Solved: Re: question about start ipv6 in L2TP tunnel between LAC & LNS - Page 2

Dr.X · ‎10-13-2012

hi ,

my system topology is an ADSL technoglogy topology

here is my topology :

im just want to ask , wt config i need to modify LAC router and LNS router so as the end users get an ipv6 ips .

plz pay attention only on LAC & LNS Routers

now ,

both of them are using ipv4 support and the infrastructure is ipv4. and the end user get only ipv4 ips .

my question is , wt config we need to modify so as the L2TP tunnel become ipv6 and the end users get ipv6 ips on thier adsl router ??

here is the config below :

LNS CONFIG:

LNS#sh running-config

Building configuration...

Current configuration : 1318 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname LNS

!

boot-start-marker

boot-end-marker

!

aaa new-model

!

aaa authentication login default local

aaa authentication ppp default local

aaa authorization network default local

!

aaa session-id common

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

ip cef

no ip domain lookup

!

vpdn enable

!

vpdn-group 1

accept-dialin

protocol l2tp

virtual-template 1

terminate-from hostname LAC

source-ip 1.1.1.8

l2tp tunnel password 0 rracuares

!

username rejohn@cuares.com privilege 0 password 0 rejohn

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 1.1.1.8 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered FastEthernet1/0

ip mtu 1492

peer default ip address pool PPPoE-POOL

ppp authentication pap

!

ip local pool PPPoE-POOL 20.20.20.2 20.20.20.254

no ip http server

no ip http secure-server

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

password 123

logging synchronous

line aux 0

line vty 0 4

!

end

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

LAC :config

LAC#sh running-config

Building configuration...

Current configuration : 1230 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname LAC

!

boot-start-marker

boot-end-marker

!

no aaa new-model

!

resource policy

!

memory-size iomem 5

ip subnet-zero

!

ip cef

no ip domain lookup

!

vpdn enable

vpdn search-order domain

!

vpdn-group 1

request-dialin

protocol l2tp

domain rracuares.com

initiate-to ip 1.1.1.8 priority 1

local name LAC

l2tp tunnel password 0 rracuares

!

bba-group pppoe global

virtual-template 1

!

interface FastEthernet0/0

ip address 1.1.1.6 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet1/0

ip address 10.252.102.49 255.255.255.240

duplex auto

speed auto

pppoe enable group global

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

interface FastEthernet3/0

no ip address

shutdown

duplex auto

speed auto

!

interface Virtual-Template1

ip unnumbered FastEthernet1/0

ppp authentication pap

!

no ip http server

no ip http secure-server

!

ip classless

!

control-plane

!

line con 0

exec-timeout 0 0

password 123

logging synchronous

login

line aux 0

line vty 0 4

login

!

end

reagrds

Ahmad

Peter Paluch · ‎10-22-2012

Hello Ahmed,

What you want to accomplish cannot be done using the ipv6 local pool construct because as I indicated in one of my earlier posts, this approach assigns entire prefixes to the PPPoE link, not just individual IPv6 addresses. If you need to allocate individual IPv6 addresses to the PPPoE session clients then you need to configure DHCPv6 and ask the client to use ipv6 address dhcp on their interface. To configure a DHCPv6 server allocating individual addresses to clients, you will need at least 12.4(24)T4 IOS if I am not mistaken.

However, if the clients use own routers and home networks then you have another problem - you need to assign entire IPv6 prefixes to clients. Recall there is no NAT in IPv6, hence assigning a single IPv6 address to the CPE router is not enough - the CPE router will have its own IPv6 connectivity but the home network behind the CPE won't. Here, DHCPv6 Prefix Delegation feature might be helpful. Please read the following document:

http://www.cisco.com/en/US/docs/ios-xml/ios/ipv6/configuration/15-0m/ip6-dhcp.html

Best regards,

Peter

Dr.X · ‎10-23-2012

hi Peter ,

thanks for ur reply ,

look , it not critical for me about assigning prefix only , or assign individual ipv6 ips ,

im as an isp , i just wanto to give my customers the following :

1- ipv6 dns

2-default gateway

3-ipv6 address ====> no matter if i give the client only the prefix and the client use eui-64 method to get the other 64 bits , or ===>i give the customer all the 128 bits by dhcpv6 .

this is just my request ,

i just want clients go internet , with simple way ,

actually i dont know which thing is suitable and less complex to me ,

but i think that assigning ipv6 individul by dhcpv6 will solve an issue of duplication of ipv6 addresses cause i dont trust the ADSL routers in the market to do well usign eui-64 method .

Q1

now agian , if i want to assign the dnsv6 to client , is it mandatory to use dhcpv6 pool ???

Q2

if i assign peer defualt ipv6 local pool , under interface virtual templae , does the router will give the prefix for clinets that support v4 & v6 ppoe ????

im asking that question because i found alot of clients that got a prefix from router but actually it doesnt support ipv6 , so how could that happen ??

i mean the client adsl router only work with ipv4 , but it could also have ipv6 .

i noted that when i typed

sh ipv6 local pool a1

here si the result :

User Prefix Interface

xxx0@ng 2A03:CA40::141B:456D:B86E:9991/128 Vi696

xxx84@ng 2A03:CA40::9C3A:45C8:A5BB:AF2F/128 Vi344

xxx84@ng 2A03:CA40::D963:3F04:6B85:88DC/128 Vi583

xxx7@ng 2A03:CA40::E49F:FEAA:8F9A:468A/128 Vi613

xxx79@neg 2A03:CA40::F916:760F:5C6B:DA8B/128 Vi909

LNS2#

Q3:

i removed the peer default ipv6 that assign ipv6 prefix to customers , but as u see above ,

if i type

#sh ipv6 local pool a1 ,

there exist an ipv6 virtual access in the router !!!!!

my currenrt ios & version is :

ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)

BOOTLDR: Cisco IOS Software, 7200 Software (C7200-KBOOT-M), Version 12.4(4)XD, RELEASE SOFTWARE (fc1)

LNS2 uptime is 99 days, 23 hours, 37 minutes

System returned to ROM by power-on

System image file is "disk2:c7200p-advipservicesk9-mz.124-24.T4.bin"

Q4

u saidn that :

However, if the clients use own routers and home networks then you have another problem - you need to assign entire IPv6 prefixes to clients. Recall there is no NAT in IPv6, hence assigning a single IPv6 address to the CPE router is not enough - the CPE router will have its own IPv6 connectivity but the home network behind the CPE won't. Here

ohhhhhh , u remembered me that there is no Nat , good hint ,

does that mean that the best choice is using prefix assigning ???

or

use ipv6 dhcp pool including prefix delegation inside ???

so sorrry for many question

regards

Ahmad

question about start ipv6 in L2TP tunnel between LAC & LNS router