[cisco-bba] stranded sessions
Tassos Chatzithomaoglou
achatz at forthnet.gr
Mon Feb 11 03:25:48 EST 2008
You must enable keepalives under the vtemplate, otherwise the router won't know it has lost the
PPPoE session.
Also, some dsl modems send a PADT packet (using their last session id) before any PADI, which causes
the old session to be disconnected.
--
Tassos
Bryan Campbell wrote on 11/2/2008 6:04 πμ:
> The following PPPOE configuration works fine, except for one detail.
>
> If a customer unplugs their router, it strands a session and IP address.
> If I add the mac address session limit, it will limit the number of
> sessions and then not allow any additional connections. But, the
> sessions are still stuck. If they do not time out (which required a
> timeout be set), or the sessions are not cleared, the customer will not
> be able to log back on.
>
> The work around was to not limit connections per mac. But, that won't
> do for long. The IP pools will be exhausted fairly quickly.
>
> I cannot imagine that Cisco doesn't have a knob that can be set which
> will clear stranded PPPoE sessions, or at least disconnect the previous
> session to the same MAC. But, I am unaware of how this is accomplished
> with BBA on a Cisco.
>
> Any ideas?
>
> bbc at misn.com
>
>
> aaa new-model
> !
> aaa authentication ppp default local group radius
> aaa authorization network default local group radius none
> aaa accounting delay-start
> aaa accounting network default start-stop group radius
> !
> aaa session-id common
> . . .
> bba-group pppoe global
> virtual-template 1
> ac name DSL
> sessions per-mac throttle 100 30 3600
> sessions auto cleanup
> !
> bba-group pppoe DSL
> virtual-template 1
> sessions per-mac throttle 100 30 3600
> sessions auto cleanup
> . . .
> interface GigabitEthernet0/2
> no ip address
> duplex auto
> speed auto
> media-type rj45
> negotiation auto
> !
> interface GigabitEthernet0/2.2
> encapsulation dot1Q 2
> pppoe enable group DSL
> . . .
> interface Virtual-Template1
> ip unnumbered Loopback1
> no logging event link-status
> peer default ip address pool pool1-1 default
> no keepalive
> ppp authentication pap
> ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
> ppp ipcp address required
> ppp ipcp address unique
> !
> ip local pool default X.X.X.49 X.X.X.62
> ip local pool default X.X.Y.1 X.X.Y.250
> ip local pool default X.X.Z.1 X.X.Z.250
> !
> ip radius source-interface Loopback1
> !
> radius-server attribute 8 include-in-access-req
> radius-server attribute nas-port format d
> radius-server host X.X.X.X auth-port 1645 acct-port 1646
> radius-server key 7 XXXXXXXXXXXX
> radius-server vsa send accounting
> radius-server vsa send authentication
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
>
More information about the cisco-bba
mailing list