05-Network Connectivity

HomeSupportReference GuidesCommand ReferencesH3C Access Controllers Command References(R5426P02)-6W10405-Network Connectivity
10-L2TP commands
Title Size Download
10-L2TP commands 123.67 KB

L2TP commands

The following compatibility matrixes show the support of hardware platforms for L2TP:

 

Hardware series

Models

Product code

L2TP compatibility

WX1800H series

WX1804H

EWP-WX1804H-PWR-CN

No

WX2500H series

WX2508H-PWR-LTE

WX2510H

WX2510H-F

WX2540H

WX2540H-F

WX2560H

EWP-WX2508H-PWR-LTE

EWP-WX2510H-PWR

EWP-WX2510H-F-PWR

EWP-WX2540H

EWP-WX2540H-F

EWP-WX2560H

No

WX3000H series

WX3010H

WX3010H-X

WX3010H-L

WX3024H

WX3024H-L

WX3024H-F

EWP-WX3010H

EWP-WX3010H-X-PWR

EWP-WX3010H-L-PWR

EWP-WX3024H

EWP-WX3024H-L-PWR

EWP-WX3024H-F

Yes:

·     WX3010H

·     WX3010H-X

·     WX3024H

·     WX3024H-F

No:

·     WX3010H-L

·     WX3024H-L

WX3500H series

WX3508H

WX3510H

WX3520H

WX3520H-F

WX3540H

EWP-WX3508H

EWP-WX3510H

EWP-WX3520H

EWP-WX3520H-F

EWP-WX3540H

Yes

WX5500E series

WX5510E

WX5540E

EWP-WX5510E

EWP-WX5540E

Yes

WX5500H series

WX5540H

WX5560H

WX5580H

EWP-WX5540H

EWP-WX5560H

EWP-WX5580H

Yes

Access controller modules

LSUM1WCME0

EWPXM1WCME0

LSQM1WCMX20

LSUM1WCMX20RT

LSQM1WCMX40

LSUM1WCMX40RT

EWPXM2WCMD0F

EWPXM1MAC0F

LSUM1WCME0

EWPXM1WCME0

LSQM1WCMX20

LSUM1WCMX20RT

LSQM1WCMX40

LSUM1WCMX40RT

EWPXM2WCMD0F

EWPXM1MAC0F

Yes

Hardware series

Models

Product code

L2TP compatibility

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

EWP-WX1804H-PWR

EWP-WX1810H-PWR

EWP-WX1820H

EWP-WX1840H-GL

Yes

WX3800H series

WX3820H

WX3840H

EWP-WX3820H-GL

EWP-WX3840H-GL

No

WX5800H series

WX5860H

EWP-WX5860H-GL

No

allow l2tp

Use allow l2tp to configure an L2TP network server (LNS) to accept Layer 2 Tunneling Protocol (L2TP) tunneling requests from an L2TP access concentrator (LAC), and to specify a VT interface for tunnel setup.

Use undo allow to restore the default.

Syntax

allow l2tp virtual-template virtual-template-number [ remote remote-name ]

undo allow

Default

An LNS denies L2TP tunneling requests from any LACs.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

virtual-template virtual-template-number: Specifies a VT interface by its number. The value range for the virtual-template-number argument is 0 to 1023.An LNS dynamically creates virtual access (VA) interfaces based on the configuration of a VT interface. Each VA interface is used to carry data for a different L2TP session.

remote remote-name: Specifies the name of the tunnel peer (LAC) initiating tunneling requests, a case-sensitive string of 1 to 31 characters.

Usage guidelines

The allow l2tp command is available only on L2TP groups in LNS mode.

Make sure the specified name of the tunnel peer is consistent with the local name configured on the LAC.

If you execute this command multiple times for an L2TP group, the most recent configuration takes effect.

For L2TP group 1, if you do not specify the remote remote-name option, an LNS accepts tunneling requests from any LACs. In this case, L2TP group 1 acts as the default L2TP group. For L2TP groups other than L2TP group 1, the remote remote-name option must be configured.

The allow l2tp command is available only on LNSs.

·     When an LAC that initiates a tunneling request is the tunnel peer configured in an L2TP group, the LNS uses the tunnel parameters configured in this group for tunnel setup.

·     When the LAC is not the tunnel peer configured in any L2TP group, the LNS performs one of the following operations:

¡     Uses the tunnel parameters for the default L2TP group if it exists.

¡     Fails to set up a tunnel with the LAC if the default L2TP group does not exist.

As a best practice, configure a default L2TP group on the LNS in the following cases:

·     LACs (such as hosts with Windows 2000 Beta 2 installed) include blank local names in their tunneling requests.

·     The LNS sets up tunnels with multiple LACs by using the same tunnel parameters.

Examples

# Specify L2TP group 1 as the default L2TP group, and specify Virtual-Template 1 for tunnel setup. For L2TP group 2, configure the LNS to accept the L2TP tunneling request initiated by the peer (LAC) named aaa, and specify Virtual-Template 2 for tunnel setup.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lns

[Sysname-l2tp1] allow l2tp virtual-template 1

[Sysname-l2tp1] quit

[Sysname] l2tp-group 2 mode lns

[Sysname-l2tp2] allow l2tp virtual-template 2 remote aaa

Related commands

tunnel name

display l2tp session

Use display l2tp session to display information about L2TP sessions.

Syntax

display l2tp session [ statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

statistics: Displays statistics for L2TP sessions.

Examples

# Display statistics for L2TP sessions.

<Sysname> display l2tp session statistics

Total number of sessions: 1

# Display information about L2TP sessions.

<Sysname> display l2tp session

LocalSID      RemoteSID      LocalTID      State

89            36245          10878         Established

Table 1 Command output

Field

Description

LocalSID

Local session ID.

RemoteSID

Remote session ID.

LocalTID

Local tunnel ID.

State

Session state:

·     Idle.

·     Wait-tunnel—Waits for the tunnel to be established.

·     Wait-reply—Waits for an Incoming-Call-Reply (ICRP) message indicating the call is accepted.

·     Wait-connect—Waits for an Incoming-Call-Connected (ICCN) message.

·     Established.

display l2tp session temporary

Use display l2tp session temporary to display information about temporary L2TP sessions.

Syntax

display l2tp session temporary

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display information about temporary L2TP sessions.

<Sysname> display l2tp session temporary

Total number of temporary sessions: 6

LocalSID    RemoteSID    LocalTID    State

2298        0            19699       Wait-tunnel

42805       0            19699       Wait-tunnel

17777       0            19699       Wait-tunnel

58284       0            19699       Wait-tunnel

33256       0            19699       Wait-tunnel

8228        0            19699       Wait-tunnel

Table 2 Command output

Field

Description

LocalSID

Local session ID.

RemoteSID

Remote session ID.

LocalTID

Local tunnel ID.

State

Session state:

·     Idle.

·     Wait-tunnel—Waits for the tunnel to be established.

·     Wait-reply—Waits for an ICRP message indicating the call is accepted.

·     Wait-connect—Waits for an ICCN message.

display l2tp tunnel

Use display l2tp tunnel to display information about L2TP tunnels.

Syntax

display l2tp tunnel [ statistics ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

statistics: Displays statistics for L2TP tunnels.

Examples

# Display statistics for L2TP tunnels.

<Sysname> display l2tp tunnel statistics

Total number of tunnels: 1

# Display information about L2TP tunnels.

<Sysname> display l2tp tunnel

LocalTID RemoteTID State         Sessions RemoteAddress    RemotePort RemoteName

10878    21        Established   1        20.1.1.2         1701       lns

Table 3 Command output

Field

Description

LocalTID

Local tunnel ID.

RemoteTID

Remote tunnel ID.

State

Tunnel state:

·     Idle.

·     Wait-reply.

·     Wait-connect.

·     Established.

·     Stopping.

Sessions

Number of sessions within the tunnel.

RemoteAddress

IP address of the peer.

RemotePort

UDP port number of the peer.

RemoteName

Name of the tunnel peer.

Related commands

reset l2tp tunnel

display l2tp va-pool

Use display l2tp va-pool to display information about L2TP VA pools.

Syntax

display l2tp va-pool

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display information about L2TP VA pools.

<Sysname> display l2tp va-pool

VT interface          Size      Unused      State

Virtual-Template1     1000      900         Normal

Table 4 Command output

Field

Description

VT interface

VT interface that uses the VA pool.

Size

VA pool capacity set for L2TP users.

Unused

VA pool capacity available for L2TP users.

State

Current state of the VA pool:

·     Creating—The VA pool is being created.

·     Destroying—The VA pool is being removed.

·     Normal—The VA pool has been created.

Related commands

l2tp virtual-template va-pool

display ppp access-control interface

Use display ppp access-control interface to display access control information for PPP sessions on a VT interface.

Syntax

display ppp access-control interface virtual-template interface-number

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

virtual-template interface-number: Specifies an existing VT interface by its number.

Examples

# Display access control information for PPP sessions on Virtual-Template 2.

<Sysname> display ppp access-control interface virtual-template 2

Interface: Virtual-Template2:0

  User Name: mike

  In-bound Policy: acl 3000

  Totally 0 packets, 0 bytes, 0% permitted,

  Totally 0 packets, 0 bytes, 0% denied.

 

  Interface: Virtual-Template2:1

  User Name: tim

  In-bound Policy: acl 3001

  Totally 0 packets, 0 bytes, 0% permitted,

  Totally 0 packets, 0 bytes, 0% denied.

Table 5 Command output

Field

Description

Interface

BAS interface that the PPP user accesses.

User Name

Username of the PPP user.

In-bound Policy

Security ACLs for the PPP user.

Totally x packets, x bytes, x% permitted

Total number, data rate, and pass percentage of permitted packets.

Totally x packets, x bytes, x% denied

Total number, data rate, and reject percentage of denied packets.

 

Related commands

ppp access-control enable

ip dscp

Use ip dscp to set the DSCP value of L2TP packets.

Use undo ip dscp to restore the default.

Syntax

ip dscp dscp-value

undo ip dscp

Default

The DSCP value of L2TP packets is 0.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

dscp-value: Specifies the DSCP value of L2TP packets, in the range of 0 to 63.

Usage guidelines

The DSCP field is the IP ToS byte. This field marks the priority of IP packets for forwarding. This command sets the DSCP value for the IP packet when L2TP encapsulates a PPP frame into an IP packet.

Examples

# Set the DSCP value of L2TP packets to 50.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] ip dscp 50

l2tp enable

Use l2tp enable to enable L2TP.

Use undo l2tp enable to disable L2TP.

Syntax

l2tp enable

undo l2tp enable

Default

L2TP is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

For L2TP configurations to take effect, you must enable L2TP.

Examples

# Enable L2TP.

<Sysname> system-view

[Sysname] l2tp enable

l2tp icrq-limit

Use l2tp icrq-limit to set the maximum number of incoming call request (ICRQ) packets that the LNS can process per second.

Use undo l2tp icrq-limit to restore the default.

Syntax

l2tp icrq-limit number

undo l2tp icrq-limit

Default

The maximum number of ICRQ packets that the LNS can process per second is not limited.

Views

System view

Predefined user roles

network-admin

Parameters

number: Specifies the ICRQ packet processing limit in the range of 1 to 1000.

Usage guidelines

To avoid device performance degradation and make sure the LNS can process ICRQ requests correctly, use this command to adjust the ICRQ packet processing rate limit.

Examples

# Set the maximum number of ICRQ packets that the LNS can process per second to 200.

<Sysname> system-view

[Sysname] l2tp icrq-limit 200

l2tp tsa-id

Use l2tp tsa-id to set the TSA ID for the L2TP tunnel switching (LTS) device and enable L2TP loop detection on the LTS device.

Use undo l2tp tsa-id to restore the default.

Syntax

l2tp tsa-id tsa-id

undo l2tp tsa-id

Default

The TSA ID of the LTS device is not set, and L2TP loop detection is disabled on the LTS device.

Views

System view

Predefined user roles

network-admin

Parameters

tsa-id: Specifies a TSA ID that uniquely identifies the LTS device. This argument is a case-sensitive string of 1 to 64 characters.

Usage guidelines

The LTS device compares the configured TSA ID with each TSA ID Attribute Value Pair (AVP) in a received ICRQ packet for loop detection.

·     If a match is found, a loop exists. The LTS immediately tears down the session.

·     If no match is found, the LTS performs the following operations:

a.     Encapsulates the configured TSA ID into a new TSA ID AVP.

b.     Appends the new TSA ID AVP to the packet.

c.     Sends the packet to the next hop LTS.

To avoid loop detection errors, make sure the TSA ID of each LTS device is unique.

Examples

# Set the TSA ID of the LTS device to lts0, and enable L2TP loop detection on the LTS device.

<Sysname> system-view

[Sysname] l2tp tsa-id lts0

l2tp-group

Use l2tp-group to create an L2TP group and enter its view, or enter the view of an existing L2TP group.

Use undo l2tp-group to delete an L2TP group.

Syntax

l2tp-group group-number [ mode { lac | lns } ]

undo l2tp-group group-number

Default

No L2TP group exists.

Views

System view

Predefined user roles

network-admin

Parameters

group-number: Specifies an L2TP group by its number in the range of 1 to 65535.

mode: Specifies a mode for the L2TP group.

lac: Specifies the LAC mode.

lns: Specifies the LNS mode.

Usage guidelines

To create a new L2TP group, you must specify the mode keyword. To enter the view of an existing L2TP group, you do not need to specify this keyword.

In L2TP group view, you can configure L2TP tunnel parameters, such as tunnel authentication and flow control.

A device can have L2TP groups in both LAC and LNS modes at the same time.

Examples

# Create L2TP group 2 in LAC mode, and enter its view.

<Sysname> system-view

[Sysname] l2tp-group 2 mode lac

[Sysname-l2tp2]

Related commands

allow l2tp

lns-ip

user

mandatory-chap

Use mandatory-chap to force the LNS to perform CHAP authentication for users.

Use undo mandatory-chap to restore the default.

Syntax

mandatory-chap

undo mandatory-chap

Default

An LNS does not perform CHAP authentication for users.

Views

L2TP group view

Predefined user roles

network-admin

Usage guidelines

The LNS uses the LAC as an authentication proxy. The LAC sends the LNS all user authentication information from users and the authentication method configured on the LAC itself. The LNS then checks the user validity according to the received information and the locally configured authentication method.

When mandatory CHAP authentication is configured, a user who depends on an LAC to initiate tunneling requests is authenticated by both the LAC and the LNS for increased security. Some users might not support the authentication on the LNS. In this situation, do not configure this command, because CHAP authentication on the LNS will fail.

This command is available only on L2TP groups in LNS mode.

This command takes effect only on NAS-initiated L2TP tunnels.

The mandatory-lcp command takes precedence over this command. If both commands are configured for an L2TP group, the LNS performs LCP renegotiation with the user.

Examples

# Force the LNS to perform CHAP authentication for users.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lns

[Sysname-l2tp1] mandatory-chap

Related commands

mandatory-lcp

mandatory-lcp

Use mandatory-lcp to force an LNS to perform LCP negotiation with users.

Use undo mandatory-lcp to restore the default.

Syntax

mandatory-lcp

undo mandatory-lcp

Default

An LNS does not perform LCP negotiation with users.

Views

L2TP group view

Predefined user roles

network-admin

Usage guidelines

By default, to establish a NAS-initiated tunnel, the user performs LCP negotiation with the LAC. If the negotiation succeeds, the LAC initiates a tunneling request and sends the negotiation results (including authentication information) to the LNS. Then, the LNS determines whether the user is valid based on the information received instead of performing LCP renegotiation with the user.

If you do not expect the LNS to accept LCP negotiation parameters, configure this command to perform an LCP negotiation between the LNS and the user. In this case, the information sent by the LAC will be ignored.

Some users might not support LCP negotiation. In this case, do not configure this command because LCP negotiation will fail.

This command is available only on L2TP groups in LNS mode.

This command takes effect only on NAS-initiated L2TP tunnels.

This command takes precedence over the mandatory-chap command. If both commands are configured for an L2TP group, the LNS performs LCP negotiation with the user.

Examples

# Force an LNS to perform LCP negotiation with users.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lns

[Sysname-l2tp1] mandatory-lcp

Related commands

mandatory-chap

ppp access-control enable

Use ppp access-control enable to enable L2TP-based EAD.

Use undo ppp access-control enable to disable L2TP-based EAD.

Syntax

ppp access-control enable

undo ppp access-control enable

Default

L2TP-based EAD is disabled.

Views

VT interface view

Predefined user roles

network-admin

Usage guidelines

This command does not apply to PPP sessions that already exist on the VT interface. It only applies to newly created PPP sessions on the VT interface.

Different ACLs can be used for different users if the VT interface is used as the access interface for the LNS.

L2TP-based EAD enables the LNS to transparently pass CAMS/IMC packets to the iNode client to inform the client of EAD server information, such as the IP address.

Examples

# Enable L2TP-based EAD.

<Sysname> system-view

[Sysname] interface virtual-template 10

[Sysname-Virtual-Template10] ppp access-control enable

Related commands

display ppp access-control interface

reset l2tp tunnel

Use reset l2tp tunnel to disconnect tunnels and all sessions within the tunnels.

Syntax

reset l2tp tunnel { id tunnel-id | name remote-name }

Views

User view

Predefined user roles

network-admin

Parameters

id tunnel-id: Specifies a tunnel by its local ID in the range of 1 to 65535.

name remote-name: Specifies L2TP tunnels by the tunnel peer name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

When the number of user connections is 0 or a network fault occurs, you can disconnect the L2TP tunnel by using this command on either the LAC or LNS. After the tunnel is disconnected, all sessions within it are disconnected.

If you specify a tunnel peer name, all tunnels with the tunnel peer name will be disconnected. If no tunnel with the tunnel peer name exists, nothing happens.

A tunnel disconnected by force can be re-established when a client makes a call.

Examples

# Disconnect all tunnels with the tunnel peer name of aaa.

<Sysname> reset l2tp tunnel name aaa

Related commands

display l2tp tunnel

tunnel authentication

Use tunnel authentication to enable L2TP tunnel authentication.

Use undo tunnel authentication to disable L2TP tunnel authentication.

Syntax

tunnel authentication

undo tunnel authentication

Default

L2TP tunnel authentication is enabled.

Views

L2TP group view

Predefined user roles

network-admin

Usage guidelines

Tunnel authentication prevents the local end from establishing L2TP tunnels with illegal remote ends.

You can enable tunnel authentication on both sides or either side.

To ensure a successful tunnel establishment when tunnel authentication is enabled on both sides or either side, set the same non-null key on the LAC and the LNS. To set the tunnel authentication key, use the tunnel password command.

When neither side is enabled with tunnel authentication, the key settings of the LAC and the LNS do not affect the tunnel establishment.

For tunnel security, enable tunnel authentication.

Examples

# Enable L2TP tunnel authentication.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lns

[Sysname-l2tp1] tunnel authentication

Related commands

tunnel password

tunnel flow-control

Use tunnel flow-control to enable L2TP session flow control.

Use undo tunnel flow-control to disable L2TP session flow control.

Syntax

tunnel flow-control

undo tunnel flow-control

Default

L2TP session flow control is disabled.

Views

L2TP group view

Predefined user roles

network-admin

Usage guidelines

This feature adds sequence numbers to transmitted packets and uses them to reorder packets arriving out of order and to detect lost packets.

This feature takes effect on both sent and received L2TP data messages. The L2TP sessions support this feature if either the LAC or LNS is enabled with this feature.

When the device acts as an LAC, a change in the flow control status on the LNS causes the same change in the flow control status of L2TP sessions. When the device acts as an LNS, a change in the flow control status on the LAC does not affect the flow control status of L2TP sessions.

Examples

# Enable L2TP session flow control.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] tunnel flow-control

tunnel name

Use tunnel name to specify the local tunnel name.

Use undo tunnel name to restore the default.

Syntax

tunnel name name

undo tunnel name

Default

The local tunnel name is the device name. For more information about the device name, see System Management Configuration Guide.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

name: Specifies the local tunnel name, a case-sensitive string of 1 to 31 characters.

Examples

# Specify the local tunnel name as itsme.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lns

[Sysname-l2tp1] tunnel name itsme

Related commands

sysname (Fundamentals Command Reference)

tunnel password

Use tunnel password to configure the key for tunnel authentication.

Use undo tunnel password to restore the default.

Syntax

tunnel password { cipher | simple } string

undo tunnel password

Default

No key is configured for tunnel authentication.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters.

Usage guidelines

For this command to take effect, you must enable tunnel authentication by using the tunnel authentication command.

For the tunnel authentication key change to take effect, change the tunnel authentication key before tunnel negotiation is performed.

Examples

# Configure the key for tunnel authentication to a plaintext key yougotit.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] tunnel password simple yougotit

Related commands

tunnel authentication

tunnel timer hello

Use tunnel timer hello to set the Hello interval.

Use undo tunnel timer hello to restore the default.

Syntax

tunnel timer hello hello-interval

undo tunnel timer hello

Default

The Hello interval is 60 seconds.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

hello-interval: Specifies the interval at which the LAC or the LNS sends Hello packets, in the range of 60 to 1000 seconds.

Usage guidelines

The device sends Hello packets at the set interval. This prevents the L2TP tunnels and sessions from being removed due to timeouts.

You can set different Hello intervals for the LNS and LAC.

Examples

# Set the Hello interval to 90 seconds.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] tunnel timer hello 90

tunnel window receive

Use tunnel window receive to set the receiving window size for an L2TP tunnel.

Use undo tunnel window receive to restore the default.

Syntax

tunnel window receive size

undo tunnel window receive

Default

The receiving window size for an L2TP tunnel is 1024.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

size: Specifies the receiving window size in the range of 1 to 5000. It is the number of packets that can be buffered at the local end.

Usage guidelines

To enable the device to process a larger number of disordered packets, use this command to enlarge the receiving window size for an L2TP tunnel.

The device uses a receiving window to reorder disordered packets based on packet sequence numbers.

If the sequence number of a packet is within the receiving window but does not equal the minimum value of the window, the device performs the following operations:

1.     The device buffers the packet.

2.     The minimum value and maximum value of the receiving window increment by one.

3.     The device continues to check the next arriving packet.

If the sequence number of a packet equals the minimum value of the receiving window, the device performs the following operations:

1.     The device processes the packet.

2.     The minimum value and maximum value of the receiving window increment by one.

3.     The device checks buffered packets for a packet with the sequence number equal to the new minimum value of the receiving window.

4.     If no required packet is found, the device checks the next arriving packet.

If the sequence number of a packet is not within the receiving window, the device drops the packet.

In the L2TP tunnel establishment process, the device uses the value specified in L2TP group view as the receiving window size.

Changing the receiving window size after an L2TP tunnel is established does not affect the established L2TP tunnel.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the receiving window size for L2TP group 1 to 128.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] tunnel window receive 128

Related commands

tunnel window send

tunnel window send

Use tunnel window send to set the sending window size for an L2TP tunnel.

Use undo tunnel window send to restore the default.

Syntax

tunnel window send size

undo tunnel window send

Default

The sending window size for an L2TP tunnel is 0, which means using the value of the receiving window size carried in messages sent by the peer end in the tunnel establishment process.

Views

L2TP group view

Predefined user roles

network-admin

Parameters

size: Specifies the sending window size for an L2TP tunnel, in the range of 0 to 1024. It is the maximum number of packets the device can send to a peer end when the device receives no response from the peer end. If the messages from the peer end carry no receiving window size in the tunnel establishment process, the sending window size for the device is 4.

Usage guidelines

The packet processing capability of a peer end might mismatch the receiving window size of the peer end in some networks. For example, the actual packet processing capability of the peer end is 10, but the receiving window size of the peer end is 20. To ensure stable L2TP services, you can adjust the sending window size for the device to match the actual packet processing capability of the peer end.

The sending window size set in L2TP group view is obtained in the L2TP tunnel establishment process.

·     If the sending window size is 0, the device uses the default sending window size.

·     If the sending window size is not 0, the device uses the specified value as the sending window size.

Changing the sending window size after an L2TP tunnel is established does not affect the established L2TP tunnel.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the sending window size for L2TP group 1 to 128.

<Sysname> system-view

[Sysname] l2tp-group 1 mode lac

[Sysname-l2tp1] tunnel window send 128

Related commands

tunnel window receive

 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网