# prol2tpd configuration - L2TPv3 ethernet LCCE. # The system block defines system-wide settings. system { # Set the IP addresses and optionally UDP ports that prol2tpd listens on. listen 10.42.42.10 # When the LCCE communicates with peers to setup L2TP tunnels, it # indicates its hostname to peers. This defaults to the Linux # system's hostname but can be overridden. hostname "mylcce" # Log level. log_level notice } # The set of L2TP peers from which L2TP tunnel setup requests are # accepted is defined by peer profiles. peer profile "lcce1" { peer_ipaddr 10.43.1.20 tunnel_profile_name "lcce1" } peer profile "lcce2" { peer_ipaddr 10.44.45.46 tunnel_profile_name "lcce2" } # When a tunnel setup request is received from a peer, parameters for # the new tunnel are defined in a tunnel profile. Tunnel profiles may # be shared by multiple tunnel instances if those tunnels share the # same settings. tunnel profile "lcce1" { # Force L2TPv3. If proto_version is not set, we allow L2TPv2 or # L2TPv3 peers. proto_version 3 # Authenticate the peer using the shared secret configured here. auth_mode authenticated secret "lcce1-tunnel-secret" # Enable AVP hiding. Some AVPs in L2TP control messages may be # hidden to obscure their values from network snoopers. hide_avps yes # Disable UDP checksums. Enable if required. use_udp_checksums no # Send a periodic L2TP Hello message to the peer every 60s. hello_timeout 60 # Close the tunnel if it has no sessions for longer than 60s. idle_timeout 60 # Allow only one tunnel to a peer. use_tiebreaker yes } tunnel profile "lcce2" { proto_version 3 auth_mode authenticated secret "lcce2-tunnel-secret" hide_avps yes use_udp_checksums no hello_timeout 60 idle_timeout 60 use_tiebreaker yes } session profile "lcce1" { pseudowire_profile_name "lcce1-eth-1" remote_end_id "lcce1-l2tpv3-eth-1" use_tiebreaker yes } pseudowire profile "eth" { pseudowire_type eth bridge_name br1 mtu 1500 } tunnel "one" { tunnel_profile_name "one" peer_ipaddr $LCCE_PEER_ADDR session "one" { session_profile_name "one" } }