[c-nsp] Bellsouth DSL / PPPoE config

Brian Feeny signal at shreve.net
Thu Mar 3 20:42:15 EST 2005 

On Mar 3, 2005, at 6:57 PM, Joe Maimon wrote:

>
>
> Brian Feeny wrote:
>> I am going to be configuring a PPPoE circuit for someone, just 
>> ethernet talking to a DSL bridge.  I have heard that Bellsouth 
>> requires both PAP and chap simultaneous authentication for their BBG,
> Does not sound right. Perhaps they support both?
>
>
> Your setup is fine, except for "ip tcp adjust-mss 542"
>
> Make it 1452. Check icmp unreachable/ df -unreachable rate limiting.
>
> In practice I have never needed the dialer list. I just
>
> ip route 0.0.0.0 0.0.0.0 Di1

I see, so you just leave out the dialer-group alltogether then?  I am 
doing a static route like that, and tracking it with RTR.



>
>> I am not sure if it really does pap and chap both, was hoping someone 
>> here who has setup bellsouth DSL could tell me.
>> Normally I run my GRE tunnels at 1440, I think with the above using 
>> PPPoE I should drop it 8 more to 1432 to be safe, anyone know what 
>> has worked?  I have heard knocking down the mss is a good idea too 
>> from cisco.com.
>
> GRE is 24 overhead. If you run at 1440 ip mtu you are well under PPPoE 
> mtu. If you mean tcp adjust on that, just take 40 off mtu.
>
> I have previously argued to cisco that the gre tunnel pmtud feature 
> will not work well with tcp adjust mss on a tunnel interface because 
> they would not keep in sync. Really the tcp adjust mss should simply 
> specify an offset to be applied to whatever the current ip mtu is (its 
> not as if the number specified is always the number used -- tcp 
> options change the calculation). IIRC there was a ddts filed.
>
> If you want ipsec on gre tunnel, you might wish to use the tunnel 
> protection ipsec profile  xxxx method rather than crypto map.

Right, I have seen the tunnel protection stuff, but is their any 
advantage to it?  I mean it really does the same thing right?

Brian



>> Brian
>> _______________________________________________
>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list