configure terminal
!!! Настройка радиус
radius-server vsa attribute ignore unknown
radius-server host {{billing_ip}} auth-port 1812 acct-port 1813
key 7 {{radius_secret}}
timeout 5
retransmit 1
!
!!! Настройка coa
aaa server radius dynamic-author
port {{coa_port}}
client {{billing_ip}}
server-key 7 {{coa_psw}}
!
!
!!! Настройка радиус группы
aaa accounting network default start-stop group CarbonRadius
no aaa group server radius CarbonRadiusIPOE
aaa group server radius CarbonRadiusIPOE
server {{billing_ip}} auth-port 1812 acct-port 1813
source-interface {{to_billing_int}}
!
!!! Настройка параметров авторизации
aaa authorization exec default local
aaa authorization network default-ipoe group CarbonRadiusIPOE
aaa authorization commands default none
aaa authentication login default local
aaa accounting update newinfo
aaa attribute format ipoe_auth
circuit-id
!
aaa attribute format NAS-FORMAT
circuit-id
!
aaa attribute format NAS-PORT-ID
circuit-id plus remote-id
!
aaa attribute format NAS_PORT_FORMAT
circuit-id plus remote-id separator .
!
aaa radius attribute nas-port format e SSAAPPPPQQQQQQQQQQVVVVVVVVVVUUUU type 32
aaa radius attribute nas-port format e SSAAPPPPQQQQQQQQQQVVVVVVVVVVUUUU
aaa radius attribute nas-port-id format NAS-FORMAT
aaa accounting service default group CarbonRadius
aaa accounting subscriber default-ipoe group CarbonRadiusIPOE
aaa authorization subscriber default-ipoe group CarbonRadiusIPOE
aaa authentication subscriber default-ipoe group CarbonRadiusIPOE
subscriber
pta tcp mss-adjust 1280
!
!!! Шаблон для ipoe абонентов
dynamic-template
type ipsubscriber IPOE
!!! Полиси мап для ipoe абонентов
policy-map type control subscriber IP_PM
event session-start match-first
class type control subscriber DHCP do-until-failure
5 activate dynamic-template IPOE
10 authorize aaa list default-ipoe format ipoe_auth password cisco
!
!
end-policy-map
!
!!! Настройка dhcp прокси. giaddr должен быть ip адрес интерфейса, который подключен к биллингу
dhcp ipv4
profile DHCP_CRB_PROFILE proxy
helper-address {{billing_ip}} giaddr {{telnet_ip}}
lease proxy set-server-options
relay information option
relay information policy keep
relay information option allow-untrusted
!
@@@ for abon_int in abon_ints
interface {{abon_int}} proxy profile DHCP_CRB_PROFILE
@@@ endfor
!!! Настройка отправки netlfow
flow exporter-map Carbon
version v5
options sampler-table timeout 2000
template data timeout 10000
!
transport udp 9996
source {{to_billing_int}}
destination {{billing_ip}}
!
flow monitor-map Carbon
record ipv4
exporter Carbon
cache entries 50000
cache timeout active 2
cache timeout inactive 5
!
!!! Настройки абонентского интерфейса
@@@ for abon_int in abon_ints
interface {{abon_int}}
arp learning disable
service-policy type control subscriber IP_PM
flow ipv4 monitor Carbon sampler nfm ingress
flow ipv4 monitor Carbon sampler nfm egress
ipsubscriber ipv4 l2-connected
initiator dhcp
initiator unclassified-source
!
!
@@@ endfor
end
exit
ipoe_bng.cfg
Skip to end of metadata
Go to start of metadata