client-access-line-id

Function

The client-access-line-id command configures the device to trust the access-line-id information sent from the DHCP client.

The undo client-access-line-id command restores the default mode of processing the access-line-id information sent from the DHCP client.

By default, the device does not trust the access-line-id information sent from the DHCP client or insert BAS information in the format defined by cn-telecom before the access-line-id information.

This command is supported only on the NetEngine 8000 F1A.

Format

client-access-line-id [ basinfo-insert { cn-telecom [ version2 ] | version3 } ]

client-access-line-id version1

undo client-access-line-id [ basinfo-insert { cn-telecom [ version2 ] | version3 } ]

undo client-access-line-id version1

Parameters

Parameter Description Value
basinfo-insert

Inserts information about the BAS interface.

-
cn-telecom

Inserts information about the BAS interface in the cn-telecom format.

-
version2

Inserts information about the BAS interface in the version2 format.

-
version3

Encapsulates the Access-Line-Id information into a DHCP message in version3 format.

-
version1

Specifies encapsulating the access-line-id information into a DHCP packet in version1 format.

-

Views

BAS interface view (GE), BAS interface view (VE), BAS interface view (trunk)

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
bras-control write

Usage Guidelines

Usage Scenario

IP DSLAMs are used as the main devices for broadband access. An IP DSLAM obtains DHCP discovery messages, DHCPv6 solicit messages, and PPPoE discovery messages, and then inserts the access-line-id (dhcpv4 option82/pppoe+/dhcpv6 option18+37+17) field to the messages. The inserted information is used to identify the physical location of a user.

Thedevice can trust or untrust the inserted information:

  • Trusting the DHCP access-line-id field

    The client-access-line-id command is configured.

    If a DHCP sent by a client contains the access-line-id field, thedevice trusts the access-line-id field, and sends the message to the DHCP server, RADIUS serverwithout changing the access-line-id field.

    If the client-access-line-id command is run, and a DHCP sent by a client contains the access-line-id field, the device encapsulates access-line-id field without changing.

    For example, the access-line-id field carried in a client packet is abc, the access-line-id field encapsulated by is abc.

    If the client-access-line-id command is run and a DHCP sent by a client contains no access-line-id field, the device creates an access-line-id field based on the physical location of the user that is determined according to the user information such as the VLAN, and then inserts the access-line-id to the message before sending the message to the DHCP server, RADIUS server. encapsulates access-line-id field into a DHCP packet in one of the following formats:
  • Encapsulation format on a GE interface: <BNG-Hostname> eth <0>/<slot>/<subslot>/<port>:<outer vlan>.<inner vlan>

    For example, huawei eth 0/1/0/1:50.60
  • Encapsulation format on a trunk interface: <BNG-Hostname> trunk <0>/<0>/<slot>/<trunkid>:<outer vlan>.<inner vlan>

    For example, huawei trunk 0/0/2/11:200.100

    If basinfo-insert cn-telecom is set and a DHCP sent by a client contains the access-line-id field, the device will insert the BAS information in the format defined by cn-telecom in one of the following formats:

    BAS information in the format defined by cn-telecom + user information by the client sent
  • Encapsulation format on a GE interface: eth <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>
  • Encapsulation format on a trunk interface: trunk <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>

    For example, the access-line-id field carried in a client packet is abc, the access-line-id field encapsulated by is eth 0/1/13:4096.4 abc.

    If basinfo-insert cn-telecom is set and a DHCP sent by a client contains no the access-line-id field, the device will insert the BAS information in the format defined by cn-telecom in one of the following formats:

    BAS information in the format defined by cn-telecom + 0/0/0/0/0/0
  • Encapsulation format on a GE interface: eth <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>
  • Encapsulation format on a trunk interface: trunk <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>

    For example, the access-line-id field encapsulated by is eth 0/1/13:4096.4 0/0/0/0/0/0

    If the client-access-line-id basinfo-insert cn-telecom version2 command is run and the packet sent by the client carries the access-line-id information (not starting with 0 0/0/0:0.0) in the non-standard format defined by cn-telecom, the encapsulation format is as follows: physical information in the format defined by cn-telecom (interface type slot ID/subcard ID/port number:vlan information) + information carried in the user access request.
  • GE interface: eth <slot>/<subslot>/<port>/:< outer VLAN ID>.< inner VLAN ID>
  • Trunk interface: trunk 0/2/<trunk-id>:< outer VLAN ID>.< inner VLAN ID>

    For example, if the user access packet carries abc, the Option 82 information is eth 0/1/13:4096.4 abc.

    If the client-access-line-id basinfo-insert cn-telecom version2 command is run and the packet sent by the client carries the access-line-id information (starting with 0 0/0/0:0.0) in the standard format defined by cn-telecom, the encapsulation format is as follows: physical information in the format defined by cn-telecom (interface type slot ID/subcard ID/port number:vlan information) + information following 0 0/0/0:0.0 carried in the user access packet.
  • GE interface: eth <slot>/<subslot>/<port>/:< outer VLAN ID>.< inner VLAN ID>
  • Trunk interface: trunk 0/2/<trunk-id>:< outer VLAN ID>.< inner VLAN ID>

    For example, if the user access packet carries 0 0/0/0:0.0 abc, the Option 82 information is eth 0/1/13:4096.4 abc.

    If the client-access-line-id basinfo-insert cn-telecom version2 command is run and the packet sent by the client does not carry the access-line-id information, the encapsulation format is as follows: physical information in the format defined by cn-telecom (interface type slot ID/subcard ID/port number:vlan information) + 0/0/0/0/0/0.
  • GE interface: eth <slot>/<subslot>/<port>/:< outer VLAN ID>.< inner VLAN ID>
  • Trunk interface: trunk 0/2/<trunk-id>:< outer VLAN ID>.< inner VLAN ID>

    Format example: eth 0/1/13:4096.4 0/0/0/0/0/0.

    After the client-option82 basinfo-insert version3 command is run, if a message sent by a client carries Option 82 information and the length of the Circuit-Id attribute in Option 82 is not 0, the Option 82 encapsulation format is: <HostName>+BAS interface information in the format defined by cn-telecom (IfType<slot>/<subslot>/<port>:vlan)+circuit-id+remote-id.
  • Encapsulation format on a GE interface: <HostName> eth <slot>/<subslot>/<port>:<outer vlan>.<inner vlan>
  • Encapsulation format on a trunk interface: <HostName> trunk <0>/<2>/<trunk-id>:<outer vlan>.<inner vlan>

    For example, if ABC is carried in the Option 82 field of a user message, the device encapsulates Option 82 in the format of HUAWEI eth 0/1/13:4096.4 ABC.

    NOTE:

    If version3 is specified and the length of the Option 82 field in a user message is too long, the device truncates the excessive part. Specifically, the value of the newly generated Option 82 field is truncated if its length exceeds 200 bytes.

    After the client-option82 basinfo-insert version3 command is run, if a message sent by a client carries Option 82 information and the length of the Circuit-Id attribute in Option 82 is 0, the Option 82 encapsulation format is: <HostName>+BAS interface information in the format defined by cn-telecom (IfType<slot>/<subslot>/<port>:vlan)+0/0/0/0/0/0+circuit-id+remote-id.
  • Encapsulation format on a GE interface: <HostName> eth <slot>/<subslot>/<port>:<outer vlan>.<inner vlan> 0/0/0/0/0/0
  • Encapsulation format on a trunk interface: <HostName> trunk <0>/<2>/<trunk-id>:<outer vlan>.<inner vlan> 0/0/0/0/0/0

    For example, if BC (Remote-Id) is carried in the Option 82 field of a user message, the device encapsulates Option 82 in the format of HUAWEI eth 0/1/13:4096.4 0/0/0/0/0/0BC.

    NOTE:

    If version3 is specified and the length of the Option 82 field in a user message is too long, the device truncates the excessive part. Specifically, the value of the newly generated Option 82 field is truncated if its length exceeds 200 bytes.

    The client-access-line-id version1 command provides the following functions:
  1. Uses the BAS interface information to generate access-line-id information based on the encapsulation format specified in this command when the access-line-id information (dhcpv4 option82/pppoe+) reported by a client needs to be trusted and a packet reported by the client does not carry access-line-id information. The encapsulation formats are described as follows:
    • Encapsulation format on a GE interface: <BNG-Hostname>-<slot>.<subslot>.<port>-<outer vlan>.<inner vlan>

      For example, the encapsulation format on a GE interface is huawei-1.0.1-50.60.
    • Encapsulation format on a trunk interface: <BNG-Hostname>-<0>.<trunk_id>-<outer vlan>.<inner vlan>

      For example, the encapsulation format on a trunk interface is huawei-trunk-0.11-200.100.
  2. Enables PPPoE user name replacement. For a PPPoE user, if you configure the default-user-name command to use the access-line-id information to generate a user name, the access-line-id field is used to generate a user name when an authentication request packet reported by a client carries the access-line-id field. If an authentication request packet reported by a client carries no access-line-id field, the BAS interface information is used to generate the access-line-id information as a user name based on the format defined in function 1. Then the user name generated based on the access-line-id information is used to replace the user name carried in the PPP authentication request packet.
  3. Enables static route allocation for PPPoE users. The dhcp option121 route command configured in the AAA domain or the Radius attribute HW-DHCPv4-Option121 is used to allocate static routes to PPPoE users. The Radius attribute takes precedence over the dhcp option121 route command. The BRAS uses PPPoE PADN Tag 0x121 IP_ROUTE_ADD to send the information to the client. By default, the dhcp option121 route command and the HW-DHCPv4-Option121 attribute take effect only for IPoE users.
  4. Obtains PPPoE client-id information from a packet sent by the client for authentication. The device parses information in PPPoE PADR Tag 0x0103 Host-unique as the client-id information. If the packet does not carry PPPoE PADR Tag 0x0103 Host-unique, the device uses a hexadecimal character string corresponding to the client's MAC address to generate the client-id information for the PPPoE user. For example, the client's MAC address is 00e0-fc12-3456, and the generated client-id information is 00e0fc123456.
  5. Enables the Class attribute in a RADIUS accounting packet to encapsulate the client-id information (DHCPv4 Option61/DHCPv6 Option1/PPPoE PADR Tag 0x0103 Host-unique).

    After you configure this command and the radius-attribute usermac-as-option61 command in the RADIUS server group view, the client-id information is encapsulated into the Class attributes in RADIUS accounting packets in the format of SERIAL_NUMBER:<Client-id string>.

    The RADIUS server sends an authentication request packet carrying the Class attribute to the BRAS. The BRAS encapsulates the received Class attribute into an accounting request packet. Currently, the device supports eight Class attributes. If RADIUS authentication is used, the BRAS encapsulates the client-id information into the Class attribute in a RADIUS accounting packet only when the number of Class attributes in the RADIUS authentication request packet is less than or equal to seven and the client has the client-id information. If only accounting is used, the BRAS encapsulates the client-id information into the Class attribute in a RADIUS accounting packet only if the client has the client-id information.

    NOTE:

    To use all the five functions for common Layer 2 users, configure this command.

    This command does not depend on the access-line-id attach command. When you configure the client-option82 version1 command, the Option82 information generated based on the BAS interface information is used for user authentication.
  • Untrusting the DHCP access-line-id field

    The undo client-option82 or the basinfo-insert cn-telecom command is configured.

    The device untrusts the access-line-id field or the PPPoE+ field contained in the DHCP sent by a client. Instead, the device creates an access-line-id field based on the physical location of the user that is determined through the user information such as the VLAN, and then inserts the access-line-id to the message before sending the message to the DHCP server, or RADIUS server.

    If undo client-option82 is set, the device encapsulates access-line-id information in the following formats:

    circuit id (slot(two bits) + subslot(one bit) + port(one bit) + inner vlan(four bits) + interface type) + remote id (hostname+ slot(two bits) + subslot(one bit) + port(one bit) + inner vlan(four bits) + interface type)

    For example, 0205-0000-GE MSE-108-0205-0000-GE

    If basinfo-insert cn-telecom is set, the device will insert the BAS information in the format defined by cn-telecom in one of the following formats:

    BAS information in the format defined by cn-telecom + 0/0/0/0/0/0
  • Encapsulation format on a GE interface: <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>
  • Encapsulation format on a trunk interface: <slot>/<subslot>/<port>/:<outer vlan>.<inner vlan>

    For example, eth 0/1/13:4096.4 0/0/0/0/0/0

    If basinfo-insert version2 is set, the device will insert the BAS information in the format defined by version2 in one of the following formats:
  • Encapsulation format on a GE interface: <BNG-Hostname> eth <0>/<slot>/<subslot>/<port>:<outer vlan>.<inner vlan>

    For example, huawei eth 0/1/0/1:50.60
  • Encapsulation format on a trunk interface: <BNG-Hostname> trunk <0>/<0>/<slot>/<trunkid>:<outer vlan>.<inner vlan>

    For example, huawei trunk 0/0/2/11:200.100

Prerequisites

Before running this command, set the access type of the user by the access-type command.

Precautions

This command is supported only on the admin VS.

The functions of the client-access-line-id command and the client-option82command are the same. Both of them are used to configure a mode of processing the access-line-id information. If they have been both run in the same view, the last configuration takes effect.

The client-access-line-id version1, client-access-line-id basinfo-insert cn-telecom, client-access-line-id basinfo-insert cn-telecom version2, and client-access-line-id basinfo-insert version3 commands are mutually exclusive.

The client-access-line-id version1 command configuration does not take effect for DHCPv6 users. It has the same effect as the client-access-line-id configuration.

Example

# Insert information about the BAS interface GE 0/1/1 before the DHCP access-line-id information reported by the client.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 0/1/1
[~HUAWEI-GigabitEthernet0/1/1] bas
[~HUAWEI-GigabitEthernet0/1/1-bas] access-type layer2-subscriber
[*HUAWEI-GigabitEthernet0/1/1-bas] commit
[~HUAWEI-GigabitEthernet0/1/1-bas] client-access-line-id basinfo-insert cn-telecom
# Configure the BAS interface GE 0/1/1 to trust the DHCP access-line-id field reported by a client.
<HUAWEI> system-view
[~HUAWEI] interface GigabitEthernet 0/1/1
[~HUAWEI-GigabitEthernet0/1/1] bas
[~HUAWEI-GigabitEthernet0/1/1-bas] access-type layer2-subscriber
[*HUAWEI-GigabitEthernet0/1/1-bas] commit
[~HUAWEI-GigabitEthernet0/1/1-bas] client-access-line-id
Parent Topic: IPoE Access Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >