How do you define Framed-IP-Netmask 255.255.255.255 in RADIUS accounting? By default, the MX router will send Framed-IP-Netmask as IP Pool.
[edit access address-assignment pool test] jtac@ERX-MX480-1-RE0# show family inet { network 10.220.32.0/24; range test { low 10.220.32.1; high 10.220.32.255; } } No. Time Source Destination Protocol Length Info 5 4.234499 10.204.12.100 10.204.95.67 RADIUS 257 Accounting-Request(4) (id=55, l=215) Frame 5: 257 bytes on wire (2056 bits), 257 bytes captured (2056 bits) Ethernet II, Src: Netscreen_ff:10:02 (00:10:db:ff:10:02), Dst: Vmware_8d:00:67 (00:50:56:8d:00:67) Internet Protocol Version 4, Src: 10.204.12.100 (10.204.12.100), Dst: 10.204.95.67 (10.204.95.67) User Datagram Protocol, Src Port: 56734 (56734), Dst Port: radius-acct (1813) Radius Protocol Code: Accounting-Request (4) Packet identifier: 0x37 (55) Length: 215 Authenticator: de98cb33265338129640c18330615e22 [The response to this request is in frame 7] Attribute Value Pairs AVP: l=13 t=User-Name(1): skarthi@tel AVP: l=6 t=Acct-Status-Type(40): Start(1) AVP: l=6 t=Acct-Session-Id(44): 1318 AVP: l=6 t=Event-Timestamp(55): Feb 17, 2015 00:59:22.000000000 India Standard Time AVP: l=6 t=Service-Type(6): Framed(2) AVP: l=6 t=Framed-Protocol(7): PPP(1) AVP: l=22 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=Acct-Authentic(45): RADIUS(1) AVP: l=6 t=Acct-Delay-Time(41): 0 AVP: l=22 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=Framed-IP-Address(8): 10.220.32.1 AVP: l=6 t=Framed-IP-Netmask(9): 255.255.255.0 AVP: l=17 t=NAS-Identifier(32): ERX-MX480-1-RE0 AVP: l=6 t=NAS-Port(5): 400 AVP: l=18 t=NAS-Port-Id(87): ae0.demux0.0:400 AVP: l=6 t=NAS-Port-Type(61): Ethernet(15) AVP: l=31 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=NAS-IP-Address(4): 10.204.12.100
Here you can use mask-length 32 under address-assignment, or return RADIUS attribute Framed-IP-Netmask 255.255.255.255 as a workaround.
Please note that mask-length is a hidden command.
Example:
[edit access address-assignment pool test] jtac@ERX-MX480-1-RE0# show family inet { network 10.220.32.0/24; mask-length 32; range test { low 10.220.32.1; high 10.220.32.255; } } No. Time Source Destination Protocol Length Info 5 5.630271 10.204.12.100 10.204.95.67 RADIUS 257 Accounting-Request(4) (id=59, l=215) Frame 5: 257 bytes on wire (2056 bits), 257 bytes captured (2056 bits) Ethernet II, Src: Netscreen_ff:10:02 (00:10:db:ff:10:02), Dst: Vmware_8d:00:67 (00:50:56:8d:00:67) Internet Protocol Version 4, Src: 10.204.12.100 (10.204.12.100), Dst: 10.204.95.67 (10.204.95.67) User Datagram Protocol, Src Port: 56734 (56734), Dst Port: radius-acct (1813) Radius Protocol Code: Accounting-Request (4) Packet identifier: 0x3b (59) Length: 215 Authenticator: 4e6592fb585240f621dc066d58de85f9 [The response to this request is in frame 7] Attribute Value Pairs AVP: l=13 t=User-Name(1): skarthi@tel AVP: l=6 t=Acct-Status-Type(40): Start(1) AVP: l=6 t=Acct-Session-Id(44): 1319 AVP: l=6 t=Event-Timestamp(55): Feb 17, 2015 01:11:43.000000000 India Standard Time AVP: l=6 t=Service-Type(6): Framed(2) AVP: l=6 t=Framed-Protocol(7): PPP(1) AVP: l=22 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=Acct-Authentic(45): RADIUS(1) AVP: l=6 t=Acct-Delay-Time(41): 0 AVP: l=22 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=Framed-IP-Address(8): 10.220.32.2 AVP: l=6 t=Framed-IP-Netmask(9): 255.255.255.255 AVP: l=17 t=NAS-Identifier(32): ERX-MX480-1-RE0 AVP: l=6 t=NAS-Port(5): 400 AVP: l=18 t=NAS-Port-Id(87): ae0.demux0.0:400 AVP: l=6 t=NAS-Port-Type(61): Ethernet(15) AVP: l=31 t=Vendor-Specific(26) v=Juniper Networks/Unisphere(4874) AVP: l=6 t=NAS-IP-Address(4): 10.204.12.100