Real Time Ascend Maling List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Ascend TNT and large IP-Pools
Steve Meier wrote:
> we are experiencing the same problem with our TNTs. :(
Great, so I don't fell so lonely. ;-)
> As far as I know the fact is that there is no way around that in
> Ascend's TAOS releases 7.x.x. I've read that there is a so called
> pool-chaining feature in TAOS 8.0.0+ which should solve that problem
> but I haven't tried that yet although one of our boxes is running
> TAOS 8.0.0.
Aha - I will have a look at the release notes this evening.
> I would greatly appreciate any comments on that. :)
Meanwhile I found a solution, but it's not usefull for me.
> > So in our TNT we want to have two IP-Pools, like this (the
> > IP-addresses are just examples):
> >
> > pool-base-address 1 = 192.168.0.1
> > assign-count 1 = 1022
> >
> > That would be the network 192.168.0.0/22, or in other words:
> > Network: 192.168.0.0
> > Netmask: 255.255.252.0
> > Broadcast: 192.168.3.255
> >
> > pool-base-address 2 = 172.16.0.1
> > assign-count 2 = 1022
> >
> > And this would be the network 172.16.0.0/22, or in other words:
> > Network: 172.16.0.0
> > Netmask: 255.255.252.0
> > Broadcast: 172.16.3.255
You must use the Ascend radiusd and the Ascend radipad (both from
ftp.ascend.com). Radipad is a Radius IP-Address Daemon and can manage
different IP-Pools for many TNTs. It's described in the Ascend
"Network Configuration Guide" and in the Ascend "RADIUS Configuration
Guide".
I tested the following scenario (assuming the same conditions as
above):
The definition of the two pools (a and b this time) in
/etc/raddb/users used by radipad:
global-pool-a Password="ascend", User-Service=Dialout-Framed-User
Ascend-IP-Pool-Definition "1 192.168.0.1 254",
Ascend-IP-Pool-Definition "2 192.168.1.1 254",
Ascend-IP-Pool-Definition "3 192.168.2.1 254",
Ascend-IP-Pool-Definition "4 192.168.3.1 254"
global-pool-b Password="ascend", User-Service=Dialout-Framed-User
Ascend-IP-Pool-Definition "5 172.16.0.1 254",
Ascend-IP-Pool-Definition "6 172.16.1.1 254",
Ascend-IP-Pool-Definition "7 172.16.2.1 254",
Ascend-IP-Pool-Definition "8 172.16.3.1 254"
Now I can define two Radius accounts in /etc/raddb/users, one gets an
IP-Address from pool a, the other from pool b.
usera User-Service=Framed-User, Framed-Protocol=PPP,
Password="testa"
User-Service=Framed-User,
Framed-Protocol=PPP,
Framed-Address=255.255.255.254,
Framed-Netmask=255.255.255.255,
Framed-Routing=None,
Ascend-Assign-IP-Global-Pool="global-pool-a"
userb User-Service=Framed-User, Framed-Protocol=PPP,
Password="testa"
User-Service=Framed-User,
Framed-Protocol=PPP,
Framed-Address=255.255.255.254,
Framed-Netmask=255.255.255.255,
Framed-Routing=None,
Ascend-Assign-IP-Global-Pool="global-pool-b"
This way no one gets a .0 or .255 IP-address assigned.
The reason I can't use it: you *have to* use the Ascend radiusd. But
we want the Merit radiusd for roaming (differnt realms and
distributed authentication).
So I'm still looking for another solution. But perhaps the radipad
solution is something for you.
Oliver.
--
Oliver Stettner | os@landshut.org
Laendgasse 120 | http://www.landshut.org/bnla01/members/os/
D-84028 Landshut | http://www.fh-landshut.de/~os/
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>