The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
The AC-name and AC-cookie Tags from PPP over Ethernet (PPPoE) Active Directory Session (PADS) feature prevents a device from sending the access concentrator (AC) information in the PADS packet.
The AC-name and AC-cookie Tags from PPPoE PADS feature is available only on ASR and UNIX platforms.
The AC-name and AC-cookie Tags from PPPoE PADS feature is supported only if the PPPoE Server functionality is supported.
In the Broadband Access (BBA) environment, PPPoE Active Discovery Offer (PADO) sent from the Broadband Remote Access Server (BRAS) includes the AC-cookie tags (0x0104) and the AC-name tag (0x0102) along with a service-name tag identical to the one in the PPPoE Active Directory Initiation (PADI) and any number of other service-name tags indicating other services that access concentrator (AC) offers.
The AC-name is a string that uniquely identifies the particular AC. The AC-cookie tags are used by the AC to protect the denial-of-service (DoS) attacks.
The PPPoE Active Directory Request (PADR) from the Customer Premise Equipment (CPE) host also includes AC-name and AC-cookie tags received in PADO. BRAS repeats the AC information in the PPPoE Active Discovery Session-Confirmation (PADS) packet sent in response to PADR received from client (CPE).
When BRAS generates a unique session identifier for the PPPoE session, the AC-name and AC-cookie tags need not be sent in the PADS. This feature prevents sending the AC information in the device.
| Command or Action | Purpose | |
|---|---|---|
|
Step 1 |
enable Example: |
Enables privileged EXEC mode.
|
|
Step 2 |
configure terminal Example: |
Enters global configuration mode. |
|
Step 3 |
pppoe pads disable-ac-info Example: |
Defines a PPP over Ethernet (PPPoE) profile, and prevents the device from sending the AC-name and AC-cookie tags in the PADS packet. |
|
Step 4 |
end Example: |
Exits global configuration mode and returns to privileged EXEC mode. |
You can verify the Disabling AC-name and AC-cookie Tags from PPPoE PADS feature by enabling the debug pppoe tag command.
Device> enable
Device# debug pppoe tag
*Sep 6 07:46:25.352: PPPoE 0: I PADI R:aabb.cc00.6401 L:ffff.ffff.ffff Et1/0
*Sep 6 07:46:25.352: Service tag: NULL Tag
*Sep 6 07:46:25.352: PPPoE 0: O PADO, R:aabb.cc00.6501 L:aabb.cc00.6401 Et1/0
*Sep 6 07:46:25.352: Service tag: NULL Tag
*Sep 6 07:46:25.353: PPPoE 0: I PADR R:aabb.cc00.6401 L:aabb.cc00.6501 Et1/0
*Sep 6 07:46:25.353: Service tag: NULL Tag
*Sep 6 07:46:25.353: PPPoE : encap string prepared
*Sep 6 07:46:25.353: [2]PPPoE 2: Access IE handle allocated
*Sep 6 07:46:25.353: [2]PPPoE 2: AAA get retrieved attrs
*Sep 6 07:46:25.353: [2]PPPoE 2: AAA get nas port details
*Sep 6 07:46:25.353: [2]PPPoE 2: AAA get dynamic attrs
*Sep 6 07:46:25.353: [2]PPPoE 2: AAA unique ID D allocated
*Sep 6 07:46:25.353: [2]PPPoE 2: No AAA accounting method list
*Sep 6 07:46:25.353: [2]PPPoE 2: Service request sent to SSS
*Sep 6 07:46:25.354: [2]PPPoE 2: Created, Service: None R:aabb.cc00.6501 L:aabb.cc00.6401 Et1/0
*Sep 6 07:46:25.354: [2]PPPoE 2: State NAS_PORT_POLICY_INQUIRY Event SSS MORE KEYS
*Sep 6 07:46:25.354: [2]PPPoE 2: data path set to PPP
*Sep 6 07:46:25.354: [2]PPPoE 2: Segment (SSS class): PROVISION
*Sep 6 07:46:25.354: [2]PPPoE 2: State PROVISION_PPP Event SSM PROVISIONED
*Sep 6 07:46:25.354: [2]PPPoE 2: Disable AC info from PADS
*Sep 6 07:46:25.354: [2]PPPoE 2: O PADS R:aabb.cc00.6401 L:aabb.cc00.6501 Et1/0
Device> enable
Device# configure terminal
Device(config)# pppoe pads disable-ac-info
Device(config)# end
|
Related Topic |
Document Title |
|---|---|
| Description | Link |
|---|---|
|
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. |
The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.|
Feature Name |
Releases |
Feature Information |
|---|---|---|
|
AC-name and AC-cookie knob for PPPoE PADS |
Cisco IOS XE Release 3.12S |
This feature prevents a device from sending access concentrator information in the PADS packet. The following commands were introduced or modified: pppoe pads disable-ac-info . |
Feedback