Install L2TP multihop for better scaling

By using L2TP multihop protocol, you can improve the scalability of your VPN.

Scalability is always a requirement with anything having to do with networking. This tip offers a protocol that can improve the scalability of your VPN.

If you are considering implementing a very large, secure dialup network using L2TP, (Layer two tunneling protocol) you should consider enhancing your scalability by using a layered approach to your L2TP Access Clients (LAC) and L2TP Network Servers (LNS). This can be accomplished using "L2TP Multihop".

Generally, when a remote user dials into the network, his phone call is terminated at the LAC, which then establishes a L2TP session between itself and the LNS. The LNS terminates the L2TP tunnel. In other words, the LNS connects the tunnel with the private network. With L2TP Multihop, the LAC will establish a session with the LNS and that LNS will itself then act as a LAC and establish another session with another LNS.

By redirecting tunnels on behalf of the client LAC to many other LNS, a set of devices acting as LNS and LAC can aggregate a number of access devices (LAC) so that the total tunnels aren't constrained by the ability of one LNS.

The configuration of a Cisco router performing L2TP Multihop might look something like this:

!
vpdn enable
vpdn multihop
!
vpdn-group 1
accept dialin l2tp virtual-template 1 remote xyz
local name abc
!
vpdn-group 2
request dialin l2tp ip 192.168.1.1 domain searchnetworking.com
local name abc

If a client wants to access the searchnetworking.com domain, the router automatically creates a L2TP tunnel between itself and 192.168.1.1 (unless one already exists) and redirects the client's traffic from the first tunnel to the new tunnel. You can create vpdn-groups for multiple domains.


Thomas Alexander Lancaster IV is a consultant and author with over 15 years experience in the networking industry, focused on Internet infrastructure.


This was first published in September 2005
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchNetworking

SearchUnifiedCommunications

SearchTelecom

SearchSDN

Close