PPPoE:PPP over ethernet
- 把PPP帧封装到以太网帧中的链路层协议
- 使以太网网络中的多台主机连接到远端的宽带接入服务器
- 以太网提供多台主机接入,PPP提供访问控制和计费
- 组网结构采用Client/Server模型
PPPoE会话建立过程:
- Discovery
- 获取对方以太网地址,以及确定唯一的PPPoE会话。
- Session
- 包括两个部分,PPP协商阶段(LCP)和PPP报文传输阶段(NCP)
- Terminate
- 会话建立以后的任意时刻,发送报文结束PPPoE会话。可以是客户端或者服务端任意一方发送,一个报文不需要回复确认报文
案例演示
PPPoE Server:
[PPPoE Server]sysname PPPoE Server
[PPPoE Server]interface Virtual-Template1 # 创建VT逻辑接口
ppp authentication-mode chap # 配置加密方式为chap
remote address pool pppoe # 设置对端接收ip地址池
ppp ipcp remote-address forced # 强制不允许对端自行配置ip
ppp ipcp dns 12.0.0.10 # 配置dns server,主备dns直接在12.0.0.10后面添加
ip address 11.0.0.1 255.255.255.0 # 配置该逻辑接口ip
[PPPoE Server]interface GigabitEthernet0/0/0
pppoe-server bind Virtual-Template 1 # 加入VT1逻辑接口
[PPPoE Server]interface GigabitEthernet0/0/1
ip address 12.0.0.1 255.255.255.0
[PPPoE Server]aaa
local-user pppoe password cipher huawei.com
local-user pppoe service-type ppp # 创建client用于拨号的账户,并且赋予ppp权限
[PPPoE Server]ip pool pppoe # 创建ip地址池
network 11.0.0.0 mask 255.255.255.0
[PPPoE Server]pppoe-server max-sessions remote-mac 2 # 配置pppoe只允许出现2个远程mac(也就是client端mac),或者配置local-mac、total本地mac数量和总mac数量
PPPoE Client:
[PPPoE Client]sysname PPPoE Client
[PPPoE Client]interface Dialer1
link-protocol ppp # 缺省配置
ppp chap user pppoe # 配置认证用户
ppp chap password cipher huawei.com # 配置认证密码
ppp ipcp dns request # 请求对端dns
ip address ppp-negotiate # 对端配置了远程ip必须配置这条命令
dialer user pppoe #
dialer bundle 1 # 最大255,用于物理接口绑定,前提必须配置了dialer user *
[PPPoE Client]interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1 # 绑定配置的bundle接口id
[PPPoE Client]interface GigabitEthernet0/0/1
ip address 13.0.0.1 255.255.255.0
[PPPoE Client]acl number 2000
rule 5 permit source 13.0.0.0 0.255.255.255
[PPPoE Client]interface Dialer1
nat outbound 2000 # NAT内网出局
[PPPoE Client]ip route-static 0.0.0.0 0.0.0.0 Dialer1 # 下一跳逻辑出接口,一般情况下pppoe出公网都不是固定的
[PPPoE Client]dns resolve # 开启本机设备DNS转发,不开启该功能本设备DNS不工作 无法测试ping域名
结果验证
多拨、线路主备
多拨
PPPoE Client:
[PPPoE Client]interface Dialer2
link-protocol ppp
ppp chap user pppoe
ppp chap password cipher huawei.com
ppp ipcp dns request
ip address ppp-negotiate
dialer user pppoe
dialer bundle 2
nat outbound 2000
[PPPoE Client]interface Dialer3
link-protocol ppp
ppp chap user pppoe
ppp chap password cipher huawei.com
ppp ipcp dns request
ip address ppp-negotiate
dialer user pppoe
dialer bundle 3
nat outbound 2000
[PPPoE Client]interface GigabitEthernet0/0/0
pppoe-client dial-bundle-number 1
pppoe-client dial-bundle-number 2
pppoe-client dial-bundle-number 3
线路主备
PPPoE Server:
[PPPoE Server]interface GigabitEthernet0/0/2
pppoe-server bind Virtual-Template 1
PPPoE Client:
[PPPoE Client]interface Dialer2
link-protocol ppp
ppp chap user pppoe
ppp chap password cipher huawei.com
ppp ipcp dns request
ip address ppp-negotiate
dialer user pppoe
dialer bundle 2
nat outbound 2000
[PPPoE Client]interface GigabitEthernet0/0/2
pppoe-client dial-bundle-number 2
[PPPoE Client]ip route-static 0.0.0.0 0.0.0.0 Dialer2 preference 70
作者:Zleoco,如若转载,请注明出处:https://www.zleoco.com/?p=2105