Configuring SRC ACP Properties
To configure SRC ACP properties, perform these tasks:
- Configuring Logging Destinations for SRC ACP
- Configuring SRC ACP Operation
- Configuring CORBA Interfaces
- Configuring SRC ACP Redundancy
- Configuring Connections to the Subscribers’ Directory
- Configuring Connections to the Services’ Directory
- Configuring SRC ACP Scripts and Classification
Configuring Logging Destinations for SRC ACP
Use the following configuration statements to configure logging destinations for SRC ACP:
- shared acp configuration logger name ...
- shared acp configuration logger name file {
- filter filter;
- filename filename;
- rollover-filename rollover-filename;
- maximum-file-size maximum-file-size;
- }
- shared acp configuration logger name syslog {
- filter filter;
- host host;
- facility facility;
- format format;
- }
Configuring Logging Destinations to Store Messages in a File
To configure logging destinations to store log messages in a file:
- From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called file-1 is configured in the config group.
- Specify the properties for the logging destination.
For more information about configuring properties for the logging destination, see Configuring a Component to Store Log Messages in a File (SRC CLI).
- (Optional) Verify your configuration.
[edit shared acp group config configuration logger file-1 file] user@host# show filename var/log/acp_debug.log; rollover-filename var/log/acp_debug.alt;
Configuring Logging Destinations to Send Messages to System Logging Facility
To configure logging destinations to send log messages to the system logging facility:
- From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called syslog-1 is configured in the config group.
- Specify the properties for the logging destination.
For more information about configuring properties for the logging destination, see Configuring System Logging (SRC CLI).
- (Optional) Verify your configuration.
[edit shared acp group config configuration logger syslog-1 syslog] user@host# show filter /error-; host loghost;
Configuring SRC ACP Operation
Use the following configuration statements to configure how SRC ACP operates:
- shared acp configuration acp-options {
- backup-directory backup-directory;
- mode (edge | backbone | dual);
- event-cache-size event-cache-size;
- overload-method overload-method;
- reservation-timeout reservation-timeout;
- congestion-point-auto-completion;
- tuning-factor tuning-factor;
- subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message;
- network-bandwidth-exceed-message network-bandwidth-exceed-message;
- backup-database-maximum-size backup-database-maximum-size;
- remote-update-database-index-keys remote-update-database-index-keys;
- interface-tracking-filter interface-tracking-filter;
- state-sync-bulk-size state-sync-bulk-size;
- }
To configure SRC ACP operation:
- From configuration mode, access the configuration statement that configures SRC ACP operation. In this sample procedure, the SRC ACP operating properties are configured in the config group.
- Specify the folder that stores backup information about subscribers, services, and congestion points.
- Specify the regions of the network that SRC ACP manages.
- Specify the number of plug-in events from the SAE that SRC ACP can store in its cache.
- Specify how SRC ACP deals with situations in which the
components exceed the allocated bandwidth because the service was
activated after the authorization was granted.
- [edit shared acp group config configuration acp-options]
- user@host# set overload-method overload-method
If you specify -1, SRC ACP ignores overload. An integer greater than or equal to 0 specifies the bandwidth (in bits per second) by which the maximum may be exceeded.
- Specify the time to wait before a bandwidth reservation expires. The reserved bandwidth is reclaimed by SRC ACP when the reservation expires.
- Specify whether SRC ACP uses the information acquired from the router to determine the congestion points.
- Specify the factors that compensate for actual use of bandwidth, as opposed to allocated bandwidth.
- Specify the error message that SRC ACP sends when the subscriber exceeds the allocated bandwidth.
- Specify the error message that SRC ACP sends when traffic flow exceeds the allocated bandwidth on an interface between the subscriber and the router.
- Specify the value by which the sum of the sizes of the
files that contain SRC ACP data can increment before SRC ACP reorganizes
the files.
- [edit shared acp group config configuration acp-options]
- user@host# set backup-database-maximum-size backup-database-maximum-size
Choose a value that is significantly lower than the capacity of the machine’s hard disk.
- Specify the values to look for in the configuration
data. Specifying index keys can improve performance by filtering the
data.
- [edit shared acp group config configuration acp-options]
- user@host# set remote-update-database-index-keys remote-update-database-index-keys
The value is a list of attributes, separated by commas. An attribute is one of the following text strings:
- accountingId—Value of directory attribute accountingUserId.
- dhcpPacket—Content of the DHCP discover request.
- hostname— Name of the host on which the SAE is installed.
- ifIndex—SNMP index of the interface. This attribute is not supported on JUNOS routing platforms.
- ifRadiusClass—RADIUS class attribute on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- ifSessionId—Identifier for RADIUS accounting on the JUNOSe interface. This attribute is not supported on JUNOS routing platforms.
- interfaceAlias—Alias of the interface; that is, the IP description in the interface configuration.
- interfaceDescr—SNMP description of the interface.
- interfaceName—Name of the interface.
- loginName—Subscriber's login name.
- nasInetAddress—IP address of the router; using a byte array instead of an integer.
- nasPort—NAS port used by the router to identify the interface to RADIUS.
- portId—Identifier of VLAN or virtual circuit. For
a virtual circuit, use the format <VPI>/<VCI>. This attribute
is not supported on JUNOS routing platforms.
- <VPI>—Virtual path identifier
- <VCI>—Virtual connection identifier
- primaryUserName—PPP login name or the public DHCP username. This attribute is not supported on JUNOS routing platforms.
- routerName—Name of the virtual router in the format
<virtualRouter>@<router>.
- <virtualRouter>—Virtual router name
- <router>—Router name
- routerType—Type of router driver.
- userInetAddress—IP address of the subscriber that uses a byte array instead of an integer.
- userMacAddress—MAC address of the DHCP subscriber. This attribute is not supported on JUNOS routing platforms.
- userRadiusClass—RADIUS class attribute of the subscriber session for a service. This attribute can occur multiple times and can be returned by an authorization plug-in.
- userType—Type of subscriber.
- Specify the interface tracking event to be ignored by
SRC ACP.
- [edit shared acp group config configuration acp-options]
- user@host# set interface-tracking-filter interface-tracking-filter
The value is filter strings in the format of a list of <attribute>=<value> pairs. The filter strings can be contained within query operations.
- <attribute>—Name of an attribute for an interface tracking event. See value for the remote-update-database-index-keys option described Configuring SRC ACP Properties.
- <value>—Filtering string of the following types:
- *—Any value
- Explicit string—Any value matching the specified string (not case-sensitive)
- String containing an asterisk—Any value containing the specified string (not case-sensitive)
- To perform query operations on filter strings, you can
use the following values in your filter strings:
- ()—Match no objects.
- (*)—Match all objects.
- (&<filter><filter>...)—Performs logical AND operation on filter strings; true if all filter strings match.
- (|<filter><filter>...)—Performs logical OR operation on filter strings; true if at least one filter string matches.
- (!<filter>)—Performs logical NOT operation on filter string; true if the filter string does not match.
- (Optional) Specify the number of events the SAE sends to SRC ACP in a single method call during state synchronization.
- (Optional) Verify your configuration.
[edit shared acp group config configuration acp-options] user@host# show
Configuring CORBA Interfaces
Use the following configuration statements to configure CORBA interfaces for SRC ACP:
To configure CORBA interfaces:
- From configuration mode, access the configuration statement that configures CORBA interfaces for SRC ACP. In this sample procedure, the CORBA interfaces are configured in the config group.
- Export the object reference for SRC ACP through either a local file or a Common Object Services (COS) naming service.
- Specify the object reference for the ACP external interface.
- (Optional) Verify your configuration.
[edit shared acp group config configuration corba] user@host# show acp-ior file:///var/acp/acp.ior; remote-update-ior file:///var/acp/sra.ior;
Configuring SRC ACP Redundancy
Use the following configuration statements to configure SRC ACP redundancy and state synchronization with the SAE:
- shared acp configuration redundancy {
- enable-redundancy;
- local-ior local-ior;
- remote-ior remote-ior;
- ignore-user-tracking-out-of-sync;
- community-heartbeat community-heartbeat;
- community-acquire-timeout community-acquire-timeout;
- community-blackout-timeout community-blackout-timeout;
- redundant-naming-service redundant-naming-service;
- }
To configure SRC ACP redundancy and state synchronization with the SAE:
- From configuration mode, access the configuration statement that configures SRC ACP redundancy. In this sample procedure, the properties are configured in the config group.
- (Optional) Enable SRC ACP redundancy.
- Export the object reference for this SRC ACP (local interface) through a Common Object Services (COS) naming service in a redundant SRC ACP configuration.
- Resolves the object reference for the other SRC ACP (remote interface) through a Common Object Services (COS) naming service in a redundant SRC ACP configuration. For redundancy, the remote IOR value of one SRC ACP must match the local IOR value of the other SRC ACP.
- (Optional) Specify whether user tracking events should be ignored when they raise an OutOfSync exception to the SAE when state synchronization is enabled. SRC ACP raises an OutOfSync exception when SRC ACP handles service tracking or authentication events without receiving a user start event first.
- (Optional) Specify the time interval for community members to check each other’s availability when both redundancy and state synchronization are enabled.
- (Optional) Specify the time to wait before trying to reacquire the distributed lock when both redundancy and state synchronization are enabled.
- (Optional) Specify the time to wait before regaining control when both redundancy and state synchronization are enabled.
- Export the object reference for the backup naming service through a local file or COS naming service in a redundant SRC ACP configuration. The primary SRC ACP registers the IOR and redundancy IOR to both naming services, while the secondary SRC ACP registers the redundancy IOR to both naming services.
- (Optional) Verify your configuration.
[edit shared acp group config configuration redundancy] user@host# show
Configuring Connections to the Subscribers’ Directory
Use the following configuration statements to configure how SRC ACP connects to the directory that contains subscriber information:
- shared acp configuration ldap subscriber-data {
- congestion-points-eventing;
- server-address server-address;
- server-port server-port;
- dn dn;
- principal principal;
- password password;
- event-dn event-dn;
- directory-eventing;
- polling-interval polling-interval;
- }
To configure connections to the directory that stores subscriber information:
- From configuration mode, access the configuration statement that configures SRC ACP connections to the subscribers’ directory. In this sample procedure, the connections are configured in the config group.
- (Optional) Enable directory eventing for congestion points.
- Specify the list of primary and redundant servers that manage data for subscribers.
- Specify the TCP port for the directory.
- Specify the DN of the root of the directory.
- Specify the DN used to authorize connections to the directory.
- Specify the password used to authorize connections to the directory.
- Specify the DN of the directory that contains event information.
- (Optional) Enable directory eventing.
- Specify the time interval at which the SRC component polls the directory.
- (Optional) Verify your configuration.
[edit shared acp group config configuration ldap subscriber-data] user@host# show
Configuring Connections to the Services’ Directory
Use the following configuration statements to configure how SRC ACP connects to the directory that contains information about services:
- shared acp configuration ldap service-data {
- edge-congestion-point-dn edge-congestion-point-dn;
- backbone-congestion-point-dn backbone-congestion-point-dn;
- reload-congestion-points;
- congestion-points-eventing;
- server-address server-address;
- server-port server-port;
- dn dn;
- principal principal;
- password password;
- event-dn event-dn;
- directory-eventing;
- polling-interval polling-interval;
- }
To configure connections to the directory that stores service information:
- From configuration mode, access the configuration statement that configures SRC ACP connections to the services’ directory. In this sample procedure, the connections are configured in the config group.
- Specify the DN of the directory that contains information about network interfaces for edge congestion points.
- Specify the DN of the directory that contains information about network interfaces for backbone congestion point objects.
- (Optional) Specify whether SRC ACP detects changes in
the backbone congestion point for a service while SRC ACP is operative.
- [edit shared acp group config configuration ldap service-data]
- user@host# set reload-congestion-points
Set this value only when you want to modify a congestion point.
- (Optional) Enable directory eventing for congestion points.
- Specify the list of primary and redundant servers that manage data for subscribers.
- Specify the TCP port for the directory.
- Specify the DN of the root of the directory.
- Specify the DN used to authorize connections to the directory.
- Specify the password used to authorize connections to the directory.
- Specify the DN of the directory that contains event information.
- (Optional) Enable directory eventing.
- Specify the time interval at which the SRC component polls the directory.
- (Optional) Verify your configuration.
[edit shared acp group config configuration ldap service-data] user@host# show
Configuring SRC ACP Scripts and Classification
Use the following configuration statements to configure SRC ACP scripts and classification:
- shared acp configuration scripts-and-classification {
- script-factory-class script-factory-class;
- classification-factory-class classification-factory-class;
- classification-script classification-script;
- congestion-point-profile-script congestion-point-profile-script;
- extension-path extension-path;
- }
To configure scripts and classification:
- From configuration mode, access the configuration statement that configures SRC ACP scripts and classification. In this sample procedure, the properties are configured in the config group.
- Specify the script factory class name.
- Specify the congestion point classifier factory class name.
- Specify the class name for congestion point classification.
- Specify the class name for generating the congestion point DN by using the congestion point profile.
- Specify the extension class path for classes not located in the /opt/UMC/acp/lib directory.
- (Optional) Verify your configuration.
[edit shared acp group config configuration scripts-and-classification] user@host# show