isco Cisco PPPoE Baseline Architecture for the Cisco UAC

Similar documents
Cisco PPPoE Baseline Architecture for the Cisco UAC 6400

PPPoA Baseline Architecture

Table of Contents. Cisco RFC1483 Bridging Baseline Architecture

PPPoE on ATM. Finding Feature Information. Prerequisites for PPPoE on ATM. Restrictions for PPPoE on ATM

PPPoE Technology White Paper

AN INTRODUCTION TO PPPOE

BCRAN. Section 9. Cable and DSL Technologies

Configuring a Cisco 827 Router to Support PPPoE Clients, Terminating on a Cisco 6400 UAC

Configuring the Cisco 827 Router as a PPPoE Client With NAT

Virtual Private Networks.

PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement

Cisco DSL Router Configuration and Troubleshooting Guide Cisco DSL Router Acting as a PPPoE Client with a Dynamic IP Address

1 IPv6 Drivers in Broadband COPYRIGHTED MATERIAL. Networks

Broadband Access Aggregation and DSL Configuration Guide, Cisco IOS XE Release 3S

Cisco ISG Design and Deployment Guide: ATM Aggregation

Configuring a Cisco 827 Router Using PPPoA With CHAP and PAP

Virtual Private Networks (VPNs)

Autosense for ATM PVCs and MUX SNAP Encapsulation

PPPoE Circuit-Id Tag Processing

Broadband Access Aggregation and DSL Configuration Guide, Cisco IOS XE Fuji 16.7.x

Remote Access MPLS-VPNs

Provisioning Broadband Aggregators Topics

Configuring the Physical Subscriber Line for RADIUS Access and Accounting

IPv6 and xdsl. Athanassios Liakopoulos Slovenian IPv6 Training, Ljubljana, May 2010

Finding Feature Information

Broadband Access Aggregation and DSL Configuration Guide, Cisco IOS XE Fuji 16.8.x

PPPoE Service Selection

Broadband Access Aggregation and DSL Configuration Guide, Cisco IOS XE Release 3S (ASR 1000)

Configuring PPP over Ethernet with NAT

Configuring PPP over ATM with NAT

xdsl OVERVIEW OF IMPORTANT DIGITAL SUBSCRIBER LINE TECHNOLOGIES xdsl Technology Peter R. Egli peteregli.net peteregli.net 1/18 Rev. 3.

A Method for Transmitting PPP Over Ethernet (PPPoE)

QoS in PPPoE. Quality of Service in the Point-to-Point Protocol over Ethernet. Master s Thesis. Patrik Lahti KTH, Telia Research AB

Broadband Access Aggregation and DSL Configuration Guide, Cisco IOS Release 12.2SX

DHCP Overview. Information About DHCP. DHCP Overview

Autosense of MUX/SNAP Encapsulation and PPPoA/PPPoE on ATM PVCs

Configuring PPP over Ethernet with NAT

802.1P CoS Bit Set for PPP and PPPoE Control Frames

Lecture 1.1: Point to Point Protocol (PPP) An introduction

Introduction to Broadband Access Center Topics

Point-to-Point Protocol (PPP)

Configuring the PPPoE Client

Preserve 802.1Q Tagging with 802.1P Marking over ATM PVCs for xdsl Uplinks

Configuring the Physical Subscriber Line for RADIUS Access and Accounting

Monitoring PPPoE Sessions with SNMP

FOUR-PORT ADSL ROUTER. KD319RI ADSL Router User Manual

Broadband Scalability and Performance

QoS: Per-Session Shaping and Queuing on LNS

Configuring PPPoE Client on the Cisco 2600 to Connect to a Non Cisco DSL CPE

PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement

Provisioning Flows Topics

PPPoE Service Selection

HP VSR1000 Virtual Services Router

FOUR-PORT ADSL ROUTER. KD319MUI ADSL Router User Manual

Configuring Client-Initiated Dial-In VPDN Tunneling

RADIUS Tunnel Preference for Load Balancing

RADIUS Vendor-Specific Attributes (VSA) and RADIUS Disconnect-Cause Attribute Values

WAN Technologies CCNA 4

FOUR-PORT ADSL ROUTER. KD319EUI ADSL Router User Manual

RADIUS Attributes. RADIUS IETF Attributes

CCNP 2: Remote Access

Cisco recommends that you have knowledge of End-to-End Layer 1 connectivity is User Priority (UP).

Content 1 OVERVIEW HARDWARE DESCRIPTION HARDWARE INSTALLATION PC CONFIGURATION GUIDE... 5 WEB-BASED MANAGEMENT GUIDE...

RADIUS Tunnel Attribute Extensions

ITU-T. FS-VDSL White Paper. Full-Service VDSL. Focus Group White Paper. FS-VDSL Service Scenarios INTERNATIONAL TELECOMMUNICATION UNION

IPv6 on DSL, the best way to develop always-on services. Patrick Cocquet, 6WIND chairman, IPv6 Forum Vice-President, IPv6 Task Force France chairman

PPPoE Client DDR Idle-Timer

The router sends hello keepalive packets at 60 second intervals.

thus, the newly created attribute is accepted if the user accepts attribute 26.

A device that bridges the wireless link on one side to the wired network on the other.

TECHNICAL REPORT. CPE Architecture Recommendations for Access to Legacy Data Networks. DSL Forum TR-032. May 2000

QoS: Classification, Policing, and Marking on LAC Configuration Guide, Cisco IOS Release 12.4T

DPX8000 Series Deep Service Switching Gateway User Configuration Guide BRAS Service Board Module v1.0

TR-187 IPv6 for PPP Broadband Access

Carrier Grade Network Address Translation

Customer Interface Publication: CIP025

Master Course Computer Networks IN2097

L2TP Configuration. L2TP Overview. Introduction. Typical L2TP Networking Application

Effective with Cisco IOS Release 15.0(1)M, the ssg default-network command is not available in Cisco IOS software.

thus, the newly created attribute is accepted if the user accepts attribute 26.

Service Managed Gateway TM. Configuring Dual ADSL PPP with Worker Standby or Load Share Mode

RADIUS Logical Line ID

OV504R6. Quick Start Guide

Part 5: Link Layer Technologies. CSE 3461: Introduction to Computer Networking Reading: Chapter 5, Kurose and Ross

PPPoE Smart Server Selection

Configuring the PPPoE Intermediate Agent

PPPoE Session Limit per NAS Port

PPPoE Smart Server Selection

DHCP Client on WAN Interfaces

VPN. Agenda VPN VPDN. L84 - VPN and VPDN in IP. Virtual Private Networks Introduction VPDN Details (L2F, PPTP, L2TP)

L2VPN Interworking. Finding Feature Information

Configuring the PPPoE Intermediate Agent

F. ADSL Data Access service supports Point to Point Protocol over Ethernet (PPPoE) across MTS Allstream s network.

Implementing ADSL and Deploying Dial Access for IPv6

DSL Forum Technical Report TR-043

QoS in a SOHO Virtual Private Network for IP Telephony

Cisco ISG Design and Deployment Guide: Gigabit Ethernet Aggregation Using Cisco IOS Software Release 12.2(31)SB2

TELE GREENLAND A/S (Referred to as TELE-POST) Wholesale Data Services. Annex D1. Bit Stream Access ( BSA ) Service. Technical Description

HG531 V1 300Mbps Wireless ADSL2+ Router Product Description. Issue _01 HUAWEI TECHNOLOGIES CO., LTD.

DSL-X11. One Port ADSL Modem Router. User Manual

Transcription:

isco Cisco PPPoE Baseline Architecture for the Cisco UAC

Table of Contents Cisco PPPoE Baseline Architecture for the Cisco UAC 6400...1...1 Introduction...1 Assumption...1 Technology Brief...2 Advantages and Disadvantages of PPPoE Architecture...2 Advantages...2 Disadvantages...2 Implementation Considerations for PPPoE Architecture...3 Key Points of PPPoE Architecture...4 Conclusion...7 References...7 Related Information...7 i

Cisco PPPoE Baseline Architecture for the Cisco UAC 6400 Introduction Assumption Technology Brief Advantages and Disadvantages of PPPoE Architecture Advantages Disadvantages Implementation Considerations for PPPoE Architecture Key Points of PPPoE Architecture Conclusion References Related Information Introduction This document describes an end to end Asymmetric Digital Subscriber Line (ADSL) architecture using Point to Point Protocol over Ethernet (PPPoE). In the current environment of access technologies, it is highly desirable to connect multiple hosts at a remote site through the same customer premise access device. It is also essential to provide access control and billing functionality in a manner similar to dialup services using Point to Point Protocol (PPP). In many access technologies, the most cost effective method for attaching multiple hosts to the customer premise access device is via Ethernet. In addition, it is desirable to keep the cost of this device as low as possible while requiring little or no configuration. As customers deploy ADSL they must support PPP style authentication and authorization over a large installed base of legacy bridging customer premises equipment (CPE). PPPoE provides the ability to connect a network of hosts over a simple bridging access device to a remote access concentrator or aggregation concentrator. With this model, each host uses its own PPP stack, thus presenting the user with a familiar user interface. Access control, billing, and type of service can be done on a per user, rather than a per site, basis. Assumption The baseline architecture assumes that the following are provided: High speed Internet access and corporate access to the end subscriber using PPPoE ATM as the core backbone technology, implemented by the Cisco 6400 Universal Access Concentrator (UAC) This design implementation restriction may limit use of this architecture on other platforms, but PPPoE is constantly evolving. Read the latest release notes for related products to take advantage of new and updated features. This paper is based on existing deployments as well as inhouse tests using the Cisco 6400 UAC. This paper is a continuation of the PPPoA Baseline Architecture paper and refers to it often. It is assumed that you have

read the PPPoA Baseline Architecture white paper and understand the fundamentals of PPP, and that you have read release notes for the latest software release. Technology Brief As specified in RFC 2516, PPPoE has two distinct stages: a discovery stage and a PPP session stage. When a host initiates a PPPoE session, it must first perform discovery to identify which server can meet the client's request, then identify the Ethernet MAC address of the peer and establish a PPPoE session id. While PPP defines a peer to peer relationship, discovery is inherently a client server relationship. In the discovery process, a host (the client) discovers one or more access concentrators (the servers) and selects one. When discovery completes successfully, both the host and the selected access concentrator have the information to build their point to point connection over Ethernet. After a PPP session is established, both the host and the access concentrator must allocate the resources for a PPP virtual interface (this may not be the case for all implementations). For more details on the PPPoE specification, please see RFC 2516. Advantages and Disadvantages of PPPoE Architecture PPPoE architecture inherits most of the advantages of PPP used in the dialup model and in PPPoA architecture. Some key advantages and disadvantages of PPPoE and how they differ from PPPoA are listed below. Advantages Some key advantages of PPPoE and how they differ from PPPoA include: Per session authentication based on Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP). This is the greatest advantage of PPPoE as authentication overcomes the security hole in a bridging architecture. Per session accounting is possible, which allows the service provider to charge the subscriber based on session time for various services offered. The service provider may also require a minimal access charge. PPPoE can be used on existing CPE installations that cannot be upgraded to PPP or that do not have the ability to run PPPoA, extending the PPP session over the bridged Ethernet LAN to the PC. PPPoE preserves the point to point session used by Internet Service Providers (ISPs) in the current dialup model. PPPoE is the only protocol capable of running point to point over Ethernet without requiring an intermediate IP stack. The Network Access Provider (NAP) or Network Service Provider (NSP) can provide secure access to a corporate gateway without managing end to end permanent virtual circuits (PVCs) and making use of Layer 3 routing and/or Layer 2 Tunneling Protocol (L2TP) tunnels. This makes the business model of selling wholesale services and virtual private networks (VPNs) scalable. PPPoE can provide a host (PC) access to multiple destinations at a given time. There can be multiple PPPoE sessions per PVC. The NSP can oversubscribe by deploying idle and session time outs using an industry standard Remote Authentication Dial In User Service (RADIUS) server for each subscriber. PPP can be used with the service selection gateway (SSG) feature. Disadvantages Some key disadvantages of PPPoE and how they differ from PPPoA include:

PPPoE client software must be installed on all hosts (PCs) connected to the Ethernet segment. This means that the access provider must maintain the CPE and the client software on the PC. Because PPPoE implementation uses RFC1483 bridging, it is susceptible to broadcast storms and possible denial of service attacks. Implementation Considerations for PPPoE Architecture Following are some key points to consider before implementing this type of architecture. The number of subscribers that will be supported. The number of PPPoE servers required depends on the number of sessions. Whether the PPP sessions are being terminated at the service provider's aggregation router or forwarded to other corporate gateways or ISPs. Whether the service provider or the final service destination is providing the IP address. In the case of more than one user, whether all users need to reach the same final destination or service, or they all have different service destinations. Do the end subscribers require simultaneous access to multiple destinations? The PPPoE client software that the access provider will use and whether the software has been tested, the operating system that the host will use, and whether that operating system can make an intelligent routing decision. How the service provider bills subscribers based on a flat rate, per session usage, or services used. Deployment and provisioning of CPEs, DSLAMs and aggregation points of presence (POPs). The business model for the NAP. Does the model also include selling wholesale services like secure corporate access and value added services like voice and video? Are NAPs and NSPs the same entity? The business model of the company. Is it comparable to an independent local exchange carrier (ILEC), a competitive local exchange carrier (CLEC) or an ISP? The types of applications the NSP will offer to the end subscriber. The anticipated upstream and downstream volume of data flow. Consider NRP throughput, traffic engineering, and any QoS issues. Keeping these points in mind, we will discuss how the PPPoE architecture will fit and scale to different business models for service providers and how the providers can benefit using this architecture. Network Architecture

Design Considerations for PPPoE Architecture This section covers issues that apply specifically to PPPoE Architecture. Before deploying any architecture, it is essential to understand the business model of the service provider and what services the provider will offer. You should also know the client software being used on the PC. The most common software is from Routerware. Because the client software will be installed on a PC, the service provider technician should have a good understanding of that PC and its operating system. As specified in RFC 2516, the maximum receive unit (MRU) option must not be negotiated to a size larger than 1492; Ethernet has a maximum payload size of 1500 octets. The PPPoE header is 6 octets and the PPP protocol ID is 2 octets, so the PPP maximum transmission unit (MTU) must not be greater than 1492. This can be achieved by configuring IP mtu 1492 for PPPoE virtual template interfaces. By default, no virtual access interface is precloned when a PPPoE VPDN group is configured. Users can change the maximum number of precloned virtual access interfaces by issuing the virtual template <number> pre clone <number> global command. To protect the router against denial of service attacks, PPPoE by default allows only one session to be sourced from a MAC address over a VC. Users can change the defaults by issuing the pppoe session limit per mac and pppoe session limit per vc commands. The accounting, authorization, and authentication process is the same as that of PPPoA. The only difference is that currently the VPI/VCI based authentication, which is available for PPPoA and not available for PPPoE, can use the L2TP and SSG architectures for wholesale services. Key Points of PPPoE Architecture

CPE The CPE is configured for pure RFC1483 bridging. Each CPE will consume only one VPI/VCI pair and all PPPoE sessions initiated by hosts behind this CPE will be carried over in this single VC. IP Management The IP address allocation for the individual host running the PPPoE client is based on the same principle of PPP in dial mode IPCP negotiation. The IP address origin depends on the type of service the subscriber has purchased and where the PPP sessions are terminated. PPPoE makes use of the dialup networking feature of Microsoft Windows, and the IP address assigned is reflected in the PPP adapter. The IP address assignment could come from the access concentrator terminating the PPPoE sessions or in the case of L2TP, from the home gateways. The IP address is assigned for each PPPoE session. The CPE cannot do Network Address Translation/ Dynamic Host Configuration Protocol (NAT/DHCP) because it is bridged and there is no IP address allocated to it. How the Service Destination is Reached The service destination can be reached in the following ways: Terminating PPP sessions at the service provider L2TP tunneling Using SSG Detailed explanations of these architectures will be covered in separate papers. Operational Description of PPPoE This release of PPPoE client software supports the discovery and session stages described in RFC 2516. There are four steps to the discovery stage. When it completes, both peers know the PPPoE session id and the peer's

Ethernet address, which together uniquely define the PPPoE session. The steps are: 1. The host broadcasts an initiation packet. The host sends the PPPoE active discovery initiation (PADI) packet with the destination_addr set to the broadcast address; the PADI consists of one tag indicating what service type it is requesting. 2. One or more access concentrators send offer packets. When the access concentrator or the router receives a PADI that it can serve, it replies by sending a PPPoE active discovery offer (PADO) packet; the destination_addr is the unicast address of the host that sent the PADI. If the access concentrator cannot serve the PADI, it must not respond with a PADO. Because the PADI was broadcast, the host may receive more than one PADO. 3. The host sends a unicast session request packet. The host looks through the PADO packets it receives and chooses one. The choice can be based on the services offered by each access concentrator. The host then sends one PADR packet to the access concentrator it has chosen. The destination_addr field is set to the unicast Ethernet address of the access concentrator or the router that sent the PADO. 4. The selected access concentrator sends a confirmation packet. When the access concentrator receives a PADR packet, it prepares to begin a PPP session. It generates a unique session id for the PPPoE session and replies to the host with a PPPoE active discovery session confirmation (PADS) packet. The destination_addr field is the unicast Ethernet address of the host that sent the PADR. Once the PPPoE session begins, PPP data is sent as in any other PPP encapsulation. All Ethernet packets are unicast. A PPPoE active discovery terminate (PADT) packet may be sent by either the host or the access concentrator

any time after a session is established to indicate that a PPPoE session has been terminated. For a more detailed explanation, please refer to RFC 2516. Conclusion For ADSL, PPPoE is gaining in popularity, second only to PPPoA. References RFC 2516 A Method for Transmitting PPP over Ethernet (PPPoE) RFC 1483 Multiprotocol Encapsulation over ATM Adaptation Layer 5 RFC 2364 Point to Point over AAL5 Related Information PPPoA Baseline Architecture DSL (Digital Subscriber Line) Technical Support Technical Support Cisco Systems All contents are Copyright 1992 2003 Cisco Systems, Inc. All rights reserved. Important Notices and Privacy Statement.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback