No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring L2TP Load Balancing

Example for Configuring L2TP Load Balancing

This section provides an example for configuring load balancing among L2TP tunnels, including networking requirements, configuration roadmap, configuration procedure, and configuration files.

Networking Requirements

As shown in Figure 10-13, a single LNS cannot transmit all L2TP services. In such a case, you can enable LNS load balancing to load-balance L2TP services among multiple LNSs based on LNS weights.

Figure 10-13 Networking for L2TP load balancing

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure the dial-up connection at the user side.

  2. Configure the LAC (when configuring the L2TP connection on the LAC, configure two LNSs in the L2TP group and specify the IP addresses and weights of these LNSs).

  3. Configure the LNS.

Data Preparation

To complete the configuration, you need the following data:

  • User name and password of PC1

  • Tunnel password, tunnel name on the LNS, and tunnel name on the LAC

  • Number of the virtual template and the L2TP group number

  • Number, range, and mask of the remote address pool

NOTE:

This section provides only the procedure relevant to L2TP.

Procedure

  1. Configure the user side.

    To create a dial-up connection, dial the access number specified on NE40E A, and receive IP addresses assigned by the LNS server.

    Enter the user name user1@isp1 and the password (already registered on the LNS) in the displayed dial-up terminal window on PC1.

  2. Configure DeviceA that functions as an LAC.

    # Configure virtual template 1.

    <Device> system-view
    [Device] sysname DeviceA
    [*DeviceA] interface virtual-template 1
    [*DeviceA-Virtual-Template1] ppp authentication-mode chap
    [*DeviceA-Virtual-Template1] commit
    [~DeviceA-Virtual-Template1] quit

    # Bind virtual template 1 to GE 2/0/0.100.

    [~DeviceA] interface gigabitethernet 2/0/0.100
    [*DeviceA-GigabitEthernet2/0/0.100] pppoe-server bind virtual-template 1
    [*DeviceA-GigabitEthernet2/0/0.100] user-vlan 1 100
    [*DeviceA-GigabitEthernet2/0/0.100-vlan-1-100] commit
    [~DeviceA-GigabitEthernet2/0/0.100-vlan-1-100] quit

    # Configure the BAS interface.

    [~DeviceA-GigabitEthernet2/0/0.100] bas
    [*DeviceA-GigabitEthernet2/0/0.100-bas] access-type layer2-subscriber
    [*DeviceA-GigabitEthernet2/0/0.100-bas] authentication-method ppp
    [*DeviceA-GigabitEthernet2/0/0.100-bas] commit
    [~DeviceA-GigabitEthernet2/0/0.100-bas] quit
    [~DeviceA-GigabitEthernet2/0/0.100] quit

    # Create Loopback 0.

    [~DeviceA] interface loopback0
    [*DeviceA-LoopBack0] ip address 1.1.1.1 255.255.255.255
    [*DeviceA-LoopBack0] commit
    [~DeviceA-LoopBack0] quit

    # Assign IP addresses to physical interfaces on the tunnel.

    [~DeviceA] interface gigabitethernet1/0/1
    [*DeviceA-GigabitEthernet1/0/1] ip address 11.11.11.1 255.255.255.0
    [*DeviceA-GigabitEthernet1/0/1] commit
    [~DeviceA-GigabitEthernet1/0/1] quit
    [~DeviceA] interface gigabitethernet1/0/2
    [*DeviceA-GigabitEthernet1/0/2] ip address 12.12.12.1 255.255.255.0
    [*DeviceA-GigabitEthernet1/0/2] commit
    [~DeviceA-GigabitEthernet1/0/2] quit

    # Set up tunnels for L2TP load balancing and specify relevant attributes.

    [~DeviceA] l2tp enable
    [~DeviceA] l2tp-group lac1
    [*DeviceA-l2tp-lac1] tunnel name lac1
    [*DeviceA-l2tp-lac1] start l2tp ip 3.3.3.3 ip 4.4.4.4
    [*DeviceA-l2tp-lac1] tunnel load-sharing
    [*DeviceA-l2tp-lac1] tunnel authentication
    [*DeviceA-l2tp-lac1] tunnel password simple 1qaz#EDC
    [*DeviceA-l2tp-lac1] tunnel source loopback0
    [*DeviceA-l2tp-lac1] commit
    [~DeviceA-l2tp-lac1] quit

    # Configure the RADIUS server.

    [~DeviceA] radius-server group radius1
    [*DeviceA-radius-radius1] radius-server authentication 20.20.20.1 1812
    [*DeviceA-radius-radius1] radius-server accounting 20.20.20.1 1813
    [*DeviceA-radius-radius1] radius-server shared-key itellin
    [*DeviceA-radius-radius1] commit
    [~DeviceA-radius-radius1] quit

    # Configure the domain to which the user belongs.

    [~DeviceA] aaa
    [*DeviceA-aaa] domain isp1
    [*DeviceA-aaa-domain-isp1] l2tp-group lac1
    [*DeviceA-aaa-domain-isp1] radius-server group radius1
    [*DeviceA-aaa-domain-isp1] authentication-scheme default1
    [*DeviceA-aaa-domain-isp1] accounting-scheme default1
    [*DeviceA-aaa-domain-isp1] commit
    [~DeviceA-aaa-domain-isp1] quit

    # Configure routes.

    [~DeviceA] ip route-static 3.3.3.3 255.255.255.255 11.11.11.2
    [~DeviceA] ip route-static 4.4.4.4 255.255.255.255 12.12.12.2

  3. Configure DeviceB (LNS)

    # Create Loopback 0.

    [~DeviceB] interface loopback0
    [*DeviceB-LoopBack0] ip address 3.3.3.3 255.255.255.255
    [*DeviceB-LoopBack0] commit
    [~DeviceB-LoopBack0] quit 

    # Assign IP addresses to physical interfaces on the tunnel.

    [~DeviceB] interface gigabitethernet1/0/1
    [*DeviceB-GigabitEthernet1/0/1] ip address 11.11.11.2 255.255.255.0
    [*DeviceB-GigabitEthernet1/0/1] commit
    [~DeviceB-GigabitEthernet1/0/1] quit

    # Create virtual template 1.

    [~DeviceB] interface virtual-template 1
    [*DeviceB-Virtual-Template1] ppp authentication-mode chap
    [*DeviceB-Virtual-Template1] commit
    [~DeviceB-Virtual-Template1] quit

    # Enable L2TP and configure L2TP groups.

    [~DeviceB] l2tp enable
    [~DeviceB] l2tp-group lns1
    [*DeviceB-l2tp-lns1] tunnel name lns1
    [*DeviceB-l2tp-lns1] allow l2tp virtual-template 1 remote lac1
    [*DeviceB-l2tp-lns1] tunnel authentication
    [*DeviceB-l2tp-lns1] tunnel password simple 1qaz#EDC
    [*DeviceB-l2tp-lns1] commit
    [~DeviceB-l2tp-lns1] quit

    # Create LNS group 1 and configure it.

    [~DeviceB] lns-group group1
    [*DeviceB-lns-group-group1] bind slot 1 
    [*DeviceB-lns-group-group1] bind source loopback 0
    [*DeviceB-lns-group-group1] commit
    [~DeviceB-lns-group-group1] quit

    # Configure the address pool used to assign addresses to users.

    [~DeviceB] ip pool pool1 bas local
    [*DeviceB-ip-pool-pool1] gateway 10.10.0.1 255.255.255.0
    [*DeviceB-ip-pool-pool1] section 0 10.10.0.10 10.10.0.100
    [*DeviceB-ip-pool-pool1] commit
    [~DeviceB-ip-pool-pool1] quit

    # Configure the RADIUS server.

    [~DeviceB] radius-server group radius1
    [*DeviceB-radius-radius1] radius-server authentication 10.10.0.249 1812
    [*DeviceB-radius-radius1] radius-server accounting 10.10.0.249 1813
    [*DeviceB-radius-radius1] radius-server shared-key itellin
    [*DeviceB-radius-radius1] commit
    [~DeviceB-radius-radius1] quit

    # Configure the domain to which the user belongs.

    [~DeviceB] aaa
    [*DeviceB-aaa] domain isp1
    [*DeviceB-aaa-domain-isp1] authentication-scheme default1
    [*DeviceB-aaa-domain-isp1] accounting-scheme default1
    [*DeviceB-aaa-domain-isp1] radius-server group radius1
    [*DeviceB-aaa-domain-isp1] ip-pool pool1
    [*DeviceB-aaa-domain-isp1] commit
    [~DeviceB-aaa-domain-isp1] quit
    [~DeviceB-aaa] quit

    # Configure routes.

    [~DeviceB] ip route-static 1.1.1.1 255.255.255.255 11.11.11.1

  4. Configure DeviceC (LNS).

    # Create a loopback interface.

    [~DeviceC] interface loopback1
    [*DeviceC-LoopBack1] ip address 4.4.4.4 255.255.255.255
    [*DeviceC-LoopBack1] commit
    [~DeviceC-LoopBack1] quit

    # Assign IP addresses to physical interfaces on the tunnel.

    [~DeviceC] interface gigabitethernet1/0/1
    [~DeviceC--GigabitEthernet1/0/1] ip address 12.12.12.2 255.255.255.0

    # Create virtual template 1.

    [~DeviceC] interface virtual-template 1
    [*DeviceC-Virtual-Template1] ppp authentication-mode chap
    [*DeviceC-Virtual-Template1] commit
    [~DeviceC-Virtual-Template1] quit

    # Enable L2TP and configure L2TP groups.

    [~DeviceC] l2tp enable
    [~DeviceC] l2tp-group lns1
    [*DeviceC-l2tp-lns1] tunnel name lns1
    [*DeviceC-l2tp-lns1] allow l2tp virtual-template 1 remote lac1
    [*DeviceC-l2tp-lns1] tunnel authentication
    [*DeviceC-l2tp-lns1] tunnel password simple 1qaz#EDC
    [*DeviceC-l2tp-lns1] commit
    [~DeviceC-l2tp-lns1] quit

    # Create LNS group 1 and configure it.

    [~DeviceC] lns-group group1
    [*DeviceC-lns-group-group1] bind slot 1 
    [*DeviceC-lns-group-group1] bind source loopback 1
    [*DeviceC-lns-group-group1] commit
    [~DeviceC-lns-group-group1] quit

    # Configure the address pool used to assign addresses to users.

    [~DeviceC] ip pool pool1 bas local
    [*DeviceC-ip-pool-pool1] gateway 10.10.0.101 255.255.255.0
    [*DeviceC-ip-pool-pool1] section 0 10.10.0.102 10.10.0.200
    [*DeviceC-ip-pool-pool1] commit
    [~DeviceC-ip-pool-pool1] quit

    # Configure the RADIUS server.

    [~DeviceC] radius-server group radius1
    [*DeviceC-radius-radius1] radius-server authentication 10.10.0.249 1812
    [*DeviceC-radius-radius1] radius-server accounting 10.10.0.249 1813
    [*DeviceC-radius-radius1] radius-server shared-key itellin
    [*DeviceC-radius-radius1] commit
    [~DeviceC-radius-radius1] quit

    # Configure the domain to which the user belongs.

    [~DeviceC] aaa
    [*DeviceC-aaa] domain isp1
    [*DeviceC-aaa-domain-isp1] authentication-scheme default1
    [*DeviceC-aaa-domain-isp1] accounting-scheme default1
    [*DeviceC-aaa-domain-isp1] radius-server group radius1
    [*DeviceC-aaa-domain-isp1] ip-pool pool1
    [*DeviceC-aaa-domain-isp1] commit
    [~DeviceC-aaa-domain-isp1] quit
    [~DeviceC-aaa] quit

    # Configure routes.

    [~DeviceC] ip route-static 1.1.1.1 255.255.255.255 12.12.12.1

  5. Verify the configuration.

    [~DeviceA] test l2tp-tunnel l2tp-group lac1 ip-address 3.3.3.3
    Testing L2TP tunnel connectivity now....... 
    Test L2TP tunnel connectivity success.
    [~DeviceA] test l2tp-tunnel l2tp-group lac1 ip-address 4.4.4.4
    Testing L2TP tunnel connectivity now....... 
    Test L2TP tunnel connectivity success.

Configuration Files

  • Configuration file of ~DeviceA

    #
     sysname ~DeviceA
    #
     l2tp enable
    #
    radius-server group radius1
     radius-server authentication 20.20.20.1 1812 
     radius-server accounting 20.20.20.1 1813 
     radius-server shared-key itellin
    #
    interface Virtual-Template1
    ppp authentication-mode chap
    #
    interface GigabitEthernet2/0/0.100
     pppoe-server bind Virtual-Template 1
     undo shutdown
     user-vlan 1 100
     bas
      access-type layer2-subscriber
    #
    interface LoopBack0
     ip address 1.1.1.1 255.255.255.255
    #
    l2tp-group lac1
     tunnel password simple 1qaz#EDC
     tunnel name lac1
     start l2tp ip 3.3.3.3 ip 4.4.4.4 weight 5
     tunnel load-sharing
     tunnel source LoopBack0
    #
    aaa
    domain isp1
      authentication-scheme default1
      accounting-scheme default1
      radius-server group radius1
      l2tp-group lac1
    #
    interface GigabitEthernet1/0/1
     undo shutdown
     ip address 11.11.11.1 255.255.255.0
    #
    interface GigabitEthernet1/0/2
     undo shutdown
     ip address 12.12.12.1 255.255.255.0
    #
     ip route-static 3.3.3.3 255.255.255.255 11.11.11.2
     ip route-static 4.4.4.4 255.255.255.255 12.12.12.2
    #
    return
  • Configuration file of ~DeviceB

    #
     sysname ~DeviceB
    #
     l2tp enable
    #
    interface Virtual-Template1
    ppp authentication-mode chap
    #
    interface LoopBack0
     ip address 3.3.3.3 255.255.255.255
    #
    l2tp-group lns1
     allow l2tp virtual-template 1 remote lac1
     tunnel password simple 1qaz#EDC
     tunnel name lns1
    #
    lns-group group1
     bind slot 1 
     bind source LoopBack0
    #
    ip pool pool1 bas local
     gateway 10.10.0.1 255.255.255.0
     section 0 10.10.0.2 10.10.0.100
    #
    aaa
     domain  isp1
      authentication-scheme   default1
      accounting-scheme   default1
      ip-pool   pool1
    #
    interface GigabitEthernet1/0/1
     undo shutdown
     ip address 11.11.11.2 255.255.255.0
    #
     ip route-static  1.1.1.1 255.255.255.255 11.11.11.1
    #
    return
  • Configuration file of ~DeviceC

    #
     sysname ~DeviceC
    #
     l2tp enable
    #
    interface Virtual-Template1
    ppp authentication-mode chap
    #
    interface LoopBack1
     ip address 4.4.4.4 255.255.255.255
    #
    l2tp-group lns1
     allow l2tp virtual-template 1 remote lac1
     tunnel password simple 1qaz#EDC
     tunnel name lns1
    #
    lns-group group1
     bind slot 1 
     bind source LoopBack1
    #
    ip pool pool1 bas local
     gateway 10.10.0.101 255.255.255.0
     section 0 10.10.0.102 10.10.0.200
    #
    aaa
    domain  isp1
      authentication-scheme   default1
      accounting-scheme   default1
      ip-pool   pool1
    #
    interface GigabitEthernet1/0/1
     undo shutdown
     ip address 12.12.12.2 255.255.255.0
    #
     ip route-static  1.1.1.1 255.255.255.255 12.12.12.1
    #
    return
Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17360

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next