3.2.44. ppp-server¶
Note
requires a BNG PPPoE Application License.
PPP server configuration.
vsr running config# vrf <vrf> ppp-server
instance¶
PPP Server configuration.
vsr running config# vrf <vrf> ppp-server instance <string>
|
PPP server instance name. |
enabled¶
Enable PPP server.
vsr running config# vrf <vrf> ppp-server instance <string>
vsr running instance <string># enabled true|false
- Default value
true
single-session¶
Specify whether ppp server should control sessions count per user. The following values are possible: - ‘disable’: no session count - ‘deny’: deny second session authorization - ‘replace’: terminate the first session when the second is authorized.
vsr running config# vrf <vrf> ppp-server instance <string>
vsr running instance <string># single-session SINGLE-SESSION
|
Description |
---|---|
|
Accept multiple connections. |
|
Deny all other connections. |
|
Replace the current connection by the new one. |
- Default value
disable
max-sessions¶
Specify number of active connections. Disabled by default.
vsr running config# vrf <vrf> ppp-server instance <string>
vsr running instance <string># max-sessions <uint32>
- Default value
0
max-starting¶
Specify number of concurrent session attempts. Disabled by default.
vsr running config# vrf <vrf> ppp-server instance <string>
vsr running instance <string># max-starting <uint32>
- Default value
0
log-level¶
Log level to display.
vsr running config# vrf <vrf> ppp-server instance <string>
vsr running instance <string># log-level LOG-LEVEL
|
Description |
---|---|
|
Disable logging. |
|
Display error message. |
|
Display error and warning message. |
|
Display error, warning and info message. |
|
Display all messages. |
- Default value
error
ppp¶
PPP configuration.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
verbose¶
Increase log details for PPP.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# verbose true|false
- Default value
false
min-mtu¶
Minimum MTU for PPP session.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# min-mtu <uint32>
- Default value
100
mtu¶
Preferred MTU.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# mtu <uint32>
mru¶
Preferred MRU.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# mru <uint32>
ipcp¶
Specifies policy for IPCP negotiation - ‘deny’: do not accept IPCP - ‘allow’: accept IPCP only if client requests it - ‘prefer’: ask client for IPCP - ‘require’: ask client for IPCP and fail if rejected.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# ipcp IPCP
|
Description |
---|---|
|
Deny. |
|
Accept but do not propose. |
|
Propose but do not fail if rejected. |
|
Require. |
- Default value
allow
ipv6cp¶
Specifies policy for IPV6CP negotiation.
vsr running config# vrf <vrf> ppp-server instance <string> ppp
vsr running ppp# ipv6cp IPV6CP
|
Description |
---|---|
|
Deny. |
|
Accept but do not propose. |
|
Propose but do not fail if rejected. |
|
Require. |
- Default value
deny
lcp¶
LCP configuration.
vsr running config# vrf <vrf> ppp-server instance <string> ppp lcp
echo-interval¶
Time between each LCP echo request.
vsr running config# vrf <vrf> ppp-server instance <string> ppp lcp
vsr running lcp# echo-interval <uint32>
- Default value
0
echo-failure¶
Maximum number of LCP echo replies sent without valid answer before terminate the connection.
vsr running config# vrf <vrf> ppp-server instance <string> ppp lcp
vsr running lcp# echo-failure <uint32>
- Default value
0
pppoe¶
PPPoE server configuration.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
enabled¶
Enable PPPoE server.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# enabled true|false
- Default value
true
verbose¶
Increase log details for PPPoE.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# verbose true|false
- Default value
false
padi-limit¶
Limit overall PADI packets to reply in 1 second. Only one packet per mac address would be accepted.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# padi-limit <uint32>
- Default value
0
ac-name¶
Access Concentrator’s name.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# ac-name <string>
service-name¶
List of Service Name to offer.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# service-name <string>
ip-pool¶
IPv4 Pool Name to use for PPP sessions.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# ip-pool <string>
ipv6-pool¶
IPv6 Pool Name to use for PPP sessions.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe
vsr running pppoe# ipv6-pool <leafref>
interface¶
Specifiy interfaces PPPoE server is listening to . Optional padi- limit=n can be specified for each interface. Optional re: allow to use regex for interface name.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe interface <string>
|
Interface name. Regex can be used if prefixed with ‘re:.’. |
padi-limit¶
Maximum number of PADI packets per second processed by interfaces. Disabled by default.
vsr running config# vrf <vrf> ppp-server instance <string> pppoe interface <string>
vsr running interface <string># padi-limit <uint32>
- Default value
0
auth¶
Authentication configuration.
vsr running config# vrf <vrf> ppp-server instance <string> auth
enabled¶
Enable Authentication for PPP connections.
vsr running config# vrf <vrf> ppp-server instance <string> auth
vsr running auth# enabled true|false
- Default value
true
timeout¶
Timeout for Authentication.
vsr running config# vrf <vrf> ppp-server instance <string> auth
vsr running auth# timeout <uint32>
- Default value
5
max-failure¶
Max Failure Number for authentication before stopping connection.
vsr running config# vrf <vrf> ppp-server instance <string> auth
vsr running auth# max-failure <uint32>
- Default value
3
peer-auth-interval¶
Peer authentication interval (in second) . Disabled by default or if PAP method is used.
vsr running config# vrf <vrf> ppp-server instance <string> auth
vsr running auth# peer-auth-interval <uint32>
- Default value
0
peer-auth-mode¶
Set authentication mode.
vsr running config# vrf <vrf> ppp-server instance <string> auth
vsr running auth# peer-auth-mode PEER-AUTH-MODE
|
Description |
---|---|
|
Authenticate using PAP. |
|
Authenticate using CHAP. |
|
Authenticate using MS-CHAP. |
|
Authenticate using MS-CHAPv2. |
- Default value
pap
chap
mschap
mschap-v2
peer-secrets¶
CHAP Configuration.
vsr running config# vrf <vrf> ppp-server instance <string> auth peer-secrets
enabled¶
Enable peer authentication with local database.
vsr running config# vrf <vrf> ppp-server instance <string> auth peer-secrets
vsr running peer-secrets# enabled true|false
- Default value
true
secrets¶
List user/password.
vsr running config# vrf <vrf> ppp-server instance <string> auth peer-secrets secrets <string>
|
Username. |
radius¶
Radius Configuration.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius
enabled¶
Enable Radius authentication.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius
vsr running radius# enabled true|false
- Default value
true
default-local-ip¶
Default IP address for local interface used for Framed-IP.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius
vsr running radius# default-local-ip DEFAULT-LOCAL-IP
|
An IPv4 address. |
server¶
List of radius servers.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius
vsr running radius# server address <address> auth-port <uint16> acct-port <uint16> \
... secret SECRET
|
An IPv4 address. |
|
Port for Access-Requests packets. Set it to 1812 to use default port. |
|
Port for Accounting-Request packets. Set it to 1813 to use default port. |
backup-server¶
List of radius backup servers.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius
vsr running radius# backup-server address <address> auth-port <uint16> acct-port <uint16> \
... secret SECRET
|
An IPv4 address. |
|
Port for Access-Requests packets. Set it to 1812 to use default port. |
|
Port for Accounting-Request packets. Set it to 1813 to use default port. |
secret (mandatory) (hidden)¶
Shared secret with Radius server to encrypt and sign packets.
secret SECRET
|
Alphanumeric password. |
change-of-authorization-server¶
Change of Authorization local server configuration.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius change-of-authorization-server
ip-address¶
Local IP address to listen CoA-Request Message. Only IPv4 is supported.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius change-of-authorization-server
vsr running change-of-authorization-server# ip-address IP-ADDRESS
|
Description |
---|---|
|
An IPv4 address. |
|
An IPv6 address. |
- Default value
0.0.0.0
port¶
UDP port to listen CoA-Request Message.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius change-of-authorization-server
vsr running change-of-authorization-server# port PORT
|
A 16-bit port number used by a transport protocol such as TCP or UDP. |
- Default value
3799
secret (mandatory) (hidden)¶
Secret to decrypt CoA-Request Message.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius change-of-authorization-server
vsr running change-of-authorization-server# secret SECRET
|
Alphanumeric password. |
nas¶
Network Access Server Radius field configuration.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius nas
ip-address¶
Specifies Values of Radius NAS-IP-Address field.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius nas
vsr running nas# ip-address IP-ADDRESS
|
Description |
---|---|
|
An IPv4 address. |
|
An IPv6 address. |
identifier¶
Specifies Values of Radius NAS-Identifier field.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius nas
vsr running nas# identifier <string>
accounting¶
Accounting configuration for Radius server.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius accounting
interim-interval (mandatory)¶
unit: seconds
Set accounting information refresh interval.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius accounting
vsr running accounting# interim-interval <uint32>
interim-jitter¶
unit: seconds
Set maximum amount of jitter to apply to interval: interim-interval +/- random(0, interim-jitter).
vsr running config# vrf <vrf> ppp-server instance <string> auth radius accounting
vsr running accounting# interim-jitter <uint32>
session-id-in-authentication¶
Generate and send Acct-Session-Id on Access-Request packet.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius accounting
vsr running accounting# session-id-in-authentication true|false
- Default value
false
allow-unreachable¶
Allow unreachable information for the radius server.
vsr running config# vrf <vrf> ppp-server instance <string> auth radius accounting
vsr running accounting# allow-unreachable enabled true|false max-retry <1-2415919103> \
... timeout <1-2415919103>
Maximum amount of connection to the accounting server before considering it is totally unreachable, once hit, all PPP session will terminate.
max-retry <1-2415919103>
- Default value
3
unit: seconds
Interval in seconds between two tries to reach the accounting server.
timeout <1-2415919103>
- Default value
60
ip-pool¶
IPv4 Pool configuration.
vsr running config# vrf <vrf> ppp-server instance <string> ip-pool
default-local-ip¶
Default IP address for local interface.
vsr running config# vrf <vrf> ppp-server instance <string> ip-pool
vsr running ip-pool# default-local-ip DEFAULT-LOCAL-IP
|
An IPv4 address. |
pool¶
Specifies IP address range to use for peer.
vsr running config# vrf <vrf> ppp-server instance <string> ip-pool pool <string>
|
Name of the pool. |
peer-pool¶
Peer IPv4 address pool.
vsr running config# vrf <vrf> ppp-server instance <string> ip-pool pool <string>
vsr running pool <string># peer-pool PEER-POOL
|
Description |
---|---|
|
An IPv4 address range, in the form addr4-addr4. |
|
A masked IPv4 address: address and prefix of that subnet. |
ipv6-pool¶
IPv6 Pool configuration.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-pool
pool¶
Specifies IPv6 prefix to use for peer.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-pool pool <string>
|
Name of the pool. |
prefix¶
Peer IPv6 address prefix pool.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-pool pool <string>
vsr running pool <string># prefix PREFIX
|
An IPv6 prefix: address and CIDR mask. |
prefix-len¶
Prefix length.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-pool pool <string>
vsr running pool <string># prefix-len <uint32>
dns¶
DNS configuration for clients.
vsr running config# vrf <vrf> ppp-server instance <string> dns
server¶
List of IPv4 and IPv6 DNS servers.
vsr running config# vrf <vrf> ppp-server instance <string> dns
vsr running dns# server SERVER
|
Description |
---|---|
|
An IPv4 address. |
|
An IPv6 address. |
dns-search-list¶
Specify IPv6 DNS Search List. It doesn’t apply to IPv4.
vsr running config# vrf <vrf> ppp-server instance <string> dns
vsr running dns# dns-search-list <string>
ipv6-neighbor-discovery¶
IPv6 Neighbor Discovery configuration for router advertisement messages.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-neighbor-discovery
enabled¶
Enable IPv6 Neighbor Discovery.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-neighbor-discovery
vsr running ipv6-neighbor-discovery# enabled true|false
- Default value
true
verbose¶
Include logs from Neighbor Discovery.
vsr running config# vrf <vrf> ppp-server instance <string> ipv6-neighbor-discovery
vsr running ipv6-neighbor-discovery# verbose true|false
- Default value
false
session-state (state only)¶
Session state.
username (state only)¶
Current user being connected.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> username
peer-ip (state only)¶
List peer IP addresses.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> peer-ip
local-ip (state only)¶
List local IP addresses.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> local-ip
type (state only)¶
PPP Transport Protocol.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> type
state (state only)¶
Session state.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> state
uptime (state only)¶
Session uptime.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> uptime
rx-bytes (state only)¶
Number of bytes read.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> rx-bytes
tx-bytes (state only)¶
Number of bytes written.
vsr> show state vrf <vrf> ppp-server instance <string> session-state <string> tx-bytes
ip-pool-state (state only)¶
List IPv4 pool state.
peer-pool (state only)¶
Configured pool.
vsr> show state vrf <vrf> ppp-server instance <string> ip-pool-state <string> peer-pool
used (state only)¶
Number of IP addresses currently in use.
vsr> show state vrf <vrf> ppp-server instance <string> ip-pool-state <string> used