Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring IPv4 Characteristics for a Profile

    To configure IPv4 characteristics for a profile:

    • Enable an access route in a profile.
      host1(config-profile)#ip access-routes

      Use the no version to remove the access route.

    • Assign an IP address to a profile.
      host1(config-profile)#ip address 192.13.5.61

      Use the no version to remove the IP address assignment from the profile.

    • Allow more than one subscriber to have the same IP address across different virtual routers in the dynamic subscriber interface configuration by appending the virtual router name to the interface. You can use this command from either Interface Configuration mode or Profile Configuration mode.
      host1(config-profile)#ip auto-configure append-virtual-router-name

      Use the no version to disable ip auto-configure on the static primary interface if it is already configured. This feature is enabled by default in non-dynamic subscriber interface configuration with DHCP-Local Server

    • Configure a primary IP interface to enable dynamic creation of subscriber interfaces.

      You can use the include-primary keyword to specify that the primary interface is assigned to the first subscriber.

      You can use the exclude-primary keyword to specify that the primary interface is not used for dynamic subscribers. By default, the primary interface is not assigned to a dynamic subscriber.

      host1(config-profile)#ip auto-configure ip-subscriber include-primary

      Use the no version to disable creation of dynamic subscriber interfaces associated with this primary IP interface. Use the no version with the include-primary keyword to specify that the primary interface is not assigned to a subscriber. Use the no version with the exclude-primary keyword to specify that the primary interface is assigned to a subscriber.

    • Enable packet detection on the router and specify that IP automatically detect packets that do not match any entries in the demultiplexer table.
      host1(config-profile)#ip auto-detect ip-subscriber

      Use the no version to restore the default behavior, which disables packet detection.

    • Enable a directed broadcast address in a profile.
      host1(config-profile)#ip directed-broadcast

      Use the no version to remove the directed broadcast address from the profile.

    • Filter out packets that include IP options.
      host1(config-profile)#ip filter-options all

      Use the no version to disable filtering of packets with IP options.

    • Enable IGMP on an interface, and set the IGMP version to IGMPv2.
      host1(config-profile)#ip igmp

      Use the no version to disable IGMP on an interface.

    • Force the router to ignore the DF bit if it is set in the IP packet header for packets on an interface.

      Note: You can also use RADIUS VSA [26-70] to configure the router’s DF bit support. The action configured by the RADIUS VSA takes precedence over the action configured by the ip ignore-df-bit command. For more information, see Juniper Networks VSAs and Juniper Networks VSAs Supported for Subscriber AAA Access Messages.

      host1(config-profile)#ip ignore-df-bit

      Use the no version to restore the default behavior, which is to consider the DF bit before fragmentation.

    • Configure an inactivity timer value for an IP interface. IP polls the dynamic interface at the configured interval to determine whether the interface was active during the interval. Inactive interfaces are deleted only when the period of inactivity is equal to or greater than the configured value.

      For example, if you configure an inactivity timer of 15 minutes, IP polls the interface every 15 minutes. If a poll determines that the interface was last active 14 minutes earlier, the inactive time is less than the configured value so nothing happens. IP polls again 15 minutes later. If the interface is still inactive then the total period of inactivity is now 29 minutes. This is greater than the configured value and the interface is deleted.

      host1(config-profile)#ip inactivity-timer 100

      Use the no version to restore the default behavior, which disables the inactivity timer.

    • Associate an inspection list to the inbound or outbound side of the IP interface.
      host1(config-profile)#ip inspection list1

      Use the no version to remove the inspection list association to this interface.

    • Assign the maximum transmission unit size sent on an IP interface.
      host1(config-profile)#ip mtu 1000

      Use the no version to restore the default value, 0, which means that the router takes the value from a lower protocol layer.

    • Mark interfaces that participate in NAT translation as residing on the inside or the outside network.
      host1(config-profile)#ip nat inside

      Use the no version to unmark the interface (the default) so that it does not participate in NAT translation.

    • Assign a policy list to the ingress or egress of an interface to which the profile is attached.
      host1(config-profile)#ip policy secondary-input my-policy

      Use the no version to remove the association between a policy list and a profile.

    • Enable the sending of redirect messages if the software is forced to resend a packet through the same interface on which it was received.
      host1(config-profile)#ip redirects

      Use the no version to remove the assignment from the profile.

    • Enable J-Flow statistics on the interface.
      host1(config-profile)#ip route-cache flow sampled

      Use the no version to delete J-Flow statistics from the profile.

    • Configure an interface for route-map processing and specify the route map that is applied to the IP interface subscriber.
      host1(config-profile)#ip route-map ip-subscriber chicagoRouteMap

      Use the no version to delete the route map.

    • Enable source address validation on an IP interface. Source address validation verifies that a packet has been sent from a valid source address.
      host1(config-profile)#ip sa-validate

      Use the no version to disable source address validation.

    • Modify the maximum segment size for TCP SYN packets traveling through the interface.
      host1(config-profile)#ip tcp adjust-mss 200

      Use the no version to remove the maximum segment size modification.

    • Specify the unnumbered interface with which dynamic interfaces created with the profile are associated.

      You can configure a loopback using RADIUS instead of adding one to the profile using the ip unnumbered loopback command.

      host1(config-profile)#ip unnumbered loopback 5

      Use the no version to remove the assignment from the profile.

    • Assign a virtual router to a profile. Interfaces created by the profile are attached to this virtual router.

      If the virtual router specified in a profile with the ip virtual-router command differs from the virtual router provided by AAA, IP uses the virtual router provided by AAA when the dynamic IP upper-layer interface is created. For more information about using the ppp authentication virtual-router command, see Configuring MLPPP and PPP Characteristics for a Profile.

      host1(config-profile)#ip virtual-router salem1

      Use the no version to remove the virtual router assignment from the profile. If no virtual router is specified via RADIUS, then any subsequent use of the profile to create a dynamic interface fails for lack of a virtual router.

     

    Related Documentation

     

    Published: 2014-08-14

    Previous Page Next Page