- play_arrow Subscriber-Aware and Application-Aware Traffic Treatment Overview
- play_arrow Subscriber-Aware and Application-Aware Traffic Treatment Overview
-
- play_arrow Applying Subscriber-Aware and Application-Aware Policies and Services
- play_arrow Configuring the Service PIC, Session PIC, and TDF Gateway
- TDF Gateway Service PICs and Session PICs for Subscriber-Aware Traffic Treatment
- Configuring Service PICs and Session PICs Overview
- Preconfigured Groups for Service PICs and for Session PICs Overview
- Configuring a Services Interface for a Session PIC or Service PIC
- Configuring a TDF Gateway
- Making Predefined Groups Available for Session PIC and Service PIC Configuration
- Configuring Service PICs
- Configuring Session PICs
- Configuring Tracing for TDF Gateway
- play_arrow Configuring Application Identification
- play_arrow Configuring HTTP Header Enrichment
- play_arrow Configuring Policy and Charging Enforcement
- Understanding Junos Subscriber Aware Policy and Charging Enforcement Function (PCEF)
- Understanding Predefined Policy and Charging Control Rules for Subscriber-Aware Traffic Treatment
- Understanding How Subscriber-Aware Policy and Charging Control Rules Are Provisioned Dynamically by a PCRF
- Understanding How Subscriber-Aware Policy and Charging Control Rules Are Provisioned Statically
- Understanding How a RADIUS Server Controls Policy and Charging Control Rules
- Understanding PCEF Profiles
- Understanding Network Elements
- Understanding AAA Profiles
- Understanding Static Time-of-Day PCC Rule Activation and Deactivation
- Understanding Usage Monitoring for TDF Subscribers
- Configuring Dynamic Policy Control by PCRF
- Configuring Static Policy Control
- Configuring Policy Control by RADIUS Servers
- Configuring Service Data Flow Filters
- Configuring Policy and Charging Control Action Profiles For Junos OS Subscriber Aware
- Configuring Policy and Charging Control Rules
- Configuring a Policy and Charging Control Rulebase
- Configuring RADIUS Servers
- Configuring RADIUS Network Elements
- Configuring an AAA Profile
- Configuring a Policy and Charging Enforcement Function Profile for Junos OS Subscriber Aware Dynamic Policies
- Configuring a Policy and Charging Enforcement Function Profile for Junos OS Subscriber Aware Static Policies
- Configuring a Policy and Charging Enforcement Function Profile for Junos OS Subscriber Aware Policies That a RADIUS Server Controls
- Configuration of Static Time-of-Day PCC Rule Activation and Deactivation Overview
- Configuring the NTP Server
- Configuring Static Time-of-Day PCC Rule Activation and Deactivation in a Junos OS Subscriber Aware PCEF Profile
- Configuring TDF Subscriber Usage Monitoring for Traffic That Matches Predefined PCC Rules
- play_arrow Configuring TDF Subscribers
- IP-Based and IFL-Based TDF Subscribers Overview
- IP-Based Subscriber Setup Overview
- Understanding the Definition of a Set of IP-Based Subscriber Properties with a TDF Domain
- Understanding Source IP Filtering with Address Pools in TDF Domains for IP-Based Subscribers
- Understanding Selection of Properties for an IP-Based TDF Subscriber
- Understanding Selection of Policy-Control Properties for an IP-based TDF Subscriber
- Snooping RADIUS Accounting Requests for IP-Based Subscribers Overview
- Understanding IFL-Based Subscriber Setup
- Understanding the Definition of a Set of IFL-Based Subscriber Properties with a TDF Domain
- Configuring IP-Based TDF Subscriber Setup When MX Series Router Is a RADIUS Server
- Configuring IP-Based TDF Subscriber Setup When Accounting Requests Are Snooped
- Configuring Address Pools for Source-IP Filtering of IP-Based Subscribers
- Configuring a Set of IP-Based TDF Subscriber Properties with a TDF Domain
- Configuring RADIUS Clients That Send Accounting Requests for IP-Based Subscribers
- Configuring Assignment of TDF Subscriber Properties and Policy-Control Properties to IP-Based Subscribers
- Configuring Snooping of RADIUS Accounting Requests for IP-Based Subscribers
- Configuring IFL-Based TDF Subscriber Setup
- Configuring IFL-Based TDF Subscribers and Properties with a TDF Domain
- Configuring a TDF Logical Interface
- Configuring TDF Interface to Access Interface Associations in VRFs
- play_arrow Configuring Services
- play_arrow Configuring Diameter
- Diameter Profiles Overview
- Juniper Networks Diameter AVPs for Subscriber Aware Policy Control
- Configuring Diameter Overview
- Configuring Diameter Profiles
- Configuring Diameter Bindings
- Configuring Diameter Network Elements
- Configuring Diameter AVPs for Gx Applications
- Configuring Diameter Peers
- Configuring the Diameter Transport
- Configuring Advertisements in Diameter Messages
- Configuring Parameters for Diameter Applications
- Configuring the Origin Attributes of the Diameter Instance
-
- play_arrow Configuring Reporting for Subscriber-Aware Data Sessions
- play_arrow Configuring Reporting
-
- play_arrow Modifying Subscriber-Aware Configuration
- play_arrow Modifying Subscriber-Aware Configuration in Maintenance Mode
- Maintenance Mode Overview for Subscriber Aware Policy Enforcement
- Changing Address Attributes in the Address Pool
- Deleting an Address Pool
- Changing AMS Interface Parameters on a TDF Gateway
- Modifying a TDF Domain
- Modifying the TDF Interface of a TDF Domain
- Deleting a TDF Domain
- Changing a TDF Interface
- Deleting a TDF Interface
- Changing TDF Gateway Parameters with Maintenance Mode
- Changing PCEF Profiles, PCC Rules, PCC Rulebases, Diameter Profiles, Flow Descriptions, and PCC Action Profiles
- Deleting a PCEF Profile
- Changing Static Time-of-Day Settings for PCC Rules
- Deleting a Services PIC
- Deleting a Session PIC
-
- play_arrow Configuration Statements and Operational Commands
Using the Enterprise-Specific Utility MIB
Using the Enterprise-Specific Utility MIB
The enterprise-specific Utility MIB enables you to add SNMP-compliant applications information to the enterprise-specific Utility MIB. The application information includes:
NAT mappings
Carrier-grade NAT (CGNAT) pools
Service set CPU utilization
Service set memory usage
Service set summary information
Service set packet drop information
Service set memory zone information
Multiservices PIC CPU and memory utilization
Stateful firewall flow counters
Session application connection information
Session analysis information
Subscriber analysis information
Traffic Load Balancer information
You use a delivered Stylesheet Language Alternative Syntax (SLAX) script to place applications information into the enterprise-specific Utility MIB. The script is invoked based on event policies (such as reboot of the router or switchover of Routing Engines) defined in an event script. The script can also be invoked from the command line as an op script. The script only runs on the primary Routing Engine. After the script is invoked, it polls data from the specified components at regular intervals using the XML-RPC API and writes the converted data to the Utility MIB as SNMP variables. The script automatically restarts after a configured polling cycle elapses.
Populating the Enterprise-Specific Utility MIB with Information
To use a SLAX script to populate the enterprise-specific Utility MIB with information:
Enable the services-oids-slax script.
content_copy zoom_out_mapuser@host# set system scripts op file services-oids.slax
Configure the maximum amount of memory for the data segment during the execution of the script.
content_copy zoom_out_mapuser@host# set event-options event-script max-database 512m
Enable the script.
content_copy zoom_out_mapuser@host# set event-options event-script file services-oids-ev-policy.slax
(Optional) Enable the log-stats argument to allow sys logging of stateful firewall rate statistics when the event-script is run.
Display the event policies and the arguments that can be used.
content_copy zoom_out_mapuser@host> show event-options event-scripts polices
content_copy zoom_out_mapevent-options { policy services-oids-done { events system; attributes-match { system.message matches "Completed polling cycle normally. Exiting"; } then { event-script services-oids.slax { arguments { max-polls 30; interval 120; } } } } policy system-started { events system; attributes-match { system.message matches "Starting of initial processes complete"; } then { event-script services-oids.slax { arguments { max-polls 30; interval 120; } } } } } event-options { policy services-oids-done { events system; attributes-match { system.message matches "Completed polling cycle normally. Exiting"; } then { event-script services-oids.slax { arguments { max-polls 30; interval 120; } } } } policy system-started { events system; attributes-match { system.message matches "Starting of initial processes complete"; } then { event-script services-oids.slax { arguments { max-polls 30; interval 120; } } } } }The
log-statsargument does not appear, so you must enable it.Start the Linux shell.
content_copy zoom_out_mapuser@host> start shell
content_copy zoom_out_map%
Open the /var/db/scripts/event/services-oids-eve-policy.slax file for editing.
content_copy zoom_out_map<event-options> { /* * This policy detects when the services-oids.slax script ends, then restarts it. */ <policy> { <name> "services-oids-done"; <events> "system"; <attributes-match> { <from-event-attribute> "system.message"; <condition> "matches"; <to-event-attribute-value> "Completed polling cycle normally. Exiting"; } <then> { <event-script> { <name> "services-oids.slax"; <arguments> { <name>"max-polls"; <value>"30"; } <arguments> { <name>"interval"; <value>"120"; } /* <arguments> { <name>"log-stats"; <value>"yes"; } */ } } } /* * This policy detects when the system has booted and kicks off the services-oids.slax script. * This policy hooks the 'system started' event */ <policy> { <name> "system-started"; <events> "system"; <attributes-match> { <from-event-attribute> "system.message"; <condition> "matches"; <to-event-attribute-value> "Starting of initial processes complete"; } <then> { <event-script> { <name> "services-oids.slax"; <arguments> { <name>"max-polls"; <value>"30"; } <arguments> { <name>"interval"; <value>"120"; } /* <arguments> { <name>"log-stats"; <value>"yes"; } */ } } } }Remove the comment enclosures (
/*and*/) surrounding the<arguments>tags containing“log-stats”.Exit the Linux shell and return to the CLI.
content_copy zoom_out_map% exit
Load the changes you made to the event script file.
content_copy zoom_out_mapuser@host>request system scripts event-scripts reload
The
log-statsargument is available the next time the event script restarts.
Set up the script logging file services-oids.log.
content_copy zoom_out_mapuser@host# set system syslog file services-oids.log any info user@host# set system syslog file services-oids.log match cscript
Synchronize scripts between Routing Engines so that when a switchover of Routing Engine occurs, the event policy starts on the new primary.
To synchronize on a per-commit basis:
content_copy zoom_out_mapuser@host# commit synchronize scripts
To synchronize scripts every time you execute a commit synchronize:
content_copy zoom_out_map[edit system scripts] user@host# set synchronize user@host# commit synchronize
The script starts automatically at system boot, but you can manually start it with the CLI.
content_copy zoom_out_mapuser@host> op services-oids arguments
Table 1 describes the arguments that you can use.
Table 1: Arguments for services-oids.slax Script Argument
Description
clean
A value of 1 clears all Utility MIB OIDs. Use this only to clean OID tables.
clear-semaphore
A value of 1 resets the semaphore in the Utility MIB to recover from an abnormal script exit or from a manual script exit.
debug
Prints debug messages on console.
detail
Displays detailed output.
interval
Sets the number of seconds between poll cycles (default is 120).
invoke-debugger
Invokes script in debugger mode.
log-stats
Yes value enables sys logging of stateful firewall rate statistics (default is no).
max-polls
Sets the number of poll cycles before exiting the script (default is 30).
one-cycle-only
Value of 1 quits after one cycle of polling. Event policy does not restart the script. Use this option for testing only. The default is 0.
signal-stop
A value of 1 stops the script and sets the semaphore, which causes the next iteration to exit.
silent
Prints trace messages on console if it is unset. Set it to zero-length string (“ ”) to unset it. Default is 1.
|
Pipes through a command.
Check the status of the script from the log file.
content_copy zoom_out_maprouter> show /var/log/services-oids.log | no-more
content_copy zoom_out_mapJun 27 19:51:47 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] Beginning polling cycle. Jun 27 19:51:47 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing traffic load-balance statistics Jun 27 19:51:48 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing cgnat pool detail Jun 27 19:51:48 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing cgnat mappings summary Jun 27 19:51:48 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-sets summary Jun 27 19:51:48 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-sets cpu-usage Jun 27 19:51:48 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-sets mem-usage Jun 27 19:51:49 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing stateful firewall statistics Jun 27 19:51:49 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing stateful firewall flow-analysis Jun 27 19:51:49 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing stateful firewall flows counts Jun 27 19:51:49 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing FW policy connections/second Jun 27 19:51:49 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing FW/NAT app connections Jun 27 19:51:51 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-set packet-drops Jun 27 19:51:51 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-set memory-usage zone Jun 27 19:51:51 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing service-set policy throughput stats Jun 27 19:51:52 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] processing ms-pic CPU amd Memory utilization stats Jun 27 19:51:52 wf-cheesypoofs cscript: services-oids.slax(v0.14):[info] 1/30 Sleeping for 110 seconds.
Verify that you are getting Utility MIB OID updates.
content_copy zoom_out_maprouter> show snmp mib walk jnxUtil ascii
content_copy zoom_out_map. . . jnxUtilCounter64Value."services10tcp-errors09CGN-SET-1" = 0 jnxUtilCounter64Value."services10tcp-errors09CGN-SET-2" = 0 jnxUtilCounter64Value."services10tcp-errors09CGN-SET-3" = 0 jnxUtilCounter64Value."services10udp-errors09CGN-SET-1" = 1119 jnxUtilCounter64Value."services10udp-errors09CGN-SET-2" = 0 . . .
To exclude the timestamp information, use
content_copy zoom_out_maprouter> show snmp mib walk jnxUtil ascii | match Value
Stopping the SLAX Script with the CLI
To stop the SLAX script from the CLI:
user@host> op services-oids signal-stop 1
