[cisco-bba] duplicate Vi interfaces on 12.4T(22)

Wayne Lee linkconnect at googlemail.com
Mon Jun 22 09:24:15 EDT 2009 

On Mon, Jun 22, 2009 at 1:21 PM, Mauritz Lewies<mauritz at three6five.com> wrote:
> From:  Mauritz Lewies <mauritz at three6five.com>
> Reply-To:  mauritz at three6five.com
> To:  cisco-bba at puck.nether.net
> Subject:  cisco-bba]  duplicate Vi interfaces on 12.4T(22)]
> Date:  Wed, 17 Jun 2009 16:15:51 +0200
>
>
> Hi
>
> We're having some weird issues with L2TP terminated links.
> L2TP sessions are being terminated and built correctly from Radius sent
> config but in some cases the router allocates a Virtual-Access interface
> that is already active.
>
> ----------------------------------------------
> L2TP-DSL-PE2#SHOW VPDn SESS
>
>
> L2TP Session Information Total tunnels 9 sessions 9
>
>
> LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq
> ID
>
>                                  Vcid,
> Circuit
>
> 4012       49         14211      550-nti-mabo-ad, Vi4 est    00:35:44
> 38
>
> 4009       33         17734      1-mint-rf at bcs-m, Vi3 est    04:24:19
> 30
>
> 3987       2355       27602      554-nti-pret-no, Vi6 est    16:38:52
> 6
>
> 1552       11         30424      1-meib-adsl at bcs, Vi6 est    1d17h
> 576
>
> 3989       894        31125      551-nti-walt-ad, Vi7 est    09:14:24
> 13
>
> 4008       11193      48740      553-nti-pret-we, Vi2 est    04:58:10
> 31
>
> 3986       12         58608      552-nti-baba-ad, Vi4 est    18:02:09
> 9
>
> 3988       936        62131      1-nap-joha-nel-, Vi2 est    12:42:23
> 11
>
> 1553       11         64953      1-mark-adsl at bcs, Vi8 est    1d17h    577
>
>
>
> L2TP-DSL-PE2#SHOW INT VIRTual-Access 6
>
> Virtual-Access6 is up, line protocol is up
>
>    Hardware is Virtual Access interface
>
>    Description: 554-nti-pret-nort-adsl
>
>    Internet address is 172.16.150.154/30
>
>    MTU 1452 bytes, BW 1024 Kbit/sec, RxBW 256 Kbit/sec, DLY 100000 usec,
>
>       reliability 255/255, txload 1/255, rxload 1/255
>
>    Encapsulation PPP, LCP Open
>
>    Open: IPCP
>
>    PPPoVPDN vaccess, cloned from AAA, Virtual-Template1
>
>    Vaccess status 0x44
>
>    Protocol l2tp, tunnel id 27602, session id 3987, loopback not set
>
>    Keepalive set (10 sec)
>
>    DTR is pulsed for 5 seconds on reset
>
>    Last input 00:00:01, output never, output hang never
>
>    Last clearing of "show interface" counters 17:49:11
>
>    Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
>
>    Queueing strategy: fifo
>
>    Output queue: 0/40 (size/max)
>
>    30 second input rate 0 bits/sec, 0 packets/sec
>
>    30 second output rate 0 bits/sec, 0 packets/sec
>
>       177636 packets input, 12441878 bytes, 0 no buffer
>
>       Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
>
>       0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>
>       194012 packets output, 91814604 bytes, 0 underruns
>
>       0 output errors, 0 collisions, 0 interface resets
>
>       0 unknown protocol drops
>
>       0 output buffer failures, 0 output buffers swapped out
>
>       0 carrier transitions
>
>
>
>
>
>
>
> L2TP-DSL-PE2#sh l2tun | in Vi6
>
> 3987       2355       27602      554-nti-pret-no, Vi6 est    16:45:18
> 6
>
> 1552       11         30424      1-meib-adsl at bcs, Vi6 est    1d17h    576
>
>
>
>
>
>
>
>
>
> LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
>
>                                                             Count VPDN Group
>
> 27602      17646      554-nti-pret- est    10.205.17.62    1
> L2TP
>
>
>
> LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq
> ID
>
>                                  Vcid,
> Circuit
>
> 3987       2355       27602      554-nti-pret-no, Vi6 est    16:46:08
> 6
>
>
>
> LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
>
>                                                             Count VPDN Group
>
> 30424      57600      1-meib        est    10.205.20.23    1     L2TP
> -------------------------------------------------------------------------------
>
> The only way to resolve this is to clear the VPDN session ID.
>
> The router is a 7206 VXR NPE-400 running 12.4T(22) IP base.
>
> ------------------------
> vpdn enable
> vpdn multihop
> vpdn authen-before-forward
> vpdn search-order domain
> !
> vpdn-group L2TP
> ! Default L2TP VPDN group
> accept-dialin
>    protocol l2tp
>    virtual-template 1
> lcp renegotiation always
> no l2tp tunnel authentication
> l2tp tunnel timeout no-session 1800
> l2tp tunnel retransmit retries 7
> l2tp tunnel retransmit timeout min 2
> l2tp tunnel retransmit timeout max 5
> !
> interface Virtual-Template1
> description L2TP-TEMPLATE
> mtu 1452
> bandwidth 512
> bandwidth receive 256
> no ip address
> ip tcp adjust-mss 1460
> load-interval 30
> no peer default ip address
> keepalive 10 3
> traffic-shape rate 512000 12800 12800 1000
> ppp mtu adaptive
> ppp authentication chap callin
> !

I believe you need to use a unnumbered interface in the virtual-template

EG

ip unnumbered Loopback1


I saw something on the list a short while ago about this, I have
unnumbered on all my VT's

Regards

Wayne

More information about the cisco-bba mailing list