Routeur Cisco c7301 - LNS - Vpdn l2tp sessions blocked in wait-connected status (wt-con)
I'll try to explain my problem. Sorry for my level in english.
We've got a LNS router (cisco c7301) which is responsible for the interconnection of 2.400 routers DSL (1.800 adsl routers + 480 sdsl routers).
This LNS router is called by several LAC equipments.
The LNS router call 2 radius services to authenticate the l2tp sessions.
When i realize a clear of the l2tp sessions on the equipment, several hundred of l2tp sessions can't established and remain blocked in a wait-connected status (wt-con status).
We have activated the debug mode on a LAC Router and the LNS Router and we observed that the LNS router not really sent the ICRP response to the ICRQ request send by the LAC router.
The LNS router try to resend the ICRP packet but without success Mar 8 18:19:47: Tnl 41875 L2TP: O Resend ICRP, flg TLS, ver 2, len 28, tnl 4489, ns 28517, nr 58314
The LAC Server doesn't receive the ICRP packet and send a deconnection request (CDN) to the LNS router after a wait of 40 seconds
Regularly, the blocked DSL routers initialize some new attempts of l2tp connexion but this phenomenon persists and is happen again at each time.
So the last l2tp sessions can't established while several hours.
During the detection of the issue, the LNS router were quiet (CPU usage: 10% - used RAM memory: 22%). This kind of router will be able to establish more than 15.000 l2tp sessions and in normal conditions, it runs correctly.
We have detected another strange thing.
When i use the following debug command 'debug vpdn l2x-packets', the sessions are unblocked and the last routers establish quickly their l2tp sessions.
And the LNS router stay stable.
This issue occurs at each time in case of incident and the delay of service restoration is more long.
The used lns router is a Cisco 7301 and this problem occurs with the version 12.4 (12c) and 12.4(25c) of the IOS.
Someone has already met this kind of issue ?
Have you any idea or solution to solve this issue (Configuration parameters, other, ...) ?
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...