[cisco-bba] stranded sessions
Bryan Campbell
bbc at misn.com
Mon Feb 11 08:45:51 EST 2008
Done! It seems to have fixed the stranded session problem at my test
location.
But, I still have some customers who are redialing and seem to be
consuming a great many IP addresses. I seems that they are just
allocated and not used. I may have to set the sessions per-mac throttle
such that they cannot do that anymore. Thankfully, we only have a small
number of customer equipment that behaves that way. If I have trouble,
I will e-mail back.
Thanks for your assistance.
Tassos Chatzithomaoglou wrote:
> You must enable keepalives under the vtemplate, otherwise the router
> won't know it has lost the PPPoE session.
>
> Also, some dsl modems send a PADT packet (using their last session id)
> before any PADI, which causes the old session to be disconnected.
>
> --
> Tassos
>
>
> Bryan Campbell wrote on 11/2/2008 6:04 πμ:
>> The following PPPOE configuration works fine, except for one detail.
>>
>> If a customer unplugs their router, it strands a session and IP
>> address. If I add the mac address session limit, it will limit the
>> number of sessions and then not allow any additional connections.
>> But, the sessions are still stuck. If they do not time out (which
>> required a timeout be set), or the sessions are not cleared, the
>> customer will not be able to log back on.
>>
>> The work around was to not limit connections per mac. But, that won't
>> do for long. The IP pools will be exhausted fairly quickly.
>>
>> I cannot imagine that Cisco doesn't have a knob that can be set which
>> will clear stranded PPPoE sessions, or at least disconnect the
>> previous session to the same MAC. But, I am unaware of how this is
>> accomplished with BBA on a Cisco.
>>
>> Any ideas?
>>
>> bbc at misn.com
>>
>>
>> aaa new-model
>> !
>> aaa authentication ppp default local group radius
>> aaa authorization network default local group radius none
>> aaa accounting delay-start
>> aaa accounting network default start-stop group radius
>> !
>> aaa session-id common
>> . . .
>> bba-group pppoe global
>> virtual-template 1
>> ac name DSL
>> sessions per-mac throttle 100 30 3600
>> sessions auto cleanup
>> !
>> bba-group pppoe DSL
>> virtual-template 1
>> sessions per-mac throttle 100 30 3600
>> sessions auto cleanup
>> . . .
>> interface GigabitEthernet0/2
>> no ip address
>> duplex auto
>> speed auto
>> media-type rj45
>> negotiation auto
>> !
>> interface GigabitEthernet0/2.2
>> encapsulation dot1Q 2
>> pppoe enable group DSL
>> . . .
>> interface Virtual-Template1
>> ip unnumbered Loopback1
>> no logging event link-status
>> peer default ip address pool pool1-1 default
>> no keepalive
>> ppp authentication pap
>> ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
>> ppp ipcp address required
>> ppp ipcp address unique
>> !
>> ip local pool default X.X.X.49 X.X.X.62
>> ip local pool default X.X.Y.1 X.X.Y.250
>> ip local pool default X.X.Z.1 X.X.Z.250
>> !
>> ip radius source-interface Loopback1
>> !
>> radius-server attribute 8 include-in-access-req
>> radius-server attribute nas-port format d
>> radius-server host X.X.X.X auth-port 1645 acct-port 1646
>> radius-server key 7 XXXXXXXXXXXX
>> radius-server vsa send accounting
>> radius-server vsa send authentication
>> _______________________________________________
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>
>
More information about the cisco-bba
mailing list