example shows how to enter Subscriber Service Switch subscriber service attributes in a AAA RADIUS server profile.
profile-1 = profile-name...Cisco:Cisco-Avpair = "sss:sss-service=relay-pppoe"RADIUS VPDN Group User Profile Entry for the LNS
The following example shows how to enter the VPDN group attributes in a AAA RADIUS server profile.
profile-1 = profile-name...Cisco:Cisco-Avpair = "vpdn:relay-pppoe-bba-group=group-name"How to Enable PPPoE Relay Discovery and Service Selection Functionality
This section contains the following procedures:
•
•
•
Configuring the LAC and Tunnel Switch for PPPoE Relay
Perform this task to configure the LAC and tunnel switch for PPPoE Relay, which configures a subscriber profile that directs PAD messages to be relayed on an L2TP tunnel. The subscriber profile also will contain an authorization key for the outgoing L2TP tunnel.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Step 1
enable
Example:Router> enable
Enables privileged EXEC mode.
•
Step 2
configure terminal
Example:Router# configure terminal
Enters global configuration mode.
Step 3
subscriber profile profile-name
Example:Router(config)# subscriber profile profile-1
Configures the subscriber profile name and enters subscriber profile configuration mode.
•
Step 4
service relay pppoe vpdn group vpdn-group-name
Example:Router(config-sss-profile)# service relay pppoe vpdn group Group-A
Provides PPPoE relay service using a VPDN L2TP tunnel for the relay. The VPDN group name specified is used to obtain outgoing L2TP tunnel information.
•
Step 5
exit
Example:Router(config-sss-profile)# exit
(Optional) Ends the configuration session and returns to privileged EXEC mode.
What to Do Next
Configure the LNS side of the configuration by performing the tasks described in the "Configuring the LNS (or Multihop Node) to Respond to Relayed PAD Messages" section.
Configuring the LNS (or Multihop Node) to Respond to Relayed PAD Messages
On the router that responds to relayed PAD messages, perform this task to configure a PPPoE group and attach it to a VPDN group that accepts dial-in calls for L2TP. The relayed PAD messages will be passed from the VPDN L2TP tunnel and session to the PPPoE broadband group for receiving the PAD responses.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Step 1
enable
Example:Router> enable
Enables privileged EXEC mode.
•
Step 2
configure terminal
Example:Router# configure terminal
Enters global configuration mode.
Step 3
vpdn-group vpdn-group-name
Example:Router(config)# vpdn-group Group-A
Creates a VPDN group and enters VPDN group configuration mode.
Step 4
accept-dialin
Example:Router(config-vpdn)# accept-dialin
Configures the LNS to accept tunneled PPP connections from an LAC and creates an accept-dialin VPDN subgroup.
Step 5
protocol l2tp
Example:Router(config-vpdn-req-in)# protocol l2tp
Specifies the L2TP tunneling protocol.
Step 6
virtual-template template-number
Example:Router(config-vpdn-req-in)# virtual-template 2
Specifies which virtual template will be used to clone virtual access interfaces.
Step 7
exit
Example:Router(config-vpdn-req-in)# exit
Exits to VPDN group configuration mode.
Step 8
terminate-from hostname host-name
Example:Router(config-vpdn)# terminate-from hostname LAC-1
Specifies the LAC hostname that will be required when the VPDN tunnel is accepted.
Step 9
relay pppoe bba-group pppoe-bba-group-name
Example:Router(config-vpdn)# relay pppoe bba-group group-2
Specifies the PPPoE BBA group that will respond to the PAD messages.
•
•
Step 10
exit
Example:Router(config-vpdn)# exit
Exits to global configuration mode.
Monitoring PPPoE Relay
Perform this task to monitor PPPoE Relay.
DETAILED STEPS
Step 1
Enables privileged EXEC mode.
•
Router> enableStep 2
Displays information about currently active PPPoE sessions.
Router# show pppoe session1 session in FORWARDED (FWDED) State1 session totalUniq ID PPPoE RemMAC Port VT VA StateSID LocMAC VA-st26 19 0001.96da.a2c0 Et0/0.1 5 N/A RELFWD000c.8670.1006 VLAN:3434Step 3
Displays the PPPoE relay context created for relaying PAD messages.
Router# show pppoe relay context allTotal PPPoE relay contexts 1UID ID Subscriber-profile State25 18 cisco.com RELAYEDStep 4
This command clears the PPPoE relay context created for relaying PAD messages.
Router# clear pppoe relay context
Troubleshooting Tips
Use the following commands in privileged EXEC mode to help you troubleshoot the PPPoE Relay feature:
•
•
•
•
•
•
Configuration Examples for Enabling PPPoE Relay Discovery and Service Selection Functionality
This section provides the following configuration examples:
•
•
•
•
•
•
PPPoE Relay on LAC Configuration: Example
The following is an example of a standard LAC configuration with the commands to enable PPPoE relay added:
hostname User2!username User1 password 0 fieldusername User2 password 0 fieldusername user-group password 0 fieldusername User5 password 0 fieldusername User2-lac-domain password 0 fieldusername User1-client-domain@cisco.net password 0 fieldusername User3-lns-domain password 0 field!ip domain-name cisco.com!vpdn enablevpdn source-ip 10.0.195.151!vpdn-group User2-vpdn-group-domainrequest-dialinprotocol l2tpdomain cisco.netinitiate-to ip 10.0.195.133local name User2-lac-domain!!interface Loopback123ip address 10.22.2.2 255.255.255.0!interface Ethernet0/0ip address 10.0.195.151 255.255.255.0no keepalivehalf-duplexpppoe enable group group_1no cdp enable!interface Virtual-Template1mtu 1492ip unnumbered Loopback123ppp authentication chapppp chap hostname User2-lac-domain!ip route 0.0.0.0 0.0.0.0 10.0.195.1!!subscriber profile Profile1service relay pppoe vpdn group User2-vpdn-group-domain!bba-group pppoe group_1virtual-template 1service profile Profile1!Basic LNS Configured for PPPoE Relay: Example
The following example shows the basic configuration for an LNS with commands added for PPPoE relay:
hostname User5!!username User5 password 0 fieldusername user-group password 0 fieldusername User1 password 0 fieldusername User2 password 0 fieldusername User3 password 0 fieldusername User3-dialout password 0 ciscousername User2-dialout password 0 ciscousername abc password 0 ciscousername dial-7206a password 0 fieldusername mysgbpgroup password 0 ciscousername User3-lns-domain password 0 fieldusername User2-lac-domain password 0 fieldusername User1-client-domain@cisco.net password 0 fieldusername User5-mh password 0 fieldusername User1@domain.net password 0 fieldip subnet-zero!!ip domain-name cisco.com!vpdn enablevpdn multihopvpdn source-ip 10.0.195.133!vpdn-group 1request-dialinprotocol l2tp!vpdn-group 2! Default L2TP VPDN groupaccept-dialinprotocol l2tp!vpdn-group User5-mhrequest-dialinprotocol l2tpdomain cisco.netinitiate-to ip 10.0.195.143local name User5-mh!vpdn-group User3-vpdn-group-domainaccept-dialinprotocol l2tpvirtual-template 2terminate-from hostname User2-lac-domainlocal name User3-lns-domainrelay pppoe group group_1!!interface Loopback0no ip address!!interface Loopback123ip address 10.23.3.2 255.255.255.0!!interface FastEthernet0/0ip address 10.0.195.133 255.255.255.0duplex autospeed autono cdp enable!!interface Virtual-Template2mtu 1492ip unnumbered Loopback123ip access-group virtual-access3#234 inppp mtu adaptiveppp authentication chapppp chap hostname User3-lns-domain!!ip default-gateway 10.0.195.1ip classlessip route 0.0.0.0 0.0.0.0 10.0.195.1!!bba-group pppoe group_1virtual-template 2!Tunnel Switch (or Multihop Node) Configured to Respond to PAD Messages: Example
The following is an example of a standard tunnel switch configuration with the commands to enable response to PPPoE relay messages added:
hostname User3!!username User1 password 0 room1username User2 password 0 room1username User3 password 0 room1username User1@domain.net password 0 room1username User3-lns-dnis password 0 ciscousername User3-lns-domain password 0 room1username User2-lac-dnis password 0 ciscousername User2-lac-domain password 0 room1username User5 password 0 room1username User5-mh password 0 room1username user-group password 0 room1username User3-dialout password 0 ciscousername User2-dialout password 0 ciscousername abc password 0 ciscousername dial-7206a password 0 room1username mysgbpgroup password 0 ciscousername User1-client-domain@cisco.net password 0 room1username User4-lns-domain password 0 room1!ip domain-name cisco.com!vpdn enable!vpdn-group User3-mhaccept-dialinprotocol l2tpvirtual-template 1terminate-from hostname User5-mhrelay pppoe bba-group group_1!interface Loopback0ip address 10.4.4.2 255.255.255.0!interface Loopback1ip address 10.3.2.2 255.255.255.0!interface Ethernet2/0ip address 10.0.195.143 255.255.0.0half-duplexno cdp enable!interface Virtual-Template1mtu 1492ip unnumbered Loopback0no keepaliveppp mtu adaptiveppp authentication chapppp chap hostname User3-lns-domain!ip default-gateway 10.0.195.1ip route 0.0.0.0 0.0.0.0 10.0.195.1!!bba-group pppoe group_1virtual-template 1!Tunnel Switch Configured to Relay PAD Messages: Example
The following partial example shows a configuration that allows the tunnel switch to relay PAD messages:
subscriber profile profile-1! Configure profile for PPPoE Relayservice relay pppoe vpdn group Sample1.net...vpdn-group Sample2.net! Configure L2TP tunnel for PPPoE Relayaccept-dialinprotocol l2tp...terminate-from host Host1relay pppoe bba-group group-1...vpdn-group Sample1.net! Configure L2TP tunnel for PPPoE Relayrequest-dialinprotocol l2tp...initiate-to ip 10.17.1.3...! PPPoE-group configured for relaybba-group pppoe group-1...service profile profile-1RADIUS Subscriber Profile Entry for the LAC: Example
The following is an example of a typical RADIUS subscriber profile entry for an LAC:
cisco.com Password = "password"Cisco:Cisco-Avpair = "sss:sss-service=relay-pppoe",Tunnel-Type = L2TP,Tunnel-Server-Endpoint = .....,Tunnel-Client-Auth-ID = "client-id",Tunnel-Server-Auth-ID = "server-id",Cisco:Cisco-Avpair = "vpdn:l2tp-tunnel-password=password",Cisco:Cisco-Avpair = "vpdn:l2tp-nosession-timeout=never",Tunnel-Assignment-Id = assignment-idRADIUS VPDN Group User Profile Entry for the LNS: Example
The following is an example of a typical RADIUS subscriber profile entry for an LNS:
cisco.com Password = "password"Tunnel-Type = L2TP,Tunnel-Server-Endpoint = .....,Tunnel-Client-Auth-ID = "client-id",Tunnel-Server-Auth-ID = "server-id",Cisco:Cisco-Avpair = "vpdn:l2tp-tunnel-password=password",Cisco:Cisco-Avpair = "vpdn:l2tp-nosession-timeout=never",Cisco:Cisco-Avpair = "vpdn:relay-pppoe-bba-group=group-name"Tunnel-Assignment-Id = assignment-idAdditional References
The following sections provide referenced related to the PPPoE Relay feature.
Related Documents
VPDN tunnels
Cisco IOS Dial Technologies Configuration Guide, Release 12.3; refer to the "Configuring Virtual Private Networks" chapter in the "Virtual Templates, Profiles, and Networks" part
VPDN tunnel commands
Tunnel switching
L2TP Tunnel Switching feature module
PPPoE broadband groups
Cisco IOS Wide-Area Networking Configuration Guide, Release 12.3; refer to the chapters in the "Broadband Access" part
PPPoE broadband commands
Cisco IOS Wide-Area Networking Command Reference, Release 12.3
Broadband access aggregation concepts
Refer to the "Understanding Broadband Access Aggregation" module.
Tasks for preparing for broadband access aggregation
Refer to the "Preparing for Broadband Access Aggregation" module.
Standards
MIBs
None
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
RFCs
RFC 2516
"Method for Transmitting PPP Over Ethernet (PPPoE)"
RFC 3817
L2TP Active Discovery Relay for PPPoE
Network Working Group Internet-Draft, L2TP Active Discovery Relay for PPPoE, which can be seen at http://tools.ietf.org/html/draft-dasilva-l2tp-relaysvc-06
Technical Assistance
Feature Information for Enabling PPPoE Relay Discovery and Service Selection Functionality
Table 10 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Release 12.3(4)T or later releases appear in the table.
Not all commands may be available in your Cisco IOS software release. For details on when support for specific commands was introduced, see the command reference documents.
If you are looking for information on a feature in this technology that is not documented here, see the "Configuring Broadband Access Aggregation Features Roadmap."
Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Note
Table 10 Feature Information for Enabling PPPoE Relay Discovery and Service Selection Functionality
PPPoE Relay
12.3(4)T
The PPPoE Relay feature enables an L2TP access concentrator (LAC) to relay active discovery and service selection functionality for PPP over Ethernet (PPPoE), over a Layer 2 Tunneling Protocol (L2TP) control channel, to an L2TP network server (LNS) or tunnel switch (multihop node).
The following sections provide information about this feature:
•
•
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2008 Cisco Systems, Inc. All rights reserved.
