> On Fri, 27 Oct 1995, Brian 'MegaZone' Bikowicz wrote:
>
> > Once we add VLSM maybe, but not now. This is what the Netmaks Table is
> > a work around for, and why you need to make netmask table entries in all
> > of your Livingstn boxes. It is a hack work around, we collapse to a
> > 'host route' which other Livingston's with the approprate mask will
> > expand back into a subnet route. But you can only broadcastr host
> > routes and network routes, not subnet routes.
>
> These strikes me as a VERY incompatible workaround. The vast majority of
> us are not used Livingston routers, so our routers never know about your
> "fix." And even if they WERE Livingston, what about the computers
> themselves. The purpose of all the TS's, routers, etc. is to service the
> computers. Will every packet from one of those boxes bound for the
> outside subnet have to bounce off of a (Livingston) router in order to
> find its way to the pm? Major waste of bandwidth. It seems the only
> computers that would not suffer from this are Livingston computers.
> Oh - wait -- they don't make any! I would almost prefer that a subnet
> route be expanded to a bunch of host routes - almost - at least it would
> work.
Remember - the Livingston is a classful router. But relax - what you
want is quite easy to achieve:
If the client wants just a few addresses (<=8) then do an "add netmask
a.b.c.0 255.255.255.255" on all the PMs and put host-routes into your
radius database. Whichever PM the user connects to will start accouncing
host routes. When they disconnect it will stop.
If the client want more than a few addresses, but less than a full
Class-C, then proceed as follows:
- Allocate a separate class-C for each different size subnet you want
to allocate. (We use 16, 32 and 64 address subnets).
- Do "add netmask a.b.c.0 255.255.255.224" (etc) on all your portmasters
- In your radius database, add a single "Framed-Route" entry, for the
base address of the subnet eg:
Pxxx Password = "UNIX",
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Address = 196.7.117.74,
Framed-Netmask = 255.255.255.248,
Framed-Route="196.7.162.8 196.7.117.74 1"
(Note: we include the Framed-Netmask, but from what Brian says the PM
ignores this so it is basically documentation...)
- On your CISCO router (that feeds your PMs [you _do_ have a CISCO,
right... ;-)]) do "ip route a.b.c.subnet 255.255.255.mask a.b.c.subnet".
ie in the example above, "ip route 196.7.162.8 255.255.255.248
196.7.162.8". This acts as a "clue" for your CISCO so when it hears the
host route announced by the PM it reinterprets it as a subnet route.
[You need to add routes like this for every subnet you are using for
dialup routing]
*** BTW: Thanks to Colin Pinkham of Internet Africa who put this whole
scheme together ("Hi, Col!")
This works like a charm for us,
Steve Davies
Internet Africa