PPP configuration command directory

encapsulation ppp

interface multilink

ip local pool

multilink bundle-name

multilink-group

multilink max-fragments

multilink max-links

multilink min-links

peer default ip address

peer neighbor-route

ppp authentication

ppp authorization

ppp callback

ppp chap echo

ppp chap hostname

ppp chap refuse

ppp ipcp rfc-default

ppp lcp echo

ppp lcp enddisc-type

ppp lcp rfc-default

ppp lcp [ close | listen | open ]

ppp max-bad-auth

ppp multilink

ppp pap refuse

ppp pap sent-username

ppp timeout authentication

ppp timeout ncp

ppp timeout lcp

show ip local pool

show ppp

username

debug ppp

PPPoE command directory

pppoe-client dialer number

clear pppoe

debug pppoe data

debug pppoe error

debug pppoe event

debug pppoe packet

 

Command in this chapter configures PPP for dial-up WAN on the router.

For information about configuration of ppp on the router, please refer to chapter “configuration of PPP”.

For more information about PPP, please refer to RFC 1661. for more information about MLP, please refer to RFC 1717.

For more information about PAP, please refer to RFC 1334. For more information about CHAP, please refer to RFC 1994.

encapsulation ppp

To configure PPP encapsulation on serial interface or ISDN interface, you can use interface configuration command “encapsulation ppp”. Use “no encapsulation ppp” to disable PPP encapsulation.

encapsulation ppp

no encapsulation ppp

parameter:

none

default:

Use PPP encapsulation on Asynchronous serial interface, use HDLC encapsulation on Synchronous serial interface.

command mode:

Interface configuration mode

Explanation:

In order to use PPP encapsulation, the router should use IP routing protocol configuration.

example

The following example activates PPP encapsulation on serial interface serial 1/0:

interface s1/0

encapsulation ppp

relevant command:

ppp authentication

interface multilink

In order to establish a multilink bundle or enter into mutlink interface configuration mode, use command “interface multilink”. Use “no interface multilink” to delete this interface.

interface multilink group-number

no interface multilink

parameter:

group-number

The number of multilink bundle

default:

none

command mode:

global configuration mode

Explanation:

This command firstly appears in version 1.2.4.

When multilink interface first establishes, it is automatically encapsulated as PPP protocol by default and enables Multilink.

example

The following example establishes “multilink bundle 1” and configures IP address.

interface multilink 1
ip address 192.168.20.100 255.255.255.0

relevant command:

multilink-group

 

ip local pool

Use global configuration command “ip local pool” to configure a local address pool, allocate IP address to the distant port connects to point-to-point interface. Use “no ip local pool” to delete a local address pool.

ip local pool {default | pool-name begin-ip-address [ip-address-number]}

no ip local pool {default | poolname}

parameter:

default

Default local address pool before naming other address pools

pool-name

Local address pool name designated

begin-ip-address

Initial IP address in the address pool

ip-address-number

(Optional) the number of IP address in address pool. If the parameter does not include this value, then there is only address begin-ip-address in address pool. 1024 IP addresses maximum in each address pool.

default:

Address pool not configured

command mode:

global configuration mode

Explanation:

Use command “ip local pool” to generate one or more local address pools, when one host dials in, it allocates one IP address for it from these address pools. In order to use a certain named address pool on the interface, use interface configuration command “peer default ip address pool”.

Use command “show ip local pool” to check the address pool.

example:

The following example generates a local IP address pool named mypool, IP address included ranges from 172.16.23.0 to 172.16.23.255:

ip local pool mypool 192.168.23.0 255

relevant command:

show ip local pool

multilink bundle-name

Command “multilink bundle-name” is used to designate the naming mode of “multilink bundle”. “no” form of this command is used to reset default naming mode.

multilink bundle-name name-method
no multilink bundle-name

parameter:      

authenticated

User name naming used by remote authentication

both 

The user name or its end tagging naming the remote authentication used

endpoint

Use remote end to tag naming (remote end tag is acquired by PPP during LCP negotiates )

default:

The user name used with remote authentication

command mode:

global configuration mode

Explanation:

This command first appears in version 1.2.4.

example:

The following example uses the user name for remote authentication and its end tagging naming mechanism to name the bundle.

multilink bundle-name both

relevant command:

interface multilink
ppp multilink

multilink virtual-template

multilink-group

In order to designate an interface as part of Multilink special line bundle, use command “multilink-group” in interface configuration mode.

Use “no” form of this command to delete the interface from the bundle.

 

multilink-group group-number
no multilink-group

parameter:      

group-number

Number of multilink bundle

default:

Not enableed

command mode:

Interface configuration mode

Explanation:

This command first appears in version 1.2.4.

Use this command to designate that all interfaces in the same bundle should have the same bandwidth. When using command “multilink-group”, if the corresponding multilink interface has not been established, it will automatically establish a multilink interface. After using command “multilink-group”, all PPP commands on this interface will not be able to configure, but via “multilink interface” to automatically clone to it until disableing this command. So the configuration on this interface will permanently be Synchronous with the configuration on designated multilink interface.

example:

The following example sets serial1/0 as part of multilink bundle 1.

interface serial1/0
    encapsulation ppp
   multilink-group
1

 

relevant command:

interface multilink
 

multilink max-fragments

In order to designate the maximum fragment number of each transfer packet on designated multilink bundle, use command “multilink max-fragments under interface configuration mode. Use “no” form of this command to reset the default value of the maximum fragment number.

 

multilink max-fragments fragment-number
no multilink-group

parameter:      

fragment-number

Fragment number (1-16)

default:

16

command mode:

Interface configuration mode

Explanation:

This command first appears in version 1.2.4.  

This command only applies on the virtual interface related with multilink.

example:

The following example sets the maximum fragment number on interface multilink 1 to 10.

interface multilink 1
   multilink max-fragments 10

 

relevant command:

interface multilink
interface virtual-template
interface dialer

 

multilink max-links

In order to designate the upper limit of the link number on multilink bundle interface, use command “multilink max-links” under interface configuration mode. Use “no” form of this command, to reset the upper limit of link number to default value.

multilink max-links link-number
no multilink-group

parameter:      

links-number

Fragment number (1 – 255)

default:

255

command mode:

Interface configuration mode

Explanation:

This command first appears in version 1.2.4.

This command only applies to the related virtual interface with multilink.

example:

The following example sets the upper limit of link number to 100 on interface multilink 1.

interface multilink 1
   multilink max-links 100

 

relevant command:

interface multilink
interface virtual-template
interface dialer
user
username user-maxlinks

 

multilink min-links

In order to set the lower limit of link number on designated multilink bundle interface, use command multilink min-links” under interface configuration mode. Use “no” form of this command to reset the default value of lower limit of link number.

multilink min-links link-number
no multilink-group

parameter:      

links-number

Fragment number  (0 – 255)

default:

0

command mode:

Interface configuration mode

Explanation:

This command first appears in version 1.2.4.  

This command only applies to the related virtual interface with multilink.

example:

The following example sets the lower limit of link number on interface multilink 1 to 2.

interface multilink 1
   multilink min-links 2

 

relevant command:

interface multilink
interface virtual-template
interface dialer

peer default ip address

Use interface configuration command to designate an IP address for the remote side connecting this interface or acquire IP address from certain IP address pool or DHCP mechanism. Use “no peer default ip address” to disable the remote IP address pool’s original configuration on the interface.

peer default ip address {ip-address | dhcp| pool [pool-name]}

no peer default ip address

parameter:

ip-address

Allocate an IP address for the remote port dialed in on the interface. In order to prevent the allocation of repeated IP address on the interface, this parameter cannot be used on dialer rotary group and ISDN interfaces.

dhcp

Use interaction of DHCPprotocol to allocate an IP address to the client.

pool

If the pool-name is not designated, you can use global default mechanism defined by “ip address-pool”.

pool-name

 (Optional) Use the local address pool name generated by command” ip local-pool”. Acquire one address from this address pool, and neglect the configuration of bglobal default mechanism.

default:

Address pool not configured

command mode:

Interface configuration mode

Explanation:

The administrator can use this command to configure all possible address pool mechanism for every interface.

l         For those interfaces not configured with “peer default ip address” mechanism, the router can use global default mechanism defined by command “ip address-pool”.

l        If peer default ip address pool pool-name is used, the router will use this local configured address pool on this interface yet neglect any address pools.

l         If peer default ip address ip-address is used, this designated IP address will be allocated to the remote port connected with the interface, yet neglect any global default mechanism.

example

The following example designates the interface to use local IP address pool named “mypool”.

peer default ip address pool mypool

The following example designates the interface to use the IP address 192.168.3.29

peer default ip address 192.168.3.29

The following example designates the interface to use global default mechanism again:

peer default ip address pool

relevant command:

encapsulation ppp

ip local pool

 

peer neighbor-route

Under interface configuration mode, use command “peer neighbor-route” can reactivate the generation of host router on default interface which disables the generation of host router.  Use no peer neighbor-route to disable the default act that generates neighbour router on opposite port of point-to-point interface.

 

peer neighbor-route

no peer neighbor-route

parameter:

none

default:

After negotiation of PPP IPCP, it generates a route to the remote address of point-to-point interface.

command mode:

Interface configuration mode

Explanation:

Only when default act causes a problem in your network, use command “no peer neighbor-route”.

example

The following example reactivates default acts on the interface:

peer neighbor-route

ppp authentication

Use interface configuration command “ppp authentication” to designate the sequence of using CHAP or PAPprotocol on designated interface, use “no ppp authentication to disable authentication.

ppp authentication {chap|ms-chap|pap}[[list-name|default][callin]

no ppp authentication

parameter:

Chap

Activate CHAP on the serial interface

Pap

Activate PAP on serial interface

ms-chap 

Activate MS-CHAP on serial interface

list-name

(Optional) Use together with AAA/TACACS+, designate the TACACS+ method list name used during the execution of authentication. If the list name is not designated, the systeme will use default list. Use command “aaa authentication ppp” to create the list.

default

(Optional) Use together with AAA/TACACS. Use command “aaa authentication ppp” to createdefault list.

During PPP authentication, you should choose one from chap, ms-chap and pap, or the three combined randomly.

default:

Do not execute PPP authentication.

command mode:

Interface configuration mode

Explanation:

Once you activate one, two or all of CHAP, MS-CHAP and PAP authentication, the local router demands to authenticate its identity before local router permits the remote device to transfer data.

l        PAP authentication demands the remote device to send a name/password pair to authenticate whether there is one matching item in local user database or remote TACACS/TACACS+ database.

l         CHAP authentication send a challenge to the remote device, the remote device must possess a public key to encrypt challenge and return the encryption result and self name to local router in the form of response packet. Local router uses remote device name in local user database or remote TACACS/TACACS+ database to fine the corresponding key, use it to encrypt the initial challenge, and authenticates whether this encryption result is the same as what remote device returns.

You can activate PAP, MS-CHAP and CHAP in any sequence. If two methods are all activated, then use the first method to advance request during link negotiation session. If the remote port suggests using the second method or simply refuses the first method, use the second method. Some remote devices only support CHAP or only support PAP. As to the designation of the sequence of the two authentication methods, it is based on the estimation of the ability for you to correctly negotiate, and the consideration of data line security. The user name and password is sent as plain text and may be captured or reused; and CHAP clears most security problems currently known.

Activate or disable ppp authentication will not influence whether local router should authenticate itself to remote device.

example

The following example activates CHAP authentication on interface s1/0 and uses authentication list access1:

interface s1/0

encapsulation ppp

ppp authentication chap access1

relevant command:

aaa authentication ppp

encapsulation ppp

username password

ppp authorization

In order to activate AAA authorization on the designated interface, use command “ppp authorization” under interface configuration mode, use command “no” to disable the authorization.

ppp authorization [default | list-name]

no ppp authorization

parameter:

default (optional) the method list created with command “aaa authorization”.

list-name (optional) Designate the authorization list name. If not designated, use default value.

default:

Authorization not enableed

command mode:

Interface configuration mode

Explanation:

After enabling command “aaa authorization” and defines authorization method list (or uses default method list), there should be authorization corresponds the above authorization list on proper interface. Using command “ppp authorization” is to apply the designated method list on designated interface (if there isn’t designated list, use default list)

example

Use method list sun on interface s1/0:

interface s1/0

encapsulation ppp

ppp authorization sun

relevant command:

aaa authorization

ppp callback

Use interface configuration command “ppp callback” to receive callback request from opposite port or request opposite callback.

Use command “no ppp callback” to disable the configuration of “PPP callback”.

ppp callback {accept | initiate | request}

no ppp callback

parameter:

accept

Accept the callback request of PPP client

initiate

Without the negotiation of PPP callback, actively initiate callback to the ppp client dialed on the interface.

request {cbcp}

Send callback request to PPP opposite port (if cbcp is attached, then use CBCPprotocol to perform callback negotiation)

default:

Do not accept the callback request of opposite port

command mode:

Interface configuration mode

Explanation:

In order to accept an callback request from the client, you should first configure “ppp callback accept” or “ppp callback initiate”, and configure CHAP or PAP to authenticate the client, during the passing of the authentication, send callback to the client.

IF you want to use CBCP to prosecute callback negotiation, you should configure ppp callback request cbcp on one side of the caller (if you require the caller to designate the telephone number, you should configure dialer caller xx). At answerer side except the requirement of configuring ppp callback accept, if there is no need to callback,  there is no need to configure the callback number; if the callback number is designated by the caller, you should configure user xx password xx callback-dialstring *or dialer called *; if the callback telephone number is designated by the answerer, you need to configure user xx password xx callback-dialstring xx; If you want the caller to select one from a group of telephone number provided by the answerer, you should configure dialer called xx xxxx.

You should first enquire user xxx password xx callback-dialstring xx, then enquire dialer called xx. In addition, telephone exchange number is separated from extension number with “,”, use “;” to separate a group of telephone numbers.

example

The following example accepts the callback request of PPP client:

ppp callback accept

The following example sends callback to the opposite port without the negotiation of ppp callback;

ppp callback initiate

The following example sends callback request to the opposite port:

ppp callback request

The following example use 12345 to callback with the designated telephone number by the answerer:

Caller configuration:

ppp callback request cbcp

Answerer configuration:

user sun password sun callback-dialstring 12345

Enter interface configuration mode, input:

ppp callback accept

 

relevant command:

ppp authentication

username

 

ppp chap echo

After passing CHAP authentication, configures the interval to carry out CHAP authentication.

ppp chap ehco seconds

parameter:

The interval of CHAP authentication, range from 0 second to 2147483647 seconds

default:

No timing CHAP authentication by default, 0 second by default.

command mode:

Interface configuration mode

Explanation:

When configuring CHAP timing authentication, you should configure the second as greater than 0.

example

When configuring the interface serial 1/0 to carry out CHAP timing authentication, local router named as routerA, callback timing is 10 second.

interface s1/0

encapsulation ppp

ppp authentication chap

ppp chap hostname routerA

ppp chap echo 10

 

relevant command:

ppp authentication

ppp authentication

ppp chap hostname

ppp chap hostname

Use interface configuration command “ppp chap hostname” to create a routerchap host name. To disable, use command “no ppp chap hostname”.

ppp chap hostname hostname

no ppp chap hostname hostname

parameter:

hostname

Sent names in the CHAP challenge packet

default:

This function not enableed. Send host name of the router in all CHAP challenges.

command mode:

Interface configuration mode

Explanation:

This command usually applies to local CHAP authentication (to authenticate the opposite port), but it can also be used for remote CHAP authentication.

example

Command in the following example encapsulates PPP on interface dialer 0. CHAP only authenticate the received calls. User name guest will be sent with all CHAP challenge and response packets:

interface dialer 0

encapsulation ppp

ppp authentication chap callin

ppp chap hostname guest

relevant command:

aaa authentication ppp

ppp authentication

ppp chap password

ppp pap

 

ppp chap refuse

Refuse to use CHAP to authenticate local on opposite port.

parameter:

none

default:

Do not refuse to use CHAP to authenticate local by default

command mode:

Interface configuration mode

Explanation:

After the configuration of ppp chap refuse, it will refuse all users to use CHAP to authenticate local (including legal users).

example

Configure the interface serial 1/0 to refuse CHAP authentication.

interface s1/0

encapsulation ppp

ppp chap refuse

relevant command:

ppp authentication

ppp ipcp rfc-default

Set the IPCP negotiation option as PPPprotocol default value, do not negotiate all IPCP options.

parameter:

none

default:

The IPCP negotiation option is not the default value of protocol, which is, negotiate the IPCP option.

command mode:

Interface configuration mode

Explanation:

Generally, this command does not need to configure. Only applies to the situation of test or that the opposite port does not support IPCP negotiation.

example

Configure IPCP negotiation as default protocol.

ppp ipcp rfc-default

relevant command:

encapsulation ppp

 

ppp lcp echo

Configure the interval for LCP to send echo packets

ppp lcp echo seconds

parameter:

Interval to send LCP callback request packets range from 0 to 2147483647

default:

10 seconds

command mode:

Interface configuration mode

Explanation:

You should configure the second as greater than 0 when you require sending LCP callback request packets.

example

Configure ICP callback on interface serial 1/0, timing is 10 second.

interface s1/0

encapsulation ppp

ppp lcp echo 10

relevant command:

encapsulation ppp

ppp lcp enddisc-type

Select multilink ppp symbol type.

       ppp lcp enddisc-type [null | local | ip | ieee8021 | ppp | psdn]

parameter:

none

command mode:

Interface configuration modemultilink  interface

Explanation:

Select interrupting point symbol type when the protocol is negotiating for multilink ppp.

example

37DE_config_m1#ppp lcp enddisc-type ppp

37DE#debug ppp negotiate

 

PPP Serial0/1: LCP  Listen  ; RX <- Config Req, id: 182, len: 32

2003-4-28 11:36:19     making Magic Number: 0xc69038e7

2003-4-28 11:36:19     making Protocol compression

2003-4-28 11:36:19     making Addr/Ctl compression

2003-4-28 11:36:19     making MRRU: 1524

2003-4-28 11:36:19     making ENDDISC: class 4 ,address "000000e3"

2003-4-28 11:36:19

PPP Serial0/1: LCP  Listen  ; TX -> Config Req, id: 8, len: 25

2003-4-28 11:36:19     checking Magic Number: 0xcff04a72

2003-4-28 11:36:19         result Config Ack, option 5, length 6

2003-4-28 11:36:19         making Magic Number: 0xcff04a72

2003-4-28 11:36:19     checking Protocol compression

2003-4-28 11:36:19         result Config Ack, option 7, length 2

2003-4-28 11:36:19         making Protocol compression

2003-4-28 11:36:19     checking Addr/Ctl compression

2003-4-28 11:36:19         result Config Ack, option 8, length 2

2003-4-28 11:36:19         making Addr/Ctl compression

2003-4-28 11:36:19     checking MRRU: 1524

2003-4-28 11:36:19         result Config Ack, option 17, length 4

2003-4-28 11:36:19         making MRRU: 1524

2003-4-28 11:36:19     checking ENDDISC: class 1 ,address "BD-00000059" ,len 11 ,toss(11->0)

2003-4-28 11:36:19         result Config Ack, option 19, length 14

2003-4-28 11:36:19         making ENDDISC: class 1 ,address "BD-00000059"

In the above example, the “lcp config request” sent by local port contains enddisc negotiating content. The type is 4, or “enddisc type ppp”. Negotiating packets sent by port on the other end contains enddisc type 1, or “enddisc type local”.

The following is the relations of enddisc type number and type name .

class                 name

0                     null

1                     local

2                     ip

3                     ieee8021

4                     ppp

5                     psdn

 

ppp lcp rfc-default

Configure LCP negotiation option as PPP protocol default value, do not negotiation all LCP options

parameter:

none

default:

LCP negotiation option is not protocol default value, which is negotiation LCP option.

command mode:

Interface configuration mode

Explanation:

Generally, this command does not need to be configured. Only applies to the situation of test or that the opposite port does not support LCP negotiation.

example

Set LCP negotiation as default protocol.

ppp lcp rfc-default

relevant command:

encapsulation ppp

ppp lcp [close | listen | open]

Carry out “open, close, listen” operation toward LCP connection.

parameter:

close

Close LCP connection

listen

Set LCP as monitoring mode

open

Establish LCP connection

default:

LCP as monitoring mode

command mode:

Interface configuration mode

Explanation:

When using command “ppp lcp close” to close the current PPP connection, LCP turns into closed mode. There after even it dials from remote port, no connection will be established. You should enable it through ppp lcp listen or ppp lcp open, among them ppp lcp open actively sends LCPprotocol request packet.

example

Close LCP connection

ppp lcp close

relevant command:

encapsulation ppp

ppp max-bad-auth

Use interface configuration command “ppp max-bad-auth” to configure a point-to-point interface to enable it not to reset immediately after failure of authentication, and permit a certain time of authentication. Use command “no ppp max-bad-auth” to reset immediately after failure of authentication.

ppp max-bad-auth number

no ppp max-bad-auth

parameter:

number

Designate times of repeat authentication(1-255), 5 by default

default:

5

command mode:

Interface configuration mode

Explanation:

This command applies to any serial interface using PPP encapsulation. (Asynchronous serial interface, Synchronous serial interface or ISDN interface)

example

The following example sets the interface BRIO as that after the failure of the first authentication there are still 2 authentications permitted (3 tries of authentication in all)

interface bri 0

encapsulation ppp

ppp authentication chap 

ppp max-bad-auth 3

relevant command:

encapsulation ppp

 

ppp multilink

Interface configuration command “ppp multilink” to enable multilink PPP. Use command “no ppp multilink” to close multilink ppp.

ppp multilink

no ppp multilink

parameter:

       none

default:

Multilink not enableed

command mode:

Interface configuration mode

Explanation:

This command applies to any serial interface adopts PPP encapsulation (Asynchronous serial interface, Synchronous serial interface or ISDN interface).

example

        interface Dialer0
        ip address 99.0.0.2 255.0.0.0
        encapsulation ppp
        dialer idle-timeout 500
        dialer map 99.0.0.1 name dialname1 broadcast 81012345678901
        dialer load-threshold 30 either
        dialer-group 1
        ppp authentication chap
        ppp multilink

relevant command:

encapsulation ppp

 

ppp pap refuse

Refuse to use PAP to authenticate local on opposite port.

parameter:

none

default:

Do not refuse the opposite port to use PAP to authenticate local by default.

command mode:

Interface configuration mode

Explanation:

After configures ppp pap refuse, it will refuse all users to use PAP authentication local (including legal user).

example

Configure the interface serial1/0 to refuse PAP authentication.

interface s1/0

encapsulation ppp

ppp pap refuse

relevant command:

ppp authentication

ppp pap sent-username

Use interface configuration command “ppp pap sent-username” to activate remote PAP support on the interface and use sent-username and password in PAP authentication request packets. Use “no ppp pap sent-username” to prohibit the support of remote PAP.

ppp pap sent-username username password

no ppp pap sent-username

parameter:

username

Send the user name in PAP authentication request

password

Send the password in |PAP authentication request

default:

Prohibit remote PAP support

command mode:

Interface configuration mode

Explanation:

Use this command to activate remote PAP support (such as: response to opposite ports request of using PAP authentication) meanwhile designate the parameter to send PAP authentication request.

example

The following example configures the dialup interface 0 as the dialing group head and to activate PPP encapsulation on the interface. CHAP or PAP only authenticates the received calls. When remote port request the router to use PAP for authentication, user name “guest1”, password “mykey” are sent to the remote port:

interface dialer0

encapsulation ppp

ppp authentication chap pap callin

ppp chap hostname guest1

ppp pap sent-username guest1 mykey

relevant command:

aaa authentication ppp

ppp authentication

ppp chap hostname

ppp timeout authentication

Configure the PPP authentication timeout.

ppp timeout authentication seconds

parameter:

Negotiate timeout, unit is second.

default:

Default PPP authentication timeout is 3 seconds.

command mode:

Interface configuration mode

Explanation:

During PPP authentication process, if it does not receive response packets from opposite port within this interval, then PPP will resend authentication packet sent last time.

example

Configure the PPP authentication timeout as 10 seconds.

ppp timeout authentication 10

relevant command:

encapsulation ppp

ppp authentication

ppp timeout ncp

Configure the PPP NCP negotiation timeout.

ppp timeout ncp seconds

parameter:

Timeout negotiates for NCP, unit is second.

default:

Default PPP NCP negotiation timeout is 3 seconds.

command mode:

Interface configuration mode

Explanation:

During PPP NCP negotiation, if it does not receive response packets of opposite port within this interval, than PPP will resend the packets sent last.

example

Configure the PPP NCP negotiation timeout as 10 seconds.

ppp timeout ncp 10

relevant command:

encapsulation ppp

ppp timeout lcp

Configure the PPP LCP negotiation timeout.

ppp timeout lcp seconds

parameter:

Seconds LCP negotiation timeout, second is the unit.

default:

Default PPP LCP negotiation timeout is 3 seconds.

command mode:

Interface configuration mode

Explanation:

During PPP LCP negotiation process, if it does not receive response packet from opposite port within this interval, then PPP will resend the packet sent last.

example

Configure PPP LCP negotiation timeout to 10 seconds.

ppp timeout lcp 10

relevant command:

encapsulation ppp 

 

show ip local pool

Use show ip local pool to show the statistic information of IP address pool

show ip local pool

parameter:

none

command mode:

Privilege EXEC mode

Explanation:

The soft will show the general list and corresponding IP address of all defined address pool.

example

Here is the example of command “show ip local pool”:

Router# show ip local pool

Name   Begin               End                 Number

sun      192.168.0.1      192.168.0.10   10

relevant command:

ip local pool 

show ppp

   

show ppp { multilink |queue| status | version }

parameter:

parameter:

multilink

Show related information of PPP multilink

queue

Show the number of unprocessed information in PPP queues

Mode

Show the related interface mode information to configure PPP

version

PPP module version

 

command mode:

Non-user mode

Explanation:

This command is used to show PPP related information.

example

Here is the example of command showing interface mode information:

Router# show ppp sta

PPP status information:

    5 links (total)

    1 links (protocol up)

    4 links (protocol down)

Protocol up:

    Name      ID Type   Status           Uptime       Peer          

    S2/0       2 ALGC   Network Phase    0:04:32:01   1.0.0.2        

Protocol down:

    Name      ID Type   Status           Downtime

    a0/0       1 ADC    Link Dead        0:04:48:15

    vt1        4 LVT    Link Dead        0:04:48:07

    d1         6 D      Link Dead        0:04:48:07

    m1         7 LMU    LCP Phase        0:04:48:07

The above tags that the router has altogether 5 interfaces that configures PPP, only s2/0 is in the mode of protocolUp, time of protocolUp is 4 hours 32 minutes and 1 second. The opposite port address is 1.0.0.2. Other ports are in the mode of “down”.

relevant command:

 none

 

username

Use global configuration command to designate a password, which is used in PPP CHAP caller tag and PAP.

username name password secret

parameter:

name

Host name, server name, User ID or naming name

secret

Regarding CHAP: designate key password for local router, access server, or remote device.

This key can be saved in local router or access server after encryption; this can prevent the embezzlement of te key.

Key password is consisted of 11 printable ASCII characters at most, but can not include space or underline.

No limit for the number of username/password pair, permit any number of remote devices to be authenticated.

default:

No pre-defined password

command mode:

global configuration mode

Explanation:

To add a name entry for each remote system needs to be authenticated on local router or access server.

As part of the configuration authentication protocol (such as CHAP and PAP), command “username” is necessary. If you require authentication for each remote system communicates with local router or access server, you should add a username entry.

example

The following example starts CHAP on serial interface 0. It defines a password for local serverAdam and remote serverEve:

hostname Adam

interface s1/0

encapsulation ppp

ppp authentication chap

username Eve password theirsystem

relevant command:

hostname 

 

debug ppp

Show PPPprotocol parameter negotiation, authentication, packet sending, receiving process and error information.

debug ppp [ authentication | cbcp | error | multilink | negotiation | packet | raw ] [interface]

Note: raw is only effective on Asynchronous interface.

Use command “no debug ppp” to stop displaying the information.

parameter:

authentication

Enable the debug switch for PPP authentication

cbcp

Enable the debug switch for PPP callback control protocol

error

Enable the debug switch of PPP error information

negotiation

Enable the debug switch for PPP parameter negotiation

packet

Enable the debug switch for PPP input & output packets

raw

Enable the debug switch for PPPAsynchronous input & output original packet

interface

Interface that requires PPP debug information

command mode:

supervisor mode

Explanation:

After opening the switch of PPP debug information, it outputs PPP protocol parameter negotiation process, authentication process, packet sending, receiving process and error information and helps the user in PPP trouble diagnosis.

example

The following example describes the situation of debugging PPP receiving and sending of packets:

Router#debug ppp packet s1/2

PPP Serial1/2: TX -> packet, len=88, protocol: LCP

FF 03 00 21 45 00 00 54 00 2F 00 00 FF 01 3E F1   ...!E..T./....>.

01 00 00 0C 7B 7B 00 02 08 00 CB 37 00 12 00 00   ....{{.....7....

00 02 37 A5 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F   ..7.............

10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F   ................

PPP Serial1/2: RX <- packet, len=85

21 45 00 00 54 9E 73 00 00 FF 01 A0 AC 7B 7B 00   !E..T.s......{{.

02 01 00 00 0C 00 00 D3 37 00 12 00 00 00 02 37   ........7......7

A5 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 11 12   ................

13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22   ............. !"

Domain

Description

PPP

PPPprotocol is debugged currently

Serial1/2

Current debug interface

TX -> packet

PPP transmitting packet

Len=85

Length of transmitted packet

protocol: LCP

Sub-protocol encapsulated in the current PPPprotocol

FF 03 00 21 45 00 00 54 00 2F 00 00 FF 01 3E F1 01 00 00 0C 7B 7B 00 02 08 00 CB 37 00 12 00 00 00 02 37 A5 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F

The first 4 bytes are PPP frame heads, the the latter are data

...!E..T./....>.

....{{.....7....

..7.............

................

ASCII code denotation of sent packet.

Those out of the denotation range of ASCII code are shown in “.”

RX <- packet

PPP packet received

Len=88

Length of packet received

21 45 00 00 54 9E 73 00 00 FF 01 A0 AC 7B 7B 00 02 01 00 00 0C 00 00 D3 37 00 12 00 00 00 02 37 A5 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22

First byte 0X21, is the value of IPprotocol and PFC compress in ppp, originally 0X0021.

the rear part are data

!E..T.s......{{.

........7......7

................

............. !"

ASCII code denotation of sent packet.

Those out of the denotation range of ASCII code are shown in “.”

 

The following example describes the simplified process of debug PPPprotocol parameter negotiation

Router#debug ppp negotiation s1/2

PPP Serial1/2: LCP  Listen  ; Start

PPP Serial1/2: LCP  Listen  ; TX -> Config Req, id: 52, len: 14

PPP Serial1/2: LCP  Req Sent; RX <- Config Ack, id: 52, len: 14

PPP Serial1/2: LCP  Ack Rcvd; RX <- Config Req, id: 88, len: 14

PPP Serial1/2: LCP  Ack Rcvd; TX -> Config Ack, id: 88, len: 14

PPP Serial1/2: LCP  Ack Rcvd; Opened

PPP Serial1/2: IPCP Listen  ; Start

PPP Serial1/2: IPCP Listen  ; TX -> Config Req, id: 53, len: 10

PPP Serial1/2: IPCP Req Sent; RX <- Config Req, id: 89, len: 16

PPP Serial1/2: IPCP Req Sent; TX -> Config Ack, id: 89, len: 16

PPP Serial1/2: IPCP Ack Sent; RX <- Config Ack, id: 53, len: 10

PPP Serial1/2: IPCP Ack Sent; Opened

Domain

Description

Serial1/2

Current debug interface

PPP

PPP protocol

LCP

Link control protocol

IPCP

IP control protocol

Listen、Req Sent、Ack Rcvd、Ack Sent

PPPprotocol mode

id: 53

Packet identification

len:10

Length of packet

 

PPPOE configuration command

 

pppoe-client dialer number

This command is used to enable the display of PPPoE Client function

       no pppoe-client dialer number

parameter:

   number:  Linked Dialer interface

command mode:

  Interface configuration mode

example:

    RouterA_config_e1/1#pppoe-client Dialer1  

clear pppoe

This command is used to reset all PPPoE connection.

clear pppoe

parameter:

none

command mode:

supervisor mode 

debug pppoe data

This command shows the packet exchange in session phase in PPPoE session.

parameter:

none

command mode:

supervisor mode

example:

 2002-4-9 13:34:33 PPPoE Ethernet1/1 Tx DATA id:0001 len:42,

00 01 42 89 75 50 08 00 3E 56 33 45 88 64 11 00   ..B.uP..>V3E.d..

00 01 00 16 C0 21 09 4F 00 14 55 17 32 DC 00 00   .....!.O..U.2...

00 00 7D 3D 7D 20 26 7D 22 7D                     ..}=} &}"}

2002-4-9 13:34:33 PPPoE Ethernet1/1 Rx DATA id:0001 len:42

08 00 3E 56 33 45 00 01 42 89 75 50 88 64 11 00   ..>V3E..B.uP.d..

00 01 00 16 C0 21 0A 4F 00 14 62 46 FA C3 00 00   .....!.O..bF....

00 00 7D 3D 7D 20 26 7D 22 7D                     ..}=} &}"}

debug pppoe error

This command is used to show the errors appeared in PPPoE opposite process.

debug pppoe error

parameter:

none

command mode:

supervisor mode

debug pppoe event

This command is used to display the related events during PPPoE session process. (Sending and receiving packets, related timer timeouts))

    debug pppoe event

 

parameter:

none

 

command mode:

supervisor mode

 

example:

router#debug pppoe event

RouterA#debug pppoe da

RouterA_config_e1/1#pppoe d1

RouterA_config_e1/1#2002-4-9 14:19:16 PPPoE Ethernet1/1 Created L:0800.3e56.3345

2002-4-9 14:19:16 PPPoE Ethernet1/1 Starting L:0800.3e56.3345

2002-4-9 14:19:16 PPPoE Ethernet1/1 Tx PADI L:0800.3e56.3345 R:ffff.ffff.ffff

2002-4-9 14:19:16 PPPoE Ethernet1/1 Rx PADO L:0800.3e56.3345 R:0001.4289.7550

2002-4-9 14:19:16 PPPoE Ethernet1/1 Tx PADR L:0800.3e56.3345 R:0001.4289.7550

2002-4-9 14:19:16 PPPoE Ethernet1/1 Rx PADS L:0800.3e56.3345 R:0001.4289.7550

2002-4-9 14:19:16 PPPoE Ethernet1/1 Opening

2002-4-9 14:19:16 PPPoE Ethernet1/1 Opened L:0800.3e56.3345 R:0001.4289.7550

2002-4-9 14:19:16 Line on Interface Virtual-access0, changed state to up

2002-4-9 14:19:16 Line protocol on Interface Virtual-access0, changed state to up

debug pppoe packet

This command is used to display the protocol interaction in discovery session happened in PPPoE session process

debug pppoe packet

 

parameter:

  none

command mode:

  supervisor mode

example:

 RouterA_config_e1/1#2002-4-9 13:42:12 PPPoE Ethernet1/1 Tx PADT L:0800.3e56.3345

 R:0001.4289.7550

00 01 42 89 75 50 08 00 3E 56 33 45 88 63 11 A7   ..B.uP..>V3E.c..

00 01 00 00               

RouterA_config_e1/1#2002-4-9 13:42:41 PPPoE Ethernet1/1 Tx PADI L:0800.3e56.3345

 R:ffff.ffff.ffff

FF FF FF FF FF FF 08 00 3E 56 33 45 88 63 11 09   ........>V3E.c..

00 00 00 0C 01 01 00 00 01 03 00 04 00 00 3F 54   ..............?T

2002-4-9 13:42:41 PPPoE Ethernet1/1 Rx PADO L:0800.3e56.3345 R:0001.4289.7550

08 00 3E 56 33 45 00 01 42 89 75 50 88 63 11 07   ..>V3E..B.uP.c..

00 00 00 2C 01 01 00 00 01 03 00 04 00 00 3F 54   ...,..........?T

01 02 00 08 47 4B 2D 43 49 53 43 4F 01 04 00 10   ....GK-CISCO....

91 5A D4 BE D5 27 87 03 43 DC 6A F0 09 6B 54 19   .Z...'..C.j..kT.

2002-4-9 13:42:41 PPPoE Ethernet1/1 Tx PADR L:0800.3e56.3345 R:0001.4289.7550

00 01 42 89 75 50 08 00 3E 56 33 45 88 63 11 19   ..B.uP..>V3E.c..

00 00 00 20 01 01 00 00 01 03 00 04 00 00 0F F6   ... ............

01 04 00 10 91 5A D4 BE D5 27 87 03 43 DC 6A F0   .....Z...'..C.j.

09 6B 54 19                                       .kT.

2002-4-9 13:42:41 PPPoE Ethernet1/1 Rx PADS L:0800.3e56.3345 R:0001.4289.7550

08 00 3E 56 33 45 00 01 42 89 75 50 88 63 11 65   ..>V3E..B.uP.c.e

00 01 00 20 01 01 00 00 01 03 00 04 00 00 0F F6   ... ............

01 04 00 10 91 5A D4 BE D5 27 87 03 43 DC 6A F0   .....Z...'..C.j.

09 6B 54 19