[AusNOG] DHCP server suitable for NBN

Philip Loenneker Philip.Loenneker at tasmanet.com.au
Wed Aug 24 10:35:12 EST 2016


Hi Craig,

I have looked at that option, but because FreeRADIUS is integrated with our customer management product, the vendor would have to implement that change. I asked them about it, and they said it is not a priority because they see it as an edge case, not a common feature their customers are after.

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 03 6165 2542 | M: 0404 097 816
philip.loenneker at tasmanet.com.au<mailto:philip.loenneker at tasmanet.com.au>
www.tasmanet.com.au<http://www.tasmanet.com.au/>

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Craig Askings
Sent: Wednesday, 24 August 2016 10:31 AM
To: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] DHCP server suitable for NBN

I've not tried it in that particular configuration, but Freeradius can act directly as a DHCP server.


On 24 Aug 2016, at 9:53 AM, Philip Loenneker <Philip.Loenneker at tasmanet.com.au<mailto:Philip.Loenneker at tasmanet.com.au>> wrote:

Hi all,

We have used a couple of different DHCP servers for NBN IPoE sessions over the last few years, all talking to a RADIUS back end to look up the static IP address information based on circuit-ID (AVC). Initially we used a Mikrotik router, but with a change in RADIUS server we need the DHCP server to use the circuit-ID as the AAA username, and the Mikrotik only uses the MAC address. I found that the DHCP server in our Cisco ASR could send the circuit-ID as the AAA username, but it has a “feature” where AAA-based DHCP sessions have a maximum life (defined by Cisco AVPair session-duration, which has to exist and can’t be zero) after which the DHCP lease is forced to be released and has to be renewed from scratch. This causes a brief outage to the service while they have no IP address, and causes some of our clients to failover to an alternate connection. After a chat with Cisco, I was told that it was by design and would not be changed or allowed to be overridden.

Our RADIUS server is FreeRADIUS, but it’s integrated with a customer management system, and it doesn’t allow us to use DEFAULT as the username and pick up the circuit-ID as an additional check.

Does anyone have any suggestions of a DHCP server that leverages RADIUS and can use circuit-ID as the AAA username, but is otherwise standard and allows unlimited renewals?

Regards,
Philip Loenneker | Network Engineer | TasmaNet
40-50 Innovation Drive, Dowsing Point, Tas 7010, Australia
P: 03 6165 2542 | M: 0404 097 816
philip.loenneker at tasmanet.com.au<mailto:philip.loenneker at tasmanet.com.au>
www.tasmanet.com.au<http://www.tasmanet.com.au/>

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20160824/07a627b2/attachment.html>


More information about the AusNOG mailing list