Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
0
Helpful
3
Replies

basic DSL configuration questions

Go to solution
Rik19972000
Level 1
Level 1

‎08-20-2009 08:09 AM - edited ‎03-04-2019 05:47 AM

When configuring a DSL connection

you need:

username, password, pvc

When I check on the internet I see for example encapsulation aal5mux ppp dialer.

Do you need to receive this information also? Or is this trial and error?

What's the difference with encapsulation ppp under the logical interface dialer.

I can't find good docs about the different encapsulation types.

If you setup for example a GRE tunnel then you don't have to add ip nat outside?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-20-2009 08:29 AM

Hello Rik,

you should ask also the encapsulation type to the provider.

possible options are:

aal5snap for classic ip over ATM (rare in consumer services)

aal5mux with PPP over ATM

aal5snap with PPP over Ethernet over ATM

Configuring forms of VPNs over the internet can be done in different ways and yes usually you don't nat over the L3 interface to the vpn.

To be noted that GRE alone does not provide encryption.

Hope to help

Giuseppe

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-20-2009 08:29 AM

Hello Rik,

you should ask also the encapsulation type to the provider.

possible options are:

aal5snap for classic ip over ATM (rare in consumer services)

aal5mux with PPP over ATM

aal5snap with PPP over Ethernet over ATM

Configuring forms of VPNs over the internet can be done in different ways and yes usually you don't nat over the L3 interface to the vpn.

To be noted that GRE alone does not provide encryption.

Hope to help

Giuseppe

0 Helpful

Go to solution
Rik19972000
Level 1
Level 1
In response to Giuseppe Larosa

‎08-20-2009 11:55 AM

What about the MTU?

1492? or less if you use IPSEC/GRE

0 Helpful

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Rik19972000

‎08-20-2009 11:12 PM

Hello Rick,

your understanding is correct and thanks for your kind remarks.

MTU varies depending on the encapsulation even before thinking of VPN:

PPPoE: requires 1492 bytes to accomodate the 8 bytes PPPoE header

other types start from 1500 bytes.

When dealing with IPSEC and GRE depending on the two ways (tunnel mode or transport mode) to do this, additional overheads are present.

You can use the following document as a reference in calculating these overheads

http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/IPSecQoS.html#wp56035

To be noted that the effect of not reducing the MTU can be that of excessive fragmentation with a slow performance for end users.

A possible approach in small branch offices is to set the mtu on PCs also to 1300 bytes in order to take in account all overheads.

We used this fix on some branch offices that connect with IPsec + GRE tunnel mode.

see also for MTU issues with IPSec

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_white_paper09186a00800d6979.shtml

Hope to help

Giuseppe

0 Helpful
Customers Also Viewed These Support Documents