Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation

Specifying an AAA Logical System/Routing Instance in a Domain Map

By default a domain map uses the subscriber logical system/routing instance as the context in which the authd daemon sends AAA authentication and accounting requests. You can optionally configure the domain map to direct AAA requests to a particular context based on the subscriber domain name. Specifying a non-default AAA context enables you to manage workflow and traffic load, and to efficiently make changes for a large number of subscribers. For example, after upgrading your RADIUS services, you might configure a domain map to specify that all subscribers in the domain xyz.com are now authenticated by a RADIUS server in a particular non-default AAA context.

Note: Changing the AAA context does not change the subscriber context. You use the target-logical-system command to explicitly configure the logical system/routing instance for subscribers.

To configure the default logical system and a non-default routing instance for AAA requests:

  1. Specify the domain map you want to configure.
    [edit access]user@host# edit domain map domain-map-name
  2. Specify the non-default routing instance. The AAA logical system is automatically set to the default.
    [edit access domain map domain-map-name]user@host# set aaa-routing-instance routing-instance-name

Note: Subscriber management is supported in the default logical system only. The following procedure, which describes configuring a non-default logical system, is for future extensions of subscriber management and is not supported in current Junos OS releases.

To configure a non-default logical system in which you want the authd daemon to send AAA requests:

  1. Specify the domain map you want to configure.
    [edit access]user@host# edit domain map domain-map-name
  2. Specify the logical system and optionally the non-default routing instance for AAA requests.
    • To configure a non-default logical system and default routing instance for AAA requests:
      [edit access domain map domain-map-name]user@host# set aaa-logical-system logical-system-name
    • To configure a non-default logical system and a non-default routing instance for AAA requests:
      [edit access domain map domain-map-name]user@host# set aaa-logical-system logical-system-name aaa-routing-instance routing-instance-name
 

Related Documentation

 

Published: 2013-02-11

Previous Page Next Page