[cisco-bba] stranded sessions

Bryan Campbell bbc at misn.com
Mon Feb 11 08:45:51 EST 2008


Done!  It seems to have fixed the stranded session problem at my test 
location.

But, I still have some customers who are redialing and seem to be 
consuming a great many IP addresses.  I seems that they are just 
allocated and not used.  I may have to set the sessions per-mac throttle 
such that they cannot do that anymore.  Thankfully, we only have a small 
number of customer equipment that behaves that way.  If I have trouble, 
I will e-mail back.

Thanks for your assistance.



Tassos Chatzithomaoglou wrote:
> You must enable keepalives under the vtemplate, otherwise the router 
> won't know it has lost the PPPoE session.
> 
> Also, some dsl modems send a PADT packet (using their last session id) 
> before any PADI, which causes the old session to be disconnected.
> 
> -- 
> Tassos
> 
> 
> Bryan Campbell wrote on 11/2/2008 6:04 πμ:
>> The following PPPOE configuration works fine, except for one detail.
>>
>> If a customer unplugs their router, it strands a session and IP 
>> address.   If I add the mac address session limit, it will limit the 
>> number of sessions and then not allow any additional connections.  
>> But, the sessions are still stuck.  If they do not time out (which 
>> required a timeout be set), or the sessions are not cleared, the 
>> customer will not be able to log back on.
>>
>> The work around was to not limit connections per mac.  But, that won't 
>> do for long.  The IP pools will be exhausted fairly quickly.
>>
>> I cannot imagine that Cisco doesn't have a knob that can be set which 
>> will clear stranded PPPoE sessions, or at least disconnect the 
>> previous session to the same MAC.  But, I am unaware of how this is 
>> accomplished with BBA on a Cisco.
>>
>> Any ideas?
>>
>> bbc at misn.com
>>
>>
>> aaa new-model
>> !
>> aaa authentication ppp default local group radius
>> aaa authorization network default local group radius none
>> aaa accounting delay-start
>> aaa accounting network default start-stop group radius
>> !
>> aaa session-id common
>> . . .
>> bba-group pppoe global
>>   virtual-template 1
>>   ac name DSL
>>   sessions per-mac throttle 100 30 3600
>>   sessions auto cleanup
>> !
>> bba-group pppoe DSL
>>   virtual-template 1
>>   sessions per-mac throttle 100 30 3600
>>   sessions auto cleanup
>> . . .
>> interface GigabitEthernet0/2
>>   no ip address
>>   duplex auto
>>   speed auto
>>   media-type rj45
>>   negotiation auto
>> !
>> interface GigabitEthernet0/2.2
>>   encapsulation dot1Q 2
>>   pppoe enable group DSL
>> . . .
>> interface Virtual-Template1
>>   ip unnumbered Loopback1
>>   no logging event link-status
>>   peer default ip address pool pool1-1 default
>>   no keepalive
>>   ppp authentication pap
>>   ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
>>   ppp ipcp address required
>>   ppp ipcp address unique
>> !
>> ip local pool default X.X.X.49 X.X.X.62
>> ip local pool default X.X.Y.1 X.X.Y.250
>> ip local pool default X.X.Z.1 X.X.Z.250
>> !
>> ip radius source-interface Loopback1
>> !
>> radius-server attribute 8 include-in-access-req
>> radius-server attribute nas-port format d
>> radius-server host X.X.X.X auth-port 1645 acct-port 1646
>> radius-server key 7 XXXXXXXXXXXX
>> radius-server vsa send accounting
>> radius-server vsa send authentication
>> _______________________________________________
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>
> 


More information about the cisco-bba mailing list