Cisco Cisco ASR 5000
AAA Server Group Configuration Mode Commands
▀ radius attribute
▄ Command Line Interface Reference, StarOS Release 18
194
nexthop-forwarding-address nexthop_address
Configures next hop IP address for this NAS IP address. It optionally sets the RADIUS client to provide
VLAN ID and nexthop forwarding address to system when running in single nexthop gateway mode.
VLAN ID and nexthop forwarding address to system when running in single nexthop gateway mode.
nexthop_address
must be specified using IPv4 dotted-decimal notation.
Important:
To define more than one NAS IP address per context, in Global Configuration Mode use the
aaa
large-configuration
command. If enabled, for a PDSN a maximum of 400 and for a GGSN a maximum of 800
NAS IP addresses/NAS identifiers (1 primary and 1 secondary per server group) can be configured per context.
mpls-label input in_label_value | output out_label_value1 [ out_label_value2 ]
Configures the traffic from the specified RADIUS client NAS IP address to use the specified MPLS labels.
in_label_value
is the MPLS label that will identify inbound traffic destined for the configured NAS
IP address.
out_label_value1
and
out_label_value2
identify the MPLS labels to be added to packets sent
from the specified NAS IP address.
out_label_value1
is the inner output label.
out_label_value2
is the outer output label.
MPLS label values must be an integer from 16 to 1048575.
vlan vlan_id
This optional keyword sets the RADIUS client to provide VLAN ID with nexthop forwarding address to
system when running in single nexthop gateway mode.
system when running in single nexthop gateway mode.
vlan_id
must be a pre-configured VLAN ID, and must be an integer from 1 through 4096. It is the VLAN
ID to be provided to the system in RADIUS attributes.
This option is available only when nexthop-forwarding gateway is also configured with nexthop-forwarding-
address
This option is available only when nexthop-forwarding gateway is also configured with nexthop-forwarding-
address
nexthop_address
keyword and
aaa-large configuration
is enabled at Global Configuration
level.
Usage
This is necessary for NetWare Access Server usage such as the system must be identified to the NAS.
The system supports the concept of the active NAS-IP-Address. The active NAS-IP-Address is defined as the
current source IP address for RADIUS messages being used by the system. This is the content of the NAS-IP-
Address attribute in each RADIUS message.
The system will always have exactly one active NAS-IP-Address. The active NAS-IP-Address will start as
the primary NAS-IP-Address. However, the active NAS-IP-Address may switch from the primary to the
backup, or the backup to the primary. The following events will occur when the active NAS-IP-Address is
switched:
The system supports the concept of the active NAS-IP-Address. The active NAS-IP-Address is defined as the
current source IP address for RADIUS messages being used by the system. This is the content of the NAS-IP-
Address attribute in each RADIUS message.
The system will always have exactly one active NAS-IP-Address. The active NAS-IP-Address will start as
the primary NAS-IP-Address. However, the active NAS-IP-Address may switch from the primary to the
backup, or the backup to the primary. The following events will occur when the active NAS-IP-Address is
switched:
All current in-process RADIUS accounting messages from the entire system are cancelled. The
accounting message is re-sent, with retries preserved, using the new active NAS-IP-Address. Acct-
Delay-Time, however, is updated to reflect the time that has occurred since the accounting event.
The value of Event-Timestamp is preserved.
Delay-Time, however, is updated to reflect the time that has occurred since the accounting event.
The value of Event-Timestamp is preserved.
All current in-process RADIUS authentication messages from the entire system are cancelled. The
authentication message is re-sent, with retries preserved, using the new active NAS-IP-Address. The
value of Event-Timestamp is preserved.
value of Event-Timestamp is preserved.
All subsequent in-process RADIUS requests uses the new active NAS-IP-Address.