[AusNOG] Superloop Connect LNS config
Rhys Hanrahan
rhys at nexusone.com.au
Fri Dec 10 20:10:31 AEDT 2021
Hey Nathan, thanks for your advice!
I was thinking the same thing about not being reachable. Already confirmed I am getting LAC prefixes over BGP and advertising my loopback IP.
However – just to be clear I eventually figured out that as long as I ping with a source IP of the loopback address (instead of the interface address) I _can_ talk to the LACs. This had me thinking my L2TP traffic is using the interface address instead of the loopback as it’s source – however I don’t believe I am even getting inbound packets, so my replies aren’t even the issue yet.
I just remembered that there was some mis-understanding during provisioning of our Sydney port (because I was asking for a bit of a non-standard config). And they ended up changing my allocated inter-connect IPs mid-way through – they are entirely different. So it seems entirely likely that someone forgot to update some IP addresses on Superloop’s side when that happened.
So maybe it’s not my issue after all. Unfortunately may have to wait for them!
Thanks everyone for your input! Especially on a Friday night.
Rhys Hanrahan | Chief Information Officer
e: rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>
[www.nexusone.com.au]<http://www.nexusone.com.au/> [signature_1116663581] <http://www.fusiontech.com.au/>
NEXUS ONE | FUSION TECHNOLOGY SOLUTIONS
p: 1800 NEXUS1 (1800 639 871) or 1800 565 845 | a: Suite 12.03 Level 12, 227 Elizabeth Street, Sydney NSW 2000
www.nexusone.com.au<http://www.nexusone.com.au/> | www.fusiontech.com.au<http://www.fusiontech.com.au/>
The information in this email and any accompanying attachments may contain; a. Confidential information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; b. Legally privileged information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; and or c. Copyright material Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties. If you have received this email in error, please notify the sender immediately and delete this message. Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd does not accept any responsibility for loss or damage arising from the use or distribution of this email.
Please consider the environment before printing this email.
From: Nathan Brookfield [mailto:Nathan.Brookfield at iperium.com.au]
Sent: Friday, 10 December 2021 7:02 PM
To: Rhys Hanrahan <rhys at nexusone.com.au>
Cc: 'ausnog at lists.ausnog.net' <ausnog at lists.ausnog.net>
Subject: RE: [AusNOG] Superloop Connect LNS config
“I couldn’t even ping any LAC addresses with the source IP of my BGP interface”.
Okay that says a lot and if you’re not getting ICMP responses, I’d say the LAC’s can’t reach your LNS’s loopback which is either going to be a BGP advertisement issue from your end ‘Check your loop is visible in as show ip bgp neighbor x.x.x advertised-routes’ and then if it is, absolutely open a case with SLC for them to check that they’re accepting it and distributing it to there LAC’s.
Nathan Brookfield
General Manager
p: 02 4749 4949 | 1300 592 330 |
e: nathan.brookfield at simtronic.com.au<mailto:nathan.brookfield at simtronic.com.au> | w: iperium.co
Suite 702, 82 Elizabeth Street, Sydney NSW 2000
[cid:image003.png at 01D7EDFF.BBE55010]
Your Connectivity Distributor
DISCLAIMER: This document is intended solely for the named addressee. This electronic communication, which includes any files or attachments thereto, contains proprietary or confidential information and may be privileged and otherwise protected under copyright or other applicable intellectual property laws. The use, disclosure, copying or distribution of any of the information contained in this document, by any person other than the addressee, is strictly prohibited. If you received this document in error, please contact the sender immediately and delete all the material from any computer. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you. Any views or opinions presented are solely those of the author and do not necessarily represent those of Iperium.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. Iperium accepts no liability for any damage caused by any virus transmitted by this email.
From: Rhys Hanrahan <rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>>
Sent: Friday, December 10, 2021 6:56 PM
To: Nathan Brookfield <Nathan.Brookfield at iperium.com.au<mailto:Nathan.Brookfield at iperium.com.au>>
Cc: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] Superloop Connect LNS config
Hey Nathan,
Unfortunately not seeing any attempts. Possible that my CPE is an issue as I pre-configured it and left in plugged in at home this morning on a spare UNI-D port, am about to head home to check that. I haven’t setup a capture yet but I did setup an ACL and can’t see ANY traffic counters incrementing for anything coming from Superloop’s LAC range (unless I do a ping). Good to hear though that it’s meant to be identical. I just hope I’ve done something, otherwise I’ll be waiting till Monday! Argh.
I’ve done an identical config to what I have for NWB. The only difference now is I specified a source-ip of one of the assigned loopback addresses, as Superloop’s LACs seem to be a bit more strict about that – I couldn’t even ping any LAC addresses with the source IP of my BGP interface – had to be the loopback. Source-ip is the only way I found to specify a source address for the L2TP traffic – but I might be wrong?
lns-01-eqx-sy3#sh access-lists 110
Extended IP access list 110
10 permit ip 202.130.216.0 0.0.0.255 any log
20 permit ip any any (14954 matches)
lns-01-eqx-sy3#
vpdn-group SL_CONNECT_NSW
accept-dialin
protocol l2tp
virtual-template 1
dsl-line-info-forwarding
vpn vrf SL_CONNECT_NSW
source-ip 202.130.223.x
local name lns01-eqx-sy3
lcp renegotiation always
l2tp tunnel password 7 xxxx
l2tp tunnel timeout no-session 86400
ip pmtu
ip mtu adjust
Rhys Hanrahan | Chief Information Officer
e: rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>
[cid:image001.png at 01D7EDFF.BBE55010]<http://www.nexusone.com.au/> [signature_666662715] <http://www.fusiontech.com.au/>
NEXUS ONE | FUSION TECHNOLOGY SOLUTIONS
p: 1800 NEXUS1 (1800 639 871) or 1800 565 845 | a: Suite 12.03 Level 12, 227 Elizabeth Street, Sydney NSW 2000
www.nexusone.com.au<http://www.nexusone.com.au/> | www.fusiontech.com.au<http://www.fusiontech.com.au/>
The information in this email and any accompanying attachments may contain; a. Confidential information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; b. Legally privileged information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; and or c. Copyright material Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties. If you have received this email in error, please notify the sender immediately and delete this message. Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd does not accept any responsibility for loss or damage arising from the use or distribution of this email.
Please consider the environment before printing this email.
From: Nathan Brookfield <Nathan.Brookfield at iperium.com.au<mailto:Nathan.Brookfield at iperium.com.au>>
Date: Friday, 10 December 2021 at 6:41 pm
To: Rhys Hanrahan <rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>>
Cc: "ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>" <ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>
Subject: Re: [AusNOG] Superloop Connect LNS config
Hi Rhys,
Are you seeing any L2TP tunnels trying to establish, if your moving from NWB the VPDN configuration should literally be identical once you put in the local address and secrets etc.
Nathan Brookfield
General Manager
p: 1300 592 330 | m: 0412 266 008 | w: https://Iperium.com.au
Level 7, 82 Elizabeth Street, Sydney NSW 2000<x-apple-data-detectors://4>
Your Connectivity Team
DISCLAIMER: This document is intended solely for the named addressee. This electronic communication, which includes any files or attachments thereto, contains proprietary or confidential information and may be privileged and otherwise protected under copyright or other applicable intellectual property laws. The use, disclosure, copying or distribution of any of the information contained in this document, by any person other than the addressee, is strictly prohibited. If you received this document in error, please contact the sender immediately and delete all the material from any computer. Confidentiality and legal privilege are not waived or lost by reason of mistaken delivery to you. Any views or opinions presented are solely those of the author and do not necessarily represent those of Iperium.
WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. Iperium accepts no liability for any damage caused by any virus transmitted by this email.
On 10 Dec 2021, at 18:17, Rhys Hanrahan <rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>> wrote:
Hi Everyone,
Happy Friday.
Just wondering – can anyone help with an example LNS config for Superloop Connect NBN perhaps? Have been provisioned in the last few days and trying to get a test service online today so that we are OK to get services online next week.
Been waiting to hear back from the network team most of the day but I think at this point I’m not likely to hear back till Monday, so if anyone has anything handy so I might be able to try and get things online over the weekend it’d be appreciated. We’re on AAPT NWB at the moment and I’ve done basically the same config.
Unfortunately though I have BGP sessions up and can ping the LACs from the designated loopbacks, I’m not seeing any dial-in attempts to establish a tunnel from any of the LACs, or anything in my L2TP debugs. I do have a CPE connected to a test service. I am hoping it’s my end and not theirs!
Thanks all.
Rhys Hanrahan | Chief Information Officer
e: rhys at nexusone.com.au<mailto:rhys at nexusone.com.au>
[www.nexusone.com.au]<http://www.nexusone.com.au/> [signature_1759790540] <http://www.fusiontech.com.au/>
NEXUS ONE | FUSION TECHNOLOGY SOLUTIONS
p: 1800 NEXUS1 (1800 639 871) or 1800 565 845 | a: Suite 12.03 Level 12, 227 Elizabeth Street, Sydney NSW 2000
www.nexusone.com.au<http://www.nexusone.com.au/> | www.fusiontech.com.au<http://www.fusiontech.com.au/>
The information in this email and any accompanying attachments may contain; a. Confidential information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; b. Legally privileged information of Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties; and or c. Copyright material Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd or third parties. If you have received this email in error, please notify the sender immediately and delete this message. Fusion Technology Solutions Pty Ltd, Nexus One Pty Ltd does not accept any responsibility for loss or damage arising from the use or distribution of this email.
Please consider the environment before printing this email.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 13849 bytes
Desc: image001.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 9101 bytes
Desc: image002.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 4595 bytes
Desc: image003.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0007.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 13850 bytes
Desc: image004.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0008.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 9102 bytes
Desc: image005.png
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20211210/5a5b02a9/attachment-0009.png>
More information about the AusNOG
mailing list