Virtual Private LAN Services
7750 SR OS Services Guide Page 357
Auto SDPs and Auto SDP Bindings
When a VPLS service is created and the radius-discovery command is enabled, manual
configuration of SDPs is not required. The far-end SDP is discovered by RADIUS and an auto-
SDP will be created for each far-end PE. An auto-SDP binding will be created for the service (the
SDP binding is on a per service basis). The auto-SDP can be used for other VPLS service
instances between the pair of PEs. If a manual SDP binding is created for the service, it will be
preferred to the auto-SDP binding to allow override.
An auto-SDP is created by a PE router automatically with information provided by RADIUS
discovery. The binding, auto-SDP binding is created automatically for an auto-SDP. An auto-SDP
can be GRE based or LDP based. The default is GRE.
An SNMP trap is generated to inform the NMS about the creation of an auto-SDP or auto-SDP
binding. Auto-SDPs and auto-SDP bindings are not saved in the router configuration file. Auto-
SDPs cannot be manually configured nor modified.
Manual SDPs and Manual SDP Bindings
“Manual” SDPs can be used with RADIUS discovery. Manual SDPs take precedence over auto
SDPs.
If a manual SDP is available, it should be used to create the auto SDP binding; otherwise, the PE
router creates auto SDPs and auto SDP bindings. If there are multiple SDPs available for a remote
PE router, the SDP with the highest SDP ID should be used.
If a manual SDP was provisioned after the RADIUS discovery process, the admin>radius-
discovery>force-discover command should be executed in order to use the new manual SDPs.
Users cannot remove a manual SDP if there us an auto SDP binding associated with the manual
SDP. However, manual SDP bindings and RADIUS discovery are mutually exclusive. If a manual
SDP binding was already provisioned for a service, RADIUS discovery cannot be enabled for the
service, If RADIUS discovery was already enabled for a service, manual SDP bindings cannot be
provisioned for the service.
Discovery Procedures
A PE router issues an access-request to the RADIUS server using the configured VPN as the user-
name and configured password. The service type of the access request is L2VPN.4
The RADIUS server authenticates the PE router. If authentication is successful, it responds with
an access-accept which includes a list of IP addresses of the PE routers. Optional information such
as vc-type and SDP could be included. If authentication fails, an access-reject message is returned.
To Next Page
Loading...
