[rbak-nsp] SE400 some subscribers with Port-Limit = unlimitted instead Port-Limit = 1

Luís Cláudio Veiga luis.claudio.veiga at gmail.com
Wed Jan 26 10:40:09 EST 2011


Hello everyone!
this is my first time here and would like to post the weird problem i´m facing:
My box is a Redback Networks SmartEdge SE400 running OS Version
SEOS-6.1.1.5-Release.

this box is running BRAS function as PPPoE server. I´m using
NavisRadius as well to authenticate my subscribers that have two
possible profiles:

1 - subscriber with dynamic IP address;
2 - subscriber with constant IP address;

You can see weird problem with port-limit as bellow just only for
subscriber with dynamic IP address:

This subscriber is ok:
NTL-VLI-03919 at VLI
        Circuit   3/2 vlan-id 311 pppoe 767
        Internal Circuit   3/2:1023:63/6/2/5782
        Interface bound  pool1
        Current port-limit 1                            <------- it is correct
        context-name BASIC (applied)
        ip pool pool1 (applied from sub_default)
        port-limit 1 (applied from sub_default)
        ip source-validation 1 (applied from sub_default)
        ppp mtu 1492 (applied from sub_default)
        dns primary 200.255.125.211 (applied from sub_default)
        dns secondary 200.255.255.70 (applied from sub_default)
        ip address 200.167.58.68 (applied from pool)
        qos-policing-policy 300up (applied)
        qos-metering-policy 1000down (applied)
        ip access-group in prevent_trojan (applied from sub_default)

These subscriber is NOT ok:
NTL-VLI-03279 at VLI
        Circuit   3/2 vlan-id 311 pppoe 2653
        Internal Circuit   3/2:1023:63/6/2/23597
        Interface bound  pool1
        Current port-limit unlimited           <------- it is not correct
        context-name BASIC (applied)
        ip pool pool1 (applied from sub_default)
        port-limit 1 (applied from sub_default)
        ip source-validation 1 (applied from sub_default)
        ppp mtu 1492 (applied from sub_default)
        dns primary 200.255.125.211 (applied from sub_default)
        dns secondary 200.255.255.70 (applied from sub_default)
        session-limit by agent-remote-id 1 (applied from sub_default)
        ip address 200.167.56.186 (applied from pool)
        qos-policing-policy 600up (applied)
        qos-metering-policy 2000down (applied)
        ip access-group in prevent_trojan (applied from sub_default)
#
NTL-VLI-03404 at VLI
        Circuit   3/2 vlan-id 311 pppoe 1650
        Internal Circuit   3/2:1023:63/6/2/30840
        Interface bound  pool1
        Current port-limit unlimited <------- it is not correct
        context-name BASIC (applied)
        ip pool pool1 (applied from sub_default)
        port-limit 1 (applied from sub_default)
        ip source-validation 1 (applied from sub_default)
        ppp mtu 1492 (applied from sub_default)
        dns primary 200.255.125.211 (applied from sub_default)
        dns secondary 200.255.255.70 (applied from sub_default)
        session-limit by agent-remote-id 1 (applied from sub_default)
        ip address 200.167.57.50 (applied from pool)
        qos-policing-policy 600up (applied)
        qos-metering-policy 2000down (applied)
        ip access-group in prevent_trojan (applied from sub_default)
#

Now, my current config:

!
context BASIC
!
 no ip domain-lookup
!
 interface IP_DINAMICO
  ip address 200.166.75.233/30
!
 interface pool1 multibind lastresort
  ip unnumbered IP_DINAMICO
  ip pool 200.167.56.0/22
  ip pool 200.179.255.0/24
  ip pool 201.39.36.0/22
!
 interface static-pool-ntl multibind
  ip address 201.65.5.1/24
!
 interface static-pool-ntl-1 multibind
  ip address 189.53.166.1/24
!
 interface static-pool-ntl-2 multibind
  ip address 189.52.57.1/24
!
 aaa authentication administrator local
 aaa authentication subscriber global
 aaa reauthorization bulk global
!
 subscriber default
   ip address pool name pool1
   ip access-group prevent_trojan in
   port-limit 1
   ip source-validation
   ppp mtu 1492
   dns primary 200.255.125.211
   dns secondary 200.255.255.70
!
 ip route 0.0.0.0/0 context local
!
end



More information about the redback-nsp mailing list