Cisco Cisco IOS Software Release 12.3(4)T
PPPoE Session Limit per NAS Port
How to Configure PPPoE Session Limits per NAS Port
3
Cisco IOS Release: Multiple releases (see the Feature History table)
Figure 1
PPPoE Session Limit per NAS Port Sample Topology
The customer profile database consists of user profiles for each user that is connected to the LAC. Each
user profile contains the NAS-IP-Address (attribute 4) and the NAS-Port-ID (attribute 5.) When the LAC
is configured for SSS preauthorization, it queries the customer profile database using the username.
When a match is found in the customer profile database, the customer profile database sends the PPPoE
per-NAS-port session limit in the user profile. The PPPoE per-NAS-port session limit is defined in the
username as a Cisco AV-pair.
user profile contains the NAS-IP-Address (attribute 4) and the NAS-Port-ID (attribute 5.) When the LAC
is configured for SSS preauthorization, it queries the customer profile database using the username.
When a match is found in the customer profile database, the customer profile database sends the PPPoE
per-NAS-port session limit in the user profile. The PPPoE per-NAS-port session limit is defined in the
username as a Cisco AV-pair.
Relationship Between the per-NAS-Port Session Limit and Other Types of
Session Limits
Session Limits
You can configure other types of session limits on the LAC, including session limit per VC, per VLAN,
per MAC, and a global session limit for the LAC. When PPPoE Session Limit per NAS Port is enabled
(that is, when you have enabled SSS preauthorization on the LAC), local configurations for session limit
per VC and per VLAN are overwritten by the PPPoE per-NAS-port session limit downloaded from the
customer profile database. Configured session limits per VC and per VLAN serve as backups in case of
a download failure of the PPPoE per-NAS-port session limit. Global session limits and per-MAC session
limits, if configured on the router, will take effect as other means of limiting PPPoE sessions.
per MAC, and a global session limit for the LAC. When PPPoE Session Limit per NAS Port is enabled
(that is, when you have enabled SSS preauthorization on the LAC), local configurations for session limit
per VC and per VLAN are overwritten by the PPPoE per-NAS-port session limit downloaded from the
customer profile database. Configured session limits per VC and per VLAN serve as backups in case of
a download failure of the PPPoE per-NAS-port session limit. Global session limits and per-MAC session
limits, if configured on the router, will take effect as other means of limiting PPPoE sessions.
Benefits of PPPoE Session Limits per NAS Port
The PPPoE Session Limit Per NAS Port feature provides flexibility and simplifies router configuration
by allowing you to download the per-VC and per-VLAN session limits from a RADIUS server in
addition to being able to configure them on the router.
by allowing you to download the per-VC and per-VLAN session limits from a RADIUS server in
addition to being able to configure them on the router.
How to Configure PPPoE Session Limits per NAS Port
This section contains the following procedures:
•
•
•
L2TP tunnel
LNS
LAC
LNS
LAC
PPPoE client
Customer profile database
(AAA RADIUS server)
LAC/LNS
AAA RADIUS server
AAA RADIUS server
80260