PPPoE Testbed

During my last Building IPv6 Service Provider Core webinar I got a lot of questions about IPv6 over PPPoE (obviously we’re close to widespread IPv6 implementation; I never got PPPoE questions before). I wanted to test various scenarios in my IPv6 lab and thus enabled PPPoE on an Ethernet link between CE and PE routers.

This time I wanted to test multiple configurations in parallel ... no problem thanks versatile PPPoE implementation in Cisco.

On the server:

  • Define multiple PPPoE server groups bound to different virtual templates;
  • Attach a PPPoE server group to a VLAN subinterface;

On the client:

  • Use multiple dialer pools to connect to different PPPoE servers over VLAN subinterfaces;
  • Tie dialer interfaces to different dialer pools.

The relevant parts of the router configurations are included below:

PPPoE server configuration

bba-group pppoe SPA
virtual-template 10
!
bba-group pppoe SPB
virtual-template 20
!
interface FastEthernet0/0
no ip address
no shutdown
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
pppoe enable group SPA
!
interface FastEthernet0/0.200
encapsulation dot1Q 200
pppoe enable group SPB
!
interface Virtual-Template10
description *** Template for PPPoE group A (VLAN 100) ***
mtu 1480
...
!
interface Virtual-Template20
description *** Template for PPPoE group B (VLAN 200) ***
mtu 1480
...

PPPoE client configuration

interface FastEthernet0/1
no ip address
no shutdown
!
interface FastEthernet0/1.100
description *** PPPoE toward server group A ***
encapsulation dot1Q 100
pppoe-client dial-pool-number 1
!
interface FastEthernet0/1.200
description *** PPPoE toward server group B ***
encapsulation dot1Q 200
pppoe-client dial-pool-number 2
!
interface Dialer1
mtu 1480
no ip address
encapsulation ppp
dialer pool 1
dialer-group 1
...
!
interface Dialer2
mtu 1480
ip address negotiated
encapsulation ppp
dialer pool 2
dialer-group 2
...

And the IPv6 support over PPPoE? Works surprisingly well. I was able to configure IPv6 autoconfiguration (each virtual access interface gets a /64, DHCP is used to propagate the DNS information) and prefix delegation with DHCP (virtual access interface remains unnumbered, a /64 is delegated to the CPE router via DHCP). The only task left: writing a follow-up report for my attendees.

10 comments:

  1. Hi Ivan; how about that IP-address assignement over DHCP? I'm a bit confused, since IPCP is used as far as I recall correctly in PPP?
  2. IPv6 is completely different from IPv4. In IPv4 you assign the IP address to the PPP client via IPCP. In IPv6, you use IPv6CP only to confirm that both ends are willing to run IPv6. The address assignment is the performed through SLAAC or DHCPv6.
  3. Hi Ivan,
    there is one aspect in the whole "mainstream" IPv6 deployment which I'm a bit confused about:
    What happens if an ISP decides to assign dynamic IPv6 subnets?

    With static assignment, the whole stuff is pretty straight-forward due to ND, RA & DHCPv6, but if dynamic addresses are used, what happens if the subnet changes - how will the change be propageted to the end-user devices? The whole thing is no problem today due to the usage of NAT / PAT...
  4. Hi Ivan,
    What if client wants to connect more then one PC via one pppoe session?
    Do you have some configuration fore the following case:

    ClientPC LAN -> ClientRouter -> BRAS

    How client PC will get IPv6 address? BRAS will send ip prefix /64 to router, and also prefix for the inside interface of client's router? How to configure ethernet interface on the ClientRouter facing ClientPC?
  5. Interesting question ... will run some tests.
  6. And the full solution is only available to your attendees or may be kindly exposed to your fellow readers too?

    Best regards and thanks for all :)
  7. A few thoughts here:

    http://blog.ioshints.info/2010/10/dhcpv6-over-pppoe-total-disaster.html

    And anyway, if the ISP changes your IPv6 prefix, you're stuck with the old one for hours (see Ole Troan's comment to the post I've included above).
  8. Tests done (some results in other blog posts). You have to use DHCPv6 to pass the prefix to the router and then use that prefix (as a generic IPv6 prefix in Cisco IOS) with SLAAC on the LAN interface.
  9. I have done some tests also.
    Problem with DHCP is that You must change DHCP timers or client will not release prefix delegated to LAN interface until timer expires. The main problem is that if You use dynamically assigned prefixes clients may experience problem. In order to avoid this you have to assign LAN prefixes statically through user profiles.

    This is configuration:

    ************* BRAS configuration ****************
    bba-group pppoe SPA
    virtual-template 1
    !
    interface Loopback0
    ip address x.x.0.1 255.255.255.255
    ipv6 address xxxx:xxxx::1/64
    ipv6 enable

    interface FastEthernet0/0.100
    encapsulation dot1Q 100
    pppoe enable group SPA

    interface Virtual-Template1
    ...
    ipv6 unnumbered Loopback0
    ipv6 enable
    ipv6 mtu 1480
    ipv6 nd reachable-time 30
    no ipv6 nd suppress-ra
    ipv6 dhcp server LAN
    peer default ipv6 pool PPPoE
    !

    ipv6 dhcp pool LAN
    prefix-delegation pool LAN

    ipv6 local pool LAN xxxx:1A98:1::/48 64
    ipv6 local pool PPPoE 2A00:1A98:2::/48 64



    ***************** CLIENT CONFIGURATION **************

    interface FastEthernet0/1
    description # to ISP (outside)
    ...
    pppoe enable group global
    pppoe-client dial-pool-number 1
    !

    interface FastEthernet0/0
    description ### to client LAN interface (inside)
    ip address 10.0.1.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    duplex auto
    speed auto
    ipv6 address LAN ::1/64
    ipv6 enable

    interface Dialer0
    ip address negotiated
    ip mtu 1492
    ip nat outside
    encapsulation ppp
    dialer pool 1
    ipv6 address autoconfig default
    ipv6 mtu 1480
    ipv6 dhcp client pd LAN
    ppp authentication pap callin
    ppp pap sent-username MyUsername password 0 MyPassword
    ppp ipcp address accept
    !
  10. I have done some tests also.
    Problem with DHCP is that You must change DHCP timers or client will not release prefix delegated to LAN interface until timer expires. The main problem is that if You use dynamically assigned prefixes clients may experience problem. In order to avoid this you have to assign LAN prefixes statically through user profiles.

    This is configuration:
    ************* BRAS configuration ****************
    bba-group pppoe SPA
    virtual-template 1
    !
    interface Loopback0
    ip address x.x.0.1 255.255.255.255
    ipv6 address xxxx:xxxx::1/64
    ipv6 enable

    interface FastEthernet0/0.100
    encapsulation dot1Q 100
    pppoe enable group SPA

    interface Virtual-Template1
    ...
    ipv6 unnumbered Loopback0
    ipv6 enable
    ipv6 mtu 1480
    ipv6 nd reachable-time 30
    no ipv6 nd suppress-ra
    ipv6 dhcp server LAN
    peer default ipv6 pool PPPoE
    !

    ipv6 dhcp pool LAN
    prefix-delegation pool LAN

    ipv6 local pool LAN xxxx:xxxx:1::/48 64
    ipv6 local pool PPPoE xxxx:xxxx:2::/48 64



    ***************** CLIENT CONFIGURATION **************

    interface FastEthernet0/1
    description # to ISP (outside)
    ...
    pppoe enable group global
    pppoe-client dial-pool-number 1
    !

    interface FastEthernet0/0
    description ### to client LAN interface (inside)
    ip address X.X.1.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    duplex auto
    speed auto
    ipv6 address LAN ::1/64
    ipv6 enable

    interface Dialer0
    ip address negotiated
    ip mtu 1492
    ip nat outside
    encapsulation ppp
    dialer pool 1
    ipv6 address autoconfig default
    ipv6 mtu 1480
    ipv6 dhcp client pd LAN
    ppp authentication pap callin
    ppp pap sent-username MyUsername password 0 MyPassword
    ppp ipcp address accept
    !
Add comment
Sidebar