vMX

 View Only
last person joined: 9 days ago 

Ask questions and share experiences about vMX.

  • 1.  reauthenticate lease-renewal - VSAs ignored

    Posted 10-14-2019 04:50

    Hi

     

    I'm trying to use reauthenticate lease-renewal under the dhcp local server but the VSAs are ignored when reauthentication occurs?

     

    root@LIx> Oct 14 12:36:40.180396 radius-access-request (reauth): User-Name added: 404e.363b.3bf3
Oct 14 12:36:40.180401 radius-access-request (reauth): User-Password added: ""
Oct 14 12:36:40.180421 radius-access-request (reauth): Service-Type added: 2
Oct 14 12:36:40.180432 radius-access-request (reauth): Chargeable-User-Identity added: 
Oct 14 12:36:40.180439 radius-access-request (reauth): Acct-Session-Id added: 339
Oct 14 12:36:40.180461 radius-access-request (reauth): DHCP-Options (Juniper-ERX-VSA) added: 35 01 01 3d 07 01 40 4e 36 3b 3b f3 39 02 05 dc 3c 0f 61 6e 64 72 6f 69 64 2d 64 68 63 70 2d 31 30 37 0a 01 03 06 0f 1a 1c 33 3a 3b 2b 
Oct 14 12:36:40.180471 radius-access-request (reauth): DHCP-MAC-Address (Juniper-ERX-VSA) added: 404e.363b.3bf3
Oct 14 12:36:40.180481 radius-access-request (reauth): Framed-IP-Address added: 203.0.113.121
Oct 14 12:36:40.180489 radius-access-request (reauth): Framed-IP-Netmask added: 255.255.255.0
Oct 14 12:36:40.180520 radius-access-request (reauth): NAS-Identifier added: LIx
Oct 14 12:36:40.180530 radius-access-request (reauth): NAS-Port added: 00 80 00 0c 
Oct 14 12:36:40.180536 radius-access-request (reauth): NAS-Port-Id added: ge-0/0/2.3221225666:12
Oct 14 12:36:40.180543 radius-access-request (reauth): NAS-Port-Type added: 15
Oct 14 12:36:40.180552 radius-access-request (reauth): PPPoE-Description (Juniper-ERX-VSA) added: pppoe 40:4e:36:3b:3b:f3
Oct 14 12:36:40.180563 radius-access-request (reauth): DHCP-First-Relay-IPv4-Address (Juniper-ERX-VSA) added: 203.0.113.1
Oct 14 12:36:40.180584 radius-access-request (reauth): DHCP-Header (Juniper-ERX-VSA) added: 01 01 06 00 78 89 b9 cb 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 4e 36 3b 3b f3 00 00 00 00 00 00 00 00 00 00 
Oct 14 12:36:40.192427 radius-access-accept: Framed-IP-Address received: 203.0.113.121
Oct 14 12:36:40.192437 radius-access-accept: CoS-Parameter-Type (Juniper-ERX-VSA) ignored
Oct 14 12:36:40.192443 radius-access-accept: CoS-Parameter-Type (Juniper-ERX-VSA) ignored
Oct 14 12:36:40.192449 radius-access-accept: Ingress-Policy-Name (Juniper-ERX-VSA) ignored


  • 2.  RE: reauthenticate lease-renewal - VSAs ignored
    Best Answer

     
    Posted 10-14-2019 10:03

    Hi Michael, 

     

        Here is lists the RADIUS standard attributes and VSAs that can be processed during reauthentication when received in the RADIUS Access-Accept message, and describes how authd handle changes in attributes. Attribute processing is consistent with CoA request processing. The characteristics of the reauthenticating subscriber session change only if new values or new attributes are received in the Access-Accept message.

     

    https://www.juniper.net/documentation/en_US/junos/topics/concept/dhcpv4-and-dhcpv6-radius-reauthentication-using-access-request-overview.html#RADIUSAttributesSupportedByReauthen-5ACE64EE

     

    You probaly need to do the Activate-Service if you need to modify CoS and filters. 

    The VSAs that are ignored are probably the unsupported ones for reauth.

     

     

    Hope this helps !!

     

    +++++++++++++++++++++++++++++++++++++++++++++

    Accept as Solution = cool !
    Accept as Solution+Kudo = You are a Star !

    +++++++++++++++++++++++++++++++++++++++++++++

     

    Regards

    Arpit

     

     

     

     



  • 3.  RE: reauthenticate lease-renewal - VSAs ignored

    Posted 10-14-2019 11:26

    My bad!

     

    Much appreciated, Arpit 🙂