Cabling the topology:
1 straight-through cable connecting switch to switch
2 crossover cables between the switches and routers
The basic settings:
Disable DNS lookup "no ip domain-lookup"
Set hostnames "hostname (name)"
encrypt passwords "service password-encryption"
Create a MOTD banner saying "unauthorized access is
prohibited" "banner motd #
Unauthorized Access is Prohibited!#"
create passwords for EXEC mode, console, and vty. Then
enable login.
set logging synchronous "line con 0" "logging
synchronous"
save config "copy running-config startup-config"
I have my routers preconfigured and saved with these
settings (minus the passwords) so I typically skip this part. I do set the
hostnames to avoid confusion.
Configuring the ISP router
In global config mode enter the command " username
Cust1 password ciscopppoe". This creates a database entry for Cust1 with a
password of ciscopppoe. This will allow the Cust1 router to connect with the
ISP router using that password later.
The ISP needs a pool of addresses to hand out to it's DSL
customers. Using the command "ip local pool PPPoEPOOL 10.0.0.1
10.0.0.10" creates a range of addresses from 10.0.0.1 to 10.0.0.2 to hand
out over PPPoE.
Next we are going to make a Virtual template and connect the
F0/1 interface with it. This is done with these commands:
interface virtual-template 1
|
Creates the Virtual template
|
ip address 10.0.0.254 255.255.255.0
|
Assigns it the ip 10.0.0.254/24
|
mtu 1492
|
Sets the mtu size to 1492B
|
peer default ip address pool PPPoEPOOL
|
Assigns the previously created pool of ip addresses "PPPoEPOOL"
to this template
|
ppp authentication chap callin
|
Sets the requirement to authenticate using chap to establish a
connection.
|
Now to associate the template to the PPPoE group
bba-group pppoe global
|
Creates a bba (broadband aggregation) group for PPPoE
|
virtual-template 1
|
Assigns virtual-template 1 to the bba group.
|
Finally link the PPPoE group to the actual f0/1 interface
int f0/1
|
Moves to int f0/1
|
pppoe enable group global
|
Connects the PPPoE group to the interface
|
no shut
|
Activates the interface
|
Configuring the Cust1 router
First configure the f0/1 interface to use PPPoE
int f0/1
|
Moves to int f0/1
|
pppoe enable
|
Enables PPPoE on the interface
|
pppoe-client dial-pool-number 1
|
Tells the router is the client and assigns it the dial pool number of
1. The dial pool number corresponds with the dialer interface that will be
created next. The dialer and the number assigned here must match to work.
|
Creating the interface dialer.
int dialer 1
|
Moves to and creates the dialer interface
|
mtu 1492
|
Sets the mtu size to 1492B
|
ip address negotiated
|
Tells the interface that the address will be negotiated
|
encapsulation ppp
|
Sets the encapsulation to ppp
|
dialer pool 1
|
Connects the dialer pool and int f0/1 to the dialer
|
ppp authentication chap callin
|
Sets the authentication encryption to chap
|
ppp chap hostname Cust1
|
Sets the chap hostname to be used as "Cust1"
|
ppp chap password ciscopppoe
|
Sets the chap password to "ciscopppoe"
|
Set the static default route pointing to dialer 1 and enable
some debugging.
ip route 0.0.0.0 0.0.0.0 dialer 1
|
Sets the static default route to dialer 1
|
exit
|
Moves back to privileged mode
|
debug ppp authentication
|
Shows PPP events
|
debug pppoe events
|
Shows PPPoE events
|
Lastly enable interface f0/1 with the "no shut"
command
To confirm PPPoE is working use "show pppoe
session" and "ping 10.0.0.254". there should be an entry in the
session table and ping should be successful.
Reflection
Why do ISPs who use DSL, primarily use PPPoE with their customers?
PPPoE allows easy separation of DSL subscribers connections.
The means one subscriber cannot see the traffic of another subscriber. PPPoE
also allows the ISP to easily track usage by a subscriber. ISP can use deep
packet inspection to analyze traffic and limit users connections.
