Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

After ADSL line goes down then up again, the PPPOE / PPPoA will not come up on SSG.

0

0

Article ID: KB9481 KB Last Updated: 25 Mar 2012Version: 4.0
Summary:

ADSL line on SSG20 went down and up again.
The PPPoE connection to the ISP is not back as expected - packets drop even though the ADSL line is back.

Symptoms:

[Note: The below description applies to PPPoE and PPPoA connections.]

By default, the PPPOE session's PPP parameter is as following:

PPP Parameters:
    lcp echo timeout: 180 seconds, lcp echo retries 10
=======================================================
ssg20-wlan-> get pppoe
PPPoE instance: untrust, id:   0, Instance is enabled
bound to interface adsl1/0 at state Connected
cached MAC addr: 00.12.1e.bf.59.d8
acceptable authentication protocols: ANY
username: B22006388, password: ***************
acceptable AC: unset(default to any)
acceptable service: unset(default to any)
idle timeout: 0 minutes, manual IP configuration: OFF
PPP Parameters:
    lcp echo timeout: 180 seconds, lcp echo retries 10
server AC: BJ-XD-D-ERX1440-B-1, its mac: 00.90.1a.41.ba.48
session ID: 3926, connected for 0 minutes idle for 0 minutes
netmask: 255.255.255.255, default route metric 1
auto connect: 200 seconds
random reconnect: 0 seconds (OFF)
clear ip on disconnect: ON, update dhcp server: ON, admin preference 100
Update Local DNS: ON
Use static IP: OFF
total connections tried: 3, successful connections: 2
in ppp data pkts: 54, out ppp data pkts: 120
in ppp ctrl pkts: 24, out ppp ctrl pkts: 29
in pppoe ctrl pkts: 7, out pppoe ctrl pkts: 8
total input bytes: 7161, total output bytes: 11843
dropped pppoe/ppp ctrl pkts: 0
=========================================================

With this configuration, the firewall will need 180 x 10 seconds to detect the PPPoE connection is disconnected after the ADSL line had gone down.  After these 1800 seconds (30 min) have expired, the firewall will re-negotiate the PPPoE connection. 


Cause:
During the timeout window, the SSG treats the down line as up and will continue to send the packets through PPPOE to the ISP, but the ISP side will drop the packets as invalid.
On the ISP side, the PPPoE connection will be released in a much shorter time (for example, 60 sec). In that example, after 60 seconds, the ADSL interface line is online as far as the ISP is concerned.

Solution:
It is suggested to speed up the detection of the down connection by adjusting the following PPP parameters to smaller values.

For example:
    set pppoe <name> ppp lcp-echo-interval 10
    set pppoe <name> ppp lcp-echo-retries  3


Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search