[rbak-nsp] CLIPS and DHCP

Alexandre Chapellon a.chapellon at horoa.net
Wed Oct 12 19:05:06 EDT 2011 


Le 13/10/2011 01:02, Christopher O'Shea a écrit :
> Hi Alex,
>
> I seen this happen when you have manually bound the mulitbind 
> interface to a port. As i think its related to how the multibind will 
> only reply to ARP's (of the default gateway address) when bound to a 
> circuit.
>
> Can you post the config.
>
Unfortunately not, as I told I do not adminiter the redback devices... I 
am just looking for some experiences like yours.
I will forward your remarqs to the personns involved (which are not used 
ti use mailing lists I guess).

Any idea concerning point 2?

Bests regards
>
> Chris O'Shea
>
>
>
> On Wed, Oct 12, 2011 at 10:33 PM, Alexandre Chapellon 
> <a.chapellon at horoa.net <mailto:a.chapellon at horoa.net>> wrote:
>
>
>
>     Le 12/10/2011 13:03, Arjan Van Der Oest a écrit :
>
>         On 12 okt. 2011, at 11:42, Alexandre Chapellon wrote:
>
>             Wich leads me to the conclusion the subscriber should not
>             access the
>             network anymore. Unfortuantely, on the CPE side, I can
>             still ping
>             internet adresses and browse the web.
>             How comes? Is it because of CLIPS itself being
>             connection-less? Is there
>             something special to send in the CoA request? Is there any
>             alternative
>             to shut network access for a specific subscriber using CLIPS?
>
>
>         Maybe a silly question, but did you prevent that subscriber
>         from re-entering the network before CoA'ing him/her? When you
>         send the CoA disconnect and have a ping running, do you see an
>         interrupt in the replies?
>
>     Not that silly :)!
>     In fact no I didn't prevent the user from re-entering the network.
>     But I also didn't see any new authentication request following the
>     CoA. The next authentication happens when DHCP release expires
>     (one hour for my tests).
>
>
>         -- 
>         Met vriendelijke groet,
>
>         Arjan van der Oest
>         Senior Network Engineer / Security Officer
>
>         Voiceworks BV - Editiestraat 29 - 1321 NG Almere
>
>
>
>
>     -- 
>     <http://www.horoa.net>
>
>     Alexandre Chapellon
>
>     Ingénierie des systèmes open sources et réseaux.
>     Follow me on twitter: @alxgomz <http://www.twitter.com/alxgomz>
>
>     _______________________________________________
>     redback-nsp mailing list
>     redback-nsp at puck.nether.net <mailto:redback-nsp at puck.nether.net>
>     https://puck.nether.net/mailman/listinfo/redback-nsp
>
>

-- 
<http://www.horoa.net>

Alexandre Chapellon

Ingénierie des systèmes open sources et réseaux.
Follow me on twitter: @alxgomz <http://www.twitter.com/alxgomz>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20111013/8996e8bb/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: horoa_sig.png
Type: image/png
Size: 6693 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/redback-nsp/attachments/20111013/8996e8bb/attachment-0001.png>

More information about the redback-nsp mailing list