3.2.43. ipoe-server¶

Note

requires a BNG IPoE Application License.

The IPoE server services configuration.

vsr running config# vrf <vrf> ipoe-server

enabled¶

Enable IPoE server.

vsr running config# vrf <vrf> ipoe-server
vsr running ipoe-server# enabled true|false

Default value: true

log-level¶

Log level to display.

vsr running config# vrf <vrf> ipoe-server
vsr running ipoe-server# log-level LOG-LEVEL

`LOG-LEVEL` values	Description
`disable`	Disable logging.
`error`	Display error message.
`warning`	Display error and warning message.
`notice`	Display error, warning and notice message.
`info`	Display all messages except debug.
`debug`	Display all messages.

Default value: error

dhcp-relay¶

Configuring IPoE DHCP relay agent.

vsr running config# vrf <vrf> ipoe-server dhcp-relay

server¶

List of DHCP server IP address to which DHCP queries should be relayed.

vsr running config# vrf <vrf> ipoe-server dhcp-relay
vsr running dhcp-relay# server SERVER

SERVER

An IPv4 address.

offer-timeout¶

unit: seconds

Time in seconds to wait between the reception of a DHCP OFFER from the server and the sending the DHCP ACK to the client before expiring the IPoE session.

vsr running config# vrf <vrf> ipoe-server dhcp-relay
vsr running dhcp-relay# offer-timeout <uint16>

Default value: 10

server-timeout¶

unit: seconds

Time in seconds to wait during the DHCP initialization (DISCOVER, OFFER, REQUEST, ACK) for a response from the DHCP server before retransmitting the packet. If no response is received after the last transmission, the session expires.

vsr running config# vrf <vrf> ipoe-server dhcp-relay
vsr running dhcp-relay# server-timeout <uint16>

Default value: 3

server-retransmit¶

Maximum number of retransmission during the DHCP initialization (DISCOVER, OFFER, REQUEST, ACK) of a packet from the DHCP relay to the server before the expiration of the IPoE session.

vsr running config# vrf <vrf> ipoe-server dhcp-relay
vsr running dhcp-relay# server-retransmit <uint16>

Default value: 3

router¶

Router DHCP Option 3 value to insert (or replace if it was set by the server) when relaying the DHCP packets from the server to the DHCP clients.

vsr running config# vrf <vrf> ipoe-server dhcp-relay
vsr running dhcp-relay# router ROUTER

ROUTER

An IPv4 address.

interface¶

Interface on which the DHCP relay agent must listen to client DHCP requests.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface>

<interface>

An interface name.

server¶

List of DHCP server IP addresses to which DHCP queries should be relayed.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface>
vsr running interface <interface># server SERVER

SERVER

An IPv4 address.

router¶

Router DHCP Option 3 value to insert (or replace if it was set by the server) when relaying the DHCP packets from the server to the DHCP clients.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface>
vsr running interface <interface># router ROUTER

ROUTER

An IPv4 address.

agent-information¶

Configure Relay Agent information parameters like the Gateway IP Address (giaddr) and DHCP option 82.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information

relay-address (mandatory)¶

Relay Agent IP Address to use as source and set in DHCP giaddr header when relaying the DHCP packets from the client to the DHCP servers.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information
vsr running agent-information# relay-address RELAY-ADDRESS

RELAY-ADDRESS

An IPv4 address.

trusted-circuit¶

Defines whether the circuit between the source of the DHCP request and this relay agent is trusted in accordance with section 2.1 of RFC3046. A circuit is generally considered trusted if it is managed by the same entity. If true (trusted), all incoming requests are accepted, even if they have already passed through a relay agent. If false (untrusted), DHCP requests containing a giaddr (relay agent address) or option 82 DHCP Agent Information are discarded.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information
vsr running agent-information# trusted-circuit true|false

Default value: false

link-selection¶

Link Selection DHCP Option 82.5 to append when relaying the DHCP packets to the DHCP servers. It provides the DHCP servers with the IP address of the IPoE server interface, especially when this address differs from the giaddr (relay agent Gateway IP Address). Option 82 including option 82.1 (Circuit-ID) containing the relay input interface is only sent to the server if at least one of the remote-id or link-selection options is enabled. The use of this option is detailed in RFC3527.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information
vsr running agent-information# link-selection LINK-SELECTION

LINK-SELECTION

An IPv4 address.

remote-id¶

Agent Remote ID DHCP Option 82.2 to append when relaying the DHCP packets to the DHCP servers. It identifies the remote end device. Option 82 including option 82.1 (Circuit-ID) containing the relay input interface is only sent to the server if at least one of the remote-id or link-selection options is enabled. The use of this option is detailed in RFC3046.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information remote-id

global¶

Global Agent Remote ID DCHP Option 82.2 value to append when relaying to DHCP packets to the DHCP servers. Because this value applies globally to all remote devices, it does not comply with RFC3046. However, it does ensure compatibility with certain DHCP implementations.

vsr running config# vrf <vrf> ipoe-server dhcp-relay interface <interface> agent-information remote-id
vsr running remote-id# global <string>

dhcpv6-relay¶

Configure IPoE DHCPv6 relay agent.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay

server¶

List of DHCP server IPv6 address to which DHCP queries should be relayed.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay
vsr running dhcpv6-relay# server SERVER

SERVER

An IPv6 address.

advertise-timeout¶

unit: seconds

Time in seconds to wait between the reception of a DHCPv6 ADVERTISE from the server and the sending the DHCv6 REPLY to the client before expiring the IPoE session.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay
vsr running dhcpv6-relay# advertise-timeout <uint16>

Default value: 10

interface¶

Interface on which the DHCPv6 relay agent must listen to client DHCP requests.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay interface <interface>

<interface>

An interface name.

server¶

List of DHCP server IPv6 addresses to which DHCP queries should be relayed.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay interface <interface>
vsr running interface <interface># server SERVER

SERVER

An IPv6 address.

agent-information¶

Configure Relay Agent information parameters like the Gateway IP Address (giaddr) and the DHCP link address.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay interface <interface> agent-information

relay-address (mandatory)¶

Relay Agent IPv6 Address to use as source and set in DHCPv6 giaddr header when relaying the DHCP packets from the client to the DHCP servers.

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay interface <interface> agent-information
vsr running agent-information# relay-address RELAY-ADDRESS

RELAY-ADDRESS

An IPv6 address.

link-address¶

IPv6 Link Address to append when relaying the DHCP packets to the DHCP servers. It provides the DHCP servers with the IP address of the IPoE server interface, especially when this address differs from the giaddr (relay agent Gateway IP Address).

vsr running config# vrf <vrf> ipoe-server dhcpv6-relay interface <interface> agent-information
vsr running agent-information# link-address LINK-ADDRESS

LINK-ADDRESS

An IPv6 address.

limits¶

IPoE DHCP replay limits configuration.

vsr running config# vrf <vrf> ipoe-server limits

max-session¶

Specify number of active IPoE sessions connections per server.

vsr running config# vrf <vrf> ipoe-server limits
vsr running limits# max-session <uint16>

max-starting¶

Specify number of concurrent sessions starting per server. Session startup is over when the DHCP server sends an ACK or NACK, or when startup exceeds the timeout.

vsr running config# vrf <vrf> ipoe-server limits
vsr running limits# max-starting <uint16>

offer-delay¶

List of delays to reply to DHCP Discover packets according to session count.

vsr running config# vrf <vrf> ipoe-server limits
vsr running limits# offer-delay session-count <1-10000> delay <uint32>

<1-10000>

Session count starting which the delay is enforced.

delay (mandatory)¶

unit: milliseconds

Time in milliseconds to wait before sending the reply packet.

delay <uint32>

auth¶

Authentication configuration.

vsr running config# vrf <vrf> ipoe-server auth

username¶

The username can include data from the DHCP DISCOVER packet, among this list: {vendor_class_id}: Vendor class ID (option 60). Supported only in DHCPv4. {agent_circuit_id}: Agent circuit ID (option 82 sub- option 1). Supported only in DHCPv4. {agent_remote_id}: Agent remote ID (option 82 sub-option 2). Supported only in DHCPv4. {client_hwaddress}: Peer hardware address. Supported only in DHCPv4. {server_interface}: DHCP packet receiving interface’s name Alphanumeric and special characters are allowed except single ‘{‘. All ‘{{‘ are replaced by ‘{‘.

vsr running config# vrf <vrf> ipoe-server auth
vsr running auth# username <string>

Default value: {server_interface}

password¶

The password can include data from the DHCP DISCOVER packet, among this list: {vendor_class_id}: Vendor class ID (option 60). Supported only in DHCPv4. {agent_circuit_id}: Agent circuit ID (option 82 sub- option 1). Supported only in DHCPv4. {agent_remote_id}: Agent remote ID (option 82 sub-option 2). Supported only in DHCPv4. {client_hwaddress}: Peer hardware address. Supported only in DHCPv4. {server_interface}: DHCP packet receiving interface’s name Alphanumeric and special characters are allowed except single ‘{‘. All ‘{{‘ are replaced by ‘{‘.

vsr running config# vrf <vrf> ipoe-server auth
vsr running auth# password <string>

Default value: {server_interface}

radius¶

Radius Configuration.

vsr running config# vrf <vrf> ipoe-server auth radius

timeout¶

Timeout in seconds to wait for a response from RADIUS server.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# timeout <uint32>

Default value: 5

max-failure¶

Max number of Access-Request or Accounting-Request queries to send before considering the server unreachable.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# max-failure <uint32>

Default value: 3

enabled¶

Enable Radius authentication.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# enabled true|false

Default value: true

source¶

Source address used to reach the radius server.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# source SOURCE

`SOURCE` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

vrf¶

RADIUS server VRF.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# vrf VRF

`VRF` values	Description
`main`	The main vrf.
`<string>`	The vrf name.

server¶

List of radius servers.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# server address <address> auth-port <uint16> acct-port <uint16> \
... secret SECRET

<address>

An IPv4 address.

<uint16>

Port for Access-Requests packets. Set it to 1812 to use default port.

<uint16>

Port for Accounting-Request packets. Set it to 1813 to use default port.

secret (mandatory) (hidden)¶

Shared secret with Radius server to encrypt and sign packets.

secret SECRET

SECRET

Alphanumeric password.

backup-server¶

List of radius backup servers.

vsr running config# vrf <vrf> ipoe-server auth radius
vsr running radius# backup-server address <address> auth-port <uint16> acct-port <uint16> \
... secret SECRET

<address>

An IPv4 address.

<uint16>

Port for Access-Requests packets. Set it to 1812 to use default port.

<uint16>

Port for Accounting-Request packets. Set it to 1813 to use default port.

secret (mandatory) (hidden)¶

Shared secret with Radius server to encrypt and sign packets.

secret SECRET

SECRET

Alphanumeric password.

nas¶

Network Access Server Radius field configuration.

vsr running config# vrf <vrf> ipoe-server auth radius nas

ip-address¶

Specifies Values of Radius NAS-IP-Address field.

vsr running config# vrf <vrf> ipoe-server auth radius nas
vsr running nas# ip-address IP-ADDRESS

`IP-ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

identifier¶

Specifies Values of Radius NAS-Identifier field.

vsr running config# vrf <vrf> ipoe-server auth radius nas
vsr running nas# identifier <string>

change-of-authorization-server¶

Change of Authorization local server configuration.

vsr running config# vrf <vrf> ipoe-server auth radius change-of-authorization-server

ip-address¶

Local IP address to listen CoA-Request Message. Only IPv4 is supported.

vsr running config# vrf <vrf> ipoe-server auth radius change-of-authorization-server
vsr running change-of-authorization-server# ip-address IP-ADDRESS

`IP-ADDRESS` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

Default value: 0.0.0.0

port¶

UDP port to listen CoA-Request Message.

vsr running config# vrf <vrf> ipoe-server auth radius change-of-authorization-server
vsr running change-of-authorization-server# port PORT

PORT

A 16-bit port number used by a transport protocol such as TCP or UDP.

Default value: 3799

secret (mandatory) (hidden)¶

Secret to decrypt CoA-Request Message.

vsr running config# vrf <vrf> ipoe-server auth radius change-of-authorization-server
vsr running change-of-authorization-server# secret SECRET

SECRET

Alphanumeric password.

accounting¶

Accounting configuration for Radius server.

vsr running config# vrf <vrf> ipoe-server auth radius accounting

interim-interval (mandatory)¶

unit: seconds

Set accounting information refresh interval.

vsr running config# vrf <vrf> ipoe-server auth radius accounting
vsr running accounting# interim-interval <uint32>

interim-jitter¶

unit: seconds

Set maximum amount of jitter to apply to interval: interim-interval +/- random(0, interim-jitter).

vsr running config# vrf <vrf> ipoe-server auth radius accounting
vsr running accounting# interim-jitter <uint32>

session-id-in-authentication¶

Generate and send Acct-Session-Id on Access-Request packet.

vsr running config# vrf <vrf> ipoe-server auth radius accounting
vsr running accounting# session-id-in-authentication true|false

Default value: false

allow-unreachable¶

Allow unreachable information for the radius server.

vsr running config# vrf <vrf> ipoe-server auth radius accounting
vsr running accounting# allow-unreachable enabled true|false max-retry <1-2415919103> \
... timeout <1-2415919103>

enabled¶

Allow accounting server to be unreachable.

enabled true|false

Default value: false

max-retry¶

Maximum amount of connection to the accounting server before considering it is totally unreachable, once hit, all sessions will be closed.

max-retry <1-2415919103>

Default value: 3

timeout¶

unit: seconds

Interval in seconds between two tries to reach the accounting server.

timeout <1-2415919103>

Default value: 60

dhcp-server¶

IPoE server acts as a DHCP server, it attributes IPv4 addresses as well as other DHCP options for the clients.

vsr running config# vrf <vrf> ipoe-server dhcp-server

ip4-pool¶

IPv4 Pool Name to use for IPoE sessions.

vsr running config# vrf <vrf> ipoe-server dhcp-server
vsr running dhcp-server# ip4-pool <string>

ip-pools-setup¶

IPv4 Pool configuration.

vsr running config# vrf <vrf> ipoe-server dhcp-server ip-pools-setup

default-local-ip¶

Default IPv4 address for local interface.

vsr running config# vrf <vrf> ipoe-server dhcp-server ip-pools-setup
vsr running ip-pools-setup# default-local-ip DEFAULT-LOCAL-IP

DEFAULT-LOCAL-IP

An IPv4 address.

pool¶

Specifies IP address range to use for peer.

vsr running config# vrf <vrf> ipoe-server dhcp-server ip-pools-setup pool <string>

<string>

Name of the pool.

peer-pool¶

Peer IPv4 address pool.

vsr running config# vrf <vrf> ipoe-server dhcp-server ip-pools-setup pool <string>
vsr running pool <string># peer-pool PEER-POOL

`PEER-POOL` values	Description
`<ipv4-range>`	An IPv4 address range, in the form addr4-addr4.
`<masked-ipv4-address>`	A masked IPv4 address: address and prefix of that subnet.

interface¶

Interface on which the DHCP server must listen to client DHCP requests.

vsr running config# vrf <vrf> ipoe-server dhcp-server interface <interface>

<interface>

An interface name.

router¶

Router DHCP Option 3 value to insert when replying to DHCP requests.

vsr running config# vrf <vrf> ipoe-server dhcp-server interface <interface>
vsr running interface <interface># router ROUTER

ROUTER

An IPv4 address.

dns¶

DNS configuration for IPoE clients.

vsr running config# vrf <vrf> ipoe-server dhcp-server dns

server (mandatory)¶

List of IPv4 DNS servers.

vsr running config# vrf <vrf> ipoe-server dhcp-server dns
vsr running dns# server SERVER

`SERVER` values	Description
`<ipv4-address>`	An IPv4 address.
`<ipv6-address>`	An IPv6 address.

qos¶

QoS templates configuration for Radius attributes.

vsr running config# vrf <vrf> ipoe-server qos

enabled¶

Enable QoS setting through Radius.

vsr running config# vrf <vrf> ipoe-server qos
vsr running qos# enabled true|false

Default value: true

default-template¶

Default template to use when no template is selected through RADIUS.

vsr running config# vrf <vrf> ipoe-server qos
vsr running qos# default-template <leafref>

template¶

List of QoS templates.

vsr running config# vrf <vrf> ipoe-server qos template <string>

<string>

Template name.

base-scheduler (deprecated)¶

Attention

Deprecated since: 2024-08-05
Obsolete in release: 25q1
Description: Replaced by scheduler-interface.
Replacement: none

Name of the base htb scheduler to be applied to the client.

vsr running config# vrf <vrf> ipoe-server qos template <string>
vsr running template <string># base-scheduler <leafref>

scheduler-interface¶

Name of interface on which the base HTB scheduler is installed. The dynamic queues will be added into this scheduler.

vsr running config# vrf <vrf> ipoe-server qos template <string>
vsr running template <string># scheduler-interface <string>

queue¶

List of queue templates.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>

<string>

Name of the queue template.

description¶

Based on this queue template, a QoS queue will be added dynamically by the BNG for each client according to their QoS template name announced by Radius attributes.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># description <string>

static-parent¶

ID of the parent queue among the base scheduler.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># static-parent <leafref>

dynamic-parent¶

Name of a queue among this template to use as a parent.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># dynamic-parent <leafref>

mark¶

Trafic mark for the queue. Only the lower 8-bits of the 32-bits mark can be specified. The mark 0 means ‘no mark’.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># mark <0x0-0xff>

bandwidth (mandatory)¶

Guaranteed bandwidth of the queue.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># bandwidth BANDWIDTH

BANDWIDTH

Rate in bits per second. K/M/G/T multipliers are supported. Example: 1G stands for 1000000000 bps.

burst¶

Guaranteed bandwidth maximum burst size. Defaults to bandwidth/80 (100ms of traffic at bandwidth rate).

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># burst BURST

BURST

Burst size in bytes. K/M/G/T multipliers are supported. Example: 2K stands for 2000 bytes.

ceiling¶

Ceiling rate of the queue. Defaults to bandwidth.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># ceiling CEILING

CEILING

Rate in bits per second. K/M/G/T multipliers are supported. Example: 1G stands for 1000000000 bps.

ceiling-burst¶

Ceiling rate maximum burst size. Defaults to ceiling/80 (100ms of traffic at ceiling rate).

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># ceiling-burst CEILING-BURST

CEILING-BURST

Burst size in bytes. K/M/G/T multipliers are supported. Example: 2K stands for 2000 bytes.

ceiling-priority¶

Priority of the queue in case of ceiling, used to distribute available ceiling bandwidth to queues by order of priority. Lower is more priority.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># ceiling-priority <0-9>

layer1-overhead¶

Number of bytes added by the underlying protocol on each packet.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># layer1-overhead <uint32>

Default value: 0

quantum¶

Quantum of the queue, used to distribute available bandwidth between queues of same priorities, in a weighted round robin fashion.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># quantum <uint32>

size¶

Size of the queue in packets. The value is rounded up to the nearest power of 2.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># size <uint32>

Default value: 256

priority (deprecated)¶

Attention

Deprecated since: 2024-09-26
Obsolete in release: 25q1
Description: Replaced by ceiling-priority. Supported priorities are now restricted in range 0 to 9. The range of priority was too permissive.
Replacement: ceiling-priority

Priority of the queue, used to distribute available bandwidth to queues by order of priority.

vsr running config# vrf <vrf> ipoe-server qos template <string> queue <string>
vsr running queue <string># priority <uint32>