Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Cisco>
  3. NAS
common pool for many NAS
achatz at forthnet
Oct 31, 2003, 5:12 AM
Post #1 of 5 (1253 views)
Permalink
What is the preffered way of using o common pool (/24) in many access routers?

Let me describe it a little better:

We have a lot of as5300 where we define locally 2 pools: 1 big (/24) and 1 small (/30),
for 2 kinds of dialup customers. The 2 customer kinds have different profiles in our
radius, which define different local pools names for each one.

We want to define all these small /30 networks as a /24 in a central router/server and
those specific customers to get ips from this router/server.
The problem is that we want to use such a method through aaa/radius, so we won't need to
create another group-async/dialer/vtemplate interface on the as5300.

Ofcourse, the central router/server should take care in order to not give the same ip
concurrently on 2+ users (even on different as5300s), like in local pool ip addressing.

Could dhcp be the solution in our problem?
If yes, wouldn't there be problems with dhcp/bootp requests across our wan/lan inks?
Helper-address seems to address this issue, but then why should all broadcasts be
forwarded to the central router/server?

--
***********************************
Chatzithomaoglou Anastasios
Network Design & Operations Center
FORTHnet S.A.
<achatz@forthnet.gr>
***********************************
Re: common pool for many NAS [ In reply to ]
Aaron at Cisco
Oct 31, 2003, 9:43 AM
Post #2 of 5 (1230 views)
Permalink
> What is the preffered way of using o common pool (/24) in many access routers?

> Let me describe it a little better:

> We have a lot of as5300 where we define locally 2 pools: 1 big (/24) and 1 small (/30),

So EACH 5300 has its own locally defined /24 pool and
/30 pool?

And these 5300s are not all centrally located on one LAN,
but are located at various places in your IP WAN?

> for 2 kinds of dialup customers. The 2 customer kinds have different profiles in our
> radius, which define different local pools names for each one.

> We want to define all these small /30 networks as a /24 in a central router/server and
> those specific customers to get ips from this router/server.
> The problem is that we want to use such a method through aaa/radius, so we won't need to
> create another group-async/dialer/vtemplate interface on the as5300.

> Ofcourse, the central router/server should take care in order to not give the same ip
> concurrently on 2+ users (even on different as5300s), like in local pool ip addressing.

Sounds to me like one good answer is to have RADIUS assign
the IP addresses.

> Could dhcp be the solution in our problem?

Yes, you could use DHCP for this too. That is,
DHCP from the DHCP server to the 5300; the 5300
would proxy the info from DHCP to IPCP for the
clients.

> If yes, wouldn't there be problems with dhcp/bootp requests across our wan/lan inks?
> Helper-address seems to address this issue, but then why should all broadcasts be
> forwarded to the central router/server?

DHCP doesn't have to use broadcasts; you could just
configure an explicit DHCP server address on the
AS5300s, so DHCP would use unicasts.

Aaron

> --
> ***********************************
> Chatzithomaoglou Anastasios
> Network Design & Operations Center
> FORTHnet S.A.
> <achatz@forthnet.gr>
> ***********************************


> _______________________________________________
> cisco-nas mailing list
> cisco-nas@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nas
Re: common pool for many NAS [ In reply to ]
achatz at forthnet
Nov 3, 2003, 7:47 AM
Post #3 of 5 (1235 views)
Permalink
Aaron Leonard wrote:

>>What is the preffered way of using o common pool (/24) in many access routers?
>
>
>>Let me describe it a little better:
>
>
>>We have a lot of as5300 where we define locally 2 pools: 1 big (/24) and 1 small (/30),
>
>
> So EACH 5300 has its own locally defined /24 pool and
> /30 pool?
>
yes...
> And these 5300s are not all centrally located on one LAN,
> but are located at various places in your IP WAN?
>
yes...

>
>>for 2 kinds of dialup customers. The 2 customer kinds have different profiles in our
>>radius, which define different local pools names for each one.
>
>
>>We want to define all these small /30 networks as a /24 in a central router/server and
>>those specific customers to get ips from this router/server.
>>The problem is that we want to use such a method through aaa/radius, so we won't need to
>>create another group-async/dialer/vtemplate interface on the as5300.
>
>
>>Ofcourse, the central router/server should take care in order to not give the same ip
>>concurrently on 2+ users (even on different as5300s), like in local pool ip addressing.
>
>
> Sounds to me like one good answer is to have RADIUS assign
> the IP addresses.
>
But how can i have radius assign different ip address per user? How will radius know which
ip address is being used?
>
>>Could dhcp be the solution in our problem?
>
>
> Yes, you could use DHCP for this too. That is,
> DHCP from the DHCP server to the 5300; the 5300
> would proxy the info from DHCP to IPCP for the
> clients.
>
>
>>If yes, wouldn't there be problems with dhcp/bootp requests across our wan/lan inks?
>>Helper-address seems to address this issue, but then why should all broadcasts be
>>forwarded to the central router/server?
>
>
> DHCP doesn't have to use broadcasts; you could just
> configure an explicit DHCP server address on the
> AS5300s, so DHCP would use unicasts.
>

So i just have to configure a dhcp server entry on each of the AS5300s and then configure
the dhcp pools on the dhcp server?
Do the dhcp pools and the dhcp server have to be in the same ip range?

> Aaron
>
>
>>--
>>***********************************
>> Chatzithomaoglou Anastasios
>>Network Design & Operations Center
>> FORTHnet S.A.
>> <achatz@forthnet.gr>
>>***********************************
>
>
>
>>_______________________________________________
>>cisco-nas mailing list
>>cisco-nas@puck.nether.net
>>https://puck.nether.net/mailman/listinfo/cisco-nas
>
>
>

--
***********************************
Chatzithomaoglou Anastasios
Network Design & Operations Center
FORTHnet S.A.
<achatz@forthnet.gr>
***********************************
Re: common pool for many NAS [ In reply to ]
Aaron at Cisco
Nov 3, 2003, 10:21 AM
Post #4 of 5 (1237 views)
Permalink
> >>We want to define all these small /30 networks as a /24 in a central router/server and
> >>those specific customers to get ips from this router/server.
> >>The problem is that we want to use such a method through aaa/radius, so we won't need to
> >>create another group-async/dialer/vtemplate interface on the as5300.
> >
> >
> >>Ofcourse, the central router/server should take care in order to not give the same ip
> >>concurrently on 2+ users (even on different as5300s), like in local pool ip addressing.
> >
> >
> > Sounds to me like one good answer is to have RADIUS assign
> > the IP addresses.
> >
> But how can i have radius assign different ip address per user? How will radius know which
> ip address is being used?

Many RADIUS servers have the capability of maintining their own
(internal) address pool - so they take on the job of allocating
addresses to the clients. You do have an issue when you have
multiple RADIUS servers, making sure that they coordinate their
address assignments.

> >>Could dhcp be the solution in our problem?
> >
> >
> > Yes, you could use DHCP for this too. That is,
> > DHCP from the DHCP server to the 5300; the 5300
> > would proxy the info from DHCP to IPCP for the
> > clients.

> So i just have to configure a dhcp server entry on each of the AS5300s and then configure
> the dhcp pools on the dhcp server?

Also use "peer default ip address dhcp" on the interfaces.

> Do the dhcp pools and the dhcp server have to be in the same ip range?

No.

Aaron
Re: common pool for many NAS [ In reply to ]
achatz at forthnet
Nov 3, 2003, 11:25 AM
Post #5 of 5 (1230 views)
Permalink
Aaron Leonard wrote:

>> >>We want to define all these small /30 networks as a /24 in a central
>> router/server and
>> >>those specific customers to get ips from this router/server.
>> >>The problem is that we want to use such a method through aaa/radius,
>> so we won't need to
>> >>create another group-async/dialer/vtemplate interface on the as5300.
>> >
>> >
>> >>Ofcourse, the central router/server should take care in order to not
>> give the same ip
>> >>concurrently on 2+ users (even on different as5300s), like in local
>> pool ip addressing.
>> >
>> >
>> > Sounds to me like one good answer is to have RADIUS assign
>> > the IP addresses.
>> >
>> But how can i have radius assign different ip address per user? How
>> will radius know which
>> ip address is being used?
>
>
> Many RADIUS servers have the capability of maintining their own
> (internal) address pool - so they take on the job of allocating
> addresses to the clients. You do have an issue when you have multiple
> RADIUS servers, making sure that they coordinate their
> address assignments.
>

ok....thx again for your valuable help aaron ;-)

It seems our radius platform (radiator) supports address allocation through dhcp or sql,
so we're going to test it.

>> >>Could dhcp be the solution in our problem?
>> >
>> >
>> > Yes, you could use DHCP for this too. That is,
>> > DHCP from the DHCP server to the 5300; the 5300
>> > would proxy the info from DHCP to IPCP for the
>> > clients.
>
>
>> So i just have to configure a dhcp server entry on each of the AS5300s
>> and then configure
>> the dhcp pools on the dhcp server?
>
>
> Also use "peer default ip address dhcp" on the interfaces.
>
>> Do the dhcp pools and the dhcp server have to be in the same ip range?
>
>
> No.
>
> Aaron
>

--
***********************************
Chatzithomaoglou Anastasios
Network Design & Operations Center
FORTHnet S.A.
<achatz@forthnet.gr>
***********************************

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal