[cisco-bba] 7204vxr as LNS - provider is LAC

Gary T. Giesen ggiesen+cisco-bba at giesen.me
Tue Aug 18 11:06:46 EDT 2015


What kind of NPE in the 7204? I've used 7206 NPE-G1's and they work fairly well at small scale (less than 1000 subs), the G2 is better as it supports more features (particularly things like QoS).

ASR1k's are great LNS boxes, just have to be careful when migrating from 7200's to ASRs as they are a lot more strict about what RADIUS attributes you can use and may cause you lots of frustration trying to figure it out. In particular they don't support full Virtual-Access interfaces (only sub-interfaces) so any attribute that requires a full Virtual-Access interface will not work. 

GTG

-----Original Message-----
From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of Nathan Downes
Sent: August-10-15 6:35 AM
To: cisco-bba at puck.nether.net
Subject: Re: [cisco-bba] 7204vxr as LNS - provider is LAC

I will look into this, might make things easier. I am not a cisco expert so slowly learning things as I need them. Takes a lot of reading and research to implement something new :) I ended up finding out that the provider was sending to the host address rather than the one I had allocated. .28 /30 and I was using .29.  Tunnel came up after they fixed that but no traffic would flow until I corrected the routing.

I am upgrading to an ASR 1004 for our core soon as I need netflow for some laws here, would it be better to use for termination than the 7204? Not a huge amount of traffic yet so guess I may as well leave it until necessary to replace with more power.

I find it kind of funny that in the end it was 9 lines of config changes that changed to terminate this whole new service.  I also had to create a new virtual template with a lower mss for it to work properly.

-----Original Message-----
From: cisco-bba [mailto:cisco-bba-bounces at puck.nether.net] On Behalf Of James Bensley
Sent: Monday, 10 August 2015 7:39 PM
To: cisco-bba at puck.nether.net
Subject: Re: [cisco-bba] 7204vxr as LNS - provider is LAC

On 5 August 2015 at 22:06, Gary T. Giesen <ggiesen+cisco-bba at giesen.me> wrote:
> In my experience it’s best to stuff the interfaces facing the provider 
> in a VRF, and point a default route out to their gateway. This way if 
> they add new routes in the future (for new LACs), you don’t need to make any changes.
> This also works very well when you have multiple loop providers that 
> use private address ranges for their LAC networks, as it ensures you 
> don’t have any conflicts with your routing.


Agreed, this is what I have been doing too. VRF per loop provider with multiple sub-interfaces, one for each loop provider one per loop provider per service, with a default route. Keeps the traffic seperate and easily measurable and a simple config to manage.

James.
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba
_______________________________________________
cisco-bba mailing list
cisco-bba at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-bba



More information about the cisco-bba mailing list