Re: [XRV 9000] IPoE BNG Support

Carlos A. Silva · ‎08-06-2018

Quick question:

Does XRV 9000 Support BNG for IPoE Sessions? I'm using 6.4.1 and 6.4.2 in a virtualized environment and while the control plane works perfectly fine (I'm even authenticating the sessions with Radius), the data plane doesn't. Can't ping anything from simulated DHCP clients.

I get these errors:

RP/0/RP0/CPU0:BNG-9K#ping 10.0.100.3
Mon Aug 6 19:38:34.646 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.100.3, timeout is 2 seconds:
RP/0/RP0/CPU0:Aug 6 19:38:35.302 UTC: ipv4_io[210]: IPv4 ICMP: Sending icmp echo request to 10.0.100.3
LC/0/0/CPU0:Aug 6 19:38:35.310 UTC: ipv4_io[222]: Punt received for ICMP error: type: 3, subtype: 0
LC/0/0/CPU0:Aug 6 19:38:35.310 UTC: ipv4_io[222]: ipv4_process_icmppunt: Punt received src: 10.0.100.1, dst: 10.0.100.3, frag_off:0x0
LC/0/0/CPU0:Aug 6 19:38:35.310 UTC: ipv4_io[222]: ipv4_icmp_error_trigger: type: 3, code: 0
LC/0/0/CPU0:Aug 6 19:38:35.310 UTC: ipv4_io[222]: ipv4_icmp_error_trigger: Not generating ICMP error - Couldn't determine if subnet broadcast
LC/0/0/CPU0:Aug 6 19:38:35.310 UTC: ipv4_io[222]: ipv4_icmp_error_trigger : interf addr is NULL, if hdl 0x0 idb exists: 0

So I started to wonder if this is actually supported. My configurations are proven through working ASR9001 BNGs, nothing fancy. Is this supported?

Thanks!

c.

PS: Just in case, I added the config.

Another thing I'm seeing from BNG perspective:

2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:06.981 UTC: arp[280]: ARP-PKT: rcvd req src 10.0.101.2 ca03.12d4.001c,
LC/0/0/CPU0:Aug 6 20:04:06.982 UTC: arp[280]: dst 10.0.101.1 0000.0000.0000 if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:06.982 UTC: arp[280]: ARP-PKT: send rep src 10.0.101.1 0026.0a00.cb35,
LC/0/0/CPU0:Aug 6 20:04:06.982 UTC: arp[280]: dst 10.0.101.2 ca03.12d4.001c if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:09.439 UTC: arp[280]: ARP-PKT: rcvd req src 10.0.101.2 ca03.12d4.001c,
LC/0/0/CPU0:Aug 6 20:04:09.439 UTC: arp[280]: dst 10.0.101.1 0000.0000.0000 if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:09.439 UTC: arp[280]: ARP-PKT: send rep src 10.0.101.1 0026.0a00.cb35,
LC/0/0/CPU0:Aug 6 20:04:09.439 UTC: arp[280]: dst 10.0.101.2 ca03.12d4.001c if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:11.835 UTC: arp[280]: ARP-PKT: rcvd req src 10.0.101.2 ca03.12d4.001c,
LC/0/0/CPU0:Aug 6 20:04:11.835 UTC: arp[280]: dst 10.0.101.1 0000.0000.0000 if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:11.835 UTC: arp[280]: ARP-PKT: send rep src 10.0.101.1 0026.0a00.cb35,
LC/0/0/CPU0:Aug 6 20:04:11.835 UTC: arp[280]: dst 10.0.101.2 ca03.12d4.001c if:Bundle-Ether2.101.ip1
LC/0/0/CPU0:Aug 6 20:04:12.944 UTC: arp[280]: ARP-PKT: rcvd req src 10.0.100.4 ca02.12c4.001c,
LC/0/0/CPU0:Aug 6 20:04:12.944 UTC: arp[280]: dst 10.0.100.1 0000.0000.0000 if:Bundle-Ether1.100.ip3
LC/0/0/CPU0:Aug 6 20:04:12.944 UTC: arp[280]: ARP-PKT: send rep src 10.0.100.1 0026.0a00.cb36,
LC/0/0/CPU0:Aug 6 20:04:12.944 UTC: arp[280]: dst 10.0.100.4 ca02.12c4.001c if:Bundle-Ether1.100.ip3
LC/0/0/CPU0:Aug 6 20:04:52.927 UTC: arp[280]: ARP-PKT: rcvd req src 10.0.100.4 ca02.12c4.001c,
LC/0/0/CPU0:Aug 6 20:04:52.927 UTC: arp[280]: dst 10.0.100.1 0000.0000.0000 if:Bundle-Ether1.100.ip3
LC/0/0/CPU0:Aug 6 20:04:52.927 UTC: arp[280]: ARP-PKT: send rep src 10.0.100.1 0026.0a00.cb36,
LC/0/0/CPU0:Aug 6 20:04:52.927 UTC: arp[280]: dst 10.0.100.4 ca02.12c4.001c if:Bundle-Ether

But packets never get to subscriber. If I remove service-policy, everything works.

Carlos A. Silva · ‎08-09-2018

As a follow up:

Found a dcloud demo and looked through the documentation. It seems like the BNG configuration changes a bit when in XRv. For example, in that document they do not use Bundle interfaces. As soon as I moved everything to a "physical" interface configuration, data plane worked.

manoj.karmacharya · ‎08-17-2018

Though i'm using physical interface for access-interface, still can't ping to subscriber ip's

P/0/RP0/CPU0:vBNG#show configuration running-config

Fri Aug 17 12:55:06.873 UTC

Building configuration...

!! IOS XR Configuration version = 6.4.2

!! Last configuration change at Fri Aug 17 12:40:51 2018 by root

!

hostname vBNG

logging console debugging

radius-server vsa attribute ignore unknown

radius-server host 192.168.6.80 auth-port 1812 acct-port 1813

key 7 0012312823

!

username root

group root-lr

group cisco-support

secret 5 $1$k0ik$q3fokS29i1itIfdKFPH0l.

!

aaa group server radius RADIUS-01

server 192.168.6.80 auth-port 1812 acct-port 1813

source-interface GigabitEthernet0/0/0/0

!

pool vrf default ipv4 IPv4-POOL-01

network 10.10.37.0/24 default-router 10.10.37.1

!

dhcp ipv4

profile DHCP-SERVER server

lease 0 0 10

pool IPv4-POOL-01

dns-server 192.168.6.60

!

interface GigabitEthernet0/0/0/1 server profile DHCP-SERVER

!

call-home

service active

contact smart-licensing

profile CiscoTAC-1

active

destination transport-method http

!

interface Loopback0

ipv4 address 10.10.255.253 255.255.255.255

!

interface Loopback1

ipv4 address 10.10.37.1 255.255.255.0

!

interface MgmtEth0/RP0/CPU0/0

shutdown

!

interface GigabitEthernet0/0/0/0

ipv4 address 192.168.6.89 255.255.255.0

!

interface GigabitEthernet0/0/0/1

ipv4 point-to-point

ipv4 unnumbered Loopback1

arp learning disable

service-policy type control subscriber IPSUBSCRIBER

ipsubscriber ipv4 l2-connected

initiator dhcp

!

interface GigabitEthernet0/0/0/2

shutdown

!

interface GigabitEthernet0/0/0/3

shutdown

!

interface GigabitEthernet0/0/0/4

shutdown

!

interface GigabitEthernet0/0/0/5

shutdown

!

interface GigabitEthernet0/0/0/6

shutdown

!

router ospf vBNG

area 0

interface Loopback0

passive enable

!

interface GigabitEthernet0/0/0/0

!

dynamic-template

type ipsubscriber IPSUBSCRIBER

ipv4 unnumbered Loopback1

!

ssh server v2

aaa attribute format USERNAME

format-string length 253 "%s" client-mac-address

!

aaa accounting subscriber default group RADIUS-01

aaa authorization subscriber default group RADIUS-01

aaa authentication subscriber default group RADIUS-01

!

class-map type control subscriber match-any DHCPv4

match protocol dhcpv4

end-class-map

!

policy-map type control subscriber IPSUBSCRIBER

event session-start match-first

class type control subscriber DHCPv4 do-until-failure

10 activate dynamic-template IPSUBSCRIBER

20 authorize aaa list default format USERNAME password cisco

!

end-policy-map

!

end

RP/0/RP0/CPU0:vBNG#show subscriber session all

Fri Aug 17 12:55:12.503 UTC

Codes: IN - Initialize, CN - Connecting, CD - Connected, AC - Activated,

ID - Idle, DN - Disconnecting, ED - End

Type Interface State Subscriber IP Addr / Prefix

LNS Address (Vrf)

--------------------------------------------------------------------------------

IP:DHCP Gi0/0/0/1.ip10 AC 10.10.37.9 (default)

IP:DHCP Gi0/0/0/1.ip11 AC 10.10.37.7 (default)

RP/0/RP0/CPU0:vBNG#show dhcp ipv4 server binding

Fri Aug 17 12:55:17.580 UTC

Lease

MAC Address IP Address State Remaining Interface VRF Sublabel

-------------- -------------- --------- --------- ------------------- --------- ----------

000c.29a6.33f5 10.10.37.7 BOUND 387 Gi0/0/0/1 default 0x4000089

000c.29f8.482c 10.10.37.9 BOUND 311 Gi0/0/0/1 default 0x4000009

RP/0/RP0/CPU0:vBNG#ping 10.10.37.7

Fri Aug 17 12:55:39.918 UTC

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.10.37.7, timeout is 2 seconds:

.....

Success rate is 0 percent (0/5)

RP/0/RP0/CPU0:vBNG#

Carlos A. Silva · ‎08-17-2018

Another change I made (out of dcloud demo) is to configure any IP on the interface. That is, stop using the unnumbered loopback command.

For example:

interface GigabitEthernet0/0/0/1.100
ipv4 point-to-point
ipv4 address 10.100.100.1 255.255.255.0
service-policy type control subscriber NOAUTH
encapsulation dot1q 100
ipsubscriber ipv4 l2-connected
initiator dhcp

larbi farouk · ‎11-30-2019

Hi,

could you please tell me your scenario of connecting your XRv (as BNG) router whith client via IPoE, because Ihave the same but I cant see client mac address in BNG when client attempt to send dhcp request. is command unnumbred address and bundele ether are supported ? or I have to use physical interface (Ge)

ManojKarmacharya8437 · ‎12-01-2019

On access interface enable dot1q eg: interface Gi0/0/0/0.100 and apply dynamic-templates on sub interface.