Access-Request Message - Juniper JUNOSE SOFTWARE 11.0.X - BROADBAND ACCESS CONFIGURATION GUIDE 4-1-2010 Configuration Manual

JUNOSe 11.0.x Broadband Access Configuration Guide
Table 77: Session Operational States (continued)
Outgoing Call Setup Details
This section details the process described in "Dial-Out Process" on page 407.

Access-Request Message

To create the username in the authentication request, the router uses the trigger,
dial-out route, domain name, and optional Multiprotocol Label Switching (MPLS)
route distinguisher (RD). The username is constructed as follows:
For example, given a dial-out route with an IP prefix of 10.10.0.0/16, a domain name
of L2TP-dial-out.de.dt, and an MPLS RD of 0.0.0.0:65000, if a trigger packet arrives
with a destination IP address of 10.10.1.1, the router creates the following username:
No password is offered, and the authentication request is passed to the S-series AAA
server for normal authentication processing.
Using the above example, the AAA domain map processes the L2TP-dial-out.de.dt
domain as for any other domain. If RADIUS authentication is configured for the
authenticating virtual router (VR) context, AAA passes the authentication request to
410
L2TP Dial-Out Overview
State Description
dormant A session enters the dormant state after completion of a postInhibited state.
The dormant timer is initialized to the chassis-wide dormant timer value,
minus the time the session spent in the postInhibited state. Receipt of a new
trigger packet transitions the session to the authenticating state. If the
dormant timer expires, the session is deleted. The dormant state exists to
allow analysis of a dial-out session before it is deleted.
pending A session enters the pending state when a valid trigger is received but there
already are the maximum number of connecting sessions in the router. The
router discards all subsequent trigger packets until other sessions transition
out of the connecting state. When this happens, pending sessions can
transition to the dormant state.
failed A session enters the failed state when the router detects a configuration error
that prevents the successful operation of the session. Specifically, one of the
final steps in a dial-out request is mutual PPP authentication at the LNS. A
side-effect of authentication is the installation of an access route for the
outgoing call. If the access route does not correspond to the trigger packet
(that is, the trigger packet cannot be routed successfully by the new access
route), the router detects this discrepancy as a configuration error because
trigger packets that arrive are not forwarded into the outgoing call; rather,
they are buffered or discarded.
The only way to exit the failed state is with the l2tp dial-out session reset
command.
[MPLS RD]/{trigger destination address}@domain-name
0.0.0.0:65000/10.10.1.1@L2TP-dial-out.de.dt