Configuring SRC-ACP
To use SRC-ACP in the SRC network, you must perform some configuration. For information about these configuration procedures, see:
- Configuring the SAE for SRC-ACP
- Configuring SRC-ACP Properties
- (Edge and dual mode only) Configuring SRC-ACP to Manage the Edge Network
- (Backbone and dual mode only) Configuring SRC-ACP to Manage the Backbone Network
Configuring the SAE for SRC-ACP
You must configure the SAE to recognize SRC-ACP by adding some information about SRC-ACP to the SAE properties. To do so:
- Configure SRC-ACP as an external plug-in for the SAE.
- Configure event publishers.
- (Backbone and dual mode only) Optionally, configure a hosted plug-in that monitors the state of interfaces on VRs.
Configuring SRC-ACP as an External Plug-In
To configure an external plug-in for the SAE, see SRC-PE Subscribers and Subscriptions Guide, Chapter 10, Overview of Configuring Plug-Ins for Solaris Platforms. Use the following values for the plug-in attributes:
- Value for edge and dual modes—PA_UPSTREAM_BANDWIDTH, PA_DOWNSTREAM_BANDWIDTH, PA_SERVICE_NAME, PA_ROUTER_NAME, PA_LOGIN_NAME, PA_USER_DN, PA_PORT_ID, PA_SESSION_ID, PA_USER_IP_ADDRESS, PA_NAS_IP, PA_USER_SESSION_ID, PA_EVENT_TIME
- Value for backbone mode—PA_UPSTREAM_BANDWIDTH, PA_DOWNSTREAM_BANDWIDTH, PA_SERVICE_NAME, PA_ROUTER_NAME, PA_SESSION_ID, PA_NAS_IP, PA_EVENT_TIME
Configuring Event Publishers
You must configure the SAE to publish the following types of events to SRC-ACP:
For information about configuring event publishers, see SRC-PE Subscribers and Subscriptions Guide, Chapter 11, Configuring Accounting and Authentication Plug-Ins with the SRC CLI. Identify the instance of SRC-ACP by the name of the host on which you configured it.
Configuring the SAE to Monitor Interfaces for Congestion Points
NOTE: Configure this feature only if SRC-ACP is in backbone or dual mode.
The SAE uses a hosted internal plug-in to monitor the state of interfaces on a VR for backbone congestion points. If a subscriber tries to activate a service on an interface that is unavailable, the SAE denies the request. The plug-in also monitors the directory for new backbone congestion points. To configure an internal plug-in for the SAE, see SRC-PE Subscribers and Subscriptions Guide, Chapter 10, Overview of Configuring Plug-Ins for Solaris Platforms and use the properties described in Internal Plug-In Properties for Monitoring Congestion Points.
When this plug-in initializes, it reads all the backbone services from the directory and generates a list of the DNs (network interfaces) of the backbone congestion points. The SAE sends interface tracking events, which contain the names of the interfaces, VRs, and routers to this plug-in. For this feature to work correctly, the interface, VR, and router must appear in o=AdmissionControl, o=umc (see Configuring Network Interfaces in the Directory).
Internal Plug-In Properties for Monitoring Congestion Points
Use the descriptions in this section to configure an internal plug-in for the SAE.
Plug-in Class
Plugin.acpIntfListener.host
- IP address or name of the host that supports the directory that contains backbone service definitions and network interfaces.
- Value—Plugin.acpIntfListener.host = <host>:<port>
Plugin.acpIntfListener.bindDN
- DN of the directory entry that defines the username with which the plug-in accesses the directory.
- Value—DN
- Default—Plugin.acpIntfListener.bindDN = cn=umcadmin,<base>
Plugin.acpIntfListener.bindPW
- Password with which the plug-in accesses the directory.
- Value—Text string
- Default—Plugin.acpIntfListener.bindPW = ssp
- Example—Plugin.acpIntfListener.bindPW = secret
Plugin.acpIntfListener.baseDN
- DN at which SRC-ACP stores backbone congestion points.
- Value—DN
- Default—Plugin.acpIntfListener.baseDN = o=CongestionPoints,<base>
Plugin.acpIntfListener.acpBaseDN
- DN at which SRC-ACP stores edge congestion points.
- Value—DN
- Default—Plugin.acpIntfListener.acpBaseDN = o=AdmissionControl,<base>
Plugin.acpIntfListener.timeout
- Maximum time that the plug-in waits for the router to respond.
- Value—Number of milliseconds in the range 0-2147483647
Plugin.acpIntfListener.objectref = objectref
- Object reference for the ACP plug-in, as defined in the field ACP.ior in the ACP's CORBA properties (see Configuring SRC-ACP Properties).
Plugin.acpIntfListener.<standardJNDISuffix>
Plugin.acpIntfListener.des.net.juniper.smgt.des.<property suffix>
- Standard Java Naming and Directory Interface (JNDI) and DES properties. For complete information about these properties, see SRC-PE Getting Started Guide, Chapter 37, Distributing Directory Changes to SRC Components on a Solaris Platform. The following list shows the properties you should include, with suggested values.
- Plugin.acpIntfListener.securityProtocol = ldaps
- Plugin.acpIntfListener.des.net.juniper.smgt.des.event_baseDN = o=CongestionPoints,<base>
- Plugin.acpIntfListener.des.net.juniper.smgt.des.enable_sysman = true
- Plugin.acpIntfListener.des.net.juniper.smgt.des.polling_interval = 30
- Plugin.acpIntfListener.des.net.juniper.smgt.des.connect.timeout = 10
- Plugin.acpIntfListener.des.net.juniper.smgt.des.retry_interval = 60
- Plugin.acpIntfListener.des.net.juniper.smgt.des.connectioncheck_interval = 60
- Plugin.acpIntfListener.des.net.juniper.smgt.des.signatureDN = <base>
- Plugin.acpIntfListener.des.net.juniper.smgt.lib.config.polling_timeout = 10
- Plugin.acpIntfListener.des.net.juniper.smgt.des.enable_eventing = true
- Plugin.acpIntfListener.des.net.juniper.smgt.des.share_connection = false
- Plugin.acpIntfListener.des.net.juniper.smgt.des.connection_manager_id = ACPIntfListener
Configuring SRC-ACP Properties
To configure SRC-ACP properties, you can use SDX Admin to modify ACP properties in I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
You can also use the SRC CLI. See Chapter 21, Configuring Admission Control with the SRC CLI.
Configuring Logging
To configure logging, see Configuring Logging Destinations for SRC-ACP. For information about configuring logging, see SRC-PE Monitoring and Troubleshooting Guide, Chapter 5, Managing SRC Log Files on a Solaris Platform.
Configuring SRC-ACP Operation
To configure how SRC-ACP operates:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure how SRC-ACP operates. See SRC-ACP Operating Properties.
SRC-ACP Operating Properties
In SDX Admin, you can modify the following SRC-ACP operating properties in the content pane for an SRC-ACP configuration.
ACP.backup.dir
- Folder that stores backup information about subscribers, services, and congestion points.
- Value—Absolute path or a path relative to opt/UMC/acp
- Default—backup
ACP.mode
- Edge—SRC-ACP operates in the edge region of network only.
- Backbone—SRC-ACP operates in the backbone region of the network only.
- Dual—SRC-ACP operates in both the edge and backbone regions of network.
ACP.backup.cacheSize
- Number of plug-in events from the SAE that SRC-ACP can store in its cache. Specifying a large number increases the efficiency of SRC-ACP, and minimizes the use of CPU resources; however, the amount of memory available for the cache will depend on the host's resources.
- Value—Integer in the range 0-4294967295
- Default—10000
ACP.overloadControl
- Specifies how SRC-ACP deals with situations where the components exceed the allocated bandwidth because the service was activated after the authorization was granted.
- Value—Integer in the range -1-4294967295
- -1—SRC-ACP ignores overload
- Integer greater than or equal to 0 - bandwidth (in bps) by which the maximum may be exceeded
ACP.INTFAutoCompletion
- Specifies whether SRC-ACP uses the information acquired from the router to determine the congestion points (see Deriving Edge Congestion Points).
- Value
ACP.BackgroundBandwidthTuningFactors
- Specifies factors that compensate for actual use of bandwidth, as opposed to allocated bandwidth.
- Value—List of tuning factors, separated by commas; each tuning factor is a floating number in the range 0-1
- Default—None
- Example—0.8, 0.9
UserBandwidthExceed.message
- Error message that SRC-ACP sends when the subscriber exceeds the allocated bandwidth.
- Value—Text string
- Default—User bandwidth exceeded
networkBandwidthExceed.message
- Error message that SRC-ACP sends when traffic flow exceeds the allocated bandwidth on an interface between the subscriber and the router.
- Value—Text string
- Default—Network bandwidth exceeded
ACP.backupDb.reorganizationSize
- Value by which the sum of the sizes of the files that contain ACP data can increment before SRC-ACP reorganizes the files. Reorganizing the files reduces their size.
- Value—Text string in the format <number>m or <number>g
- Default—100m
- Example—1g
- Guidelines—Choose a value that is significantly lower than the capacity of the machine's hard disk.
ACP.indexedDB.keys
- Values to look for in the configuration data. Specifying index keys can improve performance by filtering the data.
- Value—List of attributes, separated by commas; an attribute is one of the following text strings
- accountingId—Value of directory attribute accountingUserId.
- dhcpPacket—Content of the DHCP discover request.
- hostname— Name of the host on which the SAE is installed.
- ifIndex—SNMP index of the interface. This attribute is not supported on JUNOS routing platforms.
- ifRadiusClass—RADIUS class attribute on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- ifSessionId—Identifier for RADIUS accounting on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- interfaceAlias—Alias of the interface; that is, the IP description in the interface configuration.
- interfaceDescr—SNMP description of the interface.
- interfaceName—Name of the interface.
- loginName—Subscriber's login name.
- nasInetAddress—IP address of the router; using a byte array instead of an integer.
- nasPort—NAS port used by the router to identify the interface to RADIUS.
- portId—Identifier of VLAN or virtual circuit. For a virtual circuit, use the format <VPI>/<VCI>. This attribute is not supported on JUNOS routing platforms.
- primaryUserName—PPP login name or the public DHCP username. This attribute is not supported on JUNOS routing platforms.
- routerName—Name of the virtual router in the format <virtualRouter>@<router>.
- routerType—Type of router driver.
- userInetAddress—IP address of the subscriber; using a byte array instead of an integer.
- userMacAddress—MAC address of the DHCP subscriber. This attribute is not supported on JUNOS routing platforms.
- userRadiusClass—RADIUS class attribute of the subscriber session for a service. This attribute can occur multiple times and can be returned by an authorization plug-in.
- userType—Type of subscriber.
ACP.interfaceTracking.filters
- Interface tracking event to be ignored by SRC-ACP. Filtering the interface tracking events can improve performance and can reduce the amount of memory required for keeping the congestion points updated.
- Value—Filter strings in the format of a list of <attribute>=<value> pairs; that can be contained within query operations
- <attribute>—Name of an attribute for an interface tracking event. See value for the field ACP.indexedDB.keys.
- <value>—Filtering string of the following types:
- *—Any value
- Explicit string—Any value matching the specified string (not case-sensitive)
- String containing an asterisk—Any value containing the specified string (not case-sensitive)
- To perform query operations on filter strings, you can use the following values in your filter strings:
- ()—Match no objects.
- (*)—Match all objects.
- (&<filter><filter>...)—Performs logical AND operation on filter strings; true if all filter strings match.
- (|<filter><filter>...)—Performs logical OR operation on filter strings; true if at least one filter string matches.
- (!<filter>)—Performs logical NOT operation on filter string; true if the filter string does not match.
Configuring CORBA Interfaces
To configure CORBA interfaces for SRC-ACP:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure CORBA interfaces for SRC-ACP. See CORBA Interfaces Properties.
CORBA Interfaces Properties
In SDX Admin, you can modify the following SRC-ACP properties in the content pane for an SRC-ACP configuration.
ACP.ior
- Exports the object reference for SRC-ACP through either a local file or a Common Object Services (COS) naming service.
- Values—One of the following references
- <cosNameServer>—IP address or Domain Name System (DNS) name of COS naming server
- <KEY>—Object reference of SRC-ACP
- corbaname:rir#<KEY>—Exports object reference through COS naming service; resolve-initial-references (rir) function finds DNS name of COS naming server
ACP.syncRateAdapter.ior
- Object reference for the ACP external interface.
- Value—See value for the field ACP.ior.
- Default—file:///var/acp/sra.ior
- Property name—ACP.syncRateAdapter.ior
Configuring SRC-ACP Redundancy
To configure SRC-ACP redundancy:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure SRC-ACP redundancy. See SRC-ACP Redundancy Properties.
SRC-ACP Redundancy Properties
In SDX Admin, you can modify the following SRC-ACP properties in the content pane for an SRC-ACP configuration.
ACP.redundancy.enable
ACP.redundancy.local.ior
- In a redundant SRC-ACP configuration, exports the object reference for this SRC-ACP through a local file or COS naming service.
- Value—See value for the field ACP.ior.
- Default—None
- Example—corbaname::cosHost#0000000000000035...
ACP.redundancy.remote.ior
- In a redundant SRC-ACP configuration, exports the object reference for the other SRC-ACP through a local file or COS naming service.
- Value—See value for the field ACP.ior.
- Default—None
- Example—corbaname:rir#0000000000000035...
ACP.IgnoreUserOutOfSync
- Specifies whether user tracking events should be ignored when they raise an OutOfSync exception to the SAE when state synchronization is enabled. SRC-ACP raises an OutOfSync exception when SRC-ACP handles service tracking or authentication events without receiving a user start event first.
- Value
- true—Ignore user tracking events that raise an OutOfSync exception.
- false—Tracks all events; SRC-ACP raises an OutOfSync exception.
ACP.redundancy.bkpns.ior
- In a redundant SRC-ACP configuration, exports the object reference for the backup naming service through a local file or COS naming service. The primary SRC-ACP registers the IOR and redundancy IOR to both naming services, while the secondary SRC-ACP registers the redundancy IOR to both naming services.
- Value—See value for the field ACP.ior.
- Default—None
- Example—corbaname::cosHost#0000000000000035...
Configuring State Synchronization
Enabling state synchronization can affect performance because of resource consumption. To configure state synchronization with SAE:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure state synchronization. See State Synchronization Properties.
State Synchronization Properties
In SDX Admin, you can modify the following SRC-ACP properties in the content pane for an SRC-ACP configuration.
ACP.stateSync
ACP.stateSyncBulkSize
- Number of events the SAE sends to SRC-ACP in a single method call during state synchronization.
- Value—Integer
- Default—1
ACP.redundancy.community.heartbeat
- Time interval for community members to check each other's availability when both redundancy and state synchronization are enabled.
- Value—Number of seconds in the range 0-4294967295
- Default—30
ACP.redundancy.community.acquire_timeout
- Time to wait before trying to reacquire the distributed lock when both redundancy and state synchronization are enabled.
- Value—Number of seconds in the range 0-4294967295
- Default—15
ACP.redundancy.community.blackout_time
- Time to wait before regaining control when both redundancy and state synchronization are enabled.
- Value—Number of seconds in the range 0-4294967295
- Default—30
Configuring Connections to the Subscribers' Directory
To configure how SRC-ACP connects to the directory that contains subscriber information:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure connections to the subscriber's directory. See Subscriber Directory Properties.
Subscriber Directory Properties
In SDX Admin, you can modify the following SRC-ACP properties in the content pane for an SRC-ACP configuration.
NOTE: In the following descriptions, use the property name with the GlobalUserDatabase prefix if one directory supports all the components in the network. Use the property name with the <vrGroupName> prefix if you have partitioned the directory to provide information for different parts of the network through different VRs. For more information, see Working with Partitioned Directories.
server.address
- List of primary and redundant servers that manage data for subscribers.
- Value—List of IP addresses or hostnames separated by spaces
- Default—127.0.0.1
- Example—10.227.7.153
server.port
server.baseDN
- DN of the root of the directory.
- Value—List of attribute = value pairs separated by commas
- Default—o=users, o=umc
server.authDN
- DN used to authorize connections to the directory.
- Value—List of attribute = value pairs separated by commas
- Default—cn=umcadmin, o=umc
server.password
server.event_baseDN
des.enable_eventing
des.pollinginterval
- Time interval at which the SRC component polls the directory.
- Value—Number of seconds in the range 15-2147483647
- Default—30
server.intf_eventing
Configuring Connections to the Services' Directory
To configure how SRC-ACP connects to the directory that contains information about services:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Edit or accept the default values for the properties that configure connections to the service's directory. See Service Directory Properties.
Service Directory Properties
In SDX Admin, you can modify the following SRC-ACP properties in the content pane for an SRC-ACP configuration.
NOTE: In the following descriptions, use the property name with the GlobalServiceDatabase prefix if one directory supports all the components in the network. Use the property name with the <vrGroupName> prefix if you have partitioned the directory to provide information for different parts of the network through different VRs. For more information, see Working with Partitioned Directories.
server.address
- List of primary and redundant servers that manage data for services.
- Value—List of IP addresses or hostnames separated by spaces
- Default—127.0.0.1
- Example—10.227.7.153 10.227.7.125
server.port
server.baseDN
- DN of the root of the directory that stores data about services.
- Value—List of attribute = value pairs separated by commas
- Default—o=services, o=umc
server.authDN
- DN that SRC-ACP uses to authorize connections to the directory that stores data about services.
- Value—List of attribute = value pairs separated by commas
- Example—cn=umcadmin, o=umc
server.password
- Password that SRC-ACP uses to authorize connections to the directory that stores data about services.
- Value—Text string
- Default—admin123
server.event_baseDN
des.enable_eventing
des.pollinginterval
- Time interval at which SRC-ACP polls the directory.
- Value—Number of seconds in the range 15-2147483647
- Default—30
server.intfBaseDN
- DN of the directory that contains information about network interfaces for edge congestion points.
- Value—DN
- Default—o=AdmissionControl, o=umc
server.congestionPointBaseDN
- DN of the directory that contains information about network interfaces for backbone congestion point objects.
- Value—DN
- Default—o=CongestionPoints, o=umc
eventing.reloadCongestionPoints
- Specifies whether SRC-ACP detects changes in the backbone congestion point for a service while SRC-ACP is operative.
- Value
- Yes—SRC-ACP uses new information for the backbone congestion point as soon as SRC-ACP detects a change to the data in the directory.
- No—SRC-ACP uses new information for the backbone congestion point only after you stop and restart SRC-ACP.
- Guidelines—Set this field to Yes only when you want to modify a congestion point (see ). When you have modified the congestion point, reset this field to No.
- Default—No
server.intf_eventing
Configuring Eventing Properties for Databases
You can configure all directory eventing properties with SDX Admin for the subscriber and service databases. For information about configuring directory eventing properties, see SRC-PE Getting Started Guide, Chapter 37, Distributing Directory Changes to SRC Components on a Solaris Platform. If one directory supports all the components in the network, use the following constructions for the properties:
If, however, you have partitioned the directory, see Working with Partitioned Directories.
NOTE: For SRC-ACP, always set the value of the des.dispatcher_pool_size property to 1.
Working with Partitioned Directories
If you have partitioned the directory to provide information for different parts of the network through different VRs, you must define the Data Manager properties with SDX Admin. To do so:
- Access SDX Admin.
- In the navigation pane, highlight the entry I=ACP, ou=staticConfiguration, ou=Configuration, o=Management, o=umc.
- Click the Main tab in the ACP Configuration pane.
- Define the name of the VR group for each directory in the Property field by using the following formats.
<vrGroupName> is an arbitrary name that identifies the group of VRs in the partition.
- Define the VRs in the group by defining the property <vrGroupName>.vrs.
- Define the properties for connecting to the subscribers' directory and the services' directory by using the following format:
<vrGroupName><property>=<value>
For information about these properties, see Configuring Connections to the Subscribers' Directory and Configuring Connections to the Services' Directory.
- Define directory eventing properties for the subscriber's directory and the services' directory by using the format
<vrGroupName>.<des.Name>.des.<property>=<value>
For more information, see Configuring Eventing Properties for Databases.
<vrGroupName>.vrs
- List of VRs that support the user database or the service database.
- Value—List of VRs separated by spaces in the format: <vrName>@<routerName>
- <vrName>—Name of VR configured on the router
- <routerName>—Name of router on which the VR is configured
Example
In this example, the name of the VR group is vr1, and the group contains one VR called bigfoot@erx1.
VrUserDatabase.vr1vr1.factory.class.name = net.juniper.smgt.acp.UserLdapDataManagerFactoryvr1.server.address = 127.0.0.1vr1.server.port = 389vr1.server.baseDN = o=users,o=umcvr1.server.authDN = cn=umcadmin,o=umcvr1.server.password = admin123vr1.server.event_baseDN = o=umcvr1.server.signatureDN = o=umcvr1.des.enable_eventing = truevr1.des.pollinginterval = 30vr1.des.delegate_factory_initial = com.sun.jndi.ldap.LdapCtxFactoryvr1.des.connection_pool_size = 1vr1.des.dispatcher_pool_size = 1vr1.des.fake_delete = falsevr1.des.show_fake_delete = falsevr1.vrs = bigfoot@defaultConfiguring SRC-ACP Scripts and Classification
To configure scripts and classification, see Configuring SRC-ACP Scripts and Classification.
Configuring SRC-ACP to Manage the Edge Network
To configure SRC-ACP to manage the edge network you must:
- Configure network interfaces that represent locations of congestion points in the directory.
- Configure guaranteed bandwidths for subscribers.
- Assign network interfaces to subscribers.
- Configure guaranteed bandwidths for services.
See the following sections for details about these procedures.
You can configure objects in the directory by means of an LDAP client or by means of a network management database. These sections provide information about the LDAP attributes you must configure and their positions in the LDAP schema, as well as details on how to configure objects with SDX Admin. For detailed information about the LDAP schema, see the documentation on the SRC software distribution in the folder /SDK/doc/ldap.
Configuring Network Interfaces in the Directory
You must add network interfaces to the directory. For the edge network, you do so by specifying in the DN o=Admission Control, o=umc the network interfaces of the routers and the switches in the access network between subscribers and the SRC network. Table 18 shows the object class for network interfaces and the associated attributes.
Optional (For information about background bandwidths, see Allocating Bandwidth to Applications Not Controlled by SRC-ACP.)
Optional (For information about background bandwidths, see Allocating Bandwidth to Applications Not Controlled by SRC-ACP.)
To configure a network interface with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry o=Admission Control, o=umc, and right-click.
- Select New > NetworkDevice.
The New Network Device dialog box appears.
An object for the new network device appears in the navigation pane, and basic details for the new network device appear in the Main tab of the NetworkDevice pane.
- (Optional) Enter a description for the network device in the Description field, and click Save in the NetworkDevice pane.
- In the navigation pane, highlight the network device, and right-click.
- Select New > Network Interface.
The New Network Interface dialog box appears.
An object for the new network interface appears in the navigation pane, and basic details for the new network interface appear in the Main tab of the NetworkInterface pane.
![]()
- Complete the fields using the information in Bandwidth for Network Interfaces.
- Click Save in the NetworkInterface pane.
Bandwidth for Network Interfaces
Use the fields in this section to define bandwidth for network interfaces.
Downstream Prov. Rate
Upstream Prov. Rate
Downstream Background Bandwidth
- Downstream background bandwidths.
- Value—List of bandwidths separated by commas.
- Guidelines—Optional. For information about background bandwidths, see Allocating Bandwidth to Applications Not Controlled by SRC-ACP.
Upstream Background Bandwidth
- Upstream background bandwidths.
- Value—List of bandwidths separated by commas.
- Guidelines—Optional. For information about background bandwidths, see Allocating Bandwidth to Applications Not Controlled by SRC-ACP.
Configuring Bandwidths for Subscribers
You must configure bandwidths for subscribers that SRC-ACP manages in the edge region of the network.
If the access network between the subscriber and the router uses ATM, and all the traffic coming from one DSLAM travels on a single virtual path, you do not need to provision bandwidths for each subscriber. In this case, SRC-ACP can derive the congestion points from the router (see Deriving Edge Congestion Points.)
However, if the access network uses a protocol other than ATM, you must provide the information shown in Table 19 for each subscriber.
To configure bandwidths for subscribers with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry for the residential subscriber in o=users, o=umc.
- Click the Admission Control tab in the User pane.
- Enter the values for the fields using the information in Bandwidth for Subscribers.
- Click Save in the User pane.
![]()
Bandwidth for Subscribers
Use the fields in this section to configure bandwidths for subscribers.
Downstream Prov. Rate
- Provisioned downstream bandwidth.
- Value—Number of bits per second
- Guidelines—Mandatory. This rate is used if the subscriber bandwidth settings are not provided by remote update (through the API for ACP) or by the Downstream Sync Rate value.
- Default—No value
Upstream Prov. Rate
- Provisioned upstream bandwidth.
- Value—Number of bits per second
- Guidelines—Mandatory. This rate is used if the subscriber bandwidth settings are not provided by remote update (through the API for ACP) or by the Upstream Sync Rate value.
- Default—No value
Downstream Sync Rate
- Actual downstream bandwidth for the current subscriber session.
- Value—Number of bits per second
- Guidelines—If you do not set this value and it is not provided by remote update (through the API for ACP), then the Downstream Prov. Rate value is used.
- Default—No value
Upstream Sync Rate
- Actual upstream bandwidth for the current subscriber session.
- Value—Number of bits per second
- Guidelines—If you do not set this value and it is not provided by remote update (through the API for ACP), then the Upstream Prov. Rate value is used.
- Default—No value
Assigning Network Interfaces to Subscribers
You must assign to the subscriber object interfaces (including the router interfaces) for all congestion points between the subscriber and the router. Table 19 shows the LDAP attribute for this type of network interface.
NOTE: You must define the interface in the directory before you can assign it to a residential subscriber (see Configuring Network Interfaces in the Directory).
To assign an interface with SDX Admin:
- Start at the Admission Control pane for the subscriber (see Figure 46).
- Click the
icon below the Interfaces field.
The Select Object dialog box appears.
You can shift-click or control-click network devices to select multiple options.
The network devices appear in the User pane.
The network devices appear in the Scopes field of the pane.
- Highlight a network device.
- Modify the DN of the network device to include the interface location.
- Click Modify.
Repeat Steps 6 to 8 for each interface associated with a congestion point for this subscriber.
Configuring Bandwidths for Services
Upstream and downstream bandwidths must be specified for services that SRC-ACP manages. You can obtain bandwidths for services in two ways:
- Provide static values through the directory.
- Allow the values to be provided through the SAE core API.
For example, a business partner may need to specify the required values for a particular piece of content through the SAE core API.
Table 20 shows the LDAP attributes for these services.
To configure values for services with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry for the service in o=Services, o=umc.
- Click the Admission Control tab in the SSP Service pane.
![]()
- Enter the values for the Required Downstream Bandwidth and the Required Upstream Bandwidth fields.
- Click Save in the SSP Service pane.
Configuring SRC-ACP to Manage the Backbone Network
To configure SRC-ACP to manage the backbone network, you must:
- Configure network interfaces that represent locations of congestion points in the directory.
- (Optional) Configure an action congestion point.
- Configure guaranteed bandwidths for services.
- Assign network interfaces to services.
- Create congestion points in the directory.
- Assign network interfaces to congestion points.
Refer to the following sections for details about these procedures.
Configuring Network Interfaces in the Directory
You configure network interfaces in the directory in the same way for edge and backbone congestion points. However, for backbone congestion points, you can add only VRs and their interfaces. For information about this procedure, see Configuring Network Interfaces in the Directory.
Extending SRC-ACP Congestion Points
You can extend SRC-ACP congestion points to initialize and execute applications defined in a backbone congestion point. SRC-ACP provides a service provider interface (SPI) to:
- Create custom congestion point applications that authorize service activation and track service start and stop events.
- Obtain congestion point information from remote update.
- Retrieve congestion point status.
- Track congestion point state.
The SPI for ACP provides a Java interface that a congestion point application implements. For information about the SPI for ACP, see the documentation in the SRC application library distribution in the folder SDK/doc/acp.
The implementation of the SPI for ACP can be a customized application that performs certain tasks, such as creating or removing congestion points on the router. SRC-ACP acts as an interface tracking plug-in, and interface tracking events are treated as remote updates for congestion points when they are created, modified, or removed.
SRC-ACP supports applications written in Java or Jython. For scripts written in Java, you must compile and package the implemented SPI for ACP to make it available for use by SRC-ACP. A Java implementation can include more than one Java archive (JAR) file.
To use congestion point applications with SRC-ACP, configure an action congestion point that references the script (see Configuring Action Congestion Points).
Configuring Action Congestion Points
You can define an application in a backbone congestion point so that SRC-ACP can execute it in a predefined manner. Backbone congestion points that are configured to run an application are called action congestion points. If you want to use an action congestion point to execute an application that requires real-time congestion point status, you must enable SRC-ACP state synchronization with the SAE (see Configuring State Synchronization).
Before you configure an action congestion point, make sure that you know the location of the application file.
To configure an action congestion point with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry for the network interface in o=Admission Control, o=umc.
- Click the Action tab.
The Action tab appears in the NetworkInterface pane.
![]()
- URL—URL to identify the location of script file
- Python—Jython source code
- Java Class—Compiled Java class file
- Java Archive—Java archive file (.jar)
- In the Class Name field, enter the class name of the Java or Python class implementing the SPI.
- In the File/URL field, enter the URL, or click Load to add a file.
The Load data dialog box appears. For information about loading scripts, see Managing Files from the Load Data Dialog Box.
The URL or the content of the script file appears in the File/URL box.
If you want to remove the URL or file, click Clear.
- In the entry box below the Parameters field, enter the parameter as an attribute=value pair, and click Add.
The entry appears in the Parameters field.
- Highlight the entry so that it appears in the entry box below the Parameters field.
- Make your changes to the entry, and click Add to add a new entry, or click Modify to change the selected entry.
The modified entry appears in the Parameters field.
Managing Files from the Load Data Dialog Box
If you click Load in the Files/URL box, the Load data dialog box appears.
![]()
You can manipulate files and folders from the Load data dialog box.
- Select the directory that contains the script that implements the application, and then select the file.
Type the path to the script file in the Selection box.
If a JAVA implementation includes more than one JAR file, use commas to separate file URL entries, or enter one URL per line.
The content of the script file appears in the File/URL box.
- To create a new folder, click New Folder.
- To remove a file, select a file or enter its path in the Selection box, and click Delete File.
- To rename a file:
The Rename File dialog box appears.
Configuring Bandwidths for Services
You configure bandwidths for services in the same way for edge and backbone congestion points. For information about this procedure, see Configuring Bandwidths for Services.
Configuring Congestion Points for Services
You must assign a congestion point to each service that SRC-ACP manages. Table 21 shows the LDAP attributes for a backbone congestion point.
To configure values for services with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry for the service in o=Services, o=umc.
- Click the Admission Control tab in the SSP Service pane.
- In the entry box below the Congestion Points field, enter the name of one congestion point; see Table 21 for information about the format of this entry.
- Click the Add button.
The entry appears in the Congestion Points field.
Configuring Congestion Points in the Directory
You must add backbone congestion points to the directory in o=CongestionPoints, o=umc. Table 21 shows the LDAP attribute for a backbone congestion point.
To configure an individual backbone congestion point in the directory with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry o=CongestionPoints, o=umc, and right-click.
- Select New > Congestion Point.
The New Congestion Point dialog box appears.
The new object appears in the navigation pane, and basic details for the object appear in the Main tab of the Congestion Point pane.
- (Optional) Enter a description for the VR in the Description field, and click Save in the NetworkDevice pane.
- In the navigation pane, highlight the VR, and right-click.
- Select New > Congestion Point.
The New Congestion Point dialog box appears.
The new object appears in the navigation pane, and basic details for the object appear in the Main tab of the Congestion Point pane.
To add all backbone congestion points for all VRs in the directory:
- Access SDX Admin.
- In the navigation pane, highlight the entry o=CongestionPoints, o=umc, and right-click.
- Select New > Create CongestionPoints.
The VRs and the services they support appear in the folder.
Assigning Interfaces to Congestion Points
You must assign interfaces either to VRs or to individual services under the VRs in o=CongestionPoints, o=umc. Services inherit interface assignments from the associated VR unless you assign an interface to the individual service. The LDAP attribute for this network interface is called interfaceRef and it lists the DNs of interfaces associated with backbone congestion points.
To assign interfaces to congestion points with SDX Admin:
- Access SDX Admin.
- In the navigation pane, highlight the entry in o=CongestionPoints, o=umc to which you want to assign the congestion point.
- Click the
icon below the Interfaces field.
The Select Object dialog box appears.
You can shift-click or control-click network devices to select multiple options.
The network devices appear in the User pane.
The network devices appear in the Scopes field of the pane.
Repeat Steps 3 to 6 for each interface associated with a congestion point for this subscriber.
Defining a Congestion Point Profile
You can create a congestion point profile that automatically performs congestion point classification. This profile supports only access network mode for SRC-ACP.
The congestion point profiles are stored in the directory under o=congestionPoints, o=umc.
To define a congestion point profile:
- In SDX Admin under UMC, right-click CongestionPoints, select New, and then select Congestion Point Profile.
The New Congestion Point Profile dialog box appears.
The Congestion Point Profile pane appears in the content area.
![]()
- Enter a congestion point expression in the box below the Expression box, and then click Add. For information about congestion point expressions, see Congestion Point Expressions.
Congestion Point Expressions
You can enter a congestion point expression by using the syntax listed in this section. You can also embed Python scripting expressions within the congestion point expression.
If you embed Python expressions within a congestion point expression, use the escape sequence <- then -> to enclose the Python expression. See Methods for Use with Scripting Expressions and Match Criteria for Congestion Point Classification.
The syntax for a congestion point expression is:
<NetworkDevice>/<NetworkInterface>[/<CongestionPoint>]
For information about network devices, see SRC-PE Network Guide, Part 2, Using Juniper Networks Routers in the SRC Network.
For information about interfaces, see SRC-PE Subscribers and Subscriptions Guide, Chapter 7, Classifying Interfaces and Subscribers on a Solaris Platform.
If one of the elements with the path contains a slash (/), use a backslash (\) as an escape character for the slash. For example, \/.
Expressions in Templates for Congestion Point Profiles
You can create a congestion point profile to be used as a template for other profiles. Templates simplify management of congestion points. Rather than configuring each congestion point individually, you can create templates to define common parameters for a class of individual congestion points.
For example, in an environment in which VLAN interfaces GigabitEthernet1/0.1 through GigabitEthernet1/0.1000 have the same available bandwidth, you can specify the characteristics of the VLAN interface once and have SRC-ACP create the congestion points based on the template configuration.
When a congestion point expression has the third element, SRC-ACP uses the <NetworkDevice>/<NetworkInterface> part of the expression to load the congestion point from the directory, and uses it as a template to create a congestion point in memory for subscriber. The <CongestionPoint> part of the expression distinguishes each congestion point (available bandwidth) created from this template.
Methods for Use with Scripting Expressions
SRC-ACP provides the following methods to use in scripting expressions:
Example—slot("atm 4/5:0.32") == "4"
Example—port("atm 4/5:0.32") == "5"
Example—l2id("atm 4/5:0.32") == "0.32"
Example—escape("atm 4/5") == "atm 4\/5"
You can extend the scripting library by creating the file lib/localCPLib.py in the ACP installation directory, by default /opt/UMC/acp/lib/localCPLib.py. SRC-ACP reads the definitions in this file at startup, after which they are available for processing.
Match Criteria for Congestion Point Classification
You can use the following match criteria in Python scripting expressions for a congestion point expression:
- ifSessionId—Identifier for RADIUS accounting on the JUNOSe interface.
- authUserId—Identifier that a subscriber uses for authentication.
- domain—Name of the domain used for secondary authentication.
- radiusClass—RADIUS class attribute of the service definition.
- routerName—Name of virtual router in the format <virtualRouter>@<router>.
- interfaceName—Name of the interface, such as fastEthernet3/1.
- interfaceAlias—Alias of the interface; that is, the IP description in the interface configuration.
- interfaceDescr—SNMP description of the interface, such as IP3/1.
- portId— Identifier of VLAN or virtual circuit. For a virtual circuit, use the format <VPI>/<VCI>.
- nasPort—Network access server (NAS) port.
- sspHost—Name of host on which SAE is installed.
- IfRadiusClass—RADIUS class attribute on the JUNOSe interface.
- ServiceBundle—Service bundle vendor-specific attribute for RADIUS. A user authorization plug-in returns this attribute to the SAE.
- loginName—Subscriber's login name. The format of the login name varies.
- primaryUserName—PPP login name or the public DHCP username.
- accountingId—Value of directory attribute accountingUserId.
- userDn—Distinguished name of a subscriber in the directory.
- userMacAddress—Media access controller (MAC) address of a DHCP subscriber.
- dhcpPacket—Content of the DHCP discover request in the format:
For more information, see RFC 2131—Dynamic Host Configuration Protocol (March 1997) and RFC 2132—DHCP Options and BOOTP Vendor Extensions (March 1997).
- userType—Type of subscriber.
- sessionId—Identifier of RADIUS session for the subscriber session.
- userIp—IP address of the subscriber.
- nasIp—IP address used to communicate with the server.
Examples of Congestion Profiles
This section provides examples of expressions used in congestion point profiles.
Profile for Gigabit Ethernet Interface
In the following example, a subscriber who is connecting to router test@erx through interface GigabitEthernet1/0.1, has the congestion point:
"subInterface=1,interfaceName=GigabitEthernet1/0,orderedCimKeys=test@erx,o=Ad missionControl,o=UMC"This congestion point is created from a congestion point template:
"interfaceName=GigabitEthernet1/0,orderedCimKeys=test@erx,o=AdmissionControl,o =UMC"The following congestion point expression is configured for the congestion point profile cn=vlan, o=CongestionPoints, o=umc:
NOTE: The following example is a single expression that should be entered on a single line.
<-routerName->/<-interfaceName[:interfaceName.find('.')]->/<-interfaceName[interfaceName.find('.')+1:]->Profile That Contains Three Congestion Points
In the following example, a subscriber who is connecting to router test@erx through interface atm 4/5:0.32 will have three congestion points:
interfaceName=atm4, orderedCimKeys=
test@erx, o=AdmissionControl, o=UMCinterfaceName=atm4/5, orderedCimKeys=test@erx, o=AdmissionControl,
o=UMCinterfaceName=atm4/5:0.32, orderedCimKeys=test@erx, o=AdmissionControl, o=UMC
SRC-ACP automatically appends o=AdmissionControl, o=UMC.
This profile creates the same congestion points that are created by the ATM autocompletion feature, which is available in this version as well as previous versions of SRC-ACP.
The following congestion point expressions are configured for the congestion point profile cn=atm, o=CongestionPoints, o=umc:
<-routerName->/<-escape(portId.replace(' ',''))-><-routerName->/<-escape(portId[:portId.rindex('.')].replace(' ',''))-><-routerName->/<-escape(portId[:portId.rindex(':')].replace(' ',''))->Profile That Uses Congestion Point Templates
In the following example, the congestion points are dynamically created based on templates for the expressions. When you use a template, you specify parameters for the <NetworkDevice>/<NetworkInterface> part of the expression. This part refers to a network interface object in the directory that defines the parameters of the congestion point; that is, the available bandwidth.
The following congestion point expressions are configured for the congestion point profile cn=atm, o=CongestionPoints, o=umc:
<-routerName->/VCI/<-portId-><-routerName->/VPI/<-portId[:portId.rindex('.')] -><-routerName->/PHY/<-portId[:portId.rindex(':')] ->
- VCI—Provides parameters for the virtual channel
- VPI—Provides parameters for the virtual path
- PHY—Provides parameters for the physical interface terminating on a JUNOSe router
Changing and Removing a Congestion Point Profile
To change configuration of a congestion point profile:
- In SDX Admin, select the congestion point profile.
- In the Congestion Point Profile pane, select the expression to change in the Expression box, and click Modify.
- Make changes to the expression, and click Add.