cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
191
Views
0
Helpful
0
Replies
Highlighted

[BNG] dhcp/radius attribute manipulation

Hi,
 
I'm implementing a BNG setup that requires me to format the username sent to a radius server for IPoEv6 authentication (fiber access). Customer requirement is that the username is created through the use of two fields: dhcpv6-interface-id and remote-id-tag. The problem I'm faced with is that the remote-id-tag attribute is coming in with extra characters that the ONT/OLT attach at the front of this field. For example: we're receiving "000007db302f332f30" instead of only "302f332f30" which is what we actually need from the remote-id-tag. (dhcpv6-interface-id is coming in as we expect it).
 
RP/0/RSP0/CPU0:BNG#show subscriber manager sadb
Tue Feb 25 07:07:58.548 UTC
Sublabel: 0x000000c5 Node_ID: 00000020 Signature: 0xabcdef12 Version: 1 Rev: 20
Length: 443
Attribute list: 5635102fbdb8
1: protocol-type len= 4 dhcpv6
2: dhcp-client-id len= 10 0x00-0x03-0x00-0x01-0xf4-0xb5-0xaa-0x95-0x65-0x7a(type :0x00, *******ez)
3: port-type len= 4 Virtual IP over QinQ
4: inner-vlan-id len= 4 12(c)
5: outer-vlan-id len= 4 400(190)
6: client-mac-address len= 14 f4b5.aa95.657a
7: parent-if-handle len= 4 1120(460)
8: remote-id-tag len= 18 000007db302f332f30 <-----
 
This string (000007db302f332f30) if converted to ASCII reflects the slot where this ONT resides, in this case "something+Û+0/3/0". Customer requirement mandates that we use "0/3/0" as part of the username, along with the information in dhcpv6-interface-id. I've been told by TAC that the problem is the 0000007 which is not printable by BNG (the documentation they sent me points to option82 in an ASR1k, I'm working with options 18 and 37 on an ASR9k), which forces the box to send the HEX string as is, instead of printing it (ASCII).
 
So, here's a few question to see if some of you have an idea how to deal with this.
 
- Does the BNG support a way to truncate the remote-id-tag attribute so that we only process/send the characters we need?
- If yes, can you provide a sample of how to achieve this?
- If this cannot be solved by the BNG itself and I'm not allowed to do this in the radius server (at least, at this point, I'm not allowed), can you thing of another solution?
 
Thanks for your help!
Regards,
c.
CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey