vBNG on XRv 9000
Introduction
Now Cisco had integrated BNG feature to XRv9000 platform in new version (from 631), that can let customer integrade the feature in their NFVI Infrastructure, that will flexible deploy the BNG in same Server Box. And the article will set up a simple vBNG environment that build by VIRL + XRv9000, and simple test IPoE/PPPoE. That environment will help you to easy TS vBNG PI issue, and packets paths.
Prerequisites
- BNG
- You need to understand what is BNG, how to deploy
- Platform
- I am not use openstack/kvm, only use VIRL that easy to deploy Demo/Poc. If you have openstack/kvm, I suppose you need to design network and boot server and client by Ubuntu/Centos ISO, that will mostly like customer real network
- Linux
- Due to VIRL integrate linux server is Ubuntu, so you need to know how to do basic operation on Ubuntu platform.
- XRv9k
- BNG packaging on XRV9K is enabled only on full & fullk9 .ISO/OVA, support from 631, I use the 641 37I
- limitation for vBNG in 641, not include all, you can check XRv9k 641 CCO doc for detail info. Follow feature maybe support in future version.
- not support VRF
- not support bba-group in PPPoE
- not support RP based session, IPoE/PPPoE
- QOS have limit support
Configure
Topology
DHCP/Radius Server/Client
Customize utuntu Cloud image in VIRL
I had builded a customize ubuntu clould image that include dhcp and freeradius service, you can upload the image to VIRL, then set up topology in VIRL. And choose correct image, as follow example:
Attention: If you want to build self ubuntu cloud image, you can link server to outside by flat port in VIRL, then update source and apt-get install the software. Then create snapshot by follow, then find the image from VIRL server, then you can share to other guys~:-)
Generate/Modify initial config by AutoNekit
You can change eth config before server boot, and add default gw, or disable eth0 by “ifconfig eth0 down”:
Enable/Modify Service
- DHCP
- change dhcp config in “/etc/dhcp/dhcpd.conf”
- check log in “/var/log/syslog”
- enable service by “sudo dhcpd -d &“
- Radius
- stop default service first by “service freeradius stop“
- after stop, you can enable debug mode by “freeradius -X &“
- “user” and “client.conf” in this path “/etc/freeradius/”
- IPoE Client
- you can renew the dhcp address by “dhclient -nw“
- PPPoE Client
- Run “sudo pppoeconf”
- dialer by “pon dsl-provider”
- stop connection by “poff”
- check dialer log by “plog”
IPoE/PPPoE Configurations in XRv9k
RP/0/RP0/CPU0:vBNG1#sh run
Sat Mar 17 08:07:44.989 UTC
Building configuration...
!! IOS XR Configuration version = 6.4.1.37I
!! Last configuration change at Sat Mar 17 04:17:02 2018 by CVAC
!
! IOS-XR9000v Config generated on 2018-03-15 08:00
! by autonetkit_0.23.5
hostname vBNG1
radius-server host 10.0.128.6 auth-port 1812 acct-port 1813
key 7 094F471A1A0A464058
!
aaa group server radius yonzhao2
server 10.0.128.6 auth-port 1812 acct-port 1813
source-interface Loopback100
!
pool vrf default ipv4 user-pool
network 88.0.255.0/24
!
dhcp ipv4
profile iptv_ipoe proxy
helper-address vrf default 10.0.128.2 giaddr 0.0.0.0
lease proxy client-lease-time 600
lease proxy set-server-options
relay information option allow-untrusted
!
interface GigabitEthernet0/0/0/0.200 proxy profile iptv_ipoe
!
interface Loopback0
description Loopback
ipv4 address 192.168.0.2 255.255.255.255
!
interface Loopback100
description pppoe session
ipv4 address 88.0.0.254 255.255.255.255
!
interface Loopback200
ipv4 address 66.0.0.254 255.255.255.255
!
interface GigabitEthernet0/0/0/0
description to iol-l2-1
!
interface GigabitEthernet0/0/0/0.100
service-policy type control subscriber PPPoE
pppoe enable
encapsulation dot1q 100
!
interface GigabitEthernet0/0/0/0.200
ipv4 point-to-point
ipv4 unnumbered Loopback200
arp learning disable
service-policy type control subscriber iptv-01
encapsulation dot1q 200
ipsubscriber ipv4 l2-connected
initiator dhcp
!
!
router static
address-family ipv4 unicast
66.0.0.0/16 Null0
88.0.0.0/16 Null0
!
!
router isis 1
net 49.1921.6800.0002.00
address-family ipv4 unicast
metric-style wide
!
interface Loopback0
passive
circuit-type level-2-only
address-family ipv4 unicast
!
!
!
dynamic-template
type ppp user-pool
ppp authentication pap chap
ppp ipcp dns 117.75.20.238 117.75.20.254
ppp ipcp mask 255.255.255.255
ppp ipcp peer-address pool user-pool
ipv4 unnumbered Loopback100
!
type ipsubscriber iptv_dt_01
ipv4 verify unicast source reachable-via rx
ipv4 unnumbered Loopback200
ipv4 unreachables disable
!
!
aaa authentication subscriber default group yonzhao2
!
class-map type control subscriber match-any CLASS_PTA
match protocol ppp
end-class-map
!
!
class-map type control subscriber match-any iptv_protocol
match protocol dhcpv4
end-class-map
!
policy-map type control subscriber PPPoE
event session-start match-first
class type control subscriber CLASS_PTA do-until-failure
1 activate dynamic-template user-pool
!
!
event session-activate match-first
class type control subscriber CLASS_PTA do-until-failure
1 authenticate aaa list default
!
!
end-policy-map
!
policy-map type control subscriber iptv-01
event session-start match-first
class type control subscriber iptv_protocol do-until-failure
1 activate dynamic-template iptv_dt_01
!
!
end-policy-map
!
end
Verify
RP/0/RP0/CPU0:vBNG1#sh subscriber session all
Sat Mar 17 08:08:37.526 UTC
Codes: IN - Initialize, CN - Connecting, CD - Connected, AC - Activated,
ID - Idle, DN - Disconnecting, ED - End
Type Interface State Subscriber IP Addr / Prefix
LNS Address (Vrf)
--------------------------------------------------------------------------------
IP:DHCP Gi0/0/0/0.200.ip1 AC 66.0.0.1 (default)
PPPoE:PTA Gi0/0/0/0.100.pppoe1 AC 88.0.255.1 (default)
PPPoE:PTA Gi0/0/0/0.100.pppoe2 AC 88.0.255.2 (default)
RP/0/RP0/CPU0:vBNG1#
RP/0/RP0/CPU0:vBNG1#
RP/0/RP0/CPU0:vBNG1#sh subscriber session all detail
Sat Mar 17 08:08:42.138 UTC
Interface: GigabitEthernet0/0/0/0.200.ip1
Circuit ID: Unknown
Remote ID: Unknown
Type: IP: DHCP-trigger
IPv4 State: Up, Sat Mar 17 04:56:43 2018
IPv4 Address: 66.0.0.1, VRF: default
Mac Address: fa16.3ebc.0453
Account-Session Id: 04000005
Nas-Port: Unknown
User name: unknown
Formatted User name: unknown
Client User name: unknown
Outer VLAN ID: 200
Subscriber Label: 0x04000004
Created: Sat Mar 17 04:54:27 2018
State: Activated
Authentication: unauthenticated
Authorization: unauthorized
Access-interface: GigabitEthernet0/0/0/0.200
Policy Executed:
policy-map type control subscriber iptv-01
event Session-Start match-first [at Sat Mar 17 04:54:27 2018]
class type control subscriber iptv_protocol do-until-failure [Succeeded]
1 activate dynamic-template iptv_dt_01 [Succeeded]
Session Accounting: disabled
Last COA request received: unavailable
Interface: GigabitEthernet0/0/0/0.100.pppoe1
Circuit ID: Unknown
Remote ID: Unknown
Type: PPPoE:PTA
IPv4 State: Up, Sat Mar 17 05:01:24 2018
IPv4 Address: 88.0.255.1, VRF: default
Mac Address: fa16.3ed8.9d59
Account-Session Id: 04000006
Nas-Port: Unknown
User name: cisco
Formatted User name: unknown
Client User name: unknown
Outer VLAN ID: 100
Subscriber Label: 0x04000082
Created: Sat Mar 17 05:01:21 2018
State: Activated
Authentication: authenticated
Authorization: unauthorized
Access-interface: GigabitEthernet0/0/0/0.100
Policy Executed:
policy-map type control subscriber PPPoE
event Session-Start match-first [at Sat Mar 17 05:01:21 2018]
class type control subscriber CLASS_PTA do-until-failure [Succeeded]
1 activate dynamic-template user-pool [Succeeded]
event Session-Activate match-first [at Sat Mar 17 05:01:24 2018]
class type control subscriber CLASS_PTA do-until-failure [Succeeded]
1 authenticate aaa list default [Succeeded]
Session Accounting: disabled
Last COA request received: unavailable
[Last IPv6 down]
Disconnect Reason:
Interface: GigabitEthernet0/0/0/0.100.pppoe2
Circuit ID: Unknown
Remote ID: Unknown
Type: PPPoE:PTA
IPv4 State: Up, Sat Mar 17 05:01:34 2018
IPv4 Address: 88.0.255.2, VRF: default
Mac Address: fa16.3ed8.9d59
Account-Session Id: 04000007
Nas-Port: Unknown
User name: cisco
Formatted User name: unknown
Client User name: unknown
Outer VLAN ID: 100
Subscriber Label: 0x04000104
Created: Sat Mar 17 05:01:30 2018
State: Activated
Authentication: authenticated
Authorization: unauthorized
Access-interface: GigabitEthernet0/0/0/0.100
Policy Executed:
policy-map type control subscriber PPPoE
event Session-Start match-first [at Sat Mar 17 05:01:30 2018]
class type control subscriber CLASS_PTA do-until-failure [Succeeded]
1 activate dynamic-template user-pool [Succeeded]
event Session-Activate match-first [at Sat Mar 17 05:01:34 2018]
class type control subscriber CLASS_PTA do-until-failure [Succeeded]
1 authenticate aaa list default [Succeeded]
Session Accounting: disabled
Last COA request received: unavailable
[Last IPv6 down]
Disconnect Reason: