[c-nsp] How to show ADSL customers two different GW!

Sheremet Roman romka at kharkov.org.ua
Thu Sep 16 02:28:16 EDT 2010 

Hello,

(From start.... Sorry for my english guys....)

I have cisco 7204, l2tp customers, which auth via radius server.

So i have Uplink to my CORE router from 7204 with next subnets:
x.x.x.0/30
y.y.y.0/30

So, in one physical interface i have two subnets /30 for link (core -
x.x.x.1, 7204 - x.x.x.2 ; same with y.y.y.0/30 subnets)

When my DSL customers do traceroute <anyhost> they get next route:

1. x.x.x.2 < - 7204
2. x.x.x.1 < - core router
3. n.n.n.n < - my upstream

I  want  next,  i  want devide my customers to two groups depend on IP
ranges,  Group1 & Group2 (for example) then i want show to Group1 only
x.x.x.0/30 route and y.y.y.0/30 route for Group2.

So  ,  when  customer  from  group2  do  trace  they  should  see only
y.y.y.0/30 hops....


So my guys tell me use VRF for this, i have this option in my 7204 but
i  not  sure  if  i  can  use  VRF  if  i have only one in and one out
interface  in  my  7204.  I  want  show two different gateways via one
physical  link  and  one  physical  router....  But its should be hard
separate... customers from Group1 never will see Group2 hops...


When   my   customers  connect  they  get  IP  (/32)  from  pool (from
radius). Clients on DSL have next settings:
ip: g.g.g.g/32
gw: g.g.g.g <- Same AS IP!
mask: 255.255.255.255



Interface going to my Core router from 7204:

interface GigabitEthernet0/1
description "DSL UPLINK"
ip address y.y.y.2 255.255.255.252 secondary
ip address x.x.x.2 255.255.255.252
load-interval 60
duplex full
speed 1000
media-type rj45
no negotiation auto

Interface where i get clients from DSL peer:

interface GigabitEthernet0/2
description "DSL PEER"
no ip address
load-interval 60
duplex full
speed 1000
media-type rj45
no negotiation auto

interface GigabitEthernet0/2.1017
encapsulation dot1Q 1017
ip address v.v.v.v 255.255.255.248
no snmp trap link-status


And my VPDN settings:

vpdn-template xxxxx.com
description "xxxxx.com Cuscometrs"
local name xxxxx.com
l2tp tunnel password x xxxxxxxxxxxxxxxxx
!

vpdn-group l2tp-1017
! Default L2TP VPDN group
accept-dialin
  protocol l2tp
  virtual-template 1
lcp renegotiation always
source vpdn-template xxxxx.com
!

interface Virtual-Template1
ip unnumbered GigabitEthernet0/1
ip mtu 1460
ip tcp header-compression
ip tcp adjust-mss 1420
load-interval 60
no peer default ip address
keepalive 30
ppp mru match
ppp authentication pap chap xxxxx.com
ppp authorization xxxxx.com
ppp accounting xxxxx.com
ppp multilink
ppp multilink links maximum 4
ppp multilink links minimum 2
ppp multilink interleave


So,  if  anyone  know  how to use VRF in my situation its will be very
helpful for me.

----------------
>sh ip route g.g.g.g < Customer IP
Routing entry for g.g.g.g/32
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Routing Descriptor Blocks:
  * directly connected, via Virtual-Access50
    Route metric is 0, traffic share count is 1

>sh int vi50
Virtual-Access50 is up, line protocol is up
  Hardware is Virtual Access interface
  Interface   is   unnumbered.  Using  address  of  GigabitEthernet0/1  (x.x.x.2)
  MTU 1500 bytes, BW 1000000 Kbit, DLY 100000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation PPP, LCP Open, multilink Closed
  Open: IPCP
  PPPoVPDN vaccess, cloned from AAA, Virtual-Template1
  Vaccess status 0x44
  Protocol l2tp, tunnel id 46297, session id 25230, loopback not set
  Keepalive set (30 sec)
  DTR is pulsed for 5 seconds on reset
  Last input 00:00:10, output never, output hang never
  Last clearing of "show interface" counters 22:49:15
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  1 minute input rate 0 bits/sec, 0 packets/sec
  1 minute output rate 0 bits/sec, 0 packets/sec
     17199 packets input, 1144344 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     13192 packets output, 1366607 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 output buffer failures, 0 output buffers swapped out
     0 carrier transitions
----------------


If need more info from me i can take all ;)

With Best Regards,

More information about the cisco-nsp mailing list