[c-nsp] How to show ADSL customers two different GW!
David Freedman
david.freedman at uk.clara.net
Thu Sep 16 12:09:01 EDT 2010
Heath Jones wrote:
> Yes, you need to assign from radius, but have the vrf's existing on the
> cisco (it must know to map vrf 10 to vlan 10 on the interface to the core
> router).
>
> The cisco documentation is here, there are some examples down the bottom.
> http://www.ciscosystems.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftvrfaaa.html
> It's been a long time since I have done any of this, otherwise I would give
> you a snippet of a working config.. Hope this helps though!
>
foo at realm1 Auth-Type:= Local, User-Password == "bar"
Service-Type = Framed-User,
Framed-IP-Address = 192.168.243.2,
Framed-Netmask = 255.255.255.255,
Framed-Protocol = PPP,
Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNA\nip
unnumbered loop0",
foo at realm2 Auth-Type:= Local, User-Password == "bar"
Service-Type = Framed-User,
Framed-IP-Address = 192.168.244.2,
Framed-Netmask = 255.255.255.255,
Framed-Protocol = PPP,
Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNB\nip
unnumbered loop0",
ip vrf VPNA
description VPNA
rd 1:1
vpn id 1:1
route-target both 1:1
!
ip vrf VPNB
description VPNB
rd 1:2
vpn id 1:2
route-target both 1:2
!
router bgp 1
!
address-family ipv4 vrf VPNA
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf VPNB
redistribute connected
redistribute static
no auto-summary
no synchronization
exit-address-family
end
!
interface GigabitEthernet1/0.100
desc VPNA uplink
encapsulation dot1q 100
ip address 10.0.0.1 255.255.255.252
!
interface GigabitEthernet1/0.200
desc VPNB uplink
encapsulation dot1q 200
ip address 172.16.10.1 255.255.255.252
!
ip route VPNA 0.0.0.0 0.0.0.0 10.0.0.2
ip route VPNB 0.0.0.0 0.0.0.0 172.16.10.2
More information about the cisco-nsp
mailing list