Software Guide
Page 29
Cisco IOS Release Release 12.3(7)XI2 Part Number OL-2226-08 Publication Date November, 2004 Description Added the features listed in the "New Features in : • Configuring atm pxf queuing, page 2-16 • Restrictions for Hierarchical Shaping (moved to the Cisco 10000 Series Router Quality of Service Configuration Guide) Added a table indicating scaling limits for active VCs on ATM line cards in Cisco IOS Release 12.3(7)XI2" section on...
Cisco IOS Release Release 12.3(7)XI2 Part Number OL-2226-08 Publication Date November, 2004 Description Added the features listed in the "New Features in : • Configuring atm pxf queuing, page 2-16 • Restrictions for Hierarchical Shaping (moved to the Cisco 10000 Series Router Quality of Service Configuration Guide) Added a table indicating scaling limits for active VCs on ATM line cards in Cisco IOS Release 12.3(7)XI2" section on...
Software Guide
Page 97
...-BGP extended communities using the route-target command in the network. Chapter 3 Configuring Remote Access to MPLS VPN Configuration Tasks for RA to MPLS VPN Configuring Virtual Routing and Forwarding Instances Configure VRF instances on each VPN connected using the ip vrf command in global configuration mode or router configuration mode. These policies are used to global configuration mode. Note The VPN ID is used for provisioning only. Sets a primary or secondary address for the specified VRF. OL-2226-23 Cisco 10000 Series Router Software Configuration Guide 3-13
...-BGP extended communities using the route-target command in the network. Chapter 3 Configuring Remote Access to MPLS VPN Configuration Tasks for RA to MPLS VPN Configuring Virtual Routing and Forwarding Instances Configure VRF instances on each VPN connected using the ip vrf command in global configuration mode or router configuration mode. These policies are used to global configuration mode. Note The VPN ID is used for provisioning only. Sets a primary or secondary address for the specified VRF. OL-2226-23 Cisco 10000 Series Router Software Configuration Guide 3-13
Software Guide
Page 125
... to use . For this reason, use debug commands only to troubleshoot specific problems or during periods of lower network traffic and fewer users. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Sending 5, 100-byte ICMP Echos to 10.10.10.6, timeout is 2 seconds: !!!!! Displays the status of the following commands in privileged EXEC mode: Command Router# show mpls forwarding-table Router# show tag-switching tdp...
... to use . For this reason, use debug commands only to troubleshoot specific problems or during periods of lower network traffic and fewer users. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: !!!!! Sending 5, 100-byte ICMP Echos to 10.10.10.6, timeout is 2 seconds: !!!!! Displays the status of the following commands in privileged EXEC mode: Command Router# show mpls forwarding-table Router# show tag-switching tdp...
Software Guide
Page 145
.../net_mgmt/ip_solution_center/5.0.1/mpls_vpn/user/guide/multa uto.html#wp631364 • BGP Multipath The 6VPE feature supports eBGP Multipath, iBGP Multipath, eiBGP Multipath and the DMZ-link-bandwidth based load-balancing for enabling VPN access to the Internet: • Model 1: Non-VRF Internet Access case. The ISP may or may not be routed according to the PE router's default forwarding table. Chapter 4 Configuring Multiprotocol Label Switching IPv6 VPN over MPLS Using BGP Route Refresh, an...
.../net_mgmt/ip_solution_center/5.0.1/mpls_vpn/user/guide/multa uto.html#wp631364 • BGP Multipath The 6VPE feature supports eBGP Multipath, iBGP Multipath, eiBGP Multipath and the DMZ-link-bandwidth based load-balancing for enabling VPN access to the Internet: • Model 1: Non-VRF Internet Access case. The ISP may or may not be routed according to the PE router's default forwarding table. Chapter 4 Configuring Multiprotocol Label Switching IPv6 VPN over MPLS Using BGP Route Refresh, an...
Software Guide
Page 146
... default forwarding table. • Model 3: Using static routes in VRF that points to support multiple customers on a CE router. If a packet is received by IPv4 VPNs. Therefore, in the same way they are supported on Cisco 10000 series routers by associating one or more than one VRF at the customer edge to an IPv6 Internet Gateway for different VPNs. • Forms virtual packet-forwarding tables by the IPv6VPN over MPLS Chapter 4 Configuring Multiprotocol Label Switching...
... default forwarding table. • Model 3: Using static routes in VRF that points to support multiple customers on a CE router. If a packet is received by IPv4 VPNs. Therefore, in the same way they are supported on Cisco 10000 series routers by associating one or more than one VRF at the customer edge to an IPv6 Internet Gateway for different VPNs. • Forms virtual packet-forwarding tables by the IPv6VPN over MPLS Chapter 4 Configuring Multiprotocol Label Switching...
Software Guide
Page 156
.... This VRF typically contains only a default route; These routes are the dynamically allocated virtual access interfaces of the subscribers associated with a particular service. 4-22 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Half-Duplex VRF Chapter 4 Configuring Multiprotocol Label Switching The HDVRF feature addresses the limitations previously imposed on hub and spoke topologies by way of the upstream ISP or to another locally or remotely connected subscriber.
.... This VRF typically contains only a default route; These routes are the dynamically allocated virtual access interfaces of the subscribers associated with a particular service. 4-22 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Half-Duplex VRF Chapter 4 Configuring Multiprotocol Label Switching The HDVRF feature addresses the limitations previously imposed on hub and spoke topologies by way of the upstream ISP or to another locally or remotely connected subscriber.
Software Guide
Page 168
... 2 Access Concentrator The Cisco 10000 series router supports the Layer 2 access concentrator (LAC) feature. Remote subscribers use a local or point-to-point connection to initiate a PPPoA or PPPoE session to and from the LNS and a remote system. The LAC acts as one side of an L2TP tunnel endpoint and is described in Figure 5-2. You can configure the Cisco 10000 series router to place the sessions in VRFs before routing the...
... 2 Access Concentrator The Cisco 10000 series router supports the Layer 2 access concentrator (LAC) feature. Remote subscribers use a local or point-to-point connection to initiate a PPPoA or PPPoE session to and from the LNS and a remote system. The LAC acts as one side of an L2TP tunnel endpoint and is described in Figure 5-2. You can configure the Cisco 10000 series router to place the sessions in VRFs before routing the...
Software Guide
Page 190
.... Private servers remain hidden from one or more of the following command in global configuration mode. If you to a VRF can be VRF aware, ISPs must enable AAA using the aaa new-model command in global configuration mode to configure the Cisco 10000 series router to ignore the setting of the DF bit and to associate a remote user with a specific VPN based on the domain name. Securing AAA parameters to configure a list of...
.... Private servers remain hidden from one or more of the following command in global configuration mode. If you to a VRF can be VRF aware, ISPs must enable AAA using the aaa new-model command in global configuration mode to configure the Cisco 10000 series router to ignore the setting of the DF bit and to associate a remote user with a specific VPN based on the domain name. Securing AAA parameters to configure a list of...
Software Guide
Page 201
... Router# debug vpdn event Router# debug vpdn error Purpose Displays the IP routing table associated with RADIUS. Displays information associated with a VRF. Displays information on AAA authorization. Note Due to a console log file. Displays debug traces for VPNs. Displays L2TP errors and events that the Cisco 10000 series router logs system messages, enter the logging rate-limit command. Moreover, it can render the system unusable. OL-2226-23 Cisco 10000 Series Router Software Configuration Guide...
... Router# debug vpdn event Router# debug vpdn error Purpose Displays the IP routing table associated with RADIUS. Displays information associated with a VRF. Displays information on AAA authorization. Note Due to a console log file. Displays debug traces for VPNs. Displays L2TP errors and events that the Cisco 10000 series router logs system messages, enter the logging rate-limit command. Moreover, it can render the system unusable. OL-2226-23 Cisco 10000 Series Router Software Configuration Guide...
Software Guide
Page 203
.... Check the output to verify that the number of sessions per tunnel limiting on serial interfaces running -config Router# show vpdn tunnel Purpose Displays the current router configuration. default group group-name Router(config)# aaa group server radius group-name Groups different RADIUS server hosts into distinct lists and distinct methods and enters server group configuration mode. Specifies a filter for the attributes specified in an accounting request. Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server L2TP Network Server...
.... Check the output to verify that the number of sessions per tunnel limiting on serial interfaces running -config Router# show vpdn tunnel Purpose Displays the current router configuration. default group group-name Router(config)# aaa group server radius group-name Groups different RADIUS server hosts into distinct lists and distinct methods and enters server group configuration mode. Specifies a filter for the attributes specified in an accounting request. Chapter 5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server L2TP Network Server...
Software Guide
Page 221
... create an Ethernet interface and enable PPPoE on it, enter the following commands beginning in global configuration mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command Router(config)# vpdn enable Router(config)# vpdn-group name Router(config-vpdn)# accept-dialin Router(config-vpdn-acc-in)# protocol pppoe Router(config-vpdn-acc-in)# virtual-template template-number Router(config-vpdn)# pppoe limit per-mac per MAC address for PPPoE and to link the group to establish PPPoE sessions. Specifies the VPDN group to be terminated on the router. Configuring PPPoE...
... create an Ethernet interface and enable PPPoE on it, enter the following commands beginning in global configuration mode: Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7 Command Router(config)# vpdn enable Router(config)# vpdn-group name Router(config-vpdn)# accept-dialin Router(config-vpdn-acc-in)# protocol pppoe Router(config-vpdn-acc-in)# virtual-template template-number Router(config-vpdn)# pppoe limit per-mac per MAC address for PPPoE and to link the group to establish PPPoE sessions. Specifies the VPDN group to be terminated on the router. Configuring PPPoE...
Software Guide
Page 222
... group to clone virtual access interfaces (VAIs). Use the no bba-group pppoe command to re-enable the pppoe option for each PPPoE port that uses the group. Router(config-bba-group)# virtual-template template-number Specifies the virtual template interface to use to the VLAN. Router(config-bba-group)# sessions per-mac limit per-MAC session limit (Optional) Specifies the maximum number of PPPoE sessions for PPPoE and to link it to the appropriate virtual template interface, enter the following commands beginning in global configuration mode...
... group to clone virtual access interfaces (VAIs). Use the no bba-group pppoe command to re-enable the pppoe option for each PPPoE port that uses the group. Router(config-bba-group)# virtual-template template-number Specifies the virtual template interface to use to the VLAN. Router(config-bba-group)# sessions per-mac limit per-MAC session limit (Optional) Specifies the maximum number of PPPoE sessions for PPPoE and to link it to the appropriate virtual template interface, enter the following commands beginning in global configuration mode...
Software Guide
Page 227
...-in)# protocol pppoe Router(config-vpdn-acc-in)# virtual-template template-number Router(config-vpdn)# pppoe limit per-vlan number Router(config-vpdn)# pppoe limit per-mac per-mac-limit Router(config-vpdn)# pppoe limit max-sessions number Purpose Creates an accept dial-in a BBA Group Note Cisco IOS Release 12.2(15)BX does not support the configuration of BBA groups using RADIUS. Configuring PPPoE in VPDN group. If you configure a BBA group and then you cannot specify the protocol pppoe command). OL-2226-23 Cisco 10000 Series Router Software Configuration Guide 6-9 Note...
...-in)# protocol pppoe Router(config-vpdn-acc-in)# virtual-template template-number Router(config-vpdn)# pppoe limit per-vlan number Router(config-vpdn)# pppoe limit per-mac per-mac-limit Router(config-vpdn)# pppoe limit max-sessions number Purpose Creates an accept dial-in a BBA Group Note Cisco IOS Release 12.2(15)BX does not support the configuration of BBA groups using RADIUS. Configuring PPPoE in VPDN group. If you configure a BBA group and then you cannot specify the protocol pppoe command). OL-2226-23 Cisco 10000 Series Router Software Configuration Guide 6-9 Note...
Software Guide
Page 228
... configure a VPDN group, the protocol command in a VLAN. Example 6-4 Using a VPDN Group to the VPDN group. interface Virtual-Template1 ip unnumbered loop 0 mtu 1492 6-10 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 In the example, the virtual-template 1 virtual template is linked to Configure PPPoE over IEEE 802.1Q VLANs !Enables a virtual private dial-up network configuration on a specified subinterface in VPDN accept-dialin configuration mode does not include an option for PPPoE (for each VLAN. PPPoE over IEEE 802.1Q VLANs Chapter 6 Configuring PPPoE...
... configure a VPDN group, the protocol command in a VLAN. Example 6-4 Using a VPDN Group to the VPDN group. interface Virtual-Template1 ip unnumbered loop 0 mtu 1492 6-10 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 In the example, the virtual-template 1 virtual template is linked to Configure PPPoE over IEEE 802.1Q VLANs !Enables a virtual private dial-up network configuration on a specified subinterface in VPDN accept-dialin configuration mode does not include an option for PPPoE (for each VLAN. PPPoE over IEEE 802.1Q VLANs Chapter 6 Configuring PPPoE...
Software Guide
Page 271
... these periods decreases the likelihood that displays when you use debug commands only to display information about virtual access interface 3. Debugging during periods of lower network traffic and fewer users. Example 9-3 show vpdn Command Router# show vpdn L2TP Tunnel and Session Information Total tunnels 2 sessions 22 LocID RemID Remote Name State Remote Address Port Sessions VPDN Group 1206019602tunnel5est45.1.5.5170111tunnel5 LocIDRemIDTunIDIntfUsernameStateLast Chg 3 312060SSSCircuitu@n5est2d19h 2 212060SSSCircuitu@n5est2d19h 4 412060SSSCircuitu...
... these periods decreases the likelihood that displays when you use debug commands only to display information about virtual access interface 3. Debugging during periods of lower network traffic and fewer users. Example 9-3 show vpdn Command Router# show vpdn L2TP Tunnel and Session Information Total tunnels 2 sessions 22 LocID RemID Remote Name State Remote Address Port Sessions VPDN Group 1206019602tunnel5est45.1.5.5170111tunnel5 LocIDRemIDTunIDIntfUsernameStateLast Chg 3 312060SSSCircuitu@n5est2d19h 2 212060SSSCircuitu@n5est2d19h 4 412060SSSCircuitu...
Software Guide
Page 331
... the number of the circuit to switch to the protect interface. Manually switches a circuit to port failovers, multiple port line cards support line card failover. Moreover, it can render the system unusable. Debugging during troubleshooting sessions with Cisco Systems technical support personnel. When a port fails on the active line card, the corresponding port on that increased debug command processing overhead will affect system use debug commands during periods of lower network traffic and fewer users. circuit-number is...
... the number of the circuit to switch to the protect interface. Manually switches a circuit to port failovers, multiple port line cards support line card failover. Moreover, it can render the system unusable. Debugging during troubleshooting sessions with Cisco Systems technical support personnel. When a port fails on the active line card, the corresponding port on that increased debug command processing overhead will affect system use debug commands during periods of lower network traffic and fewer users. circuit-number is...
Software Guide
Page 346
..., page 16-43 16-42 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 radius-server host 10.1.1.1 key mykey1 radius-server attribute list usage-only attribute 1,40,42-43,46 ! RADIUS Transmit Retries The Cisco 10000 router supports an extended RADIUS transmit retries range. aaa new-model aaa authentication ppp default group radius-sg aaa authorization network default group radius-sg aaa group server radius radius-sg server 10.1.1.1 authorization reject bad-author...
..., page 16-43 16-42 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 radius-server host 10.1.1.1 key mykey1 radius-server attribute list usage-only attribute 1,40,42-43,46 ! RADIUS Transmit Retries The Cisco 10000 router supports an extended RADIUS transmit retries range. aaa new-model aaa authentication ppp default group radius-sg aaa authorization network default group radius-sg aaa group server radius radius-sg server 10.1.1.1 authorization reject bad-author...
Software Guide
Page 420
Local interface: Gi8/0/1 up, line protocol up, Ethernet up Destination address: 11.1.1.1, VC ID: 8, VC status: up in Ethernet port mode. Configuration Tasks for AToM, page 20-23 • Ethernet VLAN Q-in-Q AToM, page 20-23 • Configuration Examples, page 20-25 • Verifying QinQ AToM, page 20-25 20-22 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Example 20-13 show mpls l2transport vc Command Output Router# show mpls l2transport vc...
Local interface: Gi8/0/1 up, line protocol up, Ethernet up Destination address: 11.1.1.1, VC ID: 8, VC status: up in Ethernet port mode. Configuration Tasks for AToM, page 20-23 • Ethernet VLAN Q-in-Q AToM, page 20-23 • Configuration Examples, page 20-25 • Verifying QinQ AToM, page 20-25 20-22 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Example 20-13 show mpls l2transport vc Command Output Router# show mpls l2transport vc...
Software Guide
Page 536
... the subinterface mode. Sets the maximum number of active links is not specified. For more information on a GEC bundle: Example 23-4 Enabling a PPPoE Session interface Port-channel32 no ip address no negotiation auto lacp max-bundle 1 lacp fast-switchover ! global is the default group used when a group name is one. interface Port-channel32.2 encapsulation dot1Q 20 pppoe enable group bba_group_1 ! 23-10 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Specify the VLAN identifier. Configuring PPPoX Support on...
... the subinterface mode. Sets the maximum number of active links is not specified. For more information on a GEC bundle: Example 23-4 Enabling a PPPoE Session interface Port-channel32 no ip address no negotiation auto lacp max-bundle 1 lacp fast-switchover ! global is the default group used when a group name is one. interface Port-channel32.2 encapsulation dot1Q 20 pppoe enable group bba_group_1 ! 23-10 Cisco 10000 Series Router Software Configuration Guide OL-2226-23 Specify the VLAN identifier. Configuring PPPoX Support on...
Software Guide
Page 586
... criteria including protocols, access control lists (ACLs), and input interfaces. CE routers are not aware of a given packet is used for ATM networks. it merely identifies the remote end. For example: Ethernet. CBR is given to all hosts attached to inherit the service policy of any network that multiplexes independent network carriers onto a single cable. The rate at the Internet service Access Server provider (ISP) network, that provides firewall, authentication, and routing services for...
... criteria including protocols, access control lists (ACLs), and input interfaces. CE routers are not aware of a given packet is used for ATM networks. it merely identifies the remote end. For example: Ethernet. CBR is given to all hosts attached to inherit the service policy of any network that multiplexes independent network carriers onto a single cable. The rate at the Internet service Access Server provider (ISP) network, that provides firewall, authentication, and routing services for...