[cisco-bba] l2tp avp hiding - questions

Tassos Chatzithomaoglou achatz at forthnet.gr
Mon Jul 17 06:04:39 EDT 2006


After looking at http://tools.ietf.org/html/2661#section-4.3 i have some questions about this avp 
hiding:

1) According to the rfc, the LAC is the one which enables the avp hiding. If we have "l2tp hidden" 
on the LNS only, is there any "encryption" happening? Do both LAC and LNS must have "l2tp hidden"?

2) If the LAC starts the vpdn tunnel through tacacs/radius, how do we add this "l2tp hidden" in the 
tacacs/radius vpdn config?

3) If the vpdn users use CHAP as their authentication protocol, is there any need for l2tp avp 
hiding? Does it add something extra?

4) Does the "l2tp hidden" add any extra cpu load to the LAC and/or LNS?


-- 
Tassos


More information about the cisco-bba mailing list