[c-nsp] L2TP pseudowire initiation from VRF

Tomas Hlavacek tomas.hlavacek at elfove.cz
Fri Jul 24 15:15:45 EDT 2009 

Greetings!

I have a question if it is possible to initiate L2TP client (not true 
LAC in fact, see config below) to use other VRF than global for L2TP 
encapsulated packets?

I have this lab scenario: LNS (Cisco 1721, 
c1700-advsecurityk9-mz.124-12.bin)

vpdn enable
!
vpdn-group 1
 accept-dialin
  protocol l2tp
  virtual-template 1
 terminate-from hostname client
 l2tp tunnel password 7 ...
!
...
interface Virtual-Template1 
 ip unnumbered Loopback0
 ip mtu 1492
 no ip mroute-cache
 peer default ip address pool l2tp-pool
 ppp authentication chap
!
...
ip local pool l2tp-pool 192.168.98.10 192.168.98.254


And on client (Cisco 1841, c1841-advipservicesk9-mz.124-23.bin) I have:

vpdn enable
!
l2tp-class l2tpclass1
 authentication
 hostname client
 password 7 ...
!
....
pseudowire-class pwclass1
 encapsulation l2tpv2
 protocol l2tpv2 l2tpclass1
 ip local interface FastEthernet0/0
 ip pmtu
!
interface Virtual-PPP1
 ip address negotiated
 no cdp enable
 ppp authentication chap
 pseudowire <ip-address-of-LNS> 10 encapsulation l2tpv2 pw-class pwclass1
!
interface FastEthernet0/0
 ip address dhcp
 duplex auto
 speed auto
!

And that works fine so far. Now I would like to do this:

ip vrf upstream1
 rd 10:20
!
interface FastEthernet0/0
 ip vrf forward upsetram1
 ip address dhcp
 duplex auto
 speed auto
!

The problem is, that VPDN can not establish L2TP session, debug says:

*Jul 24 15:54:01.332: L2X: l2tun session [1665122560], event [client request], old state [open], new state [open]
*Jul 24 15:54:01.332: L2X: L2TP: Received L2TUN message <Connect>
*Jul 24 15:54:01.332:  Tnl/Sn 20429/454 L2TP: Session state change from idle to wait-for-tunnel
*Jul 24 15:54:01.332: uid:281 Tnl/Sn 20429/454 L2TP: Create session
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: SM State idle
*Jul 24 15:54:01.332: L2X: Cannot use source-ip 80.219.148.183 of tableid 0 vrf  which is not one of our addresses
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: O SCCRQ 
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Parse  AVP 0, len 8, flag 0x8000 (M)
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Parse SCCRQ
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Parse  AVP 2, len 8, flag 0x8000 (M)
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Protocol Version 1
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Parse  AVP 6, len 8, flag 0x0 
*Jul 24 15:54:01.332:  Tnl 20429 L2TP: Firmware Ver 0x1130
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 7, len 19, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Hostname TRENKA-office
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 8, len 25, flag 0x0 
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Vendor Name Cisco Systems, Inc.
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 10, len 8, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Rx Window Size 1200
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 11, len 22, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Chlng  
         54 BD 4A 71 8E A0 EB 7F 67 66 A5 CC 03 75 B0 87
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 9, len 8, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Assigned Tunnel ID 20429
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 3, len 10, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Framing Cap 0x3
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse  AVP 4, len 10, flag 0x8000 (M)
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Bearer Cap 0x3
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Parse Cisco AVP 110, len 6, flag 
TRENKA-office#0x0 
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: PPPoE Relay Forward Capable
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: O SCCRQ, flg TLS, ver 2, len 144, tnl 0, ns 0, nr 0
         C8 02 00 90 00 00 00 00 00 00 00 00 80 08 00 00
         00 00 00 01 80 08 00 00 00 02 01 00 00 08 00 00
         00 06 11 30 80 13 00 00 00 07 54 52 45 4E 4B 41
         2D 6F 66 66 69 63 65 00 19 00 00 00 08 43 69 73
         63 6F 20 53 79 73 74 ...
*Jul 24 15:54:01.336:  Tnl 20429 L2TP: Control channel retransmit delay set to 1 seconds
*Jul 24 15:54:01.340:  Tnl 20429 L2TP: Tunnel state change from idle to wait-ctl-reply
*Jul 24 15:54:01.340:  Tnl 20429 L2TP: SM State wait-ctl-reply
*Jul 24 15:54:02.340:  Tnl 20429 L2TP: O Resend SCCRQ, flg TLS, ver 2, len 144, tnl 0, ns 0, nr 0
*Jul 24 15:54:02.340:  Tnl 20429 L2TP: Control channel retransmit delay set to 2 seconds


Is there any possibility to setup L2TP tunnel via the Fa0/0 inside VRF?

Any help would be appreciated. Thanks in advance,
Tomas

-- 
Tomáš Hlaváček <tomas.hlavacek at elfove.cz>

More information about the cisco-nsp mailing list