PPPoE configuration and notes

here is my default config for PPPoE between R6 and R7 back to back over ethernet interface F0/1

NOTES: need to set mtu on int dialer1 (client side) to match 1492 of interface Virtual-Template1 (server side) or in the case of OSPF set mtu ignore on interfaces
NOTES: key that is not in documentation is to set ‘encapsulation ppp’ on dialer interface on client side
NOTES: IP address can be assinged with IPCP local pool, or DHCP pool just have to create local pool or dhcp pool on server side
NOTES: also can use standard PPP CHAP/PAP authentication on PPPoE link as well

Cisco DOCCD link

Cisco Support Forms link

R7:
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable
pppoe-client dial-pool-number 1
!
interface Dialer1
ip address negotiated
encapsulation ppp
ip ospf mtu-ignore
dialer pool 1
dialer-group 1

R6:
bba-group pppoe global
virtual-template 1
!
interface Loopback67
ip address 67.6.7.6 255.255.255.0
!
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
!
interface Virtual-Template1
ip unnumbered Loopback67
peer default ip address pool R7
ip ospf mtu-ignore

!
ip local pool R7 67.6.7.7

PPP over Frame-Relay with PPP multilink

PPP over Frame-Relay with PPP multilink

Two ways to configure this setup, examples show each way in these configurations to do it, one side using MULTILINK interface and the other side using Virtual-Template interface:

hostname CE1-OSPF
!
ip cef
!
multilink bundle-name authenticated
!
interface Multilink1
ip address 10.1.215.1 255.255.255.0
ppp multilink
ppp multilink interleave
ppp multilink group 1
ppp multilink fragment delay 10
!
interface Serial0/0.1 point-to-point
snmp trap link-status
frame-relay class FRTS
frame-relay interface-dlci 102 ppp Virtual-Template1
!
interface Serial0/0.2 point-to-point
snmp trap link-status
frame-relay interface-dlci 103 ppp Virtual-Template1
!
interface Virtual-Template1
no ip address
ppp multilink
ppp multilink group 1
!
router ospf 11
router-id 1.1.1.1
log-adjacency-changes
redistribute connected subnets
network 10.1.12.1 0.0.0.0 area 0
network 10.1.21.1 0.0.0.0 area 0
network 10.1.215.1 0.0.0.0 area 0
!
map-class frame-relay FRTS
frame-relay cir 64000
frame-relay bc 80000
!
end

hostname CE2-OSPF
!
multilink bundle-name authenticated
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000
!
interface Serial0/0.1 point-to-point
snmp trap link-status
frame-relay interface-dlci 201 ppp Virtual-Template1
!
interface Serial0/0.2 point-to-point
snmp trap link-status
frame-relay interface-dlci 301 ppp Virtual-Template1
!
interface Virtual-Template1
ip address 10.1.215.5 255.255.255.0
ppp multilink
ppp multilink interleave
ppp multilink fragment delay 10
!
router ospf 11
router-id 5.5.5.5
log-adjacency-changes
redistribute connected subnets
network 10.1.21.5 0.0.0.0 area 0
network 10.1.45.5 0.0.0.0 area 0
network 10.1.215.5 0.0.0.0 area 0
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
!
end

MPLS VPN EIGRP vs OSPF

EIGRP uses the BGP cost community during redistribution on the PE router of the CE routes and the idea of POI (point of insertion) and automaticlly creates the ‘super backbone’ for EIGRP to use the Provider link over the backdoor links

OSPF use the SHAM link inside the VRF to create ‘super backbone’ area 0 over the Provdier network to change the link over the Provider to an IntraArea link instead of and InterArea link… And the shamlink sets the cost to a value lower than the backdoor link cost

MPLS and EIGRP (from INE.com blog)

http://blog.ine.com/2010/07/19/mpls-and-eigrp-going-the-distance-admin-distance/comment-page-1/#comment-122111

and my comment:

This was really good, i had only done this type of lab before with OSPF and sham links, it took me some digging but pretty sure this is the answer:

BGP Cost Community Support for EIGRP MPLS VPN PE-CE with Backdoor Links The “pre-bestpath” point of insertion (POI) is applied automatically to EIGRP routes that are redistributed into BGP. The “pre-best path” POI carries the EIGRP route type and metric. This POI influences the best path calculation process by influencing BGP to consider this POI before any other comparison step. No configuration is required. This feature is enabled automatically for EIGRP VPN sites when Cisco IOS Release 12.0(27)S is installed to a PE, CE, or back door router.

http://www.cisco.com/en/US/docs/ios/iproute_bgp/configuration/guide/irg_cost_comm_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1054113

I was also able to turn this ‘on/off’ with bgp bestpath cost-community ignore

And also by making the metric extremly worse on R4 f0/1 ; R2 will choose the path through R1 to get to 5.5.5.0

R2#sh ip route vrf v 5.5.5.0
Routing entry for 5.5.5.0/24
Known via “bgp 234″, distance 200, metric 409600, type internal
Redistributing via eigrp 1
Advertised by eigrp 1 metric 1 10000 1 1 1
bgp 234 (self originated)
Last update from 4.4.4.4 00:16:30 ago
Routing Descriptor Blocks:
* 4.4.4.4 (Default-IP-Routing-Table), from 4.4.4.4, 00:16:30 ago
Route metric is 409600, traffic share count is 1
AS Hops 0

R4(config)#int f0/1
R4(config-if)#delay 16777215

R2#sh ip route vrf v 5.5.5.0
Routing entry for 5.5.5.0/24
Known via “eigrp 1″, distance 90, metric 2323456, type internal
Redistributing via eigrp 1, bgp 234
Advertised by bgp 234
Last update from 10.1.12.1 on FastEthernet0/0, 00:00:01 ago
Routing Descriptor Blocks:
* 10.1.12.1, from 10.1.12.1, 00:00:01 ago, via FastEthernet0/0
Route metric is 2323456, traffic share count is 1
Total delay is 26000 microseconds, minimum bandwidth is 1544 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 2

ip unnumbered

using ip unnumbered has differences

use ip unnumbered on Point-to-Point

EIGRP – does a check for same subnet based on the interface being configured for ip address or ip unnumbered(thus point to point)
OSPF – sends the netmask as 0.0.0.0

SHAPE/POLICE rate limit 3560 on input and output

SHAPE/POLICE rate limit 3560 on input and output

Two ways to look at limiting bandwidth, INPUT use policy_map to the switch, OUTPUT use srr-queue shaped mode to limit traffic egress or out of the switch, have to think in respect to the egress meaning out of the physical switch port and ingress being into the switch-ring internals of the switch…

interface GigabitEthernet0/2
switchport access vlan 100
speed 10
srr-queue bandwidth limit 10  rate limit/shape on OUTPUT

interface GigabitEthernet0/2
switchport access vlan 100
speed 10
service-policy input ICMP_PM  rate limit/police on INPUT

class-map match-all ICMP_CM
match access-group name ICMP
!
policy-map ICMP_PM
class ICMP_CM
police 8000 8000 exceed-action drop
!
ip access-list extended ICMP
permit ip any any

PPP authentication – PAP and CHAP

setup to do PAP on one interface and CHAP on another interface:

R1(config)#do sh run int s0/0
Building configuration…

Current configuration : 154 bytes
!
interface Serial0/0
ip address 12.12.12.1 255.255.255.0
encapsulation ppp
clock rate 2000000
ppp authentication pap
ppp chap password 0 cisco
end

R1(config)#do sh run | i username
username R2 password 0 cisco

R2(config-if)#do sh run int s0/0
Building configuration…

Current configuration : 171 bytes
!
interface Serial0/0
ip address 12.12.12.2 255.255.255.0
encapsulation ppp
clock rate 2000000
ppp authentication chap
ppp pap sent-username R2 password 0 cisco
end

R2(config-if)#do sh run | i username
username R1 password 0 cisco
ppp pap sent-username R2 password 0 cisco