Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
794
Views
1
Helpful
4
Replies

l2tp lac-lns session not found

Go to solution
Amirmahdi.M
Level 1
Level 1

‎12-22-2023 04:02 AM - edited ‎12-22-2023 04:05 AM

Hi everyone

We are giving some lac-lns services to local isp but after a packet loss or some kind of interruption, the sessions dont establish anymore.

I simulated the scenario in eve-ng and the same thing happened. the session log is attached.

after debuggin, looks like the lac is dropping ICRP messages and saying "session XXXXXX not found".

i think the l2tp tunnel gets out of sync.

Any ideas what am i missing?

Here is the configuration on the lac(CSR1000V - IOS XE17.3.2)

XE17#show run | s l2tp|vpdn
vpdn enable
vpdn aaa attribute nas-port vpdn-nas
vpdn logging
vpdn logging local
vpdn logging tunnel-drop
vpdn logging dead-cache
vpdn session rate compute
vpdn search-order domain dnis
vpdn-group LAC-LNS
request-dialin
protocol l2tp
domain vpdn.com
initiate-to ip 192.168.1.2
source-ip 192.168.1.1
local name CISCO-LAC
no l2tp tunnel authentication

 

Thanks

Amir

Labels:
Preview file
145 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Amirmahdi.M
Level 1
Level 1

‎12-22-2023 08:05 AM

After about 6 months, I finnaly figured out how to resolve this problem.

when there is a problem with the tunnel, there is a buildup of the unsent queue on the tunnel.

by using the command "vpdn queuesize-alert 500" a log will be generated.

we can use the log with EEM(EMBEDDED EVENT MANAGER) to restart the tunnel automatically

event manager applet test
event syslog pattern ".*UnsetQ reached msg alert threshold.*"
action 010 cli command "enable"
action 020 cli command "clear l2tp all" pattern "confirm"
action 030 cli command "y"
action 040 syslog msg "L2TP Tunnel Restarted"

 

We can also use the session limit to establish the sessions with a lower rate.

Special thanks to --> https://community.cisco.com/t5/network-management/router-reload-or-shut-noshut-when-l2tp-tunnel-goes-down/td-p/2607529

Amir

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Amirmahdi.M
Level 1
Level 1

‎12-22-2023 04:05 AM

Also i tried with lns being cisco or mikrotik devices but the problem persists.

@MHM Cisco World 

I'd be glad if you can help.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to Amirmahdi.M

‎12-22-2023 04:24 AM

Hi friend

First try remove vpdn domain  and search order 

If not solve issue share config 

MHM

Go to solution
Amirmahdi.M
Level 1
Level 1

‎12-22-2023 05:38 AM

the vpdn domain and search orfer configs are for distiniguishing the local isp's users from normal pppoe users. i cant remove them.

its like if a normal user sets the ppp username to "ppp1" the pppoe gets established on my router(LAC).

but the a user sets the ppp username to "ppp1@vpdn.com" the session gets established on the remote router(LNS).

 

0 Helpful

Go to solution
Amirmahdi.M
Level 1
Level 1

‎12-22-2023 08:05 AM

After about 6 months, I finnaly figured out how to resolve this problem.

when there is a problem with the tunnel, there is a buildup of the unsent queue on the tunnel.

by using the command "vpdn queuesize-alert 500" a log will be generated.

we can use the log with EEM(EMBEDDED EVENT MANAGER) to restart the tunnel automatically

event manager applet test
event syslog pattern ".*UnsetQ reached msg alert threshold.*"
action 010 cli command "enable"
action 020 cli command "clear l2tp all" pattern "confirm"
action 030 cli command "y"
action 040 syslog msg "L2TP Tunnel Restarted"

 

We can also use the session limit to establish the sessions with a lower rate.

Special thanks to --> https://community.cisco.com/t5/network-management/router-reload-or-shut-noshut-when-l2tp-tunnel-goes-down/td-p/2607529

Amir

 

0 Helpful
Customers Also Viewed These Support Documents