[c-nsp] How to show ADSL customers two different GW!

Heath Jones hj1980 at gmail.com
Thu Sep 16 05:02:51 EDT 2010 

Hi
Just quickly looking at it, you want to also show a different ip on the next
hop router (#2):
1. x.x.x.2 < - 7204
2. x.x.x.1 < - core router
3. n.n.n.n < - my upstream

In order to do that, you will probably have to:
- set link 7204 <-> core to be trunk, with 2 different vlans (1 for group1,
2 for group2)
- set 2 VRFs that match the 2 vlans.
- set radius attribute to drop the customers into each vrf.

Don't forget to change your routing on the core side - the x's and the y's
will be routed differently now..


Hope this helps



On 16 September 2010 07:28, Sheremet Roman <romka at kharkov.org.ua> wrote:

> Hello,
>
> (From start.... Sorry for my english guys....)
>
> I have cisco 7204, l2tp customers, which auth via radius server.
>
> So i have Uplink to my CORE router from 7204 with next subnets:
> x.x.x.0/30
> y.y.y.0/30
>
> So, in one physical interface i have two subnets /30 for link (core -
> x.x.x.1, 7204 - x.x.x.2 ; same with y.y.y.0/30 subnets)
>
> When my DSL customers do traceroute <anyhost> they get next route:
>
> 1. x.x.x.2 < - 7204
> 2. x.x.x.1 < - core router
> 3. n.n.n.n < - my upstream
>
> I  want  next,  i  want devide my customers to two groups depend on IP
> ranges,  Group1 & Group2 (for example) then i want show to Group1 only
> x.x.x.0/30 route and y.y.y.0/30 route for Group2.
>
> So  ,  when  customer  from  group2  do  trace  they  should  see only
> y.y.y.0/30 hops....
>
>
> So my guys tell me use VRF for this, i have this option in my 7204 but
> i  not  sure  if  i  can  use  VRF  if  i have only one in and one out
> interface  in  my  7204.  I  want  show two different gateways via one
> physical  link  and  one  physical  router....  But its should be hard
> separate... customers from Group1 never will see Group2 hops...
>
>
> When   my   customers  connect  they  get  IP  (/32)  from  pool (from
> radius). Clients on DSL have next settings:
> ip: g.g.g.g/32
> gw: g.g.g.g <- Same AS IP!
> mask: 255.255.255.255
>
>
>
> Interface going to my Core router from 7204:
>
> interface GigabitEthernet0/1
> description "DSL UPLINK"
> ip address y.y.y.2 255.255.255.252 secondary
> ip address x.x.x.2 255.255.255.252
> load-interval 60
> duplex full
> speed 1000
> media-type rj45
> no negotiation auto
>
> Interface where i get clients from DSL peer:
>
> interface GigabitEthernet0/2
> description "DSL PEER"
> no ip address
> load-interval 60
> duplex full
> speed 1000
> media-type rj45
> no negotiation auto
>
> interface GigabitEthernet0/2.1017
> encapsulation dot1Q 1017
> ip address v.v.v.v 255.255.255.248
> no snmp trap link-status
>
>
> And my VPDN settings:
>
> vpdn-template xxxxx.com
> description "xxxxx.com Cuscometrs"
> local name xxxxx.com
> l2tp tunnel password x xxxxxxxxxxxxxxxxx
> !
>
> vpdn-group l2tp-1017
> ! Default L2TP VPDN group
> accept-dialin
>  protocol l2tp
>  virtual-template 1
> lcp renegotiation always
> source vpdn-template xxxxx.com
> !
>
> interface Virtual-Template1
> ip unnumbered GigabitEthernet0/1
> ip mtu 1460
> ip tcp header-compression
> ip tcp adjust-mss 1420
> load-interval 60
> no peer default ip address
> keepalive 30
> ppp mru match
> ppp authentication pap chap xxxxx.com
> ppp authorization xxxxx.com
> ppp accounting xxxxx.com
> ppp multilink
> ppp multilink links maximum 4
> ppp multilink links minimum 2
> ppp multilink interleave
>
>
> So,  if  anyone  know  how to use VRF in my situation its will be very
> helpful for me.
>
> ----------------
> >sh ip route g.g.g.g < Customer IP
> Routing entry for g.g.g.g/32
>  Known via "connected", distance 0, metric 0 (connected, via interface)
>  Routing Descriptor Blocks:
>  * directly connected, via Virtual-Access50
>    Route metric is 0, traffic share count is 1
>
> >sh int vi50
> Virtual-Access50 is up, line protocol is up
>  Hardware is Virtual Access interface
>  Interface   is   unnumbered.  Using  address  of  GigabitEthernet0/1
>  (x.x.x.2)
>  MTU 1500 bytes, BW 1000000 Kbit, DLY 100000 usec,
>     reliability 255/255, txload 1/255, rxload 1/255
>  Encapsulation PPP, LCP Open, multilink Closed
>  Open: IPCP
>  PPPoVPDN vaccess, cloned from AAA, Virtual-Template1
>  Vaccess status 0x44
>  Protocol l2tp, tunnel id 46297, session id 25230, loopback not set
>  Keepalive set (30 sec)
>  DTR is pulsed for 5 seconds on reset
>  Last input 00:00:10, output never, output hang never
>  Last clearing of "show interface" counters 22:49:15
>  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
>  Queueing strategy: fifo
>  Output queue: 0/40 (size/max)
>  1 minute input rate 0 bits/sec, 0 packets/sec
>  1 minute output rate 0 bits/sec, 0 packets/sec
>     17199 packets input, 1144344 bytes, 0 no buffer
>     Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
>     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
>     13192 packets output, 1366607 bytes, 0 underruns
>     0 output errors, 0 collisions, 0 interface resets
>     0 output buffer failures, 0 output buffers swapped out
>     0 carrier transitions
> ----------------
>
>
> If need more info from me i can take all ;)
>
> With Best Regards,
>
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list