error when adding Primary-DNS

Vacheslav m_zouhairy at skno.by
Tue Dec 19 10:52:12 CET 2017 

A direct insult ! If you consider yourself a  bozo, that does mean we accept devaluing of  ourselves.

-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+m_zouhairy=skno.by at lists.freeradius.org] On Behalf Of Bjorn Mork
Sent: Tuesday, December 19, 2017 12:44 PM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: error when adding Primary-DNS

Alan DeKok <aland at deployingradius.com> writes:
> On Dec 18, 2017, at 4:35 PM, J E H A N Z A I B <jehanzaib.kiani at gmail.com> wrote:
>> Not inventing, I am reading the guide from Juniper website.
>> https://www.juniper.net/documentation/en_US/junos/topics/reference/ge
>> neral/aaa-access-message-attributes.html
>
>   Juniper is not the same as FreeRADIUS.
>
>   The Juniper documentation assumes you're using the Juniper RADIUS server.
>
>> Primary-DNS and Secondary-DNS are supported by Junos.
>
>   That's nice.  FreeRADIUS doesn't use the Juniper names, because most vendors use horrible names, and they conflict with each other.
>
>> do you think I should add into dictionary ?
>
>  Don't edit the dictionaries.
>
>  Read the "dictionary.juniper" file.  Look for similar names:
>
> ATTRIBUTE	Juniper-Primary-Dns			31	ipaddr
>
>   And use those names.

Note that this can be a bit more complicated with Juniper for hysterical raisins.  They use two different vendor IDs and dictionaries on JUNOS, depending on which RADIUS service you're talking about.  The docs above refer to "AAA for Subscriber Management". That code is inherited from the ERX platform and is still using the ERX VSAs with vendor ID 4874.

So you need to look in the "dictionary.erx" file for those attributes:

ATTRIBUTE       ERX-Primary-Dns                         4       ipaddr


This code originated from Unisphere. And at some point Juniper decided to stick to the 'Unisphere' prefix for the 4874 based attributes (not consistently though - they use 'Jnpr' for a few attributes). In an attempt to remove some of the confusion, FreeRADIUS syncronized with the Juniper default names when preparing for v4.x.  So when upgrading from
v3.0 you will have to look in "dictionary.unisphere" instead of "dictionary.erx".  And the primary DNS attribute is then named

ATTRIBUTE       Unisphere-Primary-Dns                   4       ipaddr


Confused now?  You've seen nothing yet :-)

This has little to do with FreeRADIUS of course, as Alan already pointed out.  It's mostly a Juniper thing.  You should really use the Juniper support you most likely are paying for instead of trusting a random bunch of community bozos.



Bjørn

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list