L2TPv3 – Dynamic and Manual Sessions

The Layer 2 Tunneling Protocol allows LAN segments to communicate even when separated by routed networks.  Here we take a look at a small example that should get you familiar with the commands required to configure an L2TPV3 connection.

We will start with the pseudowire-class. The class has two required items, an encapsulation type and a local interface used for the tunnel packets.  Use context sensitive help to familiarize yourself with some of the other options.

PE1(config-router)#pseudowire-class L2TPV3

PE1(config-pw-class)#encapsulation l2tpv3

PE1(config-pw-class)#ip local interface Loopback0

PE1(config)#pseudowire-class L2TPV3

PE1(config-pw-class)#?

Pseudowire-class configuration commands:

default        Set a command to its defaults

encapsulation  Data encapsulation method

exit           Exit from Pseudowire-class configuration mode

ip             Specify IP parameters

no             Negate a command or set its defaults

protocol       Signaling protocol to use

sequencing     Sequencing options for pseudowire

Configure the same pseudowire-class on R2.  Next, you configure the xconnect statement under the interface with the class you just created:

PE1(config)#int f0/0

PE1(config-if)#xconnect 10.1.1.2 100 pw-class L2TPV3

PE2(config)#int f0/0

PE2(config-if)#xconnect 10.1.1.1 100 pw-class L2TPV3

That’s pretty much it! Let’s run a show command on PE1 to verify the tunnel is up and then ping from CE1 to CE2.

PE1#sho l2tun tunnel l2tp

L2TP Tunnel Information Total tunnels 1 sessions 1

LocID RemID Remote Name   State  Remote Address  Port  Sessions L2TP Class/

VPDN Group

17463 20683 PE2           est    10.1.1.2        0     1        l2tp_default_cl

PE1#

CE1#ping 192.168.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:

.!!!!

Success rate is 80 percent (4/5), round-trip min/avg/max = 28/59/92 ms

CE1#sho arp

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  192.168.0.1             -   c200.0bfc.0000  ARPA   FastEthernet0/0

Internet  192.168.0.2             4   c203.0bfc.0001  ARPA   FastEthernet0/0

The configuration can get slightly more complex by manually setting parameters such as session and cookie IDs. In the next example, we use the manual keyword to enter xconnect configuration mode.  Before that however we have re-configure the pw-class with the protocol none option.  You must remove the xconnect statement first.

PE1(config)#interface FastEthernet0/1

PE1(config-if)#no xconnect 10.1.1.2 100 pw-class L2TPV3

PE1(config)#pseudowire-class L2TPV3

PE1(config-pw-class)#protocol none

PE1(config)#int f0/1

PE1(config-if)#xconnect 10.1.1.2 100 encapsulation l2tpv3 manual pw-class L2TPV3

PE1(config-if-xconn)#l2tp id 101 102

PE1(config-if-xconn)#l2tp cookie local 4 401

PE1(config-if-xconn)#l2tp cookie remote 4 402

The first number for the l2tp id is the local value, the second is the remote value. Reverse these on the opposite end as follows.

PE2(config)#interface FastEthernet0/0

PE2(config-if)#xconnect 10.1.1.1 100 encapsulation l2tpv3 manual pw-class L2TPV3

PE2(config-if-xconn)#l2tp id 102 101

PE2(config-if-xconn)#l2tp cookie local 4 402

PE2(config-if-xconn)#l2tp cookie remote 4 401

PE1#sho vpdn ses l2tp

L2TP Session Information Total tunnels 1 sessions 1

LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq ID

Vcid, Circuit

101        102        43168      100, Fa0/1           est    00:01:05 1

CE1#ping 192.168.0.2

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.0.2, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/43/80 ms

Well, those are the basics. There are some great case studies in the Cisco Press book, Layer 2 VPN Architectures. If you wish to learn all the ins and outs of L2TPv3 and AToM circuits, I highly recommend purchasing that book. Good luck!

Regards, Bryan (Post by Bryan Bartik)

Tags: L2TPv3