bridging traffic over dialer/pppoe

d-mark · ‎10-25-2007

Hello,

maybe someone of you can help me. I'm looking for a way to bridge traffic between two sides. The 'remote' side has to use pppoe to connect to the 'central' side. And at the central side I want to bind/bridge the remote side into a vlan. To figure out a way to achieve this I've set up a small test szenario. The configuration of the remote side is:

vpdn enable

!

bridge irb

!

interface FastEthernet0/0

no ip address

duplex auto

speed auto

pppoe enable

pppoe-client dial-pool-number 1

!

interface FastEthernet0/1.1

encapsulation dot1Q 1 native

bridge-group 1

!

interface Dialer1

ip address negotiated

ip mtu 1456

encapsulation ppp

no ip route-cache cef

no ip route-cache

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username benutzer password 0 passwort

bridge-group 1

!

interface BVI1

ip address 10.37.1.123 255.255.255.0

!

bridge 1 protocol ieee

bridge 1 route ip

!

and the configuration o the central side is:

aaa new-model

!

aaa authentication login default line

aaa authentication enable default enable

aaa authentication ppp default group radius

aaa authorization network default group radius

aaa accounting delay-start

aaa accounting update periodic 60

aaa accounting network default start-stop group radius

!

aaa session-id common

!

vpdn enable

!

bridge irb

!

bba-group pppoe PPPoE

virtual-template 1

sessions per-mac limit 1

!

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

no cdp enable

bridge-group 1

!

interface FastEthernet0/1

no ip address

ip route-cache flow

duplex auto

speed auto

pppoe enable group PPPoE

!

interface Virtual-Template1

no ip address

no ip redirects

ip mtu 1492

ip route-cache flow

ip tcp adjust-mss 1408

ppp authentication pap

bridge-group 1

!

interface BVI1

ip address 10.37.1.1 255.255.255.0

!

radius-server attribute nas-port format d

radius-server host 10.37.128.166 auth-port 1812 acct-port 1813 key accom

radius-server source-ports extended

!

control-plane

!

bridge 1 priority 1024

bridge 1 protocol ieee

!

At the central side I can see the MAC address of the remote side

central#sh bridge v

Total of 300 station blocks, 299 free

Codes: P - permanent, S - self

BG Hash Address Action Interface VC Age RX count TX count 1 E0/0 001b.b5ad.9575 forward Vi3 - 0 5 0

Flood ports (BG 1) RX count TX count

FastEthernet0/0.1 0 0

Virtual-Access3 0 0

central#

But I can't put any traffic (ping for example) over the bridged-pppoe-link.

I would be glad if someone of you could give me a hint.

thanks in advance and kind regards

Mark

bbayer · ‎10-25-2007

I wish I had a test system to try this out on before I respond, but I don't so try moving the pppoe commands off the physical FastEthernet interfaces to the FastEthernet sub-interfaces.

Brian ": )

d-mark · ‎10-26-2007

Hi Brian,

thanks for your reply. I'm some kind of confused by your suggestion, because the FastEthernet interfaces doing the pppoe (remote fa0/0, central fa0/1) on both sides have no subinterfaces. Did I missed something?

regards

Mark

bbayer · ‎10-26-2007

No, sorry I missed that. Do you have a username and password configured on the central router for benutzer?

": )

d-mark · ‎10-26-2007

Yes, I have a username and password configured and the login as it is works fine. By the way, I use a RADIUS server, in that way I can pass additional configuration statements like cisco-avpair="lcp:interface-config=" to different configurations for different users.

Meanwhile I followed a different approach to solve my problem. I try to use a GRE tunnel and bridge traffic trough/over it.

regards

Mark