cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Popup Hotspot Using ISR 1000 with WiFi/LTE for Teleworkers and Micro Branchesr
264
Views
5
Helpful
5
Replies
Highlighted

optimize my pppoe server config

hello , i have ASR1006 with esp100

i configure it as pppoe server with freeraduis 

i have now more of 5000 client

but the service is not stable  , sometime user's have many time delay to connecting 

sometime user auto disconnected , and sometime not all user's can authentication , below is my config

what i can add or remove or change in my config to make it optimize and fix my issues  

 

aaa group server radius ANAS
 server name ANAS
!

aaa server radius dynamic-author
 client x.x.x.x server-key 7 121F0C1517190E05242F342D212031015E44
 server-key 7 104D8220A0618
 auth-type any
 ignore session-key
 ignore server-key
!

bba-group pppoe PPPOE_OUT
 virtual-template 3
 sessions per-vc limit 64000
 sessions per-mac limit 64000
 sessions per-vlan limit 64000 inner 64000

interface Virtual-Template3
 mtu 1460
 ip unnumbered Loopback0
 no ip redirects
 ip nat inside
 ip tcp adjust-mss 1400
 ip policy route-map ROUTE-TV
 no logging event link-status
 timeout absolute 4320 0
 peer default ip address pool interface localpool
 keepalive 5
 ppp authentication chap
 ppp ipcp dns 8.8.8.8 8.8.4.4
 ppp timeout retry 80
 ppp timeout authentication 60
 ip virtual-reassembly

interface Port-channel1.905
 description PPPOE-QAYRIA
 encapsulation dot1Q 905
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 pppoe enable group PPPOE_OUT
!


radius-server attribute 44 include-in-access-req all
radius-server attribute 31 mac format one-byte delimiter colon
radius-server attribute 31 send nas-port-detail mac-only
radius-server attribute nas-port-id include circuit-id
radius-server timeout 10
radius-server unique-ident 38
radius-server key 7 1048001B0005100A02003A2E363D20277B41



aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting delay-start all
aaa accounting nested
aaa accounting update periodic 1
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group radius


!
interface Virtual-Template1
 mtu 1460
 ip unnumbered Loopback0
 no ip redirects
 ip nat inside
 ip tcp adjust-mss 1400
 ip policy route-map ROUTE-TV
 no logging event link-status
 peer default ip address pool interface localpool
 keepalive 6
 ppp authentication chap
 ppp ipcp dns 8.8.8.8 8.8.4.4
!

 

 

 

5 REPLIES 5
Highlighted
Hall of Fame Expert

Re: optimize my pppoe server config

Hello @anas.abdullkarim ,

for sure the following line in the bba-group definition is too much

>>

sessions per-mac limit 64000

you should use a per MAC address limit of two to allow a user to reconnect while its previous PPPoE session is deleting.

 

Hope to help

Giuseppe

Highlighted
VIP Mentor

Re: optimize my pppoe server config

Hello,

 

try and strip the virtual template to the most basic config (changes and additions marked in bold):

 

aaa group server radius ANAS
server name ANAS
!
aaa server radius dynamic-author
client x.x.x.x server-key 7 121F0C1517190E05242F342D212031015E44
server-key 7 104D8220A0618
auth-type any
ignore session-key
ignore server-key
!

bba-group pppoe PPPOE_OUT
virtual-template 3
--> no sessions per-vc limit 64000
--> no sessions per-mac limit 64000
--> no sessions per-vlan limit 64000 inner 64000

!

interface Virtual-Template3
--> no mtu 1460
ip unnumbered Loopback0
no ip redirects
ip nat inside
--> no ip tcp adjust-mss 1400
--> no ip policy route-map ROUTE-TV
no logging event link-status
--> no timeout absolute 4320 0
peer default ip address pool interface localpool
--> keepalive 30
ppp authentication chap
ppp ipcp dns 8.8.8.8 8.8.4.4
--> no ppp timeout retry 80
--> no ppp timeout authentication 60
ip virtual-reassembly

interface Port-channel1.905
description PPPOE-QAYRIA
encapsulation dot1Q 905
no ip redirects
no ip unreachables
no ip proxy-arp
pppoe enable group PPPOE_OUT
!
radius-server attribute 44 include-in-access-req all
radius-server attribute 31 mac format one-byte delimiter colon
radius-server attribute 31 send nas-port-detail mac-only
radius-server attribute nas-port-id include circuit-id
radius-server timeout 10
radius-server unique-ident 38
radius-server key 7 1048001B0005100A02003A2E363D20277B41
!
aaa authentication ppp default group radius
aaa authorization network default group radius
aaa accounting delay-start all
aaa accounting nested
aaa accounting update periodic 1
aaa accounting network default start-stop group radius
aaa accounting system default start-stop group radius
!
interface Virtual-Template1
--> no mtu 1460
ip unnumbered Loopback0
no ip redirects
ip nat inside
--> no ip tcp adjust-mss 1400
--> no ip policy route-map ROUTE-TV
no logging event link-status
peer default ip address pool interface localpool
--> keepalive 30
ppp authentication chap
ppp ipcp dns 8.8.8.8 8.8.4.4
!

Highlighted

Re: optimize my pppoe server config

thanks for reply , but why i delete
--> no sessions per-vc limit 64000
--> no sessions per-mac limit 64000
--> no sessions per-vlan limit 64000 inner 64000

someitme i have customer he have more of 1000 client is his switch
maybe my router see it as one mac addreess
Highlighted
VIP Mentor

Re: optimize my pppoe server config

Hello,

 

in that case, leave those lines in there. I just want to see if the problem persists if you take all the extra stuff out...

Highlighted

Re: optimize my pppoe server config