[c-nsp] RADIUS-assigned IPv6 inside VRF

[Daniel Verlouw]

Hi list,

has anyone had any luck with RADIUS-assigned IPv6 prefixes *inside* a
VRF ? 

I've tried the following A/V pairs:
- Framed-IPv6-Route (static)
- Framed-IPv6-Prefix (DHCPv6-PD)
- and Cisco-AVPair ipv6:route (static) or ipv6:prefix (DHCPv6-PD)

When I use the A/V pairs for static IPv6 routes, IOS tries to install
the prefix in the global routing table instead of the VRF:

E.g. 
  Cisco-AVPair = "lcp:interface-config#1=vrf forwarding test"
  Cisco-AVPair += "lcp:interface-config#2=ip unnumbered lo1000"
  Framed-IPv6-Route = "2001:X:X::/48" 
results in:

080962: *Jul 21 14:03:03 CEST: %LINK-3-UPDOWN: Interface
Virtual-Access5, changed state to up
080963: *Jul 21 14:03:03 CEST: %PARSER-5-CFGLOG_LOGGEDCMD: User:console
logged command:ipv6 route 2001:X:X::/48   Virtual-Access5 

labbox#sh ipv6 route vrf test 2001:X:X::/48
% Route not found


When I use the A/V pairs for DHCPv6-PD, simply nothing happens at all
(verified with ip routing debugging), even though the CPE does acquire
the correct prefix.

interface Virtual-Access5
 vrf forwarding test
 ip unnumbered Loopback1000
 ip verify unicast source reachable-via rx
 no ip redirects
 no ip proxy-arp
 ipv6 enable
 no ipv6 nd prefix framed-ipv6-prefix
 no ipv6 nd ra suppress
 no ipv6 redirects
 ipv6 verify unicast source reachable-via rx
 ipv6 dhcp server DHCPv6 rapid-commit
 no snmp trap link-status

labbox#sh run | sec incl vrf def
vrf definition test
 rd <rd>
 route-target export <rt>
 route-target import <rt>
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!


This is all on c7200-advipservicesk9-mz.124-24.T3.bin.

Any clue appreciated.

Cheers,
   Daniel.