[j-nsp] PPPoE to DHCP migration dhcp-local standalone....framed-route troubles.....ERX

Peter Krupl peter.krupl at ventelo.dk
Thu Aug 17 08:30:53 EDT 2006 

Hi Ulf & Group,

I get the client addres from radius, as the users today use
PPPoE.

My software version is :
Version: 7.2.0 release-0.0 [BuildId 5410]  
Which according to Juniper KB is not affected by the problem. ????

I noticed you used a different format for the framed route, propably because you use an older software release. I use the following in radius: Framed-Route "172.16.1.0/29 0.0.0.0" the old format, I have also tried "172.16.1.0/29 x.x.x.219 distance 21" the new format both with no luck.

The new format works with PPPoE sessions, I fact you must set the distance
greater than 2. 

My interface configuration looks like this:
-------------------------------------------------------------------------------------
interface atm 2/1.1010
 atm pvc 1010 10 10 aal5snap 0 0 0
 encapsulation bridge1483
 ip auto-configure ip-subscriber include-primary
 ip route-map ip-subscriber "all_access"
 ip unnumbered loopback 99
 pppoe
 pppoe auto-configure
 pppoe profile any "pppoe_test"
-------------------------------------------------------------------------------------

The client gets an access-internal route...
ERX01-BOR:default:i#sh ip route x.x.x.219
-------------------------------------------------------------------------------------
  Prefix/Length      Type       Next Hop      Dst/Met          Interface       
------------------ --------- --------------- ---------- -----------------------
x.x.x.219/32  AccIntern 0.0.0.0         2/0        ATM2/1.1010    
-------------------------------------------------------------------------------------

The radius debug says:
-------------------------------------------------------------------------------------
DEBUG 08/17/2006 07:20:47 radiusAttributes: USER ATTRIBUTES: (.atm.2.1.10.10 at erx01-bor)
DEBUG 08/17/2006 07:20:47 radiusAttributes:      service type attr: 2
DEBUG 08/17/2006 07:20:47 radiusAttributes:      framed IP address attr: 85.235.255.219
DEBUG 08/17/2006 07:20:47 radiusAttributes:      framed route attr: 172.16.1.0/29 85.235.255.219 distance 21
INFO 08/17/2006 07:20:47 aaaUserAccess: User: .atm.2.1.10.10 at erx01-bor; id: atm 2/1.1010:10.10, access granted
DEBUG 08/17/2006 07:20:47 ipSubscriberMgr: createSubscriber: created ip subscriber, router Id = Router 0x80000041 ip address = x.x.x.219
DEBUG 08/17/2006 07:20:47 ipSubscriberMgr: createSubscriber: start timer
DEBUG 08/17/2006 07:20:47 ipSubscriberMgr: aaaAuthReq: no service profile data
-------------------------------------------------------------------------------------


Does it have the bug ?

Med venlig hilsen/Kind regards
Peter Åris Krüpl

 


-----Original Message-----
From: ulf.bremer at web.de [mailto:ulf.bremer at web.de] 
Sent: 16. august 2006 17:13
To: Peter Krupl
Subject: Re: [j-nsp] PPPoE to DHCP migration dhcp-local standalone....framed-route troubles.....ERX


Hi,

without knowing your interface config I´d guess that you ran into:

Juniper KB:

Number:21644

Synopsis:
Framed route returned from Radius not installed for IP subscriber interface

Problem:
Framed-route attribute returned from RADIUS is not being installed in 
the routing table.

The attribute is being returned from RADIUS:

DEBUG 05/28/2005 01:56:42 radiusAttributes: USER ATTRIBUTES: 
(dhcp at siemens.com)
DEBUG 05/28/2005 01:56:42 radiusAttributes:      class attr: (binary data)
DEBUG 05/28/2005 01:56:42 radiusAttributes:      framed route attr: 
33.33.0.0/16
0.0.0.0


But as the routing table shows, it is not being installed:

ERX-40-59-55# show ip route

   Prefix/Length     Type      Next Hop      Dst/Met 
  Intf
------------------ ------- --------------- ---------- 
-------------------------
2.2.2.0/24         Connect 2.2.2.2         0/0        loopback0
2.2.2.1/32         AccInte 0.0.0.0         2/0        ip2.2.2.1[ATM4/1.100]
                    rn
3.3.3.0/24         Connect 3.3.3.1         0/0        ATM4/3.100
10.3.0.0/16        Connect 10.3.229.8      0/0        FastEthernet0/0
30.0.0.0/24        Connect 30.0.0.1        0/0        loopback100


IP subscriber interface is configured as follows:

interface atm 4/1.100 point-to-point
  atm pvc 100 0 100 aal5snap 0 0 0
  ip auto-configure ip-subscriber
  ip route-map ip-subscriber allowany
  ip unnumbered loopback 0

Solution:
Resolved in the release(s) indicated** in the Fixed Release field.

** N/A indicates the problem has yet to be resolved and released in a 
patch or Major Release of software.

Affected Release: 6-1-0, 6-1-1, 7-0-0, 7-0-1

Fixed Release: 6-1-1p0-8, 6-1-2, 7-0-1p0-3, 7-0-2

Defect/Solution: Defect

Defect ID: 68346

State: Resolved

Severity: Medium

Series: E-Series

If you think this could be the case you need to update. For various 
DHCP-related reasons you might want to go for the latest available patch 
of your desired release. If think this is not it please let us know 
interface config, SW-release, ... and some helpful logging which I´d 
need to think about for a while.

Best Regards


###########################################

This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
For more information, connect to http://www.f-secure.com/

More information about the juniper-nsp mailing list