JUNOS OS 10.4 Release Notes
Inner IP Header
Forwarding Class
ob001
assured-forwarding
26
classifiers for a family of PPP interfaces. Layer 2 and Layer 3 classifiers can co-exist
for a PPP subscriber.
For example, to classify incoming packets for a PPP subscriber, include the
type classifier-name
statement at the
hierarchy level or at the
logical-unit-number]
interfaces pp0 unit logical-unit-number]
On egress tunnels, you configure rewrite rules to set the ToS or 802.1p value of the
outer header. For example, to configure a rewrite-rule definition for an interface with
802.1p encapsulation, include the
statement at the
edit class-of-service interfaces interface-name unit logical-unit-number]
hierarchy level or the
[edit dynamic-profiles class-of-service interfaces pp0 unit
hierarchy level.
logical-unit-number]
Rewrite rules are applied accordingly to the forwarding class, packet loss priority (PLP),
and code point. The proper transfer of the inner IP header to the outer IP header of the
L2TP packet depends on the classifier and rewrite rule configurations.
The following table shows how the classifier and rewrite-rule values transfer from the
inner IP header to the outer IP header. The inner IP header (ob001) is classified with
assured-forwarding and low loss priority at the ingress interface. Based on the
assured-forwarding class and low loss priority in the rewrite rule, the outer IP header
is set to ob001 at the egress interface.
Loss Priority
low
[Subscriber Access, Class of Service]
L2TP tunnel profiles and AAA support for tunnels in subscriber management (MX
Series routers)—You can configure a set of attributes to define an L2TP tunnel for PPP
subscribers. More than one tunnel can be defined for a tunnel profile. Tunnel profiles
are applied by a domain map before RADIUS authentication. When the RADIUS
Tunnel-Group VSA [26-64] is specified in the RADIUS login, then the RADIUS tunnel
profile (group) overrides a tunnel profile specified by the domain map. The tunnel is
then configured according to RADIUS tunnel attributes and VSAs.
To configure a tunnel profile, include the
hierarchy level. To define a tunnel for a profile, include the
[edit access]
statement at the
[edit access tunnel-profile profile-name]
Define the attributes of the tunnel at the
hierarchy level. You must configure a preference for the tunnel and the IP
tunnel-id]
address of the LNS tunnel endpoint; all other attributes are optional. Include the
preference number
statement to configure the preference. Include the
statement to configure the LNS address.
address server-ip-address
You can optionally configure the remaining tunnel attributes. Include the
remote-gateway name server-name
the
source -gateway address client-ip-address
statements to configure the local (LAC) tunnel endpoint. Although you
client-name
[edit class-of-service interfaces pp0 unit
[edit dynamic-profiles class-of-service
hierarchy level.
[rewrite-rule ieee-802.1 (rewrite-name | default)
Code Point
001
tunnel-profile profile-name
hierarchy level.
[edit access tunnel-profile profile-name tunnel
statement to configure the LNS hostname. Include
statement and the
Copyright © 2010, Juniper Networks, Inc.
classifier
Outer IP Header
ob001
statement at the
tunnel tunnel-id
remote-gateway
source-gateway name