PPPoE Testbed « ipSpace.net blog

Thursday, October 14, 2010 13:50 +0200

PPPoE Testbed

During my last Building IPv6 Service Provider Core webinar I got a lot of questions about IPv6 over PPPoE (obviously we’re close to widespread IPv6 implementation; I never got PPPoE questions before). I wanted to test various scenarios in my IPv6 lab and thus enabled PPPoE on an Ethernet link between CE and PE routers.

This time I wanted to test multiple configurations in parallel ... no problem thanks versatile PPPoE implementation in Cisco.

On the server:

Define multiple PPPoE server groups bound to different virtual templates;
Attach a PPPoE server group to a VLAN subinterface;

On the client:

Use multiple dialer pools to connect to different PPPoE servers over VLAN subinterfaces;
Tie dialer interfaces to different dialer pools.

The relevant parts of the router configurations are included below:

PPPoE server configuration

bba-group pppoe SPA
 virtual-template 10
!
bba-group pppoe SPB
 virtual-template 20
!
interface FastEthernet0/0
 no ip address
 no shutdown
!
interface FastEthernet0/0.100
 encapsulation dot1Q 100
 pppoe enable group SPA
!
interface FastEthernet0/0.200
 encapsulation dot1Q 200
 pppoe enable group SPB
!
interface Virtual-Template10
 description *** Template for PPPoE group A (VLAN 100) ***
 mtu 1480
 ... 
!
interface Virtual-Template20
 description *** Template for PPPoE group B (VLAN 200) ***
 mtu 1480
 ...

PPPoE client configuration

interface FastEthernet0/1
 no ip address
 no shutdown
!
interface FastEthernet0/1.100
 description *** PPPoE toward server group A ***
 encapsulation dot1Q 100
 pppoe-client dial-pool-number 1
!
interface FastEthernet0/1.200
 description *** PPPoE toward server group B ***
 encapsulation dot1Q 200
 pppoe-client dial-pool-number 2
!
interface Dialer1
 mtu 1480
 no ip address
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ...
!
interface Dialer2
 mtu 1480
 ip address negotiated
 encapsulation ppp
 dialer pool 2
 dialer-group 2
 ...

And the IPv6 support over PPPoE? Works surprisingly well. I was able to configure IPv6 autoconfiguration (each virtual access interface gets a /64, DHCP is used to propagate the DNS information) and prefix delegation with DHCP (virtual access interface remains unnumbered, a /64 is delegated to the CPE router via DHCP). The only task left: writing a follow-up report for my attendees.

Recent posts in the same categories

IPv6

workshop

service providers

10 comments:

Steve 14 October 2010 14:00

Hi Ivan; how about that IP-address assignement over DHCP? I'm a bit confused, since IPCP is used as far as I recall correctly in PPP?

Ivan Pepelnjak 14 October 2010 14:05

IPv6 is completely different from IPv4. In IPv4 you assign the IP address to the PPP client via IPCP. In IPv6, you use IPv6CP only to confirm that both ends are willing to run IPv6. The address assignment is the performed through SLAAC or DHCPv6.

Christoph 14 October 2010 17:13

Hi Ivan,
there is one aspect in the whole "mainstream" IPv6 deployment which I'm a bit confused about:
What happens if an ISP decides to assign dynamic IPv6 subnets?

With static assignment, the whole stuff is pretty straight-forward due to ND, RA & DHCPv6, but if dynamic addresses are used, what happens if the subnet changes - how will the change be propageted to the end-user devices? The whole thing is no problem today due to the usage of NAT / PAT...

Rade Djurasinovic 19 October 2010 16:47

Hi Ivan,
What if client wants to connect more then one PC via one pppoe session?
Do you have some configuration fore the following case:

ClientPC LAN -> ClientRouter -> BRAS

How client PC will get IPv6 address? BRAS will send ip prefix /64 to router, and also prefix for the inside interface of client's router? How to configure ethernet interface on the ClientRouter facing ClientPC?

Ivan Pepelnjak 25 October 2010 19:40

Interesting question ... will run some tests.

PiO 26 October 2010 05:42

And the full solution is only available to your attendees or may be kindly exposed to your fellow readers too?

Best regards and thanks for all :)

Ivan Pepelnjak 06 November 2010 19:15

A few thoughts here:

http://blog.ioshints.info/2010/10/dhcpv6-over-pppoe-total-disaster.html

And anyway, if the ISP changes your IPv6 prefix, you're stuck with the old one for hours (see Ole Troan's comment to the post I've included above).

Ivan Pepelnjak 06 November 2010 19:59

Tests done (some results in other blog posts). You have to use DHCPv6 to pass the prefix to the router and then use that prefix (as a generic IPv6 prefix in Cisco IOS) with SLAAC on the LAN interface.

Rade Djurasinovic 15 November 2010 10:13

I have done some tests also.
Problem with DHCP is that You must change DHCP timers or client will not release prefix delegated to LAN interface until timer expires. The main problem is that if You use dynamically assigned prefixes clients may experience problem. In order to avoid this you have to assign LAN prefixes statically through user profiles.

This is configuration:

************* BRAS configuration ****************
bba-group pppoe SPA
virtual-template 1
!
interface Loopback0
ip address x.x.0.1 255.255.255.255
ipv6 address xxxx:xxxx::1/64
ipv6 enable

interface FastEthernet0/0.100
encapsulation dot1Q 100
pppoe enable group SPA

interface Virtual-Template1
...
ipv6 unnumbered Loopback0
ipv6 enable
ipv6 mtu 1480
ipv6 nd reachable-time 30
no ipv6 nd suppress-ra
ipv6 dhcp server LAN
peer default ipv6 pool PPPoE
!

ipv6 dhcp pool LAN
prefix-delegation pool LAN

ipv6 local pool LAN xxxx:1A98:1::/48 64
ipv6 local pool PPPoE 2A00:1A98:2::/48 64

***************** CLIENT CONFIGURATION **************

interface FastEthernet0/1
description # to ISP (outside)
...
pppoe enable group global
pppoe-client dial-pool-number 1
!

interface FastEthernet0/0
description ### to client LAN interface (inside)
ip address 10.0.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
ipv6 address LAN ::1/64
ipv6 enable

interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
ipv6 address autoconfig default
ipv6 mtu 1480
ipv6 dhcp client pd LAN
ppp authentication pap callin
ppp pap sent-username MyUsername password 0 MyPassword
ppp ipcp address accept
!

Rade Djurasinovic 15 November 2010 10:16

I have done some tests also.
Problem with DHCP is that You must change DHCP timers or client will not release prefix delegated to LAN interface until timer expires. The main problem is that if You use dynamically assigned prefixes clients may experience problem. In order to avoid this you have to assign LAN prefixes statically through user profiles.

This is configuration:
************* BRAS configuration ****************
bba-group pppoe SPA
virtual-template 1
!
interface Loopback0
ip address x.x.0.1 255.255.255.255
ipv6 address xxxx:xxxx::1/64
ipv6 enable

interface FastEthernet0/0.100
encapsulation dot1Q 100
pppoe enable group SPA

interface Virtual-Template1
...
ipv6 unnumbered Loopback0
ipv6 enable
ipv6 mtu 1480
ipv6 nd reachable-time 30
no ipv6 nd suppress-ra
ipv6 dhcp server LAN
peer default ipv6 pool PPPoE
!

ipv6 dhcp pool LAN
prefix-delegation pool LAN

ipv6 local pool LAN xxxx:xxxx:1::/48 64
ipv6 local pool PPPoE xxxx:xxxx:2::/48 64

***************** CLIENT CONFIGURATION **************

interface FastEthernet0/1
description # to ISP (outside)
...
pppoe enable group global
pppoe-client dial-pool-number 1
!

interface FastEthernet0/0
description ### to client LAN interface (inside)
ip address X.X.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
duplex auto
speed auto
ipv6 address LAN ::1/64
ipv6 enable

interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
encapsulation ppp
dialer pool 1
ipv6 address autoconfig default
ipv6 mtu 1480
ipv6 dhcp client pd LAN
ppp authentication pap callin
ppp pap sent-username MyUsername password 0 MyPassword
ppp ipcp address accept
!

Add comment