Hello,
I have a routed network and I’m using OSPF as routing protocol.
My users authenticate using PPPoE servers.
I normally give only one public IP to each user, but I have a request from an user to give him 2 public IPs.
How can I do this?
I read on the forum and they say you can add a static route to these two IPs using the main IP as gateway, but how can I inject this route in OSPF without distributing all static routes I have on the PPPoE server (which I don’t want to distribute in the network)?
You must either have this extra IP address attached to the user’s pppoe session as a secondary IP address (not sure how much duct tape you’ll need to get THAT working automatically for you) or else you’ll have to redistribute static, but use a filter chain on the OSPF instance to specify what is allowed to be redistributed.
this is set on the OSPF instance with the “out filter chain” (don’t know why it’s out, but it’s the one to use)
You can make the chain be a simple rule which allows this one address and drops all others, or if you want to be a bit more “extensible” with this - see if you can make the static route for the extra IP have some unique type of identifier - a scope or a distance, perhaps? I’m 100% certain the distance is directly configurable in the framed-ip-route RADIUS attribute… anyway, the filter chain could accept static routes with this “interesting” metric - say metric = 2 means “redistributable into OSPF”
Another way to skin this cat would be to use area ranges - make the pppoe interfaces appear in a stub area, and define an area range for the stub area so that the entire block of addresses your customers get assignments from is routed in your network as a single aggregate route. (this only works well if you’ve been assigning IP addresses in contiguous ranges)