| Attribute ID | Attribute name | Description |
|---|---|---|
|
1 |
User-Name |
Maps to configure aaa route-downloader name base-user-name user-name were the base-user-name sets the prefix for the username that shall be used in access requests. The actual name used is a concatenation of this string, a ‟ -” (hyphen) character and a monotonically increasing integer. Consecutive Access-Requests with incrementing User-Name are repeated until the aaa route download application receives an Access-Reject. Default is system-name. |
|
2 |
User-Password |
Maps to configure aaa route-downloader name password password in the RADIUS-Access request. Default is empty string. |
|
22 |
Framed-Route |
The RADIUS route-download application periodically sends a RADIUS Access-Request message to the RADIUS server to request that IPv4 or IPv6 routes be downloaded. The RADIUS server responds with an Access-Accept message and downloads the configured IPv4/IPv6 routes. When the download operation is complete, the route-download application installs the IPv4 or IPv6 routes in the routing table as black-hole routes with protocol periodic and with fixed preference 255. A default metric (configure aaa route-downloader name default-metric [0 to 254]) is installed when the metric value is omitted in the formatted attribute. A default tag (configure aaa route-downloader name default-tag [0 to 4294967295]) is installed when the tag value is omitted in the formatted attribute. The complete RADIUS Access Accept is ignored (fails to parse the route) if at least one route has the wrong format. Only the individual route is silently ignored (not seen as a process download failure) if the formatted VPRN service or service-name is invalid. Routes no longer present in the download are removed from the routing table and new routes are added. The same routes are not replaced. Routes with different tags or metrics are seen as new routes. If the AAA server responds with an Access-Reject for the first username, then all routes are removed from the routing table (implicit empty route-download table). The route-download application accepts downloaded IPv4 routes in either [22] Framed-Route or [26.9.1] Cisco-AVpair attribute format. |
|
99 |
Framed-IPv6-Route |
See description [22] Framed-Route. The route-download application accepts downloaded IPv6 routes only in [99] Framed-IPv6-Route format. |
|
26.9.1 |
cisco-av-pair |
See description [22] Framed-Route |
| Attribute ID | Attribute name | Type | Limits | SR OS format |
|---|---|---|---|---|
|
1 |
User-Name |
string |
32 chars base-user-name |
For example: # base-user-name download-pool USER NAME [1] 16 download-pool-1 |
|
2 |
User-Password |
string |
max. 32 chars |
Encrypted password For example: User-Password 4ec1b7bea6f2892fa466b461c6accc00 |
|
22 |
Framed-Route |
string |
253 bytes 200.000 attributes |
Format [vrf {vpn-name | vpn-serviceid}] {IP} prefix-mask {null0 | null 0 | black-hole} [metric] [tag tag-value] The vpn-name should not contain blank spaces as this would result in a parsing error and a drop of the corresponding prefix. #The prefix-mask could be in any form as: prefix/length, prefix mask or prefix (the mask is derived from the IP class of the prefix). For example: # A base route 172.16.20.0/24 with different formats, metric and tags Framed-Route = 172.16.20.0/24 black-hole tag 1, Framed-Route = 172.16.20.0 255.255.255.0 null 0 20 tag 1, Framed-Route = 172.16.20.0 null0 22255 tag 33, For example: # A vrf route 172.16.21.0/24 with different formats, metric and tags Framed-Route = vrf 6000 172.16.21.0 null0 254 tag 4, Framed-Route = vrf ws/rt-custmomerx 172.16.21.0 null0 254 tag 5, |
|
99 |
Framed-IPv6-Route |
string |
253 bytes 200.000 attributes |
Format [vrf {vpn-name | vpn-serviceid}] {IP} prefix-mask {null0 | null 0 | black-hole} [metric] [tag tag-value] The vpn-name should not contain blank spaces as this would result in a parsing error and a drop of the corresponding prefix. #The prefix-mask could be in any form as: prefix/length, prefix mask or prefix (the mask is derived from the IP class of the prefix). For example: Framed-IPv6-Route += 2001:db8:0:1::/64 null0, Framed-IPv6-Route += vrf ws/rt-custmomerx 2001:db8:0:0:1::/96 null 0 10 tag 4294967295, Framed-IPv6-Route += vrf 6000 2001:db8:1::/48 black-hole 0 tag 4294967295,t |
|
26.9.1 |
cisco-av-pair |
string |
253 bytes 200.000 attributes |
Format [vrf {vpn-name | vpn-serviceid}] {IP} prefix-mask {null0 | null 0 | black-hole} [metric] [tag tag-value] The vpn-name should not contain blank spaces as this would result in a parsing error and a drop of the corresponding prefix. #The prefix-mask could be in any form as: prefix/length, prefix mask or prefix (the mask is derived from the IP class of the prefix). For example: # A base route 192.168.5.0/24 without metric and tags (use defaults) cisco-avpair += ip:route=192.168.0.0 255.255.255.0 null0, For example: # A vrf route 192.168.1.0/24 with different formats, metric and tags cisco-avpair += ip:route=vrf 6000 192.168.1.0/24 null 0 0 tag 62, cisco-avpair += ip:route=vrf ws/rt-custmomerx 192.168.1.0/24 null 0 200 tag 63 |
| Attribute ID | Attribute name | Access Request | Access Accept |
|---|---|---|---|
|
1 |
User-Name |
1 |
0 |
|
2 |
User-Password |
1 |
0 |
|
22 |
Framed-Route |
0 |
0+ |
|
99 |
Framed-IPv6-Route |
0 |
0+ |
|
26.9.1 |
cisco-av-pair |
0 |
0+ |