[c-nsp] Bellsouth DSL / PPPoE config

Joe Maimon jmaimon at ttec.com
Thu Mar 3 18:57:23 EST 2005



Brian Feeny wrote:
> I am going to be configuring a PPPoE circuit for someone, just ethernet 
> talking to a DSL bridge.  I have heard that Bellsouth requires both PAP 
> and chap simultaneous authentication for their BBG,
Does not sound right. Perhaps they support both?


> 
Your setup is fine, except for "ip tcp adjust-mss 542"

Make it 1452. Check icmp unreachable/ df -unreachable rate limiting.

In practice I have never needed the dialer list. I just

ip route 0.0.0.0 0.0.0.0 Di1

> I am not sure if it really does pap and chap both, was hoping someone 
> here who has setup bellsouth DSL could tell me.
> 
> Normally I run my GRE tunnels at 1440, I think with the above using 
> PPPoE I should drop it 8 more to 1432 to be safe, anyone know what has 
> worked?  I have heard knocking down the mss is a good idea too from 
> cisco.com.

GRE is 24 overhead. If you run at 1440 ip mtu you are well under PPPoE 
mtu. If you mean tcp adjust on that, just take 40 off mtu.

I have previously argued to cisco that the gre tunnel pmtud feature will 
not work well with tcp adjust mss on a tunnel interface because they 
would not keep in sync. Really the tcp adjust mss should simply specify 
an offset to be applied to whatever the current ip mtu is (its not as if 
the number specified is always the number used -- tcp options change the 
calculation). IIRC there was a ddts filed.

If you want ipsec on gre tunnel, you might wish to use the tunnel 
protection ipsec profile  xxxx method rather than crypto map.
> 
> Brian
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 


More information about the cisco-nsp mailing list