[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]


Classifying Interfaces

Use the following configuration statements to define interface classification scripts:

shared network device name interface-classifier rule name {
target target;
script script;
}

shared network device name interface-classifier rule name condition name ...

A classification script can contain either a target and a condition or a script. If you do not define a script, the classifier must have both a target and a condition.

To define interface classification scripts:

  1. From configuration mode, enter the interface classifier configuration for a device.
  2. user@host# edit shared network device erx-node1 interface-classifier
    
    
    
  3. Create a rule for the subscriber classifier. You can create multiple rules for the classifier.
  4. [edit shared network device erx-node1 interface-classifier]
    
    user@host# edit rule rule-3
    
    
    
  5. Configure either a target or a script for the rule.
  6. [edit shared network device erx-node1 interface-classifier rule rule-3]
    
    user@host# set script script
    
    
    

OR

[edit shared network device erx-node1 interface-classifier rule rule-3]
user@host# set target target

  1. If you configured a target for the rule, you must configure a match condition for the rule. You can create multiple conditions for the rule. See Interface Classification Conditions.
  2. [edit shared network device erx-node1 interface-classifier rule rule-3]
    
    user@host# set condition name
    
    
    
  3. (Optional) Change the order of rules.
  4. [edit shared network device erx-node1 interface-classifier]
    
    user@host# insert rule rule-5 before rule-4
    
    
    
  5. (Optional) Rename a rule.
  6. [edit shared network device erx-node1 interface-classifier]
    
    user@host# rename rule rule-5 to DHCP
    
    
    
  7. (Optional) Verify the classifier rule configuration.
  8. [edit shared network device erx-node1 interface-classifier rule rule-3]
    
    user@host# show
    
    target /sample/junose/PPP-special;
    
    condition {
    
      "pppLoginName=\"*@special.com\"";
    
    }
    
    
    
  9. (Optional) Verify the interface classifier configuration.
  10. [edit shared network device erx-node1 interface-classifier]
    
    user@host# show
    
    rule rule-1 {
    
      script "
    
    # Use the following syntax:
    
    #
    
    # descr-file ::= [script] section*
    
    # section    ::= ('[' type ']' nl conditions) | ('[*]' nl script)
    
    # type       ::= 'a-zA-Z0-9-_'*
    
    # nl         ::= '\\n'
    
    # conditions ::= ((('#'|';') comment) |
    
    #                (['&'|'|'] field-name ( '='|'=='|'!=') match) nl)*
    
    # field-name ::= member of InterfaceObject
    
    # match      ::= UNIX style filename matching
    
    # script     ::= regular python script, defined functions need to be
    
    #                  included in the list \"classify\"
    
    #
    
    # the section-names correspond to a PolicyList object below
    
    # o=Policies, o=umc:
    
    # [name] => DN: \"policyGroupName=name, o=Policies, o=umc\"
    
    #
    
    # Use one of the following \"field names\":
    
    #   pppLoginName      - set to \"user@realm\", if interface is PPP
    
    #   interfaceName     - name of the ERX Interface in CLI syntax
    
    #   virtualRouterName - name of the VR the interface is connected to
    
    
    
    ";
    
    }
    
    rule rule-2 {
    
      script "
    
    # apply different default policies for PPP subscribers in realm
    \"special.com\"
    
    def log(obj):
    
        from net.juniper.smgt.sae import Main
    
        icc = Main.theComponentRegistry.get(\"icc.component\")
    
        if icc is None:
    
            Main.theComponentRegistry.put(\"icc.component\", [])
    
        else:
    
            icc.append(obj)
    
    classify.append(log)
    
    ";
    
    }
    
    rule rule-3 {
    
      target /sample/junose/PPP-special;
    
      condition {
    
        "pppLoginName=\"*@special.com\"";
    
      }
    
    }
    
    rule rule-4 {
    
      target /sample/junose/PPP;
    
      condition {
    
        "pppLoginName!=\"\"";
    
      }
    
    }
    
    rule rule-5 {
    
      target /sample/junose/DHCP;
    
      condition {
    
        "interfaceName=\"fastEthernet*\"";
    
        "interfaceName=\"atm*/*.*\"";
    
      }
    
    }
    

Interface Classification Conditions

Use the fields in this section to define interface classification conditions.

broadcastAddr

ifAlias

ifDesc

interfaceName

For JUNOS routing platforms: interfaceName="fe-0/1/0.0"

For forwarding interface: interfaceName="FORWARDING_INTERFACE"

ipAddress

ipMask

mtu

nasPortId

pppLoginName

radiusClass

serviceBundle

userIpAddress

virtualRouterName

For JUNOS routing platforms: name of the routing instance

Example: Managing Interfaces for Premium and Basic PPP and DHCP Subscribers

In this scenario, the router manages two types of PPP interfaces—DHCP subscriber interfaces and static IP interfaces. The fastEthernet4/0.1 to fastEthernet4/0.999 interfaces are VLAN interfaces used to terminate DHCP subscribers.

The service provider has separated the PPP subscribers into a premium subscriber group and a basic subscriber group. These groups are distinguished by a different set of default policies applied to the PPP interface. The RADIUS class attribute in the RADIUS profile for premium subscribers is set to Premium. The rules in the interface classification script for this scenario are:

The script is processed as follows:

  1. If pppLoginName is not blank and radiusClass is Premium, the PPP-premium policy group is sent to the SAE, and script processing stops.
  2. If script processing proceeds and pppLoginName is not blank, the PPP-basic policy group is sent to the SAE, and script processing stops.
  3. If script processing proceeds and interfaceName is fastEthernet 4/0.0 through fastEthernet 4/0.999, the DHCP policy group is sent to the SAE, and script processing stops.

Example: Managing Specific Interfaces

This example causes the SAE to load the DHCP policy group on IP interfaces on Fast Ethernet modules in slot 3/port 1, slot 1/port 1, or any port on slot 2. The SAE then manages these interfaces.

[edit shared network device erx-node2 interface-classifier rule rule-1]
user@host# show
target /junose/DHCP;
condition {
  interfaceName=FastEthernet3/1;
  interfaceName=FastEthernet1/1;
  interfaceName=FastEthernet2/*;
}

Example: Managing Interfaces by Using the Interface Description

This example causes the SAE to load the DHCP policy group on any interface where the ifAlias starts with DHCP-subscribers.

[edit shared network device erx-node2 interface-classifier rule rule-2]
user@host# show
target /junose/DHCP;
condition {
  ifAlias=DHCP-subscribers*;
}

For this approach, you will need to use the ip description command to configure interface aliases that begin with DHCP-subscribers for all interfaces that support DHCP subscribers.


[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]