实验4 L0000010L2TP实验中文版v11Word下载.docx
《实验4 L0000010L2TP实验中文版v11Word下载.docx》由会员分享,可在线阅读,更多相关《实验4 L0000010L2TP实验中文版v11Word下载.docx(12页珍藏版)》请在冰豆网上搜索。
[rt1-Serial0]undoipaddress
[rt1-Serial0]ppppaplocal-useruser1@passwordsimplebb
[rt1-Serial0]ipaddressppp-negotiate
路由器RT2的配置:
[rt2]local-useruser1@passwordsimplebb//配置用户列表
[rt2]l2tpenable//允许VPDN功能
[rt2]aaa-enable//允许AAA验证
[rt2]aaaauthentication-schemepppdefaultlocal
[rt2]aaaaccounting-schemeoptional
[rt2]interfaceSerial0
[rt2-Serial0]ipaddress202.98.0.1255.255.0.0
[rt2-Serial0]interfaceserial1
[rt2-Serial1]pppauthentication-modepap
[rt2-Serial1]quit
[rt2]l2tp-group1//创建VPDN组
[rt2-l2tp1]startl2tpip202.98.0.2fullusernameuser1@
[rt2-l2tp1]tunnelnamelac
[rt2-l2tp1]tunnelauthentication
[rt2-l2tp1]tunnelpasswordsimpleasd
路由器RT3的配置:
[rt3]local-useruser1@passwordsimplebb
[rt3]l2tpenable
[rt3]ippool1172.31.0.2172.31.0.10//配置本地地址池
[rt3]interfaceSerial0
[rt3-Serial0]ipaddress202.98.0.2255.255.0.0
[rt3-Serial0]quit
[rt3]aaa-enable
[rt3]aaaauthentication-schemepppdefaultlocal
[rt3]aaaaccounting-schemeoptional
[rt3-Serial0]interfaceVirtual-Template1//创建逻辑接口Virtual-Template
[rt3-Virtual-Template1]ipaddress172.31.0.1255.255.0.0
[rt3-Virtual-Template1]pppauthentication-modepap
[rt3-Virtual-Template1]remoteaddresspool1
[rt3-Virtual-Template1]quit
[rt3]l2tp-group1
[rt3-l2tp1]allowl2tpvirtual-template1remotelac
[rt3-l2tp1]tunnelnamelns
[rt3-l2tp1]tunnelauthentication
[rt3-l2tp1]tunnelpasswordsimpleasd
2.下面我们来观察一下L2TP的隧道建立流程。
首先在RT2和RT3上用“debuggingl2tpcontrol”命令打开控制报文调试开关,然后在RT1上ping172.31.0.1。
下面是在RT2上可以看到的有关隧道建立的调试信息:
[rt2]debuggingl2tpcontrol
L2TP:
:
PutAVPMessageType:
START_CONTROL_CONNECTION_REQUEST
L2TP:
PutAVPProtocolversion:
100
PutAVPHostname:
lac
PutAVPVendorname:
HuaWei
PutAVPFramingcapability:
3
PutAVPAssignedTunnelID:
1
PutAVPReceivewindowsize:
60
PutAVPChallenge:
00278100446B00794B0015FB
Tunnel1Create60secondsHellotimer
OTunnel1SendSCCRQ
ProcPeercontroltype=2,len=117
ITunnel1rcvSCCRPinstate2
Tunnel1Resume60secondHellotimer
CheckSCCRPMSGType2
ParseAVPProtocolversion,value:
ParseAVPFramingcapability,value:
3
ParseAVPHostname,value:
lns
ParseAVPRemotetunnelID:
ParseAVPBearercapability,value:
ParseAVPReceivewindowsize:
ParseAVPChallenge,Value:
00278100446B00794B0015
FB
ParseAVPChallengeresponse:
ED1EC5D1BCD329D26CBB3B23A4A
85F
START_CONTROL_CONNECTION_CONNECTED
//表示隧道已经成功建立起来了
PutAVPChallengeresponse:
44FC62BC45C19F1CA4971FA12ED1B5
6
OTunnel1sendSCCCNtotunnel1
Tunnel1StartWaitingCalls
INCOMING_CALL_REQUEST
PutAVPAssignedcallID:
PutAVPCallserialnumber:
PutAVPBearertype:
PutAVPPhysicalchannelnumber:
0
OCall1sendINCOMING_CALL_REQUEST.
ProcPeercontroltype=11,len=28
ICall1RecvICRPinstate4fromCall0
CheckICRPMSGTYPE=11
ParseAVPremotecallID:
INCOMING_CALL_CONNECTED
//表示会话已经成功建立
PutAVPTxconnectspeed:
64000
PutAVPFramingtype:
PutAVPInitialreceivedLCPoptions.
PutAVPLastsentLCPoptions.
PutAVPLastreceivedLCPoptions.
PutAVPProxyauthentype:
PutAVPProxyauthenName:
user1@
PutAVPProxyauthenID:
ParseAVPProxyauthenticateresponse:
6262
PutAVPProxyprivategroupnumber:
PutAVPRxconnectspeed:
OCall1sendICCNtoRemoteCall1
ProcPeercontrollen=12
Tunnel1Hellotimer60secondexpired
HELLO
Tunnel1sendctrlmsg:
Hello
ProcPeercontroltype=6,len=20
ITunnel1rcvHelloinstate4
下面是在RT3上显示的调试信息:
[rt3]debuggingl2tpcontrol
RecvaSCCRQorStopCCNpasstoupperlayer
ProcPeercontroltype=1,len=97
Tunnel1rcvSCCRQinstate1from202.98.0.1
CheckSCCRQMSGType1
ParseAVPProtocolversion:
TunnelPasswordinL2tpGroup:
asd
%03:
30:
16:
LineprotocoliponinterfaceVirtual-Template1(Virtual-Template1:
0),
changedstatetoUP
ParseAVPVendorname,value:
ParseAVPFramingcapability:
ParseAVPRemotecallnumber,value:
ParseAVPReceivewindowsize,value:
ParseAVPChallenge,value:
000027810000446b0000794b000015
fb
START_CONTROL_CONNECTION_REPLY
PutAVPBearercapability:
ED1EC5D1BCD329D26CBB3B23A4A85
F
OTunnel1sendSTART_CONTROL_CONNECTION_REPLYtoTunnel1
ProcPeercontroltype=3,len=42
Tunnel1rcvSCCCNinstate3
CheckSCCCNMSGType3
ParseAVPChallengeresponse
44FC62BC45C19F1CA4971FA12ED1B56
Tunnel1StartWaitingCalls
//表示隧道已经成功建立
ProcPeercontroltype=10,len=58
Call1recvICRQinstate2fromCall0
CheckICRQMSGType10
ParseAVPRemotecallID1
ParseAVPCallserialnumber:
ParseAVPBearertype:
ParseAVPPhysicalchannelID:
INCOMING_CALL_REPLY
Call1sendINCOMING_CALL_REPLYtoRemoteCall1
ProcPeercontroltype=12,len=158
Call1rcvICCNinstate5fromRemoteCall1
CheckICCNMSGType12
ParseAVPTxconnectspeed:
ParseAVPFramingtype:
ParseAVPInitialrecvlcpconfigrequest:
145DC563071F92
ParseAVPLastsentlcpconfigrequest:
145DC34C02356ED
37D63
ParseAVPLastreceivedlcpconfigrequest:
ParseAVPProxyauthenticatetype3.
ParseAVPProxyauthenticatename:
user1@
ParseAVPProxyauthenID:
16170092
ParseAVPPrivategroupID.
ParseAVP(Rx)connectspeed64000
另外,我们还可以在RT2和RT3上通过“displayl2tptunnel”命令来看隧道是否已经建立起来了,下面隧道建立后显示的信息:
[rt2]displayl2tptunnel
LocalIDRemoteIDReNameRemAddressSessionsPort
11lns202.98.0.211701
Totaltunnel=1
同样,我们可以在RT2和RT3上通过“displayl2tpsession”命令来看会话是否建立起来,下面是会话建立后显示的信息:
[rt2]displayl2tpsession
LocalIDRemoteIDTunnelID
111
Totalsession=1
3.下面我们来观察一下L2TP的隧道和会话的拆除过程。
首先在RT1的serial0接口上执行“shutdown”命令,然后在RT2上可以看到下面的调试信息:
[rt2]debuggingl2tpcontrol
%04:
26:
23:
InterfaceSerial1changedstatetoDOWN
CALL_DISCONNECT_NOTIFY
PutAVPResultcode:
LOSS_OF_CARRIER
OCall1sendCALL_DISCONNECT_NOTIFY
CleanCallStructureID=1
OTunnel1SendStopCCNtoTunnel1
STOP_CONTROL_CONNECTION_NOTIFICATION
LOSS_OF_CARRIER
在RT3上可以看到如下的调试信息:
[rt3]debuggingl2tpcontrol
06:
48:
changedstatetoDOWN
ProcPeercontroltype=14,len=38
ICall1recvCDNinstate9fromRemoteCall
CheckCDNMSGType14
ParseAVPResultcode:
ParseAVPRemotecallID:
ProcPeercontroltype=4,len=38
ITunnel1recvStopCCNinstate4
CheckStopCCNmsgtype4
ParseAVPRemoteTunnelID:
ParseAVPResultcode:
ResetCallsOnTunnelID=1Reason=0
L2T
升级会员 