Layer 2 T unnel Protocol
Feature Summary
The Layer 2 Tunnel Protocol (L2TP) is an emerging Internet Engineering Task Force (IETF)
standard that combines the best features of two existing tunneling protocols: Cisco’s Layer 2
Forwarding (L2F) and Microsoft’s Point-to-Point Tunneling Protocol (PPTP). L2TP is an extension
to the Point-to-Point Protocol (PPP), which is an important component for VPNs. VPNs allow urs
and telecommuters to connect to their corporate intranets or extranets. VPNs are cost-effective
becau urs can connect to the Internet locally and tunnel back to connect to corporate resources.
This not only reduces overhead costs associated with traditional remote access methods, but also
improves flexibility and scalability.
Traditional dial-up networking rvices only support registered IP address, which limits the types
of applications that are implemented over VPNs. L2TP supports multiple protocols and unregistered
and privately administered IP address over the Internet. This allows the existing access
infastructure, such as the Internet, modems, access rvers, and ISDN terminal adapters (TAs), to be
ud. It also allows enterpri customers to outsource dialout support, thus reducing overhead for
hardware maintenance costs and 800 number fees, and allows them to concentrate corporate gateway
resources. Figure1 shows the L2TP architecture in a typical dial up environment.
Feature Summary
Benefits Benefits
L2TP offers the following benefits:
•Vendor interoperability.
•Can be ud as part of the wholesale access solution, which allows ISPs to the telco or rvice
providers offer VPNs to Internet Service Providers (ISPs) and other rvice providers.
•Can be operated as a client initiated VPN solution, where enterpri customers using a PC, can
u the client initiated L2TP from a third party.
•All value-added features currently available with Cisco’s L2F, such as load sharing and backup
support, will be available in future IOS releas of L2TP.
•Supports Multihop, which enables Multichassis Multilink PPP in multiple home gateways. This
allows you to stack home gateways so that they appear as a single entity.
List of Terms
attribute-value pair (A V pair)—A generic pair of values pasd from a AAA rver to a AAA
client. For example, in the A V pair ur = bill, “ur” is the attribute and “bill” is the value.
calling line identification (CLID)— A unique number that informs the called party of the phone
number identification of the calling party.
challenge handshake authentication protocol (CHAP)—A PPP cryptographic
challenge/respon authentication protocol in which the cleartext password is not pasd over the
line. This allows the cure exchange of a shared cret between the two endpoints of a connection.
client—Instigator of the PPP ssion. Also referred to as the PPP client, or PPP peer.
cloning—Creating and configuring a virtual access interface by applying a specific virtual template
upgrade什么意思interface. The template is the source of the generic ur information and router-dependent
information. The result of cloning, is a virtual access interface configured with all the commands in
the template.
control messages—Exchange messages between the LAC and LNS pairs, operating in-band within
the tunnel protocol. Control messages govern the aspects of the tunnel and ssions within the tunnel.
dial ur—An end system or router attached to an on-demand PSTN or ISDN, which is either the汉英字典在线查询
initiator or recipient of a call. Also referred to as a dial-up or virtual dial-up client.
Dialed Number identification Service (DNIS)—The called party number. Typically, this is a
number ud by call centers or a central office where different numbers are each assigned to a
specific rvice.
Integrated Services Digital Network (ISDN)—Communication protocols offered by telephone
companies that permit telephone networks to carry date, voice, and other source traffic.
Layer 2 Tunnel Protocol (L2TP)—A Layer 2 tunneling protocol that is an extension to the PPP
protocol ud for Virtual Private Networks (VPNs). L2TP merges the best features of two existing
tunneling protocols: Microsoft’s PPTP and Cisco’s L2F. It is the emerging IETF standard, currently
being drafted by participants from Ascend, Cisco Systems, Copper Mountain Networks, IBM,
Microsoft, and 3Com.
Link Control Protocol (LCP)—A protocol that establishes, configures, and tests data link
connections ud by PPP.
Feature Summary
L2TP access concentrator (LAC)—An L2TP device that the client directly connects to and
whereby PPP frames are tunneled to the L2TP network rver (LNS). The LAC needs only
implement the media over which L2TP is to operate to pass traffic to one or more LNSs. It may
tunnel any protocol carried within PPP. The LAC is the initiator of incoming calls and the receiver
of outgoing calls. Analogous to the Layer 2 Forwarding (L2F) network access rver (NAS).
usuallyL2TP network rver (LNS)—Termination point for L2TP tunnel and access point where PPP
frames are procesd and pasd to higher layer protocols. An LNS operates on any platform capable
of PPP termination. The LNS handles the rver side of the L2TP protocol. L2TP relies only on the
single media over which L2TP tunnels arrive. The LNS may have a single LAN or WAN interface,
yet still be able to terminate calls arriving at any of the LACs full range of PPP interfaces
(asynchronous, synchronous, ISDN, V.120, etc.). The LNS is the initiator of outgoing calls and the
receiver of incoming calls. Analogous to the Layer 2 Forwarding (L2F) home gateway (HGW).
Multiplex Identifier (MID)—The number associated with a specific ur’s L2TP/L2F ssion.
Multilink PPP Protocol (MLP)—A protocol that provides the capability of splitting andwithout的用法
recombining packets to a single end system across a logical pipe (also called a bundle) formed by
multiple links. Multilink PPP provides bandwidth on demand and reduces transmission latency
across WAN links.
Network Access Server (NAS)—A device providing temporary, on-demand network access to
urs. The access is point-to-point typically using PSTN or ISDN lines. A NAS may also rve as a
LAC, LNS, or both. In Cisco’s implementation for L2TP, the NAS rves as a LAC for incoming
calls and rves as a LNS for outgoing calls. The NAS is synonymous with LAC.
Network Control protocol (NCP)—PPP protocol for negotiation of OSI Layer 3 (the network
layer) parameters.
Password Authentication Protocol (PAP)—A simple PPP authentication mechanism in which a
cleartext urname and password are transmitted to prove identity. PAP is not as cure as CHAP
becau the password is pasd in “cleartext.”
point-of-prence (POP)—The access point to a rvice provider’s network.
Point-to-Point Protocol (PPP)—A protocol that encapsulates network layer protocol information
over point-to-point links. The RFC for PPP is RFC 1661.
包括但不限于
Point-to-Point Tunneling Protocol (PPTP)—Microsoft’s Point to Point Tunneling Protocol. Some
of the features in L2TP were derived from PPTP.绯闻女孩是谁
public switched telephone network (PSTN)—Telephone networks and rvices in place
worldwide.
ssion—A single, tunneled PPP ssion. Also referred to as a call.
tunnel—A virtual pipe between the LAC and LNS that can carry multiple PPP ssions.
tunnel ID—A two-octet value that denotes a tunnel between a LAC and LNS
virtual access interface—Instance of a unique virtual interface that is created dynamically and
exists temporarily. Virtual access interfaces can be created and configured differently by different
applications, such as virtual profiles and virtual private dialup networks.Virtual access interfaces are
cloned from virtual template interfaces.
virtual template interface—A logical interface configured with generic configuration information研究生报名费
for a specific purpo or configuration common to specific urs, plus router-dependent information.
The template takes the form of a list of Cisco IOS interface commands that are applied to virtual
access interfaces, as needed.
Restrictions Virtual Private Dialup Networking (VPDN)—A system that permits dial-in networks to exist
remotely to home networks, while giving the appearance of being directly connected. VPDNs u
L2TP and L2F to terminate the Layer 2 and higher parts of the network connection at the LNS,
instead of the LAC.
zero length body message (ZLB)—A control or payload packet that only contains an L2TP header
and does not contain any control message information or PPP payload. ZLB messages are ud
explicitly for acknowledging packets on the control or data channel.
Restrictions
The following restrictions apply to the L2TP feature:
•If flow control is enabled using the l2tp flow-control receive-window command with a value
greater than zero, the switching path defaults to process level switching.
•Only dial in support currently exists.
Platforms
For 12.0T IOS Releas, L2TP is supported on the following platforms:
•Cisco 1003, Cisco 1004, and Cisco 1005
•Cisco 1600 ries
•Cisco 1700 ries
•Cisco 2500 ries
•Cisco 2600 ries
•Cisco 2800 ries
•Cisco 2900 ries
•Cisco 3600 ries
•Cisco 4000 ries (Cisco 4000, 4000-M, 4500, 4500-M, 4700, 4700-M)
•Cisco AS5200
•Cisco AS5300
•Cisco 6400 ries
•Cisco 7200 ries
•Cisco 7500 ries
For 11.3AA IOS Releas, L2TP is supported on the following platforms:
•Cisco 7200 ries
•Cisco AS5200
•Cisco AS5300
•Cisco AS5800
Prerequisites
六一儿童节开场白Prerequisites
A Cisco router or access rver must be using a Cisco IOS software image that supports VPDN and
the hardware platform you are using.
Supported MIBs and RFCs
L2TP is an emerging standard and currently supports the L2TP Internet Engineering Task Force
(IETF) draft document.
Functional Description
floccinaucinihilipilificationThe following ctions are included as part of the functional description:
•L2TP Overview
•Incoming Call Sequence
•LAC AAA Tunnel Definition Lookup
L2TP Overview
The following ctions supply additional detail about the interworkings and Cisco’s implementation
of L2TP. Using L2TP tunneling, an Internet Service Provider (ISP), or other access rvice, can
create a virtual tunnel to link customer's remote sites or remote urs with corporate home networks.
The L2TP access concentrator (LAC) located at the ISP's point of prence (POP) exchanges PPP
messages with remote urs and communicates by way of L2TP requests and respons with the
customer’s L2TP network rver (LNS) to t up tunnels. L2TP pass protocol-level packets
diligence
through the virtual tunnel between end points of a point-to-point connection. Frames from remote
urs are accepted by the ISP's POP, stripped of any linked framing or transparency bytes,
encapsulated in L2TP and forwarded over the appropriate tunnel. The customer's home gateway
accepts the L2TP frames, strips the L2TP encapsulation, and process the incoming frames for
the appropriate interface. Figure2 shows the L2TP tunnel detail and how ur “lsmith” connects to
the LNS to access the designated corporate intranet.
