[c-nsp] How to show ADSL customers two different GW!

David Freedman david.freedman at uk.clara.net
Sun Sep 19 04:40:36 EDT 2010 

Well, are you not running a routing protocol such that these per-user
statics are injected correctly?


On 19/09/2010 09:18, "Sheremet Roman" <romka at kharkov.org.ua> wrote:

> Hi David,
> 
> I have  static  &  dynamic pool's in MySQL database, so, i have no pool
> configured  on  cisco...  Customers get random ip from free ips from sql.
> 
> I'm  use  radreply  for static and radippool for dynamic ips. Ips - in
> SQL, VRF - on Cisco, i`m not sure how to configure this ips to VRF :(
> 
> 
> Regards,
> 
>> On 17/09/2010 06:36, "Sheremet Roman" <romka at kharkov.org.ua> wrote:
> 
>>> Hi David,
>>> 
>>> I  think your config will be very helpful for me, big thanks for this,
>>> but i look your config and seems i see one more problem in my case..
>>> 
>>> Look, i have no VRF setuped now... just thinking, i have no problem to
>>> send  attribute  to  static  customers,  i just add to rad_reply table
>>> needed  attribute and then add VRF on the cisco... But how i should do
>>> same with DYNAMIC ip pool? I don't know which IP gustomer get in next
>>> connect, so i don't know which VRF should be used for this customer.
>>> 
>> You use a dynamic ip pool, you can even re-use the same pool amongst
>> multiple vrfs , see
>> http://www.cisco.com/en/US/docs/ios/sec_user_services/configuration/guide/se
>> c_per_vrf_aaa.html
> 
> 
>>> 
>>> Also,  you show me VRF which export/import from BGP AS as i see, how i
>>> can  set ips for VRF which should be matched i dont want export/import
>>> from BGP... I have no neighbors for this.
> 
>> Ok, there is no need to have the bgp portion of this configuration in such
>> case
> 
>> Dave.
> 
> 
>>> 
>>> Regards,
>>> 
>>>> Heath Jones wrote:
>>>>> Yes, you need to assign from radius, but have the vrf's existing on the
>>>>> cisco (it must know to map vrf 10 to vlan 10 on the interface to the core
>>>>> router).
>>>>> 
>>>>> The cisco documentation is here, there are some examples down the bottom.
>>>>> http://www.ciscosystems.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftv
>>>>> rf
>>>>> aaa.html
>>>>> It's been a long time since I have done any of this, otherwise I would
>>>>> give
>>>>> you a snippet of a working config.. Hope this helps though!
>>>>> 
>>> 
>>>> foo at realm1        Auth-Type:= Local, User-Password == "bar"
>>>>         Service-Type = Framed-User,
>>>>         Framed-IP-Address = 192.168.243.2,
>>>>         Framed-Netmask = 255.255.255.255,
>>>>         Framed-Protocol = PPP,
>>>> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNA\nip
>>>> unnumbered loop0",
>>> 
>>>> foo at realm2        Auth-Type:= Local, User-Password == "bar"
>>>>         Service-Type = Framed-User,
>>>>         Framed-IP-Address = 192.168.244.2,
>>>>         Framed-Netmask = 255.255.255.255,
>>>>         Framed-Protocol = PPP,
>>>> Cisco-AVPair = "lcp:interface-config=ip vrf forwarding VPNB\nip
>>>> unnumbered loop0",
>>> 
>>> 
>>>> ip vrf VPNA
>>>>  description VPNA
>>>>  rd 1:1
>>>>  vpn id 1:1
>>>>  route-target both 1:1
>>>> !
>>>> ip vrf VPNB
>>>>  description VPNB
>>>>  rd 1:2
>>>>  vpn id 1:2
>>>>  route-target both 1:2
>>>>  !
>>>>  router bgp 1
>>>>  !
>>>>   address-family ipv4 vrf VPNA
>>>>   redistribute connected
>>>>   redistribute static
>>>>   no auto-summary
>>>>   no synchronization
>>>>   exit-address-family
>>>> !
>>>>   address-family ipv4 vrf VPNB
>>>>   redistribute connected
>>>>   redistribute static
>>>>   no auto-summary
>>>>   no synchronization
>>>>   exit-address-family
>>>>   end
>>>> !
>>> 
>>>> interface GigabitEthernet1/0.100
>>>>  desc VPNA uplink
>>>>  encapsulation dot1q 100
>>>>  ip address 10.0.0.1 255.255.255.252
>>>> !
>>>> interface GigabitEthernet1/0.200
>>>>  desc VPNB uplink
>>>>  encapsulation dot1q 200
>>>>  ip address 172.16.10.1 255.255.255.252
>>>> !
>>> 
>>>> ip route VPNA 0.0.0.0 0.0.0.0 10.0.0.2
>>>> ip route VPNB 0.0.0.0 0.0.0.0 172.16.10.2
>>> 
>>> 
>>> 
>>>> _______________________________________________
>>>> cisco-nsp mailing list  cisco-nsp at puck.nether.net
>>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>> 
>>> 
>>> 
> 
> 
> 

--

David Freedman
Group Network Engineering

david.freedman at uk.clara.net
Tel +44 (0) 20 7685 8000

Claranet Group
21 Southampton Row
London - WC1B 5HA - UK
http://www.claranet.com

Company Registration: 3152737 - Place of registration: England

All the information contained within this electronic message from Claranet
Ltd is covered by the disclaimer at http://www.claranet.co.uk/disclaimer

More information about the cisco-nsp mailing list