Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

How to Configure APM

This section describes configuration tasks for Address Pool Manager (APM).

APM Configuration Overview

You use the APM CLI when you configure APM to manage address pools in the network. The APM CLI is a simplified, limited, containerized version of Junos OS. To use the APM CLI, you should have basic knowledge of the Junos OS CLI. Day One: Exploring the Junos CLI provides a good overview of Junos OS CLI basics. The CLI User Guide provides more detailed information.

Before you begin configuring APM for a network, make sure that you know the following:

  • The system identifiers that APM will manage.

  • The names of the centralized address pool partitions.

  • The apportion and reclaim threshold that you would like to use on the BNGs.

  • Your detailed strategy for partitioning APM’s centralized pool of addresses, including:

    • The size of the prefixes to partition from the address space; for example, whether the prefixes are /15, /22, /24, and so on.

    • The set of addresses for APM to allocate for each BNG.

Here are the primary operations you'll perform to configure APM:

  • Configure pool-domain-profiles that you use in the entity-match configuration to drive pool-domain creation and management. Each pool domain profile describes apportion and reclaim thresholds and auto-reclamation behavior. See Configure Pool Domain Profiles

  • Configure partitions to contain root prefixes for supplying pool-domains with pool prefixes. See Configure Prefix Partitions

  • Configure entity-match stanzas which match against known system Ids (BNGs) to enable communications with a BNG.

Access Configuration Mode from the APM Utility

Here's how to access the set of CLI commands for configuring APM:

  1. Access the CLI from the utility command prompt.
  2. Enter configuration mode from the basic CLI prompt.
  3. Enter CLI statements to configure the APM-managed BNGs, pool domains, pools, and system attributes.
  4. Save and activate the configuration. This command succeeds only when there are no configuration syntax errors.
  5. (Optional) Exit configuration mode and return to the top-level CLI prompt.

Now you're ready to start configuring APM.

Access CLI Operational Commands

To monitor APM, view APM configuration and statistics, or run certain operations manually:

  1. Use the APM utility command apm cli to access the top-level CLI prompt.
  2. Enter specific commands.

    • Use show commands to display statistics and the relationships between partitions, BNGs, pool domains, and pools.

    • Use request commands to manually initiate certain APM operations.

Configure an External Syslog Server

APM can export logs generated from the mgmt, addrman, entman, and provman microservices to a syslog collector (server). To export logs to a syslog collector, a syslog host must be configured.

If APM detects that the Broadband Edge (BBE) Event Collection and Visualization application is deployed on the same cluster as APM, the generated factory default configuration includes the BBE Event Collection and Visualization IP Address and ingress port as part of the syslog configuration.

If you supply your own initial configuration file, a syslog configuration must be added to enable export of APM logs.

Add the following configuration:

Configure TACACS+ Authentication

APM supports TACACS+ for central authentication of users on network devices. To use TACACS+ authentication on the device, you (the network administrator) must configure information about one or more TACACS+ servers on the network.

For information about configuring TACACS+ authentication, see TACACS+ Authentication.

Configure Prefix Partitions

Partitions are a way to organize your root prefixes (those prefixes from which prefixes are used to supply entities with pools). Consider using multiple partitions for:

  • Wholesaling applications— Wholesale subscribers who need to have addresses assigned from pools with prefixes that are different from the native subscribers.

  • Peering applications—Entities that need prefixes that align with the route aggregation policy for the network peering point they are associated with.
Note:

You can configure partitions (from which pool prefixes are drawn) from entities and BNG CUPS (individual user planes). Unless you have a reason for multiple partitions, a single partition results in a more efficient use of prefixes.

Configure the global pool of IPv4 addresses into partitions from which APM allocates addresses to individual BNG pools.

  1. Create a partition. In practice, you create and configure as many partitions as you need to implement your address allocation strategy.
  2. (Optional) Configure a lower limit and an upper limit on the valid prefix length for the root prefixes in the partition.

    The prefix length for root prefixes that you add to the partition must be within the range defined by these limits.

  3. (Optional) Configure the minimum threshold percentage for free (unallocated) prefixes in the partition. When the percentage drops below this value, the Address Manager generates a warning-level log message to warn APM that the partition is running low on available addresses. The notification is informative and triggers no other actions.
  4. Configure a root prefix for the partition. APM subdivides the root prefix into subnetworks to provision addresses for a BNG’s pool domains. You typically configure more than one root prefix per partition.

    1. (Optional) Specify the smallest subnetwork that APM can subdivide from this root prefix.

      The max-length value represents the number of bits in the prefix length for the root prefix.

      • A higher number specifies a longer prefix, which corresponds to a smaller subnetwork with fewer hosts.

      • A lower number specifies a shorter prefix, which corresponds to a larger subnetwork with more hosts.

    2. (Optional) Reserve one or more subnetworks that cannot be allocated from this partition. You must qualify the reservation by restricting it to a specified BNG or even to a specified pool domain on that BNG.

    3. (Optional) Specify route tag metrics in a list. You use route tags to construct discard routes for the apportioned prefix on the BNG. Each time APM allocates a prefix from the root prefix in a partition, it assigns a route tag from the list of configured route tags in a round-robin fashion.

  5. (Optional) Configure a timer, in seconds, for APM to suspend the prefix before returning the prefix to the partition. After APM returns the prefix to the partition, it can re-allocate the prefix on an as-needed basis. The prefix-recycle-hold is a value between 30 and 3600 seconds.

Configure Pool Domain Profiles

Configure a template with attributes that you can use to create dynamic pool domains.

  1. Create or modify a pool domain profile.
  2. Configure the pool monitoring attributes (apportion threshold and reclaim threshold) on the BNG.
    • The apportion threshold is the minimum number of free addresses in the domain pool that triggers the BNG router to send an apportion alarm to APM.
    • The reclaim threshold value indicates the number of free addresses. APM compares the configured reclaim threshold value with a computed threshold value and uses the larger value. You compute the threshold value using this equation: computed reclaim threshold = apportion threshold + (prefix count * 2^(32 – preferred prefix length)) + 1
    • The hold-down timer suspends any potential reclaim event for a pool domain for the specified duration after an apportion event. You can set the reclamation-hold-down between 1 to 3600 seconds (default is 60 seconds), the reclamation-hold-down value should be greater than the computed threshold value.
  3. (optional) Configure reclamation rules that the BNG router follows for the pool.
    • Specify whether automatic reclamation is always active or whether to use a window period for reclamation.
    • The window-duration option specifies how long the reclamation window stays open.
    • The window-start option specifies the daily start time scheduled for the reclamation. The window for reclamation is open for the length of the window duration.

Configure Attributes for Managing BNGs

Configure attributes that identify a managed BNG and define the pool domains on the BNG.

The entity-match list maps valid entities to a pool domain profile. The entity-match command directs incoming APM entities to a pool domain profile. APM reconciles it's pool domains with the BNG’s list such that the APM list matches the BNGs list. If an APM entity (identified by its system-id) is not present in the entity-match list, it's not allowed to connect and the connection is aborted.

Configure a Secure Incoming Connection for APM

With APM, you can secure an incoming connection by defining secrets and you can use the entity-match command to map valid entities to a pool-domain-profile.

  1. Specify the number of entity clients that are allowed to connect to the APM server.
  2. Specify the APM security parameters for incoming APM connections. For dynamically managed BNGs, use the entity-clients command to define any secrets used to secure the incoming connection.
    Note:

    The filenames provided in this configuration must match the security key and certificate files you provided during the setup.

    • Specify root public key certificate file.

    • Specify the private key file for APM.

    • Specify the certificate file for APM.

Monitor APM Operations

Purpose

Use the APM show commands to display status and address utilization information about all BNGs that are under management. You can add qualifiers to the commands to display information more specifically by partition and pool domain.

From configuration mode, exit to the top-level CLI prompt, and then enter the required show commands.

Action

  • Display the overall prefix utilization; that is, how many prefixes APM has available, reserved, or allocated, for all partitions.

  • Display the prefix utilization for a single partition.

  • Display the prefix utilization for a single partition and prefix.

  • Display information about all associated BNGs.

  • Display detailed information about a specific BNG.

  • Display detailed information about a BNG’s pool domain.

  • Display the number of allocations made by each partition.

  • Display information about how addresses are allocated for a specific partition across all BNGs.

  • Display information about how addresses are allocated for all partitions on a specific BNG.

  • Display information about how addresses are allocated for one partition on a specific BNG.