- Table of Contents
-
- 05-Network Connectivity
- 00-Preface
- 01-ARP commands
- 02-DHCP commands
- 03-DHCPv6 commands
- 04-GRE commands
- 05-IGMP snooping commands
- 06-IP addressing commands
- 07-Basic IP routing commands
- 08-IP performance optimization commands
- 09-IP forwarding basics commands
- 10-L2TP commands
- 11-LLDP commands
- 12-MAC address table commands
- 13-NAT commands
- 14-PPP commands
- 15-MLD snooping commands
- 16-VLAN commands
- 17-VLAN termination commands
- 18-Policy-based routing commands
- 19-Port isolation commands
- 20-Layer 2 forwarding commands
- 21-Loop detection commands
- 22-RIP commands
- 23-RIPng commands
- 24-IPv6 static routing commands
- 25-IPv6 policy-based routing commands
- 26-IPv6 basics commands
- 27-Static routing commands
- 28-Spanning tree commands
- 29-Tunneling commands
- 30-Ethernet link aggregation commands
- 31-DNS commands
- 32-Modem management commands
- 33-3G and 4G modem management commands
- Related Documents
-
Title | Size | Download |
---|---|---|
10-L2TP commands | 123.67 KB |
L2TP commands
The following compatibility matrixes show the support of hardware platforms for L2TP:
Hardware series |
Models |
Product code |
L2TP compatibility |
WX1800H series |
WX1804H |
EWP-WX1804H-PWR-CN |
No |
WX2500H series |
WX2508H-PWR-LTE WX2510H WX2510H-F WX2540H WX2540H-F WX2560H |
EWP-WX2508H-PWR-LTE EWP-WX2510H-PWR EWP-WX2510H-F-PWR EWP-WX2540H EWP-WX2540H-F EWP-WX2560H |
No |
WX3000H series |
WX3010H WX3010H-X WX3010H-L WX3024H WX3024H-L WX3024H-F |
EWP-WX3010H EWP-WX3010H-X-PWR EWP-WX3010H-L-PWR EWP-WX3024H EWP-WX3024H-L-PWR EWP-WX3024H-F |
Yes: · WX3010H · WX3010H-X · WX3024H · WX3024H-F No: · WX3010H-L · WX3024H-L |
WX3500H series |
WX3508H WX3510H WX3520H WX3520H-F WX3540H |
EWP-WX3508H EWP-WX3510H EWP-WX3520H EWP-WX3520H-F EWP-WX3540H |
Yes |
WX5500E series |
WX5510E WX5540E |
EWP-WX5510E EWP-WX5540E |
Yes |
WX5500H series |
WX5540H WX5560H WX5580H |
EWP-WX5540H EWP-WX5560H EWP-WX5580H |
Yes |
Access controller modules |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
LSUM1WCME0 EWPXM1WCME0 LSQM1WCMX20 LSUM1WCMX20RT LSQM1WCMX40 LSUM1WCMX40RT EWPXM2WCMD0F EWPXM1MAC0F |
Yes |
Hardware series |
Models |
Product code |
L2TP compatibility |
WX1800H series |
WX1804H WX1810H WX1820H WX1840H |
EWP-WX1804H-PWR EWP-WX1810H-PWR EWP-WX1820H EWP-WX1840H-GL |
Yes |
WX3800H series |
WX3820H WX3840H |
EWP-WX3820H-GL EWP-WX3840H-GL |
No |
WX5800H series |
WX5860H |
EWP-WX5860H-GL |
No |
allow l2tp
Use allow l2tp to configure an L2TP network server (LNS) to accept Layer 2 Tunneling Protocol (L2TP) tunneling requests from an L2TP access concentrator (LAC), and to specify a VT interface for tunnel setup.
Use undo allow to restore the default.
Syntax
allow l2tp virtual-template virtual-template-number [ remote remote-name ]
Default
An LNS denies L2TP tunneling requests from any LACs.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
virtual-template virtual-template-number: Specifies a VT interface by its number. The value range for the virtual-template-number argument is 0 to 1023.An LNS dynamically creates virtual access (VA) interfaces based on the configuration of a VT interface. Each VA interface is used to carry data for a different L2TP session.
remote remote-name: Specifies the name of the tunnel peer (LAC) initiating tunneling requests, a case-sensitive string of 1 to 31 characters.
Usage guidelines
The allow l2tp command is available only on L2TP groups in LNS mode.
Make sure the specified name of the tunnel peer is consistent with the local name configured on the LAC.
If you execute this command multiple times for an L2TP group, the most recent configuration takes effect.
For L2TP group 1, if you do not specify the remote remote-name option, an LNS accepts tunneling requests from any LACs. In this case, L2TP group 1 acts as the default L2TP group. For L2TP groups other than L2TP group 1, the remote remote-name option must be configured.
The allow l2tp command is available only on LNSs.
· When an LAC that initiates a tunneling request is the tunnel peer configured in an L2TP group, the LNS uses the tunnel parameters configured in this group for tunnel setup.
· When the LAC is not the tunnel peer configured in any L2TP group, the LNS performs one of the following operations:
¡ Uses the tunnel parameters for the default L2TP group if it exists.
¡ Fails to set up a tunnel with the LAC if the default L2TP group does not exist.
As a best practice, configure a default L2TP group on the LNS in the following cases:
· LACs (such as hosts with Windows 2000 Beta 2 installed) include blank local names in their tunneling requests.
· The LNS sets up tunnels with multiple LACs by using the same tunnel parameters.
Examples
# Specify L2TP group 1 as the default L2TP group, and specify Virtual-Template 1 for tunnel setup. For L2TP group 2, configure the LNS to accept the L2TP tunneling request initiated by the peer (LAC) named aaa, and specify Virtual-Template 2 for tunnel setup.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lns
[Sysname-l2tp1] allow l2tp virtual-template 1
[Sysname-l2tp1] quit
[Sysname] l2tp-group 2 mode lns
[Sysname-l2tp2] allow l2tp virtual-template 2 remote aaa
tunnel name
display l2tp session
Use display l2tp session to display information about L2TP sessions.
Syntax
display l2tp session [ statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
statistics: Displays statistics for L2TP sessions.
Examples
# Display statistics for L2TP sessions.
<Sysname> display l2tp session statistics
Total number of sessions: 1
# Display information about L2TP sessions.
<Sysname> display l2tp session
LocalSID RemoteSID LocalTID State
89 36245 10878 Established
Table 1 Command output
Field |
Description |
LocalSID |
Local session ID. |
RemoteSID |
Remote session ID. |
LocalTID |
Local tunnel ID. |
State |
Session state: · Idle. · Wait-tunnel—Waits for the tunnel to be established. · Wait-reply—Waits for an Incoming-Call-Reply (ICRP) message indicating the call is accepted. · Wait-connect—Waits for an Incoming-Call-Connected (ICCN) message. · Established. |
display l2tp session temporary
Use display l2tp session temporary to display information about temporary L2TP sessions.
Syntax
display l2tp session temporary
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display information about temporary L2TP sessions.
<Sysname> display l2tp session temporary
Total number of temporary sessions: 6
LocalSID RemoteSID LocalTID State
2298 0 19699 Wait-tunnel
42805 0 19699 Wait-tunnel
17777 0 19699 Wait-tunnel
58284 0 19699 Wait-tunnel
33256 0 19699 Wait-tunnel
8228 0 19699 Wait-tunnel
Table 2 Command output
Field |
Description |
LocalSID |
Local session ID. |
RemoteSID |
Remote session ID. |
LocalTID |
Local tunnel ID. |
State |
Session state: · Idle. · Wait-tunnel—Waits for the tunnel to be established. · Wait-reply—Waits for an ICRP message indicating the call is accepted. · Wait-connect—Waits for an ICCN message. |
display l2tp tunnel
Use display l2tp tunnel to display information about L2TP tunnels.
Syntax
display l2tp tunnel [ statistics ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
statistics: Displays statistics for L2TP tunnels.
Examples
# Display statistics for L2TP tunnels.
<Sysname> display l2tp tunnel statistics
Total number of tunnels: 1
# Display information about L2TP tunnels.
<Sysname> display l2tp tunnel
LocalTID RemoteTID State Sessions RemoteAddress RemotePort RemoteName
10878 21 Established 1 20.1.1.2 1701 lns
Table 3 Command output
Field |
Description |
LocalTID |
Local tunnel ID. |
RemoteTID |
Remote tunnel ID. |
State |
Tunnel state: · Idle. · Wait-reply. · Wait-connect. · Established. · Stopping. |
Sessions |
Number of sessions within the tunnel. |
RemoteAddress |
IP address of the peer. |
RemotePort |
UDP port number of the peer. |
RemoteName |
Name of the tunnel peer. |
Related commands
reset l2tp tunnel
display l2tp va-pool
Use display l2tp va-pool to display information about L2TP VA pools.
Syntax
display l2tp va-pool
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display information about L2TP VA pools.
<Sysname> display l2tp va-pool
VT interface Size Unused State
Virtual-Template1 1000 900 Normal
Table 4 Command output
Field |
Description |
VT interface |
VT interface that uses the VA pool. |
Size |
VA pool capacity set for L2TP users. |
Unused |
VA pool capacity available for L2TP users. |
State |
Current state of the VA pool: · Creating—The VA pool is being created. · Destroying—The VA pool is being removed. · Normal—The VA pool has been created. |
Related commands
l2tp virtual-template va-pool
display ppp access-control interface
Use display ppp access-control interface to display access control information for PPP sessions on a VT interface.
Syntax
display ppp access-control interface virtual-template interface-number
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
virtual-template interface-number: Specifies an existing VT interface by its number.
Examples
# Display access control information for PPP sessions on Virtual-Template 2.
<Sysname> display ppp access-control interface virtual-template 2
Interface: Virtual-Template2:0
User Name: mike
In-bound Policy: acl 3000
Totally 0 packets, 0 bytes, 0% permitted,
Totally 0 packets, 0 bytes, 0% denied.
Interface: Virtual-Template2:1
User Name: tim
In-bound Policy: acl 3001
Totally 0 packets, 0 bytes, 0% permitted,
Totally 0 packets, 0 bytes, 0% denied.
Table 5 Command output
Field |
Description |
Interface |
BAS interface that the PPP user accesses. |
User Name |
Username of the PPP user. |
In-bound Policy |
Security ACLs for the PPP user. |
Totally x packets, x bytes, x% permitted |
Total number, data rate, and pass percentage of permitted packets. |
Totally x packets, x bytes, x% denied |
Total number, data rate, and reject percentage of denied packets. |
Related commands
ppp access-control enable
ip dscp
Use ip dscp to set the DSCP value of L2TP packets.
Use undo ip dscp to restore the default.
Syntax
ip dscp dscp-value
undo ip dscp
Default
The DSCP value of L2TP packets is 0.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
dscp-value: Specifies the DSCP value of L2TP packets, in the range of 0 to 63.
Usage guidelines
The DSCP field is the IP ToS byte. This field marks the priority of IP packets for forwarding. This command sets the DSCP value for the IP packet when L2TP encapsulates a PPP frame into an IP packet.
Examples
# Set the DSCP value of L2TP packets to 50.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] ip dscp 50
l2tp enable
Use l2tp enable to enable L2TP.
Use undo l2tp enable to disable L2TP.
Syntax
l2tp enable
undo l2tp enable
Default
L2TP is disabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
For L2TP configurations to take effect, you must enable L2TP.
Examples
# Enable L2TP.
<Sysname> system-view
[Sysname] l2tp enable
l2tp icrq-limit
Use l2tp icrq-limit to set the maximum number of incoming call request (ICRQ) packets that the LNS can process per second.
Use undo l2tp icrq-limit to restore the default.
Syntax
l2tp icrq-limit number
undo l2tp icrq-limit
Default
The maximum number of ICRQ packets that the LNS can process per second is not limited.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the ICRQ packet processing limit in the range of 1 to 1000.
Usage guidelines
To avoid device performance degradation and make sure the LNS can process ICRQ requests correctly, use this command to adjust the ICRQ packet processing rate limit.
Examples
# Set the maximum number of ICRQ packets that the LNS can process per second to 200.
<Sysname> system-view
[Sysname] l2tp icrq-limit 200
l2tp tsa-id
Use l2tp tsa-id to set the TSA ID for the L2TP tunnel switching (LTS) device and enable L2TP loop detection on the LTS device.
Use undo l2tp tsa-id to restore the default.
Syntax
l2tp tsa-id tsa-id
undo l2tp tsa-id
Default
The TSA ID of the LTS device is not set, and L2TP loop detection is disabled on the LTS device.
Views
System view
Predefined user roles
network-admin
Parameters
tsa-id: Specifies a TSA ID that uniquely identifies the LTS device. This argument is a case-sensitive string of 1 to 64 characters.
Usage guidelines
The LTS device compares the configured TSA ID with each TSA ID Attribute Value Pair (AVP) in a received ICRQ packet for loop detection.
· If a match is found, a loop exists. The LTS immediately tears down the session.
· If no match is found, the LTS performs the following operations:
a. Encapsulates the configured TSA ID into a new TSA ID AVP.
b. Appends the new TSA ID AVP to the packet.
c. Sends the packet to the next hop LTS.
To avoid loop detection errors, make sure the TSA ID of each LTS device is unique.
Examples
# Set the TSA ID of the LTS device to lts0, and enable L2TP loop detection on the LTS device.
<Sysname> system-view
[Sysname] l2tp tsa-id lts0
l2tp-group
Use l2tp-group to create an L2TP group and enter its view, or enter the view of an existing L2TP group.
Use undo l2tp-group to delete an L2TP group.
Syntax
l2tp-group group-number [ mode { lac | lns } ]
undo l2tp-group group-number
Default
No L2TP group exists.
Views
System view
Predefined user roles
network-admin
Parameters
group-number: Specifies an L2TP group by its number in the range of 1 to 65535.
mode: Specifies a mode for the L2TP group.
lac: Specifies the LAC mode.
lns: Specifies the LNS mode.
Usage guidelines
To create a new L2TP group, you must specify the mode keyword. To enter the view of an existing L2TP group, you do not need to specify this keyword.
In L2TP group view, you can configure L2TP tunnel parameters, such as tunnel authentication and flow control.
A device can have L2TP groups in both LAC and LNS modes at the same time.
Examples
# Create L2TP group 2 in LAC mode, and enter its view.
<Sysname> system-view
[Sysname] l2tp-group 2 mode lac
[Sysname-l2tp2]
allow l2tp
lns-ip
user
mandatory-chap
Use mandatory-chap to force the LNS to perform CHAP authentication for users.
Use undo mandatory-chap to restore the default.
Syntax
mandatory-chap
undo mandatory-chap
Default
An LNS does not perform CHAP authentication for users.
Views
L2TP group view
Predefined user roles
network-admin
Usage guidelines
The LNS uses the LAC as an authentication proxy. The LAC sends the LNS all user authentication information from users and the authentication method configured on the LAC itself. The LNS then checks the user validity according to the received information and the locally configured authentication method.
When mandatory CHAP authentication is configured, a user who depends on an LAC to initiate tunneling requests is authenticated by both the LAC and the LNS for increased security. Some users might not support the authentication on the LNS. In this situation, do not configure this command, because CHAP authentication on the LNS will fail.
This command is available only on L2TP groups in LNS mode.
This command takes effect only on NAS-initiated L2TP tunnels.
The mandatory-lcp command takes precedence over this command. If both commands are configured for an L2TP group, the LNS performs LCP renegotiation with the user.
Examples
# Force the LNS to perform CHAP authentication for users.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lns
[Sysname-l2tp1] mandatory-chap
mandatory-lcp
mandatory-lcp
Use mandatory-lcp to force an LNS to perform LCP negotiation with users.
Use undo mandatory-lcp to restore the default.
Syntax
mandatory-lcp
undo mandatory-lcp
Default
An LNS does not perform LCP negotiation with users.
Views
L2TP group view
Predefined user roles
network-admin
Usage guidelines
By default, to establish a NAS-initiated tunnel, the user performs LCP negotiation with the LAC. If the negotiation succeeds, the LAC initiates a tunneling request and sends the negotiation results (including authentication information) to the LNS. Then, the LNS determines whether the user is valid based on the information received instead of performing LCP renegotiation with the user.
If you do not expect the LNS to accept LCP negotiation parameters, configure this command to perform an LCP negotiation between the LNS and the user. In this case, the information sent by the LAC will be ignored.
Some users might not support LCP negotiation. In this case, do not configure this command because LCP negotiation will fail.
This command is available only on L2TP groups in LNS mode.
This command takes effect only on NAS-initiated L2TP tunnels.
This command takes precedence over the mandatory-chap command. If both commands are configured for an L2TP group, the LNS performs LCP negotiation with the user.
Examples
# Force an LNS to perform LCP negotiation with users.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lns
[Sysname-l2tp1] mandatory-lcp
mandatory-chap
ppp access-control enable
Use ppp access-control enable to enable L2TP-based EAD.
Use undo ppp access-control enable to disable L2TP-based EAD.
Syntax
ppp access-control enable
undo ppp access-control enable
Default
L2TP-based EAD is disabled.
Views
VT interface view
Predefined user roles
network-admin
Usage guidelines
This command does not apply to PPP sessions that already exist on the VT interface. It only applies to newly created PPP sessions on the VT interface.
Different ACLs can be used for different users if the VT interface is used as the access interface for the LNS.
L2TP-based EAD enables the LNS to transparently pass CAMS/IMC packets to the iNode client to inform the client of EAD server information, such as the IP address.
Examples
# Enable L2TP-based EAD.
<Sysname> system-view
[Sysname] interface virtual-template 10
[Sysname-Virtual-Template10] ppp access-control enable
Related commands
display ppp access-control interface
reset l2tp tunnel
Use reset l2tp tunnel to disconnect tunnels and all sessions within the tunnels.
Syntax
reset l2tp tunnel { id tunnel-id | name remote-name }
Views
User view
Predefined user roles
network-admin
Parameters
id tunnel-id: Specifies a tunnel by its local ID in the range of 1 to 65535.
name remote-name: Specifies L2TP tunnels by the tunnel peer name, a case-sensitive string of 1 to 31 characters.
Usage guidelines
When the number of user connections is 0 or a network fault occurs, you can disconnect the L2TP tunnel by using this command on either the LAC or LNS. After the tunnel is disconnected, all sessions within it are disconnected.
If you specify a tunnel peer name, all tunnels with the tunnel peer name will be disconnected. If no tunnel with the tunnel peer name exists, nothing happens.
A tunnel disconnected by force can be re-established when a client makes a call.
Examples
# Disconnect all tunnels with the tunnel peer name of aaa.
<Sysname> reset l2tp tunnel name aaa
display l2tp tunnel
tunnel authentication
Use tunnel authentication to enable L2TP tunnel authentication.
Use undo tunnel authentication to disable L2TP tunnel authentication.
Syntax
tunnel authentication
undo tunnel authentication
Default
L2TP tunnel authentication is enabled.
Views
L2TP group view
Predefined user roles
network-admin
Usage guidelines
Tunnel authentication prevents the local end from establishing L2TP tunnels with illegal remote ends.
You can enable tunnel authentication on both sides or either side.
To ensure a successful tunnel establishment when tunnel authentication is enabled on both sides or either side, set the same non-null key on the LAC and the LNS. To set the tunnel authentication key, use the tunnel password command.
When neither side is enabled with tunnel authentication, the key settings of the LAC and the LNS do not affect the tunnel establishment.
For tunnel security, enable tunnel authentication.
Examples
# Enable L2TP tunnel authentication.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lns
[Sysname-l2tp1] tunnel authentication
tunnel password
tunnel flow-control
Use tunnel flow-control to enable L2TP session flow control.
Use undo tunnel flow-control to disable L2TP session flow control.
Syntax
tunnel flow-control
undo tunnel flow-control
Default
L2TP session flow control is disabled.
Views
L2TP group view
Predefined user roles
network-admin
Usage guidelines
This feature adds sequence numbers to transmitted packets and uses them to reorder packets arriving out of order and to detect lost packets.
This feature takes effect on both sent and received L2TP data messages. The L2TP sessions support this feature if either the LAC or LNS is enabled with this feature.
When the device acts as an LAC, a change in the flow control status on the LNS causes the same change in the flow control status of L2TP sessions. When the device acts as an LNS, a change in the flow control status on the LAC does not affect the flow control status of L2TP sessions.
Examples
# Enable L2TP session flow control.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] tunnel flow-control
tunnel name
Use tunnel name to specify the local tunnel name.
Use undo tunnel name to restore the default.
Syntax
tunnel name name
undo tunnel name
Default
The local tunnel name is the device name. For more information about the device name, see System Management Configuration Guide.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
name: Specifies the local tunnel name, a case-sensitive string of 1 to 31 characters.
Examples
# Specify the local tunnel name as itsme.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lns
[Sysname-l2tp1] tunnel name itsme
sysname (Fundamentals Command Reference)
tunnel password
Use tunnel password to configure the key for tunnel authentication.
Use undo tunnel password to restore the default.
Syntax
tunnel password { cipher | simple } string
undo tunnel password
Default
No key is configured for tunnel authentication.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
cipher: Specifies a password in encrypted form.
simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.
string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.
Usage guidelines
For this command to take effect, you must enable tunnel authentication by using the tunnel authentication command.
For the tunnel authentication key change to take effect, change the tunnel authentication key before tunnel negotiation is performed.
Examples
# Configure the key for tunnel authentication to a plaintext key yougotit.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] tunnel password simple yougotit
Related commands
tunnel authentication
tunnel timer hello
Use tunnel timer hello to set the Hello interval.
Use undo tunnel timer hello to restore the default.
Syntax
tunnel timer hello hello-interval
undo tunnel timer hello
Default
The Hello interval is 60 seconds.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
hello-interval: Specifies the interval at which the LAC or the LNS sends Hello packets, in the range of 60 to 1000 seconds.
Usage guidelines
The device sends Hello packets at the set interval. This prevents the L2TP tunnels and sessions from being removed due to timeouts.
You can set different Hello intervals for the LNS and LAC.
Examples
# Set the Hello interval to 90 seconds.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] tunnel timer hello 90
tunnel window receive
Use tunnel window receive to set the receiving window size for an L2TP tunnel.
Use undo tunnel window receive to restore the default.
Syntax
tunnel window receive size
undo tunnel window receive
Default
The receiving window size for an L2TP tunnel is 1024.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
size: Specifies the receiving window size in the range of 1 to 5000. It is the number of packets that can be buffered at the local end.
Usage guidelines
To enable the device to process a larger number of disordered packets, use this command to enlarge the receiving window size for an L2TP tunnel.
The device uses a receiving window to reorder disordered packets based on packet sequence numbers.
If the sequence number of a packet is within the receiving window but does not equal the minimum value of the window, the device performs the following operations:
1. The device buffers the packet.
2. The minimum value and maximum value of the receiving window increment by one.
3. The device continues to check the next arriving packet.
If the sequence number of a packet equals the minimum value of the receiving window, the device performs the following operations:
1. The device processes the packet.
2. The minimum value and maximum value of the receiving window increment by one.
3. The device checks buffered packets for a packet with the sequence number equal to the new minimum value of the receiving window.
4. If no required packet is found, the device checks the next arriving packet.
If the sequence number of a packet is not within the receiving window, the device drops the packet.
In the L2TP tunnel establishment process, the device uses the value specified in L2TP group view as the receiving window size.
Changing the receiving window size after an L2TP tunnel is established does not affect the established L2TP tunnel.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Set the receiving window size for L2TP group 1 to 128.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] tunnel window receive 128
Related commands
tunnel window send
tunnel window send
Use tunnel window send to set the sending window size for an L2TP tunnel.
Use undo tunnel window send to restore the default.
Syntax
tunnel window send size
undo tunnel window send
Default
The sending window size for an L2TP tunnel is 0, which means using the value of the receiving window size carried in messages sent by the peer end in the tunnel establishment process.
Views
L2TP group view
Predefined user roles
network-admin
Parameters
size: Specifies the sending window size for an L2TP tunnel, in the range of 0 to 1024. It is the maximum number of packets the device can send to a peer end when the device receives no response from the peer end. If the messages from the peer end carry no receiving window size in the tunnel establishment process, the sending window size for the device is 4.
Usage guidelines
The packet processing capability of a peer end might mismatch the receiving window size of the peer end in some networks. For example, the actual packet processing capability of the peer end is 10, but the receiving window size of the peer end is 20. To ensure stable L2TP services, you can adjust the sending window size for the device to match the actual packet processing capability of the peer end.
The sending window size set in L2TP group view is obtained in the L2TP tunnel establishment process.
· If the sending window size is 0, the device uses the default sending window size.
· If the sending window size is not 0, the device uses the specified value as the sending window size.
Changing the sending window size after an L2TP tunnel is established does not affect the established L2TP tunnel.
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Set the sending window size for L2TP group 1 to 128.
<Sysname> system-view
[Sysname] l2tp-group 1 mode lac
[Sysname-l2tp1] tunnel window send 128
Related commands
tunnel window receive