[rbak-nsp] static mapping mac-addr to the interface (port/slot vlan:vlan) with RADIUS

Michał Korzeniowski Michal.Korzeniowski at metrointernet.pl
Thu Jan 13 06:45:42 EST 2011


Hallo,
I'm working on a system of binding subscribers who are connected to the BRAS through QinQ. The system works with the RedBack dhcp server connected to RADIUS. I ran   "clips service dhcp " on  each QinQ interface  and  then everything works.

But I do question how to statically (via RADIUS) to map the mac address of the VLAN id QinQ
I'm trying to add nas-port-id to the Radius but it does not help.


---
Eventually, how to give attributes (qos policy, ip, etc...) without mac-address authentication, when we know from which   interface is request?  I know - option-82. But there is no helpfull information in manual :)




some code:

port ethernet 2/4
 no shutdown
 encapsulation dot1q
 dot1q pvc 10 encapsulation 1qtunnel
  service clips dhcp context TEST
  dot1q pvc 10:2
  service clips dhcp context TEST
  dot1q pvc 10:3
  service clips dhcp context TEST
  dot1q pvc 10:4
  service clips dhcp context TEST                         <-------there is no way to make this with one line config?????





context TEST
!
 description TEST
!
!
 no ip domain-lookup
!
 interface TEST multibind
  ip address 83.142.199.1/24
  dhcp server interface
  ip arp proxy-arp
 no logging console
!
 aaa authentication administrator local
 aaa authentication administrator maximum sessions 1
 aaa authentication subscriber radius global
!
 radius attribute nas-port-id format all
!
 subscriber default
   timeout idle 1
   dhcp max-addrs 1
!
 ip route 0.0.0.0/0 context BGP
!
 dhcp server policy
   option domain-name-server 83.142.192.2
   default-lease-time 600
   maximum-lease-time 600
   subnet 83.142.199.0/24
     range 83.142.199.100 83.142.199.200
     option subnet-mask 255.255.255.0
     option router 83.142.199.1
!
!
!
end


users.conf:
00:26:4a:0b:1e:56  Auth-Type := Accept
                   Framed-Ip-Address = 83.142.199.51,
                   Framed-Ip-Netmask = 255.255.255.0,
                   Dhcp-Max-Leases = 1,
                   Service-Type = Outbound-User,
                   Context_Name = TEST,
                   nas-port-id =   "2/4 vlan-id 10:4 clips 146050"




--
pozdrawiam
Michał Korzeniowski
Administrator IT
Metro Internet Sp. z o.o.
ul. Sokratesa 17B
01-909 Warszawa
tel.+48 22 3505000
www.metrointernet.pl<http://www.metrointernet.pl/>
Organ Rejestrowy: Sąd Rejonowy dla m. Warszawy
Kapitał zakładowy spółki: 100 000 PLN KRS: 0000311432





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20110113/c891e10d/attachment-0001.html>


More information about the redback-nsp mailing list