Cisco 10000-2P2-2DC Software Configuration Manual page 90

10000 series
Table of Contents

Advertisement

Access Technologies
For releases earlier than Cisco IOS Release 12.2(16)BX1, to map sessions to VRFs by using the
Note
RADIUS server, use the syntax lcp:interface-config. This configuration forces the
Cisco 10000 series router to use full access virtual interfaces, which decreases scaling. We recommend
that you do not use this configuration. Upgrading to Cisco IOS Release 12.2(16)BX1 or later releases
will eliminate this restriction.
The following events occur as the VHG or PE router processes the incoming PPPoE session:
A PPPoE session is initiated over the broadband access network.
1.
The VHG/PE router accepts and terminates the PPPoE session.
2.
The VHG/PE router obtains virtual access interface (VAI) configuration information.
3.
a.
b.
c.
Use virtual template interfaces to map sessions to VRFs. The Cisco 10000 series router can then
scale to 32,000 sessions. In Cisco IOS Release 12.2(16)BX1 and later releases, when you map
sessions to VRFs by using the RADIUS server, use the syntax ip:vrf-id or ip:ip-unnumbered.
These vendor specific attributes (VSAs) enhance the scalability of per-user configurations because
a new full virtual access interface is not required. For more information, see the
Scalability of Per-User Configurations" section on page
Note
Typically, the customer RADIUS server is located within the customer VPN. To ensure that
transactions between the VHG/PE router and the customer RADIUS server occur over routes within
the customer VPN, the VHG/PE router is assigned at least one IP address that is valid within the
VPN.
The VHG/PE router forwards accounting records to the service provider's proxy RADIUS server,
4.
which in turn logs the accounting records and forwards them to the appropriate customer
RADIUS server.
The VHG/PE obtains an IP address for the CPE. The address is allocated from one of the following:
5.
The CPE is now connected to the customer VPN. Packets can flow to and from the remote user.
6.
Cisco 10000 Series Router Software Configuration Guide
3-6
The VHG/PE obtains virtual template interface configuration information, which typically
includes VRF mapping for sessions.
The VHG/PE sends a separate request to either the customer's or service provider's
RADIUS server for the VPN to authenticate the remote user.
The VPN's VRF instance was previously instantiated on the VHG or PE. The VPN's VRF
contains a routing table and other information associated with a specific VPN.
For releases earlier than Cisco IOS Release 12.2(16)BX1, to map sessions to VRFs by using the
RADIUS server, use the syntax lcp:interface-config. This configuration forces the
Cisco 10000 series router to use full access virtual interfaces, which decreases scaling. We
recommend that you do not use this configuration. Upgrading to Cisco IOS Release
12.2(16)BX1 or later releases will eliminate this restriction.
Local address pool
Service provider's RADIUS server, which either specifies the address pool or directly provides
the address
Service provider's DHCP server
Chapter 3
Configuring Remote Access to MPLS VPN
2-17.
"Enhancing
OL-2226-23

Advertisement

Table of Contents
loading

This manual is also suitable for:

1000510008

Table of Contents