No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring AVP Attributes for L2TP Packets

Configuring AVP Attributes for L2TP Packets

To tune an L2TP connection, you need to set the attribute value pair (AVP) attributes for packets exchanged between the devices on both ends of an L2TP connection.

Context

Perform the following steps on the NE40E:

Procedure

  • Add attribute AVP 22 to L2TP packets.

    In the scenario where the NE40E functions as an LAC, you can determine whether to add attribute AVP 22 to the ICRQ packets sent by the LAC, when an L2TP user goes online.

    1. Run system-view

      The system view is displayed.

    2. Run l2tp calling-number-avp enable

      Attribute AVP 22 is added to L2TP packets.

    3. Run l2tp-group group-name

      The L2TP group view is displayed.

    4. Run calling-number-avp format { version1 | include [ delimiter delimiter ] { option82 [ delimiter delimiter ] | mac [ delimiter delimiter ] | interface [ delimiter delimiter ] | domain [ delimiter delimiter ] | sysname [ delimiter delimiter ] | vlan [ delimiter delimiter ] | pevlan [ delimiter delimiter ] | cevlan [ delimiter delimiter ]| agent-circuit-id [ delimiter delimiter ] | agent-remote-id [ delimiter delimiter ] }* }calling-number-avp format version1 include option82

      Or run:

      After the calling-number-avp format version1 command is run, attribute AVP 22 is encapsulated in the following format into an ICRQ packet to be sent by the LAC:

      Encapsulation format: System name#Slot/Sub-slot/Port# Pvlan:Cvlan(Vpi:Vci)

      Pvlan is an outer VLAN and Cvlan is an inner VLAN. If the interface to which users are connected is an ATM interface, Pvlan:Cvlan is replaced with Vpi:Vci. If the system name contains more than 30 characters, the first 30 characters are used.

      After the calling-number-avp format version1 include option82 command is run, the Option 82 information that begins with the number sign (#) is added to the end of the original encapsulation format.

    5. (Optional) Configure the LNS to encapsulate LLID information into the Calling-Station-Id attribute of a RADIUS packet to be sent to the RADIUS server.

      1. Run the radius-server calling-station-id include llid user-type { ppp | lns } * command to construct the Calling-Station-Id attribute of RADIUS authentication and accounting packets of PPP or L2TP users based on the LLID information.
      2. Run the calling-number-avp format llid command to encapsulate LLID information into the AVP22 attribute in an ICRQ packet to be sent to the LNS.

    6. (Optional) Configure the LAC to encapsulate the Calling-Station-Id delivered by the RADIUS server into the AVP22 attribute of an ICRQ message to be sent to the LNS.
    7. (Optional) Configure an offset for the CE-VLAN ID (inner VLAN ID) in ICRQ packets.

      If packets sent from different DSLAMs have the same CE-VLAN ID, and the CE-VLAN ID must be identified in the ICRQ packets to be sent by the LAC, configure an offset for the CE-VLAN ID.

      NOTE:

      The calling-number-avp cevlan-offset command takes effect only after the CE-VLAN ID to be encapsulated in ICRQ packets has been specified in the calling-number-avp format include cevlan [ delimiter delimiter command.

      1. Run the interface interface-type interface-number command to enter the interface view.

      2. Run the bas command to enter the BAS interface view.

      3. Run the calling-number-avp cevlan-offset offset command to configure an offset for the CE-VLAN ID in ICRQ packets.

    8. (Optional) Run avp calling-number interface-format exclude sub-slot

      The format for encapsulating BAS interface information into AVP 22 attributes carried in L2TP packets is set to slot/port.

    9. Run commit

      The configuration is committed.

  • Hide the AVP in transmission.

    The L2TP protocol uses the AVP to send and negotiate L2TP attributes. To ensure security, you can hide the AVP in transmission.

    1. Run system-view

      The system view is displayed.

    2. Run l2tp-group group-name

      The L2TP group view is displayed.

    3. Run tunnel avp-hidden

      The AVP is hidden in transmission.

      The AVP hidden function takes effect only when tunnel authentication is enabled on both the LAC and LNS.

      NOTE:

      After the AVP is hidden, if AAA authentication is used for the tunnel, the two ends must use the same password.

    4. Run commit

      The configuration is committed.

  • Configure AVP46 for the tunnel.

    After AVP46 is enabled, information about the tunnel deletion cause is added to the STOPCCN packet that is sent from the NE40E to the peer when the tunnel is deleted.

    1. Run system-view

      The system view is displayed.

    2. Run l2tp-group group-name

      The L2TP group view is displayed.

    3. Run tunnel avp46

      AVP 46 is enabled for the tunnel.

    4. Run commit

      The configuration is committed.

  • Configure attribute AVP 47 for the tunnel.

    After attribute AVP 47 is configured, the NE40E marks the DSCP value of the L2TP control packets used to establish the L2TP tunnel, the packets with different DSCP values have different priorities.

    1. Run system-view

      The system view is displayed.

    2. Run l2tp-group group-name

      The L2TP group view is displayed.

    3. Run set-dscp-outer dscp

      The NE40E marks the DSCP value of the L2TP control packets used to establish the L2TP tunnel. The NE40E then negotiates with the peer device (LNS) for attribute AVP 47.

    4. Run commit

      The configuration is committed.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17285

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next