09-29-2009 03:48 PM - edited 03-01-2019 04:26 PM
Introduction:
This document talks about the LNS configuration and troubleshooting which terminates PPP connection from PPPoE client over L2TP.
For PPPoE client configuration, visit
https://supportforums.cisco.com/docs/DOC-6050
For LAC configuration and troubleshooting, visit
https://supportforums.cisco.com/docs/DOC-6101
In this setup, if any user comes in with cisco.com as a domain name as a part of the username ( for exa. ParamPreet@cisco.com) , it will be tunneled to LNS via L2TP. Users with username other than using cisco.com as a domain name will be terminated locally on this router as a LAC.
Topology:
C10K#sh run
Building configuration...
Current configuration : 14917 bytes
!
<snip>
aaa new-model
!
!
aaa authentication ppp default local
! Local database to be used for authentication
aaa authorization network default none
! Local authorization to be used
aaa session-id common
ip subnet-zero
no ip domain lookup
!
vpdn enable
!
vpdn-group LNS
! VPDN group config to terminate tunnel from LAC
accept-dialin
! To configure the router as LNS/HGW
protocol l2tp
! Tunnel protocol is L2TP
virtual-template 1
! Interface on which PPP users will be terminated
terminate-from hostname LAC
source-ip 172.16.167.54
local name LNS
l2tp tunnel password 0 cisco
!Username and password to be used for tunnel authentication
!
!
redundancy
username cisco password 0 cisco
username C2821-CPE password 0 cisco
username ParamPreet@cisco.com password 0 cisco
username ASR1006 password 0 cisco
username LAC password 0 cisco
username LNS password 0 cisco
!
!
!
!
!
interface Loopback0
ip address 20.20.20.1 255.255.255.0
!
interface Loopback1
no ip address
!
interface FastEthernet0/0/0
ip address 172.16.167.54 255.255.255.224
duplex full
speed 100
!
!
<snip>
interface Virtual-Template1
! Interaface on which incoming user PPP session will be terminated
ip unnumbered Loopback0
peer default ip address pool PPPoE-POOL
! Ip address pool from which the ip address will be allocated to the PPP users
ppp authentication chap callin
ppp timeout idle 600 either
!
ip local pool PPPoE-POOL 20.20.20.2 20.20.20.254
!
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.167.33
no ip http server
no ip http secure-server
!
!
!
cdp run
nls resp-timeout 1
cpd cr-id 1
!
!
line con 0
!
line aux 0
privilege level 15
password cisco
line vty 0 4
exec-timeout 60 0
privilege level 15
password cisco
logging synchronous
line vty 5 10
exec-timeout 60 0
privilege level 15
password cisco
logging synchronous
!
end
Tunnel setup messages along with user session setup messages that are being exchanged between LAC and LNS.
The LAC decides that a tunnel must be initiated from the LAC to the LNS.
1. The LAC sends a Start-Control-Connection-Request (SCCRQ). A CHAP challenge and AV Pairs are included in this message.
2. The LNS responds with a Start-Control-Connection-Reply (SCCRP). A CHAP challenge, the response to LAC's challenge and AV Pairs are included in this message.
3. The LAC sends a Start-Control-Connection-Connected (SCCCN). The CHAP response is included in this message.
4. The LNS responds with a Zero-Length Body Acknowledgement (ZLB ACK). That acknowledgement may be carried in another message. The tunnel is up.
5. The LAC sends an Incoming-Call-Request (ICRQ) to the LNS.
6. The LNS responds with an Incoming-Call-Reply (ICRP) message.
7. The LAC sends an Incoming-Call-Connected (ICCN).
8. The LNS responds back with a ZLB ACK. That acknowledgement may also be carried in another message.
9. The session is up.
Note: The messages above used for opening a tunnel or a session carry Attribute Value Pairs (AVPs) defined in RFC 2661. They describe properties and information (such as Bearercap, hostname, vendor name and window size). Some AV pairs are mandatory and others are optional.
Note: A Tunnel ID is used to multiplex and demultiplex tunnels between the LAC and LNS. A session ID is used to identify a particular session with the tunnel.
For L2F, the setup for tunneling a PPP session is the same as for L2TP. It involves:
1. Establishing a tunnel between the NAS and the Home Gateway. This phase takes place only when there is no active tunnel between both devices.
2. Establishing a session between the NAS and the Home Gateway.
C10K#sh debug
General OS:
AAA Authentication debugging is on
AAA Authorization debugging is on
PPP:
PPP authentication debugging is on
PPP protocol negotiation debugging is on
VPN:
L2X protocol events debugging is on
L2X control packets debugging is on
L2X protocol errors debugging is on
VPDN events debugging is on
VPDN errors debugging is on
VPDN packet debugging is on
*Sep 20 21:26:34.343: AAA/BIND(00000006): Bind i/f
*Sep 20 21:26:34.343: AAA/AUTHEN/LOGIN (00000006): Pick method list 'Permanent Local'
C10K#
*Sep 20 21:26:36.355: AAA/AUTHOR (00000006): Method list id=0 not configured. Skip author
C10K#
*Sep 20 21:27:14.643: VPDN FS From tunnel: Received 184 byte pak
*Sep 20 21:27:14.643: VPDN FS From tunnel: Pak consumed
*Sep 20 21:27:14.643: L2X: Parse AVP 0, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Parse SCCRQ
*Sep 20 21:27:14.643: L2X: Parse AVP 2, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Protocol Ver 256
*Sep 20 21:27:14.643: L2X: Parse AVP 3, len 10, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Framing Cap 0x0
*Sep 20 21:27:14.643: L2X: Parse AVP 6, len 8, flag 0x0
*Sep 20 21:27:14.643: L2X: Firmware Ver 0x1130
*Sep 20 21:27:14.643: L2X: Parse AVP 7, len 9, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Hostname LAC
*Sep 20 21:27:14.643: L2X: Parse AVP 8, len 25, flag 0x0
*Sep 20 21:27:14.643: L2X: Vendor Name Cisco Systems, Inc.
*Sep 20 21:27:14.643: L2X: Parse AVP 9, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Assigned Tunnel ID 16382
*Sep 20 21:27:14.643: L2X: Parse AVP 10, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Rx Window Size 1024
*Sep 20 21:27:14.643: L2X: Parse AVP 11, len 22, flag 0x8000 (M)
*Sep 20 21:27:14.643: L2X: Chlng
2F 57 56 FD 44 73 5E 0A 7F 6F 53 8C 0D 24 ED F2
*Sep 20 21:27:14.643: L2X: Parse AVP 56, len 6, flag 0x0
*Sep 20 21:27:14.643: L2X: Unknown AVP 56 in CM SCCRQ
*Sep 20 21:27:14.643: L2X: Ignoring unknown AVP 56
*Sep 20 21:27:14.643: L2X: Unknown AVP found during length verification. AVP is 56, vendor code is 0, len is 6
*Sep 20 21:27:14.643: L2X: Ignoring unknown AVP 56
*Sep 20 21:27:14.643: L2X: Parse AVP 57, len 6, flag 0x0
*Sep 20 21:27:14.643: L2X: Unknown AVP 57 in CM SCCRQ
*Sep 20 21:27:14.643: L2X: Ignoring unknown AVP 57
*Sep 20 21:27:14.643: L2X: Unknown AVP found during length verification. AVP is 57, vendor code is 0, len is 6
*Sep 20 21:27:14.643: L2X: Ignoring unknown AVP 57
*Sep 20 21:27:14.643: L2X: Parse Cisco AVP 110, len 6, flag 0x0
*Sep 20 21:27:14.643: L2X: Cisco AVP 110 is not for SCCRQ
*Sep 20 21:27:14.643: L2X: Unknown AVP found during length verification. AVP is 110, vendor code is 9, len is 6
*Sep 20 21:27:14.643: L2X: Ignoring unknown Cisco AVP 110
*Sep 20 21:27:14.643: L2X: Parse Cisco AVP 111, len 6, flag 0x0
*Sep 20 21:27:14.643: L2X: Cisco AVP 111 is not for SCCRQ
*Sep 20 21:27:14.643: L2X: Unknown AVP found during length verification. AVP is 111, vendor code is 9, len is 6
*Sep 20 21:27:14.643: L2X: Ignoring unknown Cisco AVP 111
*Sep 20 21:27:14.643: L2X: No missing AVPs in SCCRQ
*Sep 20 21:27:14.643: L2X: I SCCRQ, flg TLS, ver 2, len 142, tnl 0, cl 0, ns 0, nr 0
contiguous pak, size 142
C8 02 00 8E 00 00 00 00 00 00 00 00 80 08 00 00
00 00 00 01 80 08 00 00 00 02 01 00 80 0A 00 00
00 03 00 00 00 00 00 08 00 00 00 06 11 30 80 09
00 00 00 07 4C 41 43 00 19 00 00 00 08 43 69 73
63 6F 20 53 79 73 74 65 ...
*Sep 20 21:27:14.643: L2TP: I SCCRQ from LAC tnl 16382
! SCCRQ for tunnel setup received from LAC
*Sep 20 21:27:14.643: Tnl 8468 L2TP: Got a challenge in SCCRQ, LAC
*Sep 20 21:27:14.643: Tnl 8468 L2TP: New tunnel created for remote LAC, address 172.16.163.48
*Sep 20 21:27:14.643: Tnl 8468 L2TP: O SCCRP to LAC tnlid 16382
! RSCCRP sent from LNS
*Sep 20 21:27:14.643: Tnl 8468 L2TP: O SCCRP, flg TLS, ver 2, len 150, tnl 16382, cl 0, ns 0, nr 1
C8 02 00 96 3F FE 00 00 00 00 00 01 80 08 00 00
00 00 00 02 80 08 00 00 00 02 01 00 80 0A 00 00
00 03 00 00 00 00 80 0A 00 00 00 04 00 00 00 00
00 08 00 00 00 06 11 20 80 09 00 00 00 07 4C 4E
53 00 19 00 00 00 08 ...
*Sep 20 21:27:14.643: Tnl 8468 L2TP: Control channel retransmit delay set to 1 seconds
*Sep 20 21:27:14.643: Tnl 8468 L2TP: Tunnel state change from idle to wait-ctl-reply
*Sep 20 21:27:14.647: VPDN FS From tunnel: Received 84 byte pak
*Sep 20 21:27:14.647: VPDN FS From tunnel: Pak consumed
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse SCCCN
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse AVP 13, len 22, flag 0x8000 (M)
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Chlng Resp
31 92 AC F1 88 35 88 2C DA 97 CA 74 3F C1 E9 4D
*Sep 20 21:27:14.647: Tnl 8468 L2TP: No missing AVPs in SCCCN
*Sep 20 21:27:14.647: Tnl 8468 L2TP: I SCCCN, flg TLS, ver 2, len 42, tnl 8468, cl 0, ns 1, nr 1
! SCCN is received from LAC to complete Tunnel authentication and setup
contiguous pak, size 42
C8 02 00 2A 21 14 00 00 00 01 00 01 80 08 00 00
00 00 00 03 80 16 00 00 00 0D 31 92 AC F1 88 35
88 2C DA 97 CA 74 3F C1 E9 4D
*Sep 20 21:27:14.647: Tnl 8468 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 16382, cl 0, ns 1, nr 2
C8 02 00 0C 3F FE 00 00 00 01 00 02
*Sep 20 21:27:14.647: Tnl 8468 L2TP: I SCCCN from LAC tnl 16382
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Got a Challenge Response in SCCCN from LAC
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Tunnel Authentication success
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Tunnel state change from wait-ctl-reply to established
*Sep 20 21:27:14.647: Tnl 8468 L2TP: SM State established
*Sep 20 21:27:14.647: VPDN FS From tunnel: Received 105 byte pak
*Sep 20 21:27:14.647: VPDN FS From tunnel: Pak consumed
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse ICRQ
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse AVP 14, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Assigned Call ID 25529
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Parse AVP 15, len 10, flag 0x8000 (M)
*Sep 20 21:27:14.647: Tnl 8468 L2TP: Serial Number -1237467294
*Sep 20 21:27:14.651: Tnl 8468 L2TP: Parse AVP 18, len 10, flag 0x8000 (M)
*Sep 20 21:27:14.651: Tnl 8468 L2TP: Bearer Type 0
*Sep 20 21:27:14.651: Tnl 8468 L2TP: Parse Cisco AVP 100, len 15, flag 0x0
*Sep 20 21:27:14.651: Tnl 8468 L2TP: Client NAS Port
0F 10 09 02 03 01 00 02 9A
*Sep 20 21:27:14.651: Tnl 8468 L2TP: No missing AVPs in ICRQ
*Sep 20 21:27:14.651: Tnl 8468 L2TP: I ICRQ, flg TLS, ver 2, len 63, tnl 8468, cl 0, ns 2, nr 1
contiguous pak, size 63
C8 02 00 3F 21 14 00 00 00 02 00 01 80 08 00 00
00 00 00 0A 80 08 00 00 00 0E 63 B9 80 0A 00 00
00 0F B6 3D BF 62 80 0A 00 00 00 12 00 00 00 00
00 0F 00 09 00 64 0F 10 09 02 03 01 00 02 9A
*Sep 20 21:27:14.651: Tnl 8468 L2TP: I ICRQ from LAC tnl 16382
! User session information is forwarded from LAC
*Sep 20 21:27:14.651: Tnl/Sn 8468/3 L2TP: Session FS enabled
*Sep 20 21:27:14.651: Tnl/Sn 8468/3 L2TP: Session state change from idle to wait-connect
*Sep 20 21:27:14.651: Tnl/Sn 8468/3 L2TP: New session created
*Sep 20 21:27:14.651: Tnl/Sn 8468/3 L2TP: O ICRP to LAC 16382/25529
*Sep 20 21:27:14.651: Tnl/Sn 8468/3 L2TP: O ICRP, flg TLS, ver 2, len 28, tnl 16382, cl 25529, ns 1, nr 3
C8 02 00 1C 3F FE 63 B9 00 01 00 03 80 08 00 00
00 00 00 0B 80 08 00 00 00 0E 00 03
*Sep 20 21:27:14.651: Tnl 8468 L2TP: Control channel retransmit delay set to 1 seconds
*Sep 20 21:27:14.651: VPDN FS From tunnel: Received 60 byte pak
*Sep 20 21:27:14.651: VPDN FS From tunnel: Pak consumed
*Sep 20 21:27:14.655: VPDN FS From tunnel: Received 213 byte pak
*Sep 20 21:27:14.655: VPDN FS From tunnel: Pak consumed
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse ICCN
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 19, len 10, flag 0x8000 (M)
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Framing Type 1
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 24, len 10, flag 0x8000 (M)
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Connect Speed 100000000
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 27, len 21, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Last Sent LCPREQ
01 04 05 DC 03 05 C2 23 05 05 06 24 80 DE 05
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 28, len 12, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Last Rx LCPREQ
05 06 1C 3F 13 95
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 29, len 8, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Proxy Auth Type 2
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 30, len 21, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Proxy Auth Name ParamPreet@cisco.com
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 31, len 22, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Proxy Auth Chal
A9 09 74 32 2B C5 0C 65 C9 B8 D2 42 29 31 E9 43
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 32, len 8, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Proxy Auth ID 1
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 33, len 22, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Proxy Auth Resp
97 54 33 E9 B2 53 2E 42 3E 1B C9 48 14 24 FE C8
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse AVP 38, len 10, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Rx Speed 100000000
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Parse Cisco AVP 107, len 7, flag 0x0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: Fixed CHAP Challenge ID 0
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: No missing AVPs in ICCN
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: I ICCN, flg TLS, ver 2, len 171, tnl 8468, cl 3, ns 3, nr 2
contiguous pak, size 171
C8 02 00 AB 21 14 00 03 00 03 00 02 80 08 00 00
00 00 00 0C 80 0A 00 00 00 13 00 00 00 01 80 0A
00 00 00 18 05 F5 E1 00 00 15 00 00 00 1B 01 04
05 DC 03 05 C2 23 05 05 06 24 80 DE 05 00 0C 00
00 00 1C 05 06 1C 3F 13 ...
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 16382, cl 0, ns 2, nr 4
C8 02 00 0C 3F FE 00 00 00 02 00 04
*Sep 20 21:27:14.655: Tnl/Sn 8468/3 L2TP: I ICCN from LAC tnl 16382, cl 25529
*Sep 20 21:27:14.659: ParamPreet@cisco.com Tnl/Sn 8468/3 L2TP: Session state change from wait-connect to wait-for-service-selection
*Sep 20 21:27:14.659: AAA/BIND(00000007): Bind i/f Virtual-Template1
*Sep 20 21:27:14.659: AAA/AUTHOR (00000007): Method=None for method list id=00000000. Skip author
*Sep 20 21:27:14.659: ppp2 PPP: Authorization NOT required
*Sep 20 21:27:14.659: ppp2 PPP: Phase is ESTABLISHING
*Sep 20 21:27:14.659: ppp2 PPP: Send Message[Dynamic Bind Response]
*Sep 20 21:27:14.659: ppp2 LCP: I FORCED rcvd CONFACK len 15
*Sep 20 21:27:14.659: ppp2 LCP: MRU 1500 (0x010405DC)
*Sep 20 21:27:14.659: ppp2 LCP: AuthProto CHAP (0x0305C22305)
*Sep 20 21:27:14.659: ppp2 LCP: MagicNumber 0x2480DE05 (0x05062480DE05)
*Sep 20 21:27:14.659: ppp2 LCP: I FORCED sent CONFACK len 6
*Sep 20 21:27:14.659: ppp2 LCP: MagicNumber 0x1C3F1395 (0x05061C3F1395)
! Forced LCP from LNS in the event of mismatch on LCP parameters negotiated by LAC
*Sep 20 21:27:14.659: ppp2 PPP: Phase is FORWARDING, Attempting Forward
*Sep 20 21:27:14.659: ppp2 PPP: Phase is AUTHENTICATING, Unauthenticated User
*Sep 20 21:27:14.659: AAA/AUTHEN/PPP (00000007): Pick method list 'default'
*Sep 20 21:27:14.659: ppp2 PPP: Sent CHAP LOGIN Request
*Sep 20 21:27:14
C10K#.659: ppp2 PPP: Received LOGIN Response PASS
*Sep 20 21:27:14.659: ppp2 PPP: Phase is FORWARDING, Attempting Forward
*Sep 20 21:27:14.659: ppp2 PPP: Send Message[Connect Local]
*Sep 20 21:27:14.659: Vi2.1 Tnl/Sn 8468/3 L2TP: Virtual interface created for ParamPreet@cisco.com, bandwidth 100000 Kbps
*Sep 20 21:27:14.659: ppp2 PPP: Bind to [Virtual-Access2.1]
*Sep 20 21:27:14.659: AAA/BIND(00000007): Bind i/f Virtual-Access2.1
*Sep 20 21:27:14.659: Vi2.1 PPP: Send Message[Static Bind Response]
*Sep 20 21:27:14.659: Vi2.1 Tnl/Sn 8468/3 L2TP: VPDN session up
*Sep 20 21:27:14.659: Vi2.1 Tnl/Sn 8468/3 L2TP: Session state change from wait-for-service-selection to established
*Sep 20 21:27:14.659: Vi2.1 PPP: Phase is AUTHENTICATING, Authenticated User
*Sep 20 21:27:14.659: Vi2.1 CHAP: O SUCCESS id 1 len 4
! Authentication succeeded for incoming user
*Sep 20 21:27:14.659: Vi2.1 VPDN FS Network to tunnel: Punted 44 byte pak to l2x process queue
*Sep 20 21:27:14.659: Vi2.1 PPP: Phase is UP
*Sep 20 21:27:14.659: Vi2.1 AAA/AUTHOR/FSM: We can start IPCP
*Sep 20 21:27:14.663: Vi2.1 IPCP: O CONFREQ [Closed] id 1 len 10
! IPCP phase started for IP address negotiation for incoming user
*Sep 20 21:27:14.663: Vi2.1 IPCP: Address 20.20.20.1 (0x030614141401)
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Network to tunnel: Punted 50 byte pak to l2x process queue
*Sep 20 21:27:14.663: Vi2.1 PPP: Process pending ncp packets
*Sep 20 21:27:14.663: Vi2.1 VPDN PROCESS Into tunnel: Sending 44 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN PROCESS Into tunnel: Sending 50 byte pak
*Sep 20 21:27:14.663: VPDN FS From tunnel: Received 64 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Sending 14 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Fastswitching failed, punting pkt to process
*Sep 20 21:27:14.663: Vi2.1 VPDN FS From tunnel: Punted 14 byte pak to ppp parse and iqueue
*Sep 20 21:27:14.663: VPDN FS From tunnel: Received 60 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Sending 8 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Fastswitching failed, punting pkt to process
*Sep 20 21:27:14.663: Vi2.1 VPDN FS From tunnel: Punted 8 byte pak to ppp parse and iqueue
*Sep 20 21:27:14.663: VPDN FS From tunnel: Received 64 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Sending 14 byte pak
*Sep 20 21:27:14.663: Vi2.1 VPDN FS Tunnel to network: Fastswitching failed, punting pkt to process
*Sep 20 21:27:14.663: Vi2.1 VPDN FS From tunnel: Punted 14 byte pak to ppp parse and iqueue
*Sep 20 21:27:14.663: Vi2.1 IPCP: I CONFREQ [REQsent] id 1 len 10
*Sep 20 21:27:14.663: Vi2.1 IPCP: Address 0.0.0.0 (0x030600000000)
*Sep 20 21:27:14.667: Vi2.1 IPCP: Pool returned 20.20.20.2
*Sep 20 21:27:14.667: Vi2.1 IPCP: O CONFNAK [REQsent] id 1 len 10
*Sep 20 21:27:14.667: Vi2.1 IPCP: Address 20.20.20.2 (0x030614141402)
*Sep 20 21:27:14.667: Vi2.1 VPDN FS Network to tunnel: Punted 50 byte pak to l2x process queue
*Sep 20 21:27:14.667: Vi2.1 IPCP: I CONFACK [REQsent] id 1 len 10
*Sep 20 21:27:14.667: Vi2.1 IPCP: Address 20.20.20.1 (0x030614141401)
*Sep 20 21:27:14.667: Vi2.1 CDPCP: I CONFREQ [Not negotiated] id 1 len 4
*Sep 20 21:27:14.667: Vi2.1 LCP: O PROTREJ [Open] id 1 len 10 protocol CDPCP (0x820701010004)
*Sep 20 21:27:14.667: Vi2.1 VPDN FS Network to tunnel: Punted 50 byte pak to l2x process queue
*Sep 20 21:27:14.667: Vi2.1 VPDN PROCESS Into tunnel: Sending 50 byte pak
*Sep 20 21:27:14.667: Vi2.1 VPDN PROCESS Into tunnel: Sending 50 byte pak
*Sep 20 21:27:14.667: VPDN FS From tunnel: Received 64 byte pak
*Sep 20 21:27:14.667: Vi2.1 VPDN FS Tunnel to network: Sending 14 byte pak
*Sep 20 21:27:14.667: Vi2.1 VPDN FS Tunnel to network: Fastswitching failed, punting pkt to process
*Sep 20 21:27:14.667: Vi2.1 VPDN FS From tunnel: Punted 14 byte pak to ppp parse and iqueue
*Sep 20 21:27:14.667: Vi2.1 IPCP: I CONFREQ [ACKrcvd] id 2 len 10
*Sep 20 21:27:14.667: Vi2.1 IPCP: Address 20.20.20.2 (0x030614141402)
*Sep 20 21:27:14.667: Vi2.1 IPCP: O CONFACK [ACKrcvd] id 2 len 10
*Sep 20 21:27:14.667: Vi2.1 IPCP: Address 20.20.20.2 (0x030614141402)
*Sep 20 21:27:14.667: Vi2.1 VPDN FS Network to tunnel: Punted 50 byte pak to l2x process queue
*Sep 20 21:27:14.667: Vi2.1 IPCP: State is Open
*Sep 20 21:27:14.667: Vi2.1 VPDN PROCESS Into tunnel: Sending 50 byte pak
*Sep 20 21:27:14.667: Vi2.1 IPCP: Install route to 20.20.20.2
C10K#sh users
Line User Host(s) Idle Location
0 con 0 idle 01:28:14
2 vty 0 cisco idle 00:08:57 10.82.211.163
* 3 vty 1 cisco idle 00:00:00 171.69.89.47
4 vty 2 cisco idle 00:00:48 10.82.248.114
Interface User Mode Idle Peer Address
Vi2.1 ParamPreet@cisco.com PPPoVPDN 00:00:26 20.20.20.2
C10K#sh int virtual-a2.1
Virtual-Access2.1 is up, line protocol is up
Hardware is Virtual Access interface
Interface is unnumbered. Using address of Loopback0 (20.20.20.1)
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoVPDN vaccess, cloned from Virtual-Template1
Vaccess status 0x0
Protocol l2tp, tunnel id 64102, session id 5
Keepalive set (10 sec)
43 packets input, 1466 bytes
40 packets output, 1064 bytes idle 00:07:49
Last clearing of "show interface" counters never
C10K#sh caller timeouts
Line User Limit Remaining Timer Type
con 0 - - - -
vty 3 cisco 01:00:00 00:59:59 Idle Exec
Vi2.1 ParamPreet@cisco.com 00:10:00 00:09:20 PPP idle
C10K#sh caller user ParamPreet@cisco.com detailed
User: ParamPreet@cisco.com, line Vi2.1, service PPPoVPDN
Connected for 00:04:18, Idle for 00:01:18
Timeouts: Limit Remaining Timer Type
00:10:00 00:08:41 PPP idle
PPP: LCP Open, CHAP (<-), IPCP
LCP: -> peer, MRU, AuthProto, MagicNumber
<- peer, MagicNumber
NCP: Open IPCP
IPCP: <- peer, Address
-> peer, Address
IP: Local 20.20.20.1, remote 20.20.20.2
Counts: 70 packets input, 2338 bytes
67 packets output, 1936 bytes
C10K#
*Sep 20 21:40:09.983: Vi2.1 VPDN FS Tunnel to network: Fastswitching failed, punting pkt to process
*Sep 20 21:40:09.983: Vi2.1 VPDN FS From tunnel: Punted 16 byte pak to ppp parse and iqueue
C10K#sh caller user ParamPreet@cisco.com detailed
User: ParamPreet@cisco.com, line Vi2.1, service PPPoVPDN
Connected for 00:08:41, Idle for 00:05:40
Timeouts: Limit Remaining Timer Type
00:10:00 00:04:19 PPP idle
PPP: LCP Open, CHAP (<-), IPCP
LCP: -> peer, MRU, AuthProto, MagicNumber
<- peer, MagicNumber
NCP: Open IPCP
IPCP: <- peer, Address
-> peer, Address
IP: Local 20.20.20.1, remote 20.20.20.2
Counts: 120 packets input, 3138 bytes
117 packets output, 2736 bytes
Disconnecting user session:
*Sep 20 21:48:48.755: VPDN FS From tunnel: Received 130 byte pak
*Sep 20 21:48:48.755: VPDN FS From tunnel: Pak consumed
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse CDN
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse AVP 1, len 38, flag 0x8000 (M)
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Result code(2): 2: Call disconnected, refer to error msg
*Sep 20 21:48:48.755: Error code(6): Vendor specific
*Sep 20 21:48:48.755: Optional msg: user-request/Call Disconnect
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse AVP 14, len 8, flag 0x8000 (M)
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Assigned Call ID 44667
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse AVP 46, len 11, flag 0x0
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: disconnected, code 3, direction local for CP 0x0
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Parse Cisco AVP 104, len 11, flag 0x0
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: PPP Disconnect Cause Code (Cisco) Already rcvd IETF version, ignoring
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: No missing AVPs in CDN
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: I CDN, flg TLS, ver 2, len 88, tnl 64102, cl 5, ns 15, nr 2
contiguous pak, size 88
C8 02 00 58 FA 66 00 05 00 0F 00 02 80 08 00 00
00 00 00 0E 80 26 00 00 00 01 00 02 00 06 75 73
65 72 2D 72 65 71 75 65 73 74 2F 43 61 6C 6C 20
44 69 73 63 6F 6E 6E 65 63 74 80 08 00 00 00 0E
AE 7B 00 0B 00 00 00 2E ...
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 45050, cl 0, ns 2, nr 16
C8 02 00 0C AF FA 00 00 00 02 00 10
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: I CDN from LAC tnl 45050, cl 44667
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: disconnect (L2X) IETF: 18/host-request Ascend: 66/VPDN Local PPP Disconnect
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Destroying session
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Session state change from established to idle
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Accounting stop sent
*Sep 20 21:48:48.755: Vi2.1 Tnl/Sn 64102/5 L2TP: Unbinding session from idb
*Sep 20 21:48:48.759: Vi2.1 VPDN: Resetting interface
*Sep 20 21:48:48.759: Vi2.1 PPP: Block vaccess from being freed [0x19]
*Sep 20 21:48:48.759: Tnl 64102 L2TP: Tunnel state change from established to no-sessions-left
*Sep 20 21:48:48.759: Tnl 64102 L2TP: No more sessions in tunnel, shutdown (likely) in 10 seconds
*Sep 20 21:48:49.151: Vi2.1 PPP: Missed link down notification
*Sep 20 21:48:49.151: Vi2.1 PPP: Sending Acct Event[Down] id[9]
*Sep 20 21:48:49.151: Vi2.1 IPCP: State is Closed
*Sep 20 21:48:49.151: Vi2.1 PPP: Unlocked by [0x1] Still Locked by [0x18]
*Sep 20 21:48:49.151: Vi2.1 PPP: Unlocked by [0x10] Still Locked by [0x8]
*Sep 20 21:48:49.151: Vi2.1 PPP: Phase is TERMINATING
*Sep 20 21:48:49.151: Vi2.1 LCP: State is Closed
*Sep 20 21:48:49.151: Vi2.1 PPP: Phase is DOWN
*Sep 20 21:48:49.151: Vi2.1 PPP: Send Message[Disconnect]
*Sep 20 21:48:49.151: Vi2.1 PPP: Unlocked by [0x8] Still Locked by [0x0]
C10K#
*Sep 20 21:48:49.151: Vi2.1 PPP: Free previously blocked vaccess
*Sep 20 21:48:49.151: Vi2.1 IPCP: Remove route to 20.20.20.2
C10K#
*Sep 20 21:48:58.759: Tnl 64102 L2TP: O StopCCN to LAC tnlid 45050
*Sep 20 21:48:58.759: Tnl 64102 L2TP: O StopCCN, flg TLS, ver 2, len 38, tnl 45050, cl 0, ns 2, nr 16
C8 02 00 26 AF FA 00 00 00 02 00 10 80 08 00 00
00 00 00 04 80 08 00 00 00 09 FA 66 80 0A 00 00
00 01 00 01 00 00
*Sep 20 21:48:58.759: Tnl 64102 L2TP: Control channel retransmit delay set to 1 seconds
*Sep 20 21:48:58.759: Tnl 64102 L2TP: Tunnel state change from no-sessions-left to shutting-down
*Sep 20 21:48:58.759: VPDN FS From tunnel: Received 60 byte pak
C10K#
*Sep 20 21:48:58.759: VPDN FS From tunnel: Pak consumed
*Sep 20 21:48:59.759: Tnl 64102 L2TP: Control channel retransmit delay set to 1 seconds
C10K#
*Sep 20 21:49:03.759: Tnl 64102 L2TP: Shutdown tunnel
*Sep 20 21:49:03.759: Tnl 64102 L2TP: Tunnel state change from shutting-down to idle
hi.
You mentioned AV pairs are included in the LAC message. How can we get this value frpm LNS? Particluarly the type 38/24 attribute for the TX/RX speed?
Is there a show command or via SNMP?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: