Welcome to the Cisco Networking Professionals Ask the Expert conversation. This is an opportunity to get an update from Cisco expert Muhammad Afaq Khan on the new 7200 product series. Afaq is a technical marketing engineer with Broadband, Edge and Midrange Routing Business Unit at Cisco Systems Inc. Ha has previously worked for Cisco Security/VPN Technical Assistance Center (TAC) teams for almost 4 years. He specializes on VPNs involving VPN3000, IOS, PIX FW and third party products. Afaq has represented Cisco in many Security/VPN seminars. He is a CCIE (#9070) in Routing & Switching and Security. He holds bachelor?s of engineering degree in computer systems from NEDUET.
Remember to use the rating system to let Afaq know if you have received an adequate response.
Afaq might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the event. This event lasts through June 30, 2006. Visit this forum often to view responses to your questions and the questions of other community members.
Working on lab, with an ADSL environment, I'm trying to end clients' PPPoE over VLAN sessions on a cisco 7200, with Cisco IOS Software Version 12.3(14)T. This part is fine, things go bad when I try it to work as a dhcp relay agent, with PPPoE sessions still finishing in it. We have did the same with Bridge instead of PPPoE, without troubles.
Making some debugs I've found I'm receving DHCP Discovery message from the client, so I'm still wondering why the cisco 7200 isn't forwarding the message.
I'll be pleased to read your comments.
Thanks for the question.
When a pppoevlan client comes into a BRAS, after authentication, the address assignment process starts.
Now as long as you have dhcp server IP configured, and the virtual-template is configured to assign IP address via DHCP server, it should work.
Could you copy paste relevant portion of your configuration so that I can have a look?
Well being more detailed...
I'm working with a card installed in a cisco 7609 that have de capabilities of 4 cisco 7200, and i'm sharing it with other co-workers. What I've configure and what a sh run will look like is in the attachment.
Using debugs I'm viewing the DHCP Discovery messages from the client but not a response from the server (a DHCP offer). What I understand is that because de client isn't configure in de DHCP server, the communication with de server will last with de DHCP request from the client (the server won't lease the client any ip address). But the previous messages have to exist.
The debugs I've placed were:
>> debug dhcp detail (packets from the client)
>> debug ip dhcp server packet (packets from the server)
afaik, this config should work. could you try the same thing with the bbq groups (they allow for multiple domains to be authenticated vs. a single domain when using vpdn groups)?
hope that helps.
Just following up on the previous email:
1) the vpdn group command for pppoe is being replaced by the bba-group command. The virtual template and session limit within the vpdn group can be configured under the bba-group.
2) The sub-interface would be configured with pppoe enable group
3) within the virtual template add the command: peer default ip address dhcp
So the process would be the following:
session comes into the VLAN sub-interface which has "pppoe enable group
the bba-group is called from the pppoe enable command
this points to the virtual template interface to handle the ppp session being established
ppp process starts (lcp negotiation of parameters, authentication)
at ipcp the router knows that the ip address is through a dhcp server
the ip helper-address should indicate how to reach the dhcp server.
just to make sure that you got all above the way I described above, and get back to me in case if this doesn't help.
Tell me, do you now a way to see (maybe a debug) DHCP relay agent forwarding packets and/or the responses from de DHCP server.
usual debugs apply, the ones you mentioned.
debug dhcp detail could be used /w caution!
Did you try any of the previous suggestions to create bba groups etc?
Cisco 7200VXR NPE-G2 is the follow up Network Processing Engine after NPE-G1. It simply doubles the forwarding performance over NPE-G1, and provides up to 2 Mpps.
It's already FCS, and available in the price tool for ordering since May.
Please feel free to let me know if you've further Qs.
Max. # of recommended PPP/L2TP sessions remain the same across NPE-G1 and NPE-G2. Hence, they are still 16K.
Keep the questions coming :)
So aside the extra speed of 2mpps, what else is different? Why should I go for the NPE-G2, rather than the NPE-G1?
Has there been any lab testing on the NPE-G2?
How soon wil we get an equivalen engine on the 7300 like the NPE-G100?. More especially for the 1U routers.
Salient features of NPE-G2 (over other old NPEs are):
- other than 2Mpps
* NPE-G2 has 2 USB, and dedicated Mgmt FE ports
* NPE-G2 will support VSA to get high encryption throughput (VSA will ship around Q4CY06).
* It has more resources (DRAM - 1GB default, Bootflash - 64MB default, NVRAM - 2MB default etc.)
In general you can read the datasheet to get more details.
We're scoping the efforts at the moment on other platforms as well.
Can you please help me with query...
We have two Cisco 7206 router in India and two Router in UK. Both these routers are connected by 2*2 Mbps serial Links each.
We run VoIP over the network.
We run HSRP between the two routers in India as well as in UK and we are tracking all the interfaces. However we have been having some trouble with the network when any one of the Serial Links flaps on the active router as it switches over to the Secondary router thereby resetting all the phones.
Sorry for the boring desc,but my ques to you is, would you recomment using GLPB instead of HSRP between the routers and whats the best practice in such a setup,
Many thanks in advance for reading so patiently.
GLBP is basically HSRP /w load balancing feature with the convinent of using single VIP (as opposed to MSHRP and two VIPs).
I think you should troubleshoot the issue and look for any possible ddts that may exist for the IOS that you're running.
Afaik, the failove for the ip phones should be seamless!