Configuring SRC-ACP Properties
To configure SRC-ACP properties, perform these tasks:
- Configuring Logging Destinations for SRC-ACP
- Configuring SRC-ACP Operation
- Configuring CORBA Interfaces
- Configuring SRC-ACP Redundancy
- Configuring Connections to the Subscribers' Directory
- Configuring Connections to the Services' Directory
- Configuring SRC-ACP Scripts and Classification
Configuring Logging Destinations for SRC-ACP
Use the following configuration statements to configure logging destinations for SRC-ACP:
shared acp configuration logger name ...shared acp configuration logger name file {filter filter;filename filename;rollover-filename rollover-filename;maximum-file-size maximum-file-size;}shared acp configuration logger name syslog {filter filter;host host;facility facility;format format;}Configuring Logging Destinations to Store Messages in a File
To configure logging destinations to store log messages in a file:
- From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called file-1 is configured in the config group.
user@host# edit shared acp group config configuration logger file-1 file- Specify the properties for the logging destination.
[edit shared acp group config configuration logger file-1 file]user@host# set ?For more information about configuring properties for the logging destination, see SRC-PE Monitoring and Troubleshooting Guide, Chapter 3, Configuring Logging for SRC Components with the CLI.
- (Optional) Verify your configuration.
[edit shared acp group config configuration logger file-1 file]user@host#show
filename var/log/acp_debug.log;rollover-filename var/log/acp_debug.alt;Configuring Logging Destinations to Send Messages to System Logging Facility
To configure logging destinations to send log messages to the system logging facility:
- From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called syslog-1 is configured in the config group.
user@host# edit shared acp group config configuration logger syslog-1 syslog- Specify the properties for the logging destination.
[edit shared acp group config configuration logger syslog-1 syslog]user@host# set ?For more information about configuring properties for the logging destination, see SRC-PE Monitoring and Troubleshooting Guide, Chapter 3, Configuring Logging for SRC Components with the CLI.
- (Optional) Verify your configuration.
[edit shared acp group config configuration logger syslog-1 syslog]user@host#show
filter /error-;host loghost;Configuring SRC-ACP Operation
Use the following configuration statements to configure how SRC-ACP operates:
shared acp configuration acp-options {backup-directory backup-directory;mode (edge | backbone | dual);event-cache-size event-cache-size;overload-method overload-method;reservation-timeout reservation-timeout;congestion-point-auto-completion;tuning-factor tuning-factor;subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message;network-bandwidth-exceed-message network-bandwidth-exceed-message;backup-database-maximum-size backup-database-maximum-size;remote-update-database-index-keys remote-update-database-index-keys;interface-tracking-filter interface-tracking-filter;state-sync-bulk-size state-sync-bulk-size;}To configure SRC-ACP operation:
- From configuration mode, access the configuration statement that configures SRC-ACP operation. In this sample procedure, the SRC-ACP operating properties are configured in the config group.
user@host# edit shared acp group config configuration acp-options- Specify the folder that stores backup information about subscribers, services, and congestion points.
[edit shared acp group config configuration acp-options]user@host# set backup-directory- Specify the regions of the network that SRC-ACP manages.
[edit shared acp group config configuration acp-options]user@host# set mode (edge | backbone | dual)- Specify the number of plug-in events from the SAE that SRC-ACP can store in its cache.
[edit shared acp group config configuration acp-options]user@host# set event-cache-size event-cache-size- Specify how SRC-ACP deals with situations in which the components exceed the allocated bandwidth because the service was activated after the authorization was granted.
[edit shared acp group config configuration acp-options]user@host# set overload-method overload-methodIf you specify -1, SRC-ACP ignores overload. An integer greater than or equal to 0 specifies the bandwidth (in bits per second) by which the maximum may be exceeded.
- Specify the time to wait before a bandwidth reservation expires. The reserved bandwidth is reclaimed by SRC-ACP when the reservation expires.
[edit shared acp group config configuration acp-options]user@host# set reservation-timeout reservation-timeout- Specify whether SRC-ACP uses the information acquired from the router to determine the congestion points.
[edit shared acp group config configuration acp-options]user@host# set congestion-point-auto-completion- Specify the factors that compensate for actual use of bandwidth, as opposed to allocated bandwidth.
[edit shared acp group config configuration acp-options]user@host# set tuning-factor tuning-factor- Specify the error message that SRC-ACP sends when the subscriber exceeds the allocated bandwidth.
[edit shared acp group config configuration acp-options]user@host# set subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message- Specify the error message that SRC-ACP sends when traffic flow exceeds the allocated bandwidth on an interface between the subscriber and the router.
[edit shared acp group config configuration acp-options]user@host# set network-bandwidth-exceed-message network-bandwidth-exceed-message- Specify the value by which the sum of the sizes of the files that contain SRC-ACP data can increment before SRC-ACP reorganizes the files.
[edit shared acp group config configuration acp-options]user@host# set backup-database-maximum-size backup-database-maximum-sizeChoose a value that is significantly lower than the capacity of the machine's hard disk.
- Specify the values to look for in the configuration data. Specifying index keys can improve performance by filtering the data.
[edit shared acp group config configuration acp-options]user@host# set remote-update-database-index-keys remote-update-database-index-keysThe value is a list of attributes, separated by commas. An attribute is one of the following text strings:
- accountingId—Value of directory attribute accountingUserId.
- dhcpPacket—Content of the DHCP discover request.
- hostname— Name of the host on which the SAE is installed.
- ifIndex—SNMP index of the interface. This attribute is not supported on JUNOS routing platforms.
- ifRadiusClass—RADIUS class attribute on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- ifSessionId—Identifier for RADIUS accounting on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- interfaceAlias—Alias of the interface; that is, the IP description in the interface configuration.
- interfaceDescr—SNMP description of the interface.
- interfaceName—Name of the interface.
- loginName—Subscriber's login name.
- nasInetAddress—IP address of the router; using a byte array instead of an integer.
- nasPort—NAS port used by the router to identify the interface to RADIUS.
- portId—Identifier of VLAN or virtual circuit. For a virtual circuit, use the format <VPI>/<VCI>. This attribute is not supported on JUNOS routing platforms.
- primaryUserName—PPP login name or the public DHCP username. This attribute is not supported on JUNOS routing platforms.
- routerName—Name of the virtual router in the format <virtualRouter>@<router>.
- routerType—Type of router driver.
- userInetAddress—IP address of the subscriber that uses a byte array instead of an integer.
- userMacAddress—MAC address of the DHCP subscriber. This attribute is not supported on JUNOS routing platforms.
- userRadiusClass—RADIUS class attribute of the subscriber session for a service. This attribute can occur multiple times and can be returned by an authorization plug-in.
- userType—Type of subscriber.
- Specify the interface tracking event to be ignored by SRC-ACP.
[edit shared acp group config configuration acp-options]user@host# set interface-tracking-filter interface-tracking-filterThe value is filter strings in the format of a list of <attribute>=<value> pairs. The filter strings can be contained within query operations.
- <attribute>—Name of an attribute for an interface tracking event. See value for the
remote-update-database-index-keys
option described in step 12.- <value>—Filtering string of the following types:
- *—Any value
- Explicit string—Any value matching the specified string (not case-sensitive)
- String containing an asterisk—Any value containing the specified string (not case-sensitive)
- To perform query operations on filter strings, you can use the following values in your filter strings:
- ()—Match no objects.
- (*)—Match all objects.
- (&<filter><filter>...)—Performs logical AND operation on filter strings; true if all filter strings match.
- (|<filter><filter>...)—Performs logical OR operation on filter strings; true if at least one filter string matches.
- (!<filter>)—Performs logical NOT operation on filter string; true if the filter string does not match.
- (Optional) Specify the number of events the SAE sends to SRC-ACP in a single method call during state synchronization.
[edit shared acp group config configuration acp-options]user@host# set state-sync-bulk-size state-sync-bulk-size- (Optional) Verify your configuration.
[edit shared acp group config configuration acp-options]user@host#show
Configuring CORBA Interfaces
Use the following configuration statements to configure CORBA interfaces for SRC-ACP:
shared acp configuration corba {acp-ior acp-ior;remote-update-ior remote-update-ior;}To configure CORBA interfaces:
- From configuration mode, access the configuration statement that configures CORBA interfaces for SRC-ACP. In this sample procedure, the CORBA interfaces are configured in the config group.
user@host# edit shared acp group config configuration corba- Export the object reference for SRC-ACP through either a local file or a Common Object Services (COS) naming service.
[edit shared acp group config configuration corba]user@host# set acp-ior acp-ior- Specify the object reference for the ACP external interface.
[edit shared acp group config configuration corba]user@host# set remote-update-ior remote-update-ior- (Optional) Verify your configuration.
[edit shared acp group config configuration corba]user@host#show
acp-ior file:///var/acp/acp.ior;remote-update-ior file:///var/acp/sra.ior;Configuring SRC-ACP Redundancy
Use the following configuration statements to configure SRC-ACP redundancy and state synchronization with the SAE:
shared acp configuration redundancy {enable-redundancy;local-ior local-ior;remote-ior remote-ior;ignore-user-tracking-out-of-sync;community-heartbeat community-heartbeat;community-acquire-timeout community-acquire-timeout;community-blackout-timeout community-blackout-timeout;redundant-naming-service redundant-naming-service;}To configure SRC-ACP redundancy and state synchronization with the SAE:
- From configuration mode, access the configuration statement that configures SRC-ACP redundancy. In this sample procedure, the properties are configured in the config group.
user@host# edit shared acp group config configuration redundancy- (Optional) Enable SRC-ACP redundancy.
[edit shared acp group config configuration redundancy]user@host# set enable-redundancy- Export the object reference for this SRC-ACP (local interface) through a Common Object Services (COS) naming service in a redundant SRC-ACP configuration.
[edit shared acp group config configuration redundancy]user@host# set local-ior local-ior- Resolves the object reference for the other SRC-ACP (remote interface) through a Common Object Services (COS) naming service in a redundant SRC-ACP configuration. For redundancy, the remote IOR value of one SRC-ACP must match the local IOR value of the other SRC-ACP.
[edit shared acp group config configuration redundancy]user@host# set remote-ior remote-ior- (Optional) Specify whether user tracking events should be ignored when they raise an OutOfSync exception to the SAE when state synchronization is enabled. SRC-ACP raises an OutOfSync exception when SRC-ACP handles service tracking or authentication events without receiving a user start event first.
[edit shared acp group config configuration redundancy]user@host# set ignore-user-tracking-out-of-sync- (Optional) Specify the time interval for community members to check each other's availability when both redundancy and state synchronization are enabled.
[edit shared acp group config configuration redundancy]user@host# set community-heartbeat community-heartbeat- (Optional) Specify the time to wait before trying to reacquire the distributed lock when both redundancy and state synchronization are enabled.
[edit shared acp group config configuration redundancy]user@host# set community-acquire-timeout community-acquire-timeout- (Optional) Specify the time to wait before regaining control when both redundancy and state synchronization are enabled.
[edit shared acp group config configuration redundancy]user@host# set community-blackout-timeout community-blackout-timeout- Export the object reference for the backup naming service through a local file or COS naming service in a redundant SRC-ACP configuration. The primary SRC-ACP registers the IOR and redundancy IOR to both naming services, while the secondary SRC-ACP registers the redundancy IOR to both naming services.
[edit shared acp group config configuration redundancy]user@host# set redundant-naming-service redundant-naming-service- (Optional) Verify your configuration.
[edit shared acp group config configuration redundancy]user@host#show
Configuring Connections to the Subscribers' Directory
Use the following configuration statements to configure how SRC-ACP connects to the directory that contains subscriber information:
shared acp configuration ldap subscriber-data {congestion-points-eventing;server-address server-address;server-port server-port;dn dn;principal principal;password password;event-dn event-dn;directory-eventing;polling-interval polling-interval;}To configure connections to the directory that stores subscriber information:
- From configuration mode, access the configuration statement that configures SRC-ACP connections to the subscribers' directory. In this sample procedure, the connections are configured in the config group.
user@host# edit shared acp group config configuration ldap subscriber-data- (Optional) Enable directory eventing for congestion points.
[edit shared acp group config configuration ldap subscriber-data]user@host# set congestion-points-eventing- Specify the list of primary and redundant servers that manage data for subscribers.
[edit shared acp group config configuration ldap subscriber-data]user@host# set server-address server-address- Specify the TCP port for the directory.
[edit shared acp group config configuration ldap subscriber-data]user@host# set server-port server-port- Specify the DN of the root of the directory.
[edit shared acp group config configuration ldap subscriber-data]user@host# set dn dn- Specify the DN used to authorize connections to the directory.
[edit shared acp group config configuration ldap subscriber-data]user@host# set principal principal- Specify the password used to authorize connections to the directory.
[edit shared acp group config configuration ldap subscriber-data]user@host# set password password- Specify the DN of the directory that contains event information.
[edit shared acp group config configuration ldap subscriber-data]user@host# set event-dn event-dn- (Optional) Enable directory eventing.
[edit shared acp group config configuration ldap subscriber-data]user@host# set directory-eventing- Specify the time interval at which the SRC component polls the directory.
[edit shared acp group config configuration ldap subscriber-data]user@host# set polling-interval polling-interval- (Optional) Verify your configuration.
[edit shared acp group config configuration ldap subscriber-data]user@host#show
Configuring Connections to the Services' Directory
Use the following configuration statements to configure how SRC-ACP connects to the directory that contains information about services:
shared acp configuration ldap service-data {edge-congestion-point-dn edge-congestion-point-dn;backbone-congestion-point-dn backbone-congestion-point-dn;reload-congestion-points;congestion-points-eventing;server-address server-address;server-port server-port;dn dn;principal principal;password password;event-dn event-dn;directory-eventing;polling-interval polling-interval;}To configure connections to the directory that stores service information:
- From configuration mode, access the configuration statement that configures SRC-ACP connections to the services' directory. In this sample procedure, the connections are configured in the config group.
user@host# edit shared acp group config configuration ldap service-data- Specify the DN of the directory that contains information about network interfaces for edge congestion points.
[edit shared acp group config configuration ldap service-data]user@host# set edge-congestion-point-dn edge-congestion-point-dn- Specify the DN of the directory that contains information about network interfaces for backbone congestion point objects.
[edit shared acp group config configuration ldap service-data]user@host# set backbone-congestion-point-dn backbone-congestion-point-dn- (Optional) Specify whether SRC-ACP detects changes in the backbone congestion point for a service while SRC-ACP is operative.
[edit shared acp group config configuration ldap service-data]user@host# set reload-congestion-pointsSet this value only when you want to modify a congestion point.
- (Optional) Enable directory eventing for congestion points.
[edit shared acp group config configuration ldap service-data]user@host# set congestion-points-eventing- Specify the list of primary and redundant servers that manage data for subscribers.
[edit shared acp group config configuration ldap service-data]user@host# set server-address server-address- Specify the TCP port for the directory.
[edit shared acp group config configuration ldap service-data]user@host# set server-port server-port- Specify the DN of the root of the directory.
[edit shared acp group config configuration ldap service-data]user@host# set dn dn- Specify the DN used to authorize connections to the directory.
[edit shared acp group config configuration ldap service-data]user@host# set principal principal- Specify the password used to authorize connections to the directory.
[edit shared acp group config configuration ldap service-data]user@host# set password password- Specify the DN of the directory that contains event information.
[edit shared acp group config configuration ldap service-data]user@host# set event-dn event-dn- (Optional) Enable directory eventing.
[edit shared acp group config configuration ldap service-data]user@host# set directory-eventing- Specify the time interval at which the SRC component polls the directory.
[edit shared acp group config configuration ldap service-data]user@host# set polling-interval polling-interval- (Optional) Verify your configuration.
[edit shared acp group config configuration ldap service-data]user@host#show
Configuring SRC-ACP Scripts and Classification
Use the following configuration statements to configure SRC-ACP scripts and classification:
shared acp configuration scripts-and-classification {script-factory-class script-factory-class;classification-factory-class classification-factory-class;classification-script classification-script;congestion-point-profile-script congestion-point-profile-script;extension-path extension-path;}To configure scripts and classification:
- From configuration mode, access the configuration statement that configures SRC-ACP scripts and classification. In this sample procedure, the properties are configured in the config group.
user@host# edit shared acp group config configuration scripts-and-classification- Specify the script factory class name.
[edit shared acp group config configuration scripts-and-classification]user@host# set script-factory-class script-factory-class- Specify the congestion point classifier factory class name.
[edit shared acp group config configuration scripts-and-classification]user@host# set classification-factory-class classification-factory-class- Specify the class name for congestion point classification.
[edit shared acp group config configuration scripts-and-classification]user@host# set classification-script classification-script- Specify the class name for generating the congestion point DN by using the congestion point profile.
[edit shared acp group config configuration scripts-and-classification]user@host# set congestion-point-profile-script congestion-point-profile-script- Specify the extension class path for classes not located in the /opt/UMC/acp/lib directory.
[edit shared acp group config configuration scripts-and-classification]user@host# set extension-path extension-path- (Optional) Verify your configuration.
[edit shared acp group config configuration scripts-and-classification]user@host#show