[rbak-nsp] Subnet mask and default gateway for CLIPS from RADIUS.
Ron Ripley
ripleydotnet at gmail.com
Fri Jun 19 08:44:14 EDT 2009
From what I read, is there a DHCP Proxy device between the Subscriber
and SmartEdge? If that is the case, are you attempting to modify the
next hop to the proxy server?
Typically, the default router is set in the DHCP server policy for the
scope:
context foo
interface dhcp multi
ip address 10.10.0.1/18
dhcp server interface
!
dhcp server policy
subnet 10.10.0.0/18
range 10.10.0.2 - .......
option router 10.10.0.1
option ...
!
When using the FRAMED-IP-ADDRESS via RADIUS along with the FRAMED-IP-
NETMASK, the IP address assigned here should be outside the scope
defined in the dhcp server.
On 19-Jun-09, at 6:10 AM, David Freedman wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>> Framed-Route = "0.0.0.0 188.116.130.253 1"
> <snip>
>>
>> In sh subscribers active:
>>
>> ip route 0.0.0.0 255.255.255.255 188.116.130.253 1 (applied)
>>
>
> <snip>
>
>
> Just out of interest, why would you want to do this?
>
> Do you mean:
>
> A. Enable the client to have internet access through your redback (via
> your network) -> then this framed route is not required, this is the
> default IPCP behaviour.
>
> or
>
> B. Steer ALL traffic from your network through this one subscriber
> in which case you would need:
>
> Framed-IP-Address = 188.116.130.99
>
> Framed-IP-Netmask = 255.255.255.0
>
> Framed-Route = "0.0.0.0 0.0.0.0 188.116.130.99 1"
>
> Dave.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAko7gDMACgkQtFWeqpgEZrI7xACfTE0gcOcQSit45i+LrRyXSoa2
> U14AoKyV2BzAXW7rEqnhkwPQdCFYC6rY
> =zO4k
> -----END PGP SIGNATURE-----
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
--
Ron Ripley
ripleydotnet at gmail.com
More information about the redback-nsp
mailing list