Table Of Contents
PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Prerequisites for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Information About the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Differences Between ATM- and Ethernet-Based Broadband Access Networks
DSL Forum 2004-71: Solution for Remote-ID in PPPoE Discovery Phase
Remote-ID Tag in Ethernet-Based Broadband Access Networks
Benefits of the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
How to Configure the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Configuring the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement Feature
Removing the PPPoE Remote-ID Tag
Configuration Examples for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Configuring PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement: Example
Removing the PPPoE Remote-ID Tag: Example
Feature Information for PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
First Published: December 5, 2006Last Updated: December 5, 2006The PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement feature provides a method by which the digital subscriber line access multiplexer (DSLAM) sends the DSL Remote-ID tag in the discovery phase as an identifier for the authentication, authorization, and accounting (AAA) access request on an Ethernet interface, thereby simulating ATM-based broadband access, but using cost-effective Ethernet instead. This Remote-ID tag is useful for troubleshooting, authentication, and accounting.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all of the features documented in this module. To reach links to specific feature documentation in this module and to see a list of the releases in which each feature is supported, use the "Feature Information for PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement" section.
Finding Support Information for Platforms and Cisco IOS Software Images
Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Contents
•Prerequisites for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
•Information About the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
•How to Configure the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
•Configuration Examples for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
•Feature Information for PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Prerequisites for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
It is recommended that you be familiar with the following documents before configuring this feature:
•RFC 2516: A Method for Transmitting PPP over Ethernet (PPPoE)
•DSL Forum 2004-71: Solution for Remote-ID in PPPoE Discovery Phase
See the "Additional References" section for more information.
Information About the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
To configure the PPPoE Agent Remote-ID and DSL Line Characteristics feature, you should understand the following concepts:
•Differences Between ATM- and Ethernet-Based Broadband Access Networks
•DSL Forum 2004-71: Solution for Remote-ID in PPPoE Discovery Phase
•Remote-ID Tag in Ethernet-Based Broadband Access Networks
•Benefits of the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Differences Between ATM- and Ethernet-Based Broadband Access Networks
Broadband DSLAM and Broadband Remote Access Server (BRAS) vendors need to provide Ethernet-based networks as an alternative to an ATM access network, with a DSLAM bridging the ATM-DSL local loop to the Ethernet-based broadband access network and allowing Ethernet-based connectivity to the BRAS. But in an Ethernet broadband access network, there is no unique mapping between the subscriber Line-ID tag and the interface, as in an ATM-based broadband network. In an ATM-based broadband network, the ATM VC is associated to a subscriber line. During the authentication phase that initiates the PPP access and AAA accounting requests, the BRAS includes a NAS-Port-ID attribute in RADIUS authentication packets that identifies the DSL line for the subscriber.
DSL Forum 2004-71: Solution for Remote-ID in PPPoE Discovery Phase
DSL Forum 2004-71 defines a method whereby the DSLAM sends the DSL Remote-ID tag in the PPPoE discovery phase to apply the same subscriber mapping capability to Ethernet interfaces that is possible on ATM interfaces. This method adds support for the PPPoE server acting as a BRAS to report the Remote-ID tag as a new vendor-specific attribute (VSA) (AAA_AT_REMOTE_ID) in AAA authentication and accounting requests. If the radius-server attribute 31 remote-id command is configured on the BRAS, the Remote-ID tag will be sent to a RADIUS server as the Calling Station-ID tag (attribute 31).
Remote-ID Tag in Ethernet-Based Broadband Access Networks
Traditional ATM-based DSL broadband access networks have the topology shown in Figure 1.
Figure 1 ATM-Based DSL Broadband Access Network
In terms of logical connectivity, there is a one-to-one mapping of the DSL subscriber line to the end user and the ATM virtual circuit (VC) used to carry the PPP session through the DSLAM and to the BRAS, where this VC information is converted into a NAS-Port-ID tag for use in RADIUS packets.
The simple mapping available from an ATM-based broadband network between the physical line in the DSL local loop to the end user and a virtual circuit (from DSLAM to BRAS) is not available for an Ethernet-based network. To solve this problem, the PPPoE Remote-ID Tag Processing feature uses a PPP over Ethernet (PPPoE) intermediate agent function on the DSLAM to attach a tag to the PPPoE discovery packets. The BRAS then receives the tagged packet, decodes the tag, and inserts the line identifier into RADIUS packets destined for the RADIUS server.
The DSLAM intercepts PPPoE discovery frames from the client or initiates a discovery frame if the PPPoE Active Discovery (PAD) client is a legacy PPP over ATM (PPPoA) device. The DSLAM inserts a unique Remote-ID tag and DSL sync rate tag using the PPPoE vendor-specific tag (0x0105) to PPPoE Active Discovery Initiation (PADI) and PPPoE Active Discovery Request (PADR) packets; see Figure 2. The DSLAM forwards these packets upstream to the BRAS after the insertion. The tag contains the identification of the DSL line on which the PADI or PADR packet was received, in the access node where the intermediate agent resides.
Figure 2 PPPoE Remote-ID Tag Processing Solution
When the vendor-tag remote-id service command is configured in broadband access (BBA) group configuration mode, the BRAS processes the received PPPoE vendor-specific tag in the PADR frame and extracts the Remote-ID tag, which is sent to the remote AAA server as a VSA in all AAA access and accounting requests. When the radius-server attribute 31 remote-id global configuration command is also configured on the BRAS, the Remote-ID value is inserted into attribute 31.
Outgoing PAD Offer (PADO) and PAD Session-Confirmation (PADS) packets from the BRAS have the DSLAM-inserted Remote-ID tag. The DSLAM should strip the tag out of PADO and PADS frames. If the DSLAM cannot strip off the tag, the BRAS must remove the tag before sending the frames out. This is accomplished using the vendor-tag strip BBA group configuration mode command. If this command is configured under the BBA group, the BRAS strips the incoming Remote-ID tag (and any other vendor tag) off of the outgoing PADO and PADS frames. This action complies with DSL Forum Technical Report 101.
Benefits of the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
The shift toward Ethernet-based DSLAMs offers the following benefits:
•Ability to use simpler and lower-cost provisioning options for DSL subscribers over an Ethernet-based backhaul network rather than on an ATM-based network.
•Ability to use higher bandwidth connectivity options available from Ethernet that are not possible on ATM.
•Ability to upgrade to next-generation DSLAMs with quality of service (QoS), and support for higher bandwidth, asymmetric dual latency modems such as the ADSL2.
•Ability to inject high-bandwidth content such as video in an Ethernet network.
How to Configure the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
This section contains the following procedures:
•Configuring the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement Feature
•Removing the PPPoE Remote-ID Tag
Configuring the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement Feature
This task describes how to configure the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement feature. When this feature is configured, BRAS will process the incoming PADR frames and send the Remote-ID field of the incoming tag to the RADIUS server as a VSA.
For DSL-Sync-Rate tags, you must enter the vendor-tag dsl-sync-rate service command under a BBA group. When this command is entered, the BRAS will process incoming PADR frames and send the DSL-Sync-Rate tags to the RADIUS server as VSAs.
An Access-Accept message is sent by the RADIUS server and vendor-tag attributes sent in the Access-Request message will be present in the Access-Accept message if the RADIUS server echoes it back.
SUMMARY STEPS
1. enable
2. configure terminal
3. radius-server attribute 31 remote-id
4. bba-group pppoe group-name
5. vendor-tag remote-id service
6. vendor-tag dsl-sync-rate service
7. nas-port-id format c
DETAILED STEPS
Command or Action PurposeStep 1
enable
Example:Router> enable
Enables privileged EXEC mode.
•Enter your password if prompted.
Step 2
configure terminal
Example:Router# configure terminal
Enters global configuration mode.
Step 3
radius-server attribute 31 remote-id
Example:Router(config)# radius-server attribute 31 remote-id
(Optional) Sends the Remote-ID tag to the RADIUS server via a new VSA (AAA_AT_REMOTE_ID) and in attribute 31—Calling Station ID.
•Configure this command so that the Acct-Session-ID attribute, as displayed in the debug radius command, will contain the information about the incoming access interface, where discovery frames are received, and about the session being established. See the "Troubleshooting Tip" section for more information.
Step 4
bba-group pppoe group-name
Example:Router(config)# bba-group pppoe pppoe-group
Defines a PPPoE profile and enters BBA group configuration mode.
Step 5
vendor-tag remote-id service
Example:Router(config-bba-group)# vendor-tag remote-id service
Enables the BRAS to process incoming PADR frames and send the Remote-ID field of the incoming tag to the RADIUS server as a VSA.
Step 6
vendor-tag dsl-sync-rate service
Example:Router(config-bba-group)# vendor-tag dsl-sync-rate service
Enables the BRAS to process the incoming PADR frames and send the DSL-Sync-Rate tags to the RADIUS server as VSAs.
Step 7
nas-port-id format c
Example:Router(config-bba-group)# nas-port-id format c
Specifies a format for broadband subscriber access line identification coding.
The designation of format c is specifically designed for a particular coding format. A sample of this format is as follows:
NAS_PORT_ID=atm 31/31/7:255.65535 guangzhou001/0/31/63/31/127
This means the subscriber interface type of the BRAS equipment is an ATM interface. The BRAS slot number is 31, and the BRAS subslot number is 31. The BRAS port number is 7. The virtual path identifier (VPI) is 255, and the virtual circuit identifier (VCI) is 65535.
The Circuit-ID/Remote-ID tag is guangzhou001/0/31/63/31/127.
Removing the PPPoE Remote-ID Tag
Outgoing PADO and PADS packets will have the DSLAM-inserted Remote-ID and DSL-Sync-Rate tags, and the DSLAM must strip these tags from the packets. If the DSLAM cannot strip the tag, the BRAS must remove it before sending out the packets. This task is accomplished through configuration of the vendor-tag strip command in BBA group configuration mode. Note that the vendor-tag strip command also removes the Circuit-ID tag.
SUMMARY STEPS
1. enable
2. configure terminal
3. bba-group pppoe group-name
4. vendor-tag strip
DETAILED STEPS
Troubleshooting Tip
When the radius-server attribute 31 remote-id global configuration command is entered in the PPPoE Agent Remote-ID Tag and DSL Line Characteristics feature configuration on the BRAS, the debug radius privileged EXEC command can be used to generate a report that includes information about the incoming access interface, where discovery frames are received, and about the session being established in PPPoE extended NAS-Port format (format d).
Configuration Examples for the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
This section contains the following examples:
•Configuring PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement: Example
•Removing the PPPoE Remote-ID Tag: Example
Configuring PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement: Example
In the following example, outgoing PADO and PADS packets will retain the incoming Vendor-Specific Circuit-ID tag:
radius-server attribute 31 remote-id!bba-group pppoe rmt-id-tagsessions per-mac limit 50vendor-tag remote-id servicevendor-tag dsl-sync-rate servicenas-port-id format c!interface FastEthernet0/0.1encapsulation dot1Q 120pppoe enable group rmt-id-tagRemoving the PPPoE Remote-ID Tag: Example
In the following example, the BRAS will strip off incoming Vendor-Specific Circuit-ID tags from outgoing PADO and PADS packets:
bba-group pppoe rmt-id-tagsessions per-mac limit 50vendor-tag remote-id servicevendor-tag stripinterface FastEthernet0/0.1encapsulation dot1Q 120pppoe enable group rmt-id-tagAdditional References
The following sections provide references related to the PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement feature.
Related Documents
Related Topic Document TitleConfiguring broadband and DSL
Cisco IOS Broadband and DSL Configuration Guide, Release 12.4
RADIUS attributes
Cisco IOS Security Configuration Guide, Release 12.4
DSL Forum Line-ID tag solution
DSL Forum 2004-71: : Solution for Remote-ID in PPPoE Discovery Phase
Migration to Ethernet-based DSL aggregation
Standards
MIBs
RFCs
Technical Assistance
Command Reference
This section documents new and modified commands only.
vendor-tag circuit-id strip
Note Effective with Cisco IOS Release 12.2(31)SB2, the vendor-tag circuit-id strip command is replaced by the vendor-tag strip command. The vendor-tag circuit-id strip command may continue to perform its normal function in prior releases, but it is no longer documented. Support for the vendor-tag circuit-id strip command will cease in a future release.
To remove the incoming Vendor-Specific Line-ID tag from outgoing PPPoE Active Discovery Offer and Request (PADO and PADR) packets, use the vendor-tag circuit-id strip command in BBA group configuration mode. To disable the command function, use the no form of this command.
vendor-tag circuit-id strip
no vendor-tag circuit-id strip
Syntax Description
This command has no arguments or keywords.
Command Default
This command's functionality is disabled. In the default condition, outgoing packets from the Broadband Remote Access Server (BRAS) have a digital subscriber line access multiplexer (DSLAM) inserted Remote-ID tag when the vendor-tag remote-id service command is configured.
Command Modes
BBA group configuration
Command History
Usage Guidelines
Outgoing packets from the Broadband Remote Access Server (BRAS) will have a digital subscriber line access multiplexer (DSLAM) inserted Line-ID tag when the vendor-tag circuit-id service command is configured. The DSLAM must remove the tag from the PADO packets. If the DSLAM cannot remove the tag, the BRAS must remove it before sending out the packets. When the vendor-tag circuit-id strip command is configured, the BRAS removes the incoming Vendor-Specific Line-ID tag from the outgoing packets.
Outgoing PADO and PADS packets from the BRAS will have the DSLAM-inserted Circuit-ID tag. The DSLAM must remove the tag from PADO and PADS packets. If the DSLAM cannot remove the tag, the BRAS must remove it before sending the packets out, and this is accomplished using the vendor-tag circuit-id strip command.
Examples
In the following example, the BRAS removes incoming Vendor-Specific Line-ID tags from outgoing PADO and PADS packets:
bba-group pppoe pppoe-rm-tagsessions per-mac limit 50vendor-tag circuit-id servicevendor-tag circuit-id stripinterface FastEthernet0/0.1encapsulation dot1Q 120pppoe enable group pppoe-tagRelated Commands
vendor-tag remote-id service
To enable processing of the PPPoE Vendor-Specific tag in a PPPoE Active Discovery Request (PADR) packet, which extracts the Remote-ID part of the tag and sends it to an AAA server as the NAS-Port-ID attribute in RADIUS access requests, use the vendor-tag remote-id service command in BBA group configuration mode. To disable the command function, use the no form of this command.
vendor-tag remotet-id service
no vendor-tag remote-id service
Syntax Description
This command has no argument or keywords.
Command Default
This command's functionality is disabled. In this default condition, when the Broadband Remote Access Server (BRAS) receives a packet with the vendor-specific tag attached, the tag is ignored and the session is allowed to come up.
Command Modes
BBA group configuration
Command History
Usage Guidelines
When this command is not enabled and the BRAS receives a packet with the Vendor-Specific tag attached, the tag is ignored and the session is allowed to come up. The Vendor-Specific tag is extracted and processed for its Remote-ID part when the vendor-tag remote-id service command is enabled in BBA group configuration mode. When the command is configured, the BRAS processes incoming PADR packets and sends the Remote-ID tag to the AAA server as a NAS-Port-ID RADIUS attribute.
Examples
In the following example, outgoing PPPoE Active Discovery Offer (PADO) and PPPoE Active Discovery Session-Confirmation (PADS) packets are configured to retain the incoming Vendor-Specific Line-ID tag:
bba-group pppoe pppoe-tagsessions per-mac limit 50vendor-tag remote-id serviceinterface FastEthernet0/0.1encapsulation dot1Q 120pppoe enable group pppoe-tagRelated Commands
Command Descriptionvendor-tag strip
Removes an incoming Vendor-Specific Line-ID tag from outgoing PADO and PADR packets.
vendor-tag strip
To remove the incoming Vendor-Specific Line-ID tag from outgoing PPPoE Active Discovery Offer (PADO) and PPPoE Active Discovery Request (PADR) packets, use the vendor-tag strip command in BBA group configuration mode. To disable the command function, use the no form of this command.
vendor-tag strip
no vendor-tag strip
Syntax Description
This command has no arguments or keywords.
Command Default
This command's functionality is disabled. In the default condition, outgoing packets from the Broadband Remote Access Server (BRAS) have a digital subscriber line access multiplexer (DSLAM)-inserted Remote-ID tag when the vendor-tag remote-id service command is configured.
Command Modes
BBA group configuration
Command History
Release Modification12.2(31)SB2
This command was introduced. This command replaces the vendor-tag circuit-id strip command.
Usage Guidelines
Outgoing packets from the BRAS will have a DSLAM-inserted Remote-ID tag when the vendor-tag remote-ID service command is configured. The DSLAM must remove the tag from the PPPoE Active Discovery (PAD) outgoing packets. If the DSLAM cannot remove the tag, the BRAS must remove it before sending out the packets. When the vendor-tag strip command is configured, the BRAS removes the incoming Vendor-Specific Line-ID tag from the outgoing packets.
Outgoing PADO and PPPoE Active Discovery Session-Confirmation (PADS) packets from the BRAS will have the DSLAM-inserted Circuit-ID tag. The DSLAM must remove the tag from PADO and PADS packets. If the DSLAM cannot remove the tag, the BRAS must remove it before sending the packets out, and this is accomplished using the vendor-tag strip command.
The vendor-tag circuit-id strip command may continue to perform its normal function in prior releases, but it is no longer documented. Support for the vendor-tag circuit-id strip command will cease in a future release.
Examples
In the following example, the BRAS removes incoming Vendor-Specific Remote-ID tags from outgoing PADO and PADS packets:
bba-group pppoe pppoe-rm-tagsessions per-mac limit 50vendor-tag remote-ID servicevendor-tag stripinterface FastEthernet0/0.1encapsulation dot1Q 120pppoe enable group pppoe-tagRelated Commands
Feature Information for PPPoE Agent Remote-ID and DSL Line Characteristics Enhancement
Table 1 lists the release history for this feature.
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note Table 1 lists only the Cisco IOS software release that introduced support for a given feature in a given Cisco IOS software release train. Unless noted otherwise, subsequent releases of that Cisco IOS software release train also support that feature.
Glossary
AAA—Authentication, authorization, and accounting.
ATM—Asynchronous Transfer Mode.
BBA—broadband access.
BRAS—Broadband Remote Access Server.
DSLAM—digital subscriber line access multiplexer. A device that connects many digital subscriber lines to a network by multiplexing the DSL traffic onto one or more network trunk lines.
PADO—PPPoE Active Discovery Offer.
PADR—PPPoE Active Discovery Request.
PADS—PPPoE Active Discovery Session-Confirmation.
PPPoE—Point-to-Point Protocol over Ethernet.
RADIUS—Remote Authentication Dial-In User Service. Database for authenticating modem and ISDN connections and for tracking connection time.
VCI—virtual circuit identifier.
VLAN—virtual local-area network.
VPI—virtual path identifier.
VSA—Vendor-specific Attribute. An attribute that has been implemented by a particular vendor. It uses the attribute Vendor-Specific to encapsulate the resulting AV pair: essentially, Vendor-Specific = protocol:attribute = value.
Note See Internetworking Terms and Acronyms for terms not included in this glossary.
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2006 Cisco Systems, Inc. All rights reserved.