[rbak-nsp] Static and dynamic clips on the same interface.

Илья Савин savin at orn.ru
Wed Apr 21 01:35:39 EDT 2010 

Hi, Denis.

Changing dhcp-max-leases to 1 does not affect.

WBR,
Ilya Savin.


21 arp 2010 г. 9:11 Denis Mikhaylovskiy
<denis.mikhaylovskiy at ericsson.com> wrote:
> Hi,
>
> Static and dynamic clips as well requires dhcp-max-leases equal to 1.
> Please adjust it in the radius subscriber record.
>
>
> Regards,
> /denis
>
> -----Original Message-----
> From: redback-nsp-bounces at puck.nether.net [mailto:redback-nsp-bounces at puck.nether.net] On Behalf Of Илья Савин
> Sent: Tuesday, April 20, 2010 9:15 PM
> To: redback-nsp
> Subject: [rbak-nsp] Static and dynamic clips on the same interface.
>
> Hi.
>
> Is it possible to use static and dynamic clips on the same interface
> and same context?
>
> Port config:
>
> port ethernet 2/3
>  no shutdown
>  encapsulation dot1q
>  dot1q pvc 11
>  bind interface office_int office
>  service clips dhcp context office
>  clips pvc 1
>   bind subscriber 00:0c:29:84:db:14 at office
>
> Context "office" configured for dynamic clips with radius
> authorisation. After comand "bind subscriber 00:0c:29:84:db:14 at office"
> redback send to radius auth query, then acct-start query.
>
> But clips session halts on "AwaitIp" status:
> [office]Redback#sh clips
> Circuit                              IpAddr          Username
> ------------------------------------ --------------- ---------------
> 2/3 vlan-id 11 clips 1               AwaitIp         00:0c:29:84:db:14 at office
>
> Context config:
>
> context office
> !
>  no ip domain-lookup
> !
>  interface main loopback
>  ip address 80.76.178.3/32
>   ip source-address telnet snmp ssh radius tacacs+ syslog dhcp-server
> tftp ftp icmp-dest-unreachable icmp-time-exceed netop flow-ip
> !
>  interface office_int multibind
>  ip address 80.76.188.254/24
>  dhcp server interface
>  no logging console
> !
>  ip access-list cool
>  seq 3 permit ip host 80.76.188.3
>  seq 10 permit ip host 80.76.188.10
>  seq 20 permit ip host 80.76.188.151
>  seq 300 permit udp any eq bootpc
>  seq 301 permit udp any eq bootps
>  seq 500 permit ip 80.76.188.0 0.0.0.255 192.168.0.0 0.0.255.255
>  seq 520 permit ip 80.76.188.0 0.0.0.255 10.16.0.0 0.0.255.255
>  seq 1000 deny ip any any
> !
>  ip access-list incoming
>  seq 10 permit ip 80.76.176.0 0.0.15.255 any
>  seq 20 permit tcp any any established
>  seq 30 deny tcp any 80.76.188.128 0.0.0.127
>  seq 40 deny icmp any 80.76.188.128 0.0.0.127 icmp-type echo
>  seq 1000 permit ip any
> !
>  policy access-list SERVICE_out
>  seq 10 permit ip any any class SERVICE1
> !
>  aaa authentication administrator local
>  aaa authentication administrator maximum sessions 1
>  aaa authentication subscriber radius
>  aaa encrypted-password default ***********
>  aaa accounting subscriber radius
>  aaa accounting event dhcp
>  radius accounting server 80.76.176.35 encrypted-key *********** port ****
>  radius accounting server 80.76.176.35 encrypted-key ***********
>  radius coa server 80.76.176.18 encrypted-key *********** port ****
> !
>  radius server 80.76.176.35 encrypted-key *********** port ****
>  radius attribute calling-station-id format agent-circuit-id agent-remote-id
>  radius attribute nas-port-id format all
> !
>  subscriber default
>   ip access-group incoming out
> !
>  ip route 0.0.0.0/0 context bgp
>  ip route 192.168.0.0/16 80.76.188.252
> !
>  dhcp server policy
>   option domain-name-server 80.76.176.10
>   subnet 80.76.188.0/24
>     option router 80.76.188.254
>     option domain-name-server 80.76.176.10 8.8.8.8
>     option static-route 192.168.0.0 80.76.188.250
> !
> !
>
> Auth-Reply from radius:
> Tue Apr 20 20:46:34 2010
>        Packet-Type = Access-Accept
>        Acct-Interim-Interval := 600
>        Qos-Rate-Inbound = "11000:2750000"
>        Qos-Rate-Outbound = "11000:2750000"
>        Qos-Policy-Policing := "pinet_office"
>        Qos-Policy-Metering := "inet_office"
>        Framed-IP-Address := 80.76.188.40
>        Framed-IP-Netmask := 255.255.255.0
>        Session-Timeout := 3600
>        Service-Type := Dialout-Framed-User
>        DHCP-Max-Leases = 5
>
>
>
> Thanks.
>
>
> WBR,
> Ilya Savin.
> _______________________________________________
> redback-nsp mailing list
> redback-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/redback-nsp
>

More information about the redback-nsp mailing list