[AusNOG] Per PPP session QoS and Shaping on Cisco LNSes

Philip Loenneker Philip.Loenneker at tasmanet.com.au
Thu Jul 5 14:57:33 EST 2018


Hi Rhys,

While I can’t provide any additional info on the 7201, I might be able to help with identifying the line rate.

I would hope that AAPT NWB services send through all of the information NBN send to them, which means the NBN WBA documentation might be useful to you. You can find the publicly accessible versions here:
https://www.nbnco.com.au/sell-nbn-services/supply-agreements/wba.html
If you look at the Ethernet Product Technical Specification document, you can see that NBN inject the DSL Line Rate attributes into the DHCP/PPPoE packets. They follow RFC4679, which you can read up on here:
https://tools.ietf.org/html/rfc4679

From memory when I was investigating this in the past, wireshark is aware of the DHCP options for this, so if you can get a packet capture from the RSP side of the connection then it might give you all the info you need.

Hope that helps.

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 1300 792 711
philip.loenneker at tasmanet.com.au<mailto:philip.loenneker at tasmanet.com.au>
www.tasmanet.com.au<http://www.tasmanet.com.au/>

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Rhys Hanrahan
Sent: Thursday, 5 July 2018 1:58 PM
To: ausnog at lists.ausnog.net
Subject: [AusNOG] Per PPP session QoS and Shaping on Cisco LNSes

Hi All,

I’m hoping someone can give some advice regarding per-PPPoE session QoS, Queueing and Shaping on Cisco LNSes. We’re currently using Cisco 2901s for our LNSes and they’ve been great, but I’ve never been able to get the per-session QoS feature working on this platform. I believe this is because while it supports LNS functionality, the 2901 cannot run the correct IOS version for this feature.

I’m now looking to “upgrade” to Cisco 7201s, primarily to provide the per-session QoS via RADIUS feature, but also to give us a bump in throughput. Despite these being quite cheap online, I’m hoping to verify that the per-session QoS feature actually works on the 7201s before I go ahead and buy them. I know of several examples where the 7200 platform is used for this feature, but I’ve also read the feature can be buggy depending on what specific IOS version you’re running. So I’m hoping that someone has experience using this feature for LNSes on the 7201s in particular (as opposed to e.g. 7204 VXR) and can confirm that it works, and hopefully works reliably on a certain IOS version?

I’ve checked Cisco’s feature navigator and it seems conclusive that the 7201s can run the SB release of IOS and do support this feature, but it would be great to be 100% sure. If anyone can recommend a Cisco version other than the 7201 that does the same but with higher throughput, I’d appreciate it. But I’m pretty set on the 7201 since they’re cheap and I can’t justify the cost of ASR1001-Xs for this role at the moment, which I suspect is realistically the next in-line suitable model.

In addition, it would be great to know if the 7201s can also use RADIUS to apply access-lists per-session so I can do things like block port 25 per-subscriber. But I’m not even sure what this feature is called and can’t find anything online, but I know there must be a way to do this.

What I’ve been able to see from various postings is that the 7201s should be able to run the “SB” version of IOS, and it’s this particular version that enables per-session QoS and Shaping features on the LNS?


  *   https://puck.nether.net/pipermail/cisco-bba/2011-February/001349.html
  *   https://lists.gt.net/cisco/nsp/85139

And as a bonus, I’m wondering if there’s anyone using AAPT’s NWB L2 services who’s been able to fetch Connect-Info headers to determine the downstream sync speed so that the QoS shaper can be determined dynamically? As opposed to having to statically set fixed speeds on the parent shaper for QoS. I looked at this a while ago, and the “Connect-Info” header seemed to just be a fixed value – perhaps a physical interface speed – but it did not reflect the actual sync speed of the service.

I’m hoping I might have done something wrong, or there might be a different RADIUS header that I can use that I couldn’t find in the debugs. All of the examples online I’ve found on determining the Virtual Access bandwidth seem to rely on the Connect-Info header, so I’m not particularly hopeful there.

This is what I saw:

Aug 14 10:44:05.657: RADIUS:  Acct-Authentic      [45]  6   RADIUS                    [1]
Aug 14 10:44:05.657: RADIUS:  Acct-Status-Type    [40]  6   Start                     [1]
Aug 14 10:44:05.657: RADIUS:  Connect-Info        [77]  12  "1410065408"
Aug 14 10:44:05.657: RADIUS:  NAS-Port-Type       [61]  6   Virtual                   [5]
Aug 14 10:44:05.657: RADIUS:  NAS-Port            [5]   6   578

An example of what I’m trying to do with VAI speed: https://supportforums.cisco.com/t5/wan-routing-and-switching/use-bandwidth-of-vai-in-qos-parent-policy/m-p/2088825/highlight/true#M204112

Appreciate any guidance.

Thanks!

Rhys Hanrahan
Chief Information Officer
Nexus One Pty Ltd

E: support at nexusone.com.au<mailto:support at nexusone.com.au>
P: +61 2 9191 0606
W: http://www.nexusone.com.au/
M: PO Box 127, Royal Exchange NSW 1225
A: Level 10 307 Pitt St, Sydney NSW 2000

[ttp://quintus.nexusone.com.au/~rhys/nexus1-email-sig.jpg]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180705/eb639ed3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 17040 bytes
Desc: image001.jpg
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180705/eb639ed3/attachment.jpg>


More information about the AusNOG mailing list