[cisco-bba] Single L2TP VPDN group and static IP's

Mark Tohill Mark at u.tv
Fri Dec 1 08:36:48 EST 2006 

Oliver,

Tagging may help with grabbing this information from start/stop records,
I'm not sure.

IF there are unused interfaces on the LNS and on intefaces extending to
the PoP edge, could I do polocy-based-routing on that traffic? Would
that imapct on performance on approx. 100MB of traffic (total) on
7204VXr/NPE-G1?

Thanks,
Mark


-----Original Message-----
From: Oliver Boehmer (oboehmer) [mailto:oboehmer at cisco.com] 
Sent: 01 December 2006 12:34
To: Mark Tohill; cisco-bba at puck.nether.net
Subject: RE: [cisco-bba] Single L2TP VPDN group and static IP's

Mark Tohill <mailto:Mark at u.tv> wrote on Friday, December 01, 2006 1:27
PM:

> OB: Well, how did you plan on measuring the bandwidth of the users? Do

> you need to do this invidually or one aggregate for the whole user 
> "group"?
> 
>>> Oliver, just figures for that group of users, no individual stats 
>>> needed.

oh, ok.

> 
>>> Would that mean something like below? For the telco to do
> this, they would require parameter to distinguish users on, eg. DNIS?
> Our users are all within 2 or 3 realms, the users we want spread over
those.

The Telco needs some way to distinguish them, so you need to work this
out with them.
 
> vpdn-group 1
>  description VPDN-GROUP-1
>  accept-dialin
>   protocol l2tp
>   virtual-template 1
>  terminate-from hostname LAC-VPDN-1
>  source-ip aaa.bbb.ccc.ddd
>  lcp renegotiation on-mismatch
>  l2tp tunnel password VPDN1-PW
> !
> 
> vpdn-group 2
>  description VPDN-GROUP-2
>  accept-dialin
>   protocol l2tp
>   virtual-template 1(or 2)
>  terminate-from hostname LAC-VPDN-1
>  source-ip aaa.bbb.ccc.ddd(+1)
>  lcp renegotiation on-mismatch
>  l2tp tunnel password VPDN2-PW
> !

almost, you need to differentiate on the "terminate-from hostname", so
the Telco needs to set the tunnel name to "LAC-VPDN-1" or "LAC-VPDN-2"
according to your groups (see above). You can use the same ip address
for both.

>>> We do have start/stop Radius records for users, may be
> able to trawl thru those based on distinct gateways/subnets given to
those users.

you could also use the Radius "Class" attribute to "tag" those users.
Just include a "Class" attribute (att # 25) in the access-accept
profile, and the LNS will send this attribute along with the accounting
records.

	oli

More information about the cisco-bba mailing list