Known Behavior; Aaa; Atm - Juniper JUNOSE SOFTWARE FOR E SERIES 11.3.X - RELEASE NOTES 2010-11-09 Release Note

Known Behavior

AAA

ATM

Copyright © 2010, Juniper Networks, Inc.
This section briefly describes E Series router behavior and related issues. In some cases
the behavior differs from non–E Series implementations; in others the behavior is
included to emphasize how the router works.
Although you can use the max-sessions command to configure a maximum of

32,000 outstanding authentication/authorization requests to a RADIUS server, AAA
internal limits prevent the actual number of outstanding
authentication/authorization requests from exceeding 9600. These internal AAA
limits apply only to authentication/authorization requests and not to accounting
requests.
The JunosE Software does not support accounting for ATM 1483 subscribers. The

atm1483 keyword for the aaa accounting default command is present in the CLI, but
it is not supported.
You cannot configure connection admission control (CAC) on an ATM interface on

which you have created a bulk-configured virtual circuit (VC) range for use by a
dynamic ATM 1483 subinterface. Conversely, you cannot create a bulk-configured VC
range on an ATM interface on which you have configured CAC. The router rejects
these configurations, which causes them to fail.
Configuring CAC and bulk-configured VCs on the same ATM interface was supported
in previous JunosE Software releases. As a result, If you are upgrading to the current
JunosE release from a lower-numbered release, configurations that use CAC and
bulk configuration on the same ATM interface continue to work. However, we
recommend that you disable CAC on these ATM interfaces to ensure continued
compatibility with future JunosE releases.
The ATM peak cell rate (PCR) does not appear in the L2TP Calling Number AVP for

the first PPP session when the ATM shaping parameters were configured by RADIUS
return attributes.
When you reload an ATM line module that is configured with NBMA circuits as

passive OSPF interfaces and that has established OSPF adjacencies and IBGP peers
(configured on Gigabit Ethernet interfaces), the transmission of OSPF hello packets
might be affected until all the NBMA interfaces have initialized.
Work-around: Either remove the passive OSPF interface statements on the NBMA
interfaces, or statically configure the OSPF cost on the NBMA interfaces.
When you use the no-authenticate keyword with the subscriber command to prevent

subscriber authentication so that the subscriber information can be used for DHCP
option 82, suboption 2, the SRP module can reset. This issue does not occur when
you use the no-authenticate keyword with the subscriber command as a way to
perform a RADIUS configuration.
When you perform an snmpWalk on the juniAtmSubIfVccTable, a response is

received for only a few of the total configured ATM subinterfaces when both of the
following are true: the router has a line module that has some ATM-related
configuration and the line module is in the disabled state.
Release 11.3.0

Known Behavior

15