Professional Documents
Culture Documents
Traditional internet access methods like dial-up were so slow that host computers were connected to the dial-up modem at the customer premise over slow serial ports. PPP was designed to run directly over these serial links. But with the advent of broadband internet access technologies such as ADSL and cable modems, there was a considerable increase in the bandwidth delivered to the end users. This meant that the host computers at the customer premise were connected to the ADSL or cable "modem" over a much faster medium such as Ethernet. It also meant that multiple hosts could connect to the Internet through a single Access device, which alone had the actual internet connection in the form of a WAN link. The simplest and most cost-effective method to connect multiple machines together is Ethernet. Hence typical scenarios involved multiple host PCs connected to each other and to an Internet Access Device by Ethernet. Unfortunately Ethernet networks are not connection-oriented and lack the basic features provided by the original PPP protocol - such as user authentication, per-user service/control, usage metering, billing, etc. Once the packets from different users reached the Access device, they were sent out on the single WAN link and individual user information was lost. It would have been possible to build a protocol newly on top of Ethernet, but then the Access device would have become very complex as it maintains all user information. Instead running PPP over Ethernet in the host PCs itself was much simpler and just required updating the software in the PC. The PPPoE session terminates at the service provider's equipment thus giving complete control for the service provider. Hence PPPoE was devised to achieve the best of both worlds - the ability to connect a network of hosts to a service provider at higher speeds, and the use of an existing connection mechanism for establishing sessions while presenting a familiar user interface.
DSL provides the Layer 1 resources of connectivity. DSLAM: ATM switch housing for ATU-Cs (DSL interface cards) Terminates the CO side of local loop Switches traffic over an ATM network to an aggregation router
Aggregation Router: First point where Layer 3 is examined. Three ways to encapsulate IP packets over an ATM and DSL connection: RFC 1483/2684 Bridged PPP over Ethernet (PPPoE) PPP over ATM (PPPoA)
Rick Graziani graziani@cabrillo.edu 4
L1 Fiber L2 ATM
Defines transport of single and multiple protocols over a single ATM virtual circuit. Uses PPPoA (PPP over ATM) will be discussed later. ATU-R to the ATU-C is using DSL at Layer 1 to send and receive ATM cells. DSLAM to the aggregation router is over an ATM-based network that may include a fiber ring at Layer 1. Allows an ATM PVC to be established between the DSL modem and the aggregation router. Rick Graziani graziani@cabrillo.edu
PPP/PPPoE
L2- ATM
ATM PVC used to carry Ethernet frames (RFC 1483/2684 Bridging). The DSLAM essentially performs as an ATM switch. If the CPE (DSL Modem) has an ATM interface this connection still uses DSL as layer-1 But at layer-2 it establishes an ATM PVC directly to the aggregate router (PPPoA).
Rick Graziani graziani@cabrillo.edu 6
PPPoE
Router or
Point-to-Point Protocol over Ethernet (PPPoE) is a protocol for encapsulating PPP frames in Ethernet frames. Offers standard PPP features such as: authentication encryption compression
PPPoE
Router or Aggregation Router
CPE
CPE bridges the Ethernet frames from the end users PC to an aggregation router over ATM with an Ethernet frame carrying a PPP frame.
PPPoE
Ethernet
PPPoE
A PPP session is established between the subscriber device with the aggregation router and the PPPoE client support end user PC with PPPoE client software or CPE router configured as the PPPoE client
Rick Graziani graziani@cabrillo.edu 9
PPPoE
Router or Aggregation Router
CPE
PPPoE client first encapsulates the end-user data into a PPP/PPPoE frame PPPoE frame becomes encapsulated inside an Ethernet frame. The IP address allocation for the PPPoE client uses IP Control Protocol (IPCP) Allows the device sending the IPCP Configure-Request to either specify an IP address it wants to use for routing IP over the PPP link, or to request that the other device supply it with one. Used with Password Authentication Protocol (PAP) or Challenge Handshake Authentication Protocol (CHAP) authentication. The aggregation router authenticates the users local database or AAA server
Rick Graziani graziani@cabrillo.edu 10
1
PPPoE client
2
PPPoE client
DSL and PPPoE deployment types: 1. Router terminating DSL and with PPPoE client 2. Modem terminating DSL and router with PPPoE client 3. Modem terminating DSL and end-user PC with PPPoE client
11
1 2 3 4
Usually, PPP only works over a point-to-point connection. PPP over an Ethernet multiaccess environment requires additional enhancements. PPPoE has two distinct stages as defined in RFC 2516: Discovery stage PPP session stage
Rick Graziani graziani@cabrillo.edu 12
PPPoE client initiates a PPPoE session Complete a discovery process to identify which PPPoE server can meet the client request. Identify the Ethernet MAC address of the peer Establish a PPPoE session ID Although PPP defines a peer-to-peer relationship, discovery is inherently a client-server relationship. PPPoE client discovers an aggregation router (the PPPoE server). Can be more than one PPPoE server. Allows the PPPoE client to discover all PPPoE servers and then select one to use.
Rick Graziani graziani@cabrillo.edu 13
Step 1 PADI (PPPoE Active Discovery Initiation) Wikipedia.org If a user wants to dial up to the Internet using DSL, then his computer first must find the DSL access concentrator (DSL-AC) at the user's Internet service provider's point of presence (POP). Communication over Ethernet is only possible via MAC addresses. As the computer does not know the MAC address of the DSL-AC, it sends out a PADI packet via an Ethernet broadcast (MAC: ff:ff:ff:ff:ff:ff). This PADI packet contains the MAC address of the sending computer.
14
Step 1 The PPPoE client broadcasts a PPPoE Active Discovery Initiation (PADI) packet. This packet includes the service type that the client is requesting. The destination MAC address is set to broadcast. Here your modem/router is trying to initiate a PPPoE session. The PADI is the first step in a 4-way handshake that the PPPOE protocol uses for session establishment.
15
Step 2 PADO (PPPoE Active Discovery Offer) Wikipedia.org Once the user's computer has sent the PADI packet, the DSL-AC replies with a PADO packet, using the MAC address supplied in the PADI. The PADO packet contains the MAC address of the DSL-AC, its name (e.g. LEIX11-erx for the T-Com DSL-AC in Leipzig) and the name of the service. If more than one POP's DSL-AC replies with a PADO packet, the user's computer selects the DSL-AC for a particular POP using the supplied name or service.
Rick Graziani graziani@cabrillo.edu 16
Step 2 The PPPoE server (aggregation router) sends a PPPoE Active Discovery Offer (PADO) packet that describes which service the server can offer. The destination MAC address is the unicast address of the client (end-user PC or router). The source MAC is the unicast address of the PPPoE server. The aggregation router is actually offering to act as the PPPoE server.
17
Step 3 PADR (PPPoE Active Discovery Request) As said above, the computer has to select a POP it does this using the PADR packet, which is sent to the MAC address of the selected POP's DSL.
18
Step 3 The PPPoE client sends a unicast PPPoE Active Discovery Request (PADR) packet to the PPPoE server. PPPoE client has received the PADO packet from aggregation router PPPoE client is requesting sending a PADR to establish a PPPoE session with this router
19
PPPoE server - Unicast: Sounds good to me, but I want to authenticate you first
Step 4 PADS (PPPoE Active Discovery Session-confirmation) The PADR packet above is confirmed by the DSL-AC with a PADS packet, and a Session ID is given out with it. The connection with the DSL-AC for that POP has now been fully established.
20
Step 4 The PPPoE server sends a unicast PPPoE Active Discovery Session-confirmation (PADS) packet to the client. After you send the PADR packet, then the last step of the PPPOE 4-way handshake is complete, the PADS packet that is sent back to the PPPoE client. Think of this as the PAD Standby while I authenticate your session with the ISP. This is because the ASI router does your ppp authentication for you this is known as proxy ppp. You have already sent me your login and password info by step 3.
Rick Graziani graziani@cabrillo.edu 21
When discovery is successfully completed, both the PPPoE client and the selected PPPoE server have the information that they will use to build their point-to-point connection over the Ethernet. After the PPPoE session begins, PPP goes through the normal link control protocol (LCP) and Network Control Protocol (NCP) process.
Rick Graziani graziani@cabrillo.edu 22
PPPoE
PPP
1492 octets
As specified by RFC 2516, the maximum receive unit (MRU) option must not be larger than 1492 bytes because Ethernet has a maximum payload size of 1500 octets. PPPoE header is 6 octets PPP protocol ID is 2 octets PPP maximum transmission unit (MTU) must not be greater than (1500 8 =) 1492 bytes. An Ethernet and PPPoE frame contains one of these Ethertypes: 0x8863 Ethertype = PPPoE control packets 0x8864 Ethertype = PPPoE data packets
Rick Graziani graziani@cabrillo.edu 23
PPPoA used mainly with cable modem, DSL and ADSL services Provides: authentication encryption compression Slightly more overhead than PPPoE PPPoA also avoids issues related to having a MTU lower than that of standard Ethernet transmission protocols that affect PPPoE. PPPoA is a routed solution, unlike RFC 1483 Bridged and PPPoE.
Rick Graziani graziani@cabrillo.edu 24
PPPoA
CPE Routes
With PPPoA, the CPE routes the packets from the end-user PC over ATM to an aggregation router. Unlike PPPoE, PPPoA does not require host-based (PPPoE client) software.
25
PPPoA
PPP session
CPE Routes
PPP session is established with PPPoA between the CPE and the aggregation router. The CPE device must have a PPP username and password configured for authentication to the aggregation router that terminates the PPP session from the CPE. The aggregation router that authenticates the users can either use a local database on the aggregation router or a AAA server. PAP or CHAP
Rick Graziani graziani@cabrillo.edu 26
PPPoA
IPCP IP address allocation
Next, IPCP negotiation takes place and the IP address is assigned to the CPE. Next, a host route is established on both the CPE and the aggregation router. The aggregation router must assign only one IP address to the CPE CPE can be configured as a DHCP server CPE can use NAT and PAT to support multiple hosts connected via Ethernet behind the CPE.
Rick Graziani graziani@cabrillo.edu 27
Configuration tasks: Step 1: Configure an Ethernet interface. Step 2: Configure a dialer interface. Step 3: Configure PAT. Step 4: Configure DHCP server. Step 5: Configure a static default route.
29
Customer Network
IP address obtained automatically DHCP Host
interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
DSLAM
PVC
ATM
Aggregation Router
IP
DHCP Server ip dhcp pool MyPool network 10.0.0.0 255.255.255.0 default router 10.0.0.1
DHCP Server
ISP Router
3 interface Ethernet0/0 ip nat inside ip tcp mss-adjust 1452 ! interface Dialer0 ip nat outside ! ip nat inside source list 101 interface Dialer0 overload access-list 101 permit ip 10.0.0.0 255.255.255.0 any
Rick Graziani graziani@cabrillo.edu 30
31
Configure the Ethernet interface (ADSL interface) of the Cisco router with an ATM PVC and encapsulation: interface ethernet Enable the PPPoE on Ethernet interface. Specify which dialer interface to use. pppoe-client dial-pool-number bind the Ethernet interface to a dialer interface to set the encapsulation to the PPPoE client.
32
interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
Note: Unlike an ISDN DDR configuration, DSL is always on. Therefore, a dialer list is not required to identify interesting traffic.
33
34
interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
Description Configure the dialer interface. Enables a dynamic address from the service provider using IPCP. With IPCP, DSL routers automatically negotiate a globally unique (registered or public) IP address for the dialer interface from the service provider aggregation router.
Specifies PPP encapsulation for the dialer interface. (Optional) Stops Cisco Discovery Protocol (CDP) advertisements from going out through the dialer interface.
35
interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
Description Specifies which pool the dialer interface is assigned to. Sets the maximum Ethernet payload size. Reduces the MTU size from 1500 to 1492 because the PPPoE header and PPP protocol ID together require 8 bytes.
(Optional) Configures the CHAP. With the keyword callin, the access server only authenticates the remote device if the remote device initiates the call. (Optional) This command defines an interface-specific CHAP password.
36
DSLAM
PVC
ATM
Aggregation Router
IP
DHCP Server
interface Dialer0 ip mtu 1492
ISP Router
37
When a host (usually a PC) initiates a TCP session with a server, it negotiates the IP segment size by using the maximum segment size (MSS) option field in the TCP SYN packet.
38
TCP MSS defines the maximum size of the data in the TCP segment. 20 octets 20 octets Ethernet MTU defines the maximum size of the data in the Ethernet frame. 1460 octets
TCP MSS = 1460 Data = 1460 octets The host using Ethernet, MTU of 1500 octets so I will set my MSS to 1460.
1500 octets
Typical TCP/IP/Ethernet Typically, an end system uses the "outgoing interface MTU" minus 40 as its reported MSS. For example, an TCP over IP over Ethernet MSS value is 1460 (1500 40 = 1460). When a host (usually a PC) initiates a TCP session with a server, it negotiates the TCP segment size by using the maximum segment size (MSS) option field in the TCP SYN packet. (curriculum say IP segment). The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host. The default Ethernet MTU value for a PC is 1500 bytes. (curriculum says MSS)
39
Path Maximum Transmission Unit (PMTU) Discovery (RFC 1191) When a connection is established, the two hosts involved exchange their TCP maximum segment size (MSS) values. The smaller of the two MSS values is used for the connection. Historically, the MSS for a host has been the: MTU at the link layer minus 40 bytes for the IP and TCP headers. However, support for additional TCP options, such as time stamps, has increased the typical TCP+IP header to 52 or more bytes.
Rick Graziani graziani@cabrillo.edu 40
20 octets 20 octets
1452 octets
PPPoE
PPP
Data
1492
However, the PPPoE standard only supports an MTU of 1492 bytes. PPPoE uses eight bytes of the data segment to encapsulate the IP packet into a PPP stream, effectively reducing the MTU over standard Ethernet to 1500.) In most cases, the optimum value for the max-segment-size argument is 1452 bytes. TCP MSS 1452 + 20-byte IP header + the 20-byte TCP header + 8byte PPPoE header = 1500-byte packet Ethernet MTU.
Rick Graziani graziani@cabrillo.edu 41
TCP MSS defines the maximum size of the data in the TCP segment. 20 octets 20 octets 1460 octets
1500
Typical TCP/IP/Ethernet Disparities between the host and PPPoE MTU size cause the router in between the host and the server to drop 1500-byte packets and terminate TCP sessions over the PPPoE network. Dont rely on Path MTU Discovery Some system administrators sometimes disable the ICMP error messages These are used by Path MTU discovery This cause Path MTU discovery to not work.
Rick Graziani graziani@cabrillo.edu 42
Necessary to limit the packet sizes going in either direction: inward facing E0/0 interface Prevention: Between hosts tell the other host to use this lower MSS sets the MSS to a lower value ip tcp adjust-mss command on the in-facing interface to adjust the MSS value of the TCP SYN packets to 1452 to help prevent the router from dropping TCP sessions outward facing dialer interface Correction if necessary set the MTU to lower values ip mtu command to tell the device to fragment packets going out of the interface if they are larger than 1492 bytes.
43
44
PAT Configuration
PAT translates the 10.x.x.x source addresses to the Dialer0 IP address. The Dialer0 interface receives its IP address from the service provider aggregation router using IPCP.
45
To import DHCP option parameters into the Cisco IOS DHCP Server database, use the import all DHCP pool configuration command.
46
47
48
PPPoE Verification
Debug PPPoE events. Debug PPPoE authentication. Verify DHCP Clients. Verify DHCP Server. Verify PAT.
50
The significant fields shown in the output are: 15:13:41.991: Sending PADI: Interface = Ethernet1: This is a broadcast Ethernet frame that requests a PPPoE server. 15:13:44.091: PPPOE: we've got our pado and the pado timer went off: This is a unicast reply from a PPPoE server (similar to a DHCP offer). 15:13:44.091: OUT PADR from PPPoE Session: This is a unicast reply that accepts the offer. 15:13:44.187: IN PADS from PPPoE Session: This is a confirmation that signals a completed connection.
52
C:\Documents and Settings\User>ipconfig /all Windows 2000 IP Configuration Ethernet adapter LAB: Connection-specific DNS Suffix Description . . . . . . . . . . Connection Physical Address. . . . . . . . Dhcp Enabled. . . . . . . . . . Autoconfiguration Enabled . . . IP Address. . . . . . . . . . . Subnet Mask . . . . . . . . . . Default Gateway . . . . . . . . DHCP Server . . . . . . . . . . DNS Servers . . . . . . . . . . . : lab.com . : Intel(R) PRO/1000 MT Mobile . . . . . . . . : : : : : : : :
00-11-25-AF-40-9B Yes Yes 10.0.0.2 255.0.0.0 10.0.0.1 10.0.0.1 192.168.1.1 192.168.1.2 Primary WINS Server . . . . . . . : 192.168.1.3 Lease Obtained. . . . . . . . . . : 6. April 2006 16:36:31 Lease Expires . . . . . . . . . . : 7. April 2006 0:36:31
CPE# show ip dhcp binding IP address Client-ID/ Hardware address 10.0.0.2 0100.5056.4000.59 10.0.0.3 0100.5056.4000.60
CPE# show ip nat translations Pro Inside global Inside local icmp 192.168.1.202:512 10.0.0.2:512
PPPoA Configuration
PPPoA
PPPoA has greater flexibility for the home than the average PPPoE deployment because the customer LAN behind the CPE is under the complete control of the customer the CPE acts as a router rather than a bridge for PPPoE (where the CPE bridges the PPPoE frame from the end-user PC running the PPPoE client software). When you configure PPPoA, a logical interface, known as a virtual access interface, associates each PPP connection with an ATM virtual circuit (VC). You can create this logical interface by configuring an ATM PVC or switched virtual circuit (SVC). This configuration encapsulates each PPP connection in a separate PVC or SVC, allowing each PPP connection to terminate at the router ATM interface as if the connection were received from a typical PPP serial interface.
Rick Graziani graziani@cabrillo.edu 59
Configuring the CPE as the PPPoE Client over the ATM Interface
Configuration tasks: Step 1: Configure an ATM interface. Step 2: Configure a dialer interface. Step 3: Configure PAT. Step 4: Configure DHCP server. Step 5: Configure a static default route.
CPE
ATM
PVC
IP
DHCP Server
Rick Graziani graziani@cabrillo.edu
ISP Router
CPE 8/35
DSLAM
PVC
ATM
Aggregation Router
IP
interface Dialer0 ip nat outside ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
DHCP Server
ISP Router
interface ATM0/0 no ip address dsl operating-mode auto pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1
Rick Graziani graziani@cabrillo.edu
ip route 0.0.0.0 0.0.0.0 Dialer0 ip dhcp pool MyPool network 10.0.0.0 255.255.255.0 default router 10.0.0.1
61
Customer Network
IP address obtained automatically E0/0 ATM0/0
CPE 8/35
DSLAM
PVC
ATM
Aggregation Router
IP
IP address obtained automatically interface ATM0/0 no ip address dsl operating-mode auto pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1
Rick Graziani graziani@cabrillo.edu
DHCP Server
interface Dialer0 ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
ISP Router
62
interface ATM0/0 no ip address dsl operating-mode auto pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1
dsl operating-mode auto specify that the router automatically detects the DSL modulation that the service provider is using sets the DSL modulation to match. pvc interface command ATM uses the VPI/VCI to identify an ATM VC set the virtual path identifier/virtual channel identifier (VPI/VCI) that is used by the DSL service provider VPI/VCI value on the router must match the configuration on the DSLAM The encapsulation method must correspond with the method configured on the aggregation router.
Rick Graziani graziani@cabrillo.edu 63
interface ATM0/0 no ip address dsl operating-mode auto pvc 8/35 encapsulation aal5mux ppp dialer dialer pool-member 1
interface Dialer0 ip nat outside ip address negotiated ip mtu 1492 encapsulation ppp dialer pool 1
dialer pool-member number Links the ATM interface to a dialer interface specify which dialer interfaces can use the ATM physical interface on the Cisco router.
Rick Graziani graziani@cabrillo.edu 64
DSLAM
PVC
ATM
CPE
8/35
Aggregation Router
IP
DHCP Server
DHCP Server
ISP Router
interface Ethernet0/0 ip nat inside ip tcp mss-adjust 1452 ! interface Dialer0 ip nat outside ! ip nat inside source list 101 interface Dialer0 overload access-list 101 permit ip 10.0.0.0 255.255.255.0 any
Rick Graziani graziani@cabrillo.edu 65
66
When a router is successfully trained to the DSLAM, the modem status field has the value Showtime. Along with that value, the command also displays the upstream and downstream speed in kbps (in the row Speed, the Interleave or Fast columns will have a nonzero value). Example of the output from a properly trained modem. If the modem and router are properly trained, move troubleshooting efforts to Layer 2.
Rick Graziani graziani@cabrillo.edu 67
When the router is not properly trained, as shown in the following output, the problem is at Layer 1, and a solution needs to be found at this layer. Router#show dsl interface atm 0
Line not activated: displaying cached data from last activation Log file of training sequence: <...rest of the output omitted...>
68
In the PPPoE configuration, you must bind the Ethernet interface to the dialer interface and reduce the maximum Ethernet payload size from 1500 to 1492. In the PPPoA configuration, you must configure the proper encapsulation on the ATM interface and associate the interface with the dialer pool.
PPPoE PPPoA
interface ATM0/0 no ip address dsl operating-mode auto pvc 1/32 encapsulation aal5mux ppp dialer dialer pool-member 1
interface Ethernet0/1 no ip address pppoe enable pppoe-client dial-pool-number 1 ! interface Dialer0 ip mtu 1492
You can monitor the status of the ATM interface on the router by checking the status of the Carrier Detect (CD) light on the routers interface panel: If the CD light is on, proceed to Layer 2 troubleshooting. If the CD light is off, continue with Layer 1 troubleshooting. Next, use the show interface atm privilege level command from the enable mode of the router to check the status of the ATM interface on the router.
70
Next, use the show interface atm privilege level command from the enable mode of the router to check the status of the ATM interface on the router. This command appears in Figure . If the ATM interface status is down and the line protocol is down, the router is not seeing a carrier on the ADSL line. Such a status usually indicates two possible issues: The active pins on the DSL wall jack may be incorrect. For example, the registered jack-11 (RJ-11) connector provides an xDSL connection to an external media via a standard RJ-11 6-pin modular jack. The service provider may not be providing DSL service on this wall jack. The Cisco router uses a standard RJ-11 cable to provide the ADSL connection to the wall jack. The center pair of pins on the RJ-11 cable carries the ADSL signal (pins 3 and 4 on a 6-pin cable, or pins 2 and 3 on a 4-pin cable). If the wall jack is using the correct pins, and the ATM interface is still down and the line protocol is down, replace the RJ-11 cable between the DSL port and the wall jack
Rick Graziani graziani@cabrillo.edu 71
If the interface is still down and the line protocol is down after you have replaced the RJ-11 cable, contact the service provider to verify that ADSL service has been enabled on the wall jack you are using. The show interface atm command also shows whether the interface is administratively disabled. If such a case exists, enable the interface by using the no shutdown command under the interface configuration mode.
72
If everything that you have checked up to now in the Layer 1 troubleshooting procedure is verified and is operating properly, the next step is to ensure that the correct DSL operating mode is being used. Check with the service provider whether the DSLAM supports the particular DSL chipset (for example, Alcatel) and the configured modulation method of the deployed Cisco CPE DSL router. If the DSL modulation being used by the service provider is unknown, Cisco recommends using the default auto operating mode to autodetect the modulation type. Run the auto operating mode using this command (see the dsl operating-mode Parameters table for details): dsl operating-mode {auto | ansi-dmt | itu-dmt | splitterless} If problems persist and the router has been properly configured, proceed to Layer 2 examination and troubleshooting.
Rick Graziani graziani@cabrillo.edu 73
After establishing that Layer 1 is operating correctly, the troubleshooting can continue at Layer 2. First, check whether a permanent virtual circuit (PVC) is configured at the DSLAM by using the ping atm interface atm command. This command sends Operation, Administration, and Maintenance (OAM) F5 loopback packets to the DSLAM. A successful ping designates that a PVC is configured at the DSLAM.
74
Next, check whether the correct VPI/VCI values are configured on the router, by using the debug atm events command. The output shows the VPI/VCI values that the DSLAM expects. During the debug process, use another working Internet connection and begin to ping the static IP address assigned by your Internet service provider (ISP). It is important that the ATM interface status is up, the line protocol is up, and that the IP address provided by the ISP is being pinged. If there is no output for 60 seconds, debugging the VPI/VCI values is probably incorrect and you should contact ISP support. Finally, verify the VPI/VCI values and make the necessary changes to the configuration.
Rick Graziani graziani@cabrillo.edu 75
If the VPI/VCI values are correct and the PVC is active, then the next step is to verify that data is being sent and received on the ATM interface. The show interfaces atm command shows the interface status and counters for incoming and outgoing packets. If the incoming and outgoing packet counters are incrementing, the router is receiving and sending packets from the ISP; therefore, data is received from the ISP and is sent to the ISP.
Rick Graziani graziani@cabrillo.edu 76
With Layer 1 set up properly, correct VPI/VCI in use, PVC active, and data being received and sent, the next step is to ensure that a PPP session is established properly between the Cisco CPE router and the aggregation router of the service provider. You can observe the PPP negotiation process by issuing the debug ppp negotiation and debug ppp authentication commands.
77
PPP session setup occurs in three stages: Link control protocol (LCP): A mandatory phase in which parameters to establish, configure, and test the data-link connection are negotiated. Authentication: In this optional phase, authentication is performed with the authentication protocol (CHAP or PAP) agreed upon in LCP negotiation. Network Control Protocol (NCP): This mandatory phase establishes and configures different network-layer protocols. The most common Layer 3 protocol negotiated is IP. The routers exchange IPCP messages to negotiate options specific to the IP protocol.
Rick Graziani graziani@cabrillo.edu 78
The debug output in Figure shows the successful PPP session establishment. In case the PPP session does not come up successfully, there are four main points of failure in a PPP negotiation: There is no response from the remote device (aggregation router of the service provider). LCP is not opened. PAP or CHAP authentication failure occurs. IPCP failures.
Rick Graziani graziani@cabrillo.edu 79
PPPoE
CIS 186 ISCW Rick Graziani Fall 2007