PPPoE over L2TP over GigE questions
Pardon my ignorance on the subject, but I would need to know how packets between a BAS/LAC and an ISP's router are transported (this is within Bell Canada ADSL territory). Bell uses L2TP to link each BAS/LAC to the ISP. Some of the ISPs get a Gigabit Ethernet link to the Bell cloud. Would the L2TP payload be an ethernet packet which contains a PPPoE packet, or would the L2TP payload be the PPPoE packet only ? Also, while I am at it: Architecturally, is a BAS considered a router, or a bridge/switch ? (since the PPPoE packet has no routing information (source, destination), it is the BAS which maintains the table of source/destination for each PPPoE session ID. Yet, the BAS machines are supposedly Juniper ERX routers in Bell territory... And while I am at it:
From the end user point of view, the ADSL modem sends all ATM frames to a predetermined ATM destination (VPI/VCI). I assume that VPI/VCI points to the BAS.
How does the BAS address ATM packets back to an individual subscriber ? Do each subscribers get their own VPI/VCI that points to the right port on the right DSLAM ? And in cases where the telcos are extending the ethernet to the DSLAM, with the fragmentation into multiple ATM frames limited to the ADSL link itself, how does the BAS address invididual customers ? Does each ADSL port on the DSLAM get its own ethernet address ? (since some services do not use PPPoE, I have to assume that the DSLAM doesn't base its packet switching on PPPoE session IDs.)
Dear Mezei,
Would the L2TP payload be an ethernet packet which contains a PPPoE packet, or would the L2TP payload be the PPPoE packet only ?
ppp frame in l2tp (udp packet). http://www.faqs.org/rfcs/rfc2661.html 5.0 Protocol Operation l2tp is designed for minimal overhead.
Also, while I am at it:
Architecturally, is a BAS considered a router, or a bridge/switch ? (since the PPPoE packet has no routing information (source, destination), it is the BAS which maintains the table of source/destination for each PPPoE session ID. Yet, the BAS machines are supposedly Juniper ERX routers in Bell territory...
the BAS is a LAC (L2TP Access Concentrator), which preauth the pppoe session, create, if needed a L2TP tunnel to a LNS (L2TP Network Server), handle the authentication between client (pppoe) and LNS. L2TP use one tunnel for 1 LAC - LNS link, meaning more than one pppoe tunnel use a L2TP tunnel link.
And while I am at it:
From the end user point of view, the ADSL modem sends all ATM frames to a predetermined ATM destination (VPI/VCI). I assume that VPI/VCI points to the BAS.
Depends on network design. As adsl use ATM as line protocol, you need VPI/VCI. protocol stack: pppoe ethernet ATM at the provider side you have various options. it is very common that the dslam, that terminates the adsl line has an ethernet upstream port.
How does the BAS address ATM packets back to an individual subscriber ? Do each subscribers get their own VPI/VCI that points to the right port on the right DSLAM ?
That is done via ppp(oe) authentication.
And in cases where the telcos are extending the ethernet to the DSLAM, with the fragmentation into multiple ATM frames limited to the ADSL link itself, how does the BAS address invididual customers ? Does each ADSL port on the DSLAM get its own ethernet address ?
pppoe is ethernet, so they use the mac adress of the pppoe source (client pc, adsl modem, whatever)
(since some services do not use PPPoE, I have to assume that the DSLAM doesn't base its packet switching on PPPoE session IDs.)
pppoe is commonly used for large scale setups. but you can also build a network without pppoe and plain ethernet. Kind regards, Ingo Flaschberger
Jean-François Mezei <jfmezei@vaxination.ca> writes:
Pardon my ignorance on the subject, but I would need to know how packets between a BAS/LAC and an ISP's router are transported (this is within Bell Canada ADSL territory).
Bell uses L2TP to link each BAS/LAC to the ISP. Some of the ISPs get a Gigabit Ethernet link to the Bell cloud.
Actually, they don't set up connections directly from the BASes and SMSes anymore. I'm quite sure they've got some old Redback kit still out there too, as well as perhaps some other ancient stuff. You're going to be talking to a tunnel switch (TSW2-TORONTO63 for instance). These are all Juniper ERXes to the best of my knowledge. N number of BAS/SMS devices talk to a TSW, which talks to your LNS. This cuts down drastically on the number of tunnels that you have to manage (Bell has a couple of hundred BASes out there last I checked). Brings the number of tunnels (and VLANs) down to a couple of hundred. The tunnel switch is smart enough to look inside the authentication packets at session start time and switch you properly based on the realm the customer is logging into.
Would the L2TP payload be an ethernet packet which contains a PPPoE packet, or would the L2TP payload be the PPPoE packet only ?
My recollection is that it includes the src/dst MAC addresses and the rest of the ethernet header in the L2TP frame.
Also, while I am at it:
Architecturally, is a BAS considered a router, or a bridge/switch ? (since the PPPoE packet has no routing information (source, destination), it is the BAS which maintains the table of source/destination for each PPPoE session ID. Yet, the BAS machines are supposedly Juniper ERX routers in Bell territory...
I'd call them VPN endpoints for a layer 2 VPN; thus the functionality they're providing is more like a bridge than a router, notwithstanding their peeking into layer 5.
And while I am at it:
From the end user point of view, the ADSL modem sends all ATM frames to a predetermined ATM destination (VPI/VCI). I assume that VPI/VCI points to the BAS.
Yes, and at that point it's PPPoEoATM. Which gets turned into PPPoEoATMoL2TP on the upstream side of the BAS.
How does the BAS address ATM packets back to an individual subscriber ? Do each subscribers get their own VPI/VCI that points to the right port on the right DSLAM ?
Nothing that's visible on the upstream side of the BAS - it's all src/dst mac address at that point.
And in cases where the telcos are extending the ethernet to the DSLAM, with the fragmentation into multiple ATM frames limited to the ADSL link itself, how does the BAS address invididual customers ? Does each ADSL port on the DSLAM get its own ethernet address ?
the ADSL router has its own ethernet address.
(since some services do not use PPPoE, I have to assume that the DSLAM doesn't base its packet switching on PPPoE session IDs.)
These other services are VLAN-per-customer and don't use PPPoE or L2TP at all. I think we looked at these and decided not to use 'em. You may be thinking too deeply about this though. Contact me offline if you want a working redacted config for Cisco kit talking to Bell Canada. :-) -r
Actually, with AGAS, there are no tunnel switches anymore multiple tunnels are set-up directly netween Juniper ERXes aggregating DSLAMs and acting as LAC's and the ISPs LNS's receiving the L2TP tunnels. This is one giant step towards TR-101, but Bell won't accept to do this f. On 11-Jun-08, at 3:37 PM, Robert E. Seastrom wrote:
Jean-François Mezei <jfmezei@vaxination.ca> writes:
Pardon my ignorance on the subject, but I would need to know how packets between a BAS/LAC and an ISP's router are transported (this is within Bell Canada ADSL territory).
Bell uses L2TP to link each BAS/LAC to the ISP. Some of the ISPs get a Gigabit Ethernet link to the Bell cloud.
Actually, they don't set up connections directly from the BASes and SMSes anymore. I'm quite sure they've got some old Redback kit still out there too, as well as perhaps some other ancient stuff.
You're going to be talking to a tunnel switch (TSW2-TORONTO63 for instance). These are all Juniper ERXes to the best of my knowledge.
N number of BAS/SMS devices talk to a TSW, which talks to your LNS. This cuts down drastically on the number of tunnels that you have to manage (Bell has a couple of hundred BASes out there last I checked). Brings the number of tunnels (and VLANs) down to a couple of hundred. The tunnel switch is smart enough to look inside the authentication packets at session start time and switch you properly based on the realm the customer is logging into.
Would the L2TP payload be an ethernet packet which contains a PPPoE packet, or would the L2TP payload be the PPPoE packet only ?
My recollection is that it includes the src/dst MAC addresses and the rest of the ethernet header in the L2TP frame.
Also, while I am at it:
Architecturally, is a BAS considered a router, or a bridge/switch ? (since the PPPoE packet has no routing information (source, destination), it is the BAS which maintains the table of source/destination for each PPPoE session ID. Yet, the BAS machines are supposedly Juniper ERX routers in Bell territory...
I'd call them VPN endpoints for a layer 2 VPN; thus the functionality they're providing is more like a bridge than a router, notwithstanding their peeking into layer 5.
And while I am at it:
From the end user point of view, the ADSL modem sends all ATM frames to a predetermined ATM destination (VPI/VCI). I assume that VPI/VCI points to the BAS.
Yes, and at that point it's PPPoEoATM. Which gets turned into PPPoEoATMoL2TP on the upstream side of the BAS.
How does the BAS address ATM packets back to an individual subscriber ? Do each subscribers get their own VPI/VCI that points to the right port on the right DSLAM ?
Nothing that's visible on the upstream side of the BAS - it's all src/dst mac address at that point.
And in cases where the telcos are extending the ethernet to the DSLAM, with the fragmentation into multiple ATM frames limited to the ADSL link itself, how does the BAS address invididual customers ? Does each ADSL port on the DSLAM get its own ethernet address ?
the ADSL router has its own ethernet address.
(since some services do not use PPPoE, I have to assume that the DSLAM doesn't base its packet switching on PPPoE session IDs.)
These other services are VLAN-per-customer and don't use PPPoE or L2TP at all. I think we looked at these and decided not to use 'em.
You may be thinking too deeply about this though. Contact me offline if you want a working redacted config for Cisco kit talking to Bell Canada. :-)
-r
-- François D. Ménard francois@menards.ca
That's some really good news... does it mean they're getting rid of the ATM network and the *&()&* Newbridges too? It's been a year and a half since I've even logged into the LNSes in question, and over two years since doing any meaningful reconfiguration... but it's good to hear my friends in Canada are getting improved service from Bell in some areas, even if they offset it by doing stupid stuff in other areas. :-/ -r Francois Menard <francois@menards.ca> writes:
Actually, with AGAS, there are no tunnel switches anymore
multiple tunnels are set-up directly netween Juniper ERXes aggregating DSLAMs and acting as LAC's and the ISPs LNS's receiving the L2TP tunnels.
This is one giant step towards TR-101, but Bell won't accept to do this
f.
On 11-Jun-08, at 3:37 PM, Robert E. Seastrom wrote:
Jean-François Mezei <jfmezei@vaxination.ca> writes:
Pardon my ignorance on the subject, but I would need to know how packets between a BAS/LAC and an ISP's router are transported (this is within Bell Canada ADSL territory).
Bell uses L2TP to link each BAS/LAC to the ISP. Some of the ISPs get a Gigabit Ethernet link to the Bell cloud.
Actually, they don't set up connections directly from the BASes and SMSes anymore. I'm quite sure they've got some old Redback kit still out there too, as well as perhaps some other ancient stuff.
You're going to be talking to a tunnel switch (TSW2-TORONTO63 for instance). These are all Juniper ERXes to the best of my knowledge.
N number of BAS/SMS devices talk to a TSW, which talks to your LNS. This cuts down drastically on the number of tunnels that you have to manage (Bell has a couple of hundred BASes out there last I checked). Brings the number of tunnels (and VLANs) down to a couple of hundred. The tunnel switch is smart enough to look inside the authentication packets at session start time and switch you properly based on the realm the customer is logging into.
Would the L2TP payload be an ethernet packet which contains a PPPoE packet, or would the L2TP payload be the PPPoE packet only ?
My recollection is that it includes the src/dst MAC addresses and the rest of the ethernet header in the L2TP frame.
Also, while I am at it:
Architecturally, is a BAS considered a router, or a bridge/switch ? (since the PPPoE packet has no routing information (source, destination), it is the BAS which maintains the table of source/destination for each PPPoE session ID. Yet, the BAS machines are supposedly Juniper ERX routers in Bell territory...
I'd call them VPN endpoints for a layer 2 VPN; thus the functionality they're providing is more like a bridge than a router, notwithstanding their peeking into layer 5.
And while I am at it:
From the end user point of view, the ADSL modem sends all ATM frames to a predetermined ATM destination (VPI/VCI). I assume that VPI/VCI points to the BAS.
Yes, and at that point it's PPPoEoATM. Which gets turned into PPPoEoATMoL2TP on the upstream side of the BAS.
How does the BAS address ATM packets back to an individual subscriber ? Do each subscribers get their own VPI/VCI that points to the right port on the right DSLAM ?
Nothing that's visible on the upstream side of the BAS - it's all src/dst mac address at that point.
And in cases where the telcos are extending the ethernet to the DSLAM, with the fragmentation into multiple ATM frames limited to the ADSL link itself, how does the BAS address invididual customers ? Does each ADSL port on the DSLAM get its own ethernet address ?
the ADSL router has its own ethernet address.
(since some services do not use PPPoE, I have to assume that the DSLAM doesn't base its packet switching on PPPoE session IDs.)
These other services are VLAN-per-customer and don't use PPPoE or L2TP at all. I think we looked at these and decided not to use 'em.
You may be thinking too deeply about this though. Contact me offline if you want a working redacted config for Cisco kit talking to Bell Canada. :-)
-r
-- François D. Ménard francois@menards.ca
This has been a very informative thread. All sorts of acronyms to research and so forth. :) The mention of TR-101 took me down another rabbit hole, and I discovered http://www.dslforum.org/trlist/trlist.php. Very interesting info. Charles -- Charles N Wyble (818) 280-7059 http://charlesnw.blogspot.com
How about a couple more rabbit holes to dig into: Try to find the intersection between: DSL Forum TR-101 unbundling Bell replacing tunnel switching with AGAS 802.3AH PBB QinQ NENA i2 Wiremap update protocol LIS SIP Location Conveyance PIDF-LO transmission over the NENA i2 V0 interface Carrying the originating DSLAM port over the RADIUS accounting interface Bitstream unbundling of the multicast plane Denial of access to subloop unbundling Phase II costing of DSL access and capping mark-ups to 15% Capping the mark-up for conditional-essential services Throttling DPI Net Neutrality Dark fibre forbearance Phase out of non-essential services You mix this alphabet soup, eat a good portion daily - this keeps your brain sharp and the doctor away We're trying to figure out how the next 10 years of DSL unbundling will be done, such as that it will support prioritized VoIP, triple play and E-9-1-1, and how ISPs will be able to secure their own DSL aggregation out of dark fibre being available at tariffed rates. Comments due June 25 at the CRTC. F. On 17-Jun-08, at 11:53 AM, Charles N Wyble wrote:
This has been a very informative thread. All sorts of acronyms to research and so forth. :)
The mention of TR-101 took me down another rabbit hole, and I discovered http://www.dslforum.org/trlist/trlist.php.
Very interesting info.
Charles
-- Charles N Wyble (818) 280-7059 http://charlesnw.blogspot.com
-- François D. Ménard francois@menards.ca
participants (5)
-
Charles N Wyble -
Francois Menard -
Ingo Flaschberger -
Jean-François Mezei -
Robert E. Seastrom