Configuring Out-of-Band ANCP Messages to Trigger Dynamic VLAN Instantiation
The instantiation of conventional autosensed dynamic VLANs is triggered by in-band PPPoE or DHCP control packets that the Packet Forwarding Engine exceptions to the Routing Engine. A VLAN is authorized based on information extracted from specific fields and created according to a dynamic profile assigned to the VLAN range or stacked VLAN range.
Another way to instantiate an autosensed dynamic VLAN is with the processing of packets from an out-of-band protocol, ANCP. The out-of-band protocol method is useful where the traffic received might not be PPPoE or DHCP, such as in a Layer 2 wholesale scenario, where the traffic for an entire outer VLAN is wholesaled to a retailer and the VLANs are based on access line identifiers.
For this method, you configure the dynamic profile to accept packets from the out-of-band protocol. The dynamic profile is on an access-facing physical interface and is associated with a VLAN range available for the autosensed VLANs.
This configuration assumes the following:
The dynamic profile is configured to instantiate a dynamic VLAN when notified by the ANCP agent that it has received an out-of-band ANCP Port Up message.
The RADIUS authentication server is properly configured to authorize the VLANs and apply services as needed.
The ANCP agent is configured to notify AAA when it receives ANCP Port Up and Port Down messages.
The ANCP agent is configured to initiate interim accounting updates (which also enables immediate interim accounting updates) in response to information received in Port Up messages.
Out-of-band triggering is supported only for single-tag VLANs; it is not supported for stacked VLANs.
To configure the instantiation of autosensed dynamic VLANs by out-of-band ANCP packets:
Specify that ANCP packets are accepted.
[edit interfaces interface-name auto-configure vlan-ranges dynamic-profile profile-name] user@host# set accept-out-of-band ancp