GPRS VPDN L2TP [Connection Process Sequences] & Log Analyze

Posted on August 13, 2007. Filed under: GPRS |

Hari yang melelahkan.. 13 July 2007.

Brian dari Primanet hari ini submit log router AS5300 untuk compare GPRS nya yang masih Error. Setelah dicheck, setelah phase L2TP SCCRQ harusnya parse SCCN.. Namun sisi Primanet sudah stopCCN yang berati user sudah terminate / disconnect. Hal ini membuatku untuk menganalisa satu persatu setiap log yang berhasil.

Log dari speednet router akan dicompare dengan Log yang failed.

Status perangkat saat ini

– GGSN XL [Huawei] sbg LAC – SPEEDNET [Cisco 7200] sebagai LNS

— —– STEP BY STEPS GPRS LOG PROSES ——

+++++++++++++++++++++++++

+ TUNNEL ESTABLISHMENT +
+++++++++++++++++++++++++

gprs-l2tp-auth-proses.gif

The PPP/L2TP Connection Sequence

This is the connection sequence of events:

1. The remote user initiates a PPP connection. The LAC accepts the connection. A PPP link is established.
2. LCP is negotiated between the remote user and LAC. The LAC issues a Challenge Handshake Authentication Protocol (CHAP) challenge in order to perform a partial authentication of the remote user. The reply is sent to the LNS during session establishment. The reply is sent as attribute-value pair (AVP) 33 proxy authentication response in the Incoming-Call-Connected (ICCN).
3. The DNIS is used to determine whether the user is a virtual private dial-up network (VPDN) client.
4. Because there is no existing tunnel for the dialed number (614629), creation of a new tunnel is necessary. RADIUS is queried and the tunnel information is downloaded to the LAC.
5. The control connection is started. The tunnel is in an IDLE state:
* The tunnel initiator (in this case, the LAC) sends a Start-Control-Connection-Request (SCCRQ) to the LNS. The SCCRQ contains an AVP 11 challenge, which indicates that the LAC wants to authenticate the tunnel with use of a CHAP-style authentication. The same secret is known to both tunnel endpoints. The tunnel is now in a WAIT-CTL-REPLY state.
* The LNS can bring up the tunnel, so the LNS replies with a Start-Control-Connection-Reply (SCCRP). The SCCRP contains an AVP 11 challenge and an AVP 13 challenge response in reply to the SCCRQ. The tunnel is now in a WAIT-CTL-REPLY state.
* The LAC responds with a Start-Control-Connection-Connected (SCCCN) message. The SCCCN contains an AVP 13 in reply to the SCCRP. The tunnel is now in an Established state.
* The LNS sends a Zero-Length Body (ZLB) message to the LAC. The ZLB message is a sequenced acknowledgement. The tunnel is now in an Established state.
6. The tunnel authentication is now complete and the tunnel is established. The session is now in an IDLE state.
7. Now that the tunnel exists, a three-way exchange for session establishment within the tunnel is performed:
* The LAC sends an Incoming-Call-Request (ICRQ) with the parameter information for the session. The session is now in a Wait Reply state.
* The LNS sends an Incoming-Call-Reply (ICRP) that contains the session ID. The session is now in a Wait Connect state.
* The LAC sends an ICCN and provides the LNS with additional information for the answered call. This information includes the LCP information from the negotiation that the LAC and remote user performed. The session is now in an Established state.
* The LNS sends a ZLB message, which is a sequenced acknowledgement, to the LAC. The session is now in an Established state.
8. After establishment of the session, a virtual access interface is created on the LNS. The LCP configuration information that was delivered in the ICCN is forced onto the virtual access interface PPP stack. This information includes the partial authentication information.
9. The LNS generates an authentication challenge. The proxy authentication response AVP 33, which was delivered in the ICCN, is replayed.
10. Normal authentication, authorization, and accounting (AAA) or PPP authentication and authorization takes place.
11. A RADIUS Access-Request is sent for per-user authentication and authorization.
12. A RADIUS Access-Accept is received.

Note: RADIUS has been configured to allow the IP address that the remote user has offered in the incoming IPCP Configure-Request.
13. A CHAP success message is sent to the remote user.
14. PPP IPCP negotiation completes and is declared OPEN. A host route is installed to the remote interface. The remote user is now connected, and traffic flow can commence.

+++++++++++++++++++++++++++++++++++++++++++++
+ Tunnel Establishment Persi Rahman Isnaini +
+++++++++++++++++++++++++++++++++++++++++++++

:: User Dial ke APN http://www.speed.net.id

Aug 13 06:58:46.920: VPDN CEF From tunnel: Received 147 byte pak
Aug 13 06:58:46.920: L2X: Punting to L2TP control message queue
Aug 13 06:58:46.920: VPDN CEF From tunnel: Pak consumed
Aug 13 06:58:46.920: L2X: Parse AVP 0, len 8, flag 0x8000 (M)
Aug 13 06:58:46.920: L2X: Parse SCCRQ
:: ROUTER-VPDN-ISP terima SCCRQ (State Control Connection Request) dari GGSN
:: sebagai Tunnel Initiator.

Aug 13 06:58:46.920: L2X: Parse AVP 2, len 8, flag 0x8000 (M)
Aug 13 06:58:46.920: L2X: Protocol Ver 256
Aug 13 06:58:46.920: L2X: Parse AVP 7, len 13, flag 0x8000 (M)
Aug 13 06:58:46.920: L2X: Hostname ggsnlac
:: –> GGSN-XL (LAC)

Aug 13 06:58:46.920: L2X: Parse AVP 8, len 12, flag 0x0
Aug 13 06:58:46.920: L2X: Vendor Name HuaWei

:: –> GGSN VENDOR

Aug 13 06:58:46.924: L2X: Parse AVP 3, len 10, flag 0x8000 (M)
Aug 13 06:58:46.924: L2X: Framing Cap 0x3
Aug 13 06:58:46.924: L2X: Parse AVP 9, len 8, flag 0x8000 (M)
Aug 13 06:58:46.924: L2X: Assigned Tunnel ID 9
:: –> ROUTER-VPDN-ISP Assign Tunnel 9

Aug 13 06:58:46.924: L2X: Parse AVP 10, len 8, flag 0x8000 (M)
Aug 13 06:58:46.924: L2X: Rx Window Size 64
Aug 13 06:58:46.924: L2X: Parse AVP 11, len 22, flag 0x8000 (M)
Aug 13 06:58:46.924: L2X: Chlng
Aug 13 06:58:46.924: L2X: No missing AVPs in SCCRQ
:: ROUTER-VPDN-ISP check SCCRQ yang berisi AVP 11

Aug 13 06:58:46.924: L2X: I SCCRQ, flg TLS, ver 2, len 101, tnl 0, cl 0, ns 0, nr 0 contiguous pak, size 101
Aug 13 06:58:46.924: L2TP: I SCCRQ from ggsnlac tnl 9
Aug 13 06:58:46.924: Tnl 22396 L2TP: Got a challenge in SCCRQ, ggsnlac
:: CHAP STYLE untuk L2TP Tunnel Authentication antara LAC (GGSN XL) dan LNS (ROUTER-VPDN-ISP)
:: Secret Key “huaweiXL” di Exchange disini

Aug 13 06:58:46.924: Tnl 22396 L2TP: New tunnel created for remote ggsnlac, address 202.152.240.154
:: ROUTER-VPDN-ISP (LNS) sudah create Tunnel 9 untuk GGSN-XL (LAC) dan siap bring “UP” tunnel.

Aug 13 06:58:46.924: Tnl 22396 L2TP: O SCCRP to ggsnlac tnlid 9
Aug 13 06:58:46.924: Tnl 22396 L2TP: O SCCRP, flg TLS, ver 2, len 154, tnl 9, cl 0, ns 0, nr 1
:: ROUTER-VPDN-ISP Reply SCCRQ GGSN-XL (LAC) dengan SCCRP (State Control Connection Reply) bahwa Tunnel sudah siap.

Aug 13 06:58:46.924: Tnl 22396 L2TP: Control channel retransmit delay set to 1 seconds
Aug 13 06:58:46.924: Tnl 22396 L2TP: Tunnel state change from idle to wait-ctl-reply
:: STATUS Tunnel yang dicreate berubah dari “IDLE”ke “WAIT-CTL-REPLY”

Aug 13 06:58:47.156: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 1/1, our ns/nr 1/1
Aug 13 06:58:47.156: Tnl 22396 L2TP: Peer acknowledging through 1
Aug 13 06:58:47.156: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 2/1, our ns/nr 1/2
Aug 13 06:58:47.160: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 1/1, our ns/nr 1/3, tunnel->peer_nr 1
Aug 13 06:58:47.160: Tnl 22396 L2TP: Clean resendQ, peer_nr 1, last_rx_nr 0
Aug 13 06:58:47.160: Tnl 22396 L2TP: Cleaned ns 0 from resendQ
Aug 13 06:58:47.160: Tnl 22396 L2TP: Currently 0 messages on the resend queue
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse SCCCN
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 13, len 22, flag 0x8000 (M)
:: ROUTER-VPDN-ISP menerima SCCCN (State Control Connected) dari GGSN XL [LAC] yang berisi AVP 13 (Attribute Value Pair)
:: sebagai respon dari SCCRP yang dikirimkan sebelumnya.

Aug 13 06:58:47.160: Tnl 22396 L2TP: Chlng Resp
Aug 13 06:58:47.160: Tnl 22396 L2TP: No missing AVPs in SCCCN
Aug 13 06:58:47.160: Tnl 22396 L2TP: I SCCCN, flg TLS, ver 2, len 42, tnl 22396, cl 0, ns 1, nr 1 contiguous pak, size 42
Aug 13 06:58:47.160: Tnl 22396 L2TP: Sending ZLB ACK ns/nr 1/3
:: ROUTER-VPDN-ISP check AVP 13 dalam SCCCN dari GGSN
:: dan mengirim ZLB ACK (Zero Lenght Body) Acknowledgement ke GGSN-XL [LAC]
:: Sebagai tanda Tunnel siap untuk establish.

Aug 13 06:58:47.160: Tnl 22396 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 9, cl 0, ns 1, nr 3
Aug 13 06:58:47.160: Tnl 22396 L2TP: I SCCCN from ggsnlac tnl 9
Aug 13 06:58:47.160: Tnl 22396 L2TP: Got a Challenge Response in SCCCN from ggsnlac
Aug 13 06:58:47.160: Tnl 22396 L2TP: Tunnel Authentication success
Aug 13 06:58:47.160: Tnl 22396 L2TP: Tunnel state change from wait-ctl-reply to established
:: ROUTER-VPDN-ISP menerima ACK (acknowledgement) dari GGSN-XL [LAC]
:: CHAP Style Tunnel authentication berhasil
:: Tunnel Establish.

++++++++++++++++++++++++++++++++++++++++++++++
+ 3 WAY EXCHANGE untuk Session Establishment +
++++++++++++++++++++++++++++++++++++++++++++++

Aug 13 06:58:47.160: Tnl 22396 L2TP: SM State established
Aug 13 06:58:47.160: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 2/1, our ns/nr 1/3, tunnel->peer_nr 1
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse ICRQ
:: ROUTER-VPDN-ISP menerima ICRQ [Incoming Call Request] dari GGSN XL [LAC]

Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 14, len 8, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Assigned Call ID 53711
:: CALLER ID

Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 15, len 10, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Serial Number 53711
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 18, len 10, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Bearer Type 3
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 21, len 10, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Called Number 8888
Aug 13 06:58:47.160: Tnl 22396 L2TP: Parse AVP 22, len 19, flag 0x8000 (M)
Aug 13 06:58:47.160: Tnl 22396 L2TP: Calling Number 6281808644365
:: CALLING NUMBER [Nomer XL yang dial APN]

Aug 13 06:58:47.160: Tnl 22396 L2TP: No missing AVPs in ICRQ
:: ROUTER-VPDN-ISP check APV dalam ICRQ dari GGSN-XL [LAC]

Aug 13 06:58:47.160: Tnl 22396 L2TP: I ICRQ, flg TLS, ver 2, len 77, tnl 22396, cl 0, ns 2, nr 1 contiguous pak, size 77
Aug 13 06:58:47.160: Tnl 22396 L2TP: I ICRQ from ggsnlac tnl 9
Aug 13 06:58:47.160: Tnl/Sn 22396/68 L2TP: Session FS enabled
Aug 13 06:58:47.160: Tnl/Sn 22396/68 L2TP: Session state change from idle to wait-connect
:: Session Tunnel status berubah dari IDLE ke Wait-Connect

Aug 13 06:58:47.160: Tnl/Sn 22396/68 L2TP: New session created
Aug 13 06:58:47.160: Tnl/Sn 22396/68 L2TP: O ICRP to ggsnlac 9/53711
:: ROUTER-VPDN-ISP respon ICRQ GGSN-XL dengan mengirimkan ICRP [Incoming Call Reply] yang berisi session ID [53711]

Aug 13 06:58:47.160: Tnl/Sn 22396/68 L2TP: O ICRP, flg TLS, ver 2, len 28, tnl 9, cl 53711, ns 1, nr 3
Aug 13 06:58:47.160: Tnl 22396 L2TP: Control channel retransmit delay set to 1 seconds
Aug 13 06:58:47.420: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 3/2, our ns/nr 2/3
Aug 13 06:58:47.420: Tnl 22396 L2TP: Peer acknowledging through 2
Aug 13 06:58:47.420: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 3/2, our ns/nr 2/4, tunnel->peer_nr 2
Aug 13 06:58:47.420: Tnl 22396 L2TP: Clean resendQ, peer_nr 2, last_rx_nr 1
Aug 13 06:58:47.420: Tnl 22396 L2TP: Cleaned ns 1 from resendQ
Aug 13 06:58:47.424: Tnl 22396 L2TP: Currently 0 messages on the resend queue
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse ICCN
:: GGSN-XL respon dengan mengirimkan ICCN [Incoming Call Connected]
:: ke ROUTER-VPDN-ISP yang berisi informasi negosiasi LCP-LCP antara GGSN-XL dan USER.
:: termasuk user mengirimkan username APN

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 24, len 10, flag 0x8000 (M)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Connect Speed 0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 19, len 10, flag 0x8000 (M)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Framing Type 3
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 26, len 10, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Initial LCPREQ
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 27, len 14, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Last Sent LCPREQ
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 28, len 10, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Last Rx LCPREQ
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 36, len 38, flag 0x8000 (M)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Random Vector

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 29, len 8, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Proxy Auth Type 3
:: Proxy Authentication dalam Proses.

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 30, len 38, flag 0x4000 (H)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Proxy Auth Name sid@speed.net.id
:: Username Authentication

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 32, len 8, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Proxy Auth ID 0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 33, len 22, flag 0x4000 (H)
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Proxy Auth Resp
:: ROUTER-VPDN-ISP [LNS] generate Authentication Challenge.
:: Proxy Auth merespon melalui AVP 33

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: Parse AVP 37, len 10, flag 0x0
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: No missing AVPs in ICCN
:: ROUTER-VPDN-ISP check AVPs Authentication.

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: I ICCN, flg TLS, ver 2, len 198, tnl 22396, cl 68, ns 3, nr 2 contiguous pak, size 198
Aug 13 06:58:47.424: Tnl 22396 L2TP: Sending ZLB ACK ns/nr 2/4
:: ROUTER-VPDN-ISP mengirim ZLB ACK ke GGSN-XL [LAC]

Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 9, cl 0, ns 2, nr 4
Aug 13 06:58:47.424: Tnl/Sn 22396/68 L2TP: I ICCN from ggsnlac tnl 9, cl 53711
:: GGSN XL mengirimkan ZLB control ack menggunakan ICCN ke ROUTER-VPDN-ISP
:: bahwa Session [Virtual Interface] siap establish

Aug 13 06:58:47.424: sid@speed.net.id Tnl/Sn 22396/68 L2TP: Session state change from wait-connect to wait-for-service-selection
Aug 13 06:58:47.452: Vi3 Tnl/Sn 22396/68 L2TP: Virtual interface created for sid@speed.net.id, bandwidth 100000 Kbps
Aug 13 06:58:47.452: Vi3 Tnl/Sn 22396/68 L2TP: VPDN session up
Aug 13 06:58:47.452: Vi3 Tnl/Sn 22396/68 L2TP: Session state change from wait-for-service-selection to established
:: ROUTER-VPDN-ISP create Virtual Interface untuk username : sid@speed.net.id dengan bw 100000 kbps
:: Session established.

Aug 13 06:58:47.456: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to up
:: Virtual Interface [Virtual-Access3] langsung UP di ROUTER-VPDN-ISP.
:: USER HARUSNYA SUDAH DAPAT IP dan BISA AKSES INTERNET via GPRS

Aug 13 06:58:47.456: Vi3 VPDN FS Network to tunnel: Punted 45 byte pak to l2x process queue
Aug 13 06:58:47.456: Vi3 VPDN FS Network to tunnel: Punted 50 byte pak to l2x process queue
Aug 13 06:58:47.456: Vi3 VPDN PROCESS Into tunnel: Sending 45 byte pak
Aug 13 06:58:47.456: L2X: UDP socket write 45 bytes, 10.170.41.198(1701) to 202.152.240.154(1701)
Aug 13 06:58:47.456: Vi3 VPDN PROCESS Into tunnel: Sending 50 byte pak
Aug 13 06:58:47.456: L2X: UDP socket write 50 bytes, 10.170.41.198(1701) to 202.152.240.154(1701)
Aug 13 06:58:47.740: VPDN CEF From tunnel: Received 76 byte pak
Aug 13 06:58:47.740: Vi3 VPDN FS Tunnel to network: Sending 24 byte pak
Aug 13 06:58:47.740: Vi3 VPDN CEF Tunnel to network: Fastswitching failed, punting pkt to process
Aug 13 06:58:47.740: Vi3 VPDN CEF From tunnel: Punted 24 byte pak to ppp parse and iqueue
Aug 13 06:58:47.740: VPDN CEF From tunnel: Received 64 byte pak
Aug 13 06:58:47.740: Vi3 VPDN FS Tunnel to network: Sending 12 byte pak
Aug 13 06:58:47.740: Vi3 VPDN CEF Tunnel to network: Fastswitching failed, punting pkt to process
Aug 13 06:58:47.740: Vi3 VPDN CEF From tunnel: Punted 12 byte pak to ppp parse and iqueue
Aug 13 06:58:47.740: Vi3 VPDN FS Network to tunnel: Punted 62 byte pak to l2x process queue
Aug 13 06:58:47.740: Vi3 VPDN PROCESS Into tunnel: Sending 62 byte pak
Aug 13 06:58:47.740: L2X: UDP socket write 62 bytes, 10.170.41.198(1701) to 202.152.240.154(1701)
Aug 13 06:58:48.036: VPDN CEF From tunnel: Received 76 byte pak
Aug 13 06:58:48.036: Vi3 VPDN FS Tunnel to network: Sending 24 byte pak
Aug 13 06:58:48.036: Vi3 VPDN CEF Tunnel to network: Fastswitching failed, punting pkt to process
Aug 13 06:58:48.036: Vi3 VPDN CEF From tunnel: Punted 24 byte pak to ppp parse and iqueue
Aug 13 06:58:48.036: Vi3 VPDN FS Network to tunnel: Punted 62 byte pak to l2x process queue
Aug 13 06:58:48.036: Vi3 VPDN PROCESS Into tunnel: Sending 62 byte pak
Aug 13 06:58:48.036: L2X: UDP socket write 62 bytes, 10.170.41.198(1701) to 202.152.240.154(1701)
Aug 13 06:58:48.036: Vi3 VPDN FS Network to tunnel: Punted 116 byte pak to l2x process queue
Aug 13 06:58:48.036: Vi3 VPDN PROCESS Into tunnel: Sending 116 byte pak
Aug 13 06:58:48.036: L2X: UDP socket write 116 bytes, 10.170.41.198(1701) to 202.152.240.154(1701)

+++++++++++++++++++++
+ DISCONNECT PROSES +
+++++++++++++++++++++

gprs-l2tp-disconnect-proses.gif

The PPP/L2TP Disconnect Sequence

1.The remote user drops the ISDN link in order to drop the call to the LAC.
2.The LAC PPP state machine terminates and the LCP state is Closed.
3.In order to notify the LNS of the disconnection of the session, the LAC sends a Call-Disconnect-Notify (CDN) and destroys the session. The CDN contains an AVP 1 result code, which has “Loss of carrier” as the reason for the disconnect. The session is now in an IDLE state.
4.The LNS sends a ZLB message, which is a sequenced acknowledgement, and destroys the session. The session is now in an IDLE state.
5.The LNS takes down the local PPP interface. The virtual access interface changes state to Down:
* IPCP is closed, LCP is closed, and the PPP state machine is declared Down.
* The host route to the remote user is removed from the LNS routing table.
* The tunnel state is now No-Sessions-Left on both the LAC and the LNS.
6.Because this is the last session within the tunnel, the control connection can now be shut down. The default timers for tunnel shutdown are 10 seconds for the LNS and 15 seconds for the LAC.
7.The LNS sends a Stop-Control-Connection-Notification (Stop-CCN) to the LAC in order to close down the control connection and tunnel. The Stop-CCN contains the reason for the tunnel shutdown, which is “Request to clear control connection”. The tunnel is now in an IDLE state.
8.The LAC sends a ZLB message, which is a sequenced acknowledgement, to the LNS. The tunnel is now in an IDLE state.
9. The tunnel is now shut down.

Note: Either the LAC or LNS can initiate the session and control connection teardown. It is not necessary to clear the sessions within the tunnel before the tunnel can be shut down.

++++++++++++++++++++++++
+ Persi Rahman Isnaini +
++++++++++++++++++++++++

:: User Disconnect
:: LAC [GGSN XL] Terima Request dari User

Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Parse AVP 0, len 8, flag 0x8000 (M)
Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Parse CDN
:: GGSN-XL [LAC] mengirimkan CDN [Call Disconnect Notify] ke ROUTER-VPDN-ISP dan destroy Session.
:: CDN ini berisi AVP 1 dengan Result Code (1) : Loss of Carrier (link putus :))
:: lihat dibawah :

Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Parse AVP 1, len 10, flag 0x8000 (M)
Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Result code(1): 1: Loss of carrier
Aug 13 06:58:55.776: Error code(0): No error
Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Parse AVP 14, len 8, flag 0x8000 (M)
Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: Assigned Call ID 53711
Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: No missing AVPs in CDN
:: ROUTER-VPDN-ISP check AVP-AVP dari GGSN [LAC]

Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: I CDN, flg TLS, ver 2, len 38, tnl 22396, cl 68, ns 4, nr 2 contiguous pak, size 38
Aug 13 06:58:55.776: Tnl 22396 L2TP: Sending ZLB ACK ns/nr 2/5
:: ROUTER-VPDN-ISP mengirimkan ZLB [Zero Length Body] ke GGSN [LAC] untuk Acknowledge CDN.

Aug 13 06:58:55.776: Vi3 Tnl/Sn 22396/68 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 9, cl 0, ns 2, nr 5
Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: I CDN from ggsnlac tnl 9, cl 53711
:: Respon dari GGSN-XL [LAC] acknowledge Tunnel Session ID 53711 untuk di destroy

Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: disconnect (L2X) IETF: 2/lost-carrier Ascend: 61/VPDN Carrier Loss
Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: Destroying session
:: ROUTER-VPDN-ISP destroy Tunnel Session

Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: Session state change from established to idle
:: Tunnel Session berubah status dari Establish ke Idle.

Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: Accounting stop sent
Aug 13 06:58:55.780: Vi3 Tnl/Sn 22396/68 L2TP: Unbinding session from idb
Aug 13 06:58:55.780: Vi3 VPDN: Resetting interface
Aug 13 06:58:55.780: Tnl 22396 L2TP: Tunnel state change from established to no-sessions-left
Aug 13 06:58:55.780: Tnl 22396 L2TP: No more sessions in tunnel, shutdown (likely) in 10 seconds
Aug 13 06:58:55.784: %LINK-3-UPDOWN: Interface Virtual-Access3, changed state to down
:: ROUTER-VPDN-ISP stop accounting dan unbinding session.
:: Tunnel Session berubah status ke no-sessions-left
:: Interface Virtual-Access3 berubah status ke DOWN setelah 10 detik di ROUTER-VPDN-ISP [LNS]
:: dan 15 detik di GGSN-XL [LAC] (default shutdown
:: interface bila session dalam tunnel sudah tidak ada lagi)

Aug 13 06:58:56.600: VPDN CEF From tunnel: Received 84 byte pak
Aug 13 06:58:56.600: L2X: Punting to L2TP control message queue
Aug 13 06:58:56.600: VPDN CEF From tunnel: Pak consumed
Aug 13 06:58:56.600: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 4/2, our ns/nr 2/5
Aug 13 06:58:56.604: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 4/2, our ns/nr 2/5, tunnel->peer_nr 2
Aug 13 06:58:56.604: Tnl 22396 L2TP: Dropping old CM CDN, Ns 4, expected 5
Aug 13 06:58:56.784: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access3, changed state to down
Aug 13 06:58:57.648: VPDN CEF From tunnel: Received 84 byte pak
Aug 13 06:58:57.648: L2X: Punting to L2TP control message queue
Aug 13 06:58:57.648: VPDN CEF From tunnel: Pak consumed
Aug 13 06:58:57.648: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 4/2, our ns/nr 2/5
Aug 13 06:58:57.648: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 4/2, our ns/nr 2/5, tunnel->peer_nr 2
Aug 13 06:58:57.648: Tnl 22396 L2TP: Dropping old CM CDN, Ns 4, expected 5
Aug 13 06:58:58.664: VPDN CEF From tunnel: Received 84 byte pak
Aug 13 06:58:58.664: L2X: Punting to L2TP control message queue
Aug 13 06:58:58.664: VPDN CEF From tunnel: Pak consumed
Aug 13 06:58:58.664: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 4/2, our ns/nr 2/5
Aug 13 06:58:58.664: Tnl 22396 L2TP: Process ctrl pkt peer ns/nr 4/2, our ns/nr 2/5, tunnel->peer_nr 2
Aug 13 06:58:58.664: Tnl 22396 L2TP: Dropping old CM CDN, Ns 4, expected 5 (sent zlb ack)
Aug 13 06:58:58.664: Tnl 22396 L2TP: Sending ZLB ACK ns/nr 2/5
Aug 13 06:58:58.664: Tnl 22396 L2TP: O ZLB ctrl ack, flg TLS, ver 2, len 12, tnl 9, cl 0, ns 2, nr 5
Aug 13 06:59:05.780: Tnl 22396 L2TP: O StopCCN to ggsnlac tnlid 9
:: ROUTER-VPDN-ISP mengirimkan StopCCN (Stop Control Connection Notification) ke GGSN-XL [LAC]
:: untuk close down control connection dan tunnel.
:: yang berisi juga reasons kenapa tunnel harus di shutdown.
:: serta mengirimkan ZLB Ack juga ke GGSN-XL

Aug 13 06:59:05.780: Tnl 22396 L2TP: O StopCCN, flg TLS, ver 2, len 38, tnl 9, cl 0, ns 2, nr 5
Aug 13 06:59:05.780: Tnl 22396 L2TP: Control channel retransmit delay set to 1 seconds
Aug 13 06:59:05.780: Tnl 22396 L2TP: Tunnel state change from no-sessions-left to shutting-down
Aug 13 06:59:06.096: VPDN CEF From tunnel: Received 64 byte pak
Aug 13 06:59:06.096: L2X: Punting to L2TP control message queue
Aug 13 06:59:06.100: VPDN CEF From tunnel: Pak consumed
Aug 13 06:59:06.100: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 5/3, our ns/nr 3/5
Aug 13 06:59:06.100: Tnl 22396 L2TP: Peer acknowledging through 3
Aug 13 06:59:06.100: Tnl 22396 L2TP: Dropped ZLB ACK
:: GGSN-XL kirim Dropped ZLB ACK ke ROUTER-VPDN-ISP

Aug 13 06:59:06.204: VPDN CEF From tunnel: Received 64 byte pak
Aug 13 06:59:06.204: L2X: Punting to L2TP control message queue
Aug 13 06:59:06.204: VPDN CEF From tunnel: Pak consumed
Aug 13 06:59:06.204: Tnl 22396 L2TP: Verify ns/nr, peer ns/nr 5/3, our ns/nr 3/5
Aug 13 06:59:06.204: Tnl 22396 L2TP: Dropped ZLB ACK
Aug 13 06:59:06.780: Tnl 22396 L2TP: Clean resendQ, peer_nr 3, last_rx_nr 2
Aug 13 06:59:06.780: Tnl 22396 L2TP: Cleaned ns 2 from resendQ
Aug 13 06:59:06.780: Tnl 22396 L2TP: Currently 0 messages on the resend queue
Aug 13 06:59:06.780: Tnl 22396 L2TP: Control channel retransmit delay set to 1 seconds
Aug 13 06:59:10.780: Tnl 22396 L2TP: Shutdown tunnel
:: TUNNEL SHUTDOWN.

Aug 13 06:59:10.780: Tnl 22396 L2TP: Tunnel state change from shutting-down to idle

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: