L2TP V3 is an Internet Engineering Task Force (IETF) standard used for transporting different types of layer 2 frames in an IP network and profile. L2TP V3 defines control and encapsulation protocols for tunneling layer 2 frames between two IP nodes.
Use L2TP V3 to create tunnels for transporting layer 2 frames. L2TP V3 enables controllers, service platforms, and access points to create tunnels for transporting Ethernet frames to and from bridge VLANs and physical ports. L2TP V3 tunnels can be defined between WiNG managed devices and other vendor devices supporting the L2TP V3 protocol.
NoteA pseudowire is an emulation of a layer 2 point-to-point connection over a packet-switching network (PSN). A pseudowire was developed out of the necessity to encapsulate and tunnel layer 2 protocols across a layer 3 network.
Ethernet VLAN pseudowires transport Ethernet frames to and from a specified VLAN. One or more L2TP V3 tunnels can be defined between tunnel end points. Each tunnel can have one or more L2TP V3 sessions. Each tunnel session corresponds to one pseudowire. An L2TP V3 control connection (a L2TP V3 tunnel) needs to be established between the tunneling entities before creating a session.
For optimal pseudowire operation, both the L2TP V3 session originator and responder must know the psuedowire type and identifier. These two parameters are communicated during L2TP V3 session establishment. An L2TP V3 session created within an L2TP V3 connection also specifies multiplexing parameters for identifying a pseudowire type and ID.
NoteIf connecting an Ethernet port to another Ethernet port, the pseudowire type must be Ethernet port. If connecting an Ethernet VLAN to another Ethernet VLAN, the pseudowire type must be Ethernet VLAN.
|Hostname||Define a 64 character maximum hostname to specify the name of the host that sent tunnel messages. Tunnel establishment involves exchanging 3 message types (SCCRQ, SCCRP, and SCCN) with the peer. Tunnel IDs and capabilities are exchanged during the tunnel establishment with the host|
|Router ID||Set either the numeric IP address or the integer used as an identifier for tunnel AVP messages. AVP messages assist in the identification of a tunneled peer|
|Integer||Select IP Address from the Router ID drop-down to configure the IP address filed|
|UDP listen port||Select this option to set the port used for listening to incoming traffic. Select a port from 1,024 to 65,535. The default port is 1701|
|Bridge tunnels||Select or deselect this option to enable or deactivate bridge packets between two tunnel end points. This setting is unselected by default|
|Logging slider||Select this option to enable the logging of Ethernet frame events to and from bridge VLANs and physical ports on a defined IP address, host or router ID. This setting is grayed out by default|
|IP Address||Use a peer tunnel ID address to capture and log L2TP V3 events|
|Hostname||If not using an IP address for event logging, optionally use a peer tunnel hostname to capture and log L2TP V3 events|
|Router ID||If not using an IP address or a hostname for event logging, use a router ID to capture and log L2TP V3 events|
Use the tunnel configuration settings to create or override a profile's L2TPv3 tunnel configuration at the device level.
|Name||Displays the name of each listed L2TPv3
tunnel assigned upon creation
For new configuration, assign a name
|Local IP Address||Lists the IP address assigned as the local tunnel end point address, not the interface IP address. This IP is used as the tunnel source IP address. If this parameter is not specified, the source IP address is chosen automatically based on the tunnel peer IP address|
|MTU||Displays the MTU size for each listed tunnel. The MTU is the size (in bytes) of the largest protocol data unit that the layer can pass between tunnel peers. The range is 128 to 1460|
|Tunnel Policy||Lists the L2TPv3 tunnel policy assigned to each listed tunnel|
|Router ID||Specifies the router ID sent in the tunnel establishment messages|
|Hostname||Lists the tunnel specific hostname used by each listed tunnel. This is the hostname advertised in tunnel establishment messages|
|Establishment Criteria||Specifies tunnel criteria between two peers|
|VRRP group||Select VRRP group between 1 and 255|
|ID||Set peer ID to 1 or
If the peer is not specified, tunnel establishment does not occur. However, if a peer tries to establish a tunnel with this access point, it creates the tunnel if the hostname and/or Router ID matches
|IP Address||Lists the IP address of the remote peer|
|Hostname||List the tunnel specific hostname used by the remote peer|
|Router ID||Specify the router ID sent in the tunnel establishment messages|
|Encapsulation (IP or UDP)||
Select the IP option to enter the numeric IP address used as the destination peer address for tunnel establishment
Select UDP encapsulation between 1,024 and 65,535. The default value is 1071
Select this option to enable security on the connection between the access point and the Virtual Controller
Specify the IP Address of the IPSec Secure Gateway
|Action||Use the option to delete an entry|
Rate limit manages the maximum rate sent to or received from L2TPv3 tunnel members. Select Add to configure rate limit settings:
|Session Name||Use the drop-down menu to select the tunnel session that will have the direction, burst size, and traffic rate settings applied|
|Direction||Select the direction for L2TPv3 tunnel traffic
Egress traffic is outbound L2TPv3 tunnel data coming to the controller, service platform or access point.
Ingress traffic is inbound L2TPv3 tunnel data coming to the controller, service platform, or access point
|Rate||Set the data rate (from 50 to 1,000,000 kbps) for
egress or ingress traffic rate limit (depending on
which direction is selected) for an L2TPv3
The default setting is 5000 kbps
|Max Burst Size||Set the maximum burst size for egress or ingress
traffic rate limit (depending on which direction is
selected) on a L2TPv3 tunnel.
Set a maximum burst size between 2 to 1024 kbytes. The smaller the burst, the less likely the upstream packet transmission will result in congestion for L2TPv3 tunnel traffic.
The default setting is 320 bytes
|Background||Set the random early detection threshold in % for
background traffic. Set a value from 1% to 100%.
The default is 50%
|Best Effort||Set the random early detection threshold in % for
best effort traffic. Set a value from 1% to
The default is 50%
|Video||Set the random early detection threshold in % for
video traffic. Set a value from 1% to 100%.
The default is 25%
|Voice||Set the random early detection threshold in % for
voice traffic. Set a value from 1% to 100%.
The default is 25%
|Name||Type a 31 character maximum session name. There is no idle timeout for a tunnel. A tunnel is not usable without a session and a subsequent session name. The tunnel is closed when the last session tunnel session is closed|
|Psuedowire ID||Define a psuedowire ID for this session from 1 to 4,294,967,295. A pseudowire is an emulation of a layer 2 point-to-point connection over a PSN. A pseudowire was developed out of the necessity to encapsulate and tunnel layer 2 protocols across a layer 3 network|
|Traffic Source Type||Select traffic type tunneled in this session (VLAN)|
|Traffic Source Value||Define a VLAN range to include in the tunnel session. Available VLAN ranges are from 1 to 4,094|
|Native VLAN||Select this option to provide a VLAN ID that will not be tagged in tunnel establishment and packet transfer|
|Name||Name for the manual session. You can define it or edit it|
|Tunnel IP address||Specify the IP address used as the tunnel source IP address. If not specified, the tunnel source IP address is selected automatically based on the tunnel peer IP address|
|Local session ID||Set the numeric identifier for the tunnel session between 1 to 63. This is the pseudowire ID for the session. This pseudowire ID is sent in session establishment message to the L2TP peer|
|Remote session ID||Define a remote session ID for this manual session from 1 to 4,294,967,295.|
|MTU||Define the session MTU as the size (in bytes) of the largest protocol data unit the layer can pass between tunnel peers in this session. The range is 128 to 1460.|
|IP address||Set the IP address of an L2TP tunnel peer. This is the peer allowed to establish the tunnel|
|Encapsulation||Select either IP or UDP as the peer encapsulation protocol. The default setting is IP. UDP uses a simple transmission model without implicit handshakes|
|UDP port||If UDP encapsulation is selected, use the UDP port drop-down to define the UDP encapsulation port. This is the port where the L2TP service is running. The range is 1,024 to 65,535. The default port is 1,701|
|Traffic source type||Select traffic type tunneled in this session (VLAN)|
|Traffic source value||Define the VLAN range (1 to 4,094) to include in the tunnel. Tunnel session data includes VLAN tagged frames|
|Native VLAN||Select Native VLAN to define the native VLAN that will not be tagged. The range is 1 to 4.094|
|Size||Set the size of the cookie field within each L2TP data packet. Options include 0, 4, and 8. The default setting is 0|
|Value 1||Set the cookie value's first word|
|Value 2||Set the cookie value's second word|
|End Point||Define whether the tunnel end point is local or remote|