Hi,
I have followed the thread that John Temples started with his question on
“Routing different subnets thru PM2E” and prior to that I myself had posted
several questions along the same lines. I believe now that I understand what
one must do to route a subnet through a Livingston Portmaster 2E but I would
like to have the group and Livingston look at my setup as a sanity check.
I have 4 class C address spaces:
xxx.yyy.196.0
xxx.yyy.197.0
xxx.yyy.198.0
xxx.yyy.199.0
My local Ethernet LAN is xxx.yyy.196.0 with the following:
Cisco 2501; xxx.yyy.196.1
Portmaster #1; xxx.yyy.196.3
Portmaster #2; xxx.yyy.196.4
My remote router address that I want to subnet to is xxx.yyy.198.17
Now what I want to do is route a /28 subnet of xxx.yyy.198.0 address space
through Portmaster #2. This is how I did that:
1) In the Cisco I set “ip route xxx.yyy.198.16 255.255.255.240 xxx.yyy.196.4”
Now the Cisco “show ip route” command results in the following:
xxx.yyy.198.0 is subnetted (mask is 255.255.255.240), 1 subnets
S xxx.yyy.198.16 [1/0] via xxx.yyy.196.4
2) In the Portmasters I set “add netmask xxx.yyy.198.0 255.255.255.240 1”
Now the Portmasters “show table netmask” command results in the following:
Active Netmasks:
Network Netmask Type
---------------- ---------------- -------
xxx.yyy.198.0 255.255.255.240 Static
Stored Netmasks:
Network Netmask
---------------- ----------------
xxx.yyy.198.0 255.255.255.240
3) Next in the Portmasters I set “add route xxx.yyy.198.16 xxx.yyy.198.17 1”
Now the Portmasters’ “show route” command results in the following:
Destination Gateway Flag Met Interface
--------------------- -------------------- ---- --- ---------
0.0.0.0 xxx.yyy.196.1 NS 1 ether0
xxx.yyy.198.17 xxx.yyy.198.17 HL 1 ptp29
xxx.yyy.198.16 xxx.yyy.198.17 NS 1 ptp29
xxx.yyy.196.0 xxx.yyy.196.4 NL 1 ether0
4) Last but not least my Radius user file for this account looks like this:
user Password = “xxxxxxxx”
User-Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-Address = xxx.yyy.198.17,
Framed-Route = “xxx.yyy.198.16 xxx.yyy.198.17 1”
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
Does this all make sense or do I have some astray?
Now for a couple of questions.
1) Why do I need to do a “add netmask” and “add route” in the Portmaster when
the Radius users file’s Framed-Route and Frame-Netmask seem to do the same
thing but dynamically? Is this just to stop the routing loops when the
subnetted user is not attached?
2) Do I still need to use the “Framed-Routing = Broadcast-Listen” parameter?
3) In the Portmaster documentation it seem to indicate that their could be as
many Framed-Route parameters as require by the remote site. Does this mean
that for every IP that the remote site is using a Framed-Route parameter is
needed? Also does this mean that one could limit the number of IP address
available to the remote site by using the Framed-Route parameter?
I would appreciate any help, insight or suggestions on the above information.
Thanks in Advanced,
Russ Hewitt
The Columbia Connextion