Classifying Congestion Points
Use the following configuration statements to configure congestion point classification scripts:
shared acp congestion-point-classifier rule name {target target;script script;}shared acp congestion-point-classifier rule name condition name ...Changes that you make to classification scripts do not affect subscriber sessions that are already established.
Configuring Targets and Criteria for Classification Scripts
To define a target and criteria for the congestion point classification script:
- From configuration mode, access the configuration statement that configures congestion point scripts. In this sample procedure, the scripts are configured in the config group.
user@host# edit shared acp group config congestion-point-classifier rule nameEnter a name for the congestion point classification script.
- Specify the target for the classification script.
[edit shared acp group config congestion-point-classifier rule name]user@host# set target targetFor information about classification targets, see Configuring Congestion Point Classification Targets.
- Specify the classification criteria for the target.
[edit shared acp group config congestion-point-classifier rule name]user@host# set script scriptFor information about classification criteria, see Selecting Congestion Point Classification Criteria.
Configuring Classification Scripts Contents for Classification Scripts
To use the contents of a classification script to another object for the congestion point classification script:
- Access the configuration statement that configures congestion point scripts from configuration mode. In this sample procedure, the scripts are configured in the config group.
user@host# edit shared acp group config congestion-point-classifier rule name condition name ...Enter a name for the congestion point classification script and the name of the classification script that you want to use.
Configuring Congestion Point Classification Targets
The target of the congestion point classification script is an LDAP search string. The search string uses a syntax similar to an LDAP URL (see RFC 2255—The LDAP URL Format (December 1997)). The syntax is:
baseDN [ ? [ attributes ] [ ? [ scope ] [ ? [ filter ] ] ] ]
- baseDN—Distinguished name (DN) of the object where the LDAP search starts.
- attributes—Is ignored.
- scope—Scope of search in the directory:
- base—Default; searches the base DN only.
- one—Searches the direct children of the base DN.
- sub—Searches the complete subtree below the base DN.
- filter—An RFC 2254-style LDAP search filter expression; for example, (uniqueId=<-userName->). See RFC 2254—The String Representation of LDAP Search Filters (December 1997).
With the exception of baseDN all the fields are optional.
The result of the LDAP search must be exactly one directory object. If no object or more than one object is found, congestion points for the subscriber are not loaded and all service activations for the subscriber are denied.
Selecting Congestion Point Classification Criteria
Congestion point classification criteria define match criteria that are used to find the congestion point profile. Use the fields in this section to define classification criteria.
accountingId
authUserId
dhcpPacket
For more information, see RFC 2131—Dynamic Host Configuration Protocol (March 1997) and RFC 2132—DHCP Options and BOOTP Vendor Extensions (March 1997).
domain
- Name of the domain used for secondary authentication.
- Value—Valid domain name
- Example—domain="isp99.com"
ifRadiusClass
- RADIUS class attribute on the JUNOSe interface.
- Value—RADIUS class name
- Example—ifRadiusClass="acpe"
ifSessionId
interfaceAlias
- Description of the interface.
- Value—Interface description that is configured on the JUNOSe router with the
interface ip description
command- Example—interfaceAlias="dhcp-subscriber12"
interfaceDescr
ip<slot>/<port>.<subinterface>On the JUNOS routing platform, interfaceDescr is the same as interfaceName. interfaceName
- Name of the interface in your router CLI syntax
- FORWARDING_INTERFACE for routing instance (used by traffic mirroring)
For JUNOS routing platforms: interfaceName="fe-0/1/0.0"
For forwarding interface: interfaceName="FORWARDING_INTERFACE"
loginName
- Subscriber's login name.
- Value—Login name
- Guidelines—The format of the login name varies. A loginName can be of form subscriber, domain\subscriber, subscriber@domain, or as otherwise defined by the login setup of the manager.
- Example—idp@idp
nasIp
nasPort
- Port identifier of an interface.
- Value—Includes interface name and additional layer 2 information
- Example—nasPort="fastEthernet 3/1" (There is a space between fastEthernet and slot number 3/1 in the nasPort field.)
portId
- Identifier of VLAN or virtual circuit.
- Value—String; for a virtual circuit, use the format <VPI>/<VCI>
primaryUserName
radiusClass
- RADIUS class attribute of the service definition.
- Value—RADIUS class name
- Example—radiusClass="Premium"
routerName
- Name of virtual router.
- Value—Virtual router name in the format <virtualRouter>@<router>
- Example—routerName="default@e_series5"
sessionId
serviceBundle
- Content of the RADIUS vendor-specific attribute for the service bundle.
- Value—Name of a service bundle
- Example—serviceBundle="goldSubscriber"
sspHost
userDn
userIp
userMacAddress
- Media access control (MAC) address of the DHCP subscriber.
- Value—Valid MAC address
- Example—userMacAddress="00:11:22:33:44:55"
userType