LNS reassembly is implemented through a generic IPv4 reassembly function that can be shared across multiple ISAs in a nat-group. The same ISA can be independently part of an lns-group and a nat-group.
Traffic that needs to be reassembled is steered to the nat-group via filters. After the fragmented traffic is in the nat-group, it is reassembled and injected back within the same routing context to the lns-group for further L2TP processing.
The configuration steps, along with corresponding CLI syntax examples, are as follows:
Configure two isa groups, a nat-group providing generic reassembly function and a lns-group providing the L2TP services. The ISAs can be shared amongst the groups, or they can be separated per each group:
configure
isa
nat-group 1
active-mda-limit 2
mda 1/1
mda 1/1
lns-group 1
mda 1/1
mda 1/2
Configure redirection of the L2TP traffic to the nat-group performing reassembly:
configure
filter
ip-filter 10
entry 5
match
dst-ip 10.10.10.10 - traffic classification criteria ; in this case LNS tunnel endpoint.
action reassemble
default-action forward
Apply ‛reassembly’ filter on the incoming L2TP traffic:
configure
router
interface from-lac
address 10.0.0.1/24
port 2/2/2
ingress
filter ip 10
Associate the reassembly context with the same service where LNS is configured:
configure
service
vprn 10
reassembly-group 1
l2tp
group "lns-vrf-10" create
ppp
authentication-policy "lns"
proxy-authentication
proxy-lcp
tunnel "lns-test-tunnel" create
lns-group 1
no shutdown
subscriber-interface "int1" create
address 10.20.20.254/24
group-interface "lns-grp-10" lns create
sap-parameters
sub-sla-mgmt
sub-ident-policy "sub-ident"
dhcp
server 192.168.1.1
trusted
client-applications ppp
gi-address 10.20.20.1