Mobile L2TP Technical: Difference between revisions
(Created page with "An L2TP tunnel is established using the pre-agreed IP addresses, hostname and shared secret. Note that if your LNS rejects the tunnel connection, or fails to respond to the SC...") |
mNo edit summary |
||
(13 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
__NOTOC__<indicator name="L2TP">[[File:Menu-L2TP.svg|link=:Category:L2TP|30px|Back up to the L2TP Category]]</indicator> |
|||
An L2TP tunnel is established using the pre-agreed IP addresses, hostname and shared secret. Note that if your LNS rejects the tunnel connection, or fails to respond to the SCCRQ or a subsequent HELLO, then it will be |
An L2TP tunnel is established using the pre-agreed IP addresses, hostname and shared secret. Note that if your LNS rejects the tunnel connection, or fails to respond to the SCCRQ or a subsequent HELLO, then it will be block for 5 minutes allowing further connections to go to the fall-back LNSs. |
||
Once the tunnel is established, a session is established for each connecting data SIM. |
Once the tunnel is established, a session is established for each connecting data SIM. |
||
Line 6: | Line 7: | ||
{|class="wikitable" |
{|class="wikitable" |
||
! Attribute || || Meaning |
|||
|- |
|- |
||
| Assigned Session ID || 14 || Session ID |
| Assigned Session ID || 14 || Session ID |
||
Line 15: | Line 16: | ||
|} |
|} |
||
==ICCN== |
|||
{|class="wikitable" |
|||
! Attribute || || Meaning |
|||
|- |
|||
| Framing Type || 19 || Always 1 (PPP) |
|||
|- |
|||
| Initial Received LCP CONFREQ || 26 || As received / negotiated by proxy |
|||
|- |
|||
| Last Sent LCP CONFREQ || 27 || As sent / negotiated by proxy |
|||
|- |
|||
| Last Received LCP CONFREQ || 28 || As received / negotiated by proxy |
|||
|- |
|||
| Proxy Authen Type || 29 || Will always be CHAP |
|||
|- |
|||
| Proxy Authen Name || 30 || User name from mobile device, typically blank |
|||
|- |
|||
| Proxy Authen Challenge || 31 || Chap challenge |
|||
|- |
|||
| Proxy Authen ID || 32 || Chap challenge ID |
|||
|- |
|||
| Proxy Authen Response || 33 || Chap response hash |
|||
|- |
|||
| Tx connect speed || 24 || Present if advised by mobile network |
|||
|- |
|||
| Rx connect speed || 38 || Present if advised by mobile network |
|||
|} |
|||
==Limitations== |
==Limitations== |
||
Line 24: | Line 52: | ||
==Connect Speed== |
|||
We've seen various devices give odd Connect Speed settings when they connect. EG, OSX sends: |
|||
Connect Speed: 1000000 |
|||
And a Pfsense has been seen to send 10Mbit/s and even the source code had it hard coded to 10Mbit/s. |
|||
[[File:L2TP OS X speed weirdness.png|thumbnail|TCP Dump of OSX L2TP highlighting the 'Connect Speed']] |
|||
This means that it is asking for a 1Mbit/s connection. This does not looks like it's configurable either. |
|||
From May 2016 we ignore the Connect Speed, and simply limit the speed to 100Mbit/s at our side. |
|||
[[Category: |
[[Category:L2TP Handover]] |
||
[[Category: |
[[Category:L2TP]] |
Latest revision as of 09:26, 16 Haziran 2020
An L2TP tunnel is established using the pre-agreed IP addresses, hostname and shared secret. Note that if your LNS rejects the tunnel connection, or fails to respond to the SCCRQ or a subsequent HELLO, then it will be block for 5 minutes allowing further connections to go to the fall-back LNSs.
Once the tunnel is established, a session is established for each connecting data SIM.
ICRQ
Attribute | Meaning | |
---|---|---|
Assigned Session ID | 14 | Session ID |
Call Serial Number | 15 | Present if received from mobile network |
Calling Number | 22 | 19 digit ICCID of SIM, starting 8944 |
ICCN
Attribute | Meaning | |
---|---|---|
Framing Type | 19 | Always 1 (PPP) |
Initial Received LCP CONFREQ | 26 | As received / negotiated by proxy |
Last Sent LCP CONFREQ | 27 | As sent / negotiated by proxy |
Last Received LCP CONFREQ | 28 | As received / negotiated by proxy |
Proxy Authen Type | 29 | Will always be CHAP |
Proxy Authen Name | 30 | User name from mobile device, typically blank |
Proxy Authen Challenge | 31 | Chap challenge |
Proxy Authen ID | 32 | Chap challenge ID |
Proxy Authen Response | 33 | Chap response hash |
Tx connect speed | 24 | Present if advised by mobile network |
Rx connect speed | 38 | Present if advised by mobile network |
Limitations
- Only available on data SIMs.
- Called Number is a fixed APN and not the one entered on the phone, which is ignored.
- Reduced MTU of 1450 is in operation when L2TP is run over the internet. This restriction can be removed to allow full 1500 byte MTU where direct *Baby-jumbo frame links are available from us to your LNS.
- User-Name passed is what is provided by the mobile which is usually blank. Do not use the password 'password' as this will not be passed through.
- IPv6 is not available yet, but is planned for the future if possible.
Connect Speed
We've seen various devices give odd Connect Speed settings when they connect. EG, OSX sends:
Connect Speed: 1000000
And a Pfsense has been seen to send 10Mbit/s and even the source code had it hard coded to 10Mbit/s.
This means that it is asking for a 1Mbit/s connection. This does not looks like it's configurable either.
From May 2016 we ignore the Connect Speed, and simply limit the speed to 100Mbit/s at our side.