[AusNOG] DHCP server suitable for NBN

Philip Loenneker Philip.Loenneker at tasmanet.com.au
Wed Aug 24 10:43:43 EST 2016 

An interesting idea… I assume we should be able to set up FreeRADIUS as a DHCP server but use an external RADIUS server instead of the local one…

I may well go down that path, but I would like to know if there is something that can do this out of the box that might save me some R&D.

From: Damien Gardner Jnr [mailto:rendrag at rendrag.net]
Sent: Wednesday, 24 August 2016 10:39 AM
To: Philip Loenneker <Philip.Loenneker at tasmanet.com.au>
Cc: Craig Askings <craig at askings.com.au>; ausnog at lists.ausnog.net
Subject: Re: [AusNOG] DHCP server suitable for NBN

What about putting your own FreeRadius server in front of the vendor one, and pop together some quick functions to re-map the circuit ID into the username before passing the query on to the vendor FreeRadius? :)

On 24 August 2016 at 10:35, Philip Loenneker <Philip.Loenneker at tasmanet.com.au<mailto:Philip.Loenneker at tasmanet.com.au>> wrote:
Hi Craig,

I have looked at that option, but because FreeRADIUS is integrated with our customer management product, the vendor would have to implement that change. I asked them about it, and they said it is not a priority because they see it as an edge case, not a common feature their customers are after.

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 03 6165 2542 | M: 0404 097 816
philip.loenneker at tasmanet.com.au<mailto:philip.loenneker at tasmanet.com.au>
www.tasmanet.com.au<http://www.tasmanet.com.au/>

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net<mailto:ausnog-bounces at lists.ausnog.net>] On Behalf Of Craig Askings
Sent: Wednesday, 24 August 2016 10:31 AM
To: ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>
Subject: Re: [AusNOG] DHCP server suitable for NBN

I've not tried it in that particular configuration, but Freeradius can act directly as a DHCP server.


On 24 Aug 2016, at 9:53 AM, Philip Loenneker <Philip.Loenneker at tasmanet.com.au<mailto:Philip.Loenneker at tasmanet.com.au>> wrote:

Hi all,

We have used a couple of different DHCP servers for NBN IPoE sessions over the last few years, all talking to a RADIUS back end to look up the static IP address information based on circuit-ID (AVC). Initially we used a Mikrotik router, but with a change in RADIUS server we need the DHCP server to use the circuit-ID as the AAA username, and the Mikrotik only uses the MAC address. I found that the DHCP server in our Cisco ASR could send the circuit-ID as the AAA username, but it has a “feature” where AAA-based DHCP sessions have a maximum life (defined by Cisco AVPair session-duration, which has to exist and can’t be zero) after which the DHCP lease is forced to be released and has to be renewed from scratch. This causes a brief outage to the service while they have no IP address, and causes some of our clients to failover to an alternate connection. After a chat with Cisco, I was told that it was by design and would not be changed or allowed to be overridden.

Our RADIUS server is FreeRADIUS, but it’s integrated with a customer management system, and it doesn’t allow us to use DEFAULT as the username and pick up the circuit-ID as an additional check.

Does anyone have any suggestions of a DHCP server that leverages RADIUS and can use circuit-ID as the AAA username, but is otherwise standard and allows unlimited renewals?

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 03 6165 2542 | M: 0404 097 816
philip.loenneker at tasmanet.com.au<mailto:philip.loenneker at tasmanet.com.au>
www.tasmanet.com.au<http://www.tasmanet.com.au/>

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog


_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog



--

Damien Gardner Jnr
VK2TDG. Dip EE. GradIEAust
rendrag at rendrag.net<mailto:rendrag at rendrag.net> -  http://www.rendrag.net/
--
We rode on the winds of the rising storm,
 We ran to the sounds of thunder.
We danced among the lightning bolts,
 and tore the world asunder
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160824/aeb77ca8/attachment-0001.html>

More information about the AusNOG mailing list