[c-nsp] MPLS VPN with lot of PPP interfaces and central firewall
Gerald Krause
gk at ax.tc
Fri Feb 19 05:29:03 EST 2010
Am 19.02.2010 06:43, Gerald Krause schrieb:
> Grrrr... maybe 12.2(33)SRD3 doesn't support HDVRF even it's mentioned
> that it should do so in the FN??? I just stumbled upon the fact this IOS
> seems not to recognize the "downstream" keyword:
>
> ROUTER(config-if)#vrf forwarding VRFTEST ?
> <cr>
For the record: I was able to track this down with Oli (thx again!!).
1) In SRD3 the MPLS Half Duplex VRF (HDVRF) Feature is (still?) hidden
an you must use "service internal" to activate it.
2) The RADIUS Profile for PPP HDVRF Sessions should look like this...
Cisco-avpair="ip:vrf-id=VRFTEST downstream VRFTEST-DOWN",
Cisco-avpair="ip:ip-unnumbered=Loopback102"
...and *not* like this as I tried it before:
Cisco-AVPair="lcp:interface-config#2=ip vrf forwarding VRFTEST
downstream VRFTEST-DOWN"
Cisco-AVPair="lcp:interface-config#3=ip unnumbered Loopback102"
Cheers,
Gerald
More information about the cisco-nsp
mailing list