[cisco-bba] Single L2TP VPDN group and static IP's
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Fri Dec 1 07:33:34 EST 2006
Mark Tohill <mailto:Mark at u.tv> wrote on Friday, December 01, 2006 1:27
PM:
> OB: Well, how did you plan on measuring the bandwidth of the users? Do
> you need to do this invidually or one aggregate for the whole user
> "group"?
>
>>> Oliver, just figures for that group of users, no individual stats
>>> needed.
oh, ok.
>
>>> Would that mean something like below? For the telco to do
> this, they would require parameter to distinguish users on, eg. DNIS?
> Our users are all within 2 or 3 realms, the users we want spread over
those.
The Telco needs some way to distinguish them, so you need to work this
out with them.
> vpdn-group 1
> description VPDN-GROUP-1
> accept-dialin
> protocol l2tp
> virtual-template 1
> terminate-from hostname LAC-VPDN-1
> source-ip aaa.bbb.ccc.ddd
> lcp renegotiation on-mismatch
> l2tp tunnel password VPDN1-PW
> !
>
> vpdn-group 2
> description VPDN-GROUP-2
> accept-dialin
> protocol l2tp
> virtual-template 1(or 2)
> terminate-from hostname LAC-VPDN-1
> source-ip aaa.bbb.ccc.ddd(+1)
> lcp renegotiation on-mismatch
> l2tp tunnel password VPDN2-PW
> !
almost, you need to differentiate on the "terminate-from hostname", so
the Telco needs to set the tunnel name to "LAC-VPDN-1" or "LAC-VPDN-2"
according to your groups (see above). You can use the same ip address
for both.
>>> We do have start/stop Radius records for users, may be
> able to trawl thru those based on distinct gateways/subnets given to
those users.
you could also use the Radius "Class" attribute to "tag" those users.
Just include a "Class" attribute (att # 25) in the access-accept
profile, and the LNS will send this attribute along with the accounting
records.
oli
More information about the cisco-bba
mailing list