Great! I've been able to get this working fairly well. One question I have though is what mechanism triggers session first sign of life or re-establishment? I know that ARP from CPE side seems to be the case but I need to be able to recover sessions after the subscriber table has been dropped or cleared for whatever reason. Is there any keepalive mechanism that could potentially help here?

a static subscriber would always be there, though it can be disconnected, but will return instantly of course.

for that reason a "keepalive" wouldn't really be helpful here, but something on the higher layers such as an IPSLA icmp or udp probe might be useful possibly.

another option is using idle timers, eg if we dont see a certain amount of traffic for a period of time we can induce some operation/action there also.

because of the non-control on a static sub I am also wondering, why not create just a statically configured PWHE sub interface and leave the sub on there.

The only addition that BNG adds here is (periodic) accounting and the ability to reconfigure the interface via COA...

cheers

xander

What we have are talking about here are static IP management connections to downstream devices that are double-tagged with a global S-tag (outer VLAN) and unique C-tag (inner VLAN) per subscriber. These connections come in to the BNG via a generic pseudowire xconnect over MPLS from the downstream ATM interworking device (DSLAM). Over said xconnect are other S-tags containing different services that are being pruned out and terminated based on the outer tag using ambiguous VLAN command and unique subinterfaces.

What we want to accomplish in our scenario is firstly to not have to define each S-tag/C-tag combo for the static IP connections. Right now I am using the following config:

interface Loopback55
 description  10.10.0.0/23 VOICE/MGMT
 ipv4 address 10.10.0.1 255.255.254.0

!

policy-map type control subscriber VOIP
 event session-start match-first
  class type control subscriber class-default do-all
   1 activate dynamic-template VOIP
  !
 !
 end-policy-map
!
dynamic-template
 !
 type ipsubscriber VOIP
  ipv4 unnumbered Loopback55

interface PW-Ether2.55
 description To DSLAM
 ipv4 unnumbered Loopback55
 service-policy type control subscriber VOIP
 load-interval 30
 ipsubscriber ipv4 l2-connected
  initiator unclassified-source
 !
 encapsulation ambiguous dot1q 55 second-dot1q any

This config works so long as the subscriber sends an initial ARP and sends an ARP after the session is manually tore down. Sometimes the subscriber does not send an ARP immediately and after performing "clear subscriber session all" their device has to be rebooted to re-initiate an ARP. With our PPPoE subscribers (being brought in on same xconnect just different S-tag) we don't have this problem because the inherent PPP protocol tries to re-establish the session after it is detected down. Is there a better config to ensure the most subscriber uptime or is ARP what we have to rely on?

If ARP is what we have to rely on then it may make more sense to change the PWHE configuration to support downstream ARP. This would mean we would have to have a subinterface per subscriber to match both outer and inner tags and bring it in to the L3 unnumbered interface.

So this brings me to another question: Can I share ipv4 unnumbered interface across multple subinterfaces and will the BNG bridge between subinterfaces if needed similar to VPLS/bridge-domain on l2vpn cli?

Please share your thoughts.

ah I see, you have *dynamic* subscribers, but created on an unclassified source (aka packet trigger). (we also have static subscribers that have no trigger which creates "fixed" bng subscriber interfaces, hence my confusion :).

in your case it make sense to have some form of keep, I would recommend using idle timers on it. or have an off box probe sending icmp or udp pings and have them send a coa request to disconnect if there is a series of timeouts.

yes you can have the unnumbered like you suggest. the routing is setup that the subscribers have their individual /32's with the right forwarding adj and interface attached.

The loopback will be used as a "Default gateway" for your subs.

cheers

xander

Well, the IPs on each endpoint are definitely statically assigned. They just all share the same subnet. Is there a better config for this than what I am using. You mention a keepalive server. I have one sending constant pings in downstream direction but it does not help with bringing the subscriber back. Are you suggesting there needs to be one sending pings in upstream direction?

ha yeah, the confusion is probably what a "static subscriber" is.

in BNG sense, a "static subscriber" is a session that we create unconditionally (without trigger).

it sounds like you reference the subscriber having a static address as being "static", its just semantics, and I think we've unraveled that part :)

So yeah subscribers having a static address is no problem, and we can use the packet trigger to create the subs.

the sub will need to send a new packet, whatever that is, to recreate its sbuscriber interface after it was disconnected (due to idle expiry or coa disconnect message or some other control policy event that directed so).

Generally any device will send some sort of traffic, whether it be a dns lookup or whatever it is, which can then be used for the packet trigger to recreate the subscriber interface.

regards

xander

Thanks for all of the help Xander.

I am curious about your mentioning of static subscriber. Can you do static subscriber on IPoE? If so, how?

I am also curious about the ipsubscriber interface command. Do you have any input on this?

RP/0/RSP0/CPU0:BRAS(config-subif)#ipsubscriber ?
  interface      Enable IP Static subscriber

hi josh, yup that is exactly how it is configured.

it will tie all traffic to that static subscriber interface with its control policy associated.

so you have sort of like an "SDN" type interface that you can control via the COA or RADIUS as you like.

this static session is always there, but you can manipulate and modify it via COA commands to change QOS policies, ACL, services etc!

cheers

xander

Can you make the interface static and share same ipv4 unnumbered interface across multiple subinterfaces? My end device which is configured with a static IP is not gracefully recovering from a "clear subscriber session all". My guess is that the device is not sending traffic when the session is tore down.

yup that shoudl work. the unnumbered is just the local interace,if it has a correct subnet defined, it will be able to support a number of subscriber interface in that same subnet.

for each sub a proper /32 is created, example:

RP/0/RSP0/CPU0:A9K-BNG#sh route 172.28.15.1
Wed Jan 21 17:39:02.066 EST

Routing entry for 172.28.15.1/32
  Known via "subscriber", distance 2, metric 0 (connected)
  Installed Jan 21 12:42:20.669 for 04:56:41
  Routing Descriptor Blocks
    directly connected, via Bundle-Ether100.2.ip30

RP/0/RSP0/CPU0:A9K-BNG#sh route 172.28.15.0
Wed Jan 21 17:39:15.421 EST

Routing entry for 172.28.15.0/24
  Known via "connected", distance 0, metric 0 (connected)
  Installed Dec 22 13:11:27.602 for 4w2d
  Routing Descriptor Blocks
    directly connected, via Loopback12

interface Loopback12
 ipv4 address 172.28.15.254 255.255.255.0

xander

What would the access interface config be like?

something like this:

Interface BundleEther1.1 <- Access Interface

       Service-policy type control subscriber STATIC_POLICY1

        ipv4 address 10.1.1.1 255.255.0.0

        encapsulation dot1q 1

        ip subscriber interface <-Command triggers creation of static session

x

Ok almost there!

So I have following config on my ASR:

int lo 55
ipv4 address 10.0.0.1/24

interface PW-Ether2.55
 ipv4 unnumbered Loopback55
 load-interval 30
 ipsubscriber interface
 encapsulation ambiguous dot1q 55 second-dot1q any

I have cpe device configured with static IP 10.0.0.2/24 and double tagged traffic dot1q 55 second-dot1q 100. When I initiate ping from cpe device I get no response from 10.0.0.1.

Same network infrastructure but using dynamic config below will create a "learned" session just fine:

interface PW-Ether2.55
 ipv4 unnumbered Loopback55
 service-policy type control subscriber VOIP
 load-interval 30
 ipsubscriber ipv4 l2-connected
  initiator unclassified-source
 !
 encapsulation ambiguous dot1q 55 second-dot1q any

Any idea what could be wrong?