Mailing List Archive: LSDO vrf aware...

LSDO vrf aware...

Jun 9, 2005, 1:45 AM

Post #1 of 5 (3193 views)

Hello,

we're already using LSDO and vrf on some of our 3640s - but so far we had
no luck combining both.

config looks like:

hostname foo
!
vrf bar
rd xx:xx
!
aaa route download 30
int di1
dialer aaa

Radius profiles looks like

foo-1 Password == "cisco"
Service-Type = Outbound-User
Framed-Route += "10.1.2.0/24 Dialer1 vrf bar name baz"

# phone number to trigger isdn callback
baz-out-bar Password == "cisco"
Service-Type = Outbound-User,
Ascend-Dial-Number = 02203103458

# used when the user calls back
baz Password == "topsecret"
...

This seems to work fine, when we add the static routes manually:
ip route vrf bar 10.1.2.0 255.255.255.0 Dialer1 name baz

We're currently using c3640-telco-mz.123-13a.bin. I've seen the same
behavior with c3640-k9p-mz.122-15.T5.

Does anybody have an Idea on how to get the route-download working?
I've had no luck searching cisco.com.

Rainer

--
KeyID=759975BD fingerprint=887A 4BE3 6AB7 EE3C 4AE0 B0E1 0556 E25A 7599 75BD

RE: LSDO vrf aware... [ In reply to ]

oboehmer at cisco

Jun 9, 2005, 2:14 AM

Post #2 of 5 (3073 views)

Permalink

Rainer Clasen <> wrote on Thursday, June 09, 2005 10:46 AM:

> Hello,
>
> we're already using LSDO and vrf on some of our 3640s - but so far we
> had no luck combining both.
>
[..]
>
> Radius profiles looks like
>
> foo-1 Password == "cisco"
> Service-Type = Outbound-User
> Framed-Route += "10.1.2.0/24 Dialer1 vrf bar name baz"

If you want to add a vrf static route, you need to use Cisco-avpair,
i.e.

Cisco-avpair = "ip:route=vrf bar 10.1.2.0 255.255.255.0 Dialer1 name
baz"

I recommend using Cisco-AVPs in LSDO route profiles. Framed-route will
probably work in many scenarios (except when using vrf's, as seen here),
but I don't think we test this..

oli

Re: LSDO vrf aware... [ In reply to ]

bj at zuto

Jun 9, 2005, 3:20 AM

Post #3 of 5 (3105 views)

Permalink

Oliver Boehmer (oboehmer) wrote:
> Rainer Clasen <> wrote on Thursday, June 09, 2005 10:46 AM:
> > we're already using LSDO and vrf on some of our 3640s - but so far we
> > had no luck combining both.
>
> Cisco-avpair = "ip:route=vrf bar 10.1.2.0 255.255.255.0 Dialer1 name
> baz"

This works fine. Thanks alot.

Rainer

--
KeyID=759975BD fingerprint=887A 4BE3 6AB7 EE3C 4AE0 B0E1 0556 E25A 7599 75BD

RE: LSDO vrf aware... [ In reply to ]

oboehmer at cisco

Jun 9, 2005, 3:29 AM

Post #4 of 5 (3113 views)

Permalink

Rainer Clasen <mailto:bj@zuto.de> wrote on Thursday, June 09, 2005 12:21
PM:

> Oliver Boehmer (oboehmer) wrote:
>> Rainer Clasen <> wrote on Thursday, June 09, 2005 10:46 AM:
>>> we're already using LSDO and vrf on some of our 3640s - but so far
>>> we had no luck combining both.
>>
>> Cisco-avpair = "ip:route=vrf bar 10.1.2.0 255.255.255.0 Dialer1 name
>> baz"
>
> This works fine. Thanks alot.

one more comment: LSDO vrf-aware is only supported for L2TP Dial-out, so
if you're using this directly on an ISDN box, you're on your own..

oli

Re: LSDO vrf aware... [ In reply to ]

bj at zuto

Jun 9, 2005, 4:52 AM

Post #5 of 5 (3091 views)

Permalink

Oliver Boehmer (oboehmer) wrote:
> Rainer Clasen <mailto:bj@zuto.de> wrote on Thursday, June 09, 2005 12:21 PM:
>
> > Oliver Boehmer (oboehmer) wrote:
> >> Rainer Clasen <> wrote on Thursday, June 09, 2005 10:46 AM:
> >>> we're already using LSDO and vrf on some of our 3640s - but so far
> >>> we had no luck combining both.
> >>
> >> Cisco-avpair = "ip:route=vrf bar 10.1.2.0 255.255.255.0 Dialer1 name
> >> baz"
> >
> > This works fine. Thanks alot.
>
> one more comment: LSDO vrf-aware is only supported for L2TP Dial-out, so
> if you're using this directly on an ISDN box, you're on your own..

thanks for the heads up. I'll keep an eye on this for later IOS updates.
Maybe we're lucky, because we're using LSDO only to trigger callback.

Rainer

--
KeyID=759975BD fingerprint=887A 4BE3 6AB7 EE3C 4AE0 B0E1 0556 E25A 7599 75BD