Sign In
Upload
Manuals
Brands
Juniper Manuals
Software
JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010
Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010 Manuals
Manuals and User Guides for Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010. We have
2
Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010 manuals available for free PDF download: Configuration Manual
Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010 Configuration Manual (788 pages)
for E Series Broadband Services Routers - Broadband Access Configuration
Brand:
Juniper
| Category:
Software
| Size: 6.82 MB
Table of Contents
Table of Contents
9
List of Figures
29
About the Documentation
37
Audience
37
Documentation Feedback
37
E Series and Junose Documentation and Release Notes
37
E Series and Junose Text and Syntax Conventions
37
Obtaining Documentation
37
Requesting Technical Support
37
Table 1: Notice Icons
38
Table 2: Text and Syntax Conventions
38
About the Documentation
39
Opening a Case with JTAC
40
Self-Help Online Tools and Resources
40
Part 1 Managing Remote Access
41
Managing Remote Access
42
Managing Remote Access
41
Chapter 2 Monitoring and Troubleshooting Remote Access
41
Configuring Remote Access
43
Remote Access Overview
44
B-RAS Data Flow
44
Configuring IP Addresses for Remote Clients
44
AAA Overview
45
Chapter 1 Configuring Remote Access
45
Remote Access Platform Considerations
45
B-RAS Protocol Support
45
Before You Configure B-RAS
46
Remote Access Configuration Tasks
46
Remote Access References
46
Chapter 1 Configuring Remote Access
47
Configuring a B-RAS License
47
Mapping a User Domain Name to a Virtual Router
48
Mapping User Requests Without a Valid Domain Name
48
Mapping User Requests Without a Configured Domain Name
49
Using DNIS
49
Redirected Authentication
49
IP Hinting
50
Setting up Domain Name and Realm Name Usage
52
Using the Realm Name as the Domain Name
52
Using Delimiters Other than
52
Using Either the Domain or the Realm as the Domain Name
53
Specifying the Domain Name or Realm Name Parse Direction
53
Stripping the Domain Name
54
Domain Name and Realm Name Examples
55
Specifying a Single Name for Users from a Domain
56
Table 3: Username and Domain Name Examples
56
Configuring RADIUS Authentication and Accounting Servers
58
Server Access
58
Server Request Processing Limit
59
Authentication and Accounting Methods
59
Table 4: Local UDP Port Ranges by RADIUS Request Type
59
Supporting Exchange of Extensible Authentication Protocol Messages
60
Immediate Accounting Updates
61
Duplicate and Broadcast Accounting
61
Configuring AAA Broadcast Accounting
62
Configuring AAA Duplicate Accounting
62
Overriding AAA Accounting NAS Information
62
UDP Checksums
63
Collecting Accounting Statistics
63
Configuring RADIUS AAA Servers
63
SNMP Traps and System Log Messages
76
SNMP Traps
76
System Log Messages
77
Configuring SNMP Traps
77
Configuring Local Authentication Servers
80
Creating the Local Authentication Environment
80
Creating Local User Databases
80
Adding User Entries to Local User Databases
80
Using the Aaa Local Username Command
81
Using the Username Command
81
Assigning a Local User Database to a Virtual Router
82
Enabling Local Authentication on the Virtual Router
82
Configuration Commands
83
Local Authentication Example
87
Configuring Tunnel Subscriber Authentication
90
Configuring Name Server Addresses
91
Configuration Tasks
91
DNS Primary and Secondary NMS Configuration
92
WINS Primary and Secondary NMS Configuration
93
Configuring Local Address Servers
94
Local Address Pool Ranges
94
Figure 1: Local Address Pool Hierarchy
94
Local Address Pool Aliases
95
Shared Local Address Pools
95
Figure 2: Shared Local Address Pools
95
SNMP Thresholds
96
Configuring a Local Address Server
96
Configuring DHCP Features
100
Creating an IP Interface
101
Single Clients Per ATM Subinterface
101
Figure 3: Single PPP Clients Per ATM Subinterface
101
Multiple Clients Per ATM Subinterface
102
Figure 4: Multiple PPP Clients Per ATM Subinterface
102
Configuring AAA Profiles
103
Allowing or Denying Domain Names
104
Configuration Example
104
Using Domain Name Aliases
105
Manually Setting NAS-Port-Type Attribute
109
Service-Description Attribute
110
Using RADIUS Route-Download Server to Distribute Routes
111
Format of Downloaded Routes
111
Cisco-Avpair (Cisco VSA 26-1)
112
Framed-Route (RADIUS Attribute 22)
112
How the Route-Download Server Downloads Routes
112
Configuring the Route-Download Server to Download Routes
112
Using the AAA Logical Line Identifier to Track Subscribers
116
How the Router Obtains and Uses the LLID
116
RADIUS Attributes in Preauthentication Request
117
Considerations for Using the LLID
118
Table 5: RADIUS IETF Attributes in Preauthentication Request
118
Configuring the Router to Obtain the LLID for a Subscriber
119
Troubleshooting Subscriber Preauthentication
121
Table 6: Vsas that Apply to Dynamic IP Interfaces
122
Using Vsas for Dynamic IP Interfaces
122
Table 7: Traffic-Shaping Vsas that Apply to Dynamic IP Interfaces
123
Traffic Shaping for PPP over ATM Interfaces
123
Mapping Application Terminate Reasons to RADIUS Terminate Codes
124
Table 8: Supported RADIUS Acct-Terminate-Cause Codes
124
Configuration Example
126
Configuring Timeout
128
Limiting Active Subscribers
129
Configuring Standard RADIUS Ipv6 Attributes for Ipv6 Neighbor Discovery Router Advertisements and Dhcpv6 Prefix Delegation
130
Notifying RADIUS of AAA Failure
130
Propagation of LAG Subscriber Information to AAA and RADIUS
132
Table 9: RADIUS Attributes Specifying LAG Interface
133
Configuring the SRC Client
134
Table 10: SRC Client and COPS Terminology
134
Dhcpv6 Local Address Pools for Allocation of Ipv6 Prefixes Overview
141
Dhcpv6 Prefix Delegation Example
143
Order of Preference in Determining the Local Address Pool for Allocating Prefixes
143
Order of Preference in Allocating Prefixes and Assigning DNS Addresses to Requesting Routers
144
Configuring the Dhcpv6 Local Address Pools
144
Limitation on the Number of Prefixes Used by Clients
147
Using Dhcpv6 Local Address Pools for Prefix Delegation over Non-PPP Links Example
147
Monitoring and Troubleshooting Remote Access
149
Monitoring Chassis-Wide Routes Downloaded by RADIUS Route-Download
149
Servers
149
Monitoring the Maximum Number of Active Subscribers Per Virtual
149
Router
149
Monitoring Virtual Router Groups Configured for AAA Broadcast
149
Accounting
149
Monitoring the RADIUS Attribute Used for Ipv6 Neighbor Discovery Router
150
Setting a Baseline for AAA Statistics
151
Setting a Baseline for AAA Route Downloads
151
Setting a Baseline for COPS Statistics
151
Setting a Baseline for Local Address Pool Statistics
151
Setting a Baseline for RADIUS Statistics
152
Setting the Baseline for SRC Statistics
152
Setting Baselines for Remote Access
150
How to Monitor PPP Interfaces
152
Monitoring AAA Accounting Configuration
152
Monitoring AAA Accounting Default
153
Table 11: Show Aaa Accounting Output Fields
153
Monitoring Accounting Interval
154
Monitoring Specific Virtual Router Groups
154
Table 12: Show Aaa Accounting Vr-Group Output Fields
154
Monitoring Domain and Realm Name Delimiters
155
Monitoring Mapping between User Domains and Virtual Routers
155
Monitoring the Default AAA Authentication Method List
155
Table 13: Show Aaa Domain-Map Output Fields
156
Monitoring Tunnel Subscriber Authentication
157
Monitoring IP Addresses of Primary and Secondary DNS and WINS Name Servers
158
Monitoring Routing Table Address Lookup
158
Monitoring the AAA Model
158
Monitoring AAA Profile Configuration
159
Table 14: Show Aaa Profile Output Fields
159
Monitoring Statistics about the RADIUS Route-Download Server
160
Table 15: Show Aaa Route-Download Output Fields
160
Monitoring Routes Downloaded by the RADIUS Route-Download Server
162
Table 16: Show Aaa Route-Download Routes Output Fields
162
Monitoring Chassis-Wide Routes Downloaded by RADIUS Route-Download Servers
163
Table 17: Show Aaa Route-Download Routes Global Output Fields
164
Monitoring Authentication, Authorization, and Accounting Statistics
165
Table 18: Show Aaa Statistics Output Fields
166
Monitoring Session Timeouts
167
Monitoring the Maximum Number of Active Subscribers Per Virtual Router
167
Monitoring the Number of Active Subscribers Per Port
167
Monitoring Interim Accounting for Users on the Virtual Router
168
Monitoring Virtual Router Groups Configured for AAA Broadcast Accounting
168
Monitoring Configuration Information for AAA Local Authentication
169
Table 19: Show Configuration Category Aaa Global-Attributes Output Fields
169
Monitoring AAA Server Attributes
170
Table 20: Show Configuration Category Aaa Local-Authentication Output Fields
170
Table 21: Show Configuration Category Aaa Server-Attributes Include-Defaults Output Fields
171
Monitoring the COPS Layer over SRC Connection
172
Table 22: Show Cops Info Output Fields
173
Monitoring Statistics about the COPS Layer
174
Table 23: Show Cops Statistics Output Fields
175
Monitoring Local Address Pool Aliases
176
Monitoring Local Address Pools
176
Table 24: Show Ip Local Alias Output Fields
176
Table 25: Show Ip Local Pool Output Fields
177
Monitoring Local Address Pool Statistics
178
Monitoring Shared Local Address Pools
178
Monitoring the Routing Table
179
Table 26: Show Ip Local Shared-Pool Output Fields
179
Monitoring RADIUS Override Settings
180
Monitoring the B-RAS License
180
Monitoring the RADIUS Server Algorithm
180
Table 27: Show Radius Override Output Fields
180
Monitoring RADIUS Server Information
181
Monitoring the RADIUS Rollover Configuration
181
Table 28: Show Radius Servers Output Fields
182
Monitoring RADIUS Services Statistics
183
Table 29: Show Radius Statistics Output Fields
185
Monitoring RADIUS SNMP Traps
186
Monitoring RADIUS Accounting for L2TP Tunnels
187
Monitoring RADIUS Server IP Addresses
187
Advertisements
188
Monitoring the RADIUS Attribute Used for Ipv6 Neighbor Discovery Router Advertisements
188
Monitoring RADIUS UDP Checksums
187
Monitoring SRC Client Connection Status
188
Monitoring the RADIUS Attribute Used for Dhcpv6 Prefix Delegation
188
Table 30: Show Sscc Info Output Fields
189
Monitoring SRC Client Connection Statistics
190
Table 31: Show Sscc Statistics Output Fields
191
Monitoring Subscriber Information
192
Monitoring the SRC Client Version Number
192
Table 32: Show Subscribers Output Fields
196
Monitoring Application Terminate Reason Mappings
197
Monitoring Ipv6 Local Pools for DHCP Prefix Delegation by All Configured Pools
199
Table 33: Show Terminate-Code Output Fields
199
Table 34: Show Ipv6 Local Pool Output Fields
199
Monitoring Ipv6 Local Pools for DHCP Prefix Delegation by Pool Name
200
Table 35: Show Ipv6 Local Pool Poolname Output Fields
200
Monitoring Ipv6 Local Pool Statistics for DHCP Prefix Delegation
201
Table 36: Show Ipv6 Local Pool Statistics Output Fields
202
Part 2 Managing RADIUS and TACACS
203
Chapter 4 Configuring RADIUS Dynamic-Request Server
203
Chapter 3 Configuring RADIUS Attributes
205
RADIUS Overview
205
RADIUS Services
206
RADIUS Attributes
206
RADIUS Platform Considerations
206
Configuring RADIUS Attributes
207
RADIUS References
207
Subscriber AAA Access Messages
207
Supported RADIUS IETF Attributes
208
Table 37: AAA Access Message RADIUS IETF Attributes Supported
208
Supported Juniper Networks Vsas
210
Table 38: AAA Access Message Juniper Networks (Vendor ID 4874) Vsas
210
Subscriber AAA Accounting Messages
215
Supported RADIUS IETF Attributes
215
Table 39: AAA Accounting Message RADIUS IETF Attributes Supported
216
Supported Juniper Networks Vsas
218
Table 40: AAA Accounting Message Juniper Network (Vendor ID 4874) Vsas
219
Tunnel Accounting Messages
221
Table 41: AAA Accounting Tunnel Message RADIUS Attributes
221
DSL Forum Vsas in AAA Access and Accounting Messages
222
Table 42: DSL Forum (Vendor ID 3561) Vsas Supported in AAA Access and Accounting Messages
223
CLI AAA Messages
224
CLI Commands Used to Modify RADIUS Attributes
224
Table 43: CLI AAA Access Message RADIUS Attributes Supported
224
RADIUS IETF Attributes
225
NAS-IP-Address
225
NAS-Port
226
Framed-IP-Address
229
Framed-Ip-Netmask
229
Class
230
Framed-Compression
230
Called-Station-ID
231
Calling-Station-ID
231
NAS-Identifier
236
Acct-Delay-Time
238
Acct-Session-ID
239
Acct-Authentic
240
Acct-Terminate-Cause
240
Acct-Link-Count
241
Acct-Multi-Session-ID
241
Acct-Input-Gigawords
242
Event-Timestamp
242
Output-Gigawords
242
NAS-Port-Type
243
Tunnel-Type
244
Tunnel-Client-Endpoint
245
Tunnel-Medium-Type
245
Tunnel-Server-Endpoint
245
Acct-Tunnel-Connection
246
Connect-Info
246
Tunnel-Assignment-ID
247
NAS-Port-ID
248
Tunnel-Preference
248
Tunnel-Client-Auth-ID
249
Framed-Interface-ID
250
Tunnel-Server-Auth-ID
250
Framed-Ipv6-Prefix
251
Framed-Ipv6-Route
251
Delegated-Ipv6-Prefix
252
Framed-Ipv6-Pool
252
All Tunnel Server Attributes
253
Ascend-Num-In-Multilink
253
Juniper Networks Vendor-Specific Attributes
254
Ingress-Policy-Name
254
Virtual-Router
254
Egress-Policy-Name
255
Pcr
256
Service-Category
256
Mbs
257
Pppoe-Description
257
Scr
257
Acct-Input-Gigapackets
258
Acct-Output-Gigapackets
258
Tunnel-Interface-ID
258
Ipv6-Local-Interface
259
Ipv6-Virtual-Router
259
Ipv6-Primary-DNS
260
Ipv6-Secondary-DNS
260
Disconnect-Cause
261
Service-Description
261
DHCP-GI-Address
262
DHCP-MAC-Address
262
DHCP-Options
262
Interface-Desc
263
MLPPP-Bundle-Name
263
L2C-Information
264
L2C-Up-Stream-Data
264
Ipv6-Ndra-Prefix
265
L2C-Down-Stream-Data
265
Downstream-Calculated-Qos-Rate
266
Upstream-Calculated-Qos-Rate
266
ICR-Partition-ID
267
Max-Clients-Per-Interface
267
All Ipv6 Accounting Attributes
268
ANCP-Related Juniper Networks Vsas
269
Table 44: ANCP (L2C)-Related Keywords for Radius Include Command
269
DSL Forum Vendor-Specific Attributes
271
Including or Excluding Attributes in RADIUS Messages
272
Ignoring Attributes When Receiving Access-Accept Messages
273
Configuring RADIUS Dynamic-Request Server
275
RADIUS Dynamic-Request Server Overview
275
Figure 5: Sample Remote Access Network Using RADIUS
276
RADIUS Dynamic-Request Server Platform Considerations
276
RADIUS Dynamic-Request Server References
276
How RADIUS Dynamic-Request Server Works
277
RADIUS-Initiated Disconnect
277
Disconnect Messages
277
Message Exchange
277
Table 45: Error-Cause Codes (RADIUS Attribute 101)
278
Qualifications for Disconnect
278
Security/Authentication
279
Configuring RADIUS-Initiated Disconnect
279
RADIUS-Initiated Change of Authorization
279
Change-Of-Authorization Messages
279
Message Exchange
280
Table 46: Error-Cause Codes (RADIUS Attribute 101)
280
Qualifications for Change of Authorization
281
Security/Authentication
281
Configuring RADIUS-Initiated Change of Authorization
281
RADIUS Dynamic-Request Server Commands
282
Monitoring RADIUS Dynamic-Request Servers
284
Chapter 5 Configuring RADIUS Relay Server
285
Figure 6: RADIUS Relay Server
285
How RADIUS Relay Server Works
286
Accounting
287
Authentication and Addressing
287
Table 47: Required RADIUS Access-Request Attributes
287
Table 48: Required RADIUS Accounting Attributes
288
Terminating the Wireless Subscriber's Connection
288
RADIUS Relay Server Platform Considerations
286
RADIUS Relay Server References
286
RADIUS Relay Server and the SRC Software
288
Using the SRC Software for Addressing
288
Using the SRC Application for Accounting
288
Configuring RADIUS Relay Server Support
289
Monitoring RADIUS Relay Server
291
Chapter 6 RADIUS Attribute Descriptions
293
Table 49: RADIUS IETF Attributes Supported by Junose Software
293
Juniper Networks Vsas
299
Table 50: Juniper Networks (Vendor ID 4874) VSA Formats
299
DSL Forum Vsas
310
Table 51: Junose Software DSL Forum (Vendor ID 3561) VSA Formats
310
Pass through RADIUS Attributes
311
RADIUS Attributes References
312
Table 52: RADIUS Attribute Passed through by Junose Software
312
AAA Terminate Reasons
313
Chapter 7 Application Terminate Reasons
313
Table 53: Default AAA Mappings
313
L2TP Terminate Reasons
314
Table 54: Default L2TP Mappings
314
PPP Terminate Reasons
329
Table 55: Default PPP Mappings
329
RADIUS Client Terminate Reasons
335
Table 56: Default RADIUS Client Mappings
335
Chapter 8 Monitoring RADIUS
337
Monitoring Override Settings of RADIUS IETF Attributes
337
Monitoring the NAS-Port-Format RADIUS Attribute
338
Table 57: Show Radius Override Output Fields
338
Monitoring the Calling-Station-ID RADIUS Attribute
339
Monitoring the NAS-Identifier RADIUS Attribute
339
Monitoring the Acct-Session-ID RADIUS Attribute
340
Monitoring the Delimiter Character in the Remote-Circuit-ID for RADIUS
340
Monitoring the Format of the Remote-Circuit-ID for RADIUS
340
Monitoring the Connect-Info RADIUS Attribute
341
Monitoring the DSL-Port-Type RADIUS Attribute
341
Monitoring the NAS-Port-ID RADIUS Attribute
341
Monitoring Included RADIUS Attributes
342
Table 58: Show Radius Attributes-Included Output Fields
343
Monitoring Ignored RADIUS Attributes
344
Setting the Baseline for RADIUS Dynamic-Request Server Statistics
344
Monitoring RADIUS Dynamic-Request Server Statistics
345
Table 59: Show Radius Dynamic-Request Statistics Output Fields
345
Monitoring the Configuration of the RADIUS Dynamic-Request Server
346
Table 60: Show Radius Dynamic-Request Servers Output Fields
346
Monitoring RADIUS Relay Server Statistics
347
Setting a Baseline for RADIUS Relay Statistics
347
Table 61: Show Radius Relay Statistics Output Fields
348
Monitoring the Configuration of the RADIUS Relay Server
349
Table 62: Show Radius Relay Servers Output Fields
349
Monitoring the Status of ICR Partition Accounting
350
Monitoring the Status of RADIUS Relay UDP Checksums
350
Table 63: Show Radius Relay Udp-Checksum Output Fields
350
Chapter 9 Configuring TACACS
351
TACACS+ Overview
351
AAA Overview
352
Administrative Login Authentication
352
Table 64: TACACS-Related Terms
352
Accounting
353
Login Authorization
353
Privilege Authentication
353
Table 65: TACACS+ Accounting Information
354
TACACS+ Platform Considerations
355
TACACS+ References
355
Before You Configure TACACS
356
Configuring TACACS+ Support
356
Configuring Authentication
356
Configuring Accounting
357
Chapter 10 Monitoring TACACS
363
Monitoring TACACS+ Statistics
363
Setting Baseline TACACS+ Statistics
363
Table 66: Show Statistics Tacacs Output Fields
364
Monitoring TACACS+ Information
365
Part 3 Managing L2TP
367
Table 67: Show Tacacs Output Fields
365
Chapter 11 L2TP Overview
369
Figure 7: Using the E Series Router as an LAC
370
Figure 8: Using the E Series Router as an LNS
370
L2TP Terminology
370
Table 68: L2TP Terms
370
Implementing L2TP
371
Sequence of Events on the LAC
371
Sequence of Events on the LNS
372
Packet Fragmentation
373
L2TP Module Requirements
374
Erx7Xx Models, Erx14Xx Models, and the ERX310 Router
374
E120 Router and E320 Router
375
Sessions and Tunnels Supported
375
L2TP Platform Considerations
374
L2TP References
376
LAC Configuration Prerequisites
377
Modifying L2TP LAC Default Settings for Managing Destinations, Tunnels and Sessions
378
Chapter 12 Configuring an L2TP LAC
379
Generating UDP Checksums in Packets to L2TP Peers
379
Specifying a Destruct Timeout for L2TP Tunnels and Sessions
379
Preventing Creation of New Destinations, Tunnels, and Sessions
380
Preventing Creation of New Destinations, Tunnels, and Sessions on the Router
380
Preventing Creation of New Sessions for a Tunnel
381
Preventing Creation of New Tunnels and Sessions at a Destination
381
Specifying a Drain Timeout for a Disconnected Tunnel
381
Closing Existing and Preventing New Destinations, Tunnels, and Sessions on the Router
382
Closing Existing and Preventing New Sessions in a Specific Tunnel
382
Closing Existing and Preventing New Tunnels and Sessions for a Destination
382
Closing a Specific Session
383
Shutting down Destinations, Tunnels, and Sessions
382
Configuring Calling Number AVP Formats
383
Calling Number AVP 22 Configuration Tasks
387
Configuring the Fallback Format
388
Disabling the Calling Number AVP
391
Specifying the Number of Retransmission Attempts
383
Mapping a User Domain Name to an L2TP Tunnel Overview
392
Mapping User Domain Names to L2TP Tunnels from Domain Map Tunnel Mode
393
Mapping User Domain Names to L2TP Tunnels from Tunnel Group Tunnel Mode
397
Configuring the RX Speed on the LAC
399
Managing the L2TP Destination Lockout Process
400
Modifying the Lockout Procedure
400
Figure 9: Lockout States
401
Verifying that a Locked-Out Destination Is Available
402
Configuring a Lockout Timeout
402
Unlocking a Destination that Is Currently Locked out
402
Starting an Immediate Lockout Test
403
Managing Address Changes Received from Remote Endpoints
403
Configuring LAC Tunnel Selection Parameters
404
Configuring the Failover between Preference Levels Method
404
Configuring the Failover Within a Preference Level Method
405
Configuring the Maximum Sessions Per Tunnel
406
Configuring the Weighted Load Balancing Method
406
Chapter 13 Configuring an L2TP LNS
409
LNS Configuration Prerequisites
409
Configuring an LNS
410
Creating an L2TP Destination Profile
412
Creating an L2TP Host Profile
413
Configuring the Maximum Number of LNS Sessions
414
Configuring the RADIUS Connect-Info Attribute on the LNS
414
Overriding LNS Out-Of-Resource Result Codes 4 and 5
415
Overriding the Result Codes
415
Displaying the Current Override Setting
416
Selecting Tunnel-Service Modules for LNS Sessions Using MLPPP
416
Assigning Bundled Group Identifiers
417
Overriding All Endpoint Discriminators
418
Enabling Tunnel Switching
418
Creating Persistent Tunnels
419
Managing L2TP Destinations, Tunnels, and Sessions
419
Testing Tunnel Configuration
419
Configuring Disconnect Cause Information
420
Generating the Disconnect Cause AVP Globally
420
Generating the Disconnect Cause AVP with a Host Profile
421
Enabling RADIUS Accounting for Disconnect Cause
421
Displaying Disconnect Cause Statistics
421
Configuring the Receive Window Size
422
Configuring the Default Receive Window Size
422
Configuring the Receive Window Size on the LAC
423
Configuring the Receive Window Size on the LNS
424
Configuring Peer Resynchronization
425
Configuring Peer Resynchronization for L2TP Host Profiles and AAA Domain Map Tunnels
426
Configuring the Global L2TP Peer Resynchronization Method
427
Applying the L2TP Tunnel Switch Profile
428
Configuring L2TP Tunnel Switch Profiles
428
Table 69: L2TP-Resynch-Method RADIUS Attribute
428
Using RADIUS to Configure Peer Resynchronization
428
Configuration Guidelines
429
Configuring L2TP Avps for Relay
429
Configuration Tasks
430
Configuring L2TP Tunnel Switch Profiles
430
Enabling Tunnel Switching on the Router
430
Applying L2TP Tunnel Switch Profiles by Using AAA Domain Maps
431
Applying L2TP Tunnel Switch Profiles by Using AAA Tunnel Groups
432
Applying Default L2TP Tunnel Switch Profiles
433
Applying L2TP Tunnel Switch Profiles by Using RADIUS
433
Configuring the Transmit Connect Speed Calculation Method
434
Transmit Connect Speed Calculation Methods
435
Static Layer 2
435
Actual
436
Dynamic Layer 2
436
Transmit Connect Speed Calculation Examples
436
Example 1: L2TP Session over ATM 1483 Interface
436
Example 2: L2TP Session over Ethernet VLAN Interface
437
Table 70: Transmit Connect Speeds for L2TP over ATM 1483 Example
437
Table 71: Transmit Connect Speeds for L2TP over Ethernet Example
437
Transmit Connect Speed Reporting Considerations
438
Advisory Speed Precedence for Vlans over Bridged Ethernet
438
Session Termination for Dynamic Speed Timeout
438
Using AAA Domain Maps to Configure the Transmit Connect Speed Calculation Method
438
Using AAA Tunnel Groups to Configure the Transmit Connect Speed Calculation Method
439
Using AAA Default Tunnel Parameters to Configure the Transmit Connect Speed Calculation Method
440
Using RADIUS to Configure the Transmit Connect Speed Calculation Method
441
Table 72: Tunnel--Tx-Speed-Method RADIUS Attribute
442
PPP Accounting Statistics
442
L2TP Dial-Out Overview
445
Figure 10: Network Model for Dial-Out
446
Table 73: L2TP Dial-Out Terms
446
Advertisement
Juniper JUNOSE SOFTWARE 11.0.X - LINK LAYER CONFIGURATION GUIDE 4-1-2010 Configuration Manual (712 pages)
for E Series Broadband Services Routers - Link Layer Configuration
Brand:
Juniper
| Category:
Software
| Size: 7.93 MB
Table of Contents
Table of Contents
9
List of Figures
23
List of Tables
25
About the Documentation
27
Audience
27
Documentation Feedback
27
E Series and Junose Documentation and Release Notes
27
E Series and Junose Text and Syntax Conventions
27
Obtaining Documentation
27
Requesting Technical Support
27
Table 1: Notice Icons
28
Table 2: Text and Syntax Conventions
28
About the Documentation
29
Opening a Case with JTAC
30
Self-Help Online Tools and Resources
30
Atm Nbma
43
Virtual Channel Support
43
Aging
44
ARP Table
44
Static Map Versus Inverse ARP
44
Before You Configure ATM
51
Rate Limiting for F5 OAM Cells
51
Configuration Tasks
52
Creating a Basic Configuration
52
Setting Optional Parameters
54
Optional Tasks on ATM 1483 Subinterfaces
56
Configuring F4 OAM
63
Configuring OAM
63
Configuring F5 OAM
65
Setting a Loopback Location ID
66
Enabling OAM Flush
67
Running ATM Ping
68
Configuring an NBMA Interface
69
Creating an NBMA Static Map
70
Assigning Descriptions to Interfaces
72
Sending Interface Descriptions to AAA
73
Assigning Descriptions to Virtual Paths
74
Exporting ATM 1483 Subinterface Descriptions
74
Configuring Individual ATM PVC Parameters
75
Benefits
76
Creating Control Pvcs
76
Creating Data Pvcs
77
Configuring the Service Category for Data Pvcs
78
Configuring Encapsulation for Data Pvcs
80
Configuring F5 OAM for Data Pvcs
81
Configuring Inverse ARP for Data Pvcs
84
Benefits
85
Configuring ATM VC Classes
85
Precedence Levels
86
Precedence Levels for Static Pvcs
86
Precedence Level Examples
87
Precedence Levels for Dynamic Pvcs
87
Upgrade Considerations
87
Configuring VC Classes
89
Figure 5: MLFR Aggregation of T1 Lines into a Single Bundle
164
Figure 6: Terminating the Bundle at an MLFR Bridge
164
Table 9: LIP Messages and Functions
164
Chapter 3 Configuring Multilink Frame Relay
165
Interface Stacking
165
Platform Considerations
165
Upper-Layer Protocols over Static Ethernet Platform Considerations
184
Configuring IP over a Static Ethernet Interface
185
Interface Specifiers
185
Module Requirements
185
Upper-Layer Protocols over Static Ethernet References
185
Configuring Pppoe over a Static Ethernet Interface
186
Figure 14: Example of Ip/Vlan/Fast Ethernet Stacking Configuration Procedure
204
Configuring MPLS over VLAN
205
Figure 15: Example of Pppoe/Vlan/Fast Ethernet Stacking Configuration Procedure
205
Configuring IP over VLAN and Pppoe over VLAN
206
Configuring an S-VLAN Subinterface
210
Configuring an S-VLAN Subinterface
211
Configuring Pppoe over an S-VLAN
211
Advantages
214
Configuring S-VLAN Tunnels for Layer 2 Services over MPLS
214
Configuration Example
215
Interface Stacking
215
Monitoring VLAN and S-VLAN Subinterfaces
218
S-VLAN Oversubscription
218
Displaying Interface Rate Statistics for VLAN Subinterfaces
219
Using Ethernet Show Commands
221
Ad Link Aggregation for Ethernet Overview
229
Configuring 802.3Ad Link Aggregation and Link Redundancy
229
Higher-Level Protocols
230
Lacp
230
802.3Ad Link Aggregation Platform Considerations
231
Ethernet Link Aggregation and MPLS
231
Load Balancing and Qos
231
Module Requirements
231
Figure 21: Ethernet Link Redundancy Configuration Models
242
Figure 22: GE-2 Line Module Using Physical Port Redundancy
243
Figure 23: Single-Homed GE-2 Line Module Configuration
243
Figure 24: Single-Homed FE-8 Line Module Configuration (1:N)
243
Figure 25: FE-8 Line Module with 4 Redundant Ethernet Links (1:1)
244
Figure 27: GE-8 IOA Configuration Across Ioas (1:N)
245
Figure 28: Dual-Homed Configuration (1:1)
245
Table 10: Behavior of Member Links Using Local and Remote LACP
248
Acquiring Initial Links
249
Detecting Failures
249
Figure 29: Dual-Homed Heterogeneous Configuration in an RSTP
249
Configuring Ethernet Link Redundancy
250
Failing over
250
Monitoring 802.3Ad Link Aggregation
252
Configuring Point-To-Point Protocol
257
Framing
257
Overview
257
Error Frames
258
LCP Negotiation Parameters
258
Link Control Protocol
258
Validation of LCP Peer Magic Number
259
B-RAS Support
260
Authentication
261
Extensible Authentication Protocol
261
Figure 30: Authentication with EAP
261
Rate Limiting for PPP Control Packets
261
EAP Packet Retransmission
262
EAP Types
262
Table 11: Supported EAP Types
262
EAP Behavior in an L2TP Environment
263
Limitations
264
Performance
264
Remote Peer Scenarios During Negotiation of PPP Options
265
IPCP Lockout and Local IP Address Pool Restoration
266
Interface Specifiers
267
Module Requirements
267
Platform Considerations
267
References
268
Before You Configure PPP
269
Configuration Tasks
269
Optional Configuration Tasks
272
Configuring PPP Authentication
277
PPP Accounting Statistics
279
Monitoring PPP Interfaces
280
Troubleshooting
294
Configuring Multilink PPP
297
Overview
297
Application
298
Figure 31: MLPPP Aggregation of T1 Lines into a Single Bundle
298
Figure 32: Structure of MLPPP
298
MLPPP LCP Extensions
298
Table 12: Supported Configurations for MLPPP Fragmentation and Reassembly
319
Bundle Validation and Configuration Guidelines
320
Bundle Validation Failure
321
Configuring Fragmentation and Reassembly for Static MLPPP
321
Recovering from Bundle Validation Failure
321
Static MLPPP over ATM 1483 Example
322
Configuring Fragmentation and Reassembly for Dynamic MLPPP
323
Dynamic MLPPP over L2TP Example
324
Dynamic MLPPP over Pppoe Example
324
Configuring Fragmentation and Reassembly for MLPPP Bundles
327
Monitoring MLPPP
327
Configuring Packet over SONET
343
Overview
343
POS Features
343
Platform Considerations
344
Sonet/Sdh
344
Table 13: most Common SONET/SDH Implementations
344
Interface Specifiers
345
Module Requirements
345
References
345
Before You Configure POS
346
Configuration Tasks
346
Monitoring POS
351
Configuring Point-To-Point Protocol over Ethernet
355
Overview
355
Discovery
356
Figure 33: Pppoe over ATM
356
Pppoe Stages
356
Pppoe Service Name Tables
357
Session
357
Features
358
Table 14: Sample Pppoe Service Name Table
358
Application
359
Enabling the Service Name Table for Use
359
Using the Pppoe Remote Circuit ID to Identify Subscribers
359
Pppoe Remote Circuit ID Capture
360
Pppoe Remote Circuit ID Format
360
Table 15: Configuring Nondefault Formats for the Pppoe Remote Circuit
360
Table 16: Interface Specifier Format Examples for Dsl-Forum-1 Keyword
362
Use by RADIUS or L2TP
363
Platform Considerations
364
Pppoe MTU Configuration
364
System Event Log
364
Interface Specifiers
365
Module Requirements
365
Before You Configure Pppoe
366
Configuring Pppoe over ATM
366
References
366
Figure 34: Example of Pppoe over ATM Stacking
369
Configuring Ipv4 and Ipv6 over Pppoe with VLAN
373
Configuring Pppoe for Ethernet Modules
373
Pppoe Interface and Subinterface Limits
373
Figure 35: Example of Configuring Ipv4 and Ipv6 over Pppoe
374
Figure 36: Example of Pppoe Stacking
378
Configuring PADM Messages
381
Configuring PADN Messages
383
Configuring Pppoe Service Name Tables
384
Creating and Populating Pppoe Service Name Tables
384
Table 17: Default Pppoe Service Name Table
384
Table 18: Pppoe Service Name Table with Entries
385
Enabling Pppoe Service Name Tables for Use with Static Interfaces
387
Pppoe over ATM Configurations
387
Pppoe over Ethernet Configurations
389
Enabling Pppoe Service Name Tables for Use with Dynamic Interfaces
390
Configuring PADS Packet Content
392
Configuring Pppoe Remote Circuit ID Capture
393
Monitoring Pppoe
399
Troubleshooting
414
Configuring Bridged IP
417
Overview
417
Proxy ARP
417
Link Failure and Acquisition
246
Protecting against Physical Link Failure
246
Protecting against Virtual Link Failure
246
LACP Configuration and Member Link Behavior
247
Reverting after a Failover
247
Ethernet Link Redundancy and RSTP
248
Member Link with Non-LAG Partner
248
Figure 26: Single-Homed GE-4 IOA Configuration (1:4)
244
Ethernet Link Redundancy Behavior
245
Chapter 3 Configuring Multilink Frame Relay
31
Chapters
31
Part 1 Chapters
31
Configuring ATM
33
Overview
33
ATM Interfaces
34
ATM Physical Connections
34
Figure 1: ATM Interface Column
34
ATM Adaptation Layer
35
ATM Svcs
35
ATM Virtual Connections
35
Chapter 1 Configuring ATM
35
Virtual Channel Connection
35
Virtual Path Connection
35
Local ATM Passthrough
36
VCC Cell Relay Encapsulation
36
Connection Admission Control
37
Table 3: Scheduling Priorities for Traffic Classes
37
Traffic Management
37
Table 4: Traffic Parameters Used to Compute Bandwidth
38
Ilmi
39
VPI/VCI Address Ranges
39
Module Requirements
40
Platform Considerations
40
VP Tunneling
40
Interface Specifiers
41
References
41
Module Capabilities
42
Supported Features
42
Table 5: ATM Capabilities on Line Modules and I/O Modules
42
Figure 2: NBMA Interface Stack
44
End-To-End and Segment Endpoints
45
Fault Management
45
Operations, Administration, and Management of ATM Interfaces
45
Removing Circuits
45
How the ATM Interface Handles AIS Cells
46
How the ATM Interface Handles RDI Cells
46
Activating CC Cell Flow
47
Activation and Deactivation Cells
47
Continuity Verification
47
Deactivating CC Cell Flow
47
After CC Cell Flow Is Enabled
48
Loopback
48
VC Integrity
48
ATM Ping
49
F4 OAM Cells
49
Automatic Disabling of F5 OAM Services
50
How the ATM Interface Handles Loopback Cells Received
50
Table 6: Handling of F4 and F5 Loopback Cells Received
50
Figure 3: Configuring an ATM Interface, Subinterface, and PVC
53
Table 7: F5 OAM Configuration Tasks and Associated Commands
81
Table 8: Commands to Configure VC Class Attributes
89
Assigning VC Classes to Individual Pvcs
94
Assigning VC Classes to ATM Major Interfaces
95
Assigning VC Classes to Static ATM 1483 Subinterfaces
96
Assigning VC Classes to Base Profiles for Bulk-Configured VC Ranges
97
Example 1: Explicitly Changing the Service Category
97
Precedence Level Examples for Assigning VC Classes
97
Example 2: Changing the Encapsulation Method in the VC Class
98
Example 3: Effect of Using the Atm Pvc Command
98
Example 4: Overriding RADIUS Values
98
Configuring Dynamic ATM 1483 Subinterfaces
99
Monitoring ATM
99
Displaying Interface Rate Statistics for ATM Vcs and ATM Vps
100
Setting Statistics Baselines
100
Using ATM Show Commands
104
Configuring Frame Relay
137
Framing
137
Overview
137
Error Frames
138
Unicast and Multicast Addressing
138
User-To-Network and Network-To-Network Interfaces
138
Module Requirements
139
Platform Considerations
139
Figure 7: Structure of MLFR
165
Interface Specifiers
166
Module Requirements
166
References
166
Supported MLFR Features
166
Unsupported MLFR Features
167
Before You Configure MLFR
168
Configuration Tasks
168
Configuration Example
169
Configuring Frame Relay Versus MLFR
169
Monitoring MLFR
170
Upper-Layer Protocols over Static Ethernet Overview
183
Figure 10: Example of Pppoe Stacking Configuration Procedure
187
Figure 11: Example of IP and MPLS Stacking Configuration Procedure
187
Figure 12: Example of IP, MPLS, and Pppoe Stacking Configuration
188
Figure 13: Use of Vlans to Multiplex Different Protocols over a Single Physical
200
Interface Specifiers
201
Module Requirements
201
VLAN and S-VLAN Platform Considerations
201
Creating a VLAN Major Interface
202
Creating a VLAN Subinterface
202
VLAN and S-VLAN References
202
Configuring IP over VLAN
203
Configuring Pppoe over VLAN
204
Figure 16: Example of Mpls/Vlan/Fast Ethernet Stacking Configuration Procedure
206
Figure 17: Example of Pppoe over VLAN with IP over VLAN Stacking
208
Figure 18: Example of Pppoe over S-VLAN Stacking Configuration
212
Figure 19: S-VLAN Tunnels for Ethernet Layer 2 Services over MPLS
215
Figure 20: Interface Stack for 802.3Ad Link Aggregation
230
Chapter 2 Configuring Frame Relay
139
Figure 4: Interconnection and Relationship of Nnis and Subnetworks
139
Before You Configure Frame Relay
140
Interface Specifiers
140
References
140
Configuring Frame Relay
141
End-To-End Fragmentation and Reassembly
149
Frame Fragmentation
149
Frame Reassembly
149
Configuring End-To-End Fragmentation
150
Map Class
150
Monitoring Frame Relay
153
Configuring Multilink Frame Relay
163
Overview
163
T1/E1 Connections
163
MLFR Link Integrity Protocol
164
L2TP and Ethernet
189
Monitoring Upper-Level Protocols over Ethernet
189
Multinetting and Ethernet
189
Configuring VLAN and S-VLAN Subinterfaces
199
VLAN Overview
199
S-VLAN Overview
200
MLPPP Link Selection
299
Platform Considerations
300
Interface Specifiers
301
Module Requirements
301
References
301
Supported MLPPP Features
302
Before You Configure Static MLPPP
306
Configuring Static MLPPP
306
Unsupported MLPPP Features
306
Configuration Example
308
Contextual Command Differences
308
Configuring Authentication
309
Configuring Other PPP Attributes
311
Configuring Dynamic MLPPP
317
Configuring MLPPP Fragmentation and Reassembly
318
Overview
318
Application
319
Link Configuration Parameters
319
Module Requirements
319
Supported Configurations
319
Advertisement
Related Products
Juniper JUNOS SOFTWARE 10.2 - SOFTWARE INSTALLATION AND UPGRADE GUIDE 4-28-2010
Juniper JUNOS 10.1 - CONFIGURATION GUIDE 1-2010
Juniper JUNOSE 11.1.X - BROADBAND ACCESS CONFIGURATION GUIDE 6-4-2010
Juniper JUNOSE 11.1.X - QUALITY OF SERVICE CONFIGURATION GUIDE 3-21-2010
Juniper JUNOSE SOFTWARE FOR E SERIES 11.0.X - BGP AND MPLS CONFIGURATION GUIDE 2009-12-30
Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - PHYSICAL LAYER CONFIGURATION GUIDE 2010-09-24
Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - LINK LAYER CONFIGURATION GUIDE 2010-10-13
Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - QUALITY OF SERVICE CONFIGURATION GUIDE 2010-09-22
Juniper ERX - RELEASE 11.1.X MODULE GUIDE 4-6-2010
Juniper ADVANCED INSIGHT SCRIPTS 2.5 - S REV 1
Juniper Categories
Network Router
Switch
Gateway
Software
Network Hardware
More Juniper Manuals
Login
Sign In
OR
Sign in with Facebook
Sign in with Google
Upload manual
Upload from disk
Upload from URL