Beruflich Dokumente
Kultur Dokumente
.
E-series B-RAS Configuration
Module Objectives
After successfully completing this module, you will be able
to:
– List the benefits of using PPP over Ethernet
– Describe the two stages of PPP over Ethernet
– Describe the basic life of a packet for PPP over Ethernet
– Configure the E-series router for PPP over Ethernet
– Verify PPP-over-Ethernet operation using show commands and
logging
Modem
RADIUS
tyler@isp1.com
Routers ISP1
RAS
PPP Session
Modem
RADIUS ISP2
paul@isp2.com
ATM
DSL
ralph@isp2.com Modem
ATM
ISP2
DSLAM
Switch
ken@isp2.com
PPPoE―RFC 2516
DSL
diane@isp1.com Modem
ISP1
tim@isp1.com
MAC=A
DA IP=2.2.2.2
SA IP=1.1.1.2
EtherType=0x8864
ISP2
ISP2
DA MAC=X
SA MAC=A
RFC 2516:
Physical
– General frame format
– PC requirements
– Two stages of PPPoE:
Discovery stage
PPP session stage
RFC 2516
When the user PC transmits IP data, the PC creates an IP datagram, encapsulates the IP datagram in PPP and
PPPoE, and finally inserts this data into an Ethernet frame addressed to the E-series router—hence, the name
PPP over Ethernet.
To transmit data using PPPoE, the user's PC requires special PPPoE software that installs a shim between the
existing dial-up networking PPP stack and the Ethernet driver, which enables PPP sessions to be carried directly
in standard Ethernet frames. Although the PC uses PPPoE, the actual user experience mirrors dial-up
networking—a familiar experience to most current remote access users.
Because the PPP frames are encapsulated in Ethernet frames, multiple users can share the same DSL line.
PPPoE has two distinct stages:
• Discovery stage: When a PC initiates a PPPoE session, it performs the discovery stage to determine
which B-RAS to use, the Ethernet MAC address of the B-RAS, and a unique session ID. This discovery
stage is a client-server relationship, where the PC is the client and the E-series router is the PPPoE
server.
PPP session stage: Once the PC determines which B-RAS to use, the B-RAS MAC address, and the session ID,
the connection transitions into a peer-to-peer relationship and initiates a standard PPP session using LCP.
DSL
diane@isp1.com Modem
ISP1
tim@isp1.com
MAC=A
DSL
diane@isp1.com Modem
ISP1
tim@isp1.com
MAC=A
DA=X
SA=A
PPP LCP Type=PPP
PPPoE MAC=X
SessionID=
1234
PPP LCP
DA=A ISP2
ISP2
SA=X
Type=PPP
PPPoE
SessionID=
1234
DA IP=2.2.2.2
SA IP=1.1.1.2
PPP Header
PPPoE Header
Layer 3 DA IP=2.2.2.2 SessionID=0x123
SA IP=1.1.1.2
EtherType=0x8864
PPP Header DA MAC=B
SA MAC=A
DA IP=2.2.2.2 DA IP=2.2.2.2
PPPoE Header SA IP=1.1.1.2 SA IP=1.1.1.2
SessionID=0x123 RFC 2684
Layer 2 PID=0x000-07
EtherType=0x8864 OUI=0x00-80-C2 EtherType=0x0800 EtherType=0x0800
DA MAC=B LLC=0xAA -AA-03 DA MAC=D DA MAC=F
SA MAC=A SA MAC=C SA MAC=E
ATM VPI/VCI=0/33
Life of a Packet
In the PPP-over-Ethernet environment using ATM as the Layer 2 connection method, a DSL-capable bridge or
modem is installed at the customer's location. The bridge is connected over a phone line to a DSLAM, which is in
turn connected using ATM to the E-series router. An ATM PVC is provisioned from the E-series router to the
customer's CPE device. Each PC has PPP-over-Ethernet client software installed. If a user at the customer's
location wants access to the Internet, the basic packet flow is as follows:
• The user's PC generates an IP packet that is encapsulated in a PPP frame. A PPPoE header is added
to this frame, which is then encapsulated in an Ethernet frame addressed to the E-series router. The
Ethernet type field indicates that the upper-layer protocol is PPPoE.
• The DSL bridge receives the Ethernet frame and encapsulates the entire frame into an ATM cell. An
RFC 2684 header is added at the beginning of the cell, indicating that the cell contains a bridged
Ethernet frame.
• The cell(s) are then transmitted across PVC to the E-series router.
• The E-series router receives the cell, strips off the bridged Ethernet header, strips off the Ethernet
frame, and verifies that the type field is PPP over Ethernet. If the type field is not PPP over Ethernet, the
E-series router discards the frame. If it is PPP over Ethernet, the router strips the PPP frame and looks
at the destination IP address, and determines the next-hop interface.
• The router encapsulates the IP datagram in the appropriate Layer 2 frame and transmits the data onto
the Internet.
PPPoE PPPoE
Major Interface Major Interface
1 per Modem 1 per Modem
ATM PVC ATM PVC
ATM Subinterface ATM Subinterface
1 per Modem 1 per Modem
ATM
Major Interface
OCxc/STMx
DSLAM
VLANs
VLAN 100 VLAN 100
S -VLAN Encap
VLAN Encap
DSLAM
VLAN options :
– Single-tagged VLANs
– Double-tagged VLANs or stacked VLANs
S-VLANs
– Service provider VLANs (S-VLAN) and customer VLANs (C-VLAN)
– Similar to ATM VPI/VCI
– Improve VLAN scaling
– CPE or access node adds inner tag (C-Tag)
– Access node or aggregation device adds outer tag (S-Tag)
Copyright © 2007, Juniper Networks, Inc.
VLAN Options
In these Ethernet-based networks, the E-series router is terminating thousands of users on some type of Ethernet
interface. Virtual local area networks (VLANs) are implemented to manage large numbers of users coming in over
a single physical interface. A VLAN enables multiplexing multiple IP and PPPoE interfaces over a single physical
port using subinterfaces. VLANs are similar to ATM PVCs with a VLAN ID acting like the ATM PVC's VPI. The
IEEE 802.1Q-tagged frames provide a 12-bit VLAN identifier. Therefore, one physical interface can support up to
4096 unique VLANs. Each VLAN has a single, unique VLAN ID or tag assigned to it. On the slide, the diagram on
the left uses this single tagged approach. Notice that VLAN IDs must be unique within the access network.
In some Ethernet B-RAS environments where multiple access nodes are aggregated onto a single Gigabit
Ethernet or 10-Gigabit Ethernet connection, this VLAN limit is inadequate. A stacked VLAN (S-VLAN) or double-
tagged VLAN provides a two-level VLAN tag structure, extending the VLAN ID space to more than 16 million
VLANs.
S-VLANs
Stacked VLANs were developed by the IEEE as a way to segregate the customer VLAN ID space (C-VLAN) from
the service provider VLAN space (S-VLAN) and improve scaling. It is unfortunate that the IEEE 802.1ad standard
uses the term S-VLAN to mean service provider VLAN space because the E-series router uses the term S-VLAN
to mean any doubly tagged VLAN. Stacked VLANs require two different tags or IDs. The outer tag is called the
service provider tag (S-Tag) and the inner tag is called the customer tag (C-Tag). These two tags are similar to the
ATM VPI/VCI. Depending on the installation, the CPE device or access node adds the C-Tag and the access node
or aggregation device adds the S-Tag. The E-series router performs decapsulation twice—once to get the S-Tag
and once to get the C-Tag.
On the slide, the diagram on the right uses the double-tagged approach. In this environment, each access node is
assigned a unique S-Tag, allowing the C-Tags to be reused.
DSLAM
1:1 VLAN:
– VLAN or S-VLAN per CPE
– S-Tag or S-Tag/C-Tag must be unique across access network
N:1 VLAN
– VLAN per type of traffic o per access node
– S-Tag shared by many users
– Video or multicast services
1:1 VLAN
Service providers might use different VLAN deployment options or models. Some providers make use of both
options in the same network. The first approach, 1:1 VLAN, a single VLAN or S-VLAN is assigned to a single CPE
device. The S-Tag or S-Tag/ C-Tag must be unique across the access network. This approach closely mimics the
ATM VPI/VCI model. On the slide, the diagram on the left implements the 1:1 VLAN approach. Notice that each
CPE device is assigned a unique S-Tag/C-Tag within the access network.
N:1 VLAN
With the N:1 VLAN approach, traffic is single-tagged with an S-Tag throughout the access network. There might
be an S-Tag for a specific type of traffic or for each access node. With this approach, multiple users share the
same S-Tag. A video or multicast service might take advantage of this scheme. On the slide, the diagram on the
right implements the N:1 VLAN approach as well as the 1:1 VLAN deployment model. Each CPE device is a
member of the 300 VLAN. This VLAN is used for a video multicast service. In addition, each CPE device is
assigned a unique VLAN ID for user data traffic.
IP IP IP IP IP IP
PPPoE Sub PPPoE Sub PPPoE Sub PPPoE Sub PPPoE Sub PPPoE Sub
IP over VLAN
S-VLAN
VLAN 300 VLAN 100 VLAN 200
1 100
VLAN Sub VLAN Sub VLAN Sub
VLAN Sub
GE
10 GE
Copyright © 2007, Juniper Networks, Inc.
IP Configuration
Dynamic IP interface configuration using RADIUS VSAs:
–Virtual-Router-Name
–Local-Interface-Name
– Local-Address-Pool-Name
erx7(config)#profile generic-ip
erx7(config-profile)#ip sa-validate
erx7(config-profile)#exit
Local address pool configuration:
– Both address pools are localized to these virtual routers
erx7(config)#ip local pool isp1pool 172.16.3.2 172.16.3.254
erx7(config)#ip route 172.16.3.0 255.255.255.0 null 0
erx7(config)#vir VR2
erx7:VR2(config)#ip local pool isp2pool 182.16.3.2 182.16.3.254
erx7:VR2(config)#ip route 182.16.3.0 255.255.255.0 null0
erx7(config-if)#encapsulation ppp
ATM PVC
erx7(config-if)#ppp authentication chap ATM Subinterface
erx7(config-if)#profile ip generic-ip
ATM
Major Interface
T3A / E3A
OCxc/STM1
OCx/STMx
IP IP
erx7(config)#interface fastEthernet 3/1
erx7(config-if)#encapsulation vlan
PPP PPP
erx7(config)#interface fast 3/1.100
erx7(config-if)#vlan id 100
PPPoE Sub PPPoE Sub
erx7(config-if)#pppoe
erx7(config-if)#pppoe subint fast 3/1.100.1
erx7(config-if)#encapsulation ppp PPPoE
Major
erx7(config-if)#ppp auth chap
erx7(config-if)#profile ip generic-ip VLAN 100
VLAN Sub
erx7(config-if)#pppoe subint fast 3/1.100.2
erx7(config-if)#encapsulation ppp VLAN
Major
erx7(config-if)#ppp auth chap Interface
erx7(config-if)#profile ip generic-ip
GE
10 GE
erx7(config-if)#encapsulation vlan
erx7(config)#interface fast 3/1.200 PPP PPP
erx7(config-if)#vlan id 200
erx7(config-if)#ip address 172.16.100.1/24 PPPoE Sub PPPoE Sub
erx7(config-if)#pppoe
erx7(config-if)#pppoe sub fast 3/1.200.1
IP PPPoE Major
erx7(config-if)#encapsulation ppp
erx7(config-if)#ppp auth chap
VLAN 200
erx7(config-if)#profile ip generic-ip VLAN Sub
erx7(config-if)#pppoe sub fast 3/1.200.2
erx7(config-if)#encapsulation ppp VLAN Major
Is the physical link between the user and the router working?
erx7#show controller sonet slot/port
erx7#show interface gigabitEthernet slot/port brief
erx7#show atm vc atm slot/port vcd
erx7#show interface gigabitEthernet slot/port.subinterface
Is the user successfully completing both stages of PPPoE?
erx7#show pppoe interface
erx7#show pppoe interface interface
erx7#show pppoe subinterface
erx7#show pppoe subinterface interface
Copyright © 2007, Juniper Networks, Inc.
ATM Sub- show atm subinterface atm 6/2/0/112 Subinterface configuration and
interface show atm subinterface atm 6/2.12 statistics
ATM Major show atm interface atm 6/2 ATM major interface status and
statistics
Review Questions
1. How is PPP over Ethernet different from PPP over ATM?
2. What are the two different stages of PPP over Ethernet?
3. What is the basic life of a packet for PPP over Ethernet?
4. How do you configure the E-series router for PPP over
Ethernet?
5. What steps would you take to troubleshoot a
PPP-over-Ethernet interface?
Lab Objectives:
Configure and troubleshoot static PPP-over-Ethernet
interfaces on the E-series router.