Sending RADIUS Attributes to DHCP Subscribers Overview

The Dynamic Host Configuration Protocol (DHCP) or Dynamic Host Configuration Protocol for IPv6 (DHCPv6) server sends the following attributes returned by the RADIUS server to the DHCP or DHCPv6 subscribers on request:

Note:

  • The DS-Lite-Tunnel-Name and PCP-Server-Name attributes are not supported when DHCP is configured in Equal-Access and Standalone mode.
  • The DS-Lite-Tunnel-Name and PCP-Server-Name attributes returned by RADIUS must completely match FQDN specifications. The domain name must be expressed in a sequence of labels and the maximum length of a label is 63.

Dual-Stack Lite Tunnel Name Configuration with RADIUS and DHCPv6

The RADIUS protocol and DHCPv6 work together to return the Dual-Stack (DS)-Lite-Tunnel-Name attribute to the DHCPv6 subscribers. In this implementation, the Network Access Server (NAS) acts as a DHCPv6 server for the DHCPv6 client and a client for the RADIUS server. The following steps are performed during DHCPv6 subscriber login in authenticate mode:

After receiving the DS-Lite-Tunnel-Name attribute in the initial Access-Accept message, the NAS stores the received AFTR tunnel name locally. When the DHCPv6 client sends a DHCPv6 Renew message to request an extension of the lifetimes for the assigned prefix, the NAS does not initiate a new Access-Request message. The NAS retrieves the stored AFTR tunnel name and uses it in its DHCPv6 Reply message.

Note: The NAS sends a new Access-Request message when the DHCPv6 client initiates a Rebind/Reply message exchange with the NAS.

PCP Server Name Configuration with RADIUS and DHCP or DHCPv6

The RADIUS protocol and DHCP or DHCPv6 work together to return the PCP-Server-Name attribute to the DHCP or DHCPv6 subscribers. In this implementation, the NAS acts as a DHCP or DHCPv6 server for the DHCP or DHCPv6 client and the client for the RADIUS server. The following steps are performed during DHCP or DHCPv6 subscriber login in authenticate mode:

After receiving the PCP-Server-Name VSA in the initial Access-Accept message, the NAS stores the received PCP server name locally. When the DHCP or DHCPv6 client sends a DHCP or DHCPv6 renew message to request an extension of the lifetimes for the assigned address or prefix, the NAS does not initiate a new Access-Request message. The NAS retrieves the stored PCP server name and uses it in its reply message.

Note: The NAS sends a new Access-Request message when the DHCP or DHCPv6 client initiates a Rebind/Reply message exchange with the NAS.

Related Documentation