05-Network Connectivity

HomeSupportResource CenterWirelessH3C WBC Series Multiservice Access ControllersH3C WBC Series Multiservice Access ControllersTechnical DocumentsCommandCommand ReferencesH3C WBC Series Multservice Access Controllers Command References(E5448)-6W10005-Network Connectivity
07-PPP commands
Title Size Download
07-PPP commands 327.90 KB

Contents

PPP commands· 1

PPP commands· 1

display ip pool 1

display ppp access-user 2

display ppp compression iphc· 7

ip address ppp-negotiate· 8

ip pool 9

ip pool gateway· 10

nas-port-type· 11

ppp account-statistics enable· 12

ppp authentication-mode· 12

ppp chap password· 14

ppp chap user 14

ppp compression iphc enable· 15

ppp compression iphc rtp-connections· 16

ppp compression iphc tcp-connections· 16

ppp ipcp dns· 17

ppp ipcp dns admit-any· 18

ppp ipcp dns request 19

ppp ipcp remote-address match· 19

ppp ip-pool route· 20

ppp lcp delay· 21

ppp pap local-user 21

ppp timer negotiate· 22

remote address· 23

remote address dhcp client-identifier 24

reset ppp access-user 25

reset ppp compression iphc· 25

timer-hold· 26

timer-hold retry· 27

PPPoE commands· 28

PPPoE server commands· 28

display pppoe-server session packet 28

display pppoe-server session summary· 29

display pppoe-server throttled-mac· 30

display pppoe-server va-pool 31

ppp lcp echo mru verify· 31

pppoe-server access-delay· 32

pppoe-server access-line-id bas-info· 33

pppoe-server access-line-id circuit-id parse-mode· 34

pppoe-server access-line-id circuit-id trans-format 35

pppoe-server access-line-id content 36

pppoe-server access-line-id remote-id trans-format 37

pppoe-server access-line-id trust 38

pppoe-server bind· 38

pppoe-server session-limit 39

pppoe-server session-limit per-mac· 40

pppoe-server session-limit per-vlan· 41

pppoe-server session-limit total 42

pppoe-server tag ac-name· 42

pppoe-server tag ppp-max-payload· 43

pppoe-server tag service-name· 44

pppoe-server throttle per-mac· 45

pppoe-server virtual-template va-pool 46

reset pppoe-server 47

 


PPP commands

The access controller modules do not support parameters or commands that are available only in IRF mode.

PPP commands

display ip pool

Use display ip pool to display PPP address pools.

Syntax

display ip pool [ pool-name | group group-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

pool-name: Specifies a PPP address pool by its name, a case-sensitive string of 1 to 31 characters.

group group-name: Displays PPP address pools in a group specified by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

If you do not specify any parameters, the command displays brief information about all PPP address pools.

If you specify an address pool, the command displays detailed information about the specified PPP address pool.

Examples

# Display brief information about all PPP address pools.

<Sysname> display ip pool

Group name: a

  Pool name           Start IP address    End IP address      Free   In use

  aaa1                1.1.1.1             1.1.1.5             5      0

  aaa2                1.1.1.6             1.1.1.10            5      0

Group name: b

  Pool name           Start IP address    End IP address      Free   In use

  bbb                 1.1.2.1             1.1.2.5             4      1

                      2.2.2.1             2.2.2.5             5      0

# Display brief information about the PPP address pools in group a.

<Sysname> display ip pool group a

Group name: a

  Pool name           Start IP address    End IP address      Free   In use

  aaa1                1.1.1.1             1.1.1.5             5      0

  aaa2                1.1.1.6             1.1.1.10            5      0

# Display detailed information about PPP address pool bbb.

<Sysname> display ip pool bbb

Group name: b

  Pool name           Start IP address    End IP address      Free   In use

  bbb                 1.1.2.1             1.1.2.5             4      1

                      2.2.2.1             2.2.2.5             5      0

In use IP addresses:

  IP address      Interface

  1.1.2.1         Virtual-Template1

Table 1 Command output

Field

Description

Free

Number of free IP addresses.

In use

Number of IP addresses that have been assigned.

In use IP addresses

Information about the IP addresses that have been assigned.

Interface

Local interface that requests the IP address for the peer interface.

Related commands

ip pool

display ppp access-user

Use display ppp access-user to display PPP user information.

Syntax

display ppp access-user { interface interface-type interface-number [ count ] | ip-address ipv4-address  | ipv6-address ipv6-address| username user-name | user-type { lac | lns  | pppoa| pppoe } [ count ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays brief information about PPP users on the specified interface.

ip-address ipv4-address: Displays detailed information about the PPP user specified by its IPv4 address.

ipv6-address ipv6-address: Displays detailed information about the PPP user specified by its IPv6 address.

username user-name: Displays detailed information about the PPP user specified by its username, a case-sensitive string of 1 to 80 characters.

user-type: Displays brief information about online users of the specified type.

lac: Displays brief information about L2TP users for an LAC.

lns: Displays brief information about L2TP users for an LNS.

pppoa: Displays brief information about PPPoA users.

pppoe: Displays brief information about PPPoE users.

count: Displays the total number of PPP users matching the specified criterion.

Usage guidelines

Brief information about a PPP user includes the following:

·     Brief name of the VA interface.

·     Username.

·     MAC address.

·     IPv4 address, IPv6 address, or IPv6 prefix of the PPP user.

Detailed information about a PPP user includes the following:

·     Brief name of the VA interface.

·     User ID.

·     Username.

·     Authentication information.

·     Uplink and downlink traffic.

·     Access start time of the PPP user.

In an L2TP network, this command is supported on an LAC only if a remote system dials in to the LAC through a PPPoE network. For more information about L2TP, see L2TP configuration in Network Connectivity Configuration Guide.

Examples

# Display brief information about PPP users on GigabitEthernet 1/0/2.

<Sysname> display ppp access-user interface gigabitethernet 1/0/2

Interface     Username    MAC address     IP address       IPv6 address    IPv6 PDPrefix

VA0           user1@dm1   0001-0101-9101  192.168.100.173  -               -

VA1           user2@dm2   0001-0101-9101  192.168.80.173   2000::1         -

# Display the total number of PPP users on GigabitEthernet 1/0/2.

<Sysname> display ppp access-user interface gigabitethernet 1/0/2 count

Total users: 2

Table 2 Command output

Field

Description

Interface

Name of the VA interface corresponding to the user.

Username

Username of the user.

A hyphen (-) means that the user does not need authentication.

MAC address

MAC address of the user.

A hyphen (-) means that the user is not a PPPoE user.

IP address

IP address of the user. A hyphen (-) means that no IP address is assigned to the user.

IPv6 address

‌IPv6 address of the user. A hyphen (-) means that no IPv6 address is assigned to the user.

IPv6 PD prefix

‌IPv6 prefix of the user. A hyphen (-) means that no IPv6 prefix is assigned to the user.

Total users

Total number of PPP users.

# Display detailed information about the PPP user whose IP address is 50.50.50.3.

<Sysname> display ppp access-user ip-address 50.50.50.3

Basic:

  Interface: VA0

  User ID: 0x28000002

  Username: user1@hrss

  Domain: hrss

  Access interface: RAGG2

  Service-VLAN/Customer-VLAN: -/-

  MAC address: 0000-0000-0001

  IP address: 50.50.50.3

  IPv6 address: -

  IPv6 PD prefix: -

  VPN instance: 123

  Access type: PPPoE

  Authentication type: CHAP

 

AAA:

  Authentication state: Authenticated

  Authorization state: Authorized

  Realtime accounting switch: Open

  Realtime accounting interval: 60s

  Login time: 2013-1-19  2:42:3:358

  Accounting start time: 2013-1-19  2:42:3:382

  Online time(hh:mm:ss): 0:7:34

  Accounting state: Accounting

  Idle cut: 0 sec  0 byte

  Session timeout: 12000 s

  Time remained: 8000 s

  Byte remained: 20971520 bytes

  Redirect WebURL: http://6.6.6.6

 

ACL&QoS:

  User profile: profile123 (active)

  User group profile: -

  Inbound CAR: CIR 64000bps PIR 640000bps CBS 500bit

  Outbound CAR: CIR 64000bps PIR 640000bps CBS 500bit

 

NAT:

  Global IP address: 111.8.0.200

  Port block: 28744-28748

 

Flow Statistic:

  IPv4 uplink   packets/bytes: 7/546

  IPv4 downlink packets/bytes: 0/0

  IPv6 uplink   packets/bytes: 0/0

  IPv6 downlink packets/bytes: 0/0

 

ITA:

  Level-1 uplink   packets/bytes: 100/128000

          downlink packets/bytes: 200/256000

  Level-2 uplink   packets/bytes: 100/128000

          downlink packets/bytes: 200/256000

Table 3 Command output

Field

Description

Basic

Basic information.

Interface

Brief name of the VA interface that corresponds to the user.

Username

Username of the user.

A hyphen (-) means that the user does not need authentication.

Domain

ISP domain name for authentication.

A hyphen (-) means that no ISP domain is specified for authentication.

Access interface

Name of the access interface of the user.

Service-VLAN/Customer-VLAN

Service provider VLAN and customer VLAN information of the user.

A hyphen (-) means that no VLAN information is available.

IP address

IP address of the user. A hyphen (-) means that no IP address is assigned to the user.

IPv6 address

‌IPv6 address of the user. A hyphen (-) means that no IPv6 address is assigned to the user.

IPv6 PD prefix

‌Delegated IPv6 prefix of the user. A hyphen (-) means that no delegated IPv6 prefix is assigned to the user.

VPN instance

This field is not supported in the current software version.VPN instance to which the user belongs.

A hyphen (-) means that the user is not bound to any VPN instance.

Access type

Access type of the user:

·     PPPoE.

·     PPPoA.

·     L2TP.

Authentication type

Authentication type of the user:

用户接入采用的认证类型,包括:PAPCHAP

Authentication state

Authentication state of the user:

·     Idle—The user has not been authenticated.

·     Authenticating—The user is being authenticated.

·     Authenticated—The user has been authenticated.

Authorization state

Authorization state of the user:

·     Idle—The user has not been authorized.

·     Authorizing—The user is being authorized.

·     Authorized—The user has been authorized.

Realtime accounting switch

·     Open—The switch is on.

·     Closed—The switch is off.

Realtime accounting interval

Realtime accounting interval in seconds.

A hyphen (-) means that no real-time accounting interval is authorized.

Login time

Time when the user accessed the device through PPP.

Accounting start time

Time when accounting started.

A hyphen (-) means that no accounting is performed on the user.

Online time(hh:mm:ss)

Online duration of the current login.

Accounting state

Accounting state of the user:

·     AccountingAccounting is on.

·     StopAccounting stops.

Idle cut

Traffic threshold for logging off the user in idle state.

If the traffic is less than the threshold within the specified period, the user is forcibly logged off.

Session timeout

Authorization time for the user, in seconds.

A hyphen (-) means that no authorization time is specified for the user.

Time remained

Remaining time for the user to stay online, in seconds.

A hyphen (-) means that no authorization time is specified for the user.

Byte remained

Remaining traffic for the user.

A hyphen (-) means that no authorization traffic is specified for the user.

Redirect WebURL

Redirect Web URL address for the user.

A hyphen (-) means that no redirect Web URL address is specified for the user.

User group profile

Name of the authorized user group profile. The hyphen (-) means that no user group profile is authorized.

The user group profile has two states:

·     activeThe authorized user group profile is successfully issued.

·     inactiveThe authorized user group profile fails to be issued.

Inbound CAR

Authorized inbound CAR parameters, which contain the CIR (in bps), the PIR (in bps), and the CBS (in bits).

Outbound CAR

Authorized outbound CAR parameters, which contain the CIR (in bps), the PIR (in bps), and the CBS (in bits).

Global IP address

Global IP address of the user. This field is displayed if NAT444 is used. For information about NAT444, see Network Connectivity Configuration Guide.

Port block

Port block of the user, from the start port to the end port.

This field is displayed if NAT444 is used.

IPv4 uplink   packets/bytes

Number of packets and bytes for IPv4 uplink traffic.

IPv4 downlink packets/bytes

Number of packets and bytes for IPv4 downlink traffic.

IPv6 uplink   packets/bytes

‌Number of packets and bytes for IPv6 uplink traffic.

IPv6 downlink packets/bytes

‌Number of packets and bytes for IPv6 downlink traffic.

Level-n uplink   packets/bytes

             downlink packets/bytes

Number of packets and bytes for uplink traffic at accounting level n. The value for n depends on the traffic level command, and its value range is 1 to 8.

 

Related commands

reset ppp access-user

display ppp compression iphc

Use display ppp compression iphc to display IP header compression (IPHC) statistics.

Syntax

display ppp compression iphc { rtp | tcp } [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

rtp: Displays IPHC RTP header compression statistics.

tcp: Displays IPHC TCP header compression statistics.

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify this option, the command displays IPHC statistics on all interfaces.

Usage guidelines

When IPHC applies to a normal PPP link, the physical interface performs IPHC. You can view the compression information on the physical interface.

Examples

# Display IPHC RTP header compression statistics.

<Sysname> display ppp compression iphc rtp

Interface: Virtual-Access0

  Received:

    Compressed/Error/Total: 0/0/0 packets

  Sent:

    Compressed/Total: 0/0 packets

    Sent/Saved/Total: 0/0/0 bytes

    Packet-based compression ratio: 0%

    Byte-based compression ratio: 0%

  Connections:

    Rx/Tx: 16/16

    Five-Minute-Miss: 0 (Misses/5Mins)

    Max-Miss: 0

# Display IPHC TCP header compression statistics.

<Sysname> display ppp compression iphc tcp

Interface: Virtual-Access0

  Received:

    Compressed/Error/Total: 0/0/0 packets

  Sent:

    Compressed/Total: 0/0 packets

    Sent/Saved/Total: 0/0/0 bytes

    Packet-based compression ratio: 0%

    Byte-based compression ratio: 0%

  Connections:

    Rx/Tx: 16/16

    Five-Minute-Miss: 0 (Misses/5Mins)

    Max-Miss: 0

Table 4 Command output

Field

Description

Received:

  Compressed/Error/Total

Statistics for received packets:

·     Compressed—Number of compressed packets.

·     Error—Number of error packets.

·     Total—Total number of received packets.

Sent:

  Compressed/Total

  Sent/Saved/Total

  Packet-based compression ratio

  Byte-based compression ratio

Statistics for sent packets:

·     Compressed—Number of compressed packets.

·     Total—Total number of sent packets.

·     Sent—Bytes of sent packets.

·     Saved—Bytes of saved packets.

·     Total—Total bytes to be sent if packets are not compressed.

·     Packet-based compression ratio—Ratio of compressed packets to the total sent packets.

·     Byte-based compression ratio—Ratio of saved bytes to the total sent bytes.

Connections:

  Rx/Tx

  Five-Minute-Miss

  Max-Miss

Number of connections.

·     Rx—Number of connections that the receiver can decompress.

·     Tx—Number of connections that the sender can compress.

·     Five-Minute-Miss—Number of search failures within the last 5 minutes.

·     Max-Miss—Maximum number of search failures within 5 minutes.

 

Related commands

ppp compression iphc enable

reset ppp compression iphc

 

ip address ppp-negotiate

Use ip address ppp-negotiate to enable IP address negotiation on an interface, so that the interface can accept the IP address allocated by the server.

Use undo ip address ppp-negotiate to restore the default.

Syntax

ip address ppp-negotiate

undo ip address ppp-negotiate

Default

IP address negotiation is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

If you execute the ip address ppp-negotiate and ip address commands multiple times, the most recent configuration takes effect.

Examples

# Enable IP address negotiation on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ip address ppp-negotiate

Related commands

ip address (Network Connectivity Command Reference)

remote address

ip pool

Use ip pool to configure a PPP address pool.

Use undo ip pool to remove a PPP address pool or an IP address range of the PPP address pool.

Syntax

ip pool pool-name start-ip-address [ end-ip-address ] [ group group-name ]

undo ip pool pool-name [ start-ip-address [ end-ip-address ] ]

Default

No PPP address pool is configured.

Views

System view

Predefined user roles

network-admin

Parameters

pool-name: Specifies a name for the PPP address pool to be created, a case-sensitive string of 1 to 31 characters.

start-ip-address [ end-ip-address ]: Specifies an IP address range. If you do not specify the end-ip-address argument, the PPP address pool has only the start IP address.

group group-name: Specifies a group by its name to which the PPP address pool belongs. The group name is a case-sensitive string of 1 to 31 characters. If you do not specify this option, the group name is default (the default group).

Usage guidelines

Each address space is represented by a group. One group can contain multiple PPP address pools, but one PPP address pool can belong to only one group.

One PPP address pool can contain multiple IP address ranges. You can execute this command multiple times to specify multiple IP address ranges for a PPP address pool. A PPP address pool can contain a maximum of 65535 IP addresses, and so can an IP address range.

IP address ranges in different groups can be overlapping, but those in the same group cannot.

Changes to a PPP address pool do not affect assigned IP addresses. For example, if you delete a PPP address pool from which an IP address has been assigned, the IP address can still be used.

When assigning IP address to users through a PPP address pool, make sure the PPP address pool excludes the gateway IP address of the PPP address pool.

Examples

# Configure PPP address pool aaa that contains IP addresses 129.102.0.1 through 129.102.0.10 for group a.

<Sysname> system-view

[Sysname] ip pool aaa 129.102.0.1 129.102.0.10 group a

Related commands

display ip pool

ip pool gateway

 

Use ip pool gateway to configure a gateway address for a PPP address pool.

Use undo ip pool gateway to remove the gateway address for the specified PPP address pool.

Syntax

ip pool pool-name gateway ip-address

undo ip pool pool-name gateway

Default

A PPP address pool is not configured with a gateway address.

Views

System view

Predefined user roles

network-admin

Parameters

pool-name: Specifies an existing PPP address pool by its name, a case-sensitive string of 1 to 31 characters.

ip-address: Specifies a gateway address for the PPP address pool.

Usage guidelines

An interface on a BRAS must have an IP address before it can assign an IP address from a PPP or DHCP address pool to a client. This command enables interfaces that have no IP address to use a gateway address for IPCP negotiation and address allocation.

When you configure a gateway address for a PPP address pool, follow these restrictions and guidelines:

·     If you also specify an IP address for an interface, the interface uses its own IP address to perform IPCP negotiation.

·     You can specify any gateway address for a PPP address pool.

Examples

# Specify gateway address 1.1.1.1 for PPP address pool aaa.

<Sysname> system-view

[Sysname] ip pool aaa gateway 1.1.1.1

Related commands

ip pool

nas-port-type

Use nas-port-type to configure the NAS-Port-Type attribute on a VT interface.

Use undo nas-port-type to restore the default.

Syntax

nas-port-type { ethernet | virtual }

undo nas-port-type

Default

The NAS-Port-Type attribute is determined by the service type and link type of the PPP user, as shown in Table 5.

Table 5 Default NAS-Port-Type attribute

Service type

Link type

NAS-Port-Type attribute

PPPoE

Any

ethernet

L2TP

Any

virtual

Views

VT interface view

Predefined user roles

network-admin

Parameters

ethernet: Specifies Ethernet. The code value is 15.

virtual: Specifies virtual. The code value is 5.

Usage guidelines

The NAS-Port-Type attribute is used for RADIUS authentication and accounting. For more information about the NAS-Port-Type attribute, see RFC 2865.

This command does not affect existing users.

Examples

# Set the NAS-Port-Type attribute to sync for Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] nas-port-type sync

ppp account-statistics enable

Use ppp account-statistics enable to enable PPP accounting on an interface.

Use undo ppp account-statistics enable to disable PPP accounting on an interface.

Syntax

ppp account-statistics enable  [ acl { acl-number | name acl-name } ]

undo ppp account-statistics enable

Default

PPP accounting is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

acl: Specifies an ACL to match traffic. If no ACL is specified, the device generates statistics for all PPP traffic.

acl-number: Specifies an ACL by its number in the range of 2000 to 3999, where:

·     2000 to 2999 are numbers for basic IPv4 and IPv6 ACLs.

·     3000 to 3999 are numbers for advanced IPv4 and IPv6 ACLs.

If the specified ACL number corresponds to an IPv4 ACL and an IPv6 ACL, both ACLs take effect.

name acl-name: Specifies an ACL by its name, a case-insensitive string of 1 to 63 characters that start with an alphabetical character. To avoid confusion, do not use all as an ACL name.

Examples

# Enable PPP accounting on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp account-statistics enable

ppp authentication-mode

Use ppp authentication-mode to configure PPP authentication on an interface.

Use undo ppp authentication-mode to restore the default.

Syntax

ppp authentication-mode { chap | pap } * [ [ call-in ] domain { isp-name | default enable isp-name } ]

undo ppp authentication-mode

Default

PPP authentication is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

chap: Uses CHAP authentication.

pap: Uses PAP authentication.

call-in: Authenticates the call-in users only.

domain isp-name: Specifies the ISP domain name for authentication, a case-insensitive string of 1 to 255 characters.

default enable isp-name: Specifies the default ISP domain name for authentication, a case-insensitive string of 1 to 255 characters.

Usage guidelines

PPP authentication includes the following categories:

·     PAP—Two-way handshake authentication. The password is in plain text or cipher text.

·     CHAP—Three-way handshake authentication. The password is in plain text or cipher text.

You can configure multiple authentication modes.

In any PPP authentication mode, AAA determines whether a user can pass the authentication through a local authentication database or an AAA server. For more information about AAA authentication, see User Access and Authentication Configuration Guide.

If multiple ISP domains are available, the ISP domains are used in the following order:

1.     ISP domain specified by the domain isp-name option in this command.

Associate a PPP address pool with this ISP domain for address allocation if necessary.

2.     ISP domain contained in the username.

If the ISP domain does not exist on the local device, the user's access request is denied.

3.     ISP domain specified by the domain default enable isp-name option in this command.

4.     Default system ISP domain.

You can use the domain default command to configure the default system ISP domain. If no system default ISP domain is configured, ISP domain system is used.

Examples

# Configure Virtual-Template 1 to authenticate the peer by using PAP.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp authentication-mode pap

# Configure Virtual-Template 1 to authenticate the peer by using PAP and CHAP.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp authentication-mode pap chap

Related commands

domain default (User Access and Authentication Command Reference)

local-user (User Access and Authentication Command Reference)

ppp chap password

ppp chap user

ppp pap local-user

ppp chap password

Use ppp chap password to set the password for CHAP authentication on an interface.

Use undo ppp chap password to restore the default.

Syntax

ppp chap password { cipher | simple } string

undo ppp chap password

Default

No password is set for CHAP authentication on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 255 characters. Its encrypted form is a case-sensitive string of 1 to 373 characters.

 

Examples

# Set the password for CHAP authentication to plaintext password sysname on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp chap password simple sysname

Related commands

ppp authentication-mode chap

ppp chap user

Use ppp chap user to set the username for CHAP authentication on an interface.

Use undo ppp chap user to restore the default.

Syntax

ppp chap user username

undo ppp chap user

Default

The username for CHAP authentication is null on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

username: Specifies the username for CHAP authentication, a case-sensitive string of 1 to 80 characters. The username is sent to the peer for the local device to be authenticated.

Usage guidelines

To pass CHAP authentication, the username/password of one side must be the local username/password on the peer.

Examples

# Set the username for CHAP authentication to Root on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp chap user Root

Related commands

ppp authentication-mode chap

ppp compression iphc enable

Use ppp compression iphc enable to enable IPHC on an interface.

Use undo ppp compression iphc enable to disable IPHC on an interface.

Syntax

ppp compression iphc enable [ nonstandard ]

undo ppp compression iphc enable

Default

IPHC is disabled on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

nonstandard: Specifies the nonstandard encapsulation format. If you do not specify this keyword, packets are encapsulated in standard format. You must specify this keyword when the device communicates with a non-H3C device. If you specify this keyword, this command enables RTP header compression.

Usage guidelines

IPHC includes RTP header compression and TCP header compression.

Enabling or disabling IPHC enables or disables both RTP header compression and TCP header compression.

To use IPHC, you must enable it on both sides of a PPP link.

Examples

# Enable IPHC on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp compression iphc enable

ppp compression iphc rtp-connections

Use ppp compression iphc rtp-connections to set the maximum number of connections for which an interface can perform RTP header compression.

Use undo ppp compression iphc rtp-connections to restore the default.

Syntax

ppp compression iphc rtp-connections number

undo ppp compression iphc rtp-connections

Default

An interface can perform RTP header compression for a maximum of 16 connections.

Views

Interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of connections for which an interface can perform RTP header compression. The value range for this argument is 3 to 1000:

·     When the number argument is set to a value less than or equal to 256, packets are compressed in the format of COMPRESSED RTP 8.

·     When the number argument is set to a value greater than 256, packets are compressed in the format of COMPRESSED RTP 16.

Usage guidelines

RTP is a connection-oriented protocol. An interface can accommodate multiple RTP connections.

RTP header compression occupies memory resources for maintaining connection information. This command can limit memory resources used by compression. For example, if you set the limit to 3, RTP header compression only applies to a maximum of three RTP connections.

After you execute this command, you must shut down and then bring up the interface to make the command take effect.

You can configure this command only when IPHC is enabled. The configuration is removed after IPHC is disabled.

Examples

# Set the maximum number of connections for which Virtual-Template 1 can perform RTP header compression to 10.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp compression iphc enable

[Sysname-Virtual-Template1] ppp compression iphc rtp-connections 10

Related commands

ppp compression iphc enable

ppp compression iphc tcp-connections

Use ppp compression iphc tcp-connections to set the maximum number of connections for which an interface can perform TCP header compression.

Use undo ppp compression iphc tcp-connections to restore the default.

Syntax

ppp compression iphc tcp-connections number

undo ppp compression iphc tcp-connections

Default

An interface can perform TCP header compression for a maximum of 16 connections.

Views

Interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of connections for which an interface can perform TCP header compression. The value range for this argument is 3 to 256.

Usage guidelines

TCP is a connection-oriented protocol. A link can accommodate multiple TCP connections.

TCP header compression occupies memory resources for maintaining connection information. This command can limit memory resources used by compression. For example, if you set the limit to 3, TCP header compression only applies to a maximum of three TCP connections.

After you execute this command, you must shut down and then bring up the interface to make the command take effect.

You can configure this command only when IPHC is enabled and packets are encapsulated in standard format. The configuration is removed after IPHC is disabled or packets are encapsulated in nonstandard format.

Examples

# Set the maximum number of connections for which Virtual-Template 1 can perform TCP header compression to 10.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp compression iphc enable

[Sysname-Virtual-Template1] ppp compression iphc tcp-connections 10

Related commands

ppp compression iphc enable

ppp ipcp dns

Use ppp ipcp dns to configure the primary and secondary DNS server IP addresses to be allocated in PPP negotiation on an interface.

Use undo ppp ipcp dns to delete the primary and secondary DNS server IP addresses to be allocated in PPP negotiation on an interface.

Syntax

ppp ipcp dns primary-dns-address [ secondary-dns-address ]

undo ppp ipcp dns primary-dns-address [ secondary-dns-address ]

Default

The DNS server IP addresses to be allocated in PPP negotiation are not configured on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

primary-dns-address: Specifies a primary DNS server IP address.

secondary-dns-address: Specifies a secondary DNS server IP address.

Usage guidelines

A device can assign DNS server IP addresses to its peer during PPP negotiation when the peer initiates requests.

To check the allocated DNS server IP addresses, execute the winipcfg or ipconfig /all command on the host.

Examples

# Set the primary and secondary DNS server IP addresses to 100.1.1.1 and 100.1.1.2 for the peer on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp ipcp dns 100.1.1.1 100.1.1.2

ppp ipcp dns admit-any

Use ppp ipcp dns admit-any to configure an interface to accept the DNS server IP addresses assigned by the peer even though it does not request DNS server IP addresses from the peer.

Use undo ppp ipcp dns admit-any to restore the default.

Syntax

ppp ipcp dns admit-any

undo ppp ipcp dns admit-any

Default

An interface does not accept the DNS server IP addresses assigned by the peer if it does not request DNS server IP addresses from the peer.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

You can configure an interface to accept the DNS server IP addresses assigned by the peer, through which domain names can be resolved for the device.

Typically, the server assigns a DNS server address to a client in PPP negotiation only when the client is configured with the ppp ipcp dns request command. Some servers, however,  forcibly assign DNS server addresses to clients. You must configure the ppp ipcp dns admit-any command on the client devices to accept the DNS server addresses.

Examples

# Configure Virtual-Template 1 to accept DNS server IP addresses allocated by the peer.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp ipcp dns admit-any

Related commands

ppp ipcp dns request

ppp ipcp dns request

Use ppp ipcp dns request to enable an interface to actively request the DNS server IP address from its peer.

Use undo ppp ipcp dns request to restore the default.

Syntax

ppp ipcp dns request

undo ppp ipcp dns request

Default

An interface does not actively request the DNS server IP address from its peer.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

If a device is connected to a provider's access server through a PPP link, you can use this command. Then, the device can obtain the specified DNS server IP address from the access server during IPCP negotiation.

You can check the DNS server IP addresses by displaying information about the interface.

Examples

# Enable Virtual-Template 1 to actively request the DNS server IP address from its peer.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp ipcp dns request

ppp ipcp remote-address match

Use ppp ipcp remote-address match to enable the IP segment match feature for PPP IPCP negotiation on an interface.

Use undo ppp ipcp remote-address match to restore the default.

Syntax

ppp ipcp remote-address match

undo ppp ipcp remote-address match

Default

The IP segment match feature is disabled for PPP IPCP negotiation on an interface.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

This command enables the local interface to check whether its IP address and the IP address of the remote interface are in the same network segment. If they are not, IPCP negotiation fails.

Examples

# Enable the IP segment match feature on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp ipcp remote-address match

ppp ip-pool route

Use ppp ip-pool route to configure a PPP address pool route.

Use undo ppp ip-pool route to remove a PPP address pool route.

Syntax

ppp ip-pool route ip-address { mask-length | mask } 

undo ppp ip-pool route ip-address { mask-length | mask }

Default

No PPP address pool route is configured.

Views

System view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the destination IP address of the PPP address pool route, in dotted decimal notation.

mask-length: Specifies a mask length for the IP address, in the range of 0 to 32.

mask: Specifies a mask for the IP address, in dotted decimal notation.

Usage guidelines

The BRAS uses PPP address pool routes to control downlink traffic forwarding.

After you configure a PPP address pool route, the BRAS generates a static blackhole route destined for the specified network. All traffic matching the blackhole route is discarded. When a legal user logs in, the BRAS adds a host route destined for the specified network. In addition, the BRAS uses a dynamic routing protocol to redistribute the PPP address pool route to the upstream device.

Figure 1 Network diagram for the PPP address pool route

 

Make sure the destination network of the PPP address pool route includes the PPP address pool. You can execute this command multiple times to configure multiple PPP address pool routes.

Examples

# Configure the PPP address pool route as 2.2.2.2/24.

<Sysname> system-view

[Sysname] ppp ip-pool route 2.2.2.2 24

ppp lcp delay

Use ppp lcp delay to set the LCP negotiation delay timer.

Use undo ppp lcp delay to restore the default.

Syntax

ppp lcp delay milliseconds

undo ppp lcp delay

Default

PPP starts LCP negotiation immediately after the physical layer comes up.

Views

Interface view

Predefined user roles

network-admin

Parameters

milliseconds: Specifies the LCP negotiation delay timer in the range of 1 to 10000 milliseconds.

Usage guidelines

If two ends of a PPP link vary greatly in the LCP negotiation packet processing rate, configure this command on the end with a higher processing rate. The LCP negotiation delay timer prevents frequent LCP negotiation packet retransmission. After the physical layer comes up, PPP starts LCP negotiation when the delay timer expires. If PPP receives LCP negotiation packets before the delay timer expires, it starts LCP negotiation immediately.

Examples

# Set the LCP negotiation delay timer to 130 milliseconds.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp lcp delay 130

ppp pap local-user

Use ppp pap local-user to set the local username and password for PAP authentication on an interface.

Use undo ppp pap local-user to restore the default.

Syntax

ppp pap local-user username password { cipher | simple } string

undo ppp pap local-user

Default

The local username and password for PAP authentication are blank on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

username: Specifies the username of the local device for PAP authentication, a case-sensitive string of 1 to 80 characters.

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 255 characters. Its encrypted form is a case-sensitive string of 1 to 373 characters.

Usage guidelines

For the local device to pass PAP authentication on the peer, make sure the username and password configured for the local device are also configured on the peer. You can configure the peer's username and password by using the local-user username and password { cipher | simple } string commands, respectively.

 

Examples

# Set the local username and password for PAP authentication to user1 and plaintext pass1 on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp pap local-user user1 password simple pass1

Related commands

local-user (User Access and Authentication Command Reference)

password (User Access and Authentication Command Reference)

ppp timer negotiate

Use ppp timer negotiate to set the PPP negotiation timeout time on an interface.

Use undo ppp timer negotiate to restore the default.

Syntax

ppp timer negotiate seconds

undo ppp timer negotiate

Default

The PPP negotiation timeout time is 3 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the negotiation timeout time in the range of 1 to 10 seconds.

Usage guidelines

In PPP negotiation, if the local device receives no response from the peer during the timeout time after it sends a packet, the local device sends the last packet again.

Examples

# Set the PPP negotiation timeout time to 5 seconds on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] ppp timer negotiate 5

remote address

Use remote address to configure an interface to assign an IP address to the client.

Use undo remote address to restore the default.

Syntax

remote address { ip-address | pool pool-name }

undo remote address

Default

An interface does not assign an IP address to the client.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address to be assigned to the client.

pool pool-name: Specifies a PPP or DHCP address pool by its name from which an IP address is assigned to the client. The pool name is a case-sensitive string of 1 to 31 characters.

Usage guidelines

This command can be used when the local interface is configured with an IP address, but the peer has no IP address. To enable the peer to accept the IP address assigned by the local interface (server), you must configure the ip address ppp-negotiate command on the peer to make the peer act as a client.

This command enables the local interface to forcibly assign an IP address to the peer. If the peer is not configured with the ip address ppp-negotiate command but configured with an IP address, the peer will not accept the assigned IP address. This results in an IPCP negotiation failure.

PPP supports IP address assignment from a PPP or DHCP address pool, but the PPP address pool takes precedence over the DHCP address pool. For example, if you use a pool name that identifies both a PPP address pool and a DHCP address pool, the system uses only the PPP address pool for address assignment.

To make the configuration of the remote address command take effect, configure this command before the ip address command, which triggers IPCP negotiation. If you configure the remote address command after the ip address command, the server assigns an IP address to the client during the next IPCP negotiation.

After you use the remote address command to assign an IP address to the client, you can configure the remote address command again or the undo remote address command for the peer. However, the new configuration does not take effect until the next IPCP negotiation.

Examples

# Specify the IP address to be assigned to the client as 10.0.0.1 on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] remote address 10.0.0.1

# Configure Virtual-Template 1 to assign an IP address from address pool aaa to the client.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] remote address pool aaa

Related commands

ip address ppp-negotiate

ip pool

remote address dhcp client-identifier

Use remote address dhcp client-identifier username to use the PPP usernames as the DHCP client IDs.

Use undo remote address dhcp client-identifier to restore the default.

Syntax

remote address dhcp client-identifier username

undo remote address dhcp client-identifier

Default

The PPP usernames are not used as the DHCP client IDs.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

This command uses PPP usernames as DHCP client IDs for DHCP pool address assignment. The DHCP pool can be an AAA-authorized address pool or an address pool configured by using the remote address command.

Configure this command when different users use different PPP usernames to come online and PPP usernames are required to be used as DHCP client IDs.

Examples

# Use the PPP usernames as the DHCP client IDs on Virtual-template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] remote address dhcp client-identifier username

reset ppp access-user

Use reset ppp access-user to log off a PPP user.

Syntax

reset ppp access-user { ip-address ipv4-address  | ipv6-address ipv6-address  | username user-name }

Views

User view

Predefined user roles

network-admin

Parameters

ip-address ipv4-address: Specifies a PPP user by its IPv4 address.

ipv6-address ipv6-address: Specifies a PPP user by its IPv6 address.

username user-name: Specifies a PPP user by username, a case-sensitive string of 1 to 80 characters.

Usage guidelines

This command takes effect only on the current login for a PPP user. The user can come online after it is logged off.

Examples

# Log off the PPP user at 192.168.100.2.

<Sysname> reset ppp access-user ip-address 192.168.100.2

Related commands

display ppp access-user

reset ppp compression iphc

Use reset ppp compression iphc to clear IPHC statistics.

Syntax

reset ppp compression iphc [ rtp | tcp ] [ interface interface-type interface-number ]

Views

User view

Predefined user roles

network-admin

Parameters

rtp: Clears IPHC RTP header compression statistics.

tcp: Clears IPHC TCP header compression statistics.

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify this option, the command clears IPHC statistics on all interfaces.

Usage guidelines

If neither rtp nor tcp is specified, this command clears both RTP header compression and TCP header compression statistics.

Examples

# Clear IPHC statistics on all interfaces.

<Sysname> reset ppp compression iphc

Related commands

display ppp compression iphc

timer-hold

Use timer-hold to set the keepalive interval on an interface.

Use undo timer-hold to restore the default.

Syntax

timer-hold seconds

undo timer-hold

Default

The keepalive interval is 10 seconds on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

seconds: Specifies the interval for sending keepalive packets, in the range of 0 to 32767 seconds. The value 0 disables an interface from sending keepalive packets. In this case, the interface can respond to keepalive packets from the peer.

Usage guidelines

An interface sends keepalive packets at keepalive intervals to detect the availability of the peer. If the interface receives no response to keepalive packets when the keepalive retry limit is reached, it determines that the link fails and reports a link layer down event.

To set the keepalive retry limit, use the timer-hold retry command.

On a slow link, increase the keepalive interval to prevent false shutdown of the interface. This situation might occur when keepalive packets are delayed because a large packet is being transmitted on the link.

Examples

# Set the keepalive interval to 20 seconds on Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] timer-hold 20

Related commands

timer-hold retry

timer-hold retry

Use timer-hold retry to set the keepalive retry limit on an interface.

Use undo timer-hold retry to restore the default.

Syntax

timer-hold retry retries

undo timer-hold retry

Default

The keepalive retry limit is 5 on an interface.

Views

Interface view

Predefined user roles

network-admin

Parameters

retries: Specifies the maximum number of keepalive attempts in the range of 1 to 255.

Usage guidelines

An interface sends keepalive packets at keepalive intervals to detect the availability of the peer. If the interface receives no response to keepalive packets when the keepalive retry limit is reached, it determines that the link fails and reports a link layer down event.

To set the keepalive interval, use the timer-hold command.

On a slow link, increase the keepalive retry limit to prevent false shutdown of the interface. This situation might occur when keepalive packets are delayed because a large packet is being transmitted on the link.

Examples

# Set the keepalive retry limit to 10 for Virtual-Template 1.

<Sysname> system-view

[Sysname] interface virtual-template 1

[Sysname-Virtual-Template1] timer-hold retry 10

Related commands

timer-hold


PPPoE commands

PPPoE server commands

display pppoe-server session packet

Use display pppoe-server session packet to display packet statistics for PPPoE sessions.

Syntax

display pppoe-server session packet [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface for centralized devices, the command displays packet statistics for PPPoE sessions on all interfaces.

Examples

# Display packet statistics for PPPoE sessions on VLAN-interface 1.

<Sysname> display pppoe-server session packet interface vlan-interface 1

Total PPPoE sessions: 2

 

  Ethernet interface: Vlan1                     Session ID: 1

  InPackets: 37                                 OutPackets: 38

  InBytes: 390                                  OutBytes: 406

  InDrops: 0                                    OutDrops: 0

 

  Ethernet interface: Vlan1                     Session ID: 2

  InPackets: 39                                 OutPackets: 40

  InBytes: 340                                  OutBytes: 496

  InDrops: 1                                    OutDrops: 2

Table 6 Command output

Field

Description

Ethernet interface

Interface where the PPPoE session is present.

Session ID

PPPoE session ID.

InPackets

Number of packets received.

OutPackets

Number of packets transmitted.

InBytes

Number of bytes received.

OutBytes

Number of bytes transmitted.

InDrops

Number of discarded incoming packets.

OutDrops

Number of discarded outgoing packets.

 

Related commands

display interface virtual-access

display pppoe-server session summary

Use display pppoe-server session summary to display summary PPPoE session information.

Syntax

display pppoe-server session summary [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface for centralized devices, the command displays summary PPPoE session information for all interfaces.

Usage guidelines

Summary PPPoE session information on a physical interface can be displayed only on the card where the interface resides. Summary PPPoE session information on a logical interface can be displayed on all cards.

Examples

# Display summary PPPoE session information on VLAN-interface 1.

<Sysname> display pppoe-server session summary interface vlan-interface 1

Total PPPoE sessions: 2

 

  Ethernet interface: Vlan1                    Session ID: 1

  PPP interface: VA1                           State: PADR_RCVD

  Remote MAC: 00e0-1500-7100                   Local MAC: 00e0-1400-7300

  Service VLAN: N/A                            Customer VLAN: N/A

 

  Ethernet interface: Vlan1                    Session ID: 2

  PPP interface: VA2                           State: OPEN

  Remote MAC: 00e0-1500-7100                   Local MAC: 00e014007400

  Service VLAN: 2                              Customer VLAN: 1

Table 7 Command output

Field

Description

Total PPPoE sessions

Total number of PPPoE sessions on physical interfaces and logical interfaces.

Local PPPoE sessions

Total number of PPPoE sessions on physical interfaces.

When an interface is specified, this field is not displayed.

Ethernet interface

Interface where the PPPoE session is present.

Session ID

PPPoE session ID.

PPP interface

Virtual access interface created for the PPPoE session.

State

PPPoE session state:

·     PADR RCVD—The PPPoE session is being negotiated.

·     Open—The PPPoE session has been successfully established.

RemoteMAC

MAC address of the remote end.

LocalMAC

MAC address of the local end.

Service VLAN

Service provider VLAN.

N/A means no service provider VLAN is available.

Customer VLAN

Customer VLAN.

N/A means no customer VLAN is available.

 

display pppoe-server throttled-mac

Use display pppoe-server throttled-mac to display information about blocked users.

Syntax

display pppoe-server throttled-mac [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, the command displays information about blocked users on all interfaces.

Examples

# Display information about blocked users on VLAN-interface 1.

<Sysname> display pppoe-server throttled-mac interface vlan-interface 1

Total 3 client MACs:

  Interface        Remote MAC     Start time           Remaining time(s)

  Vlan1            00e0-1500-4100 2010-12-01,12:10:30  55

  Vlan1            00e0-1500-4000 2010-12-01,12:10:40  65

  Vlan1            00e0-1500-3300 2010-12-01,12:10:50  75

Table 8 Command output

Field

Description

Interface

Interface at which the user is blocked.

Remote MAC

MAC address of the user.

Start time

Time to start blocking users.

Remaining time(s)

Time left for blocking users, in seconds.

 

Related commands

pppoe-server throttle per-mac

display pppoe-server va-pool

Use display pppoe-server va-pool to display information about VA pools.

Syntax

display pppoe-server va-pool

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display information about VA pools.

<Sysname> display pppoe-server va-pool

VT interface         Size      Unused/State

Virtual-Template1    1000      900

Virtual-Template2    1000      Creating

Table 9 Command output

Field

Description

VT interface

Virtual-Template interface that uses the VA pool.

Unused/State

VA pool capacity available for PPP users/current state of the VA pool.

·     Creating—The VA pool is being created.

·     Destroying—The VA pool is being removed.

 

Related commands

pppoe-server virtual-template va-pool

ppp lcp echo mru verify

Use ppp lcp echo mru verify to enable maximum receive unit (MRU) verification for PPPoE on a VT interface.

Use undo ppp lcp echo mru verify to disable MRU verification for PPPoE.

Syntax

ppp lcp echo mru verify [minimum value ]

undo ppp lcp echo mru verify

Default

MRU verification for PPPoE is disabled on a VT interface.

Views

VT interface view

Predefined user roles

network-admin

Parameters

minimum value: Specifies the minimum MRU in the range of 64 to 1500 bytes.

Usage guidelines

To support an MTU larger than 1492, PPPoE adds the PPP-Max-Payload option during PPPoE negotiation. This option identifies the MTU for the current PPPoE session. If the MTU is larger than 1492, PPP uses the MTU as the MRU during LCP negotiation, and reports the MTU after negotiation.

MRU verification prevents the negotiated MRU from exceeding the receiving and sending capabilities of the interface. If the negotiated MRU is larger than 1492, the PPPoE server sends an echo request that has the same size as the negotiated MRU. If the PPPoE server receives a reply, it uses the MRU as the MTU. If the PPPoE server fails to receive a reply, the following situations occur:

·     If the minimum MRU is configured, the PPPoE server sends a packet that has the same size as the minimum MRU.

·     If the minimum MRU is not configured, the PPPoE server sends a packet that has the same size as the negotiated MRU.

If the second verification still fails, the PPPoE server tears down the link.

NCP negotiation starts after the MRU verification succeeds.

Examples

# Enable MRU verification for PPPoE and set the minimum MRU to 1200 bytes on Virtual-Template 10.

<Sysname> system-view

[Sysname] interface virtual-template 10

[Sysname-Virtual-Template10] ppp lcp echo mru verify minimum 1200

pppoe-server access-delay

Use pppoe-server access-delay to set the response delay time on an interface.

Use undo pppoe-server access-delay to restore the default.

Syntax

pppoe-server access-delay delay-time

undo pppoe-server access-delay

Default

No response delay time is set on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

delay-time: Specifies the response delay time, in the range of 10 to 25500 milliseconds.

Usage guidelines

The system responds to the first packet of a PPP connection on the interface after the configured delay time elapses.

Examples

# Set the response delay time to 100 milliseconds on GigabitEthernet 1/0/2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-delay 100

pppoe-server access-line-id bas-info

Use pppoe-server access-line-id bas-info to configure the NAS-Port-ID attribute to automatically include BAS information on an interface.

Use undo pppoe-server access-line-id bas-info to restore the default.

Syntax

pppoe-server access-line-id bas-info [ cn-163 ]

undo pppoe-server access-line-id bas-info

Default

The NAS-Port-ID attribute does not automatically include BAS information on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

cn-163: Specifies the China Telecom 163 format for the BAS information. If you do not specify this keyword, BAS information in the China Telecom format is included.

Usage guidelines

he bas-info formats include China Telecom and China Telecom 163.

The China Telecom format is { eth|trunk} NAS_slot/NAS_subslot/NAS_port:XPI.XCI. The format refers to the user access interface information on the BAS device, including upstream interface, VLAN, and VPI/VCI information. When Ethernet/DSL is used, XPI.XCI refers to VLAN information.

For example, eth 1/0/1:4096.2345 includes the following user access interface information:

·     The type of the upstream interface is Ethernet interface.

·     The interface is located at slot 1, subslot 0, and port 1.

·     The outer VLAN ID is 4096 (which means an invalid VLAN), and the inner VLAN ID is 2345.

Table 10 shows the China Telecom 163 format, where:

·     NAS_slot, NAS_subslot, and NAS_port refer to the numbering information of the PPPoE user access interface on the BAS device.

·     vpi and vci refer to VPI and VCI information.

·     vlanid and vlanid2 refer to inner VLAN and outer VLAN, respectively. The value for the vlanid of the primary interface is fixed at 0.

Table 10 BAS information in China Telecom 163 format

Interface type

Format

Primary interface or interface that does not carry inner VLAN or outer VLAN information.

slot=NAS_slot;subslot=NAS_subslot;port=NAS_port;vlanid=VLAN id;

Interface that carries inner VLAN and outer VLAN information.

slot=NAS_slot;subslot=NAS_subslot;port=NAS_port;vlanid=VLAN id;vlanid2=VLAN id2;

This command determines the content of the NAS-Port-ID attribute that the PPPoE server delivers to the RADIUS server.

·     If the cn-163 keyword is specified, the PPPoE server automatically inserts the corresponding BAS information before the parsed circuit-id. Then it sends the combination of the bas-info and circuit-id as the NAS-Port-ID attribute to the RADIUS server.

·     If the cn-163 keyword is not specified, the PPPoE server creates a new circuit-id in China Telecom format. Then it sends the new circuit-id as the NAS-Port-ID attribute to the RADIUS server. The new circuit-id contains the corresponding BAS information and the DSLAM user access information in the original circuit-id.

If this command is not executed, the NAS-Port-ID attribute that the PPPoE server delivers to the RADIUS server is determined by the pppoe-server access-line-id content command.

The RADIUS server cannot correctly parse a NAS-Port-ID attribute that includes the remote-id and BAS information. When you configure this command together with the pppoe-server access-line-id trust command, make sure the NAS-Port-ID attribute sent to the RADIUS sever does not include the remote-id.

Examples

# Configure the NAS-Port-ID attribute to automatically include BAS information on GigabitEthernet 1/0/2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id bas-info

Related commands

pppoe-server access-line-id circuit-id parse-mode

pppoe-server access-line-id content

pppoe-server access-line-id trust

pppoe-server access-line-id circuit-id parse-mode

Use pppoe-server access-line-id circuit-id parse-mode to configure the format that an interface uses to parse the circuit-id in the access line ID.

Use undo pppoe-server access-line-id circuit-id parse-mode to restore the default.

Syntax

pppoe-server access-line-id circuit-id parse-mode { cn-telecom | tr-101 }

undo pppoe-server access-line-id circuit-id parse-mode

Default

An interface uses the TR-101 format to parse the circuit-id.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

cn-telecom: Specifies China Telecom format.

tr-101: Specifies TR-101 format.

Usage guidelines

The circuit-id formats include TR-101 and China Telecom.

The TR-101 format is Access-Node-Identifier eth slot/port[:vlan-id] for Ethernet/DSL. The entire ID refers to the user access information on the DSLAM, where

·     Access-Node-Identifier refers to the identifier of the DSLAM.

·     The remainder refers to information about the user access interface on the DSLAM.

The China Telecom format is AccessNodeIdentifier/ANI_rack/ANI_frame/ANI_slot/ANI_subslot/ANI_port[:ANI_XPI.ANI_XCI]. The format refers to user access information on the DSLAM, including DSLAM identifier and user access interface.

For example, the circuit-id guangzhou001/1/31/63/31/127 includes the following information:

·     The identifier of the access node DSLAM is guangzhou001.

·     The rack number of the DSLAM is 1.

·     The user access interface is located at port 127, subslot 31, slot 63, and frame 31.

Examples

# Configure GigabitEthernet 1/0/2 to use China Telecom format to parse the circuit-id.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id circuit-id parse-mode cn-telecom

Related commands

pppoe-server access-line-id circuit-id trans-format

pppoe-server access-line-id circuit-id trans-format

Use pppoe-server access-line-id circuit-id trans-format to configure the transmission format for the circuit-id in access line ID on an interface.

Use undo pppoe-server access-line-id circuit-id trans-format to restore the default.

Syntax

pppoe-server access-line-id circuit-id trans-format { ascii | hex }

undo pppoe-server access-line-id circuit-id trans-format

Default

The transmission format for the circuit-id in access line ID is a string of characters on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

ascii: Specifies the character string format. For example, the circuit-id 00010002 is transmitted in the form of 01 08 30 30 30 31 30 30 30 32.

hex: Specifies the hexadecimal format. For example, the circuit-id 00010002 is transmitted in the form of 01 04 00 01 00 02.

Examples

# Configure GigabitEthernet 1/0/2 to use the hexadecimal format to transmit the circuit-id.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id circuit-id trans-format hex

pppoe-server access-line-id content

Use pppoe-server access-line-id content to configure the content of the NAS-Port-ID attribute delivered to the RADIUS server on an interface.

Use undo pppoe-server access-line-id content to restore the default.

Syntax

pppoe-server access-line-id content { all [ separator ] | circuit-id | remote-id }

undo pppoe-server access-line-id content

Default

The NAS-Port-ID attribute contains only the circuit-id on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

all: Sends both the circuit-id and remote-id.

separator: Specifies a separator that is one character long. By default, the value is a blank space. The circuit-id and remote-id are connected by the separator.

circuit-id: Sends only the circuit-id.

remote-id: Sends only the remote-id.

Usage guidelines

The PPPoE server on a BAS device uses the RADIUS NAS-Port-ID attribute to send the access line ID received from a DSLAM device to the RADIUS server. The access line ID contains the circuit-id and remote-id. The RADIUS server compares the received NAS-Port-ID attribute with the local line ID information to verify the location of the user.

For more information about the circuit-id, see the pppoe-server access-line-id circuit-id parse-mode command.

For more information about the remote-id, see pppoe-server access-line-id remote-id trans-format the command.

Do not use a character that exists in the circuit-id or remote-id as the separator. Otherwise, the RADIUS server might fail to parse the ID information.

This command determines the content of the NAS-Port-ID attribute only when the pppoe-server access-line-id bas-info command is not configured. Otherwise, the pppoe-server access-line-id bas-info command determines the content of the NAS-Port-ID attribute.

Examples

# Configure GigabitEthernet 1/0/2 to deliver only the circuit-id to the RADIUS server.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id content circuit-id

Related commands

pppoe-server access-line-id bas-info

pppoe-server access-line-id circuit-id parse-mode

pppoe-server access-line-id remote-id trans-format

pppoe-server access-line-id remote-id trans-format

Use pppoe-server access-line-id remote-id trans-format to configure the transmission format for the remote-id in the access line ID on an interface.

Use undo pppoe-server access-line-id remote-id trans-format to restore the default.

Syntax

pppoe-server access-line-id remote-id trans-format { ascii | hex }

undo pppoe-server access-line-id remote-id trans-format

Default

The transmission format for the remote-id is a string of characters on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

ascii: Specifies the character string format.

hex: Specifies the hexadecimal format.

Usage guidelines

The remote-id is the system MAC address of a PPPoE relay device (for example, DSLAM). It can be transmitted in character strings or hexadecimal format.

Examples

# Configure GigabitEthernet 1/0/2 to use the hexadecimal format to transmit the remote-id.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id remote-id trans-format hex

pppoe-server access-line-id trust

Use pppoe-server access-line-id trust to configure the PPPoE server to trust the access line ID in received packets on an interface.

Use undo pppoe-server access-line-id trust to restore the default.

Syntax

pppoe-server access-line-id trust

undo pppoe-server access-line-id trust

Default

The PPPoE server does not trust the access line ID in received packets on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Usage guidelines

This command enables the PPPoE server to parse the circuit-id and remote-id in a received packet, and creates a new circuit-id and remote-id. If the PPPoE server fails to parse the circuit-id or remote-id in a PADR packet, it discards the packet and does not return a PADS packet.

If this command is not executed, the PPPoE server does not parse the circuit-id and remote-id in a received packet. The contents of both the new circuit-id and the remote-id are null.

Examples

# Configure GigabitEthernet 1/0/2 to trust the access line ID in received packets.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server access-line-id trust

Related commands

pppoe-server access-line-id circuit-id parse-mode

pppoe-server bind

Use pppoe-server bind to enable the PPPoE server on an interface and bind the interface to a VT interface.

Use undo pppoe-server bind to disable the PPPoE server on an interface.

Syntax

pppoe-server bind virtual-template number

undo pppoe-server bind

Default

The PPPoE server is disabled on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

virtual template number: Specifies a VT interface by its number. The value range for the number argument is 0 to 1023.

 

 

Usage guidelines

A PPPoE server-enabled interface can be bound to a nonexistent VT interface.

If the interface has been bound to a VT interface, you cannot use this command to bind the interface to another VT interface. To do that, disable the PPPoE server on the interface first.

Examples

# Enable the PPPoE server on GigabitEthernet 1/0/2 and bind the interface to Virtual-Template 1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server bind virtual-template 1

pppoe-server session-limit

Use pppoe-server session-limit to set the maximum number of PPPoE sessions on an interface.

Use undo pppoe-server session-limit to restore the default.

Syntax

pppoe-server session-limit number

undo pppoe-server session-limit

Default

The number of PPPoE sessions on an interface is not limited.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of PPPoE sessions on an interface, in the range of 1 to 65534.

Usage guidelines

PPPoE can establish a session when none of the following limits are reached:

·     Limit for a user on an interface.

·     Limit for a VLAN on an interface.

·     Limit on an interface.

·     Limit on a device.

New maximum number settings only apply to subsequently established PPPoE sessions.

Examples

# Set the maximum number of PPPoE sessions on GigabitEthernet 1/0/2 to 50.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server session-limit 50

Related commands

pppoe-server session-limit per-mac

pppoe-server session-limit per-vlan

pppoe-server session-limit total

pppoe-server session-limit per-mac

Use pppoe-server session-limit per-mac to set the maximum number of PPPoE sessions for a user on an interface.

Use undo pppoe-server session-limit per-mac to restore the default.

Syntax

pppoe-server session-limit per-mac number

undo pppoe-server session-limit per-mac

Default

A user can create a maximum of 100 PPPoE sessions on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of PPPoE sessions for a user, in the range of 1 to 65534.

Usage guidelines

A user is identified by a MAC address.

PPPoE can establish a session when none of the following limits are reached:

·     Limit for a user on an interface.

·     Limit for a VLAN on an interface.

·     Limit on an interface.

·     Limit on a device.

New maximum number settings only apply to subsequently established PPPoE sessions.

Examples

# Set the maximum number of PPPoE sessions for a user on GigabitEthernet 1/0/2 to 50.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server session-limit per-mac 50

Related commands

pppoe-server session-limit

pppoe-server session-limit per-vlan

pppoe-server session-limit total

pppoe-server session-limit per-vlan

Use pppoe-server session-limit per-vlan to set the maximum number of PPPoE sessions for a VLAN on an interface.

Use undo pppoe-server session-limit per-vlan to restore the default.

Syntax

pppoe-server session-limit per-vlan number

undo pppoe-server session-limit per-vlan

Default

The number of PPPoE sessions for a VLAN on an interface is not limited.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of PPPoE sessions for a VLAN, in the range of 1 to 65534.

Usage guidelines

PPPoE can establish a session when none of the following limits are reached:

·     Limit for a user on an interface.

·     Limit for a VLAN on an interface.

·     Limit on an interface.

·     Limit on a device.

New maximum number settings only apply to subsequently established PPPoE sessions.

Examples

# Set the maximum number of PPPoE sessions for a VLAN to 50 on VLAN-interface 2.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] pppoe-server session-limit per-vlan 50

Related commands

pppoe-server sessions limit

pppoe-server sessions limit per-mac

pppoe-server sessions limit total

pppoe-server session-limit total

Use pppoe-server session-limit total to set the maximum number of PPPoE sessions on a device.

Use undo pppoe-server session-limit total to restore the default.

Syntax

pppoe-server session-limit total number

undo pppoe-server session-limit total

Default

The number of PPPoE sessions on a device is not limited.

Views

System view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of PPPoE sessions on a device, in the range of 1 to 65534.

Usage guidelines

PPPoE can establish a session when none of the following limits are reached:

·     Limit for a user on an interface.

·     Limit for a VLAN on an interface.

·     Limit on an interface.

·     Limit on a device.

The maximum number of PPPoE sessions on a device or on a card is also limited by the device specification. If the configured number is larger than the device specification, the device specification applies.

New maximum number settings only apply to subsequently established PPPoE sessions.

Examples

# Set the maximum number of PPPoE sessions on a device to 3000.

<Sysname> system-view

[Sysname] pppoe-server session-limit total 3000

Related commands

pppoe-server session-limit

pppoe-server session-limit per-mac

pppoe-server session-limit per-vlan

pppoe-server tag ac-name

Use pppoe-server tag ac-name to set the access concentrator (AC) name for the PPPoE server on an interface.

Use undo pppoe-server tag ac-name to restore the default.

Syntax

pppoe-server tag ac-name name

undo pppoe-server tag ac-name

Default

The AC name for the PPPoE server is the device name on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

name: Specifies an AC name, a case-sensitive string of 1 to 64 characters.

Usage guidelines

The PPPoE server sends its AC name in PADO packets. PPPoE clients choose a PPPoE server by AC name. The PPPoE clients on H3C devices cannot identify PPPoE servers by AC name.

The device does not support an AC name comprised of all blank spaces.

Examples

# Specify the AC name for the PPPoE server on GigabitEthernet 1/0/2 as pppoes.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server tag ac-name pppoes

pppoe-server tag ppp-max-payload

Use pppoe-server tag ppp-max-payload to enable the PPPoE server to support the ppp-max-payload tag and set a range for the tag on an interface.

Use undo pppoe-server tag ppp-max-payload to restore the default.

Syntax

pppoe-server tag ppp-max-payload [ minimum min-number maximum max-number ]

undo pppoe-server tag ppp-max-payload

Default

The PPPoE server does not support ppp-max-payload tag on an interface. The PPPoE server ignores the ppp-max-payload tag in PADI or PADS packets from clients, and returns a PADO or PADS packets without the ppp-max-payload tag.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

minimum min-number: Specifies the minimum value for the PPP maximum payload, in the range of 64 to 4470 bytes. The default value is 1492 bytes.

maximum max-number: Specifies the maximum value for the PPP maximum payload, in the range of 64 to 4470 bytes. The default value is 1500 bytes. The max-number argument must be equal or greater than the min-number argument.

Usage guidelines

This command enables the PPPoE server to forward large PPP packets with a payload larger than 1492 bytes and reduces fragmentation. If the ppp-max-payload tag sent by the PPPoE client is within the tag range, the PPPoE server returns a PADO or PADS packet that includes the tag. If not, the PPPoE server considers the received packets invalid, and it does not return a PADO or PADS packet.

The jumboframe enable command can change the size of jumbo frames supported by the interface. The maximum size of the jumbo frames configured by the jumboframe enable command should be larger than the maximum value configured by the pppoe-server tag ppp-max-payload command.

Examples

# Enable the PPPoE server to support the ppp-max-payload tag and set the value for the PPP maximum payload to be in the range of 1494 to 1580 bytes on GigabitEthernet 1/0/2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server tag ppp-max-payload minimum 1494 maximum 1508

Related commands

jumboframe enable (Interface Command References)

pppoe-server tag service-name

Use pppoe-server tag service-name to set a service name for a PPPoE server on an interface.

Use undo pppoe-server tag service-name to restore the default.

Syntax

pppoe-server tag service-name name

undo pppoe-server tag service-name

Default

A PPPoE server does not have a service name.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

name: Specifies a service name, a case-sensitive string of 1 to 64 characters.

Usage guidelines

Service names identify the traffic destined for PPPoE servers when multiple PPPoE servers are providing services on the network. A PPPoE client establishes a session with the target PPPoE server by using the following process:

1.     The client broadcasts a PADI packet.

2.     The server compares its service name with the service-name tag field of the PADI packet. The server sends a PADO packet to the client if either of the following conditions exists:

¡     The field matches the service name.

¡     No service name is configured.

3.     The client sends a PADR packet to the server.

4.     The server compares its service name with the service-name tag field of the PADR packet. The server sends a PADS packet and sets up a session with the client if either of the following conditions exists:

¡     The field matches the service name.

¡     No service name is configured.

Examples

# Set the service name to pppoes for the PPPoE server on GigabitEthernet 1/0/2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server tag service-name pppoes

pppoe-server throttle per-mac

Use pppoe-server throttle per-mac to set the PPPoE access limit on an interface.

Use undo pppoe-server throttle per-mac to restore the default.

Syntax

pppoe-server throttle per-mac session-requests session-request-period blocking-period

undo pppoe-server throttle per-mac

Default

The PPPoE access rate is not limited on an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

session-requests: Specifies the maximum number of PPPoE session requests from a user within the monitoring time. The value range is 1 to 100000.

session-request-period: Specifies the monitoring time in the range of 1 to 3600 seconds.

blocking-period: Specifies the blocking time in the range of 1 to 3600 seconds.

Usage guidelines

This command limits the rate at which a user (identified by MAC address) can create PPPoE sessions on an interface. If the number of PPPoE requests within the monitoring time exceeds the configured threshold, the device discards the excessive requests, and outputs log messages. If the blocking time is set to 0, the device does not block any requests, and it only outputs log messages.

The device uses a monitoring table and a blocking table to control PPP access rates.

·     Monitoring table—Stores a maximum of 8000 monitoring entries. Each entry records the number of PPPoE sessions created by a user within the monitoring time. When the monitoring entries reach the maximum, the system stops monitoring and blocking session requests from new users. The aging time of monitoring entries is determined by the session-request-period argument. When the timer expires, the system starts a new round of monitoring for the user.

·     Blocking table—Stores a maximum of 8000 blocking entries. The system creates a blocking entry if the access rate of a user reaches the threshold, and blocks requests from that user. When the blocking entries reach the maximum, the system stops blocking session requests from new users and it only outputs log messages. The aging time of the blocking entries is determined by the blocking-period argument. When the timer expires, the system starts a new round of monitoring for the user.

If the access rate setting is changed, the system removes all monitoring and blocking entries, and uses the new settings to limit PPPoE access rates.

Examples

# Limit the rate at which a user can create PPPoE sessions on GigabitEthernet 1/0/2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] pppoe-server throttle per-mac 100 100 5

Related commands

display pppoe-server throttled-mac

pppoe-server virtual-template va-pool

Use pppoe-server virtual-template va-pool to configure a VA pool.

Use undo pppoe-server virtual-template va-pool to remove a VA pool.

Syntax

pppoe-server virtual-template template-number va-pool va-volume

undo pppoe-server virtual-template template-number va-pool

Default

No VA pool is configured.

Views

System view

Predefined user roles

network-admin

Parameters

virtual-template template-number: Specifies an existing VT interface to use the VA pool.

va-pool va-volume: Specifies the maximum number of VA interfaces contained in the VA pool, in the range of 1 to 65534.

Usage guidelines

The PPPoE server creates a VA interface for a PPPoE session to transmit packets between PPPoE and PPP, and removes the VA interface when the user goes offline. Creating and removing VA interfaces take time.

You can configure VA pools to improve the performance of PPPoE session establishment and termination. A VA pool contains a group of automatically numbered VA interfaces. The PPPoE server selects a VA interface from the pool for a requesting user and release the VA interface  when the user goes offline. When a VA pool is exhausted, the system creates VA interfaces for new PPPoE sessions, and removes those VA interfaces when the users go offline.

On a VT interface, you can create one global VA pool and one regional VA pool per member device for interfaces bound with the VT interface.

·     The global VA pool contains VA interfaces for logical interfaces that might span multiple devices, such as Ethernet aggregate interfaces.

·     The regional VA pool contains VA interfaces for interfaces that do not span multiple devices, such as Ethernet interfaces.

When you configure a VA pool, follow these guidelines:

·     To change the capacity of a VA pool, you must delete the previous configuration, and reconfigure the VA pool.

·     Creating or removing a VA pool takes time. During the process of creating or removing a VA pool, users can go online or offline, but the VA pool does not take effect.

·     If the system fails to create a VA pool because of insufficient resources, you can view the available resources by using the display pppoe-server va-pool command.

·     VA pools are memory intensive. Set their capacity depending on your network requirements.

·     Deleting a VA pool does not log off the users who are using VA interfaces in the VA pool.

Examples

# Create a VA pool with a capacity of 1000 VA interfaces on Virtual-Template 2.

<Sysname> system-view

[Sysname] pppoe-server virtual-template 2 va-pool 1000

Related commands

display pppoe-server va-pool

reset pppoe-server

Use reset pppoe-server to clear PPPoE sessions on the PPPoE server.

Syntax

reset pppoe-server { all | interface interface-type interface-number | virtual-template number }

Views

User view

Predefined user roles

network-admin

Parameters

all: Clears all PPPoE sessions.

interface interface-type interface-number: Specifies an interface by its type and number.

virtual-template number: Specifies a VT interface by its number.

Examples

# Clear established sessions on Virtual-template 1 on the PPPoE server.

<Sysname> reset pppoe-server virtual-template 1