[c-nsp] LNS av-pair vrf

Daniel Hooper dhooper at gold.net.au
Fri Nov 11 09:06:38 EST 2011 

Ghassan,

1 loopback per VRF.

-Dan

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ghassan.khalil
Sent: Friday, 11 November 2011 6:38 PM
To: Matthew Melbourne
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] LNS av-pair vrf

Thanks,
As it seems from all the feedbacks that we need to have a dedicated loopback for each customer as this loopback is configured with the certain VRF.
By this I will need to configure more than 100 loopbacks :) is this the only way ?
It will not be a big problem as I also need to add an av-pair to those 100 users from the AAA server as well.

Ghassan

On Nov 11, 2011, at 11:15 AM, Matthew Melbourne <matt at melbourne.org.uk> wrote:

> On 11 November 2011 08:48,  <cisco-nsp-request at puck.nether.net> wrote:
>> 
>> Message: 4
>> Date: Fri, 11 Nov 2011 10:04:51 +0200
>> From: "Ghassan.khalil" <ghassan.khalil at gmail.com>
>> To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
>> Subject: [c-nsp] LNS av-pair vrf
>> Message-ID: <87362FEF-35E8-4030-90E9-FB565D70DA82 at gmail.com>
>> Content-Type: text/plain;       charset=us-ascii
>> 
>> Dears,
>> I have an ASR functioning as a LNS, the LNS is configured as a PE router as well.
>> I need to assign certain users to their proper VRF through the AAA server as it should be applied on the virtual-access interface.
>> So what is the av-pair syntax required to accomplish this and the configuration required from the ASR also.
> 
> You need to pass back some cisco-avpair attributes as part of RADIUS
> authorisation:
> 
> cisco-avpair = "lcp:interface-config=ip vrf forwarding CUST1"
> cisco-avpair = "lcp:interface-config=ip unnumbered loopback101"
> 
> The loopback101 interface (in this instance) also needs to be placed 
> in the CUST1 VRF. A different loopback would be required on the LNS 
> for each Customer VRF.
> 
> Cheers,
> 
> Matt
> 
> --
> Matthew Melbourne
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net 
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list