When working in large-scale network configurations with many Multilink PPP (or PPP) subscribers, the traffic load when bringing up a scaled session can overwhelm the network and packets may be dropped. For example, such a scenario may occur after a full device reload or after an outage on a network interface that supports large numbers of users.
To minimize recovery issues due to dropped session establishment packets, we recommend that you configure the following commands on the multilink interface (that is, interface multilink, virtual template, or serial member link interfaces):
Device(config)# interface GigabitEthernet 1/0/0
Device(config-if)# ppp max-configure 30
Device(config-if)# ppp max-failure 30
Device(config-if)# ppp timeout retry 5
Device(config-if)# keepalive 30
The above commands are the recommended starting points. These values can be configured as required depending on the scale of the network.
Some other issues related to network packet drops, observed when bringing up large-scale networks, include PPP or Multilink PPP sessions coming up but missing adjacencies in IP forwarding tables (that is, IP addresses are not assigned to sessions).
keepalive command listed above affects how quickly a link is flagged as disabled if it is no longer functional. If a Multilink PPP bundle is used with multiple member link sessions and if one or more links are removed, the higher the keepalive interval the longer Multilink PPP will require to detect the disabled link and remove from the list of member links. This delay can cause a period of packet loss and delays on the bundle until the disabled link has been detected. The default keepalive interval, if not specified by the user, is 10 seconds, and the default number of keepalive retries is 4.
When a link is disabled due to a loss of signal, shut down, or due to a major alarm type of condition, the disabled link may be detected outside of the keepalive mechanism and reported as disabled before the keepalive timeout. The keepalive mechanism applies wherever the link is disabled but appears functional at the physical layer.
When configuring Broadband Aggregation (BBA) groups over an Ethernet interface, there are limits that must be adjusted to match the scale of the configuration. The number of broadband sessions can be limited per MAC address, per VLAN, and per virtual circuit (VC). The following example shows how to use the
bba-group pppoe command to configure a BBA group over Ethernet:
Device(config)# bba-group pppoe global
Device(config-bba-group)# sessions per-mac limit 2000
Device(config-bba-group)# sessions per-vlan limit 2000
Device(config-bba-group)# sessions per-vc limit 2000 threshold 2000
If these per-session numbers are too low, there will be fewer established sessions between devices.