[cisco-bba] stranded sessions

Tassos Chatzithomaoglou achatz at forthnet.gr
Tue Feb 12 06:53:01 EST 2008


It depends on cpu usage and number of users.

You can leave the default (3x10) if you think that your cpu can handle it.
Otherwise you can try different combinations, like 3x20, 3x30, 3x40 and so on.

--
Tassos

Frank Bulk wrote on 11/2/2008 9:35 μμ:
> What's the recommended keepalive value?  I set it for 30 minutes right now.
> 
> What I'm seeing from a handful of PPPoE clients are reconnects for no
> apparently physical reason.  Could that be related in any kind of way to the
> lack of a keepalive value?
> 
> Frank
> 
> -----Original Message-----
> From: cisco-bba-bounces at puck.nether.net
> [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Tassos
> Chatzithomaoglou
> Sent: Monday, February 11, 2008 2:26 AM
> To: Bryan Campbell
> Cc: akiramot at cisco.com; cisco-bba at puck.nether.net
> Subject: Re: [cisco-bba] stranded sessions
> 
> You must enable keepalives under the vtemplate, otherwise the router won't
> know it has lost the
> PPPoE session.
> 
> Also, some dsl modems send a PADT packet (using their last session id)
> before any PADI, which causes
> the old session to be disconnected.
> 
> --
> Tassos
> 
> 
> Bryan Campbell wrote on 11/2/2008 6:04 πμ:
>> The following PPPOE configuration works fine, except for one detail.
>>
>> If a customer unplugs their router, it strands a session and IP address.
>>   If I add the mac address session limit, it will limit the number of
>> sessions and then not allow any additional connections.  But, the
>> sessions are still stuck.  If they do not time out (which required a
>> timeout be set), or the sessions are not cleared, the customer will not
>> be able to log back on.
>>
>> The work around was to not limit connections per mac.  But, that won't
>> do for long.  The IP pools will be exhausted fairly quickly.
>>
>> I cannot imagine that Cisco doesn't have a knob that can be set which
>> will clear stranded PPPoE sessions, or at least disconnect the previous
>> session to the same MAC.  But, I am unaware of how this is accomplished
>> with BBA on a Cisco.
>>
>> Any ideas?
>>
>> bbc at misn.com
>>
>>
>> aaa new-model
>> !
>> aaa authentication ppp default local group radius
>> aaa authorization network default local group radius none
>> aaa accounting delay-start
>> aaa accounting network default start-stop group radius
>> !
>> aaa session-id common
>> . . .
>> bba-group pppoe global
>>   virtual-template 1
>>   ac name DSL
>>   sessions per-mac throttle 100 30 3600
>>   sessions auto cleanup
>> !
>> bba-group pppoe DSL
>>   virtual-template 1
>>   sessions per-mac throttle 100 30 3600
>>   sessions auto cleanup
>> . . .
>> interface GigabitEthernet0/2
>>   no ip address
>>   duplex auto
>>   speed auto
>>   media-type rj45
>>   negotiation auto
>> !
>> interface GigabitEthernet0/2.2
>>   encapsulation dot1Q 2
>>   pppoe enable group DSL
>> . . .
>> interface Virtual-Template1
>>   ip unnumbered Loopback1
>>   no logging event link-status
>>   peer default ip address pool pool1-1 default
>>   no keepalive
>>   ppp authentication pap
>>   ppp ipcp dns Y.Y.Y.Y Z.Z.Z.Z
>>   ppp ipcp address required
>>   ppp ipcp address unique
>> !
>> ip local pool default X.X.X.49 X.X.X.62
>> ip local pool default X.X.Y.1 X.X.Y.250
>> ip local pool default X.X.Z.1 X.X.Z.250
>> !
>> ip radius source-interface Loopback1
>> !
>> radius-server attribute 8 include-in-access-req
>> radius-server attribute nas-port format d
>> radius-server host X.X.X.X auth-port 1645 acct-port 1646
>> radius-server key 7 XXXXXXXXXXXX
>> radius-server vsa send accounting
>> radius-server vsa send authentication
>> _______________________________________________
>> cisco-bba mailing list
>> cisco-bba at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-bba
>>
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba
> 
> 
> 


More information about the cisco-bba mailing list