UNR Generation and Advertisement

Why UNRs Are Required

When users with IP addresses assigned go online through a device, such as a switch, no dynamic routing protocol can be used to forward the network-to-user traffic because the BAS interface has no IP address. In this situation, the BRAS needs to generate user network routes (UNRs) and import them to a dynamic routing protocol so that other devices can learn them.

For example, 100 users access the network from a BAS interface through PPPoE dial-up, and the BRAS assigns an IP address to each user through the RADIUS server. These IP addresses may be on the same subnet or different subnets. Because the BAS interface does not have an IP address, how does the BRAS and other network devices forward downstream traffic to each user? The answer is to generate two types of UNRs on the BRAS.

1. User subnet routes with the subnet to which the users belong as the destination subnet and the BAS interface as the next hop. This type of route is advertised to other network devices connected to the BRAS, and the user traffic is directed to the BRAS.
2. Specific host routes destined for each user's IP address, with the BAS interface through which users access the BRAS as the next hop. When the traffic of all the users who go online through the local device reaches the BRAS, the BRAS searches for specific host routes and forwards the traffic to the users.

The BRAS can be configured to advertise address pool subnet routes or specific host routes of the users who go online. Typically, the BRAS is configured to advertise address pool subnet routes to reduce the number of routes and suppress route flapping when users go online and offline frequently.

UNR Classification and Generation

User routes can be classified into the following types based on their generation modes:

• User subnet routes generated when address pool configuration is performed on the BRAS
• Specific host routes generated after users go online
• User subnet routes generated when the Framed-route attribute is delivered by the RADIUS server
• User subnet routes and specific host routes generated through the Framed-IP-Address and Framed-IP-Netmask attributes are delivered by the RADIUS server

UNR generation triggered by address pool configurations on a BRAS:

1. After an address pool and a prefix pool are created and a prefix address is configured in the prefix pool, the main control board generates a prefix pool route.
2. After users go online with obtained IP addresses, the BRAS generates a host route for each user. If there is traffic destined for the host, traffic is diverted to the BRAS based on the prefix pool route generated in Step 1. Then, the system searches the routing table for a host route, and forwards the packet to the user.

The process of UNR leaking is as follows:

If the VPN to which the user belongs and the network-side downstream traffic accessed by the user belong to different VPNs, you can configure a UNR leaking policy to import the address pool subnet routes in the VPN to which the user belongs to another VPN. The prefix information of the leaked routes remains unchanged, and the next hops of the routes point to the VPN to which the user belongs. In this way, if traffic destined for the user host exists in another VPN, the traffic can be imported to the VPN to which the user belongs through the leaked subnet route. Then, the system searches the routing table of the VPN to which the user belongs for a host route and forwards packet to the user.

The process of generating the UNRs delivered by the RADIUS server is as follows:

In a PPPoE private line user scenario, the private line user is attached to multiple Layer 3 users, which are connected to the BRAS through Layer 3 network devices such as routers. In normal cases, each private line user has a fixed IP address which is assigned by the BRAS from its local address pool or by the RADIUS server.

When the private line user and its attached users are on the same subnet and the IP address of private line user is assigned by the RADIUS server, the RADIUS server delivers the Framed-IP-Address and Framed-IP-Netmask attributes to the BRAS, triggering the BRAS to generate UNRs and specific host routes of the corresponding subnet.

When the private line user and the attached users belong to different subnets, the RADIUS server delivers the Framed-route attribute to the BRAS, triggering the BRAS to generate UNRs.

If an address outside the address pool on the BRAS is delivered or the BRAS is enabled to advertise host routes in the address pool, RADIUS-delivered UNRs must be advertised.

How Are UNRs Advertised

If a user needs to communicate with other network users or network addresses, the BRAS needs to advertise the user's subnet routes to a dynamic routing protocol, such as OSPF, IS-IS, or BGP, for other devices to learn.

The following table describes the advertisement modes of UNRs in the IPv4 local address pool, remote address pool, and IPv6 prefix pool on the BRAS.

Configuring the import-route unr command is recommended because it is easy to configure and does not require manual configuration of static blackhole routes. In actual applications, routing policies are often used to control the imported UNRs to prevent the advertisement of incorrect routes.