We have lots of DSL customers connected to a 7206, running IOS 12.1. The
vast majority of them have the Cisco 675 as their CPE. We're starting to
see problems with customers not being able to talk to eachother,
especially in this circumstance:
Cust 1: c675 has a dynamic address with the following pertinent RADIUS
info:
Framed-IP-Address = "255.255.255.254",
Framed-Route = "10.0.0.0/27 0.0.0.0";
(i.e., "Assign them a dynamic IP address, and route 10.0.0.0/27 via that
address". 10.0.0.0/27 is, obviously, not the real address. The c675 in
this case is not running NAT)
Cust 2: c675 has a dynamic address with the following RADIUS info:
Framed-IP-Address = "255.255.255.254";
(c675 gets a dynamic IP address, and uses NAT on the customer PC(s))
In this particular case, Customer 2 can't talk to the subnet behind
Customer 1's router. Traceroutes die at the 7206. The problem goes away
when Customer 2 switches to a situation in which he isn't doing NAT.
I *think* what's happening here is that the c675 with NAT enabled is
sending packets with a source address of the remote end, but I'm not sure.
The pertinent config on the 7206 is this:
interface Virtual-Template1
description cloned PTP interface for dynamic-IP DSL
ip unnumbered Loopback0
peer default ip address pool dsl-ppp-net1
ppp authentication pap ppp-inbound
ppp authorization ppp-inbound
!
ip local pool dsl-ppp-net1 192.168.1.1 192.168.1.254
That seems like everything pertinent. I can provide more config info if
needed.
Dan Debertin
-- ++ I do not drink tea.++ Dan Debertin ++ Senior Systems Administrator ++ Bitstream Underground, LLC ++ airboss@bitstream.net ++ (612)321-9290 x108 ++ GPG Fingerprint: 0BC5 F4D6 649F D0C8 D1A7 CAE4 BEF4 0A5C 300D 2387
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:34 EDT