[c-nsp] ipv6 dhcp server accounting not working

BASSAGET Cédric cedric.bassaget.ml at gmail.com
Fri Oct 5 02:28:46 EDT 2018 

Hello,

I'm trying to understand why my ipv6 dhcp server accounting does not work
as I expect. I'm using this on cisco 7301 (ROM: System Bootstrap, Version
12.3(4r)T4, RELEASE SOFTWARE (fc1)
)

Here are the relevant parts of my config :

aa new-model
!
!
aaa group server radius RGROUP
 server name radius2
!
aaa accounting send stop-record always
aaa accounting send counters ipv6
aaa accounting delay-start all
aaa accounting update periodic 60
aaa accounting include auth-profile framed-ip-address
aaa accounting include auth-profile framed-ipv6-prefix
aaa accounting include auth-profile delegated-ipv6-prefix
aaa accounting network default
 action-type start-stop periodic interval 60
 group RGROUP
!
!
ipv6 unicast-routing
ipv6 dhcp iana-route-add
ipv6 dhcp pool IPv6_DHCP_POOL
 prefix-delegation aaa method-list IA_PD
 address prefix 2A06:A402:1::/56
 accounting default
!
ipv6 cef
ipv6 cef accounting per-prefix prefix-length
!
!
interface Virtual-Template285
 description "SESSION BEST-EFFORT"
 mtu 1460
 ip unnumbered Loopback285
 ip access-group ACL_VC_BE_out in
 no ip redirects
 ip tcp adjust-mss 1420
 ipv6 address autoconfig
 ipv6 unnumbered Loopback285
 ipv6 enable
 no ipv6 nd ra suppress
 ipv6 dhcp server IPv6_DHCP_POOL allow-hint
 no peer default ip address
 peer default ipv6 pool IPv6_DHCP_POOL
 no ppp lcp fast-start
 ppp authentication pap chap
 ppp ipcp dns x.x.x.x y.y.y.y
 ppp ipcp address required
 ppp ipcp address unique
 ppp ipv6cp address unique
 ppp multilink
 ppp multilink load-threshold 255 either
 ppp multilink interleave
!
radius-server vsa send accounting
radius-server vsa send authentication
!
radius server radius2
 address ipv4 185.122.100.6 auth-port 1812 acct-port 1813
 key 7 08766A1C514D02441A3C54570E7D7739
!


Accounting works fine for ppp/l2tp sessions. When enablig ipv6 dhcp and
accounting debug, this is what I see when a client does a DHCPv6 request :

Oct  5 06:25:46.632: IPv6 DHCP: Received SOLICIT from FE80::8 on
Virtual-Access2.38
Oct  5 06:25:46.636: IPv6 DHCP: Using interface pool IPv6_DHCP_POOL
Oct  5 06:25:46.636: IPv6 DHCP_AAA: Got prefix xxxx.xxxx:100::/48
Oct  5 06:25:46.636: IPv6 DHCP: Creating binding for FE80::8 in pool
IPv6_DHCP_POOL
Oct  5 06:25:46.636: IPv6 DHCP: Binding for IA_NA 00000008 not found
Oct  5 06:25:46.636: IPv6 DHCP: Allocating IA_NA 00000008 in binding for
FE80::8
Oct  5 06:25:46.636: IPv6 DHCP: Looking up pool xxxx.xxxx:1::/56 entry with
username '0003000164D154640CD300000008'
Oct  5 06:25:46.636: IPv6 DHCP: Poolentry for user not found
Oct  5 06:25:46.636: IPv6 DHCP: Allocated new address
xxxx.xxxx:1:EC:6206:1843:364:B9F
Oct  5 06:25:46.636: IPv6 DHCP: Allocating address
xxxx.xxxx:1:EC:6206:1843:364:B9F in binding for FE80::8, IAID 00000008
Oct  5 06:25:46.636: IPv6 DHCP: Updating binding address entry for address
xxxx.xxxx:1:EC:6206:1843:364:B9F
Oct  5 06:25:46.636: IPv6 DHCP: Setting timer on
xxxx.xxxx:1:EC:6206:1843:364:B9F for 60 seconds
Oct  5 06:25:46.636: IPv6 DHCP: No binding for IA_PD 00000008
Oct  5 06:25:46.636: IPv6 DHCP_AAA: Retrieved subblock; It has AAA
DNS_SERVERS=0
Oct  5 06:25:46.636: IPv6 DHCP: SAS retured Null falling to link local
Oct  5 06:25:46.636: IPv6 DHCP: Returning Link local address
FE80::6600:F1FF:FE34:C41B
Oct  5 06:25:46.636: IPv6 DHCP: Sending ADVERTISE to FE80::8 on
Virtual-Access2.38
Oct  5 06:25:47.712: IPv6 DHCP: Received REQUEST from FE80::8 on
Virtual-Access2.38
Oct  5 06:25:47.712: IPv6 DHCP: Using interface pool IPv6_DHCP_POOL
Oct  5 06:25:47.712: IPv6 DHCP: Allocating IA_PD 00000008 in binding for
FE80::8
Oct  5 06:25:47.712: IPv6 DHCP_AAA: Got prefix xxxx.xxxx:100::/48
Oct  5 06:25:47.712: IPv6 DHCP: Allocating prefix xxxx.xxxx:100::/48 in
binding for FE80::8, IAID 00000008
Oct  5 06:25:47.712: IPv6 DHCP: Added Prefix xxxx.xxxx:100::/48 to Radix
tree
Oct  5 06:25:47.712: IPv6 DHCP: Route added: xxxx.xxxx:100::/48 via FE80::8
dist 1 iaid 00000008 vrf default
Oct  5 06:25:47.712: IPv6 DHCP: Looking up pool xxxx.xxxx:1::/56 entry with
username '0003000164D154640CD300000008'
Oct  5 06:25:47.712: IPv6 DHCP: Poolentry for user found
Oct  5 06:25:47.712: IPv6 DHCP: Found address
xxxx.xxxx:1:EC:6206:1843:364:B9F in binding for FE80::8, IAID 00000008
Oct  5 06:25:47.712: IPv6 DHCP: Updating binding address entry for address
xxxx.xxxx:1:EC:6206:1843:364:B9F
Oct  5 06:25:47.712: IPv6 DHCP: Setting timer on
xxxx.xxxx:1:EC:6206:1843:364:B9F for 172800 seconds
Oct  5 06:25:47.712: IPv6 DHCP: Route added:
xxxx.xxxx:1:EC:6206:1843:364:B9F via FE80::8 dist 1 iaid 00000008 vrf
default
Oct  5 06:25:47.712: IPv6 DHCP_AAA: Retrieved subblock; It has AAA
DNS_SERVERS=0
Oct  5 06:25:47.712: IPv6 DHCP: SAS retured Null falling to link local
Oct  5 06:25:47.712: IPv6 DHCP: Returning Link local address
FE80::6600:F1FF:FE34:C41B
Oct  5 06:25:47.712: IPv6 DHCP: Sending REPLY to FE80::8 on
Virtual-Access2.38

Client gets it address and delegated prefix, but nothing is sent to my
radius server on act port.

Can anybody tell me what I am doing wrong ?

Regards,
Cédric

More information about the cisco-nsp mailing list