nanog mailing list archives

Re: PPP+RADIUS - routing subnets to end users - Framed-Route vs. Framed-IP-Netmask

From: George Carey <george () montco net>
Date: Mon, 8 Mar 2010 18:33:32 -0500

We've always considered the WAN and LAN to be different objects so our history is to prefer the method you think is 
'better.' Seems this model has been around since the dialin days.

We also have customers with multiple routes so it seems a logical separation. Failover might be a bit more flexible too 
since you can control some parameters of the Framed Route.

I know some people use RFC1918 addresses for WAN which might be a factor (we do not).

Perhaps in some network strategies the lines between WAN and LAN may be a bit more blurred than ours.

George


On Mar 8, 2010, at 6:10 PM, Erik L wrote:

Scenario: with the help of RADIUS, routing subnets to end users connecting via PPP.

Discussion: pros/cons of using Framed-IP-Address+Framed-Route versus Framed-IP-Address+Framed-IP-Netmask.

We're talking here in generic terms, so as far as the behaviour of the LNS or access concentrator or whatever else is 
receiving the Access-Accept and terminating the ppp session, we're assuming more or less sane behaviour, roughly as 
follows. In the first alternative, the IP address on the ppp link is outside the subnet indicated by Framed-Route and 
one or more subnets are routed via the link; one such subnet per Framed-Route attrib. In the second alternative, the 
one subnet routed is that which contains the Framed-IP-Address and is as large as the Framed-IP-Netmask indicates. 

I'm arguing to a colleague that the first alternative is "better", non-/32 netmasks on a ppp link make no sense 
(since netmasks on point-to-point links don't matter anyway), that the second alternative doesn't allow users to make 
use of their allocated space as easily and effectively as the first alternative, and that the second alternative is 
limited to routing one subnet (though you might be able to mix Framed-IP-Netmask and Framed-Route together?). 

Comments? How are others doing it and why?

Erik

Attachment: smime.p7s
Description:

Current thread:

PPP+RADIUS - routing subnets to end users - Framed-Route vs. Framed-IP-Netmask Erik L (Mar 08)
- Re: PPP+RADIUS - routing subnets to end users - Framed-Route vs. Framed-IP-Netmask George Carey (Mar 08)