существовала рабочая схема двух провайдеров Corbina и Ультра с балансировкой через SLA.
fa0/0 - Corbina (по l2tp)
fa0/1 - Ультра
На ультре поменялся тариф и нужно переделать на PPPOE, тут у меня проблемы возникли - вроде схема реализации не сложная, описана например тут (http://www.cisco.com/en/US/tech/tk175/tk15/technologies_conf...) но на деле PPPOE канал постоянно в состоянии SHUTDOWN. Возможно дело в настройках, подскажите пож-ста. Далее конфиг (в котором временно отключен track2 и sla monitor 2? чтобы не включать маршрут на ультру):
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CentrOffice_cisco
!
boot-start-marker
boot system flash:c2800nm-adventerprisek9-mz.124-19.bin
boot-end-marker
!
enable secret 5 **************************
!
aaa new-model
!
!
aaa authentication ppp default local
aaa authorization network default none
!
aaa session-id common
!
!
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip sla monitor 1
type echo protocol ipIcmpEcho 10.*.*.*
timeout 1000
threshold 40
tag tag -=Monitoring Corbina ISP GW=-
frequency 3
ip sla monitor schedule 1 life forever start-time now
vpdn enable
!
l2tp-class corbina
!
!
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki [скрыто]
!
!
crypto pki certificate chain
[скрыто]
quit
username cisco privilege 15 secret 5 [скрыто]
!
!
ip ssh version 2
!
track 1 rtr 1 reachability
delay down 15 up 10
pseudowire-class class1
encapsulation l2tpv2
protocol l2tpv2 corbina
ip local interface FastEthernet0/0
!
!
!
!
!
!
interface Loopback0
no ip address
!
interface FastEthernet0/0
description Corbina_WAN_Ethernet
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0/1
description UltraNet_WAN_Ethernet
mac-address [скрыто]
ip address dhcp
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface FastEthernet0/0/0
description CiscoLan_4ESW_VLAN172
switchport access vlan 172
!
interface FastEthernet0/0/1
description CiscoLan_4ESW_VLAN172
switchport access vlan 172
!
interface FastEthernet0/0/2
description CiscoLan_4ESW_VLAN172
switchport access vlan 172
!
interface FastEthernet0/0/3
description CiscoLan_4ESW_VLAN172
switchport access vlan 172
!
interface Virtual-PPP1
description L2TP-to-Corbina
ip address negotiated
ip mtu 1460
ip nat outside
ip virtual-reassembly
no cdp enable
ppp authentication chap callin
ppp chap hostname [скрыто]
ppp chap password 7 [скрыто]
pseudowire *.*.*.253 10 pw-class class1
!
interface Vlan1
no ip address
!
interface Vlan172
description -= CiscoLan_4ESW_VLAN172 =-
ip address 172.25.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 500
!
interface Dialer1
ip address negotiated
ip mtu 1492
encapsulation ppp
no ip mroute-cache
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication pap callin
ppp pap sent-username [скрыто] password 7 [скрыто]
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Virtual-PPP1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip route 192.168.0.0 255.255.255.0 172.25.20.10
ip route *.*.*.253 255.255.255.255 dhcp
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map ISP_Corbina interface Virtual-PPP1 overload
ip nat inside source route-map ISP_ULTRANet interface FastEthernet0/1 overload
!
ip access-list extended NAT_ISP_Corbina
permit ip 172.25.20.0 0.0.0.255 any
permit ip 192.168.0.0 0.0.0.255 any
ip access-list extended NAT_ISP_ULTRANet
permit ip 172.25.20.0 0.0.0.255 any
permit ip 192.168.0.0 0.0.0.255 any
!
dialer-list 1 protocol ip permit
!
route-map ISP_ULTRANet permit 10
match ip address NAT_ISP_ULTRANet
match interface FastEthernet0/1 Dialer1
!
route-map ISP_Corbina permit 10
match ip address NAT_ISP_Corbina
match interface Virtual-PPP1
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password 7 [скрыто]
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
password 7 [скрыто]
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
Теперь немного отладочной информации непосредственно по PPPOE:
*Jul 16 12:11:26.048: Sending PADI: Interface = FastEthernet0/1
*Jul 16 12:11:26.048: pppoe_send_padi:
FF FF FF FF FF FF 00 04 23 0C 40 BB 88 63 11 09
00 00 00 0C 01 01 00 00 01 03 00 04 45 D2 95 60 ...
*Jul 16 12:11:26.048: PPPoE 0: I PADO R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
00 04 23 0C 40 BB 00 E0 81 5E 5B 7B 88 63 11 07
00 00 00 2D 01 02 00 05 7A 69 61 62 61 01 01 00 ...
*Jul 16 12:11:28.096: PPPOE: we've got our pado and the pado timer went off
*Jul 16 12:11:28.096: OUT PADR from PPPoE Session
00 E0 81 5E 5B 7B 00 04 23 0C 40 BB 88 63 11 19
00 00 00 2D 01 02 00 05 7A 69 61 62 61 01 01 00 ...
*Jul 16 12:11:28.096: PPPoE 178: I PADS R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
00 04 23 0C 40 BB 00 E0 81 5E 5B 7B 88 63 11 65
00 B2 00 0C 01 01 00 00 01 03 00 04 45 D2 95 60 ...
*Jul 16 12:11:28.096: IN PADS from PPPoE Session
*Jul 16 12:11:28.096: %DIALER-6-BIND: Interface Vi2 bound to profile Di1
*Jul 16 12:11:28.100: PPPoE: Virtual Access interface obtained.
*Jul 16 12:11:28.100: PPPoE : encap string prepared
*Jul 16 12:11:28.100: [0]PPPoE 178: data path set to Virtual Acess
*Jul 16 12:11:28.100: [0]PPPoE 178: O
C0 21 01 01 00 0A 05 06 28 61 D0 5F
*Jul 16 12:11:28.104: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up
*Jul 16 12:11:28.116: [0]PPPoE 178: I R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
C0 21 01 01 00 0F 03 05 C2 23 05 05 06 63 4D FA
DF
*Jul 16 12:11:28.116: [0]PPPoE 178: O
C0 21 02 01 00 0F 03 05 C2 23 05 05 06 63 4D FA
DF
*Jul 16 12:11:30.084: [0]PPPoE 178: O
C0 21 01 02 00 0A 05 06 28 61 D0 5F
*Jul 16 12:11:30.084: [0]PPPoE 178: I R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
C0 21 02 02 00 0A 05 06 28 61 D0 5F
*Jul 16 12:11:30.084: [0]PPPoE 178: I R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
C0 21 09 00 00 08 63 4D FA DF
*Jul 16 12:11:30.084: [0]PPPoE 178: I R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
C2 23 01 48 00 1A 10 1D 6A FC F6 93 8B F1 FA 5C
46 E3 4C 86 CB 9E 78 7A 69 61 62 61
*Jul 16 12:11:30.084: [0]PPPoE 178: O
C0 21 0A 00 00 08 28 61 D0 5F
*Jul 16 12:11:30.088: [0]PPPoE 178: O
C0 21 05 03 00 04
*Jul 16 12:11:30.088: [0]PPPoE 178: I R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
C0 21 06 03 00 04
*Jul 16 12:11:30.088: PPPoE : Shutting down client session
*Jul 16 12:11:30.088: [0]PPPoE 178: O PADT R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
00 E0 81 5E 5B 7B 00 04 23 0C 40 BB 88 63 11 A7
00 B2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ...
*Jul 16 12:11:30.092: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1
*Jul 16 12:11:30.092: PPPoE 178: I PADT R:00e0.815e.5b7b L:0004.230c.40bb Fa0/1
00 04 23 0C 40 BB 00 E0 81 5E 5B 7B 88 63 11 A7
00 B2 00 11 02 03 00 0D 52 65 63 65 69 76 65 64 ...
*Jul 16 12:11:30.092: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down
CentrOffice_cisco#sh int fa0/1
FastEthernet0/1 is up, line protocol is up
Hardware is MV96340 Ethernet, address is 0004.230c.40bb (bia 001e.be50.f431)
Description: UltraNet_WAN_Ethernet
Internet address is 10.*.*.*/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output 00:00:01, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 2000 bits/sec, 2 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
405671 packets input, 36946891 bytes
Received 211899 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
70753 packets output, 4314989 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
3466 unknown protocol drops
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
CentrOffice_cisco#sh int dia1
Dialer1 is up, line protocol is up (spoofing)
Hardware is Unknown
Internet address will be negotiated using IPCP
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 1 seconds on reset
Last input never, output never, output hang never
Last clearing of "show interface" counters 1d21h
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 42 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes
0 packets output, 0 bytes
CentrOffice_cisco#sh vpdn
%No active L2F tunnels
L2TP Tunnel and Session Information Total tunnels 1 sessions 1
LocID RemID Remote Name State Remote Address Port Sessions L2TP Class/
VPDN Group
58413 15263 ******* est *.*.*.253 1701 1 corbina
LocID RemID TunID Username, Intf/ State Last Chg Uniq ID
Vcid, Circuit
10 28061 58413 10, Vp1 est 1d21h 1
%No active PPTP tunnels
PPPoE Tunnel and Session Information Total tunnels 1 sessions 1
PPPoE Session Information
Uniq ID PPPoE RemMAC Port Source VA State
SID LocMAC VA-st
N/A 219 00e0.815e.5b7b Fa0/1 Di1 N/A SHUTDOWN
0004.230c.40bb
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(19), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 29-Feb-08 20:07 by prod_rel_team
ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)
CentrOffice_cisco uptime is 1 day, 21 hours, 11 minutes
System returned to ROM by reload at 15:15:06 UTC Tue Jul 14 2009
System image file is "flash:c2800nm-adventerprisek9-mz.124-19.bin"
Подскажите в чем может быть проблема? чесно говоря PPPOE впервые настраиваю, и в debugging понятия не имею что должно отображаться и как траблешутить... Заранее благодарен!