RADIUS ATTRIBUTES REFERENCE GUIDE
RELEASE 14.0.R4
RADIUS Attributes Reference
Issue: 01 3HE 10793 AAAB TQZZA 01 79
26-6527-207 Alc-RIP-Policy Refers to the preconfigured policy under configure subscriber-mgmt
rip-policy policy-name and enables the BNG to listen to RIPv1/v2
messages from the host (master SRRP node only in case of a dual-
homed BNG). The referenced policy contains the authentication-type
and authentication-key used to establish a RIP neighbor with this host.
Host setup is successful, but the RIP message from the host are
ignored if a non-existing policy name is received or if the SAP anti-spoof
type is different from nh-mac. Policy names above the maximum length
result in a host setup failure.
26-6527-208 Alc-BGP-IPv6-Policy Refers to a preconfigured policy under configure subscriber-mgmt
bgp- peering-policy policy-name. Mandatory attribute for dynamic
BGPv6 peering. The referenced policy contains all required parameters
to setup the dynamic BGPv6 peer. Peer-AS, MD5 key, Authentication-
Keychain and import/export policies can be overridden by optional
RADIUS attributes. Dynamic BGPv6 peering related attributes are
ignored if the session or host does not terminate in a VPRN. Host setup
is successful, but without BGPv6 peering if a non-existing policy name
is received or if the SAP anti-spoof type is different from nh-mac. Policy
names above the maximum length result in a host setup failure.
Note that unlike the ESMv4 case, there is no IPv6 interface address
associated with a subscriber interface. The peering address for CPE
devices can be any routable IPv6 interface address in the same routing
instance as the host (example a loopback interface). This requires multi-
hop BGPv6 capability on the CPE.
26-6527-209 Alc-BGP-IPv6-Auth-
Keychain
Optional attribute for dynamic BGPv6 peering. Refers to the keychain
parameters (configure system security keychain keychain-name)
used to sign and/or authenticate the BGPv6 protocol stream via the
TCP enhanced authentication option (draft-bonica-tcp-auth). Host
setup is successful but without BGPv6 peering if a non existing
keychain name is received. Keychain names above the maximum
length result in a host setup failure. Alternative for [26-6527-201] Alc-
BGP-IPv6-Auth-Key
26-6527-210 Alc-BGP-IPv6-Auth-
Key
Optional attribute for dynamic BGPv6 peering. Indicates the
authentication key used between BGPv6 peers before establishing
sessions. Authentication is done using the MD5 message based digest
protocol. Authentication keys are truncated at 247 Bytes and are not
encrypted.
Table 11 Business Access (Description) (Continued)
Attribute ID Attribute Name Description
To Next Page
Loading...
