Hi all,
Thank you for your help with regards to the BGP configuration. We now have a fully working end-to-end test completed for IPv4. I have a couple of quick questions if I may regarding the same test for IPv6 (as we will be utilising dual-stack):
First question is regarding the LNS. Currently we have everything configured to allow for IPv4 and, although I had IPv6 offering working before, it was only working via the IPv6 address being issued from a pool on the LNS. I have no problem configuring the Framed-IPv6-Prefix VSA on the RADIUS, but, what are the best command lines to introduce on the LNS to allow for this IPv6. Currently configured as follows for IPv4:
set dynamic-profiles dyn-lns-profile routing-instances "$junos-routing-instance" interface "$junos-interface-name"
set dynamic-profiles dyn-lns-profile routing-instances "$junos-routing-instance" routing-options access route $junos-framed-route-ip-address-prefix next-hop "$junos-framed-route-nexthop"
set dynamic-profiles dyn-lns-profile routing-instances "$junos-routing-instance" routing-options access route $junos-framed-route-ip-address-prefix metric "$junos-framed-route-cost"
set dynamic-profiles dyn-lns-profile routing-instances "$junos-routing-instance" routing-options access route $junos-framed-route-ip-address-prefix preference "$junos-framed-route-distance"
set dynamic-profiles dyn-lns-profile routing-instances "$junos-routing-instance" routing-options access-internal route $junos-subscriber-ip-address qualified-next-hop "$junos-interface-name"
set dynamic-profiles dyn-lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" dial-options l2tp-interface-id l2tp-encapsulation
set dynamic-profiles dyn-lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" dial-options dedicated
set dynamic-profiles dyn-lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" no-traps
set dynamic-profiles dyn-lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet unnumbered-address "$junos-loopback-interface"
set dynamic-profiles dyn-lns-profile interfaces "$junos-interface-ifd-name" unit "$junos-interface-unit" family inet6 unnumbered-address "$junos-loopback-interface"
set system dynamic-profile-options versioning
set system services subscriber-management enable
set system configuration-database max-db-size 314572800
set system processes smg-service
set services l2tp tunnel-group LAC l2tp-access-profile l2tp-profile
set services l2tp tunnel-group LAC aaa-access-profile aaa-profile
set services l2tp tunnel-group LAC local-gateway address 195.80.0.62
set services l2tp tunnel-group LAC service-device-pool lns
set services l2tp tunnel-group LAC dynamic-profile dyn-lns-profile
set services service-device-pools pool lns interface si-1/2/0
set interfaces si-1/2/0 hierarchical-scheduler maximum-hierarchy-levels 2
set interfaces si-1/2/0 encapsulation generic-services
set interfaces si-1/2/0 unit 0 family inet
set interfaces si-1/2/0 unit 0 family inet6
set access group-profile l2tp-group-profile ppp idle-timeout 200
set access group-profile l2tp-group-profile ppp ppp-options pap
set access group-profile l2tp-group-profile ppp ppp-options mtu 1492
set access group-profile l2tp-group-profile ppp keepalive 30
set access profile l2tp-profile client 21CN l2tp maximum-sessions-per-tunnel 4000
set access profile l2tp-profile client 21CN l2tp interface-id l2tp-encapsulation
set access profile l2tp-profile client 21CN l2tp shared-secret "$9$5T6AB1hrK8Ec87dsJZqmfTn/Ap0IhS"
set access profile l2tp-profile client 21CN user-group-profile l2tp-group-profile
set access profile aaa-profile authentication-order radius
set access profile aaa-profile radius authentication-server 195.80.0.38
set access profile aaa-profile radius-server 195.80.0.38 secret "$9$2mgGiPfz6CuQFu1EyW8VwYgZUik.5z3"
set access address-assignment pool POOL family inet network 192.168.85.0/24
set access address-assignment pool POOL family inet range lns low 192.168.85.1
set access address-assignment pool POOL family inet range lns high 192.168.85.254
Can I assume that I only need to add the following lines of code to the LNS:
set dynamic-profiles dyn-lns-profile protocols router-advertisement interface "$junos-interface-name" managed-configuration
set dynamic-profiles dyn-lns-profile protocols router-advertisement interface "$junos-interface-name" other-stateful-configuration
set dynamic-profiles dyn-lns-profile protocols router-advertisement interface "$junos-interface-name" prefix $junos-ipv6-ndra-prefix
set system services dhcp-local-server dhcpv6 group test interface si-1/2/0.0
set access address-assignment neighbor-discovery-router-advertisement NDRA
set access address-assignment pool POOL family inet6 prefix 2a05:d840:0100:0200::/64
set access address-assignment pool POOL family inet6 range LNS low 2a05:d840:0100:0200::2/128
set access address-assignment pool POOL family inet6 range LNS high 2a05:d840:0100:0200::10/128
set access address-assignment pool NDRA family inet6 prefix 2a05:d840:0100::/48
set access address-assignment pool NDRA family inet6 range LNS low 2a05:d840:0100:0200::/64
set access address-assignment pool NDRA family inet6 range LNS high 2a05:d840:0100:ffff::/64
set routing-instances test access address-assignment neighbor-discovery-router-advertisement NDRA
set routing-instances test access address-assignment pool POOL family inet6 prefix 2a05:d840:0100:0200::/64
set routing-instances test access address-assignment pool POOL family inet6 range LNS low 2a05:d840:0100:0200::2/128
set routing-instances test access address-assignment pool POOL family inet6 range LNS high 2a05:d840:0100:0200::10/128
Apologies for the length of the post.