Filter
Top Products
4-28
Cisco 10000 Series Router Software Configuration Guide
OL-2226-23
Chapter 4 Configuring Multiprotocol Label Switching
Half-Duplex VRF
no auto-summary
exit-address-family
!
address-family ipv4 vrf U
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf D
redistribute static
no auto-summary
no synchronization
exit-address-family
!
ip local pool U-pool 2.8.1.1 2.8.1.100
!
radius-server host 22.0.20.26 auth-port 1812 acct-port 1813
radius-server key cisco
RADIUS Sample Configuration
Example 4-12 shows how to configure the RADIUS server for HDVRF support. In this example, the
spokes inherit the default configuration. Static routes per spoke are defined to demonstrate that HDVRF
supports per-user static routes. The functionality of the HDVRF feature does not require that you define
static routes per spoke. This configuration was tested on FreeRADIUS
0.8.1.
Example 4-12 Configuring RADIUS for Half-Duplex VRFs
DEFAULT Service-Type == Framed-User
Framed-Protocol = PPP,
cisco-avpair = "ip:vrf-id=U downstream D",
cisco-avpair = "ip:ip-unnumbered=Loopback 2",
cisco-avpair = "ip:addr-pool=U-pool",
Fall-Through = Yes
labe Auth-Type := Local, User-Password == "labe"
cisco-avpair = "ip:route=2.0.0.5 255.255.255.255"
vltava Auth-Type := Local, User-Password == "vltava"
cisco-avpair = "ip:route=2.0.0.2 255.255.255.255"
Note Instead of using the lcp:interface-config RADIUS attribute, we recommend that you use the ip:vrf-id
RADIUS attribute when supported in Cisco IOS software. Unlike the lcp:interface-config attribute,
which causes full virtual interfaces to be used, the ip:vrf-id attribute causes virtual subinterfaces to be
used, which significantly improves scalability.