The end user (in this case ONT) sends a DHCP Discovery packet. Then the OLT (configured as dhcp snooping) receives the packet from ONT, adds option82 (containing information about the ONT number and port number to which the ONT is connected) and then transmits it to the NE20 router by broadcast. The router receives package DHCP Discovery on the port on which the BRAS service is configured. The router is designed to perform end user autentication. Router uses an external RADIUS server for this. When sending a query to the RADIUS server, the router should include information about the option82 in the authentication packet. The RADIUS server should authenticate the end-user based on information about option82. After receiving information from the RADIUS server about the correct authorization of the end user, the router sends a request to an external DHCP server to obtain the IP address for the end user (here option 82 is no longer used). In terms of DHCP, Router is configured as DHCP relay.
For now the RADIUS server authenticate end users based on their MAC address. We want to change it so that authorization takes place using the information contained in option 82.
The solution is to
configure client-option82 command on relay interface. The
client-option82 command configures the NE20E to trust the access-line-id
information (for a DHCP user) sent from the DHCP client.