The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This module contains information about managing virtual private dialup network (VPDN) tunnels and monitoring VPDN events. The tasks documented in this module should be performed only after configuring and deploying a VPDN.
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the Feature Information Table at the end of this document.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Before you can perform the tasks in this module, you must configure a VPDN deployment. For an overview of VPDN deployments, see the VPDN Technology Overview module.
VPDN tunnels using the Layer 2 Forwarding (L2F) protocol or Point-to-Point Tunnel Protocol (PPTP) are not supported.
VPDN tunnels can be terminated manually or through a soft shutdown. Manual termination of a VPDN tunnel results in the immediate shutdown of the specified VPDN tunnel and all sessions within that tunnel, resulting in a sudden disruption of VPDN services. Enabling soft shutdown on a router prevents the establishment of new VPDN sessions in all VPDN tunnels that terminate on that router, but does not affect existing sessions. Opting to terminate a VPDN tunnel by enabling soft shutdown prevents the disruption of established sessions that occurs when a VPDN tunnel is manually terminated.
The number of simultaneous VPDN sessions that can be established on a router can be manually configured, providing network administrators more control over the network. VPDN session limits can increase performance and reduce latency for routers that are otherwise forced to operate at high capacity.
The maximum number of VPDN sessions can be configured globally, at the level of a VPDN group, or for all VPDN groups associated with a particular VPDN template.
The hierarchy for the application of VPDN session limits is as follows:
Certain control packet timers, retry counters, and the advertised control packet receive window size can be configured for Layer 2 Transport Protocol (L2TP) or Layer 2 Forwarding (L2F) VPDN tunnels. Adjustments to these parameters allow fine-tuning of router performance to suit the particular needs of the VPDN deployment.
L2TP congestion avoidance provides packet flow control and congestion avoidance by throttling L2TP control messages as described in RFC 2661. Throttling L2TP control message packets prevents input buffer overflows on the peer tunnel endpoint, which can result in dropped sessions.
Before the introduction of L2TP congestion avoidance, the window size used to send packets between the network access server (NAS) and the tunnel server was set to the value advertised by the peer endpoint and was never changed. Configuring L2TP congestion avoidance allows the L2TP packet window to be dynamically resized using a sliding window mechanism. The window size grows larger when packets are delivered successfully, and is reduced when dropped packets must be retransmitted.
L2TP congestion avoidance is useful in networks with a relatively high rate of calls being placed by either tunnel endpoint. L2TP congestion avoidance is also useful on highly scalable platforms that support many simultaneous sessions.
TCP/IP and RFC 2661 define two algorithms--slow start and congestion avoidance--used to throttle control message traffic between a NAS and a tunnel server. Slow start and congestion avoidance are two independent algorithms that work together to control congestion. Slow start and congestion avoidance require that two variables, a slow start threshold (SSTHRESH) size and a congestion window (CWND) size, be maintained by the sending device for each connection.
The congestion window defines the number of packets that can be transmitted before the sender must wait for an acknowledgment from its peer. The size of the congestion window expands and contracts, but can never exceed the size of the peer device’s advertised receive window.
The slow start threshold defines the point at which the sending device switches operation from slow start mode to congestion avoidance mode. When the congestion window size is smaller than the slow start threshold, the device operates in slow start mode. When the congestion window size equals the slow start threshold, the device switches to congestion avoidance mode.
When a new connection is established, the sending device initially operates in slow start mode. The congestion window size is initialized to one packet, and the slow start threshold is set to the receive window size advertised by the peer tunnel endpoint (the receiving side).
The sending device begins by transmitting one packet and waiting for it to be acknowledged. When the acknowledgment is received, the congestion window size is incremented from one to two, and two packets can be sent. When those two packets are each acknowledged, the congestion window is increased to four. The congestion window doubles for each complete round trip, resulting in an exponential increase in size.
When the congestion window size reaches the slow start threshold value, the sending device switches over to operate in congestion avoidance mode. Congestion avoidance mode slows down the rate at which the congestion window size grows. In congestion avoidance mode, for every acknowledgment received the congestion window increases at the rate of 1 divided by the congestion window size. This results in linear, rather than exponential, growth of the congestion window size.
At some point, the capacity of the peer device will be exceeded and packets will be dropped. This indicates to the sending device that the congestion window has grown too large. When a retransmission event is detected, the slow start threshold value is reset to half of the current congestion window size, the congestion window size is reset to one, and the device switches operation to slow start mode (if it was not already operating in that mode).
There are two types of VPDN event logging available, VPDN failure event logging and generic VPDN event logging. The logging of VPDN failure events is enabled by default. Generic VPDN event logging is disabled by default, and must be explicitly enabled before generic event messages can be viewed.
Manual termination of a VPDN tunnel results in the immediate shutdown of the specified VPDN tunnel and all sessions within that tunnel, resulting in a sudden disruption of VPDN services. Before manually terminating a VPDN tunnel, consider performing the task in the Enabling Soft Shutdown of VPDN Tunnels instead.
A manually terminated VPDN tunnel can be restarted immediately when a user logs in. Manually terminating and restarting a VPDN tunnel while VPDN event logging is enabled can provide useful troubleshooting information about VPDN session establishment.
Perform this task to manually shut down a specific VPDN tunnel, resulting in the termination of the tunnel and all sessions in that tunnel. You can perform this task on these devices:
Note |
|
Command or Action | Purpose | |
---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode.
|
|
Example: Router# clear vpdn tunnel l2tp all |
Shuts down a specified tunnel and all sessions within the tunnel. |
Enabling soft shutdown of VPDN tunnels on a router prevents the establishment of new VPDN sessions in all VPDN tunnels that terminate on that router, but does not affect existing sessions. Opting to terminate a VPDN tunnel by enabling soft shutdown prevents the disruption of established sessions that occurs when a VPDN tunnel is manually terminated. Enabling soft shutdown on a router or access server will affect all of the tunnels terminating on that device. There is no way to enable soft shutdown for a specific tunnel. If you want to shut down a specific tunnel on a device without affecting any other tunnels, see the Manually Terminating VPDN Tunnels instead.
When soft shutdown is performed on a NAS, the potential session will be authorized before it is refused. This authorization ensures that accurate accounting records can be kept.
When soft shutdown is performed on a tunnel server, the reason for the session refusal will be returned to the NAS. This information is recorded in the VPDN history failure table.
Note |
Enabling soft shutdown of VPDN tunnels does not affect the establishment of Multichassis Multilink PPP (MMP) tunnels. |
Perform this task to prevent new sessions from being established in any VPDN tunnel terminating on the router without disturbing service for existing sessions. You can perform this task on these devices:
Note |
|
Command or Action | Purpose | |
---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode.
|
|
Example: Router# configure terminal |
Enters global configuration mode. |
|
Example: Router(config)# vpdn softshut |
Prevents new sessions from being established on a VPDN tunnel without disturbing existing sessions. |
Perform this task to ensure that soft shutdown is working properly.
Command or Action | Purpose | |
---|---|---|
|
|
|
|
Example: Router> enable |
Enables privileged EXEC mode.
|
|
Example: Router# configure terminal |
Enters global configuration mode. |
|
Example: Router(config)# vpdn softshut |
Prevents new sessions from being established on a VPDN tunnel without disturbing existing sessions. You can issue this command on either the NAS or the tunnel server. |
|
Example: Router(config)# exit |
Exits to privileged EXEC mode. |
|
Example: Router# show vpdn |
Displays information about active L2TP or L2F tunnels and message identifiers in a VPDN. Issue this command to verify that the original session is active: |
|
|
If soft shutdown has been enabled, a system logging (syslog) message appears on the console of the soft shutdown router. |
|
Example: Router# show vpdn history failure |
Displays the content of the history failure table. |
The number of simultaneous VPDN sessions that can be established on a router can be manually configured, providing network administrators more control over the network. VPDN session limits can increase performance and reduce latency for routers that are otherwise forced to operate at high capacity.
The maximum number of VPDN sessions can be configured globally, at the level of a VPDN group, or for all VPDN groups associated with a particular VPDN template.
The hierarchy for the application of VPDN session limits is as follows:
For an example of the interactions of global, template-level, and group-level VPDN session limits, see the "Examples Configuring VPDN Session Limits" section.
Perform any or all of the following optional tasks to configure VPDN session limits:
You can perform these tasks on the NAS or the tunnel server.
For client-initiated L2TP tunnels, you can perform these tasks only on the tunnel server.
Perform this task to limit the total number of VPDN sessions allowed on the router.
Command or Action | Purpose | |
---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode.
|
|
Example: Router# configure terminal |
Enters global configuration mode. |
|
Example: Router(config)# vpdn session-limit 6 |
Limits the number of simultaneous VPDN sessions globally on the router. |
Perform this task to configure a session limit in a VPDN template. The session limit is applied across all VPDN groups associated with the VPDN template.
Perform this task to limit the number of VPDN sessions at the VPDN group level.
Command or Action | Purpose | |
---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode.
|
|
Example: Router# configure terminal |
Enters global configuration mode. |
|
Example: Router(config)# vpdn-group 1 |
Creates a VPDN group and enters VPDN group configuration mode. |
|
Example: Router(config-vpdn)# session-limit 2 |
Limits the number of sessions that are allowed through a specified VPDN group. |
Perform this task to ensure that VPDN sessions are being limited properly.
Note |
If you use a Telnet session to connect to the NAS, enable the terminal monitor command, which ensures that your EXEC session is receiving the logging and debug output from the NAS. |
Control packet timers, retry counters, and the advertised control packet receive window size can be configured for L2TP VPDN tunnels. Adjustments to these parameters allow fine-tuning of router performance to suit the particular needs of the VPDN deployment.
Perform this task to configure control packet parameters if your VPDN configuration uses L2TP tunnels. The configuration of each parameter is optional. If a parameter is not manually configured, the default value will be used.
You can perform this task on these devices:
Load balancing must be enabled for the configuration of the l2tp tunnel retransmit initial timeout command or the l2tp tunnel retransmit initial retries command to have any effect.
Note |
For client-initiated L2TP tunnels, you can perform this task only on the tunnel server. |
Perform this task to configure L2TP congestion avoidance on a tunnel endpoint, allowing dynamic throttling of the L2TP control packet window size.
You can perform this task on these devices:
This task need be performed only on the sending device.
Note |
|
Command or Action | Purpose | |
---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode. |
|
Example: Router# configure terminal |
Enters global configuration mode. |
|
Example: Router(config)# l2tp congestion-control |
Enables L2TP congestion avoidance. |
|
Example: Router(config)# exit |
Exits to privileged EXEC mode. |
|
Example: Router# show vpdn tunnel l2tp all |
Displays information about all active L2TP VPDN tunnels. |
|
Example: Router(config)# debug vpdn l2x-events |
Displays troubleshooting information for protocol-specific VPDN tunneling events. |
Logging of a failure event to the history table is triggered by event logging by the syslog facility. The syslog facility creates a history failure table, which keeps records of failure events. The table defaults to a maximum of 20 entries, but the size of the table can be configured to retain up to 50 entries.
Failure entries are kept chronologically in the history table. Each entry records the relevant information of a failure event. Only the most recent failure event per user, unique to its name and tunnel client ID (CLID), is kept. When the total number of entries in the table reaches the configured maximum table size, the oldest record is deleted and a new entry is added.
The logging of VPDN failure events to the VPDN history failure table is enabled by default. You need enable VPDN failure event logging only if it has been previously disabled. Perform this task to enable VPDN failure event logging, to configure the maximum number of entries the history failure table can hold, and to display and clear the contents of the VPDN history failure table.
Command or Action | Purpose | |||
---|---|---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode. |
||
|
Example: Router# configure terminal |
Enters global configuration mode. |
||
|
Example: Router(config)# vpdn history failure |
(Optional) Enables logging of VPDN failure events to the history failure table.
|
||
|
Example: Router(config)# vpdn history failure table-size 50 |
(Optional) Sets the history failure table size.
|
||
|
Example: Router# exit |
Exits to privileged EXEC mode. |
||
|
Example: Router# show vpdn history failure |
(Optional) Displays the contents of the history failure table. |
||
|
Example: Router# clear vpdn history failure |
(Optional) Clears the contents of the history failure table. |
Generic VPDN events are a mixture of error, warning, notification, and information reports logged by the syslog facility. When VPDN event logging is enabled locally or at a remote tunnel endpoint, VPDN event messages are printed to the console as the events occur. VPDN event messages can also be reported to a remote authentication, authorization, and accounting (AAA) server in a AAA vendor-specific attribute (VSA), allowing the correlation of VPDN call success rates with accounting records.
Command or Action | Purpose | |||
---|---|---|---|---|
|
Example: Router> enable |
Enables privileged EXEC mode. |
||
|
Example: Router# configure terminal |
Enters global configuration mode. |
||
|
Example: Router(config)# vpdn logging remote |
(Optional) Enables the logging of generic VPDN events.
|
The following example manually terminates all L2TP tunnels that terminate on the router:
Router# clear vpdn tunnel l2tp all
The following example enables soft shutdown of all VPDN tunnels that terminate on the device that the command is issue on:
Router# configure terminal Router(config)# vpdn softshut !The following syslog message will appear on the device whenever an attempt is made to !establish a new VPDN session after soft shutdown is enabled. ! 00:11:17:%VPDN-6-SOFTSHUT:L2TP HGW tunnelserver1 has turned on softshut and rejected user user2@cisco.com
The following example configures a VPDN group named customer7 with a group-level session limit of 25. No more than 25 sessions can be associated with this VPDN group.
Router(config)# vpdn-group customer7 Router(config-vpdn)# session-limit 25
A VPDN template named customer4 is then created, and a session limit of 8 is configured at the VPDN template level. Two VPDN groups are associated with the VPDN template, each with a VPDN group-level session limit of 5.
Router(config)# vpdn-template customer4 Router(config-vpdn-templ)# group session-limit 8 ! Router(config)# vpdn-group customer4_l2tp Router(config-vpdn)# source vpdn-template customer4 Router(config-vpdn)# session-limit 5 ! Router(config)# vpdn-group customer4_l2f Router(config-vpdn)# source vpdn-template customer4 Router(config-vpdn)# session-limit 5
With this configuration, if the VPDN group named customer4_l2tp has 5 active sessions, the VPDN group named customer4_l2f can establish only 3 sessions. The VPDN group named customer7 can still have up to 25 active sessions.
If a global limit of 16 VPDN sessions is also configured, the global limit takes precedence over the configured VPDN group and VPDN template session limits:
Router# configure terminal Router(config)# vpdn session-limit 16
The three VPDN groups will be able to establish a total of 16 sessions between them. For example, if the VPDN group named customer4_l2tp has the maximum allowable number of active sessions (5 sessions), and the VPDN group named customer4_l2f has 2 active sessions, the VPDN group named customer7 can establish only up to 9 sessions.
The following example creates the VPDN group named l2tp and restricts it to three sessions. The configured session limit is displayed when the show vpdn group command is issued.
Router# configure terminal Router(config)# vpdn-group l2tp Router(config-vpdn)# accept dialin Router(config-vpdn-acc-in)# protocol l2tp Router(config-vpdn-acc-in)# virtual-template 5 Router(config-vpdn-acc-in)# exit Router(config-vpdn)# terminate-from hostname host1 Router(config-vpdn)# session-limit 3 Router(config-vpdn)# end Router# show vpdn group l2tp Tunnel (L2TP) ------ dnis:cg1 dnis:cg2 dnis:jan cisco.com Endpoint Session Limit Priority Active Sessions Status Reserved Sessions -------- ------------- -------- --------------- ------ ----------------- 172.21.9.67 3 1 0 OK - --------------- ------------- --------------- ----------------- Total * 0 0
The following example configures custom values for all of the available L2TP control packet parameters for the VPDN group named l2tp:
Router# configure terminal
Router(config)# vpdn-group l2tp
Router(config-vpdn)# l2tp tunnel hello 90 Router(config-vpdn)# l2tp tunnel receive window 500 Router(config-vpdn)# l2tp tunnel retransmit retries 8 Router(config-vpdn)# l2tp tunnel retransmit timeout min 2 Router(config-vpdn)# l2tp tunnel timeout no-session 500 Router(config-vpdn)# l2tp tunnel timeout setup 25 Router(config-vpdn)# l2tp tunnel zlb delay 4 Router(config-vpdn)# l2tp tunnel retransmit initial timeout min 2 Router(config-vpdn)# l2tp tunnel retransmit initial retries 5 Router(config-vpdn)# l2tp tunnel busy timeout 90
The following example configures a basic dial-in L2TP VPDN tunnel, sets the receive window size to 500 on the tunnel server (the receiving device), and enables L2TP congestion avoidance on the NAS (the sending device):
Router(config)# vpdn enable ! Router(config)# vpdn-group 1 Router(config-vpdn)# accept-dialin Router(config-vpdn-acc-in)# protocol l2tp Router(config-vpdn-acc-in)# virtual-template 1 ! Router(config-vpdn)# terminate from hostname NAS1 Router(config-vpdn)# l2tp tunnel receive-window 500
Router(config)# vpdn enable ! Router(config)# vpdn-group 1 Router(config-vpdn)# request-dialin Router(config-vpdn-req-in)# protocol l2tp Router(config-vpdn-req-in)# domain cisco.com ! Router(config-vpdn)# initiate-to ip 172.22.66.25 Router(config-vpdn)# local name NAS1 ! Router(config)# l2tp congestion-control
The following example shows L2TP tunnel activity, including the information that L2TP congestion control is enabled. Note that the slow start threshold is set to the same size as the remote receive window size. The Remote RWS value advertised by the remote peer is shown in the Remote RWS field. When the actual RWS value differs from the advertised value, the actual RWS value will be displayed as In Use Remote RWS <value>.
Router# show vpdn tunnel l2tp all L2TP Tunnel Information Total tunnels 1 sessions 1 Tunnel id 30597 is up, remote id is 45078, 1 active sessions Tunnel state is established, time since change 00:08:27 Tunnel transport is UDP (17) Remote tunnel name is LAC1 Internet Address 172.18.184.230, port 1701 Local tunnel name is LNS1 Internet Address 172.18.184.231, port 1701 Tunnel domain unknown VPDN group for tunnel is 1 L2TP class for tunnel is 4 packets sent, 3 received 194 bytes sent, 42 received Last clearing of "show vpdn" counters never Control Ns 2, Nr 4 Local RWS 1024 (default), Remote RWS 256 In Use Remote RWS 15 Control channel Congestion Control is enabled Congestion Window size, Cwnd 3 Slow Start threshold, Ssthresh 256 Mode of operation is Slow Start Tunnel PMTU checking disabled Retransmission time 1, max 2 seconds Unsent queuesize 0, max 0 Resend queuesize 0, max 1 Total resends 0, ZLB ACKs sent 2 Current nosession queue check 0 of 5 Retransmit time distribution: 0 0 0 0 0 0 0 0 0 Sessions disconnected due to lack of resources 0 Control message authentication is disabled
The following partial output from the debug vpdn l2x-events command shows that congestion occurred. The congestion window size and the slow start threshold have been reset due to a packet retransmission event.
Router# debug vpdn l2x-events ! *Jul 15 19:02:57.963: Tnl 47100 L2TP: Congestion Control event received is retransmission *Jul 15 19:02:57.963: Tnl 47100 L2TP: Congestion Window size, Cwnd 1 *Jul 15 19:02:57.963: Tnl 47100 L2TP: Slow Start threshold, Ssthresh 2 *Jul 15 19:02:57.963: Tnl 47100 L2TP: Remote Window size, 500 *Jul 15 19:02:57.963: Tnl 47100 L2TP: Control channel retransmit delay set to 4 seconds *Jul 15 19:03:01.607: Tnl 47100 L2TP: Update ns/nr, peer ns/nr 2/5, our ns/nr 5/2 !
The following partial output from the debug vpdn l2x-events command shows that traffic has been restarted with L2TP congestion avoidance operating in slow start mode.
Router# debug vpdn l2x-events ! *Jul 15 14:45:16.123: Tnl 30597 L2TP: Control channel retransmit delay set to 2 seconds *Jul 15 14:45:16.123: Tnl 30597 L2TP: Tunnel state change from idle to wait-ctl-reply *Jul 15 14:45:16.131: Tnl 30597 L2TP: Congestion Control event received is positive acknowledgement *Jul 15 14:45:16.131: Tnl 30597 L2TP: Congestion Window size, Cwnd 2 *Jul 15 14:45:16.131: Tnl 30597 L2TP: Slow Start threshold, Ssthresh 500 *Jul 15 14:45:16.131: Tnl 30597 L2TP: Remote Window size, 500 *Jul 15 14:45:16.131: Tnl 30597 L2TP: Congestion Ctrl Mode is Slow Start !
The following example first disables and then reenables VPDN failure event logging, and sets the maximum number of entries in the VPDN history failure table to 50. The contents of the history failure table are displayed and then cleared.
Router# configure terminal Router(config)# no vpdn history failure Router(config)# vpdn history failure Router(config)# vpdn history failure table-size 50 Router(config)# end Router# show vpdn history failure ! Table size: 50 Number of entries in table: 1 User: user@cisco.com, MID = 1 NAS: isp, IP address = 172.21.9.25, CLID = 1 Gateway: hp-gw, IP address = 172.21.9.15, CLID = 1 Log time: 13:08:02, Error repeat count: 1 Failure type: The remote server closed this session Failure reason: Administrative intervention ! Router# clear vpdn history failure
The following example enables VPDN logging locally:
Router# configure terminal Router(config)# vpdn logging local
The following example disables VPDN event logging locally, enables VPDN event logging at the remote tunnel endpoint, and enables the logging of both VPDN user and VPDN tunnel-drop events to the remote router:
Router# configure terminal Router(config)# no vpdn logging local Router(config)# vpdn logging remote Router(config)# vpdn logging user Router(config)# vpdn logging tunnel-drop
The following example disables the logging of VPDN events at the remote tunnel endpoint, and enables the logging of VPDN event log messages to the AAA server:
Router# configure terminal Router(config)# no vpdn logging local Router(config)# no vpdn logging remote Router(config)# vpdn logging accounting
Related Topic |
Document Title |
---|---|
Cisco IOS commands |
|
VPDN technology overview |
VPDN Technology Overview module |
VPDN commands: complete command syntax, command mode, defaults, usage guidelines, and examples |
Cisco IOS VPDN Command Reference |
Technical support documentation for VPDNs |
|
Dial Technologies commands: complete command syntax, command mode, defaults, usage guidelines, and examples |
Cisco IOS Dial Technologies Command Reference |
Concepts and tasks associated with configuring additional VPDN features |
Configuring Additional VPDN Features module |
Standard |
Title |
---|---|
TCP/IP; slow start and congestion avoidance algorithms |
TCP/IP Illustrated, Volume 1 |
MIB |
MIBs Link |
---|---|
To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL: |
RFC |
Title |
---|---|
RFC 2661 |
Layer Two Tunneling Protocol (L2TP) |
Description |
Link |
---|---|
The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1 | Feature Information for VPDN Tunnel Management |
Feature Name |
Releases |
Feature Information |
---|---|---|
L2TP Congestion Avoidance |
Cisco IOS XE Release 2.3 |
This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers. It provides packet flow control and congestion avoidance by throttling Layer 2 Transport Protocol (L2TP) control messages as described in RFC 2661. The following commands were introduced or modified by this feature: debug vpdn, l2tp congestion-control. |
Session Limit per VRF |
Cisco IOS XE Release 2.1 |
This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers. It allows you to apply session limits on all VPDN groups associated with a common VPDN template. You can limit the number of VPDN sessions that terminate in a single VPN routing and forwarding (VRF) instance. The following commands were introduced or modified by this feature: group session-limit, source vpdn-template, and vpdn-template. |
Timer and Retry Enhancements for L2TP |
Cisco IOS XE Release 2.1 |
This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers. It allows the user to configure certain adjustable timers and counters for L2TP. The following commands were introduced by this feature: l2tp tunnel busy timeout, l2tp tunnel retransmit initial retries, and l2tp tunnel retransmit initial timeout. |
VPDN Group Session Limiting |
Cisco IOS XE Release 2.1 |
This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers. It allows the user to configure a limit on the number L2TP VPDN sessions allowed for each VPDN group. The following command was introduced by this feature: session-limit (VPDN). |
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.