Bjørn Mork via juniper-nsp писал 2021-08-06 15:27:
Thanks for your reply.
Probably stupid question, but here goes... How does a central server
make the IP usage more effective? Are you sharing pools between
routers?
Yes, going to have at least two routers as BNG and trying to find a way
to not lock IP addresses if they aren't needed.
In any case, you can do that with a sufficiently smart RADIUS server
too. You don't have to let JUNOS manage the address pools even if it
is
providing the DHCP frontend.
I understand that it could be an option, but for vlan-per-customer model
radius authentication isn't really needed for DHCP clients. Auth is done
for a parent VLAN-demux interface, so for DHCP sessions BNG will send
only accounting. In this case it will require to develop "smart-enough"
radius backend. If there is any solution already available I'd
definitely look at it, but I'd try to avoid building a homebrew
solution.
IMHO, having the DHCP frontend on the edge makes life so much easier.
Building a sufficiently redundant and robust centralized DHCP service
is
hard. And the edge router still has to do most of the same work
anyway,
relaying broadcasts and injecting access routes. The centralized DHCP
server just adds an unneccessary single point of failure.
I agree that it's a complication, but imo it's a reasonable tradeoff for
effective IP space usage. For relatively big IP pools it would be
sufficient saving. From KEA DHCP server documentation I see that
different scenarios for HA are supported, so some redundancy can be
achieved.
Another question that puzzles me is how to use multiple discontinuous
pools with DHCP server. With Junos internal DHCP I can link DHCP pools
in the same way as for PPPoE and just assign additional GW IP to lo0.
With that Junos takes care of finding available IP in pools and use
proper GW address. In case of external DHCP server, router has to insert
relay option but how can it choose what subnet to use in this case if
there are more than one available? This problem should be also actual
for big cable segments, although for cable interface IP addresses are
directly configured on the interface, but for Junos BNG a
customer-facing interface is unnumbered.
Kind regards,
Andrey
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
