Previous Page
Next Page

Additional Commands for Troubleshooting

This section contains some additional commands that may be useful when troubleshooting L2F.

show vpdn history failure

The show vpdn history failure command displays the VPDN history failure table.

Example 2-126 shows the output of the show vpdn history failure command.

Example 2-126. Output of the show vpdn history failure Command
LODI_NAS1#show vpdn history failure
Table size: 20
Number of entries in table: 1
User: joebloggs@mjlnet.com, MID = 11
NAS: LODI_NAS1, IP address = 172.16.1.1, CLID = 2
Gateway: PERRIS_HGW1, IP address = 172.16.2.2, CLID = 2
Log time: Jan  8 21:44:36.891, Error repeat count: 1
Failure type: The remote server closed this session
Failure reason: Soft shutdown/session limit
LODI_NAS1#

Highlighted line 1 shows the default VPDN history failure table size (20 entries). The default VPDN history failure table size can be modified using the vpdn history failure table-size command.

In highlighted line 2, the current number of entries in the table is shown (1). The user corresponding to this table entry is shown in highlighted line 3 (joebloggs@mjlnet.com).

Highlighted lines 4 and 5 show the NAS's and Home Gateway's names, IP addresses, and CLIDs. Then in highlighted line 6, the time that the failure occurred is shown, together with the number of times that the failure has been logged. Finally, in highlighted lines 7 and 8, the failure type and reason are shown.

Note that the VPDN history failure table can be cleared using the clear vpdn history failure command.

debug vpdn error

The debug vpdn error command displays VPDN error information.

Example 2-127 shows the output of the debug vpdn error command.

Example 2-127. Output of the debug vpdn error Command
LODI_NAS1#debug vpdn error
10:16:24: VPDN/dnis:2222: Authorization failed, could not talk to AAA server or
  local tunnel problem
LODI_NAS1#

The output in Example 2-127 indicates that there has been an authorization error for DNIS 2222. This indicates that the NAS has searched for and found no locally configured VPDN group configured for DNIS 2222, or that the AAA server is unreachable.

Even if this error is displayed, L2F tunnel setup may still succeed if the NAS is configured to search for and set up the tunnel based on the domain name. Note that the default VPDN search order is DNIS, then domain name. If you want to modify the search order so that the NAS searches for a domain name first, use the vpdn search-order domain [dnis] command.

debug vpdn event

The debug vpdn event command displays VPDN event information.

Example 2-128 shows the output of the debug vpdn event command.

Example 2-128. debug vpdn event Output
LODI_NAS1#debug vpdn event
10:19:33: BR0:1 VPDN: Got DNIS string 7777
10:19:33: BR0:1 VPDN: Looking for tunnel -- dnis:7777 --
10:19:33: VPDN/dnis:7777: Authorization failed, could not talk to AAA server or
  local tunnel problem
10:19:33: BR0:1 VPDN: Looking for tunnel -- mjlnet.com --
10:19:33: BR0:1 VPDN/RPMS/1: Got tunnel info for mjlnet.com
10:19:33: BR0:1 VPDN/RPMS/1:   NAS LODI_NAS1
10:19:33: BR0:1 VPDN/RPMS/1:   l2tp-busy-disconnect yes
10:19:33: BR0:1 VPDN/RPMS/1:   IP 172.16.2.2
10:19:33: BR0:1 VPDN/1: curlvl 1 Address 0: 172.16.2.2,    priority 1
10:19:33: BR0:1 VPDN/1: Select non-active address 172.16.2.2, priority 1
10:19:33: BR0:1 VPDN: Find HGW process created
10:19:33: BR0:1 VPDN: Forward to address 172.16.2.2
10:19:33: BR0:1 VPDN: Pending
10:19:33: BR0:1 VPDN: Process created
10:19:33: VPDN: Chap authentication succeeded for HGW
10:19:33: BR0:1 VPDN: Forwarding...
10:19:33: BR0:1 VPDN: Bind interface direction=1
10:19:33: BR0:1 VPDN: joebloggs@mjlnet.com is forwarded
LODI_NAS1#

Example 2-128, highlighted line 1 shows that LODI_NAS1 has found DNIS string 7777. Then in highlighted line 2, LODI_NAS1 looks for the a tunnel (VPDN group) corresponding to DNIS string 7777.

In highlighted line 3, the NAS fails to find a tunnel corresponding to the DNIS string. The LODI_NAS1 now looks for and finds a tunnel based on the domain name mjlnet.com (highlighted lines 4 and 5). The IP address of the Home Gateway is shown in highlighted line 6 (172.16.2.2).

LODI_NAS1 authenticates the Home Gateway in highlighted line 7, and in highlighted line 8, LODI_NAS begins forwarding PPP frames between the client (joebloggs@mjlnet.com) and the Home Gateway.

debug vpdn l2x-data

The debug vpdn l2x-data command displays L2F data packets. Particular care should be taken when using this command, as it can produce copious output.

Example 2-129 demonstrates sample output from this command.

Example 2-129. Output from the debug vpdn l2x-data Command
LODI_NAS1#debug vpdn l2x-data
L2X data packets debugging is on
LODI_NAS1#
10:28:24: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
10:28:25: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
  to up
10:28:34: BR0:1 Tnl/Cl 30/31 L2F: UDP sent (fastswitch) src 172.16.1.1(1701),
  dst 172.16.2.2(1701), length 88
10:28:34: BR0:1 Tnl/Cl 30/31 L2F: UDP sent (fastswitch) src 172.16.1.1(1701),
  dst 172.16.2.2(1701), length 52
10:28:34: BR0:1 Tnl/Cl 30/31 L2F: UDP sent (fastswitch) src 172.16.1.1(1701),
  dst 172.16.2.2(1701), length 64
10:28:34: BR0:1 Tnl/Cl 30/31 L2F: UDP sent (fastswitch) src 172.16.1.1(1701),
  dst 172.16.2.2(1701), length 52

The highlighted line shows that L2F tunnel (UDP port 1701) packets are being fast switched to IP address 172.16.2.2 (the Home Gateway).

debug vpdn l2x-packets

The debug vpdn l2x-packets command displays L2F management packets (L2F_PROTO).

Example 2-130 shows the output of the debug vpdn l2x-packets command.

Example 2-130. Output of the debug vpdn l2x-packets Command
LODI_NAS1#debug vpdn l2x-packets
LODI_NAS1#
10:38:07: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
10:38:07:
L2F: SENDING src 172.16.1.1 dst 172.16.2.2 size 41
     90 01 01 00 00 00 00 00 00 29 00 00 01 02 03 4E
     41 53 03 10 57 92 CE FB A5 87 29 37 11 28 84 EB
     E8 FE 77 EA 04 00 00 00 22
10:38:07: L2F: I flags & version 0x9001 protocol 1 sequence 0
10:38:07: L2F:    mid 0 cid 34 length 41 offset 0 L2F_CONF
         90 01 01 00 00 00 00 22 00 29 00 00 01 02 03 48
         47 57 03 10 03 DE 88 AF AC E4 FB 15 87 60 C5 88
         EE C2 2C 1A 04 00 00 00 22
10:38:07: L2X: L2F: L2F_CONF_NAME HGW
10:38:07: L2X: L2F: L2F_CONF_CHAL (16 bytes)
10:38:07: L2X: L2F: L2F_CONF_CLID clid = 34
10:38:07:
L2F: SENDING src 172.16.1.1 dst 172.16.2.2 size 35
     D0 01 01 01 00 00 00 22 00 23 00 00 0B 45 72 A9
     02 03 10 B1 06 42 EB 5A 73 1B C8 AE FA E1 C3 4E
     CA CA 49
10:38:07: L2F: I flags & version 0xD001 protocol 1 sequence 1
10:38:07: L2F:    mid 0 cid 34 length 35 offset 0 key 0xB536CC1A L2F_OPEN
         D0 01 01 01 00 00 00 22 00 23 00 00 B5 36 CC 1A
         02 03 10 A0 65 85 4E F1 12 6F 9A 84 96 63 57 60
         D7 45 99
10:38:07: L2X: L2F: L2F_OPEN_RESP length 16
10:38:07:
L2F: SENDING src 172.16.1.1 dst 172.16.2.2 size 199
     D0 01 01 00 00 23 00 22 00 C7 00 00 0B 45 72 A9
     02 06 02 01 13 64 69 61 6C 69 6E 62 6F 78 40 63
     69 73 63 6F 2E 63 6F 6D 02 10 F7

The first two highlighted lines show the header of an L2F control packet.

Highlighted line 1 shows that the flags and Version fields have a value of 0x9001. This indicates that the Offset and Sequence flags are set and that the Version is 1. The protocol field has a value of 1, which indicates that this is a L2F_PROTO (L2F management) packet. Finally, the Sequence number of the packet is 0.

Highlighted line 2 shows that the MID, CLID, length, and Offset field value (0, 34, 41, and 0, respectively). Also shown in highlighted line 2 is the L2F message (option) type, which in this case is L2F_CONF.

Highlighted lines 3 to 5 show the suboptions contained within the L2F_CONF message. These are L2F_CONF_NAME, L2F_CONF_CHAL, and L2F_CONF_CLID. See Table 2-2 for more details on these suboptions.

Highlighted lines 6, 7, and 8 show the packet header and payload for another L2F message, which in this case is L2F_OPEN.

debug vpdn packet

The debug vpdn packet command displays VPDN packet information.

Example 2-131 shows the output of the debug vpdn packet command.

Example 2-131. Output of the debug vpdn packet Command
LODI_NAS1#debug vpdn packet
VPDN packet debugging is on
LODI_NAS1#
10:41:26: %LINK-3-UPDOWN: Interface BRI0:1, changed state to up
10:41:27: %LINEPROTO-5-UPDOWN: Line protocol on Interface BRI0:1, changed state
to up
10:41:36: BR0:1 L2F: OUT UDP FS out
10:41:36: BR0:1 VPDN: I FS
10:41:36: BR0:1 L2F: OUT UDP FS out
10:41:36: BR0:1 VPDN: I FS
10:41:36: BR0:1 L2F: OUT UDP FS out
10:41:36: BR0:1 VPDN: I FS
10:41:36: BR0:1 L2F: OUT UDP FS out
10:41:36: BR0:1 VPDN: I FS
10:41:36: BR0:1 L2F: OUT UDP FS out
10:41:36: BR0:1 VPDN: I FS
10:41:36: BR0:1 L2F: OUT UDP FS out

The highlighted lines in Example 2-131 show L2F packets being fast switched out of and into the L2F tunnel.


Previous Page
Next Page