[c-nsp] PPP Multilink with L2TP interfaces

Adam Greene maillist at webjogger.net
Tue Sep 2 09:13:12 EDT 2008 

Nic,

Not familiar with L2TP in particular, but working with MLPPP in other 
contexts, it is usually necessary to specify a multilink group; i.e. 
everywhere you have the "ppp multilink" command you may need a corresponding 
"ppp multilink group 1" command, to put all the links in the same bundle.

Also, I don't see a multilink interface in your configurations, but again 
that might be because with L2TP it's not required. However, something to 
consider.

Thanks,
Adam



----- Original Message ----- 
From: "Nic Tjirkalli" <nic.tjirkalli at za.verizonbusiness.com>
To: <cisco-nsp at puck.nether.net>
Sent: Monday, September 01, 2008 2:20 AM
Subject: [c-nsp] PPP Multilink with L2TP interfaces


>
> howdy ho,
>
> i am trying to get a CPE to
> 1) fire up a PPPoE session over an Ethernet interface to bring up a 
> Dialer1
>   interface
> 2) over this interface, fire up 2 L2TP sessions (Virtual-PPP1 and
>    Virtual-PPP2 and put these in a multilink bundel)
>    The L2TP tunnels are terminating on 196.30.121.42
>
> Now all works well except for the Multilink PPP part. the 2 L2TP sessions
> come up individual but there is no sign of any attempt to multilink
> (nothing seen in any debug ppp multilink)
>
> I have included my current config
>
> if anybody can tell me if what i am trying to do is even possible and how
> to fix my config i would be very happy and thankful
>
> thanx in advance
>
>
> =================== CPE configuration =============================
> Current configuration : 3481 bytes
> !
> version 12.4
> no service timestamps debug uptime
> no service timestamps log uptime
> service password-encryption
> !
> hostname l2tp-multilink
> !
> boot-start-marker
> boot-end-marker
> !
> logging buffered 4096 debugging
> enable secret 5 $1$8ZOc$o9WmyJlHqGd1R8E/iYAR0/
> !
> no aaa new-model
> ip cef
> !
> !
> !
> !
> no ip domain lookup
> ip auth-proxy max-nodata-conns 3
> ip admission max-nodata-conns 3
> vpdn enable
> !
> l2tp-class l2tpclass1
>  authentication
>  password 7 15115E0B2C7221027123
> !
> !
> multilink virtual-template 1
> !
> !
> no crypto engine onboard 0
> !
> !
> pseudowire-class pwclass1
>  encapsulation l2tpv2
>  protocol l2tpv2 l2tpclass1
>  ip local interface Dialer1
> !
> pseudowire-class pwclass2
>  encapsulation l2tpv2
>  protocol l2tpv2 l2tpclass1
>  ip local interface Dialer1
> !
> ! !
> !
> !
> interface Loopback0
>  ip address 172.16.1.1 255.255.255.255
> !
> interface Null0
>  no ip unreachables
> !
> interface FastEthernet0/0
>  no ip address
>  speed 100
>  full-duplex
>  pppoe enable group global
>  pppoe-client dial-pool-number 1
> !
> interface FastEthernet0/1
>  no ip address
>  duplex auto
>  speed auto
> !
> interface Virtual-PPP1
>  ip address negotiated
>  ip mtu 1452
>  ip virtual-reassembly
>  no logging event link-status
>  no peer neighbor-route
>  no cdp enable
>  ppp chap hostname testuser1
>  ppp chap password 7 XXXXXXXX
>  ppp pap sent-username testuser1 password 7 XXXXXXXX
>  ppp multilink
>  pseudowire 196.30.121.42 10 pw-class pwclass1
> !
> interface Virtual-Template1
>  ip unnumbered Loopback0
>  ppp multilink
> !
> interface Virtual-PPP2
>  ip address negotiated
>  ip mtu 1452
>  ip virtual-reassembly
>  no logging event link-status
>  no peer neighbor-route
>  no cdp enable
>  ppp chap hostname testuser2
>  ppp chap password 7 XXXXXXX
>  ppp pap sent-username testuser2 password 7 XXXXXXX
>  ppp multilink
>  pseudowire 196.30.121.42 100 pw-class pwclass2
> !
> interface Dialer1
>  mtu 1492
>  ip address negotiated
>  ip virtual-reassembly
>  encapsulation ppp
>  ip tcp adjust-mss 1452
>  dialer pool 1
>  dialer-group 1
>  ppp chap hostname testuser1
>  ppp chap password 7 XXXXXXXX
>  ppp pap sent-username testuser1 password 7 XXXXXXXX
> !
> no ip forward-protocol nd
> ip route 0.0.0.0 0.0.0.0 Virtual-PPP1
> ip route 196.30.121.42 255.255.255.255 Dialer1
> !
> !
> ip http server
> no ip http secure-server
> !
> ip access-list extended check_packets_in
>  permit ahp any any
>  permit esp any any
>  permit udp any eq isakmp any eq isakmp
>  permit ip any any
> !
> access-list 1 permit any
> access-list 2 deny   any
> access-list 3 permit 10.0.0.2
> access-list 3 permit 206.64.200.15
> access-list 3 permit 196.22.64.194
> access-list 3 permit 10.222.0.1
> access-list 3 permit 10.222.0.2
> access-list 3 permit 10.244.0.2
> no cdp run
> !
> !
> !
> !
> control-plane
> !
> !
> banner motd ^CC
> ##################################################################
> #    You Should Not Be Here - Logg Off Imediately Thankyou       #
> #                                                                #
> #                                                                #
> ##################################################################
> ^C
> !
> line con 0
>  exec-timeout 0 0
> line aux 0
>  exec-timeout 0 0
> line vty 0 4
>  access-class 3 in
>  exec-timeout 0 0
>  password 7 1315181718
>  login
> line vty 5 8
>  exec-timeout 0 0
>  no login
> line vty 9 15
>  no login
> !
> scheduler allocate 20000 1000
> end
>
> l2tp-multilink#
>
>
>
> ---------------------------------------------------------------------
> I like you. You remind me of when I was young and stupid.
>
> Nic Tjirkalli
> Verizon Business South Africa
> Network Strategy Team
>
> Verizon Business is a brand of Verizon South Africa (Pty) Ltd. This e-mail
> is strictly confidential and intended only for use by the addressee unless
> otherwise indicated.
>
> Company Information:http:// www.verizonbusiness.com/za/contact/legal/
>
> This e-mail is strictly confidential and intended only for use by the
> addressee unless otherwise indicated.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>

More information about the cisco-nsp mailing list