Cisco 10000 User Manual

Cisco 10000 Series Router Software Configuration Guide

June, 2010

Americas Headquarters

Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000

800 553-NETS (6387)

Fax: 408 527-0883

Text Part Number: OL-2226-23

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL:

www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership

relationship between Cisco and any other company. (1110R)

IMPLIED, INCLUDING, WITHOUT

Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.

Cisco 10000 Series Router Software Configuration Guide

About This Guide xxiii

Guide Revision History i-xxiii

Audience i-xxviii

Document Organization i-xxviii

Document Conventions i-xxx

Related Documentation i-xxxi

RFCs i-xxxii

Obtaining Documentation, Obtaining Support, and Security Guidelines i-xxxii

CHAPTER

1 Broadband Aggregation and Leased-Line Overview 1-1

Hardware Requirements 1-1

Checking Hardware and Software Compatibility 1-1

Broadband Architecture Models 1-2

PPP Termination and Aggregation Architectures 1-2

PTA to Virtual Routing and Forwarding Architecture 1-3 PTA to Multiprotocol Label Switching Virtual Private Network Architecture 1-4

L2TP Architectures 1-5

L2TP to Virtual Routing and Forwarding Architecture 1-5 L2TP over MPLS to Virtual Routing and Forwarding Instance 1-6 L2TP Access Concentrator Architecture 1-7

Routed Bridge Encapsulation Architectures 1-7

RBE to Virtual Routing and Forwarding Architecture 1-8 RBE to Multiprotocol Label Switching Virtual Private Network Architecture 1-9

Leased-Line Architecture Models 1-10

Channelized Aggregation 1-10 Frame Relay Aggregation 1-10 ATM Aggregation 1-11 Ethernet Aggregation 1-12 MPLS Provider Edge Applications 1-12 Combined Broadband and Leased-Line Applications 1-13

OL-2226-23

Load Balancing Architecture Models 1-13

IP and MPLS Applications 1-13 Single Ingress and Single Egress Provider Edge Applications 1-14 Single Ingress and Two Egress Provider Edge Applications 1-14

Cisco 10000 Series Router Software Configuration Guide

iii

Contents

Multiple Ingress and Multiple Egress Provider Edge Applications 1-15

New Features, Enhancements, and Changes 1-15

New Features in Cisco IOS Release 12.2(33)XNE3 1-16 New Features in Cisco IOS Release 12.2(33)SB3 1-16 New Features in Cisco IOS Release 12.2(33)SB2 1-16 New Features in Cisco IOS Release 12.2(33)SB 1-17 New Features in Cisco IOS Release 12.2(31)SB5 1-17 New Features in Cisco IOS Release 12.2(31)SB3 1-18 New Features in Cisco IOS Release 12.2(31)SB2 1-18 New Features in Cisco IOS Release 12.2(28)SB1 1-20 New Features in Cisco IOS Release 12.2(28)SB 1-20 New Features in Cisco IOS Release 12.3(7)XI7 1-24 New Features in Cisco IOS Release 12.3(7)XI3 1-24 New Features in Cisco IOS Release 12.3(7)XI2 1-24 New Features in Cisco IOS Release 12.3(7)XI1 1-25

CHAPTER

2 Scalability and Performance 2-1

Line Card VC Limitations 2-1

Limitations and Restrictions 2-3

Scaling Enhancements in Cisco IOS Release 12.2(33)SB 2-4

Layer 4 Redirect Scaling 2-4

Scaling Enhancements in Cisco IOS Release 12.3(7)XI1 2-6

FIB Scaling 2-6 Policy-Map Scaling 2-6 Queue Scaling 2-6

Scaling Enhancements in Cisco IOS Release 12.3(7)XI2 2-7

Queue Scaling 2-7 VC Scaling 2-7

Scaling Enhancements in Cisco IOS Release 12.2(28)SB 2-8

Configuring the Cisco 10000 Series Router for High Scalability 2-8

Configuring Parameters for RADIUS Authentication 2-8 Configuring L2TP Tunnel Settings 2-9 VPDN Group Session Limiting 2-10 Configuring the PPP Authentication Timeout 2-10 Disabling Cisco Discovery Protocol 2-10 Disabling Gratuitous ARP Requests 2-10 Configuring a Virtual Template Without Interface-Specific Commands 2-11 Monitoring PPP Sessions Using the SNMP Management Tools 2-13 SNMP Process and High CPU Utilization 2-13

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

CISCO-ATM-PVCTRAP-EXTN-MIB 2-14 Configuring the Trunk Interface Input Hold Queue 2-15 Configuring no atm pxf queuing 2-15 Configuring atm pxf queuing 2-16 Configuring keepalive 2-17 Enhancing Scalability of Per-User Configurations 2-17

Setting VRF and IP Unnumbered Interface Configurations in User Profiles 2-18 Setting VRF and IP Unnumbered Interface Configuration in a Virtual Interface Template 2-18

Redefining User Profiles to Use the ip:vrf-id and ip:ip-unnumbered VSAs 2-18 Placing PPPoA Sessions in Listening Mode 2-19 Scaling L2TP Tunnel Configurations 2-19

Using the RADIUS Attribute cisco-avpair="lcp:interface-config" 2-20

Using Full Virtual Access Interfaces 2-20

Preventing Full Virtual Access Interfaces 2-21

Contents

CHAPTER

3 Configuring Remote Access to MPLS VPN 3-1

MPLS VPN Architecture 3-2

Access Technologies 3-3

PPP over ATM to MPLS VPN 3-4 PPP over Ethernet to MPLS VPN 3-5 RBE over ATM to MPLS VPN 3-7 MPLS VPN ID 3-7 DHCP Relay Agent Information Option—Option 82 3-9 DHCP Relay Support for MPLS VPN Suboptions 3-9

Feature History for RA to MPLS VPN 3-10

Restrictions for RA to MPLS VPN 3-10

Prerequisites for RA to MPLS VPN 3-11

Configuration Tasks for RA to MPLS VPN 3-12

Configuring the MPLS Core Network 3-12

Enabling Label Switching of IP Packets on Interfaces 3-12

Configuring Virtual Routing and Forwarding Instances 3-13

Associating VRFs 3-13

Configuring Multiprotocol BGP PE to PE Routing Sessions 3-14 Configuring Access Protocols and Connections 3-16

Configuring a Virtual Template Interface 3-17

Configuring PPP over ATM Virtual Connections and Applying Virtual Templates 3-18

Configuring PPPoE over ATM Virtual Connections and Applying Virtual Templates 3-18

Configuring PPPoE over Ethernet Virtual Connections and Applying Virtual Templates 3-20

Configuring RBE over ATM Virtual Connections 3-22

OL-2226-23

Cisco 10000 Series Router Software Configuration Guide

Contents

Configuring and Associating Virtual Private Networks 3-28

Configuring Virtual Private Networks 3-28 Associating VPNs with a Virtual Template Interface 3-28

Configuring RADIUS User Profiles for RADIUS-Based AAA 3-30

Verifying VPN Operation 3-30

Configuration Examples for RA to MPLS VPN 3-30

PPPoA to MPLS VPN Configuration Example 3-31 PPPoE to MPLS VPN Configuration Example 3-34 RBE to MPLS VPN Configuration Example 3-38

Monitoring and Maintaining an MPLS Configuration 3-39

Verifying the Routing Protocol Is Running 3-40 Verifying MPLS 3-40 Verifying Connections Between Neighbors 3-40 Verifying Label Distribution 3-41 Verifying Label Bindings 3-42 Verifying Labels Are Set 3-43

CHAPTER

Monitoring and Maintaining the MPLS VPN 3-43

Verifying VRF Configurations 3-44 Verifying the Routing Table 3-44 Verifying the PE to PE Routing Protocols 3-45 Verifying the PE to CE Routing Protocol 3-46 Verifying the MPLS VPN Labels 3-46 Testing the VRF 3-46

Monitoring and Maintaining PPPoX to MPLS VPN 3-47

Monitoring and Maintaining RBE to MPLS VPN 3-48

4 Configuring Multiprotocol Label Switching 4-1

BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-1

Feature History for BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-2 Restrictions for BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-3 Prerequisites for BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-3 IGP Convergence Acceleration 4-3

Configuring IGP Convergence Acceleration 4-4

Configuring BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-4

Configuring Multipath Load Sharing for eBGP and iBGP 4-5 Verifying Multipath Load Sharing for eBGP and iBGP 4-5

Configuration Examples for BGP Multipath Load Sharing for eBGP and iBGP in an MPLS VPN 4-5

eBGP and iBGP Multipath Load Sharing Configuration Example 4-6 Verifying eBGP and iBGP Multipath Load Sharing 4-6

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Monitoring and Maintaining BGP Multipath Load Sharing for eBGP and iBGP 4-7

IPv6 VPN over MPLS 4-7

Feature History for IPv6 VPN over MPLS 4-8 Prerequisites for Implementing IPv6 VPN over MPLS 4-8 Restrictions for Implementing IPv6 VPN over MPLS 4-9 Configuration Tasks for Implementing IPv6 VPN over MPLS 4-9

BGP Features 4-10

IPv6 Internet Access 4-11

VRF-Aware Router Applications 4-12

VRF-Lite 4-12

QoS Features 4-12 Configuration Example for Implementing IPv6 VPN over MPLS 4-13 Monitoring and Maintaining IPv6 VPN over MPLS 4-15

Session Limit Per VRF 4-15

Application of VPDN Parameters to VPDN Groups 4-16 VPDN Template Configuration 4-17 Feature History for Session Limit Per VRF 4-17 Restrictions for Session Limit Per VRF 4-17 Prerequisites for Session Limit Per VRF 4-17 Configuring Session Limit Per VRF 4-18 Verifying a Session Limit Per VRF Configuration 4-19 Configuration Examples for Session Limit Per VRF 4-19 Monitoring and Maintaining Session Limit Per VRF 4-21

Contents

OL-2226-23

Half-Duplex VRF 4-21

Upstream and Downstream VRFs 4-22 Reverse Path Forwarding Check Support 4-23 Feature History for Half-Duplex VRF 4-23 Restrictions for Half-Duplex VRF 4-23 Prerequisites for Half-Duplex VRF 4-23 Configuration Tasks for Half-Duplex VRF 4-24

Configuring Upstream and Downstream VRFs on the L2TP Access Concentrator and PE

Router 4-24

Associating VRFs 4-25

Configuring RADIUS 4-26 Configuration Examples for Half-Duplex VRF 4-26

Hub and Spoke Sample Configuration with Half-Duplex VRFs 4-27

RADIUS Sample Configuration 4-28 Monitoring and Maintaining Half-Duplex VRF 4-29

Cisco 10000 Series Router Software Configuration Guide

vii

Contents

CHAPTER

5 Configuring the Layer 2 Tunnel Protocol Access Concentrator and Network Server 5-1

IP Reassembly 5-1

Feature History for IP Reassembly 5-2

Layer 2 Access Concentrator 5-2

Tunnel Sharing 5-4 Tunnel Service Authorization 5-4

Tunnel Selection 5-4 Sessions per Tunnel Limiting 5-5 Session Load Balancing 5-6 Session Load Failover 5-6 Feature History for LAC 5-6 Restrictions for LAC 5-7 Required Configuration Tasks for LAC 5-7

Enabling the LAC to Look for Tunnel Definitions 5-7 Optional Configuration Tasks for LAC 5-7

Enabling Sessions with Different Domains to Share the Same Tunnel 5-8

Enabling the LAC to Conduct Tunnel Service Authorization 5-8

Configuring Sessions Per Tunnel Limiting on the LAC 5-12 RADIUS Server Optional Configuration Tasks for LAC 5-13

Enabling Tunnel Sharing for RADIUS Services 5-13

Enabling the RADIUS Server to Conduct Tunnel Service Authorization 5-14

Configuring Sessions Per Tunnel Limiting in the RADIUS Service Profile 5-16 Configuration Example for LAC 5-17 Monitoring and Maintaining LAC 5-21

viii

L2TP Network Server 5-22

Virtual Template Interface 5-23 Virtual Routing and Forwarding Instance 5-23 Per VRF AAA 5-23 Private Servers 5-24 RADIUS Attribute Screening 5-24 Packet Fragmentation 5-24 Tunnel Accounting 5-25 Tunnel Authentication 5-25 Named Method Lists 5-27 Framed-Route VRF Aware 5-27 Feature History for LNS 5-28 Restrictions for the LNS 5-28 Prerequisites for LNS 5-28 Required Configuration Tasks for LNS 5-29

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Configuring the Virtual Template Interface 5-29 Configuring the LNS to Initiate and Receive L2TP Traffic 5-29

Optional Configuration Tasks for LNS 5-30

Configuring per VRF AAA Services 5-31 Configuring a VRF on the LNS 5-36 Configuring Sessions per Tunnel Limiting on the LNS 5-36 Configuring RADIUS Attribute Accept or Reject Lists 5-37 Configuring the LNS for RADIUS Tunnel Accounting 5-39 Configuring the LNS for RADIUS Tunnel Authentication 5-42

Configuration Examples for LNS 5-45

Managed LNS Configuration Example 5-45 Tunnel Accounting Configuration Examples 5-47 Tunnel Authentication Configuration Examples 5-50

Monitoring and Maintaining LNS 5-51

Contents

CHAPTER

6 Configuring PPPoE over Ethernet and IEEE 802.1Q VLAN 6-1

PPPoE over Ethernet 6-1

Feature History for PPPoE over Ethernet 6-2 Restrictions for PPPoE over Ethernet 6-2 Configuration Tasks for PPPoE over Ethernet 6-2

Configuring a Virtual Template Interface 6-2 Creating an Ethernet Interface and Enabling PPPoE 6-3 Configuring PPPoE in a VPDN Group 6-3 Configuring PPPoE in a BBA Group 6-3

Configuration Example for PPPoE over Ethernet 6-5

Static MAC Address for PPPoE 6-5

Feature History for Static MAC Address for PPPoE 6-6

PPPoE over IEEE 802.1Q VLANs 6-7

Feature History for PPPoE over IEEE 802.1Q VLANs 6-7 Restrictions for PPPoE over IEEE 802.1Q VLANs 6-7 Configuration Tasks for PPPoE over IEEE 802.1Q VLANs 6-7

Configuring a Virtual Template Interface 6-8 Creating an Ethernet 802.1Q Encapsulated Subinterface and Enabling PPPoE 6-8 Configuring PPPoE in a VPDN Group 6-8

Configuring PPPoE in a BBA Group 6-9 Configuration Examples for PPPoE over IEEE 802.1Q VLANs 6-10 Verifying PPPoE over Ethernet and IEEE 802.1Q VLAN 6-11 Clearing PPPoE Sessions 6-12

OL-2226-23

TCP MSS Adjust 6-12

Cisco 10000 Series Router Software Configuration Guide

Contents

Feature History for TCP MSS Adjust 6-12 Information about TCP MSS Adjust 6-12 Restrictions for TCP MSS Adjust 6-13 Configuration Task for TCP MSS Adjust 6-13 TCP MSS Adjustment Configuration: Examples 6-14

VLAN Range 6-15

Feature History for VLAN Range 6-15 Restrictions for VLAN Range 6-16 Configuration Task for VLAN Range 6-16

Configuring a Range of VLAN Subinterfaces 6-16 Configuration Examples for VLAN Range 6-17 Verifying the Configuration of a Range of Subinterfaces 6-18

CHAPTER

7 Configuring IP Unnumbered on IEEE 802.1Q VLANs 7-1

Feature History for IP Unnumbered on VLANs 7-2

Benefits for IP Unnumbered on VLANs 7-2

Restrictions for IP Unnumbered on VLANs 7-3

Configuration Tasks for IP Unnumbered on VLANs 7-3

Configuring IP Unnumbered for an Ethernet VLAN Subinterface 7-3

Configuring IP Unnumbered for a Range of Ethernet VLAN Subinterfaces 7-4

Configuration Examples for IP Unnumbered on VLANs 7-4

Monitoring and Maintaining IP Unnumbered Ethernet VLAN Subinterfaces 7-5

8 Configuring ATM Permanent Virtual Circuit Autoprovisioning 8-1

ATM PVC Autoprovisioning 8-1

Local Template-Based ATM PVC Provisioning 8-2

Feature History for Local Template-Based ATM PVC Provisioning 8-2 ATM Interface Oversubscription 8-2 VC Class 8-3 ATM VC Scaling and VC Assignment 8-4

When SAR the Page Limit is Reached 8-5

OC-12 ATM Line Card and VC Scaling 8-5

Feature History for ATM PVC Autoprovisioning 8-5 Restrictions for ATM PVC Autoprovisioning 8-5 Configuration Tasks for ATM PVC Autoprovisioning 8-6

Creating an On-Demand PVC Using a VC Class 8-6

Creating an On-Demand PVC Directly 8-8

Creating an On-Demand PVC With Infinite Range 8-11 Monitoring and Maintaining ATM PVC Autoprovisioning 8-12

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Configuration Example for ATM PVC Autoprovisioning 8-13

Variable Bit Rate Non-Real Time Oversubscription 8-14

Feature History for VBR-nrt Oversubscription 8-15 Restrictions for VBR-nrt Oversubscription 8-15 Configuration Tasks for VBR-nrt Oversubscription 8-17

Configuring VBR-nrt Oversubscription 8-17 Verifying ATM PVC Oversubscription 8-17

Configuration Example for ATM PVC Oversubscription 8-18

Contents

CHAPTER

9 Configuring Multihop 9-1

Feature History for Multihop 9-2

Restrictions for Multihop 9-3

Required Configuration Tasks for Multihop 9-3

Enabling VPDN and Multihop Functionality 9-3 Terminating the Tunnel from the LAC 9-4 Mapping the Ingress Tunnel Name to an LNS 9-4

Optional Configuration Tasks for Multihop 9-5

Specifying VPDN Tunnel Authorization Searches by Ingress Tunnel Name 9-5 Preserving the Type of Service Field of Encapsulated IP Packets 9-5

Configuring an Accept-Dialin VPDN Group to Preserve IP TOS 9-6 Configuring a Request-Dialout VPDN Group to Preserve IP TOS 9-7

Configuration Examples for Multihop 9-8

Monitoring and Maintaining Multihop Configurations 9-9

10 Configuring Address Pools 10-1

Address Assignment Mechanisms 10-1

Local Address Pool 10-2

Benefits of a Local Address Pool 10-2 Limitations of a Local Address Pool 10-2

RADIUS-Based Address Assignment 10-2

Benefits of RADIUS-Based Address Assignment 10-3 Limitations of RADIUS-Based Address Assignment 10-3

DHCP-Based Address Assignment 10-3

Benefits of DHCP-based Address Assignment 10-3 Limitations of DHCP-Based Address Assignment 10-4

OL-2226-23

On-Demand Address Pool Manager 10-4

Feature History for On-Demand Address Pool Manager 10-5 Address Allocation for PPP Sessions 10-5

Cisco 10000 Series Router Software Configuration Guide

Contents

Subnet Releasing 10-5 On-Demand Address Pools for MPLS VPNs 10-5 Benefits On-Demand Address Pool Manager 10-6 Prerequisites for On-Demand Address Pool Manager 10-6 Required Configuration Tasks for On-Demand Address Pool Manager 10-6

Defining DHCP ODAPs as the Global Default Pooling Mechanism 10-7

Configuring the DHCP Pool as an ODAP 10-7

Configuring the AAA Client 10-8

Configuring RADIUS 10-9 Optional Configuration Tasks for On-Demand Address Pool Manager 10-10

Defining ODAPs on an Interface 10-10

Configuring ODAPs to Obtain Subnets Through IPCP Negotiation 10-11

Disabling ODAPs 10-11 Verifying On-Demand Address Pool Operation 10-12 Configuration Examples for On-Demand Address Pool Manager 10-14

Configuring DHCP ODAPs on an Interface 10-14

Configuring ODAPs to Obtain Subnets Through IPCP Negotiation 10-15 Monitoring and Maintaining an On-Demand Address Pool 10-15

CHAPTER

Overlapping IP Address Pools 10-16

Feature History for Overlapping IP Address Pools 10-17 Restrictions for Overlapping IP Address Pools 10-17 Configuration Tasks for Overlapping IP Address Pools 10-17

Configuring a Local Pool Group for IP Overlapping Address Pools 10-17 Verifying Local Pool Groups for IP Overlapping Address Pools 10-18 Configuration Examples for Overlapping IP Address Pools 10-18

Generic IP Overlapping Address Pools Example 10-18

IP Overlapping Address Pools for VPNs and VRFs Example 10-19

11 Configuring Local AAA Server, User Database—Domain to VRF 11-1

Feature History for Local AAA Server, User Database—Domain to VRF 11-2 Prerequisites for Local AAA Server, User Database—Domain to VRF 11-2 Establishing a PPP Connection 11-2

AAA Authentication 11-2

AAA Authorization 11-3

AAA Accounting 11-3 AAA Attribute Lists 11-4

Converting from RADIUS Format to Cisco IOS AAA Format 11-4

Defining AAA Attribute Lists 11-5 Subscriber Profiles 11-5 AAA Method Lists 11-6

xii

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Configuration Tasks for Local AAA Server, User Database—Domain to VRF Using Local Attributes 11-6

Defining AAA 11-6 Defining RADIUS and Enabling NAS-PORT 11-7 Defining a VRF 11-7 Applying AAA to a Virtual Template 11-7 Defining a Loopback Interface 11-8 Creating an IP Address Pool 11-8 Defining a Subscriber Profile 11-8

Defining an AAA Attribute List 11-8 Verifying Local AAA Server, User Database—Domain to VRF Using Local Attributes 11-9 Configuration Example for Local AAA Server, User Database—Domain to VRF 11-9

Example—VRF with DBS 11-11

Example—VRF with ACL 11-12 Monitoring and Maintaining Local AAA Server, User Database—Domain to VRF 11-12

Contents

CHAPTER

12 Configuring Traffic Filtering 12-1

IP Receive ACLs 12-1

Feature History for IP Receive ACLs 12-2 Restrictions for IP Receive ACLs 12-2 Configuration Tasks for IP Receive ACLs 12-2

Configuring Receive ACLs 12-3

Verifying Receive ACLs 12-3 Configuration Example for IP Receive ACLs 12-3

Time-Based ACLs 12-4

Feature History for Time-Based ACLs 12-4 Restrictions for Time-Based ACLs 12-5 Configuration Tasks for Time-Based ACLs 12-5

Creating a Time Range 12-5

Applying a Time Range to a Numbered Access Control List 12-6

Applying a Time Range to a Named Access Control List 12-7 Monitoring and Maintaining Time-Based ACLs 12-8 Configuration Examples for Time-Based ACLs 12-8

CHAPTER

OL-2226-23

13 Unicast Reverse Path Forwarding 13-11

Feature History for uRPF 13-12

Prerequisites for uRPF 13-12

Restrictions for uRPF 13-12

Configuring Unicast RPF 13-13

Cisco 10000 Series Router Software Configuration Guide

xiii

Contents

Monitoring and Maintaining uRPF 13-14

Configuration Examples of uRPF 13-16

Configuring Loose Mode uRPF 13-17 Configuring Loose Mode uRPF with the allow-self-ping Option 13-17 Configuring Loose Mode uRPF with the allow-default Option 13-18

CHAPTER

14 Configuring Automatic Protection Switching 14-19

Multirouter Automatic Protection Switching 14-19

Feature History for MR-APS 14-20 Restrictions for MR-APS 14-21 Configuration Tasks for MR-APS 14-21

Configuring MR-APS on Unchannelized Line Cards 14-21 Configuring MR-APS on Channelized Line Cards 14-22 Configuring MR-APS with Static Routes 14-23 Configuring MR-APS with Static Routes on Unchannelized Line Cards 14-23 Configuring MR-APS with Static Routes on Channelized Line Cards 14-25

Monitoring and Maintaining the MR-APS Configuration 14-27

Single-router Automatic Protection Switching 14-27

Feature History for SR-APS 14-29 Configuring SR-APS 14-29 Disabling SR-APS 14-29 Monitoring and Maintaining the SR-APS Configuration 14-30 Threshold Commands 14-31

Specifying SR-APS Signal Degrade BER Threshold 14-31 Specifying SR-APS Signal Fail BER Threshold 14-32

CHAPTER

xiv

15 Configuring IP Multicast 15-33

Feature History for IP Multicast 15-34

Restrictions for IP Multicast 15-34

Configuration Tasks for IP Multicast Routing 15-34

Enabling IP Multicast Routing 15-35 Enabling PIM on an Interface 15-35 Enabling Dense Mode 15-35 Enabling Sparse Mode 15-36 Enabling Sparse-Dense Mode 15-36 Configuring Native Multicast Load Splitting 15-36 Configuring the Control Plane Protocol Policy 15-36

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Contents

CHAPTER

16 Configuring RADIUS Features 16-39

RADIUS Attribute Screening 16-39

Feature History for RADIUS Attribute Screening 16-40 Restrictions for RADIUS Attribute Screening 16-40 Prerequisites for RADIUS Attribute Screening 16-40 Configuration Tasks for RADIUS Attribute Screening 16-41 Configuration Examples for RADIUS Attribute Screening 16-41

Authorization Accept Configuration Example 16-41

Accounting Reject Configuration Example 16-41

Authorization Reject and Accounting Accept Configuration Example 16-42

Rejecting Required Attributes Configuration Example 16-42

RADIUS Transmit Retries 16-42

Feature History for RADIUS Transmit Retries 16-43 Restrictions for RADIUS Transmit Retries 16-43 Configuring RADIUS Transmit Retries 16-43 Configuration Example for RADIUS Transmit Retries 16-43 Monitoring and Troubleshooting RADIUS Transmit Retries 16-44

Extended NAS-Port-Type and NAS-Port Support 16-44

Feature History for Extended NAS-Port-Type and NAS-Port Support 16-45 NAS-Port-Type (RADIUS Attribute 61) 16-45 NAS-Port (RADIUS Attribute 5) 16-46 NAS-Port-ID (RADIUS Attribute 87) 16-46 Prerequisites for Extended NAS-Port-Type and NAS-Port Attributes Support 16-46 Configuring Extended NAS-Port-Type and NAS-Port Attributes Support 16-47 Verifying Extended NAS-Port-Type and NAS-Port-ID Attributes Support 16-49 Configuration Examples for Extended NAS-Port-Type Attribute Support 16-50

OL-2226-23

RADIUS Attribute 31: PPPoX Calling Station ID 16-51

Feature History for PPPoX Calling Station ID 16-51 Calling-Station-ID Formats 16-51 Restrictions for PPPoX Calling Station ID 16-52 Related Documents for PPPoX Calling Station ID 16-53 Configuration Tasks for PPPoX Calling Station ID 16-53

Configuring the Calling-Station-ID Format 16-53

Verifying the Calling-Station-ID 16-53 Configuration Example for PPPoX Calling Station ID 16-54 Related Commands for PPPoX Calling Station ID 16-55

RADIUS Packet of Disconnect 16-55

Feature History for RADIUS Packet of Disconnect 16-56 Benefits for RADIUS Packet of Disconnect 16-56

Cisco 10000 Series Router Software Configuration Guide

Contents

Restrictions for RADIUS Packet of Disconnect 16-56 Related Documents for RADIUS Packet of Disconnect 16-57 Prerequisites for RADIUS Packet of Disconnect 16-57 Configuration Tasks for RADIUS Packet of Disconnect 16-57

Configuring AAA POD Server 16-58

Verifying AAA POD Server 16-58 Monitoring and Maintaining AAA POD Server 16-59 Configuration Example for RADIUS Packet of Disconnect 16-59

CHAPTER

17 Configuring Link Noise Monitoring 17-1

About Link Noise Monitoring 17-1

Restrictions for Link Noise Monitoring 17-1 Configuration Tasks for Link Noise Monitoring 17-2

Enabling Syslog Messages 17-3 Configuration Examples for Link Noise Monitoring 17-4

Example of LNM Configuration on a Line Card 17-4

Example of LNM Configuration on a Shared Port Adapter 17-5

Example of a Syslog Message 17-5 Verification Example for Link Noise Monitoring 17-5

18 Configuring L2 Virtual Private Networks 18-1

Feature History for L2VPN 18-3

Supported L2VPN Transport Types 18-3

Prerequisites for L2VPN: AToM 18-4

Supported Line Cards 18-4

Restrictions for L2VPN 18-5

Standards and RFCs 18-5

xvi

MIBs 18-6

NSF and SSO—L2VPN 18-6

Checkpointing AToM Information 18-7

Checkpointing Troubleshooting Tips 18-7 Prerequisites for NSF/SSO - L2VPN 18-7

Neighbor Routers in the MPLS HA Environment 18-7

Stateful Switchover 18-7

Nonstop Forwarding for Routing Protocols 18-8 Restrictions for NSF/SSO - L2VPN 18-8 Configuring NSF/SSO - L2VPN 18-8 Configuration Examples of NSF/SSO—Layer 2 VPN 18-9

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

L2VPN Local Switching—HDLC/PPP 18-10

Prerequisites of L2VPN Local Switching—HDLC/PPP 18-10 Restrictions of L2VPN Local Switching—HDLC/PPP 18-10 PPP Like-to-Like Local Switching 18-10 HDLC Like-to-Like Local Switching 18-11 Configuration Tasks and Examples 18-11

Configuration Tasks for L2VPN 18-12

Setting Up the Pseudowire—AToM Circuit 18-12 Configuring ATM AAL5 SDU Support over MPLS 18-14

Verifying ATM AAL5 SDU Support over MPLS 18-14 Configuring ATM-to-ATM PVC Local Switching 18-14 Configuring OAM Cell Emulation for ATM AAL5 SDU Support over MPLS 18-15

Configuring OAM Cell Emulation for ATM AAL5 SDU Support over MPLS on PVCs 18-16

Configuring OAM Cell Emulation for ATM AAL5 SDU Support over MPLS in VC Class

Configuration Mode 18-18 Configuring Ethernet over MPLS 18-19

Ethernet over MPLS Restrictions 18-20

Configuring Ethernet over MPLS in VLAN Mode 18-20

Configuring Ethernet over MPLS in Port Mode 18-21 IEEE 802.1Q Tunneling for AToM—QinQ 18-22

Prerequisites for IEEE 802.1Q Tunneling (QinQ) for AToM 18-23

Restrictions for IEEE 802.1Q Tunneling (QinQ) for AToM 18-23

Ethernet VLAN Q-in-Q AToM 18-23

Configuration Examples 18-25

Verifying QinQ AToM 18-25 Remote Ethernet Port Shutdown 18-25

Restrictions for Configuring Remote Ethernet Port Shutdown 18-26

Configuring Remote Ethernet Port Shutdown 18-26

Configuring Ethernet over MPLS with VLAN ID Rewrite 18-27 Configuring Frame Relay over MPLS 18-28

Configuring Frame Relay over MPLS with DLCI-to-DLCI Connections 18-28

Configuring Frame Relay over MPLS with Port-to-Port Connections 18-29

Enabling Other PE Devices to Transport Frame Relay Packets 18-30 Configuring Frame Relay-to-Frame Relay Local Switching 18-31

Configuring Frame Relay for Local Switching 18-32

Configuring Frame Relay Same-Port Switching 18-33

Verifying Layer 2 Local Switching for Frame Relay 18-34

Configuring QoS Features 18-34 Configuring HDLC and PPP over MPLS 18-36

Restrictions for HDLC over MPLS 18-36

Contents

OL-2226-23

Cisco 10000 Series Router Software Configuration Guide

xvii

Contents

Restrictions for PPP over MPLS 18-36 Configuring HDLC over MPLS or PPP over MPLS 18-36

Estimating the Size of Packets Traveling Through the Core Network 18-37

Estimating Packet Size—Example 18-38

Changing the MTU Size on P and PE Routers 18-38 Setting Experimental Bits with AToM 18-38 Configuring QoS Features 18-40

Monitoring and Maintaining L2VPN 18-43

Configuration Example—Frame Relay over MPLS 18-44

Any Transport over MPLS—Tunnel Selection 18-47

Configuration Example—Any Transport over MPLS: Tunnel Selection 18-47

CHAPTER

19 Configuring Multilink Point-to-Point Protocol Connections 19-1

Multilink Point-to-Point Protocol 19-2

Feature History for Multilink PPP 19-3

MLP Bundles 19-3

Restrictions for MLP Bundles 19-3 MLP Bundles and PPP Links 19-4 System Limits for MLP Bundles 19-4

Cisco 10000 series routers do not support VAI bundle interfaces in a PTA configuration. VAI bundles are supported only on the L2TP network server (LNS) for MLPoLNS.MLP Groups 19-5

How MLP Determines the Link a Bundle Joins 19-5

IP Addresses on MLP-Enabled Links 19-6

Valid Ranges for MLP Interfaces 19-7

MLP Overhead 19-8

Configuration Commands for MLP 19-8

interface multilink Command 19-8 ppp multilink Command 19-9 ppp multilink fragment-delay Command 19-9 ppp multilink interleave Command 19-10 ppp multilink fragment disable Command 19-11 ppp multilink group Command 19-11

xviii

MLP over Serial Interfaces 19-12

Performance and Scalability for MLP over Serial Interfaces 19-13 Restrictions and Limitations for MLP over Serial Interfaces 19-13

Single-VC MLP over ATM Virtual Circuits 19-14

Performance and Scalability for Single-VC MLP over ATM 19-14 Restrictions and Limitations for Single-VC MLP over ATM 19-14

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

Multi-VC MLP over ATM Virtual Circuits 19-15

Performance and Scalability for Multi-VC MLP over ATM VCs 19-16 Restrictions and Limitations for Multi-VC MLP over ATM VCs 19-16

MLP on LNS 19-17

About MLP on LNS 19-18 PPP multilink links max Command 19-20

Performance and Scalability of MLP on LNS 19-20

PXF Memory and Performance Impact for MLP on LNS 19-20

Scenario 1 19-21

Scenario 2 19-21 Restrictions and Limitations for MLP on LNS 19-22 Configuring MLP on LNS 19-23

MLPoE LAC Switching 19-23

Restrictions for MLPoE LAC Switching 19-23

MLP-Based Link Fragmentation and Interleaving 19-24

Contents

Configuring MLP Bundles and Member Links 19-24

Creating an MLP Bundle Interface 19-25

Configuration Example for Creating an MLP Bundle Interface 19-26 Enabling MLP on a Virtual Template 19-26

Configuration Example for Enabling MLP on a Virtual Template 19-27 Adding a Serial Member Link to an MLP Bundle 19-27 Adding an ATM Member Link to an MLP Bundle 19-29

Configuration Example for Adding ATM Links to an MLP Bundle 19-31 Moving a Member Link to a Different MLP Bundle 19-32 Removing a Member Link from an MLP Bundle 19-33 Changing the Default Endpoint Discriminator 19-33

Configuration Example for Changing the Endpoint Discriminator 19-34

Configuration Examples for Configuring MLP 19-34

Configuration Example for Configuring MLP over Serial Interfaces 19-35 Configuration Example for Configuring Single-VC MLP over ATM 19-35 Configuration Example for Configuring Multi-VC MLP over ATM 19-36 Configuration Example for MLP on LNS 19-36 Configuration Example for MLPoE LAC Switching 19-37

OL-2226-23

Verifying and Monitoring MLP Connections 19-38

Bundle Counters and Link Counters 19-39 Verification Examples for MLP Connections 19-40

Verification Example for the show interfaces multilink Command 19-40

Verification Example for the show ppp multilink Command 19-40

Verification Example for the show interfaces multilink stat Command 19-42

Cisco 10000 Series Router Software Configuration Guide

xix

Contents

About This Guide

This guide provides configuration information for features that are platform-specific to the Cisco

10000 series router. Documentation is also provided for cross-platform features that function

differently on the Cisco

Cross-platform features that function on the Cisco 10000 series router as they do on other supported platforms, and platform-independent features that are supported on the Cisco described in the general Cisco IOS documentation.

This introduction provides information about the following topics:

• Guide Revision History, page xxiii

• Audience, page xxviii

• Document Organization, page xxviii

10000 series router than on other supported platforms.

10000 series router are

• Document Conventions, page xxx

• Related Documentation, page xxxi

• Obtaining Documentation, Obtaining Support, and Security Guidelines, page xxxii

Guide Revision History

Cisco IOS Release Part Number Publication Date

Release 12.2(33)XNE3 OL-2226-23 June, 2010

Added the features listed in the “New Features in Cisco IOS Release 12.2(33)XNE3” section on

page 1-16

Cisco IOS Release Part Number Publication Date

Release 12.2(33)SB3 OL-2226-21 December, 2008

Added the features listed in the “New Features in Cisco IOS Release 12.2(33)SB3” section on page 1-16

OL-2226-23

Cisco 10000 Series Router Software Configuration Guide

xxiii

Guide Revision History

Cisco IOS Release Part Number Publication Date

Release 12.2(33)SB2 OL-2226-20 September, 2008

Added the features listed in the “New Features in Cisco IOS Release 12.2(33)SB2” section on page 1-16

Cisco IOS Release Part Number Publication Date

Release 12.2(33)SB OL-2226-19 September, 2008

Added the scaling limit of L4R sessions for PRE2, PRE3, and PRE4 in the Chapter 2, “Scalability and

Performance”

Cisco IOS Release Part Number Publication Date

Release 12.2(33)SB OL-2226-18 March, 2008

About This Guide

Removed Using PXF Commands and Configuring Layer 2 Local Switching chapters.

Added the features listed in the “New Features in Cisco IOS Release 12.2(33)SB” section on page 1-17.

Cisco IOS Release Part Number Publication Date

Release 12.2(31)SB5 OL-2226-17 April, 2007

Added the GRE Tunnel IP Source and Destination VRF Membership feature in Chapter 24, “IP

Tunneling.”

Added the “New Features in Cisco IOS Release 12.2(31)SB5” section on page 1-17.

Cisco IOS Release Part Number Publication Date

Release 12.2(31)SB3 OL-2226-16 February, 2007

Description

Added the features listed in the “New Features in Cisco IOS Release 12.2(31)SB3” section on page 1-18.

Cisco IOS Release Part Number Publication Date

Release 12.2(31)SB2 OL-2226-15 November, 2006

xxiv

Description

Added the features listed in the “New Features in Cisco IOS Release 12.2(31)SB2” section on page 1-18.

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

About This Guide

Cisco IOS Release Part Number Publication Date

Release 12.2(28)SB OL-2226-14 July, 2006

Description

Added the features listed in the New Features in Cisco IOS Release 12.2(28)SB, page 1-20.

Cisco IOS Release Part Number Publication Date

Release 12.3(7)XI7 OL-2226-13 September, 2005

Description

Changed the Related Documentation link to the new Cisco 10000 Series Router Documentation

Roadmap

Added the features listed in the “New Features in Cisco IOS Release 12.3(7)XI7” section on page 1-24.

Removed the “pointer to a pointer” for the PPPoE Circuit-Tag Processing feature by removing a summary and a pointer from Chapter 16, Configuring RADIUS Features, and retaining only the pointer to the feature module in the

New Features in Cisco IOS Release 12.3(7)XI3, page 1-24.

Guide Revision History

Removed the restriction for non-support of SSG in Restrictions for IP Unnumbered on VLANs,

page 7-3.

Added support for the 1-Port Channelized OC-12/STM-4 line card in Restrictions for MR-APS,

page 14-21.

Removed Chapter 16, “IEEE 802.1Q-in-Q VLAN Tag Termination,” and added a pointer to the

PPPoE—QinQ Support

feature guide, located at the following URL. This document includes support for IPoQ-in-Q. http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801f0f4a. html

Relocated the remaining QoS features to the Cisco 10000 Series Router Quality of Service Configuration Guide, located at the following URL:

http://www.cisco.com/en/US/products/hw/routers/ps133/products_configuration_guide_book09186a00 805b9497.html

The chapter references for the following relocated features see the Cisco 10000 Series Router Quality of Service Configuration Guide:

• Class-based Weighted Fair Queuing—See “Sharing Bandwidth Fairly During Congestion”

• Define Interface Policy-Map AV Pairs AAA—See “Configuring Dynamic Subscriber Services”

• Dynamic Bandwidth Selection—See “Configuring Dynamic Subscriber Services”

• Hierarchical Shaping—See “Shaping Traffic”

• IP Quality of Service for Subscribers—See “Regulating Subscriber Traffic”

OL-2226-23

• MPLS QoS—See “Configuring Quality of Service for MPLS Traffic”

• MPLS Traffic Engineering—Diffserv Aware—See “Configuring Quality of Service for MPLS

Traffic”

• Per VRF AAA (see Chapter 18, “Configuring Quality of Service for MPLS Traffic”)

Added feature histories and mini tables of contents for each feature in this guide.

Cisco 10000 Series Router Software Configuration Guide

xxv

Guide Revision History

Added the Static MAC Address for PPPoE feature in Chapter 6, “Configuring PPPoE over Ethernet and

IEEE 802.1Q VLAN”

Cisco IOS Release Part Number Publication Date

Release 12.3(7)XI6 OL-2226-10 June, 2005

Description

Corrected MR-APS configuration in Example 14-1.

Added output policing behavior on an LNS VAI (CSCee07016) in Restrictions for the LNS, page 5-28.

Corrected examples to show VLANs instead of ATM PVCs in Chapter 6, “Configuring PPPoE over

Ethernet and IEEE 802.1Q VLAN”.

Added a chapter to describe frequently-used show PXF commands in Chapter 23, “Using PXF Commands”.

Revised a note about mapping sessions to VRFs by using the RADIUS server in PPP over Ethernet to

MPLS VPN, page 3-5.

Added a description of PRE support on Cisco 10000 series routers in Hardware Requirements, page 1-1.

About This Guide

Cisco IOS Release Part Number Publication Date

Release 12.3(7)XI3 OL-2226-09 March, 2005

Description

Added the features listed in the “New Features in Cisco IOS Release 12.3(7)XI3” section on page 1-24.

Corrected scaling limits for active VCs on ATM line cards (CSCeg37235) in:

• VC Scaling, page 2-7

• Configuring atm pxf queuing, page 2-16

• Restrictions for Hierarchical Shaping (moved to the Cisco 10000 Series Router Quality of Service

Configuration Guide)

• ATM VC Scaling and VC Assignment, page 8-4

• Restrictions for VBR-nrt Oversubscription, page 8-15

Changed the configurable ATM oversubscription factor range from 1-50 to 1-500 in Configuring

VBR-nrt Oversubscription, page 8-17

Corrected the restrictions for MPLS QoS to indicate that the set mpls experimental imposition topmost command is not supported.

Added a restriction for enabling IP multicast fast switching in Restrictions for IP Multicast, page 15-34

Changed the title of this guide to include MPLS configuration

Relocated QoS features to the Cisco 10000 Series Router Quality of Service Configuration Guide, located at the following URL:

http://www.cisco.com/en/US/products/hw/routers/ps133/products_configuration_guide_book09186a00 805b9497.html

The chapter references in the following relocated features see the Cisco 10000 Series Router Quality of Service Configuration:

xxvi

• Modular QoS CLI Overview—See “Quality of Service Overview.”

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

About This Guide

Guide Revision History

• MQC Policy Map Support on Configured VC Range ATM—See “Attaching Service Policies.”

• Strict Priority Queuing—See “Prioritizing Services.”

• 3-Color Policer—See “Policing Traffic.”

• Percent-Based Policing—See “Policing Traffic.”

• Queue Scaling—See “Managing Packet Queue Congestion.”

• IEEE 802.1p Class of Service—See “Marking Traffic.”

• Per DSCP Weighted Random Early Detection—See “Managing Packet Queue Congestion.”

• Per Precedence Weighted Random Early Detection Statistics—See “Managing Packet Queue

Congestion.”

• Weighted Random Early Detection with Queue Limit—See “Managing Packet Queue Congestion.”

• VC Weighting—See “Oversubscribing Physical and Virtual Links.”

• Dynamic ATM VP and VC Configuration Modification—See “Oversubscribing Physical and Virtual

Links.”

• Interface Oversubscription—See “Oversubscribing Physical and Virtual Links.”

• 3-Level Hierarchical QoS Policies—See “Defining QoS for Multiple Policy Levels.”

Cisco IOS Release Part Number Publication Date

Release 12.3(7)XI2 OL-2226-08 November, 2004

Description

Added the features listed in the “New Features in Cisco IOS Release 12.3(7)XI2” section on page 1-24.

Added a scaling limitation for create on demand PVCs and PPP sessions in Limitations and Restrictions,

page 2-3

Changed the SAR page limit (CSCee59870) in ATM VC Scaling and VC Assignment, page 8-4

Added information about the behavior of high water mark and low water mark values used with VC weighting in High Water Mark and Low Water Mark Values (moved to the Cisco 10000 Series Router Quality of Service Configuration Guide)

Added a table indicating scaling limits for active VCs on ATM line cards in:

• Configuring atm pxf queuing, page 2-16

• Restrictions for Hierarchical Shaping (moved to the Cisco 10000 Series Router Quality of Service

Configuration Guide)

• ATM VC Scaling and VC Assignment, page 8-4

• Restrictions for VBR-nrt Oversubscription, page 8-15

Cisco IOS Release Part Number Publication Date

Release 12.3(7)XI1 OL-2226-07 August, 2004

OL-2226-23

Description

Added the new features listed in the “New Features in Cisco IOS Release 12.3(7)XI1” section on

page 1-25.

Cisco 10000 Series Router Software Configuration Guide

xxvii

About This Guide

Audience

This guide is designed for system and network managers responsible for configuring broadband aggregation, leased-line, and MPLS services and on the Cisco be experienced using Cisco IOS software and be familiar with the operation of the Cisco

10000 series router.

10000 series router. The manager should

Document Organization

This guide contains the following chapters:

Chapter Title Description

Chapter 1 Broadband Aggregation Overview Lists new features and enhancements in each release; describes

hardware requirements. Provides examples of broadband and leased-line architecture models.

Chapter 2 Scalability and Performance Describes limitations and restrictions, and how to configure the

Cisco

10000 series router for high scalability.

Chapter 3 Configuring Remote Access to MPLS

VPN

Chapter 4 Configuring Multiprotocol Label

Switching

Chapter 5 Configuring Layer 2 Tunnel Protocol

Access Concentrator and Network Server

Chapter 6 Configuring PPPoE over Ethernet and

IEEE 802.1Q VLANs

Chapter 7 Configuring IP Unnumbered over VLAN Describes the IP Unnumbered over VLAN feature that helps

Chapter 8 Configuring ATM Permanent Virtual

Circuit Autoprovisioning

Describes the Remote Access (RA) to MPLS VPN feature that allows the service provider to offer a scalable end-to-end VPN service to remote users.

Describes MPLS-related features, such as BGP Multipath load sharing, Session Limit per VRF, and Half-duplex VRF.

Describes how to configure the Cisco 10000 series router as a Layer

2 Tunnel Protocol Access Concentrator (LAC) or as an L2TP Network Server (LNS). The managed LNS feature of the Cisco

10000 series router enables the router to assign a subscriber session to a VRF instance and route the session within the VRF to the destination network.

Describes the PPPoE over Ethernet feature that enables direct connection to an Ethernet interface. Also describes the IEEE

802.1Q VLANs feature that enables the

Cisco

10000 series router to support PPPoE over IEEE 802.1Q encapsulated VLANs using Gigabit Ethernet.

service providers to conserve IP address space for service provider configurations that include Ethernet VLAN subinterfaces.

Describes how to configure the ATM PVC autoprovisioning feature that enables DSL wholesale service providers to dynamically provision ATM service for subscribers using a local configuration. Also describes the VBR-nrt Oversubscription feature.

xxviii

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

About This Guide

Document Organization

Chapter Title Description

Chapter 9 Configuring the Multihop Feature Describes how to configure the multihop feature that enables

the Cisco L2TP tunnels from LACs and to forward the sessions through new L2TP tunnels to the router’s peer L2TP Network Server (LNS). Also describes how to configure the preservation of the IP type of service (ToS) field for tunneled IP packets.

Chapter 10 Configuring Address Pools Describes address assignment mechanisms, including the

on-demand address pool manager feature and the overlapping addresses feature. Describes how to configure each of these features.

Chapter 11 Configuring Local AAA Server, User

Database—Domain to VRF

Describes the Local AAA Server, User Database—Domain to VRF feature, which extends the Cisco IOS AAA Authorization to local AAA profiles on the router without using an AAA Server.

Chapter 12 Configuring Traffic Filtering Describes the IP Receive ACLs and Time-Based ACLs features

that provide filtering capability for traffic that is destined for the router and protects the router from remote intrusions.

Chapter 13 Unicast Reverse Path Forwarding Describes the Unicast Reverse Path Forwarding feature that

verifies if the path of an incoming packet is consistent with the local packet forwarding information. The validity of this path determines whether uRPF passes or drops the packet.

Chapter 14 Configuring Automatic Protection

Switching

Describes the Multirouter Automatic Protection Switching (MR-APS) feature that enables SONET connections to switch from one SONET circuit to another SONET circuit if a circuit failure occurs.

Chapter 15 Configuring IP Multicast Describes the IP Multicast feature.

Chapter 16 Configuring RADIUS Features Describes the RADIUS attribute screening, RADIUS transmit

retries, RADIUS Attribute 31: PPPoX Calling-Station-ID, and RADIUS packet of disconnect features.

Chapter 17 Configuring L2 Virtual Private Networks Describes L2VPN features of both LS and AToM types

available on Cisco

Chapter 18 Configuring L2VPN Interworking Describes L2 interworking features available on

Cisco

Chapter 19 Configuring Multilink Point-to-Point

Connections

Chapter 20 Configuring Gigabit EtherChannel

Features

Describes MLP and how to configure it on serial and ATM connections on the Cisco

Describes Gigabit EtherChannel features available on Cisco

Chapter 21 Configuring IP Version 6 Lists the IPv6 features that are supported on the

Cisco

Chapter 22 Configuring Template ACLs Describes Template ACLs, in which one ACL represents many

similar ACLs.

Chapter 23 Protecting the Router from DoS Attacks Describes how to protect against denial of service (DoS)

attacks.

10000 series router to terminate sessions arriving in

10000 series router.

10000 series router and notes limitations of that support.

OL-2226-23

Cisco 10000 Series Router Software Configuration Guide

xxix

About This Guide

Document Conventions

Chapter Title Description

Chapter 24 IP Tunneling Describes the Generic Routing Encapsulation Tunnel IP Source

and Destination VRF Membership feature.

Appendix A RADIUS Attributes Lists RADIUS attributes that the Cisco 10000 series router

supports.

This guide also includes a Glossary and an Index.

Document Conventions

This guide uses the following conventions:

• Bold is used for commands, keywords, and buttons.

• Italics are used for command input for which you supply values.

• Screen font is used for examples of information that are displayed on the screen.

• Bold screen font is used for examples of information that you enter.

• Vertical bars ( | ) indicate separate alternative, mutually exclusive elements.

• Square brackets ( [ ] ) indicate optional elements.

• Braces ( {} ) indicate a required choice.

• Braces within square brackets ( [{}] ) indicate a required choice within an optional element.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the

guide.

Timesaver Means the described action saves time. You can save time by performing the action described in the

paragraph.

Caution Means reader be careful. In this situation, you might do something that could result in equipment

damage or loss of data.

Warning

Means danger. You are in a situation that could cause bodily injury. Before you work on any equipment, you must be aware of the hazards involved with electrical circuitry and familiar with standard practices for preventing accidents. To see translated versions of warnings, refer to the Regulatory Compliance and Safety Information document that accompanied the device.

xxx

Cisco 10000 Series Router Software Configuration Guide

OL-2226-23

+ 526 hidden pages

Cisco 10000 User Manual

Cisco 10000 Series Router Software Configuration Guide

CONTENTS

About This Guide

Guide Revision History

Audience

Document Organization

Document Conventions