[c-nsp] VPDN Problem

Tue Jan 5 04:48:17 EST 2010

Okay, probably the first line will tell us, where the problem is. But 
why are keepalives suddenly get lost?

Jan  5 10:41:51 mrl01cor01 35245: 035250: 1w0d: Vi26 PPP: Missed 5 
keepalives, taking LCP down
Jan  5 10:41:51 mrl01cor01 35246: 035251: 1w0d: Vi26 PPP: Sending Acct 
Event[Down] id[667]
Jan  5 10:41:51 mrl01cor01 35247: 035252: 1w0d: Vi26 LCP: State is 
Closed
Jan  5 10:41:51 mrl01cor01 35248: 035253: 1w0d: Vi26 PPP: Phase is DOWN
Jan  5 10:41:51 mrl01cor01 35249: 035254: 1w0d: Vi26 IPCP: State is 
Closed
Jan  5 10:41:51 mrl01cor01 35250: 035255: 1w0d: Vi26 PPP: Send 
Message[Disconnect]
Jan  5 10:41:51 mrl01cor01 35251: 035256: 1w0d: Vi26 IPCP: Remove route 
to 1.2.3.4
Jan  5 10:41:51 mrl01cor01 35252: 035257: 1w0d: Vi26 Tnl/Sn 21483/1151 
L2TP: disconnect (AAA) IETF: 8/port-error Ascend: 41/TCP Foreign Host 
Close
Jan  5 10:41:51 mrl01cor01 35253: 035258: Jan  5 10:41:42.127 met: 
%VPDN-6-CLOSED: L2TP LNS lns closed Vi26 user dsluser; Result 2, Error 6
Jan  5 10:41:51 mrl01cor01 35254: 035259: 1w0d: Vi26 Tnl/Sn 21483/1151 
L2TP: O CDN to lac 37514/6429
Jan  5 10:41:52 mrl01cor01 35255: 035260: Jan  5 10:41:42.131 met: 
%LINK-3-UPDOWN: Interface Virtual-Access26, changed state to down
Jan  5 10:41:52 mrl01cor01 35256: 035261: 1w0d:  Tnl 21483 L2TP: Control 
channel retransmit delay set to 1 seconds
Jan  5 10:41:53 mrl01cor01 35257: 035262: Jan  5 10:41:43.127 met: 
%LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access26, 
changed state to down
Jan  5 10:42:12 mrl01cor01 35258: 035263: 1w0d:  Tnl 63366 L2TP: I ICRQ 
from lac tnl 1417
Jan  5 10:42:12 mrl01cor01 35259: 035264: 1w0d:  Tnl/Sn 63366/1162 L2TP: 
Session FS enabled
Jan  5 10:42:12 mrl01cor01 35260: 035265: 1w0d:  Tnl/Sn 63366/1162 L2TP: 
Session state change from idle to wait-connect
Jan  5 10:42:12 mrl01cor01 35261: 035266: 1w0d:  Tnl/Sn 63366/1162 L2TP: 
New session created
Jan  5 10:42:12 mrl01cor01 35262: 035267: 1w0d:  Tnl/Sn 63366/1162 L2TP: 
O ICRP to lac 1417/49006

Sebastian

> -----Ursprüngliche Nachricht-----
> Von: Arie Vayner (avayner) [mailto:avayner at cisco.com]
> Gesendet: Dienstag, 5. Januar 2010 09:54
> An: Sebastian Ganschow; cisco-nsp
> Betreff: RE: RE: RE: [c-nsp] VPDN Problem
> 
> Yes, it is sent from the LAC.
> This is a message from the RFC, but I would assume it has something to
> do with the PPP/L2TP negotiation between the LAC and LNS, and the LAC
> not agreeing to something sent from the LNS...
> 
> The debugs below should help.
> 
> Arie
> 
> -----Original Message-----
> From: Sebastian Ganschow [mailto:s.ganschow at buelow-masiak.de]
> Sent: Tuesday, January 05, 2010 10:48
> To: Arie Vayner (avayner); cisco-nsp
> Subject: AW: RE: RE: [c-nsp] VPDN Problem
> 
> Hi Arie,
> 
> I mean, that if you've got a DSL-line with 160kbit upstream and you 
use
> it all.
> 
> The main thing I don't understand, is the error message "invalid
> destination". Do I understand it right, that the message I see in sh
> vpdn hist fail is send by the LAC to our LNS?
> 
> Sebastian
> 
> 
> > -----Ursprüngliche Nachricht-----
> > Von: Arie Vayner (avayner) [mailto:avayner at cisco.com]
> > Gesendet: Dienstag, 5. Januar 2010 09:11
> > An: Sebastian Ganschow; cisco-nsp
> > Betreff: RE: RE: [c-nsp] VPDN Problem
> >
> > Sebastian,
> >
> > What do you mean by "if you exceed your bandwidth"?
> >
> > You could try the following debugs for more info:
> > debug ppp nego
> > debug vpdn l2x event
> > debug vpdn l2x error
> > debug radius
> >
> > Arie
> >
> > -----Original Message-----
> > From: Sebastian Ganschow [mailto:s.ganschow at buelow-masiak.de]
> > Sent: Tuesday, January 05, 2010 09:35
> > To: Arie Vayner (avayner); cisco-nsp
> > Subject: AW: RE: [c-nsp] VPDN Problem
> >
> > Hi,
> >
> > Output of show vpdn history failure
> >
> > #sh vpdn history failure
> > User: xyz, MID = 902
> > NAS: lac, IP address = 1.2.3.4, CLID = 63366
> > Gateway: lns, IP address = 5.6.7.8, CLID = 1417
> > Log time: Jan 4 10:55:24.390, Error repeat count: 3
> > Failure type: The remote server closed this session
> > Failure reason: Result 2, Error 6
> >
> > As I found out, the failure reason could be interpreted as the
> > following:
> >
> > Result 2 	- General error (Error code indicates problem)
> > Error 2  	- Invalid destination
> >
> > What is the meaning of invalid destination? As the tunnel is
> > established
> > and gets only dropped, if you exceed your bandwith, I can't get the
> > meaning of the error message from the context.
> >
> > Regards,
> > Sebastian
> >
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Arie Vayner (avayner) [mailto:avayner at cisco.com]
> > > Gesendet: Mittwoch, 23. Dezember 2009 17:23
> > > An: Sebastian Ganschow; cisco-nsp at puck.nether.net
> > > Betreff: RE: [c-nsp] VPDN Problem
> > >
> > > Sebastian,
> > >
> > > You can try looking at the output of "show vpdn history".
> > > I think the error you get means that the remote side requested a
> > > disconnect, but I also see some cases this appears by mistake...
> > >
> > > Arie
> > >
> > > -----Original Message-----
> > > From: cisco-nsp-bounces at puck.nether.net
> > > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Sebastian
> > > Ganschow
> > > Sent: Wednesday, December 23, 2009 12:17
> > > To: cisco-nsp at puck.nether.net
> > > Subject: [c-nsp] VPDN Problem
> > >
> > > Hi all,
> > >
> > > we've got a little problem with our vpdn where we're stuck. Could
> > > anyone
> > > explain the following debugging messages from our 7206 to me:
> > >
> > > VPDN Vi12 disconnect (AAA) IETF: 8/port-error Ascend: 41/TCP
> Foreign
> > > Host Close
> > > VPDN Vi12 vpdn shutdown session, result=2, error=6, vendor_err=0,
> > > syslog_error_code=23, syslog_key_type=1
> > > %VPDN-6-CLOSED: L2TP LNS viade-dbmg-lns closed Vi12 user username;
> > > Result
> > > 2, Error 6, Locally generated disconnect
> > >
> > >
> > > What is the meaning of:
> > >  - 8/port-error Ascend: 41/TCP
> > >  - Result 2, Error 6, Locally generated disconnect
> > >
> > > On CCO there is no information about those messages.
> > >
> > > The session gets disconnected, if the upstream bandwith is
> exceeded.
> > > There
> > > are two providers, who are delivering those vpdn sessions to us.
> > We've
> > > tried with users of them, but the disconnect only happens on our
> own
> > > LNS.
> > > If the user is connected two the LNS of one of the two providers,
> the
> > > session won't be disconnected.
> > >
> > > Any Ideas?
> > >
> > > Regards
> > > Sebastian
> > > _______________________________________________
> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> >
> 
> 