[c-nsp] How to show ADSL customers two different GW!

Sheremet Roman romka at kharkov.org.ua
Fri Sep 17 01:36:03 EDT 2010 

Hi David,

I  think your config will be very helpful for me, big thanks for this,
but i look your config and seems i see one more problem in my case..

Look, i have no VRF setuped now... just thinking, i have no problem to
send  attribute  to  static  customers,  i just add to rad_reply table
needed  attribute and then add VRF on the cisco... But how i should do
same with DYNAMIC ip pool? I don't know which IP gustomer get in next
connect, so i don't know which VRF should be used for this customer.


Also,  you show me VRF which export/import from BGP AS as i see, how i
can  set ips for VRF which should be matched i dont want export/import
from BGP... I have no neighbors for this.

Regards,

> Heath Jones wrote:
>> Yes, you need to assign from radius, but have the vrf's existing on the
>> cisco (it must know to map vrf 10 to vlan 10 on the interface to the core
>> router).
>> 
>> The cisco documentation is here, there are some examples down the bottom.
>> http://www.ciscosystems.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftvrfaaa.html
>> It's been a long time since I have done any of this, otherwise I would give
>> you a snippet of a working config.. Hope this helps though!
>> 

> foo at realm1        Auth-Type:= Local, User-Password == "bar"
>         Service-Type = Framed-User,
>         Framed-IP-Address = 192.168.243.2,
>         Framed-Netmask = 255.255.255.255,
>         Framed-Protocol = PPP,
> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNA\nip
> unnumbered loop0",

> foo at realm2        Auth-Type:= Local, User-Password == "bar"
>         Service-Type = Framed-User,
>         Framed-IP-Address = 192.168.244.2,
>         Framed-Netmask = 255.255.255.255,
>         Framed-Protocol = PPP,
> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNB\nip
> unnumbered loop0",


> ip vrf VPNA
>  description VPNA
>  rd 1:1
>  vpn id 1:1
>  route-target both 1:1
> !
> ip vrf VPNB
>  description VPNB
>  rd 1:2
>  vpn id 1:2
>  route-target both 1:2
>  !
>  router bgp 1
>  !
>   address-family ipv4 vrf VPNA
>   redistribute connected
>   redistribute static
>   no auto-summary
>   no synchronization
>   exit-address-family
> !
>   address-family ipv4 vrf VPNB
>   redistribute connected
>   redistribute static
>   no auto-summary
>   no synchronization
>   exit-address-family
>   end
> !

> interface GigabitEthernet1/0.100
>  desc VPNA uplink
>  encapsulation dot1q 100
>  ip address 10.0.0.1 255.255.255.252
> !
> interface GigabitEthernet1/0.200
>  desc VPNB uplink
>  encapsulation dot1q 200
>  ip address 172.16.10.1 255.255.255.252
> !

> ip route VPNA 0.0.0.0 0.0.0.0 10.0.0.2
> ip route VPNB 0.0.0.0 0.0.0.0 172.16.10.2



> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/




-- 
С уважением,
 Sheremet                          mailto:romka at kharkov.org.ua

More information about the cisco-nsp mailing list