Naoto MATSUMOTO, profile picture
Uploaded byNaoto MATSUMOTO
2,133 views

Large Scale L2TPv3 Overlay Networking with OSPFv3(DRAFT)

The document discusses the implementation of L2TPv3 tunnel termination over an IPv6 network, detailing configuration guidelines for CentOS 7. It provides commands for OSPFv3 and L2TPv3 setup, including high availability and tunnel failover mechanisms. A sample script for establishing L2TPv3 tunnels is included, demonstrating operational procedures.

Embed presentation

25-Feb-2015 SAKURA Internet Research Center. Senior Researcher / Naoto MATSUMOTO
Basic Ideas L2TPv3 Tunnel termination over IPv6 network
How does it work? Up to 9M L2TPv3 tunnels or 16M vSwitches
How to build it (CentOS7)
OSPFv3 & L2TPv3 Configuration
vSwitch(Bridge) Configuration
Check your L2TPv3 tunnel # tcpdump -i eeaaaaaa1065530 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eeaaaaaa1065530, link-type EN10MB (Ethernet), ... ...178229 ARP, Request who-has 10.255.255.255 (Broadcast) ... ...179250 ARP, Request who-has 10.255.255.255 (Broadcast) ... ...180326 ARP, Request who-has 10.255.255.255 (Broadcast) ... : # arping 10.255.255.255 -I eeaaaaaa1065530 : ^C
Fast OSPFv3 Link Update # vtysh # configure terminal # interface eth0 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 # interface eth1 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 : # end # write # quit # vtysh # configure terminal # interface eth0 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 # interface eth1 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 : # end # write # quit
vSwitch High Availability L2TPv3 Tunnel failover using OSPFv3 LSA update
L2TPv3 Tunnel kickstart script #!/bin/bash exec 2> /tmp/eeaaaaaa1065530.log exec 1>&2 set -x while true; do sleep 10 ip l2tp add tunnel local fd50:eeaa:aaaa:ffff:eeaa:aaaa:106:5530 remote fd50:d026:7eee:1001:eeaa:aaaa:106:5530 tunnel_id 1065530 peer_tunnel_id 1065530 udp_sport 1701 udp_dport 1701 encap udp ip l2tp add session name eeaaaaaa1065530 tunnel_id 1065530 session_id 1065530 peer_session_id 1065530 nmcli device disconnect eeaaaaaa1065530 if [ $(/usr/sbin/ip link show | grep -o eeaaaaaa1065530 | wc -l ) -ne 0 ]; then break fi done exit 0
Thanks for your interset. SAKURA Internet Research Center.

More Related Content

PDF
UNDOCUMENTED Vyatta vRouter: Unbreakable VPN Tunneling (MEMO)
byNaoto MATSUMOTO
 
PDF
Tiny Server Clustering using Vyatta/VyOS (MEMO)
byNaoto MATSUMOTO
 
PDF
Unbreakable VPN using Vyatta/VyOS - HOW TO -
byNaoto MATSUMOTO
 
PDF
An Easy way to build a server cluster without top of rack switches (MEMO)
byNaoto MATSUMOTO
 
PDF
Vyos clustering ipsec
byGireesh Hariharasubramony
 
PPTX
High Availability Server Clustering without ILB(Internal Load Balancer) (MEMO)
byNaoto MATSUMOTO
 
PDF
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
byNaoto MATSUMOTO
 
PDF
IPv4 over IPv6 Tunneling with IPSec [DRAFT]
byNaoto MATSUMOTO
 
UNDOCUMENTED Vyatta vRouter: Unbreakable VPN Tunneling (MEMO)
byNaoto MATSUMOTO
 
Tiny Server Clustering using Vyatta/VyOS (MEMO)
byNaoto MATSUMOTO
 
Unbreakable VPN using Vyatta/VyOS - HOW TO -
byNaoto MATSUMOTO
 
An Easy way to build a server cluster without top of rack switches (MEMO)
byNaoto MATSUMOTO
 
Vyos clustering ipsec
byGireesh Hariharasubramony
 
High Availability Server Clustering without ILB(Internal Load Balancer) (MEMO)
byNaoto MATSUMOTO
 
UNDOCUMENTED Vyatta vRouter: IPv4 over IPv6 Tunneling
byNaoto MATSUMOTO
 
IPv4 over IPv6 Tunneling with IPSec [DRAFT]
byNaoto MATSUMOTO
 

What's hot

PDF
VPNIPSec site to site
byDimitri LEMBOKOLO
 
PDF
How to install OpenStack MITAKA --allinone - cheat sheet -
byNaoto MATSUMOTO
 
PDF
How to ride a 100GbE LAN -MEMO-
byNaoto MATSUMOTO
 
PDF
Configuring GRE Tunnel Through a Cisco ASA Firewall
byHarris Andrea
 
PDF
VYATTAによるマルチパスVPN接続手法
byNaoto MATSUMOTO
 
PDF
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
byHuy Eav
 
PDF
How to Cisco ACI Multi-Pod
byTakehiro Yokoishi
 
PDF
Nxll14 cut through-proxy on asa
byNetwax Lab
 
PDF
Site-to-Site IPSEC VPN Between Cisco ASA and Pfsense
byHarris Andrea
 
PDF
Caso de estudio(ccna4)
byIrwin Viteri
 
PPT
Linux networking
byArmando Reis
 
PDF
SR-IOV, KVM and Intel X520 10Gbps cards on Debian/Stable
byjuet-y
 
PDF
Westermo WeOS Multicast Tunneling
byFabian Vandendyck
 
PDF
Nxll18 vpn (s2 s gre & dmvpn)
byNetwax Lab
 
PDF
SSL Web VPN
byNetwax Lab
 
PDF
Nxll09 access list
byNetwax Lab
 
PDF
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
byNetwax Lab
 
VPNIPSec site to site
byDimitri LEMBOKOLO
 
How to install OpenStack MITAKA --allinone - cheat sheet -
byNaoto MATSUMOTO
 
How to ride a 100GbE LAN -MEMO-
byNaoto MATSUMOTO
 
Configuring GRE Tunnel Through a Cisco ASA Firewall
byHarris Andrea
 
VYATTAによるマルチパスVPN接続手法
byNaoto MATSUMOTO
 
Ip sec vpn with dynamic routing mikrotik and cisco - mikro-tik wiki
byHuy Eav
 
How to Cisco ACI Multi-Pod
byTakehiro Yokoishi
 
Nxll14 cut through-proxy on asa
byNetwax Lab
 
Site-to-Site IPSEC VPN Between Cisco ASA and Pfsense
byHarris Andrea
 
Caso de estudio(ccna4)
byIrwin Viteri
 
Linux networking
byArmando Reis
 
SR-IOV, KVM and Intel X520 10Gbps cards on Debian/Stable
byjuet-y
 
Westermo WeOS Multicast Tunneling
byFabian Vandendyck
 
Nxll18 vpn (s2 s gre & dmvpn)
byNetwax Lab
 
SSL Web VPN
byNetwax Lab
 
Nxll09 access list
byNetwax Lab
 
Eincop Netwax Lab: Site 2 Site VPN with Routing Protocols
byNetwax Lab
 

Viewers also liked

PDF
mmm... beacons
byPhilip Tellis
 
PDF
パブリッククラウドにおけるL2TPv3を用いたサーバ高可用性の評価
byNaoto MATSUMOTO
 
PDF
100GbE NICを使ったデータセンター・ネットワーク実証実験 -メモ-
byNaoto MATSUMOTO
 
PDF
[WIP] ネットワーク仮想化における仮想ネットワークインターフェイス冗長化の考察
byNaoto MATSUMOTO
 
PDF
デバイスとネットワーク仮想化を使ったワイヤレスネットワーク拡張の実証実験 -メモ-
byNaoto MATSUMOTO
 
PDF
大規模なスイッチレス・サーバクラスタリング構築運用の考察
byNaoto MATSUMOTO
 
PDF
データセンターを構成する最新ネットワーク技術動向
byNaoto MATSUMOTO
 
PDF
クラウド時代のネットワーク再入門
byNaoto MATSUMOTO
 
PDF
ネットワーク仮想化と設計図を考える
byNaoto MATSUMOTO
 
mmm... beacons
byPhilip Tellis
 
パブリッククラウドにおけるL2TPv3を用いたサーバ高可用性の評価
byNaoto MATSUMOTO
 
100GbE NICを使ったデータセンター・ネットワーク実証実験 -メモ-
byNaoto MATSUMOTO
 
[WIP] ネットワーク仮想化における仮想ネットワークインターフェイス冗長化の考察
byNaoto MATSUMOTO
 
デバイスとネットワーク仮想化を使ったワイヤレスネットワーク拡張の実証実験 -メモ-
byNaoto MATSUMOTO
 
大規模なスイッチレス・サーバクラスタリング構築運用の考察
byNaoto MATSUMOTO
 
データセンターを構成する最新ネットワーク技術動向
byNaoto MATSUMOTO
 
クラウド時代のネットワーク再入門
byNaoto MATSUMOTO
 
ネットワーク仮想化と設計図を考える
byNaoto MATSUMOTO
 

More from Naoto MATSUMOTO

PDF
Alder Lake-S CPU Temperature Monitoring
byNaoto MATSUMOTO
 
PDF
CPU製品出荷状況と消費電力の見える化
byNaoto MATSUMOTO
 
PDF
5Gの見える化
byNaoto MATSUMOTO
 
PDF
2023年以降のサーバークラスタリング設計(メモ)
byNaoto MATSUMOTO
 
PDF
防災を考慮した水中調査の一考察
byNaoto MATSUMOTO
 
PDF
旅するパケットの見える化
byNaoto MATSUMOTO
 
PDF
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
byNaoto MATSUMOTO
 
PDF
災害時における無線モニタリングによる社会インフラの見える化
byNaoto MATSUMOTO
 
PDF
BeautifulSoup / selenium Deep dive
byNaoto MATSUMOTO
 
PDF
AMDGPU ROCm Deep dive
byNaoto MATSUMOTO
 
PDF
Network Adapter Deep dive
byNaoto MATSUMOTO
 
PDF
RTL2838 DVB-T Deep dive
byNaoto MATSUMOTO
 
PDF
x86_64 Hardware Deep dive
byNaoto MATSUMOTO
 
PDF
ADS-B, AIS, APRS cheatsheet
byNaoto MATSUMOTO
 
PDF
curl --http3 cheatsheet
byNaoto MATSUMOTO
 
PDF
3/4G USB modem Cheat Sheet
byNaoto MATSUMOTO
 
PDF
How To Train Your ARM(SBC)
byNaoto MATSUMOTO
 
PDF
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
byNaoto MATSUMOTO
 
PDF
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
byNaoto MATSUMOTO
 
PDF
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
byNaoto MATSUMOTO
 
Alder Lake-S CPU Temperature Monitoring
byNaoto MATSUMOTO
 
CPU製品出荷状況と消費電力の見える化
byNaoto MATSUMOTO
 
5Gの見える化
byNaoto MATSUMOTO
 
2023年以降のサーバークラスタリング設計(メモ)
byNaoto MATSUMOTO
 
防災を考慮した水中調査の一考察
byNaoto MATSUMOTO
 
旅するパケットの見える化
byNaoto MATSUMOTO
 
LTE-M/NB IoTを試してみる nRF9160/Thingy:91
byNaoto MATSUMOTO
 
災害時における無線モニタリングによる社会インフラの見える化
byNaoto MATSUMOTO
 
BeautifulSoup / selenium Deep dive
byNaoto MATSUMOTO
 
AMDGPU ROCm Deep dive
byNaoto MATSUMOTO
 
Network Adapter Deep dive
byNaoto MATSUMOTO
 
RTL2838 DVB-T Deep dive
byNaoto MATSUMOTO
 
x86_64 Hardware Deep dive
byNaoto MATSUMOTO
 
ADS-B, AIS, APRS cheatsheet
byNaoto MATSUMOTO
 
curl --http3 cheatsheet
byNaoto MATSUMOTO
 
3/4G USB modem Cheat Sheet
byNaoto MATSUMOTO
 
How To Train Your ARM(SBC)
byNaoto MATSUMOTO
 
全国におけるCOVID-19対策の見える化 ~宿泊業の場合~
byNaoto MATSUMOTO
 
我が国の電波の使用状況/携帯電話向け割当 (2019年3月1日現在)
byNaoto MATSUMOTO
 
私たちに訪れる(かもしれない)未来と計算機によるモノコトの見える化
byNaoto MATSUMOTO
 

Recently uploaded

PDF
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
PDF
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Quick Learn Laravel for Beginner from Zero to Survive
byiDev Semarang
 
PDF
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Certified AI-Empowered SAFe 6 Scrum Master.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 
JCB_3CX_SPECS (24 págs) companywrench.com .pdf
byAquilesOyarzn1
 
A Simple Guide to Real Estate Tokenization on XRP Ledger.pdf
byemmajoh2025
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Quick Learn Laravel for Beginner from Zero to Survive
byiDev Semarang
 
Taxonomy Alignment for SDG Tagging - ASHA Case Study
byEnterprise Knowledge
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
Certified AI-Native Foundations Professional.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
How PayPal Account Verification Works – Complete Guide for Online Businesses
byjhdhj3989
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Certified AI-Empowered SAFe 6 Scrum Master.pdf
byMarc Entsminger SPC6, RTE, SSM, SA, SDP
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
AI-Powered Alert Analysis with ClickHouse - DB Mastery Jan'26
byAlkin Tezuysal
 

Large Scale L2TPv3 Overlay Networking with OSPFv3(DRAFT)

  • 1.
    25-Feb-2015 SAKURA Internet ResearchCenter. Senior Researcher / Naoto MATSUMOTO
  • 2.
    Basic Ideas L2TPv3 Tunneltermination over IPv6 network
  • 3.
    How does itwork? Up to 9M L2TPv3 tunnels or 16M vSwitches
  • 4.
    How to buildit (CentOS7)
  • 5.
    OSPFv3 & L2TPv3Configuration
  • 6.
  • 7.
    Check your L2TPv3tunnel # tcpdump -i eeaaaaaa1065530 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eeaaaaaa1065530, link-type EN10MB (Ethernet), ... ...178229 ARP, Request who-has 10.255.255.255 (Broadcast) ... ...179250 ARP, Request who-has 10.255.255.255 (Broadcast) ... ...180326 ARP, Request who-has 10.255.255.255 (Broadcast) ... : # arping 10.255.255.255 -I eeaaaaaa1065530 : ^C
  • 8.
    Fast OSPFv3 LinkUpdate # vtysh # configure terminal # interface eth0 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 # interface eth1 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 : # end # write # quit # vtysh # configure terminal # interface eth0 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 # interface eth1 # ipv6 ospf6 hello-interval 1 # ipv6 ospf6 retransmit-interval 2 # ipv6 ospf6 dead-interval 3 : # end # write # quit
  • 9.
    vSwitch High Availability L2TPv3Tunnel failover using OSPFv3 LSA update
  • 10.
    L2TPv3 Tunnel kickstartscript #!/bin/bash exec 2> /tmp/eeaaaaaa1065530.log exec 1>&2 set -x while true; do sleep 10 ip l2tp add tunnel local fd50:eeaa:aaaa:ffff:eeaa:aaaa:106:5530 remote fd50:d026:7eee:1001:eeaa:aaaa:106:5530 tunnel_id 1065530 peer_tunnel_id 1065530 udp_sport 1701 udp_dport 1701 encap udp ip l2tp add session name eeaaaaaa1065530 tunnel_id 1065530 session_id 1065530 peer_session_id 1065530 nmcli device disconnect eeaaaaaa1065530 if [ $(/usr/sbin/ip link show | grep -o eeaaaaaa1065530 | wc -l ) -ne 0 ]; then break fi done exit 0
  • 11.
    Thanks for yourinterset. SAKURA Internet Research Center.