[c-nsp] Increase distance of static route created through Freeradius
Darren O'Connor
Darren.O'Connor at hso.uk.com
Fri Jun 24 10:15:45 EDT 2011
Hi all.
After speaking with Oliver Boehmer at Cisco I managed to get this
sorted. This is how it works for those of you interested.
The radius account was originally like this:
test.account Password = "testing"
Framed-IP-Address += 10.1.3.65,
Framed-IP-Netmask += 255.255.255.252,
Cisco-Avpair += "lcp:interface-config=ip vrf forwarding Test\nip
unnumbered lo1500",
Cisco-Avpair += "ip:route=10.1.3.64 255.255.255.252",
Cisco-Avpair += "ip:route=10.1.75.0 255.255.255.0"
When this connects to a cisco router, it creates a static route to
10.1.75.0/24 with a next hop of 10.1.3.65.
Essentially the framed IP address becomes the variable. After each
ip:route, Avpair it adds a static route with a next hop of the variable
(10.1.3.65 in my case)
If you want to create a static route with a distance value, you add the
value after the variable, the next hop. Unfortunately it seems that it
only adds the variable at the end of the statement.
So to get this to work, I simply added the next-hop and distance to the
Avpair command. So this is what the radius account looks like:
metric.test Password = "testing"
Framed-IP-Address = 10.100.0.45,
Framed-IP-Netmask = 255.255.255.252,
Cisco-Avpair += "lcp:interface-config=ip vrf forwarding
MetricT\nip unnumbered lo999",
Cisco-Avpair += "ip:route=10.100.0.45 255.255.255.252",
Cisco-Avpair += "ip:route=10.100.3.0 255.255.255.0 10.100.0.45
200"
This is the router added to my Cisco box when the user dials in:
xxx.xxxx#sh ip route vrf MetricT 10.100.3.0
Routing entry for 10.100.3.0/24
Known via "static", distance 200, metric 0
Redistributing via ospf 999
Routing Descriptor Blocks:
* 10.100.0.45
Route metric is 0, traffic share count is 1
This works as the example above shows.
Thanks
Darren
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Darren O'Connor
Sent: 24 June 2011 10:04
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Increase distance of static route created through
Freeradius
Hi all.
We currently use Freeraidus which has been configured to add routes to
customers networks into a VRF on our core Cisco boxes.
This all works perfectly, however I'd like to increase the distance of
the static route created. I need it to be higher than OSPF so maybe 125.
As an example, this is a radius account:
test.account Password = "testing"
Framed-IP-Address += 10.1.3.65,
Framed-IP-Netmask += 255.255.255.252,
Cisco-Avpair += "lcp:interface-config=ip vrf forwarding Test\nip
unnumbered lo1500",
Cisco-Avpair += "ip:route=10.1.3.64 255.255.255.252",
Cisco-Avpair += "ip:route=10.1.75.0 255.255.255.0"
This is the route created on the core Cisco:
xxx.xxx#sh ip route vrf Test 10.1.75.0
Routing entry for 10.1.75.0/24
Known via "static", distance 1, metric 0
Redistributing via ospf 421
Advertised by ospf 421 subnets route-map Permit_Test
Routing Descriptor Blocks:
* 10.1.3.65
Route metric is 0, traffic share count is 1
Can the Cisco Avpair be changed to give a higher distance instead of the
Cisco using the default of 1?
Kind Regards
Darren O'Connor
Senior Network Engineer
hSo
_____________________________________________________________________
This e-mail and all attachments have been scanned by the hSo virus
scanning service powered by Webroot and no known viruses were detected.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_____________________________________________________________________
This e-mail and all attachments have been scanned by the hSo virus scanning service powered by Webroot and no known viruses were detected.
More information about the cisco-nsp
mailing list