PPPoE: Basic Troubleshooting

March, 2018

Akira HayashiSE Manager - Japan

C8EA

2 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

5BOLSRVNCPPPoE+)NTPU���A04I�� @�H�4F��K��A*EI5?K�@! ?7=��6JD7;.PPPoE�$�#A+9I�G1BNTPU2��7;��-�OLSRVNA'(B��K�%A-�H�4F��K��B�-(&�2�,@��) �"MQWND>0 �:3<6/.

PPPoE ��) "/FQJR?PUE3T:&��$/DUR

3 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

• PPPoE��) "/FQJR?PUE3T:&+�)�*DUR0��#,$�

DUR ��

PAN-OS Web ��4TAUI64@ I/F�, PPPoE���, ?@ENS:*��-H;CF8OKBO*��, TS(��=LUF)I14R*�('&��

PAN-OS <MTGQ4T4TAUI64@ ��75TA�*��, PPPoE debug pcap*�('&��

Wireshark PA&�#%PCAP*��&��

Ping/traceroute 9Q42TF� !.*��E@F('&��

Web JQ5> 9Q42TF� !.*��E@F('&��

PPPoE ������+6/8%5<*�;#��

4 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

�

LAN • ���������

LAN • �;'<. �&�����

�

• PPPoE�;'<. �&�(�!�;+, IP�,9&)•8<*�;#, NAT, 27%<�

:#=!�;'

•%&*3:#���•!�;'����

PCAP

•-$)+"40(4���• PPPoE�����-$)+918���

PPPoE 7�cRVm����y���r�v� 56M

5 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

ü LAN56$Ad}t~up PAdPPPoEdH�TEon_PmLAN I/Fa�B@>FCj��d�~���u.�adLdLANw���T$AXnNLink���e32Y_PfZS�⇒ LANw���p0YU$AY_U]XPO

ü G%dPPPoE@>��szT��Y_Pm��d$A,#d}t~up �?�BTx���Y_PmPPPoE)�{~y��%(�D;ce�T�P)pIQm��szT$AXn_Pf[qS��PA��d��szT1�]Vd��`i�{~y���9Zm,#cb^_Pm��NPAp$AY_iPPPoE{~y��d<=e���⇒ PPPoE)�{~y��%pIQbP-Nyz��,#p�(Y_U]XPO

ü �~���u���d:8*4d}t~u

p H�1gdPAp56;c$AZm,#�(d|s��v`�~���u���T:8YfY\S�⇒ Wd��NPPPoE�+$A�w~�(PADI)T�KcJXnmWa` PPPoE�B�d@>FC�d�-ckl��'LPPPoE$A�� 6T/Zm\hN��'L!."c0YP�~���u$A,#`� $Ap�&Y_U]XPO

PPPoE ��'��+9?=A2>D8.C1G ��E��F

6 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

ü PA(���'=BD:;C:AD5�(�����$�+��(6/70p ��(=BD:;C:AD5%PPPoE=@73*!)<44AD�����'&#$�* -�H

⇒ PPPoE=@73*!)<44AD��,�'�$�"���

PPPoE ��?/3EZd_eTajYIiPk ��*

7 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

ü PPPoE HNKiZ#�@WLXOp PPPoE���@bjS, ]Uhj[>=@HNKiZA�52� 4F:.B60l

⇒�5.HNKiZ��G� 5:�4.-

ü PPPoE IPH[fU#�@WLXO (LAN� IPH[fU��;�1D>. @C)p PPPoE JiVj^LJU;��6EIPH[fUA'�?� 4F:.B60l

⇒ ISP0DHRJi4F8IPR_\XZ@�+IP H[fU (\XZhjOH[fU() G PA@PPPoEG��?58JiVj^LJU?� 5:294.-

<PPPoE%$���@gP�>

<PPPoE�����@gP�(PPP IPCP\QTMjTci@��1��) >

←TUY`gP"��,^IeVjG03E<PPPoE)&gP@C"�47E�1�!

PPPoE !�F9<Kcoiq[lwbOuV{ sVxTQu^�G_R`U

8 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

p PPPoE NTQucJIPNdr\�(j\G��G[\bksVFA8BH5�

u PPPoE�%�G[wWu\D+;7KcoiqWw\y�)z

���{ NTT�,�)0� IP1�&Ywg\GPu^hRw\(hr`a[pw]) https://flets.com/pdf/ip-int-flets-3.pdf

PAC “PADO” fW`c: ���E8|v���G�6G�*�vPPPoE$#-':��"F��M��>B8K�*�

mwZ/.G��;PAF�(=L?PPPoE NTQucI?Hf\twd:42@B8K�*�

IPNdr\eX[Sw[nuG��; (LAN �IP ��G��zPAGPPPoEPu^whRP\F�(=L?Global IPNdr\:3CHE8�*�

PPPoE ��8*.=QZU\IYaOA`Fe ^FbDB`L�9MCNEc -d

9 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

p PPPoE @DB`Q/TK_aR, IP@R]K�#WK9��9IKOX^F83)4:�(?�

ü PPPoE� 969�&5��/4)=+?CLI��5�%0=��Ø PPPoEPAKDS[KOaJ5��/4)=��

admin@PA-VM> show pppoe interface ethernet1/1

Interface: ethernet1/1PPPoE State: InitiatingPPP State: DisconnectedAccess Concentrator:AC MAC: 00:00:00:00:00:00Authentication via: AutoPassive mode: DisabledUsername: fixed-ip-user1@pppoelab.localLocal IP: 0.0.0.0Primary DNS IP: 0.0.0.0Secondary DNS IP: 0.0.0.0Primary WINS IP: 0.0.0.0Secondary WINS IP: 0.0.0.0Remote IP: 0.0.0.0Session ID: 0Link MTU: 0

PPPoE/PPP Counters:PPPoE control packets received: 0PPPoE control packets sent: 64PPP control packets received: 0PPP control packets sent: 0

��HV`R *I/F�:�'8��/4)=<98�>1=

PPPoE9KOaQ, “Initiating” 9;;8724)=

AC ( !���$") 9Mac Address,�409;;

PPPoE��TGNQ?�/4)7)

PPPoE � 8)->QXUZIW]OA\Fa [F^DB\L�9MCNE_ ,`

10 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

ü PPPoE� 969�&5��.4(>*@CLI��5�%/>��Ø PPPoEPAKDSYKO]J:����.2+ 19�9PPP KO]J5��.4(>�

admin@PA> show pppoe interface ethernet1/1

Interface: ethernet1/1PPPoE State: Pending PPPPPP State: Negotiating LCPAccess Concentrator: lab_pppoe_serverAC MAC: 00:0c:29:9f:b9:b9Authentication via: AutoPassive mode: DisabledUsername: fixed-ip-user1@pppoelab.localLocal IP: 0.0.0.0Primary DNS IP: 0.0.0.0Secondary DNS IP: 0.0.0.0Primary WINS IP: 0.0.0.0Secondary WINS IP: 0.0.0.0Remote IP: 0.0.0.0Session ID: 3Link MTU: 0

PPPoE/PPP Counters:PPPoE control packets received: 3PPPoE control packets sent: 2PPP control packets received: 1PPP control packets sent: 2

��HV\R *I/F:�'8��.4(><98?0>

PPPoE9KO]Q+ “Pending PPP” 8734(>

AC (�!���$") 9Mac Address @�#.4(>

PPPoE)=;PPP ��TGNQ@��.4(>

PPPoE ��6*-<NTQUGSZL@XF_ WF\DBXI�7JCKE]!,^

11 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

ü PPPoEMOKFWF7��*;9$�

1. PPPoEMOKFWFVRU7�� (warn → dump)

2. PPPoEMOKFWF7$� �debugWF%'�6TSP?AU>��0=8 debugWF+27�6"��6:=:0

3. PPPoEMOKFWFVRU>�6�0 (dump → warn) ��1 #/3�.)

admin@PA> debug pppoed global show (�7MOKFVRU7$�)

sw.pppoed.runtime.debug.level: warn

admin@PA> debug pppoed global on dump (MOKFVRU7��)

sw.pppoed.runtime.debug.level: dump

admin@PA> debug pppoed global on warn (MOKFVRU7��)

sw.pppoed.runtime.debug.level: warn

admin@PA> tail follow yes mp-log pppoed.log (CTRL+C 4 �/:0)

2018-03-30 08:21:01.429 +0900 debug: pan_pppoe_send_padi(pan_pppoe_fsm.c:402): [0xf4227148/16][1] Sending PADI on ethernet1/1

2018-03-30 08:21:01.429 +0900 debug: pan_pppoe_output(pan_pppoe_thread.c:1016): [0xf4227148/16][1] Sent 44 (36 on wire) bytes of PPPoE pkt to DP on socket 6

2018-03-30 08:21:01.429 +0900 debug: pan_ppp_get_pppoe_fsm(pan_ppp_fsm.c:108): Found ppp_fsm_info[1] unit for ifindex: 16, pppoe_fsm 0xf4227148

2018-03-30 08:21:01.430 +0900 debug: pan_pppoed_select_callback(pan_pppoe_thread.c:185):

2018-03-30 08:21:01.430 +0900 debug: pan_pppoed_select_callback(pan_pppoe_thread.c:189): [0xf4227148]/16] len:76 ---------[Received a PPPoE/PPP ctrl packet]--------------

2018-03-30 08:21:01.430 +0900 debug: pan_pppoe_recv_pkt(pan_pppoe_fsm.c:1296): [0xf4227148/16][1] Received PPPoE pkt from AC mac: 00:0c:29:9f:b9:b9 on: ethernet1/1

2018-03-30 08:21:01.430 +0900 debug: pan_pppoe_recv_pkt(pan_pppoe_fsm.c:1301): [0xf4227148/16][1] etype:0x8863, Code:0x7(PADO), Sess ID:0, Len:56

2018-03-30 08:21:01.430 +0900 debug: pan_pppoe_recv_pkt(pan_pppoe_fsm.c:1309): [0xf4227148/16][1] ******** Run PPPoE FSM *******

2018-03-30 08:21:01.430 +0900 debug: pan_pppoe_recv_pado(pan_pppoe_fsm.c:721): [0xf4227148/16][1] Received PADO on ethernet1/1

2018-03-30 08:21:01.430 +0900 debug: parse_pppoe_tags(pan_pppoe_fsm.c:260): Retrieved tag:0x102(PAN_PPPOE_AC_NAME_TAG) of length:16 and value:lab_pppoe_server

YY

PPPoE6(0<&�5����>��0<RHN5��[

PPPoE ����� 3;7=+:@2#?)B PCAP�A0&1(

12 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

• PA�WebUI !����5*13'9809! ����(Monitor > Packet Capture)

1

4

2

3

65

7

6"$=�!(<1(� �6"$=�/%?>@4������

PPPoE !����� LAN $?.@6&$-

�IP5*13���

��-2@,���-2@,�5*13!'9809�

PPPoE ��)� ,=E@G6CK;/I4M PCAP�L91:3

13 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

• Wireshark ('*.AF5K6DI-��%�!#2BA9B<K8-��! PPPoE��)��%'*��&� !#�-��J��!+"�

�MLAN� IP.>H7��&PPPoE 0I8K?107)��$#IP.>H7-�!#��

��*�HVS08!RGKXktpv-+!S"��;2S&�{L 6|

14 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

• PPPoE�4R�3MYOpxzlnylvzh (NAT/DHCPdzn'7�J) T�$�o[^\_`zvHVPARuqwzgNX��D PAP��SInternet�3,()rzkS.QDHCPat^\ykS�5RUWD��SPPPoE�3ktpv-+�F08�%S��(gcfszv:�S-+)Z;KX�I�7PNE*� ktpveszj]yb1S��I�9

B08�C

BB Router

^yhzmik

#/<>=

A@?�3

B08�C

^yhzmik

#/<>=

A@?�3

B��"�&�C

BB Router

^yhzmik

#/<>=

A@?�3

e1/1

e1/2 ←���I/F�DHCPClient������

� TAC>=/.C7�<�";��W�X

15 | © 2018, Palo Alto Networks, Inc. Confidential and Proprietary.

• PPPoE�!)1��58�</7(2%+-A06?�=��D3���4.,1. & =��+���!����

2. TS(MHOUJSVNQEFU) *�#=��0A24�$��<��4B8@=3. PA:��58PILNGTRKTQEFU

*TSQEFU=���' (Device > Support > Generate Tech Support File)

�#��� 24�$��<��4B8QEFUD3��294.