Routing

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.
  • 1.  MX: access-address assignment vs dhcp-local-service

    Posted 12-04-2017 23:51

    I'm going through a MX dynamic subscriber managment configuration and noticed that in case we configure MX as DHCP-server for PPPoE subscribers there's no need to configure DHCP-server in system/services/dhcp-local-server. Configure pools in access address-assignment and you're good to go. However, when it comes to IP-based subscribers you also need to configure dhcp-local-server.

    Why exactly is it implemented in such a way?


    #mx
    #PPPoE
    #dhcp-server
    #DHCP


  • 2.  RE: MX: access-address assignment vs dhcp-local-service

     
    Posted 12-05-2017 00:48

    Hi,

     

    DHCP and PPPoE are completely different protocols.

     

    DHCP works on DORA process. Here address is assigned by DHCP server.

     

    Discover

    Offer

    Request

    ACK

     

    DHCP server is configured on MX to listen port 67 and 68. It uses AAA to assign address in case loopback address matches the pool subnet or you can assign the address via radius.

     

    In case you don't configure the dhcp-local-server, MX will not process the DHCP discover as it won't be listen to the ports.

     

    TEST# show system services dhcp-local-server
    TEST#

    TEST> show system processes extensive | grep jdhcp
    TEST> show system connections | match 67
    TEST> show system connections | match 68   

     

    TEST# set system services dhcp-local-server group test interface ge-0/0/0

    labroot@ERX-MX960-NS-1> show system processes extensive | grep jdhcp
    12067 root        2  39    0   545M 96108K select  3   0:00   0.78% jdhcpd

    TEST> show system connections | grep 67     
    udp4       0      0  *.67                                          *.*


    TEST> show system connections | grep 68   
    udp4       0      0  *.68                                          *.*

     

    PPPoE has two stages. Discovery and PPP session . DHCP server doesn't play any role here.

     

    PPPoE

     

    PPPoE is a rather simple layer 2 protocol which allows to tunnel PPP frames accross an ethernet segment.
    The protocol uses 4 way handshake where the subscriber side tries to discover the Access Concentrator (the MX in our case) available to offer service, this is the discovery phase which uses ethertype 8863. The subscriber select an offer from the AC available which answers with session id.
    When successful PPPoE negotiation completes the peers have an session_ID and each other MAC addresses which is uniquely identifying a PPP session. Then start the session phase which uses ethertype 8864.

     

    Discovery

    PADI

    PADO

    PADR

    PADS

     

    Session

    LCP [Authentication]

    NCP [IP negotiation]

     

    The Link Control Protocol is used to establish, configure, monitor and terminate the link, it is always the first protocol negotiated. Most common options negotiated during the LCP phase are MRU, authentication protocol, if options are not present default values of the parameter are assumed (i.e. MRU=1500).
    PPP is a symetric peer to peer protocol and LCP phase is said to be finished only when both peers have sent and received configuration acknowlegdment to confirm alignment on the LCP parameters negotiated. NCP packets received during this phase should be silently discarded.

     

    NCP is used by PPP to negotiate network protocols parameters. I will concentrate on IPCP since this is the most used one and corresponds to IP network protocol, in BRAS evironment Service Provider use the protocol to transport IP datagram accrros the link, to assign IP addresses and DNS address to subscribers among the most use parameters.

     

     

    Regards,

    Rahul

    *************************************
    Accept this as solution if it resolved your issue.
    Kudos would be appreciated too.

     

     



  • 3.  RE: MX: access-address assignment vs dhcp-local-service

    Posted 12-05-2017 02:27

    Hi. Sure, I know how DHCP and PPPoE are working and I'm aware we're dealing with two different protocols in these two cases.

    I was just under impression that, roughly speaking, we have one single process which's in charge of address assignment in both cases (cause in the end in both cases whether we are talking of PPPoE or of DHCP, MX will need to assign address to subscriber from configured pool) and what confused me is that in one case we needed to explicitly list the interface and in another we didn't.

    What I expected to hear is maybe a bit deeper view on how is it implemented, something like "there's in fact standalone process responsible for address allocation regardless of protocol which demands this allocation, dhcp and pppoe processes are interacting with this process when there's need to give address to subscriber".

     



  • 4.  RE: MX: access-address assignment vs dhcp-local-service
    Best Answer

    Posted 12-05-2017 02:35

    Hello,


    @grindelwaldus wrote:

    what confused me is that in one case we needed to explicitly list the interface and in another we didn't.

     

     


    Interface in case of DHCP local server is required to match the pool IP address range with that interface IP. To find out what pool to grab the client IP from, if You will.

    Interface in case of PPPOE is not required since pool matching can be done on many more criteria including username/domain/RADIUS framed-pool attribute/etc.

    HTH

    Thx
    Alex



  • 5.  RE: MX: access-address assignment vs dhcp-local-service

     
    Posted 12-05-2017 03:02

    The process responsible for address-assignment is authd in junos. You can enable the logs and check how the address-assignment is done.

     

    TEST# show system processes
    general-authentication-service {
        traceoptions {
            file authd size 500m files 10;
            flag all;
        }
    }

     

    Regards,

    Rahul Nayar