Table of Contents
Advertisement
Half-Duplex VRF
no auto-summary
exit-address-family
!
address-family ipv4 vrf U
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf D
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip local pool U-pool 2.8.1.1 2.8.1.100
!
radius-server host 22.0.20.26 auth-port 1812 acct-port 1813
radius-server key cisco
RADIUS Sample Configuration
Example 4-12
spokes inherit the default configuration. Static routes per spoke are defined to demonstrate that HDVRF
supports per-user static routes. The functionality of the HDVRF feature does not require that you define
static routes per spoke. This configuration was tested on FreeRADIUS 0.8.1.
Example 4-12 Configuring RADIUS for Half-Duplex VRFs
DEFAULT Service-Type == Framed-User
labe
vltava
Instead of using the lcp:interface-config RADIUS attribute, we recommend that you use the ip:vrf-id
Note
RADIUS attribute when supported in Cisco IOS software. Unlike the lcp:interface-config attribute,
which causes full virtual interfaces to be used, the ip:vrf-id attribute causes virtual subinterfaces to be
used, which significantly improves scalability.
Cisco 10000 Series Router Software Configuration Guide
4-28
shows how to configure the RADIUS server for HDVRF support. In this example, the
Framed-Protocol = PPP,
cisco-avpair = "ip:vrf-id=U downstream D",
cisco-avpair = "ip:ip-unnumbered=Loopback 2",
cisco-avpair = "ip:addr-pool=U-pool",
Fall-Through = Yes
Auth-Type := Local, User-Password == "labe"
cisco-avpair = "ip:route=2.0.0.5 255.255.255.255"
Auth-Type := Local, User-Password == "vltava"
cisco-avpair = "ip:route=2.0.0.2 255.255.255.255"
Chapter 4
Configuring Multiprotocol Label Switching
OL-2226-23
Advertisement
Table of Contents
Troubleshooting
