cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2753
Views
20
Helpful
16
Replies
Highlighted

question about start ipv6 in L2TP tunnel between LAC & LNS router

hi ,

my system topology is an ADSL technoglogy topology

here is my  topology :

http://www.rracuares.com/wp-content/uploads/2010/07/PPPoE-over-L2TP.png

im just want to ask , wt config i need to modify LAC router and LNS router so as the end users get an ipv6 ips .

plz  pay attention only on LAC & LNS Routers

now ,

both of them are using ipv4 support and the infrastructure is ipv4. and the end user get only ipv4 ips .

my question is , wt config we need to modify so as the L2TP tunnel become ipv6 and the end users get ipv6 ips on thier adsl router ??

here is the config below :

LNS CONFIG:

LNS#sh running-config

Building configuration...

Current configuration : 1318 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname LNS

!

boot-start-marker

boot-end-marker

!

!

aaa new-model

!

!

aaa authentication login default local

aaa authentication ppp default local

aaa authorization network default local

!

aaa session-id common

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

!

ip cef

no ip domain lookup

!

!

!

vpdn enable

!

vpdn-group 1

accept-dialin

  protocol l2tp

  virtual-template 1

terminate-from hostname LAC

source-ip 1.1.1.8

l2tp tunnel password 0 rracuares

!

!

!

!        

!

!

!

!

!

!

!

!

!

!

!

username rejohn@cuares.com privilege 0 password 0 rejohn

!

!

!

!

!

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 1.1.1.8 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered FastEthernet1/0

ip mtu 1492

peer default ip address pool PPPoE-POOL

ppp authentication pap

!

ip local pool PPPoE-POOL 20.20.20.2 20.20.20.254

no ip http server

no ip http secure-server

!

ip classless

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

password 123

logging synchronous

line aux 0

line vty 0 4

!

!        

end

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

LAC :config

LAC#sh running-config 

Building configuration...

Current configuration : 1230 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname LAC

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

!

ip cef

no ip domain lookup

!        

!        

!        

vpdn enable

vpdn search-order domain 

!        

vpdn-group 1

request-dialin

  protocol l2tp

  domain rracuares.com

initiate-to ip 1.1.1.8 priority 1

local name LAC

l2tp tunnel password 0 rracuares

!        

!        

!        

!        

!        

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

bba-group pppoe global

virtual-template 1

!

!

interface FastEthernet0/0

ip address 1.1.1.6 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 10.252.102.49 255.255.255.240

duplex auto

speed auto

pppoe enable group global

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet3/0

no ip address

shutdown

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered FastEthernet1/0

ppp authentication pap

!        

no ip http server

no ip http secure-server

!

ip classless

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

password 123

logging synchronous

login

line aux 0

line vty 0 4

login

!

!

end

reagrds

Ahmad

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Hall of Fame Cisco Employee

Hello Ahmad,

You are welcome

did u mean that the PSTN side dont need any modifications so as to support ipv6 to customers adsl router ??

Quite correct - the PSTN side does not need any modifications. Assuming that the client uses PPPoE, his IP traffic is encapsulated as follows:

Ethernet|PPPoE|PPP|IPv4/6

The transmission chain in DSL service just takes the entire Ethernet frame with whatever contents it may have and carries it over the provider's network to the ISP aggregation router. The IPv4/IPv6 packets will first emerge and get processed on the LNS. No other device will see or process them sooner.

Best regards,

Peter

View solution in original post

16 REPLIES 16
Highlighted
Hall of Fame Cisco Employee

Hello Ahmed,

The only necessary change should be to enable IPv6 on the Virtual-Template 1 on the LNS. The L2TP protocol tunnels entire PPP frames received from the PPPoE client. Whether the PPP frames carry IPv4 or IPv6 packets is irrelevant to the L2TP operation. No configuration change on the LAC is necessary.

So the modifications on the LNS are these (the commands shown here should be added to your existing configuration):

ipv6 unicast-routing

!

ipv6 local pool IPv6POOL 2001:DB8:FFFF::/48 64

!

interface Loopback1

ipv6 address 2001:DB8::1/128

!

interface Virtual-Template1

ipv6 unnumbered Loopback1

ipv6 mtu 1492

no ipv6 nd ra suppress

peer default ipv6 pool IPv6POOL

The pool IPv6POOL allocates a /64 subnet to each connected client from the 2001:db8:ffff::/48 range (IPv6 pools are prefix-based, not address-based). The no ipv6 nd ra suppress command is necessary to allow sending Router Advertisements through each PPP session to allow the client to use stateless autoconfiguration.

Suggestions to your existing configuration:

  • On the LAC, the IP address on the Fa1/0 interface is not necessary for client PPPoE connectivity. If you are performing other IP communication through the interface then you may leave it there, but otherwise, this IP address is not required for clients and their PPPoE sessions.
  • On the LAC, the ip unnumbered command on the Virtual-Template1 interface is useless and shall be removed.

Best regards,

Peter

Highlighted

hi  peter ,

Thank u very much for ur reply , u really suprprised  me , i thought there will be alot of modifications in the LNS & LAC so that we config  support ipv6 to clients.

any way ,

i would like to mention that the above tpology is just  a simulation on GNS3 , but actually i work in an isp and on my LNS server there are similar configs ,

i have only an access to LNS not on LAC.

but again ,

did u mean that the PSTN side dont need any modifications so as to support ipv6 to customers adsl router ??

im really appreaciting ur help cause u gave me a breif info about my modifications configs .

regards

Ahmad

Highlighted
Hall of Fame Cisco Employee

Hello Ahmad,

You are welcome

did u mean that the PSTN side dont need any modifications so as to support ipv6 to customers adsl router ??

Quite correct - the PSTN side does not need any modifications. Assuming that the client uses PPPoE, his IP traffic is encapsulated as follows:

Ethernet|PPPoE|PPP|IPv4/6

The transmission chain in DSL service just takes the entire Ethernet frame with whatever contents it may have and carries it over the provider's network to the ISP aggregation router. The IPv4/IPv6 packets will first emerge and get processed on the LNS. No other device will see or process them sooner.

Best regards,

Peter

View solution in original post

Highlighted

hi peter ,

thanks very much

soon i will try it , and give u a reply

regards

Ahmad

Highlighted

hi peter , i would like to ask about another behaviuor

wt will haped if i configured on the virtual template both ipv4 and ipv6 ips and pools .

the customer will get v4 or v6 ???

assume the config below is configured:

loopback1 is ipv4

loopback 2 is ipv6

=========================

interface Virtual-Template1

ip unnumbered Loopback1

ip tcp adjust-mss 1412

no logging event link-status

ipv6 unnumbered Loopback2

no ipv6 nd ra suppress

peer default ip address pool a1 a2

peer default ipv6 pool z1

ppp mtu adaptive

ppp authentication pap vpdn

ppp authorization vpdn

ppp accounting vpdn

=================================

will the customer get ipv4 or ipv6 ??

regards

Highlighted
Hall of Fame Cisco Employee

Hello Ahmad,

PPP is an awesome protocol in the regard that it provides an ability for both parties to individually negotiate each higher-level protocol that should be carried over the PPP session. Both endpoints have to agree on the particular higher-level protocol, otherwise this protocol will not be carried over the PPP link. Now, your configuration prepares the LNS for both IPv4 and IPv6. Now it is up to each client what protocols it wants to carry over the PPP session. If a client comes and is willing to negotiate both IPv4 and IPv6, it will get both IPv4 and IPv6 address and connectivity. If a client comes and negotiates only a selected protocol, either IPv4 or IPv6, this negotiated protocol will be the only one that is carried over the link, and the other protocol will be suppressed.

So in the end, it depends on the client and its configuration what IP protocol will be enabled on this PPP connection. The client will get IPv4, IPv6 or both depending on its own configuration. Your LNS is currently prepared to provide both.

Best regards,

Peter

Highlighted

hi peter ,

thanks thanks thanks

regards

Ahmad

Highlighted

hi peter ,

i woild like to ask another question in the same subject , which is about vpdn .

if i  type

#debug vpdn error

on the LNS router ,

i have the following console message on my LNS router ,

========================================================

L2X_ADJ: Vi563:midchain adj repopulate, nothing to do

L2X_ADJ: Vi957:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1133:midchain adj repopulate, nothing to do

L2X_ADJ: Vi737:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1159:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1127:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1164:midchain adj repopulate, nothing to do

L2X_ADJ: Vi931:adj notify change failed, no session

L2X_ADJ: Vi12:midchain adj repopulate, nothing to do

L2X_ADJ: Vi793:midchain adj repopulate, nothing to do

L2X_ADJ: Vi496:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1063:midchain adj repopulate, nothing to do

L2X_ADJ: Vi994:midchain adj repopulate, nothing to do

L2X_ADJ: Vi98:midchain adj repopulate, nothing to do

L2X_ADJ: Vi357:midchain adj repopulate, nothing to do

L2X_ADJ: Vi874:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1160:adj notify change failed, no session

L2X_ADJ: Vi1019:adj notify change failed, no session

L2X_ADJ: Vi1159:adj notify change failed, no session

L2X_ADJ: Vi1122:adj notify change failed, no session

L2X_ADJ: Vi1117:adj notify change failed, no session

L2X_ADJ: Vi927:adj notify change failed, no session

L2X_ADJ: Vi346:adj notify change failed, no session

L2X_ADJ: Vi147:adj notify change failed, no session

L2X_ADJ: Vi1015:adj notify change failed, no session

L2X_ADJ: Vi1147:midchain adj repopulate, nothing to do

L2X_ADJ: Vi355:midchain adj repopulate, nothing to do

L2X_ADJ: Vi1097:midchain adj repopulate, nothing to do

========================================================

as u see , there are two types of output :

one about no seesion and the 2nd one  about no thing to do ,

note that this command was typed on a production network similar to the topology above in the post .

my question is , is there an error from PSTN side ??? or it just a natural event ???

regards

Highlighted
Hall of Fame Cisco Employee

Hello Ahmed,

To be honest, I do not precisely understand what these messages mean. However, the "adj" in their name suggests that they refer to building the adjacency database (a component of the Cisco Express Forwarding architecture, or CEF) - the frame rewrite information used to encapsulate packets routed to or via adjacent nodes. I would personally say that the messages saying "failed" refer to sessions that have been recently terminated. If there are no connectivity issues reported by clients I see no reason to get worried. There are processes running in IOS that may report a "failure" but that does not necessarily mean that something is wrong.

Best regards,

Peter

Highlighted

thanks peter

Highlighted

hi peter ,

recently i recived ipv6 prefix from ripe and want to assing ipv6 address to user from virtual template pool

actaully i have a problem when using ipv6 local pool ,

the prefix is

2aaa:aaaa::/64

i  want the ipv6 on the virtual tepmlate to be ==> 2aaa:aaaa::1/64      and want the pool to assign ipv6 addresses to  hosts , i want to give  the hosts an ips from  2aaa:aaaa::2=========>2aaa:aaaa:ffff:fffff:ffff:ffff:fffff:ffff

if  we  type # ipv6 local pool 2aaa:aaaa::2/64 64             ===========> i get an error that the ip address in the virtual  template is  from the ipv6 poool !!!!!!!!!!!!!

wt should i do ???

regards

Highlighted

Highlighted
Hall of Fame Cisco Employee

Hi Ahmed,

I will look into the issue once again in the morning. Don't worry, I haven't forgotten you.

Best regards,

Peter

Highlighted

ok peter , im waiting u

Content for Community-Ad