Cisco Service Control Subscriber Manager LEGs User Guide, Release 4.2.x
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
- Updated:
- August 29, 2014
Chapter: About the DHCPv6 Lease Query LEG
About the DHCPv6 Lease Query Login Event Generator
Introduction
This chapter describes the Service Control Management Suite (SCMS) Subscriber Manager (SM) DHCPv6 Lease Query Login Event Generator (LEG) software module.
Information About the DHCPv6 Lease Query LEG
The Cisco Service Control Subscriber Manager DHCPv6 Lease Query LEG is a software module that handles pull-requests from different Cisco Service Control Engine (Cisco SCE) platforms in the network. The LEG queries the DHCPv6 server using a DHCPv6 Lease-Query transaction. The DHCPv6 Lease Query LEG can be run on the SM server.
To use DHCPv6 Lease Query LEG, SM must be configured in dual stack mode, so that the SM contains IPv6 management address as well.
To use the DHCPv6 Lease Query LEG, the DHCPv6 server must conform to RFC 5007.
Note
DHCPv6 Lease Query LEG on Cisco SCE is not supported.
DHCPv6 Lease Query LEG Operation
Figure 11-1 represents the operation of the DHCPv6 Lease Query LEG.
Figure 11-1 DHCPv6 Lease Query LEG Operation - SM Installation
The subscriber's traffic (1) triggers a pull-request from the SCE (2). The SM receives the request for processing. If the SM does not find a subscriber with a matching IP address in the subscriber database, it passes the pull-request to the DHCPv6 Lease Query LEG (3). The LEG queries the DHCPv6 server. If the server finds a match for the IP address in its database, the server replies with the subscriber information (4). The LEG performs a login operation (5). This operation updates the subscriber database based on the received information and logs the subscriber into the SCE (6), which triggered the pull-request.
The DHCPv6 Lease Query LEG supports the active_active mode only when the lease information of the configured servers are shared between the configured servers. The LEG queries all the servers that are configured, and accepts the lease provided by the servers that respond first.
NoteAn Internet Engineering Task Force (IETF) standard defines the DHCPv6 Lease-Query transaction. The LEG supports the RFC 5007 standard.
Information About the DHCPv6 Lease Query LEG Functionality
The DHCPv6 Lease Query LEG Process
For the DHCPv6 Lease Query LEG to work, the Subscriber Manager and the DHCPv6 server should run on the IPv6 management address.
The DHCPv6 Lease Query LEG processes the DHCPv6 Lease Query transactions to the DHCPv6 server using the IPv6 address indicated in the pull request from Cisco SCE.
The DHCPv6 server replies whether there is an active lease (DHCPv6 LEASE QUERY REPLY message) for this IPv6 address and provides information about the subscriber associated with this IP address according to the list of options requested by the LEG.
The DHCPv6 Lease Query LEG supports up to two redundant DHCPv6 servers (Active_Standby). The LEG identifies a server failure by counting the consecutive requests that time out. After a configurable threshold of timed-out requests, the LEG starts to send the requests to the recently activated server, which was previously in standby. The LEG does not return to the failed server until the activated server fails.
When installing the DHCPv6 Lease Query LEG on the Subscriber Manager server, the LEG runs with the privileges assigned to the pcube user on this machine. On UNIX platforms, because only the super user (root) can open ports under 1024, the LEG cannot open the DHCPv6 ports. To solve this problem, a simple application is supplied with the LEG, which forwards the DHCPv6 packets from the LEG to the DHCPv6 servers and back. This application is the DHCP Forwarder, which is described in the “DHCP Forwarder Application” chapter.
NoteThe trigger for the DHCPv6 Lease Query LEG to send a query to the DHCPv6 server is unknown subscriber traffic followed by a pull request from Cisco SCE. Therefore, if a subscriber’s package is changed in the DHCPv6 server, the Subscriber Manager receives the new package information only when the subscriber logs in the next time.
The DHCPv6 Lease Query LEG Process—Multiple Server Environment
From Cisco SCE Release 4.0.0, the DHCPv6 Lease Query LEG supports multiple DHCPv6 server deployments (Active_Active mode).
DHCPv6 Server With Fail Over Support
As the DHCPv6 server supports fail over, all the servers lease information should be synchronized.
NoteISP has to configure the IPv6 address without any collisions/duplication.
In multiple DHCPv6 server deployments, the LEG checks the replies of all the servers to get the active lease (DHCPv6 LEASE QUERY REPLY message) from the list of configured Servers.
Cisco Service Control Subscriber Manager queries all DHCPv6 servers and LEG will login the first received active reply.
If DHCPv6 Lease Query LEG sends a query to the servers for retrieving the renewed lease details through Auto Logout mechanism and does not receive a reply from any one of the servers, the LEG waits till the session time out interval to receive a reply. We recommend that you configure the value of the auto_logout_interval parameter in p3sm.cfg greater than the value of ipv6_session_timeout parameter.
For example, the DHCPv6 Lease Query LEG sends a query to two servers for retrieving the renewed lease details and waits for a reply message. The first server replies as non active for the queried IPv6 address and the second server does not reply due to server failure. The LEG will wait for the reply from the second server until the session timeout value (ipv6_session_timeout) and then trigger logout event for the queried mapping from Cisco Service Control Subscriber Manager and Cisco SCE. If both servers reply with a Non Active message, the LEG immediately triggers a logout event. By Default, 3 DHCPv6 servers can be configured in Active_Active mode.
DHCPv6 Server Without Fail Over Support
As the DHCPv6 server does not support fail over, each server maintains a separate range of IPv6 addresses and provides address to its clients.
NoteISP has to configure the IPv6 address without any collisions/duplication.
In multiple DHCPv6 server deployments, the LEG checks the replies of all the servers to get the active lease (DHCPv6 LEASE QUERY REPLY message) from the list of configured Servers.
As there is no way to determine which of the configured server has assigned the addresses to subscriber, the Cisco Service Control Subscriber Manager queries all DHCPv6 servers and the LEG will login the first received active reply. There should be only one active reply for the queried IPv6 address from the configured servers. If there are more than one active replies for the same IPv6 address, the first received active reply details is used and all other replies are considered as duplicates.
If DHCPv6 Lease Query LEG sends a query to the servers for retrieving the renewed lease details through Auto Logout mechanism and does not receive a reply from any one of the servers, the LEG waits till the session time out interval to receive a reply. We recommend that you configure the value of the auto_logout_interval parameter in p3sm.cfg greater than the value of ipv6_session_timeout parameter.
For example, the DHCPv6 Lease Query LEG sends a query to two servers for retrieving the renewed lease details and waits for a reply message. The first server replies as non active for the queried IPv6 address and the second server does not reply due to server failure. The LEG will wait for the reply from the second server until the session timeout value (ipv6_session_timeout) and then trigger logout event for the queried mapping from Cisco Service Control Subscriber Manager and Cisco SCE. If both servers reply with a Non Active message, the LEG immediately triggers a logout event. By Default, 3 DHCPv6 servers can be configured in Active_Active mode.
DHCPv6 Lease Query Transaction
The DHCPv6 Lease Query transaction is a DHCPv6 transaction where the client (LEG) sends a DHCPv6 LEASE QUERY message (as per RFC 5007) to the server, indicating the information it wants to query. The LEG uses the Query by IPv6 address method to retrieve the configured options and IPv6 address details from the DHCPv6 server. The DHCPv6 server replies whether there is an active lease (DHCPv6 LEASE QUERY REPLY message) for the IPv6 address, and provides information on the subscriber associated with the IPv6 address, based on the list of options requested by the LEG.
The following is a detailed description of the attributes extracted from the DHCPv6 LEASE QUERY REPLY message.
The server reply message contains the following Identity Association for Non-temporary Address (IA_NA) details:
- IPv6 address—An IPv6 address.
- preferred-lifetime—The preferred lifetime for the IPv6 address in the option, expressed in units of seconds.(After this timeframe the assigned address is deprecated.)
- valid-lifetime—The valid lifetime for the IPv6 address in the option, in seconds. After this timeframe, the assigned address becomes invalid. This is the LEASE TIME for the IP address.
- IA Addr-options—Options associated with this address.
NoteIA_NA address is treated as a prefix by the Subscriber Manager. For details, see the“DHCPv6 Subscriber Manager Integration Configuration” chapter.
The server reply message may contain the Identity Association for Prefix Delegation (IA_PD) address details. These provide the IPv6 prefix details of a subscriber. The following fields are available:
- preferred-lifetime—The recommended preferred lifetime for the IPv6 prefix in the option, expressed in seconds.
- valid-lifetime—The valid lifetime of the IPv6 prefix in the option, expressed in units of seconds. This is the actual LEASE TIME of the prefix.
- prefix-length—Length of this prefix, in bits.
- IPv6-prefix—An IPv6 prefix.
- prefix-options—Options associated with this prefix.
The following is a detailed description of the attributes from the DHCPv6 Lease Query Reply:
- Subscriber IP—The subscriber IPv6 prefix retrieved from OPTION_IAPREFIX (26).
- Lease time—The assigned IP is added to the Subscriber Manager database with a lease time taken from option 26, which contains lifetime and valid lifetime values.Valid lifetime is the lease time for the assigned prefix.
- Subscriber ID—The REMOTE_ID (37) option is used by default to get the Subscriber ID. The OPTION_VENDOR_OPTS (17) option can also be used as the Subscriber ID. Details of the Subscriber ID should be available in the DHCPv6 relay message as per RFC 5007.
- Policy—The OPTION_VENDOR_OPTS (17) is used to get the policy information. Multiple instances of the vendor-specific information option may appear in a DHCPv6 Lease Query Reply message. Each suboption is interpreted according to the options defined by vendor details.
After extracting the preceding information, the LEG logs the subscriber into the Subscriber Manager.
Installation and Usage
The DHCPv6 Lease Query LEG is part of the SM installation package. The SM installation package also includes configuration files and the Command-Line Utility of the LEG.
For information about using the DHCPv6 Lease Query LEG on the SM, see the DHCPv6 Subscriber Manager Integration Configuration chapter. For information about installing and using the DHCP Forwarder application see the DHCP Forwarder Application Enhancements for DHCPv6 chapter.
Feedback