Expand all | Collapse all

Framed-IPv6-Prefix incorrect

Jump to Best Answer
  • 1.  Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 01:15

    Hi all,


    A relevant question this time 🙂


    I am using radiusdesk as the GUI interaction with freeradius and have assigned Framed-IPv6-Prefix as xxxx:xxxx:0100:0200::/64 (I apologise for not being able to supply the actual whole address - I will try and explain the issue without that)....


    As the prefix is a /64 I would expect an address at the CPE with 0100:0200 as the 3rd and 4th set of digits, but instead I see the following:

    xxxx:xxxx:9D:0:212:FF:FE8D:8980 - I understand the last set of digits being the MAC address, but where did the 9D:0 come from? Also, the radius is sending out the following:


    Sent Access-Accept Id 8 from to length 0
    Framed-IPv6-Prefix = xxxx:xxxx:9d::/64
    Framed-IPv6-Pool = "NDRA"
    Framed-IP-Netmask =
    Framed-IP-Address =


    But it is not configured that way, unless something strange is going on with a conversion in IPv6.... as far as I am aware eui-64 is the only change that would normally occur.....


    Anyone know what would cause this please?



  • 2.  RE: Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 01:19

    What is your actual query?




  • 3.  RE: Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 01:23

    Hi Rahul,

    The Question is there.

    Why would the RADIUS issue a completely different /64 that what is configured in the Framed-IPv6-Prefix?


    Unless there is something happening in IPv6 that I don't know about.


    Primarily, I am asking if anyone has seen this before and what the resolution was.



  • 4.  RE: Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 01:33

    Hi Clive,


    Do you have authd logs? Please match radius-access-accept and check what attribute is actual sent by radius.

    I remeber you're using DB and this looks to be radius issue. It is sending the wrong prefix to MX.



  • 5.  RE: Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 01:46

    Hi Rahul,


    I have completed a separate test and the results are as follows:


    Framed-IPv6-Prefix - xxxx:xxxx:006d:224b::/64

    What is assigned by the RADIUS is:

    Sent Access-Accept Id 10 from to length 0
    Framed-IPv6-Prefix = xxxx:xxxx:9d::/64
    Framed-IPv6-Pool = "NDRA"
    Framed-IP-Netmask =

    Framed-IP-Address =


    But, the LNS sees the following for the subscriber:

    User Name:
    IP Address:
    IP Netmask:
    IPv6 Prefix: xxxx:xxxx:6d00:200::/56 - Which kind of looks okay, but this is a /56
    IPv6 User Prefix: xxxx:xxxx:9d::/64 - Again, this is the 9d::/64


    The issue could well be what the RADIUS is doing from a functionality perspective.


    The CPE gets the following:

    IPv6 = xxxx:xxxx:9D:0:212:FF:FE8D:8980


    I will look into the RADIUS as I believe the LNS is doing as it should.


    Maybe some information here to help someone else.


    Thank you Rahul


  • 6.  RE: Framed-IPv6-Prefix incorrect
    Best Answer

    Posted 02-14-2018 01:51

    From radius, we're getting NDRA prefix and from cli PD is assigned. CPE gets the /64 and connvert it to /128 using EUI-64.




  • 7.  RE: Framed-IPv6-Prefix incorrect

    Posted 02-14-2018 03:28

    Hi Rahul,


    I found the issue by querying the sql database from the command line with the following command:


    select * from radgroupreply;


    And found that the user was using a different profile. Since discovered someone had changed the profile to test something else afew days ago and didn't inform me...


    However, I now have another issue where the CP is continually sending access requests even though the RADIUS send an access-accept with the correct credentials. That's another story that I shall investigate fully and if I get stuck will post a new quesiton.


    Thanks Rahul