[c-nsp] How to show ADSL customers two different GW!

Sheremet Roman romka at kharkov.org.ua
Sun Sep 19 04:18:29 EDT 2010


Hi David,

I have  static  &  dynamic pool's in MySQL database, so, i have no pool
configured  on  cisco...  Customers get random ip from free ips from sql.

I'm  use  radreply  for static and radippool for dynamic ips. Ips - in
SQL, VRF - on Cisco, i`m not sure how to configure this ips to VRF :(


Regards,

> On 17/09/2010 06:36, "Sheremet Roman" <romka at kharkov.org.ua> wrote:

>> Hi David,
>> 
>> I  think your config will be very helpful for me, big thanks for this,
>> but i look your config and seems i see one more problem in my case..
>> 
>> Look, i have no VRF setuped now... just thinking, i have no problem to
>> send  attribute  to  static  customers,  i just add to rad_reply table
>> needed  attribute and then add VRF on the cisco... But how i should do
>> same with DYNAMIC ip pool? I don't know which IP gustomer get in next
>> connect, so i don't know which VRF should be used for this customer.
>> 
> You use a dynamic ip pool, you can even re-use the same pool amongst
> multiple vrfs , see
> http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/se
> c_per_vrf_aaa.html


>> 
>> Also,  you show me VRF which export/import from BGP AS as i see, how i
>> can  set ips for VRF which should be matched i dont want export/import
>> from BGP... I have no neighbors for this.

> Ok, there is no need to have the bgp portion of this configuration in such
> case

> Dave.


>> 
>> Regards,
>> 
>>> Heath Jones wrote:
>>>> Yes, you need to assign from radius, but have the vrf's existing on the
>>>> cisco (it must know to map vrf 10 to vlan 10 on the interface to the core
>>>> router).
>>>> 
>>>> The cisco documentation is here, there are some examples down the bottom.
>>>> http://www.ciscosystems.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftvrf
>>>> aaa.html
>>>> It's been a long time since I have done any of this, otherwise I would give
>>>> you a snippet of a working config.. Hope this helps though!
>>>> 
>> 
>>> foo at realm1        Auth-Type:= Local, User-Password == "bar"
>>>         Service-Type = Framed-User,
>>>         Framed-IP-Address = 192.168.243.2,
>>>         Framed-Netmask = 255.255.255.255,
>>>         Framed-Protocol = PPP,
>>> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNA\nip
>>> unnumbered loop0",
>> 
>>> foo at realm2        Auth-Type:= Local, User-Password == "bar"
>>>         Service-Type = Framed-User,
>>>         Framed-IP-Address = 192.168.244.2,
>>>         Framed-Netmask = 255.255.255.255,
>>>         Framed-Protocol = PPP,
>>> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNB\nip
>>> unnumbered loop0",
>> 
>> 
>>> ip vrf VPNA
>>>  description VPNA
>>>  rd 1:1
>>>  vpn id 1:1
>>>  route-target both 1:1
>>> !
>>> ip vrf VPNB
>>>  description VPNB
>>>  rd 1:2
>>>  vpn id 1:2
>>>  route-target both 1:2
>>>  !
>>>  router bgp 1
>>>  !
>>>   address-family ipv4 vrf VPNA
>>>   redistribute connected
>>>   redistribute static
>>>   no auto-summary
>>>   no synchronization
>>>   exit-address-family
>>> !
>>>   address-family ipv4 vrf VPNB
>>>   redistribute connected
>>>   redistribute static
>>>   no auto-summary
>>>   no synchronization
>>>   exit-address-family
>>>   end
>>> !
>> 
>>> interface GigabitEthernet1/0.100
>>>  desc VPNA uplink
>>>  encapsulation dot1q 100
>>>  ip address 10.0.0.1 255.255.255.252
>>> !
>>> interface GigabitEthernet1/0.200
>>>  desc VPNB uplink
>>>  encapsulation dot1q 200
>>>  ip address 172.16.10.1 255.255.255.252
>>> !
>> 
>>> ip route VPNA 0.0.0.0 0.0.0.0 10.0.0.2
>>> ip route VPNB 0.0.0.0 0.0.0.0 172.16.10.2
>> 
>> 
>> 
>>> _______________________________________________
>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>> 
>> 
>> 




-- 
С уважением,
 Sheremet                          mailto:romka at kharkov.org.ua




More information about the cisco-nsp mailing list