I have an issue with current ISG implementation on ASR 1k.
We have subset of subscribers that are authenticated based on their mac address and another subset that are authenticated based on their c-vlan/s-vlan tag which is derived from nas-port-id. If two subscribers have identical mac addresses and one is authed based on mac and the other is based on c-vlan/s-vlan, the last one to auth kicks the previous authenticated session and takes it's place, which is totaly unacceptable.
For subscribers with mac based auth, session initiatior is unclassified mac address, as for c-vlan/s-vlan based auth it is dhcp request.
Forgive the lack of details, if anything I am ready to supply any available and open info. Personaly I think this is just shortcoming of ASR 1k s ISG implementation, because I know for a fact that 9K BNG handles this situation very well and has a more precise definition of c-vlan/s-vlan than 1k.
Not sure if it would be possible since mac address is probably being used as a session key for both sessions (that's why the latest subscriber to come up, takes over the first one) even if you are using different identifiers (mac-address vs c-vlan/s-vlan).
Introduction: The "external-out enable" command is available for
configuration under the "router ospf process" in case of the IOS-XR
operating system. This command basically enables advertisement of
intra-area routes on the device as external routes in th...
IntroductionIn this article we'll discuss how to troubleshoot packet
loss in the asr9000 and specifically understanding the NP drop counters,
what they mean and what you can do to mitigate them. This document will
be an ongoing effort to improve troublesh...