blob: 1de8bf486d761f112c342ecca3198a68c044a2ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
|
<!DOCTYPE html>
<html class="writer-html5" lang="en" data-content_root="../">
<head>
<meta charset="utf-8" /><meta name="viewport" content="width=device-width, initial-scale=1" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>RADIUS and DM/CoA features — Accel-ppp 1.12 documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css?v=80d5e7a1" />
<link rel="stylesheet" type="text/css" href="../_static/css/theme.css?v=19f00094" />
<link rel="shortcut icon" href="../_static/favicon.ico"/>
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script src="../_static/jquery.js?v=5d32c60e"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js?v=2cd50e6c"></script>
<script src="../_static/documentation_options.js?v=2d52a127"></script>
<script src="../_static/doctools.js?v=9a2dae69"></script>
<script src="../_static/sphinx_highlight.js?v=dc90522c"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="Examples" href="../examples/examples.html" />
<link rel="prev" title="BRAS tuning" href="BRAS_tuning.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html" class="icon icon-home">
Accel-ppp
<img src="../_static/logo.png" class="logo" alt="Logo"/>
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<p class="caption" role="heading"><span class="caption-text">Contents:</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../installation/install.html">Installation</a></li>
<li class="toctree-l1"><a class="reference internal" href="../configuration/configuration.html">Configuration</a></li>
<li class="toctree-l1"><a class="reference internal" href="control_features.html">Control features</a></li>
<li class="toctree-l1"><a class="reference internal" href="recommendations.html">Recommendations</a></li>
<li class="toctree-l1"><a class="reference internal" href="BRAS_tuning.html">BRAS tuning</a></li>
<li class="toctree-l1 current"><a class="current reference internal" href="#">RADIUS and DM/CoA features</a><ul>
<li class="toctree-l2"><a class="reference internal" href="#set-vrf-via-coa">Set VRF via CoA</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../examples/examples.html">Examples</a></li>
<li class="toctree-l1"><a class="reference internal" href="../debugging/index.html">Debugging</a></li>
<li class="toctree-l1"><a class="reference internal" href="../debugging/faq.html">FAQ</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">Accel-ppp</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item active">RADIUS and DM/CoA features</li>
<li class="wy-breadcrumbs-aside">
<a href="../_sources/guides/radius_features.rst.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="radius-and-dm-coa-features">
<h1>RADIUS and DM/CoA features<a class="headerlink" href="#radius-and-dm-coa-features" title="Link to this heading"></a></h1>
<p>Since from commit version 385c403 accel-ppp support VRF (Virtual Routing and Forwarding).</p>
<p>Usually, this feature is useful to isolate clients e.g. put client interface to some context with different routing and firewall rules.
User interface can be put to VRF context via RADIUS Access-Accept packet, or change it via RADIUS CoA.</p>
<p>Accel-ppp uses own RADIUS vendor dictionary <a class="reference external" href="https://github.com/accel-ppp/accel-ppp/blob/master/accel-pppd/radius/dict/dictionary.accel">https://github.com/accel-ppp/accel-ppp/blob/master/accel-pppd/radius/dict/dictionary.accel</a> and RADIUS attribute <code class="docutils literal notranslate"><span class="pre">Accel-VRF-Name</span></code></p>
<p>All VRFs should be manually created in advance:</p>
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span>ip<span class="w"> </span>link<span class="w"> </span>add<span class="w"> </span>VRF_NAME<span class="w"> </span><span class="nb">type</span><span class="w"> </span>vrf<span class="w"> </span>table<span class="w"> </span>RT_TABLE_ID
ip<span class="w"> </span>link<span class="w"> </span><span class="nb">set</span><span class="w"> </span>dev<span class="w"> </span>VRF_NAME<span class="w"> </span>up
</pre></div>
</div>
<p>Linux VRF documentation <a class="reference external" href="https://www.kernel.org/doc/Documentation/networking/vrf.txt">https://www.kernel.org/doc/Documentation/networking/vrf.txt</a></p>
<p>If <code class="docutils literal notranslate"><span class="pre">Accel-VRF-Name</span></code> is used in Access-Accept message, but VRF was not created then the session will not be established.</p>
<section id="set-vrf-via-coa">
<h2>Set VRF via CoA<a class="headerlink" href="#set-vrf-via-coa" title="Link to this heading"></a></h2>
<p>Put user interface to some VRF context</p>
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="nb">echo</span><span class="w"> </span><span class="s1">'User-Name=bob, Accel-VRF-Name="red"'</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>radclient<span class="w"> </span>-x<span class="w"> </span><span class="m">127</span>.0.0.1:3799<span class="w"> </span>coa<span class="w"> </span>testing123
</pre></div>
</div>
<p>Delete user interface from VRF context</p>
<div class="highlight-sh notranslate"><div class="highlight"><pre><span></span><span class="nb">echo</span><span class="w"> </span><span class="s1">'User-Name=bob, Accel-VRF-Name="0"'</span><span class="w"> </span><span class="p">|</span><span class="w"> </span>radclient<span class="w"> </span>-x<span class="w"> </span><span class="m">127</span>.0.0.1:3799<span class="w"> </span>coa<span class="w"> </span>testing123
</pre></div>
</div>
<p>If <code class="docutils literal notranslate"><span class="pre">Accel-VRF-Name</span></code> is used in CoA message and VRF does not exist then CoA-NAK will be sent.</p>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="BRAS_tuning.html" class="btn btn-neutral float-left" title="BRAS tuning" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="../examples/examples.html" class="btn btn-neutral float-right" title="Examples" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>© Copyright 2023, Accel-ppp Dev.</p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>
|
