Restricting and Customizing Services for Subscribers
Service scopes let you customize which services are to be delivered to specific organizations or specific locales. You can use service scopes to provision services for a group of subscribers by specifying:
A service scope is a collection of services and mutex groups, and optionally defines parameter substitutions for its associated services. For more information about parameter substitutions, see Chapter 15, Defining and Acquiring Values for Parameters. The object o=Services is the generic service scope—a collection of services and mutex groups available to all subscribers.
You can assign service scopes to VRs (see Configuring Service Scopes) and to some types of subscribers (see SRC-PE Subscribers and Subscriptions Guide, Chapter 13, Configuring Subscribers and Subscriptions with SDX Admin).
Assigning Service Scopes to Multiple VRs and Subscribers
You can also assign a service scope to multiple VRs and subscribers. For example, by assigning a service scope to a group of VRs, you can specify that a service is available only in the locations served by those VRs. If a subscriber of this service accesses the network from a location where you do not offer this service, the portal will not display the service, and the subscriber will not be able to use it.
If you assign a service scope to multiple VRs and subscribers, you specify a precedence—a numerical ranking—for each service scope. The lower the precedence value, the higher the ranking of the service scope. By default, the object o=Services has the highest precedence value and the lowest ranking.
Defining Multiple Scopes for a Service
If multiple service scopes that define the same service are assigned to a VR or subscriber, the SAE selects the parameters to use for the service as follows:
- Selects the parameters that are defined by only one service scope.
- If the same parameter is defined by more than one service scope, selects the parameter as follows:
- Selects the parameter associated with the service scope that has the lowest precedence value.
- If the parameter is defined by multiple service scopes with the same precedence value, selects the parameter defined by the service scope with the lowest alphanumerical name.
For example, consider the situation shown in Table 7, in which three scopes define several parameters for the same service.
The SAE will use the following parameter definitions for the service:
- Description from scope s1 (s1 has the lowest precedence value)
- Policy group from scope s1 (only s1 defines this parameter)
- URL from scope s2 (s2 has a lower alphanumeric name than s3)
You can also configure a generic Internet access service, and use service scopes to define the access parameters for different locations to use this service. If multiple service scopes that define this Internet access service are assigned to a VR, the SAE uses the precedence values to determine how to customize the service.
Configuring Service Scopes
The tasks to configure a service scope are:
- Adding Service Scopes
- Assigning Services to Service Scopes
- Adding Mutex Groups to Service Scopes
- Assigning Service Scopes
Adding Service Scopes
The New Service Scope dialog box appears.
An object for the new service scope appears in the navigation pane, and basic details for the new service scope appear in the Main tab of the Service Scope pane.
![]()
- Use the field descriptions in Service Scope Field to configure the service scope, and then click Save.
- (Optional) You can configure parameters for service scopes. See Configuring Substitutions.
Service Scope Field
Use the field in this section to configure a service scope.
Precedence
- Ranking of this service scope.
- Value—A positive integer; the lower the precedence value, the higher the ranking of the service scope
- Default—No value
Assigning Services to Service Scopes
To assign services to a scope:
- In the SDX Admin navigation pane, highlight the scope to which you want to assign a service, and right-click.
- Select New > SSP Service.
The New SSP Service dialog box appears.
- Select an existing service from the Service name menu, and click OK.
- Enter a new service name to define a service that appears only in this scope, and click OK.
An object for the assigned service appears subordinate to the service scope in the navigation pane, and details for the new service scope appear in the Main tab of the Service Scope pane.
- If you defined a new service that appears only in this scope, configure the service, and click Save in the pane.
Adding Mutex Groups to Service Scopes
You can add mutex groups to a service scope. If the SAE selects a particular scope, the SAE uses mutex groups in that scope to determine which services it can concurrently activate for a subscriber.
To add a mutex group to a service scope.
- In the SDX Admin navigation pane, highlight the scope to which you want to assign a service, and right-click.
- Follow the instructions in Adding a Mutex Group.
Assigning Service Scopes
You can assign multiple service scopes to a VR or subscriber, and you can assign a service scope to multiple VRs and subscribers.
NOTE: You must define the service scope before you can assign it to other objects.
- In the SDX Admin navigation pane, click the object to which you want to assign the service scope.
- Click the magnifying glass below the Scope field in the Main tab of the associated pane.
The Select Object window appears.
You can shift-click or control-click service scopes to select multiple options.
The service scopes appear in the associated pane.
The service scopes appear in the Services field of the associated pane.
Service Scope Configuration Examples
The following sections provide two practical examples for using scopes to customize your service configuration.
Example: Delivering a Limited Set of Services to Organizations
You can use service scopes to create a limited set of services to be made available to specified organizations. For enterprise users, you could define a set of services available on the JUNOS routing platform.
To deliver a small set of services to specified enterprises:
- Create a scope for the services to be made available. For example, see o=umc, o=Scopes, l=EntJunos in the sample data.
- Add SSP services to the scope, such as those in the sample data under o=umc, o=Scopes, l=EntJunos.
- Assign the scope to one or more enterprises. For example, see o=umc, o=Users, ou=local, enterpriseName=ABCInc, and o=umc, o=Users, ou=local, enterpriseName=Acme.
If you use an enterprise service portal to manage these organizations, you see only the services for the specified scope from the portal. Other services are not visible to the IT managers who manage services and subscriptions from the enterprise service portal. To see the services available to Acme and ABC Inc. from Enterprise Manager Portal, see SRC-PE Subscribers and Subscriptions Guide, Chapter 29, Managing Services with Enterprise Manager Portal.
Example: Customizing Generic Services to Particular Regions
You could use service scopes to allow a wholesaler to customize a generic audio service called Audio-Bronze on a regional basis. As a starting point, this example assumes that the network is configured so that the VR boston serves the Boston subnet and the VR chicago serves the Chicago subnet.
To customize the new service Audio-Bronze for the Boston and Chicago subnets:
- Add the Audio-Bronze service, and configure all relevant parameters except the Service IP and Service IP Mask fields in the Parameter tab of the SSP Service pane.
This IP address and mask determine an access point to the service provider's equipment.
- Set up a scope called scope_boston that specifies the IP address and mask used by VR boston in the Substitution field of the Parameter tab of the Service Scope pane.
- Set up a scope called scope_chicago that specifies the IP address and mask used by VR chicago in the Substitution field of the Parameter tab of the Service Scope pane.
- Assign the service Audio-Bronze to service scopes scope_boston and scope_chicago.
- Assign the service scope scope_boston to VR boston and the service scope scope_chicago to VR chicago.
Figure 5 shows how this configuration would appear in the SDX Admin navigation pane. When the network starts operating, the SAE substitutes the parameters you specified in the service scope definition for the corresponding fields in the service subordinate to that scope.
![]()