[c-nsp] ip vrf autoclassify source - loss of connectivity to hosts
James Bensley
jwbensley at gmail.com
Fri Jan 26 06:18:52 EST 2018
On 25 January 2018 at 06:33, Tassos Chatzithomaoglou <achatz at forthnet.gr> wrote:
> We use "ip vrf receive" on physical subinterfaces.
> Why do you need "ip vrf receive" per subscriber session on the LNS?
To dynamically place subscribers into different VRFs. Weather it is
applied via RADIUS or on the device config, in both cases it's an ugly
design and I'm ashamed of it :(
> On our LNS (ASR1001 and ASR1006) we use "Cisco-Avpair = "lcp:interface-config=ip vrf forwarding VRF1", but that is supposed to only decrease the scalability in terms of memory/sessions. It works fine otherwise and since our LNS is not fully utilized, scalability isn't a concern at this time.
> You can always use the new "Cisco-AVpair = "ip:vrf-id=VRF1" to avoid the above issue.
Yes we use the newer "ip:*" format everywhere. Cisco had led us to
believe that the "lcp:*" style formatting is/will be deprecated. The
only exception I know of is that they haven't created an "ip:*"
version of "lcp:interface-config=ip verify unicast reverse-path". As
you said, when we use the "lcp:*" AVPairs the LNS logs a warning and
it affects scalability. Thanks Cisco!
Cheers,
James.
More information about the cisco-nsp
mailing list