Routing

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  DHCP-v6-PD

     
    Posted 12-07-2017 02:38

    Hi all,

     

    I now have a firm understanding of the NDRA process for IPv6 and have the following quesiton regarding the secondary CPE autoconfig phase of DHCPv6-PD.

     

    I have a working configuration on some Cisco equipment but need to get this working on the MX240.....

     

    LNS configuration (acting as the DHCPv6-PD Server - kind of)

    R4(config)#Ipv6 local pool cust-pool1 2001:db8:2:8000::/49 56

    R4(config)#Ipv6 dhcp pool ISP-pool

    R4(config-dhcpv6)#Prefix-delegation pool cust-pool1 lifetime infinite infinite

    R4(config)#int <interface required>

    R4(config-if)#Mac-address xxxx.xxxx.xxxx     (Just use this if we want control rather than eui-64 controlling everything)

    R4(config-if)#Ipv6 address 2001:db8:2:410::4/64

    R4(config-if)#Ipv6 address fe80::4 link-local  (We use this if we want to control everything rather than eui-64)

    R4(config-if)#Ipv6 dhcp server ISP-pool

     

    CPE Configuration 

    R10(config)#int g2/0

    R10(config-if)#ipv6 enable

    R10(config-if)#ipv6 address FROM-ISP ::0.0.0.0.1/64  (This means the /56 prefix (The first zero is the 8 bits this customer has to play with regarding subnets, if you like))

    R10(config)#int g3/0

    R10(config-if)#ipv6 enable

    R10(config-if)#ipv6 address FROM-ISP ::1:0:0:0:1/64  (Notice that the leading zero is now a “1”…. If we wanted yet more subnets then that 1 would become a 2 and then 3 etc etc etc)

     

    Could someone please let me know the same command structure to give the same results in Junos?

    Also, please confirm if the configuration is on the CPE or the LNS and also the itnerface involved is the L2TP peer tunnel interface (I'm guessing it would be given that this is the only WAN link)....

     

    The actual end result requirement would be that this is dealt with on the RADIUS via a PORTAL for the re-seller...... Again, guessing, this would involve us knowing wht the re-seller has sold the customer (in the way of IPv6) so that we can configure the CPE before shipping....

     

    If anyone has any experience of configuring this on freeRADIUS, anyhelp would be greatly appreciated.

     

    Thanks


    Clive



  • 2.  RE: DHCP-v6-PD

     
    Posted 12-07-2017 03:17

    Hi Clive,

     

    Looking at your setup it will be DHCPv6 over PPP.

     

    LNS will be providing IPv4 as well as IPv6 address.  For WAN i.e. NDRA and LAN DHCPv6 PD.

     

    In case you want to assign NDRA/PD from radius, you need below attributes.

     

    NDRA=Framed-IPv6-Pool/Framed-IPv6-Prefix

    PD= ERX-ipv6-Delegated-Pool-Name

     

    [root@JTAC-ERX-LINUX-2 raddb]# grep -i delega dictionary.erx
    ATTRIBUTE       ERX-IPv6-Delegated-Pool-Name            161     string

     

    Configuration on LNS

     

    TEST# show system services

    dhcp-local-server {

        dhcpv6 {

            group TEST {

                authentication {

                    password test;

                    username-include {

                        user-prefix test;

                    }

                }

                dynamic-profile DHCP;

                overrides {

                    delegated-pool IAPD-PPPOE-POOL;

                }

                interface si-1/0/0.0;

            }

        }

     

    TEST# show access address-assignment pool IAPD-PPPOE-POOL

    family inet6 {

        prefix XXXX:YYYY:AAAA::/40;

        range IAPD-RANGE prefix-length 56;

    }



  • 3.  RE: DHCP-v6-PD

     


  • 4.  RE: DHCP-v6-PD

     
    Posted 12-07-2017 03:37

    Hi Rahul,

     

    Thank you for the configuraiton and links.... very much appreciated. I will configure and test...

     

    Again, thanks

     

    Clive



  • 5.  RE: DHCP-v6-PD
    Best Answer

     
    Posted 12-07-2017 21:41

    Hi Clive,

     

    Please find few freeradius samples. Hope it helps.

     

    test Cleartext-Password := "test"
         Framed-IP-Address := X.X.X.X,
         Framed-ipv6-Pool := "ipv6-iana-pool",
         ERX-ipv6-Delegated-Pool-Name := "ipv6-pd-pool"

     

    test1 Cleartext-Password := "123"
          Framed-Pool := "IP-Pool",
          Framed-ipv6-Pool := "IPv6-WAN",
          ERX-ipv6-Delegated-Pool-Name := "IPv6-Pool",

     

    test2 Cleartext-Password := "123"
          Framed-IP-Address := "X.Y.Z.X",
          Framed-IPv6-Prefix := "XXXX:YYYY:ZZZZ::/64"

     

    test3 Cleartext-Password := "test"
          Framed-IP-Address := X.X.X.X,
          Framed-ipv6-Pool := "ipv6-iana-pool",
          ERX-ipv6-Delegated-Pool-Name := "ipv6-pd-pool",
          ERX-Ingress-Policy-Name = "16M",
          ERX-Egress-Policy-Name = "16M"

     

    Regards,

    Rahul

     



  • 6.  RE: DHCP-v6-PD

     
    Posted 01-29-2018 08:57

    Hi Rahul,


    Although I have closed this, there is one little question I would like to ask please.....

     

    We are utilsing DaloRADIUS as a "mysql" DB. I can insert this into the "users" file with no problems at all, but we really need to know how to get this into the mysql database. I have kind of worked out how to do that from zero documentation but, even with the radius attributes listed here:

     

    https://www.juniper.net/documentation/en_US/src4.9/topics/reference/general/radius-attributes-values.html

     

    I still cannot work out what I can input per user on the VSA section.... Anyone know please?

     



  • 7.  RE: DHCP-v6-PD

     
    Posted 01-29-2018 09:16

    Hi Clive, I would request you to open new thread.

     

    Regards,

    Rahul