Cisco Cisco ASR 5000
Context Configuration Mode Commands N-R
▀ radius attribute
▄ Command Line Interface Reference, StarOS Release 18
2720
in_label_value
is the MPLS label that identifies inbound traffic destined for the configured NAS IP
address.
out_label_value1
and
out_label_value2
identify the MPLS labels to be added to the packets
sent from the specified NAS IP address.
out_label_value1
is the inner output label.
out_label_value2
is the outer output label.
MPLS label values must be an integer from 16 through 1048575.
Important:
This option is available only when nexthop-forwarding gateway is also configured with the
nexthop-forwarding-address
keyword.
nexthop-forwarding-address nexthop_ip_address
Configures the next hop IP address for this NAS IP address in IPV4 dotted-decimal or IPv6 colon-separated-
hexadecimal notation.
hexadecimal notation.
vlan vlan_id
Specifies the VLANID to be associated with the next-hop IP address as an integer from 1 through 4094.
Usage
This is necessary for NetWare Access Server usage such as the system must be identified to the NAS.
The system supports the concept of the active nas-ip-address. The active nas-ip-address is defined as the
current source ip address for RADIUS messages being used by the system. This is the content of the nas-ip-
address attribute in each RADIUS message.
The system will always have exactly one active nas-ip-address. The active nas-ip-address will start as the
primary nas-ip-address. However, the active nas-ip-address may switch from the primary to the backup, or
the backup to the primary. The following events will occur when the active nas-ip-address is switched:
The system supports the concept of the active nas-ip-address. The active nas-ip-address is defined as the
current source ip address for RADIUS messages being used by the system. This is the content of the nas-ip-
address attribute in each RADIUS message.
The system will always have exactly one active nas-ip-address. The active nas-ip-address will start as the
primary nas-ip-address. However, the active nas-ip-address may switch from the primary to the backup, or
the backup to the primary. The following events will occur when the active nas-ip-address is switched:
All current in-process RADIUS accounting messages from the entire system are cancelled. The
accounting message is re-sent, with retries preserved, using the new active nas-ip-address. Acct-
Delay-Time, however, is updated to reflect the time that has occurred since the accounting event.
The value of Event-Timestamp is preserved.
Delay-Time, however, is updated to reflect the time that has occurred since the accounting event.
The value of Event-Timestamp is preserved.
All current in-process RADIUS authentication messages from the entire system are cancelled. The
authentication message is re-sent, with retries preserved, using the new active nas-ip-address. The
value of Event-Timestamp is preserved.
value of Event-Timestamp is preserved.
All subsequent in-process RADIUS requests uses the new active nas-ip-address.
The system uses a revertive algorithm when transitioning active NAS IP addresses as described below:
If the configured primary nas-ip-address transitions from UP to DOWN, and the backup nas-ip-address
is UP, then the active nas-ip-address switches from the primary to the backup nas-ip-address
If the backup nas-ip-address is active, and the primary nas-ip-address transitions from DOWN to UP,
then the active nas-ip-address switches from the backup to the primary nas-ip-address
Example
The following command configures the RADIUS attribute nas-ip-address as
10.2.3.4
:
radius attribute nas-ip-address 10.2.3.4