Hour 389: PPPoE Client/Server

One of the technologies I have never touched in a prod environment is the PPPoE Client/Server configuration. I think this is because PPPoE is mostly used in Service Provider environments and I have only worked in Enterprise environments. If you don’t configure this often, it can be hard to understand and remember the configuration steps required. Today, I’ll lay out the easiest way to configure this with a static IP (IPCP).

First, let’s talk a little bit how PPPoE works. PPP over Ethernet (PPPoE) will have 2 configurations, the client and the server.

The client will not have any IP’s configured on it. Instead, it will have a dialer interface to receive its IP address from the PPPoE server through IPCP. The configuration will be like this:

int dialer 1

mtu 1492

! It is recommended to set the MTU 1492 because PPPoE adds an 8 byte encapsulation header. We want  to avoid MTU problems by configuring this.

encapsulation ppp

! Don’t forget to set the encapsulation to PPP because by default Cisco devices will try to negotiate through HDLC

ip add negotiated

! This could be set to DHCP instead of negotiated to get a DHCP address instead of a IPCP

dialer pool 1

! Here we are creating the dialer pool that will be associated with the interface that faces the PPPoE Server

dialer persistent

! This is set to have the dialer try to establish a connection automatically

int f0/0

pppoe enable group global

pppoe-client dial-pool-number 1

no shut

! The first command is to set the interface to use PPPoE, the second is to have  PPPoE be a client and use dialer pool 1

 

The PPPoE server will have its own IP address configured and the remote client IP address will be negotiated through IPMP or DHCP. To do this, we will create a bba-group on the server and assign a virtual-template holding IP configuration.

int virtual-template1

ip add 192.168.0.1 255.255.255.0

peer default ip add pool PPPoE

! We are creating the virtual template that will be associated to the bba-group. Here we use the peer command !to use IPCP but we could not set this and have a DHCP pool configured on the same subnet as the virtual-template IP address to have DHCP negotiated on the client. Of course, if you want to do this, you also have to configure the dialer on the client.

ip local pool PPPoE 192.168.0.2 192.168.0.2

! This is the local pool IP address that was defined in the virtual-template1 and that will be used for IPCP negotiation.

bba-group pppoe global

virtual-template 1

! Here we associate the virtual-template to the bba-group

int f0/0

pppoe enable group global

no shut

! Finally we set port int f0/0 to use PPPoE

Once this is configured, let’s do a “debug pppoe events” on the client and take a look at the negotiation process:

ClientDebug

  1. The client broadcasts a PPPoE Active Discovery Initiation (PADI) packet to learn of any servers on the network.
  2. R2 responds with a unicast PPPoE Active Discovery Offer (PADO). This packet contains a tag that the client uses to associate with the proper request.
  3. After receiving the PADO, the client sends a PPPoE Active Discovery Request (PADR) packet, which is unicast top the server.
  4. The server responds with a PPPoE Active Discovery Session-confirmation (PADS) packet and PPP negotiation begins.

Again, here are the steps to configure PPPoE Client/Server:

Client:

1. Configure dialer interface in client, this contains ppp and negotiation options

2. Configure the ethernet interface with the dialer pool and bba-group

Server:

1. Configure virtual-template with the IP address (DHCP pool or IPCP with local pool)

2. Configure the bba-group and add the virtual-template inside

3. Configure the ethernet interface with the bba-group

Advertisements

One thought on “Hour 389: PPPoE Client/Server

  1. Hello,

    Why is there a need to configure “pppoe enable group global” in the client configuration? Shouldn’t that only be done on the server site?

    Thanks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s