[cisco-bba] stranded sessions

Tassos Chatzithomaoglou achatz at forthnet.gr
Mon Feb 11 03:25:48 EST 2008


You must enable keepalives under the vtemplate, otherwise the router won't know it has lost the 
PPPoE session.

Also, some dsl modems send a PADT packet (using their last session id) before any PADI, which causes 
the old session to be disconnected.

--
Tassos


Bryan Campbell wrote on 11/2/2008 6:04 πμ:
> The following PPPOE configuration works fine, except for one detail.
> 
> If a customer unplugs their router, it strands a session and IP address. 
>   If I add the mac address session limit, it will limit the number of 
> sessions and then not allow any additional connections.  But, the 
> sessions are still stuck.  If they do not time out (which required a 
> timeout be set), or the sessions are not cleared, the customer will not 
> be able to log back on.
> 
> The work around was to not limit connections per mac.  But, that won't 
> do for long.  The IP pools will be exhausted fairly quickly.
> 
> I cannot imagine that Cisco doesn't have a knob that can be set which 
> will clear stranded PPPoE sessions, or at least disconnect the previous 
> session to the same MAC.  But, I am unaware of how this is accomplished 
> with BBA on a Cisco.
> 
> Any ideas?
> 
> bbc at misn.com
> 
> 
> aaa new-model
> !
> aaa authentication ppp default local group radius
> aaa authorization network default local group radius none
> aaa accounting delay-start
> aaa accounting network default start-stop group radius
> !
> aaa session-id common
> . . .
> bba-group pppoe global
>   virtual-template 1
>   ac name DSL
>   sessions per-mac throttle 100 30 3600
>   sessions auto cleanup
> !
> bba-group pppoe DSL
>   virtual-template 1
>   sessions per-mac throttle 100 30 3600
>   sessions auto cleanup
> . . .
> interface GigabitEthernet0/2
>   no ip address
>   duplex auto
>   speed auto
>   media-type rj45
>   negotiation auto
> !
> interface GigabitEthernet0/2.2
>   encapsulation dot1Q 2
>   pppoe enable group DSL
> . . .
> interface Virtual-Template1
>   ip unnumbered Loopback1
>   no logging event link-status
>   peer default ip address pool pool1-1 default
>   no keepalive
>   ppp authentication pap
>   ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
>   ppp ipcp address required
>   ppp ipcp address unique
> !
> ip local pool default X.X.X.49 X.X.X.62
> ip local pool default X.X.Y.1 X.X.Y.250
> ip local pool default X.X.Z.1 X.X.Z.250
> !
> ip radius source-interface Loopback1
> !
> radius-server attribute 8 include-in-access-req
> radius-server attribute nas-port format d
> radius-server host X.X.X.X auth-port 1645 acct-port 1646
> radius-server key 7 XXXXXXXXXXXX
> radius-server vsa send accounting
> radius-server vsa send authentication
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
> 


More information about the cisco-bba mailing list