[afnog] Ericsson Redback

Brian Candler B.Candler at pobox.com
Sun Jun 12 08:47:40 UTC 2011 

On Mon, May 16, 2011 at 11:15:02AM +0100, Oke-Salako Olayiwola wrote:
>    Thank for your response, Currently I use the BRAS for postpaid ADSL
>    service, I am using two RADIUS servers and in the Redback, I use tow
>    contexts "local" and "ISP", context local is for the RADIUS servers and
>    context ISP for the ADSL subscribers. I am about to start prepaid ADSL
>    service and I have created a new context (context HSI) for the prepaid
>    RADIUS servers, what I want to know now is do I create another context
>    for the prepaid service and if I have to how do I make the users use
>    the prepaid RADIUS servers.

Sorry for the late response here. I can't give you any specifics of
configuration of Redbacks, but I do know a little about the RADIUS side
(since I've been working on RADIUS servers which Redbacks authenticate
against)

You basiscally have two options:

(1) Statically bind these users to a different context, based on some
physical attribute (e.g. which incoming port they are coming in on)

(2) Use RADIUS to specify the context. When authenticating them you return a
Context-Name = "xxx" attribute.

On top of this, there is also another option you have: you can return
   Context-Name = "xxx"
   Double-Authentication = 1

If you do this, then you need to configure RADIUS auth servers inside the
xxx context, and you will get a second RADIUS requests from that context to
those servers. (Any Context-Name you return at this point will be ignored,
since you already dropped the user into a particular context in the first
RADIUS response)

This can be useful if all your prepaid users are being managed in a
completely separate RADIUS server, without having to use something like a
radius proxy to direct the request to the correct server. Your first RADIUS
server would just look at some attribute which can be used to decide if they
are postpaid or prepaid (e.g. based on realm or the NAS-IP-Address), and
drop them into the right context.

If you already have both postpaid and prepaid users in the same database,
then it's just a question of returning the right Context-Name attribute.

You don't say what RADIUS server platform you're using, but these Redback
vendor attributes are already in the FreeRadius 2.1.x dictionary files.

HTH,

Brian.

More information about the afnog mailing list