[c-nsp] 7206 L2TP and Gigawords
Paul Stewart
paul at paulstewart.org
Wed Jan 19 22:12:13 EST 2011
Yes, we're running it without any "known issues" on 12.2(33)SRD1 if that
helps...;)
Paul
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gerald Krause
Sent: January-19-11 9:51 PM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] 7206 L2TP and Gigawords
I stumbled upon this bug in SRD3 too an tried SRE2 but without success.
Does anyone get the Gigawords working with an NPE-G2 acting as LNS?
--
Gerald
Am 06.06.2010 11:14, schrieb Phil Pierotti:
> Hi Arie,
>
> Also:
>
> Checking the Bug Toolkit for that number you mentioned, it says that both
> SRD3 and SRD4 are impacted by this bug. But nothing in SR train is listed
in
> the 'fixed-in' for this bug.
>
> So the obvious question is, given that I need to upgrade - what's the
> recommended IOS for a 7206VXR with NPE-G1 acting as LAC/LNS, some MPLS and
> BGP, a little NAT and some IPSEC.
>
> Thanks,
> PhiL P
>
>
> On Sun, Jun 6, 2010 at 6:54 PM, Phil Pierotti
<phil.pierotti at gmail.com>wrote:
>
>> HI Arie,
>>
>> Thanks for your help - details inline.
>>
>> Since I brought this session up this morning, I have downloaded 6.18GB of
>> LINUX ISOs for testing purposes, and then 'normal internet' use since
then
>> as well, all in this same session.
>>
>> On Sun, Jun 6, 2010 at 4:52 PM, Arie Vayner (avayner)
<avayner at cisco.com>wrote:
>>
>>> Phil,
>>>
>>> I have worked on this kind of an issue and we have CSCsw74470 for this
>>> one, which is integrated in SRD3 (I made sure, and it is there).
>>> The code to generate RADIUS gigawords is there, so this has to be
>>> something else...
>>>
>>> We need to identify if the problem is due to the info not being
>>> collected (i.e. the counters for the interface are 32-bit) or we just do
>>> not report it in RADIUS (so the info is there, and it's "just" not
>>> reported).
>>>
>>> Use these commands:
>>> sh int virtual-access #
>>>
>>>
>> Virtual-Access2.135 is up, line protocol is up
>> Hardware is Virtual Access interface
>> Interface is unnumbered. Using address of Loopback10 (??.??.??.??)
>> MTU 1500 bytes, BW 149760 Kbit, DLY 100000 usec,
>> reliability 255/255, txload 45/255, rxload 7/255
>> Encapsulation PPP, LCP Open
>> Open: IPCP
>> PPPoVPDN vaccess, cloned from Virtual-Template6
>> Vaccess status 0x0
>> Protocol l2tp, tunnel id 55022, session id 6814
>> Keepalive set (10 sec)
>> 2889718 packets input, 341932313 bytes
>> 4778457 packets output, 2503224921 bytes
>> Last clearing of "show interface" counters never
>>
>>
>> Bytes Output reported is 2,503,224,921 or 2.5GB
>>
>> Clearly the problem is a counter wrap/not-being-collected problem.
>>
>>
>>> Look at the counter for a session that should be >4294967296 bytes
>>> in/out (2^32) - Does it overlap to 0, or keep counting beyond 2^32?
>>>
>>> Then, if the counters are >2^32 (which means we count fine, and just
>>> have a reporting issue), use:
>>>
>>> sh subscriber session username <username> detailed
>>>
>>> Look for the "AAA_id", which is a HEX number, and then use it with:
>>> sh aaa user <AAA_id> (in a 0xNNNN format).
>>>
>>> The pre-bytes-in/out field are used by Gigawords. If the counter should
>>> be more than 2^32, then pre-bytes-in/out should be >0.
>>>
>>
>> Interface:
>> TTY Num = -1
>> Stop Received = 0
>> Byte/Packet Counts till Call Start:
>> Start Bytes In = 0 Start Bytes Out = 0
>> Start Paks In = 0 Start Paks Out = 0
>> Byte/Packet Counts till Service Up:
>> Pre Bytes In = 0 Pre Bytes Out = 0
>> Pre Paks In = 0 Pre Paks Out = 0
>> Cumulative Byte/Packet Counts :
>> Bytes In = 342239526 Bytes Out = 2503793377
>> Paks In = 2891654 Paks Out = 4780378
>> StartTime = 09:59:17 AEST Jun 6 2010
>> AuthenTime = 09:59:17 AEST Jun 6 2010
>> Component = VPDN
>>
>> Pre-Bytes are zeros, but they should not be, so this confirms a
>> failure-to-collect problem.
>>
>>
>>>
>>> If all is still fine, look at debug radius...
>>>
>>>
>>> I would suggest to file a TAC case with the following findings, and
>>> maybe reference the above DDTS.... It could be something new...
>>>
>>> Arie
>>>
>>> -----Original Message-----
>>> From: cisco-nsp-bounces at puck.nether.net
>>> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Phil Pierotti
>>> Sent: Sunday, June 06, 2010 05:56
>>> To: cisco-nsp at puck.nether.net
>>> Subject: [c-nsp] 7206 L2TP and Gigawords
>>>
>>> Hi All,
>>>
>>> I'm running a 7206/G1 with AdvIP Services 12.2(33)SRD3 as an LNS.
>>>
>>> Sending periodic accounting updates every ten minutes.
>>>
>>> Running a download test to verify the LNS is sending RADIUS Gigawords
>>> attributes (52 and 53), backending against Freeradius.
>>>
>>> Looking at the freeradius detail log, it's obvious that my LNS is *not*
>>> generating Gigawords attributes.
>>>
>>> >From two successive interim updates, I clearly see byte-counter
>>> rollover and
>>> no packet-counter rollover (same user, same session):
>>>
>>> Acct-Output-Octets = 3883719317
>>> Acct-Output-Packets = 2592080
>>>
>>> Acct-Output-Octets = 257083854
>>> Acct-Output-Packets = 3036810
>>>
>>> And there's no gigawords attribute (Acct-Output-Gigawords, etc) being
>>> generated.
>>>
>>> According to Cisco: gigawords attributes are enabled by default (ie only
>>> the
>>> NO form of the command will show in the config).
>>> I've checked my config, I'm not NO'ing that (why would you?)
>>>
>>> So can anyone suggest why my LNS is not generating these attributes when
>>> they're needed?
>>>
>>> Thanks,
>>> Phil P
>>> _______________________________________________
>>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>>
>>
>>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list