[cisco-bba] Choosing LNS On A Per-Domain Basis

Vaibhav Bagaria vaibhav.bagaria at bendigotelco.com.au
Tue Oct 1 19:29:10 EDT 2013

Hi Dominic,

We achieved this in the past using two different technologies. One was VPDN multihop and using RADIUS to forward the sessions to the desired LNS. The other was to setup our own LAC device which received the L2TP tunnel from upstream provider and then initiate a tunnel each to the two LNS devices based on domain name.

Example config:

vpdn multihop

vpdn-group incomingtunnel
  protocol l2tp
  virtual-template 1
terminate-from hostname providerlac
local name mylac
lcp renegotiation on-mismatch

vpdn-group mylns1
  protocol l2tp
  domain domain1.com
initiate-to ip
l2tp tunnel password mypassword

Hope that helps.


From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Dominic
Sent: Tuesday, 1 October 2013 7:48 AM
To: cisco-bba at puck.nether.net
Subject: [cisco-bba] Choosing LNS On A Per-Domain Basis

We are using the Cisco ASR 1004 for LNS. For business reasons, we have tw sets of  PPPOE users authenticating against the LNS -the only difference being the @ domain part. So for example:

(a.) user at domain1.com<mailto:user at domain1.com>

(b.) user at domain2.com<mailto:user at domain2.com>

Irrespective of their domain, all users come in via the same LACs, and via the same L2TP tunnels. We do not own the LACS, and are not able to make or request any changes on the LAC-side.

Here is what  we are trying to do: we would like to choose the terminating LNS based on the domain name.  So all users  @ domain1, for example, should authenticate to LNS1, while all users @ domain2 should authenticate to LNS2. As I said, we do not manage the LACs. Also, the ip address of my LNS(es) are statically defined in the LACs, and not negotiated dynamically at authentication time.

So is there anyway to choose the LNS according to the domain presented in the username?  Is there some way to force users at domain1 to LNS #1, and users at domain2 to LNS #2? If so, can anyone share some pointers as to we accomplish it?

Thanks in advance.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-bba/attachments/20131001/1c9e5c9f/attachment.html>

More information about the cisco-bba mailing list