Flow control, Flow control -34 – Lucent Technologies 6000 User Manual

11-34

MAX 6000/3000 Network Configuration Guide

Setting Up Virtual Private Networks
Configuring L2TP tunnels for dial-in clients

that matches a Client-Port-DNIS for any user profile. You can configure the LNS to perform

PAP or CHAP authentication after the LAC and LNS establish the tunnel.

If you use RADIUS to configure L2TP, but do not specify the Client-Port-DNIS attribute, the

LAC performs PAP or CHAP authentication before the tunnel is established. Once the tunnel is

up, the LNS can perform authentication again on the client. Each client sends the same

username and password during the authentication phase, so for each client, make sure you

configure the LAC and LNS to look for the same usernames and passwords.

You can also direct the MAX to create an L2TP tunnel, from the terminal server, by using the

L2TP command. You can configure authentication on the LNS, requiring users to authenticate

themselves when they manually initiate L2TP tunnels from the terminal server.

Flow control

The LAC and LNS automatically use a flow control mechanism that is designed to reduce

network congestion. You do not need to configure the mechanism.

You can, however, configure the maximum number of unacknowledged packets that the LAC

or LNS receives before it requests that the sending device stop sending data. You can configure

the LAC or LNS to receive up to 63 unacknowledged packets before refusing new data, or you

can disable flow control completely.

Using the Tunnel-Assignment-ID (82) RADIUS attribute for L2TP

Client sessions can be grouped into specific tunnels. For details, see

draft-ietf-radius-tunnel-auth-09.txt.

RADIUS supports this feature by

means of the Tunnel-Assignment-ID (82) attribute which informs the L2TP access

concentrator (LAC) whether to assign a client session to an existing tunnel or to create a new

one.

Example of configuring a tunnel assignment ID

In this example, the MAX unit is configured to perform tunnel authentication for L2TP

tunnels. The MAX unit that performs this function can be a MAX TNT or a MAX unit.

The two PPP clients shown in Figure 11-9 are configured to use different tunnels to the L2TP

network server (LNS) on the basis of their tunnel assignment IDs. The same clients could be

configured to use the same multiplexed tunnel by setting their tunnel assignment IDs to the

same string.

RADIUS attribute

Value

Tunnel-Assignment-ID
(82)

Identification (name) assigned to tunnels to allow grouping of
sessions. A text string of up to 31 characters. The value has local
significance only. It is not transmitted to the remote tunnel
end point.