Re: [Emerald] Radius Routing

Dale E. Reed Jr. ( (no email) )
Mon, 17 Jan 2000 10:44:25 -0800

Malcolm Joosse wrote:
>
> Hello List,
> I have been throwen into the deepend and am learning fast from listgroups
> like this. One thing that I am still learning is IP Routing.
> We have a small ISP with heaps of bells and whistles that can become
> confusing when it comes to routing.
> We have a MAX6000 router, RadiusNT/Emerald server on the same network. I
> also have 8 class C IP addresses to manage on this segment. I have a
> firewall port filtering traffic connected to a gateway router to the net.
> I have many customers with their own subnets and I am having trouble making
> the routes happen properly. I seem to end up putting in a manual route on
> my MAX6000 for these subnets to work. I have been told to set all the
> default routes to the firewall and all the local addresses seem to work as
> do the DHCP assigned dialups.
> I setup a subnetted customer in Emerald with the following:
> Framed-Protocol = PPP
> Framed-address = their router IF
> Framed-netmask = /29 for 8ip's
> Framed-route = xxx.xxx.xxx.xxx/29 1 their.router.ip
>
> Where is this information added to a routing table on which machine and why
> does it not work without manual routes set on the MAX ?
> Any ideas would be great.

The route information should be added to the max. However, I'm thinking
your route format is wrong. BTW, netmask if for the routers WAN
interface,
not its Ethernet interface. You rarely need it.

Framed route should look like:

Framed-Route = "x.x.x.x/29 their.route.ip 1"

Here is the RFC verbage:

> Type
> 22 for Framed-Route.
>
> Length
> >= 3
>
> String
> The String field is one or more octets, and its contents are
> implementation dependent. It is intended to be human readable and
> MUST NOT affect operation of the protocol. It is recommended that
> the message contain displayable ASCII characters from the range 32
> through 126 decimal.
>
> For IP routes, it SHOULD contain a destination prefix in dotted
> quad form optionally followed by a slash and a decimal length
> specifier stating how many high order bits of the prefix should be
> used. That is followed by a space, a gateway address in dotted
> quad form, a space, and one or more metrics separated by spaces.
> For example, "192.168.1.0/24 192.168.1.1 1 2 -1 3 400". The length
> specifier may be omitted in which case it should default to 8 bits
> for class A prefixes, 16 bits for class B prefixes, and 24 bits
> for class C prefixes. For example, "192.168.1.0 192.168.1.1 1".
>
> Whenever the gateway address is specified as "0.0.0.0" the IP
> address of the user SHOULD be used as the gateway address.

-- 

Dale E. Reed Jr.      Emerald and RadiusNT__________________________________________IEA Software, Inc.    www.iea-software.com

For more information about this list (including removal) go to:http://www.iea-software.com/support/maillists/liststart