Supported Platforms
Related Documentation
Subscriber Access Interface Description Storage and Reporting Through RADIUS Overview
You can configure Junos OS to store subscriber access interface descriptions and report the interface description through RADIUS. This capability enables you to uniquely identify subscribers on a particular logical or physical interface. When you enable storing of the interface descriptions, RADIUS requests include the interface description in VSA 26-63, if the subscriber’s access interface has been configured with an interface description. All interface descriptions must be statically configured using the Junos OS CLI. Storing and reporting of interface descriptions is supported for DHCP, PPP, and authenticated dynamic VLANS, and applies to any client session that either authenticates or uses the RADIUS accounting service. The description can contain letters, numbers, and hyphens (-), and can be up to 64 characters long.
You can enable or disable storage and reporting of interface descriptions as follows:
- To enable storing and reporting of interface descriptions, include the report-interface-descriptions statement at the [edit access] hierarchy level.
- To disable storing and reporting of interface descriptions, include the radius attributes exclude statement at the [edit access profile profile-name hierarchy level.
Interface Description Precedence
The interface description sent in the VSA depends on the configured interface. Two configuration models apply across topologies and protocols for subscriber management.
- Subscriber logical interface directly over a physical interface (non-underlying logical interfaces).
- Subscriber logical interface over an underlying logical interface and physical interface.
In both models, Junos OS selects the interface description to report based on order of precedence. Interfaces not configured with interface descriptions are excluded when selecting an interface by precedence. If no interface description is configured on any of the static interfaces in the subscriber interface hierarchy, VSA 26-63 is not sent in any of the RADIUS messages.
Example: Reporting Interface Descriptions on Non-Underlying Logical Interfaces
This topic shows an example of subscriber access with non-underlying logical interfaces. In this case, the logical interface can be a VLAN or a VLAN demux interface. This example shows a DHCP subscriber logical interface over a VLAN without a demux interface. For non-underlying interfaces, Junos OS selects which interface description to report based on the following order of precedence:
- Logical interface description
- Physical interface description
Based on the order of precedence that Junos OS uses to select the interface description for non-underlying interfaces, Junos OS reports subscriber_ifl_descr as the interface description.
system {
services {
dhcp-local-server {
group LSG1 {
authentication {
password radius;
username-include {
user-prefix rich;
}
}
}
interface ge-1/0/0.100;
}
}
}
}
interfaces {
ge-1/0/0 {
description subscriber_ifd_descr;
vlan-tagging;
unit 100 {
description subscriber_ifl_descr;
vlan-id 100;
family inet {
unnumbered-address lo0.0 preferred-source-address 100.20.0.1;
}
}
}
}
Reporting Interface Descriptions on Underlying Logical Interfaces
Underlying logical interfaces can apply to both DHCP and PPP.
For DHCP, Junos OS selects which interface description to report based on the following order of precedence:
- Underlying logical interface description
- Underlying physical interface description
 | Note: For DHCP, Junos OS does not report the IP demux logical interface description. |
For PPP over an underlying VLAN or VLAN demux interface, Junos OS selects which interface description to report based on the following order of precedence:
- PPP interface description
- Underlying VLAN without a demux interface or VLAN demux logical interface description
- Underlying physical interface description
Example: PPP over an Underlying VLAN Demux Interface
The following example shows a PPP subscriber over an underlying VLAN demux interface. This configuration includes three possible interface descriptions. Based on the order of precedence that Junos OS uses to select the interface description for PPP, the interface description is reported as subscriber_ppp_ifl_descr_0.
interfaces {
ge-1/0/0 {
description subscriber_ifd_descr;
hierarchical-scheduler maximum-hierarchy-levels 2;
flexible-vlan-tagging;
}
demux0 {
unit 0 {
vlan-tags outer 1 inner 1;
description subscriber_under_ifl_descr_1_1;
demux-options {
underlying-interface ge-1/0/0;
}
family pppoe {
duplicate-protection;
}
}
unit 1 {
vlan-tags outer 1 inner 2;
description subscriber_under_ifl_descr_1_2;
demux-options {
underlying-interface ge-1/0/0;
}
family pppoe {
duplicate-protection;
}
}
}
pp0 {
unit 0 {
description subscriber_ppp_ifl_descr_0;
ppp-options {
chap;
pap;
}
pppoe-options {
underlying-interface demux0.0;
server;
}
}
unit 1 {
description subscriber_ppp_ifl_descr_1;
ppp-options {
chap;
pap;
}
pppoe-options {
underlying-interface demux0.1;
server;
}
}
}
}
Interface Descriptions on Aggregated Ethernet Physical Interfaces
For aggregated Ethernet interfaces, the interface description on the aggregated Ethernet interface, for example AE0 or AE1, serves as the physical interface description.
Interface Descriptions on a Combination of Dynamic and Static Interfaces
If the subscriber’s access is a combination of dynamic and static interfaces, Junos OS uses the description on the static interface.
Example: Reporting Interface Descriptions on Dynamic VLANs
If you create dynamic VLANs with authentication, Junos OS reports the interface description on the physical interface. In the following example, dynamic VLANs created over the ge-1/2/0 interface are authenticated with an interface description of ge-1/2/0-bos-mktg-group.
ge-1/2/0 {
description ge-1/2/0-bos-mktg-group;
flexible-vlan-tagging;
auto-configure {
vlan-ranges {
dynamic-profile vlan-prof {
accept inet;
ranges {
any;
}
}
authentication {
password radius;
username-include {
user-prefix rich;
}
}
}
}
}
