Configuring a Retail Dynamic Profile for Use in the Layer 2 Wholesale Solution
To configure a dynamic profile for use with retailer access:
Note:
To support Layer 2 access profiles the RADIUS server must provide VLAN authentication.
The result is a dynamic subscriber profile that uses RADIUS authentication to assign the outer VLAN ID dynamically.
The dynamic profile is displayed in curly brace format:
[edit]
user@host# show dynamic-profiles
Subscriber_Profile_Retail1
routing-instances {
"$junos-routing-instance" {
interface "$junos-interface-name";
}
}
interfaces {
"$junos-interface-ifd-name" {
unit "$junos-interface-unit" {
encapsulation vlan-vpls;
vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id";
input-vlan-map {
swap-push;
vlan-id "$junos-vlan-map-id";
inner-vlan-id "$junos-inner-vlan-map-id";
}
output-vlan-map {
pop-swap;
inner-tag-protocol-id 0x8100;
}
family vpls;
}
}
}The need to authenticate the VLAN through RADIUS is specified by
"$junos-vlan-map-id" and "$junos-vlan-id"
parameters.
The outer VLAN ID is returned by the RADIUS server as part of the user name attribute, as shown:
Type: VLAN User Name: user1.xe-0/1/0:2015 Logical System: default Routing Instance: ISP02-Test Interface: xe-0/1/0.3221225509 Interface type: Dynamic Underlying Interface: xe-0/1/0 Core IFL Name: xe-0/1/3.0 Dynamic Profile Name: Subscriber_Profile_Retail1 Dynamic Profile Version: 1 State: Active Radius Accounting ID: 43 Session ID: 43 PFE Flow ID: 87 VLAN Id: 2015 VLAN Map Id: 100 Inner VLAN Map Id: 201 Login Time: 2021-07-07 06:42:33 PDT Dynamic configuration: junos-vlan-map-id: 100