SRX

Expand all | Collapse all

VDSL2-A MPIM Configuration

Jump to Best Answer
  • 1.  VDSL2-A MPIM Configuration

     
    Posted 01-11-2019 06:14

    Hi,

     

    I've been having a read of the following document:

     

    https://www.juniper.net/documentation/en_US/junos/topics/example/vdsl2-pim-security-interface-configuring.html

     

    And to be honest, it just is not working....

     

    I have an SRX340 that will have ethernet as it's primary link, but I want the DSL to be back up if the primary fails....

     

    Anyone got a basic config I can use for ppp connectivity over ADSL to an LNS?



  • 2.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-11-2019 07:18

    I probably need to explain the requirments a little better:

     

    The VDSL2 MPIM will be acting like an ADSL CPE (as a backup if the primary Ethernet Circuit fails).

     

    So, I need to ensure it is configured as per a CPE, automated RADIUS assigned (IPCP) IP address. authentication via PPP etc etc...

     

    I have a working Cisco one and here is the Config from that device:

     

    interface ATM0
    no ip address
    no atm ilmi-keepalive
    bridge-group 1
    pvc 0/38
    encapsulation aal5mux ppp dialer
    dialer pool-member 1

     

    interface Dialer0
    ip address negotiated
    ip nat outside
    ip virtual-reassembly in
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap callin
    ppp chap hostname me@me.com
    ppp chap password 7 helpmeifyoucan

     

    So, I need something similar to this in Juniper..... Any help would be great?

     

    Oh, almost forgot, I have the Sync light as Green and solid....



  • 3.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-11-2019 07:55

    I have configured the following, so I think I am almost there, but missing something:

     

    set interfaces at-4/0/0 encapsulation atm-pvc
    set interfaces at-4/0/0 atm-options vpi 0
    set interfaces at-4/0/0 dsl-options operating-mode auto
    set interfaces at-4/0/0 unit 0 encapsulation atm-ppp-vc-mux
    set interfaces at-4/0/0 unit 0 vci 0.33
    set interfaces at-4/0/0 unit 0 ppp-options chap default-chap-secret "$9$w4soGDjqfQnHqIclMN-HqmP5F"
    set interfaces at-4/0/0 unit 0 ppp-options chap local-name "me@me.co.uk"
    set interfaces at-4/0/0 unit 0 ppp-options chap passive
    set interfaces at-4/0/0 unit 0 ppp-options pap local-name "me@me.co.uk"
    set interfaces at-4/0/0 unit 0 ppp-options pap local-password "$9$Web8NbsYoGjqgo/tORlegoJZUH"
    set interfaces at-4/0/0 unit 0 ppp-options pap passive
    set interfaces at-4/0/0 unit 0 family inet negotiate-address

     

    When I look at interfaces terse I see the following:

    at-4/0/0    up    up
    at-4/0/0.0 up    down      inet
    at-4/0/0.32767 up   up

     

    And if I complete the following command:

    run show ppp statistics - to see where the LCP process is at....

     

    Session statistics from PPP process
      Total sessions: 1
        Sessions in disabled phase    : 0
        Sessions in establish phase   : 1
        Sessions in authenticate phase: 0
        Sessions in network phase     : 0
        Bundles in pending phase      : 0

     

    Not exactly sure of the readout......

     

    Any help please?

     

     

     



  • 4.  RE: VDSL2-A MPIM Configuration
    Best Answer

     
    Posted 01-14-2019 00:58

    Okay, I have it working. This ADSL is to be used as a backup in case the ethernet circuit goes down, so I have also configured a default route with preference.... here is the working config:

     

    I have installed the VDSL module into slot 4... for reference:

     

    set interfaces at-4/0/0 encapsulation atm-pvc
    set interfaces at-4/0/0 atm-options vpi 0
    set interfaces at-4/0/0 dsl-options operating-mode auto
    set interfaces at-4/0/0 unit 0 encapsulation atm-ppp-vc-mux
    set interfaces at-4/0/0 unit 0 vci 0.38
    set interfaces at-4/0/0 unit 0 ppp-options chap default-chap-secret "$9$w4soGDjqfQnHqIclMN-HqmP5F"
    set interfaces at-4/0/0 unit 0 ppp-options chap local-name "test@test.co.uk"
    set interfaces at-4/0/0 unit 0 ppp-options chap passive
    set interfaces at-4/0/0 unit 0 ppp-options pap local-name "test@test.co.uk"
    set interfaces at-4/0/0 unit 0 ppp-options pap local-password "$9$Web8NbsYoGjqgo/tORlegoJZUH"
    set interfaces at-4/0/0 unit 0 ppp-options pap passive
    set interfaces at-4/0/0 unit 0 family inet negotiate-address

     

    set routing-options static route 0.0.0.0/0 next-hop x.x.x.x
    set routing-options static route 0.0.0.0/0 qualified-next-hop at-4/0/0.0 preference 25 

     



  • 5.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-14-2019 01:54

    The above post shows the working ADSL from the NTE perspective. If I pull the ethernet connection it does route through the backup ADSL, exactly as I want.

     

    The problem I still have is the other end..... Let's have a closer look at the connection through the downstream ISP between my Core PE and the Customer NTE device:

     

    ge-0/0/1 (192.168.1.1/30) NTE ge-0/0/15.10 (10.20.30.2/30) --> S-Tag (Downstream ISP) --> xe-1/2/4.10 (10.20.30.1/30) Core

     

    So, although the NTE recognises the ethernet cable has been pulled, the Core does NOT see the route as being down and still tries to forward the traffic out of the xe-1/2/4.10 interface instead of routing to the LNS and ADSL.....

     

    This must be because of the layer 2 connectivity between the downstream ISP and the Core...... it never see's the route go down so will never fail over...... I will discuss options with the ISP but wanted to get your thoughts on this?



  • 6.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-14-2019 03:45

    Okay. The issue could be a little more complicated than originally thought.

     

    Given that we do not know for sure what the customer would order, we are looking at the following as a scenario:

     

    NTE device = SRX340 - Ethernet / VDSL

     

    The NTE device has the following ports configured:

    ge-0/0/1 - towards the Customer CPE

    ge-0/0/15.10 - Customer VLAN to the PE Core

    ge-0/0/15.99 - Management VLAN to NTE (Only between PE core and NTE)

    at-4/0/0 - DSL Failover

     

    Requirement:

    If ge-0/0/15 fails then all traffic from and to the customer will go through at-4/0/0 interface.

     

    Possible issues with scenario requirement:

    1: How the PE Core will detect that the ge-0/0/15 interface has failed?

    2: The LCP (IPCP) negotiated address on the at-4/0/0 interface will have to be different than the interface on the CPE and then routing has to be in place for that?

    3: How do ISPs already get around the above issues?

     

    I note the following forum post has some information, but it does not explain it from an ISP perspective:

     

    https://forums.juniper.net/t5/SRX-Services-Gateway/Juniper-SRX-ADSL-configuration-for-ISP-s-in-the-UK/td-p/166018

     

    Any help would be greatly appreciated.

     

    Thanks

     



  • 7.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-14-2019 06:56

    This is more to keep people updated so they can try too.....

     

    I have completed the following:

     

    Moved the at-4/0/0 interface into the untrust zone. 

    Now I have completed source NAT. This overcomes both the usage of the same address (CPE and AT-4/0/0 interfaces) and the core not recognising the loss of the interface/route.....

     

    Whether this is an end resolution or not remains to be seen and tested.....

     

    The NAT is between the untrust and trust zone and as the ONLY interface in the untrust is at-4/0/0 then there is no effect when the ethernet is up.



  • 8.  RE: VDSL2-A MPIM Configuration

     
    Posted 01-15-2019 01:24

    I will close this discussion as I believe the issue with configuring the VDSL2 MPIM is complete. It is working as expected. I do have another issue but it is not with the module, so I will open a new discussion.

     

    Thanks