JUNOS 9.3 Services Interfaces Configuration Guide DVD Home Techpubs Home Report an Error Collapse TOC List of Figures List of Tables Index Index of Statements and Commands Entire manual as PDF		About This Guide Objectives Audience Supported Routing Platforms Using the Indexes Using the Examples in This Manual Documentation Conventions List of Technical Publications Documentation Feedback Requesting Technical Support Services Interfaces Overview Services PIC Types Supported Platforms Services Interfaces Configuration Statements [edit applications] Hierarchy Level [edit forwarding-options] Hierarchy Level [edit interfaces] Hierarchy Level [edit logical-systems] Hierarchy Level [edit protocols] Hierarchy Level [edit services] Hierarchy Level Adaptive Services Overview Enabling Service Packages Layer 2 Service Package Capabilities and Interfaces Services Configuration Procedure Packet Flow Through the Adaptive Services or MultiServices PIC Stateful Firewall Overview Stateful Firewall Support for Application Protocols Stateful Firewall Anomaly Checking Network Address Translation Overview Traditional NAT Twice NAT IPSec Overview IPSec Security Associations IKE Comparison of IPSec Services and ES Interface Configuration Layer 2 Tunneling Protocol Overview Voice Services Overview Class of Service Overview Packet Overview Examples: Services Interfaces Configuration Applications Configuration Guidelines Configuring Application Protocol Properties Configuring an Application Protocol Configuring the Network Protocol Configuring the ICMP Code and Type Configuring Source and Destination Ports Configuring the Inactivity Timeout Period Configuring SIP Configuring an SNMP Command Configuring an RPC Program Number Configuring the TTL Threshold Configuring a Universal Unique Identifier Configuring Application Sets ALG Descriptions Basic TCP ALG Basic UDP ALG BOOTP DCE RPC Services FTP H323 ICMP IIOP NetShow RealAudio RPC and RPC Portmap Services RTSP SMB SNMP SQLNet TFTP Traceroute UNIX Remote-Shell Services WinFrame Verification FTP Example Sample Output FTP System Log Messages Analysis Control Flows Data Flows Troubleshooting Questions RTSP ALG Example Sample Output Analysis Troubleshooting Questions System Log Messages System Log Configuration System Log Output JUNOS Default Groups Examples: Referencing the Preset Statement from the JUNOS Default Group Examples: Configuring Applications Summary of Applications Configuration Statements application application-protocol application-set applications destination-port icmp-code icmp-type inactivity-timeout learn-sip-register protocol rpc-program-number sip-call-hold-timeout snmp-command source-port ttl-threshold uuid Stateful Firewall Services Configuration Guidelines Configuring Stateful Firewall Properties Configuring the Stateful Firewall Rule Set Configuring Stateful Firewall Rule Content Configuring Match Direction Configuring Stateful Firewall Match Conditions Configuring Stateful Firewall Actions Configuring IP Option Handling Examples: Configuring Stateful Firewall Properties Summary of Stateful Firewall Configuration Statements allow-ip-option application-sets applications destination-address destination-address-range destination-prefix-list from match-direction rule rule-set services source-address source-address-range source-prefix-list syslog term then Network Address Translation Services Configuration Guidelines Configuring Network Address Translation Properties Configuring Address and Port Information Configuring a Pool Specifying the Destination or Source Prefix Addressing Information Configuring IPv6 Multicast Filters Configuring the NAT Rule Set Configuring NAT Rule Content Configuring NAT Match Direction Configuring NAT Type Configuring NAT Match Conditions Configuring NAT Actions Examples: Configuring Network Address Translation Properties Dynamic Source Translation Static Source Translation Dynamic and Static Source Translation Oversubscribed Pool with No Fallback Oversubscribed Pool with a Fallback to NAPT Multiple Prefixes and Address Ranges in Static Source Translation Assigning Addresses from a Dynamic Pool for Static Use Configuring NAT Rules Without Defining a Pool Configuring Specific Addresses That Are Not to Be Translated Configuring Network Address Translation for Multicast Traffic Rendezvous Point Configuration Router 1 Configuration Configuring Twice NAT Configuring Full-Cone NAT Summary of Network Address Translation Configuration Statements address address-range application-sets applications destination-address destination-address-range destination-pool destination-prefix destination-prefix-list from hint ipv6-multicast-interfaces match-direction nat-type no-translation overload-pool overload-prefix pgcp pool port ports-per-session remotely-controlled rule rule-set services source-address source-address-range source-pool source-prefix source-prefix-list syslog term then translated translation-type translation-type (Traditional NAT) translation-type (Twice NAT) transport Intrusion Detection Service Configuration Guidelines Configuring Intrusion Detection Properties Configuring the IDS Rule Set Configuring IDS Rule Content Configuring Match Direction Configuring IDS Match Conditions Configuring IDS Actions Examples: Configuring Intrusion Detection Properties Summary of Intrusion Detection Service Configuration Statements aggregation application-sets applications by-destination by-pair by-source destination-address destination-address-range destination-prefix destination-prefix-ipv6 destination-prefix-list force-entry from ignore-entry logging match-direction mss rule rule-set services session-limit source-address source-address-range source-prefix source-prefix-ipv6 source-prefix-list syn-cookie syslog term then threshold IPSec Services Configuration Guidelines Minimum Security Association Configurations Manual SA Configuration Dynamic SA Configuration Configuring Security Associations Configuring Manual Security Associations Configuring Direction Example: Configuring Inbound and Outbound Direction Statements Example: Configuring Bidirectional Statement Configuring the Protocol Configuring the Security Parameter Index Configuring the Auxiliary Security Parameter Index Configuring Authentication Configuring Encryption Configuring Dynamic Security Associations Clearing Security Associations Configuring an IKE Proposal Configuring an IKE Authentication Algorithm Configuring an IKE Authentication Method Configuring an IKE Diffie-Hellman Group Configuring an IKE Encryption Algorithm Configuring the Lifetime for an IKE SA Example: Configuring an IKE Proposal Configuring an IKE Policy Configuring the IKE Policy Mode Configuring IKE Policy Proposals Configuring a Preshared Key Configuring a Local Certificate Configuring a Certificate Revocation List Configuring an IKE Policy Description Configuring Local and Remote IDs Example: Configuring an IKE Policy Configuring an IPSec Proposal Configuring an Authentication Algorithm Configuring an IPSec Proposal Description Configuring an Encryption Algorithm Configuring the Lifetime for an IPSec SA Configuring the Protocol for the Dynamic SA Configuring an IPSec Policy Configuring an IPSec Policy Description Configuring Perfect Forward Secrecy Configuring IPSec Policy Proposals Example: IPSec Policy Configuration Configuring IPSec Service Rules Configuring the IPSec Rule Set Configuring IPSec Rule Content Configuring IPSec Match Conditions Configuring IPSec Actions Enabling IPSec Packet Fragmentation Configuring the Remote Address and Backup Remote Address Disabling the Anti-Replay Window Enabling System Log Messages Configuring the Tunnel MTU Value Configuring Dynamic Endpoints Authentication Process Dynamic Implicit Rules Reverse Route Insertion Configuring an IKE Access Profile Configuring the Service Set Configuring the Interface Identifier Default IKE and IPSec Proposals Tracing IPSec Operations Examples: Configuring IPSec Services Statically Assigned Tunnels Dynamically Assigned Tunnels Summary of IPSec Services Configuration Statements authentication authentication-algorithm authentication-algorithm (IKE) authentication-algorithm (IPSec) authentication-method auxiliary-spi backup-remote-gateway clear-dont-fragment-bit clear-ike-sas-on-pic-restart clear-ipsec-sas-on-pic-restart description destination-address dh-group direction dynamic encryption encryption-algorithm from ike initiate-dead-peer-detection ipsec ipsec-inside-interface lifetime-seconds local-certificate local-id manual match-direction mode no-anti-replay perfect-forward-secrecy policy policy (IKE) policy (IPSec) pre-shared-key proposal proposal (IKE) proposal (IPSec) proposals protocol remote-gateway remote-id rule rule-set services source-address spi syslog term then traceoptions tunnel-mtu Layer 2 Tunneling Protocol Services Configuration Guidelines L2TP Services Components L2TP Minimum Configuration Configuring L2TP Group Properties Configuring a Tunnel Group Configuring Access Profiles Configuring Addressing Configuring Window Size Configuring Timers Hiding Attribute-Value Pairs Configuring System Log Properties Configuring the Logical Interface Identifier Configuring Multilink on Shared Interfaces L2TP Redundancy Tracing L2TP Operations Examples: Configuring L2TP Services Summary of Layer 2 Tunneling Protocol Configuration Statements facility-override hello-interval hide-avps host l2tp-access-profile local-gateway address log-prefix maximum-send-window ppp-access-profile receive-window retransmit-interval service-interface services services (Hierarchy) services (L2TP System Logging) syslog traceoptions tunnel-group tunnel-timeout Link Services IQ Interfaces Configuration Guidelines Layer 2 Service Package Capabilities and Interfaces LSQ Failure Recovery Interchassis LSQ Failover Configuring Failover Options Configuring Interoperability Configuration Restrictions Stateless Intrachassis LSQ Failover Stateful Intrachassis LSQ Failover Configuring Intrachassis LSQ Redundancy LSQ Failure Conditions and Constraints Link PIC Redundancy Examples: Configuring Intrachassis LSQ Redundancy Link Services IQ CoS Components Scheduler Buffer Size Scheduler Priority Scheduler Shaping Rate Drop Profiles Configuring Fragmentation by Forwarding Class Configuring Link-Layer Overhead Configuring Multiclass MLPPP Oversubscribing Interface Bandwidth Example: Oversubscribing an LSQ Interface Providing a Guaranteed Minimum Rate Example: Providing a Guaranteed Minimum Rate Configuring Link Services and CoS Link Services CoS on J-series Services Routers Common Uses for the Link Services IQ Interface Configuring an NxT1 Bundle Using MLPPP Example: Configuring an NxT1 Bundle Using MLPPP Configuring an NxT1 Bundle Using FRF.16 Examples: Configuring an NxT1 Bundle Using FRF.16 Configuring a Single Fractional T1 Interface Using MLPPP and LFI Example: Configuring a Single Fractional T1 Using MLPPP and LFI Configuring a Single Fractional T1 Interface Using FRF.12 Examples: Configuring a Single Fractional T1 Interface Using FRF.12 Configuring an NxT1 Bundle Using FRF.15 Configuring a T3 Link for Compressed RTP over MLPPP Configuring a T3 or OC3 Interface Using FRF.12 Configuring an ATM2 IQ Interface Using MLPPP Summary of Link Services IQ Configuration Statements cisco-interoperability forwarding-class fragment-threshold fragmentation-map fragmentation-maps hot-standby link-layer-overhead lsq-failure-options multilink-class multilink-max-classes no-fragmentation no-termination-request per-unit-scheduler preserve-interface primary redundancy-options secondary trigger-link-failure warm-standby Voice Services Configuration Guidelines Configuring Voice Services Properties Configuring the Interface Address Configuring Compression Configuring Delay-Sensitive Packet Interleaving Example: Configuring Compression Configuring Encapsulation Configuring the Network Interface Configuring Voice Services Bundles Configuring the Compression Interface Configuring VoIP Routing on J-series Services Routers Functional Components Configuring the VoIP Interface Configuring the Media Gateway Controller List Configuring Dynamic Call Admission Control Examples: Configuring Voice Services Summary of Voice Services Configuration Statements activation-priority address bearer-bandwidth-limit bundle compression compression-device dynamic-call-admission-control encapsulation f-max-period family fragment-threshold interfaces maximum-contexts port queues rtp unit Class-of-Service Configuration Guidelines Configuring Class-of-Service Properties Configuring the Class-of-Service Rule Set Configuring Class-of-Service Rule Content Configuring Class-of-Service Match Direction Configuring Class-of-Service Match Conditions Configuring Class-of-Service Actions Configuring Application Profiles Configuring Reflexive and Reverse CoS Actions CoS Configuration Restrictions Output Packet Rewriting CoS Hierarchy Configuration Examples Examples: Configuring Class-of-Service Properties Summary of Class-of-Service Configuration Statements application-profile application-sets applications destination-address destination-prefix-list dscp forwarding-class from match-direction (reflexive | reverse) rule rule-set services sip-text sip-video sip-voice source-address source-prefix-list syslog term then Service Set Configuration Guidelines Configuring Service Sets Configuring Services Interfaces Configuring an Interface Service Set Configuring a Next-Hop Service Set Determining Traffic Direction Interface Style Service Sets Next-Hop Style Service Sets Configuring Service Rules Configuring IPSec Options Configuring the Local Gateway Address IKE Addresses in VRF Instances Configuring an IKE Access Profile Configuring Certification Authorities Configuring the Maximum Number of Flows Configuring System Log Properties Allowing Multicast Traffic Service Set Extensions for JUNOS SDK Applications Interface Service Sets for JUNOS SDK Applications Next-Hop Service Sets for JUNOS SDK Applications Limitations and Constraints for SDK Service Sets Enabling JUNOS SDK Services Tracing Adaptive Services or MultiServices PIC Operations Configuring the Adaptive Services Log Filename Configuring the Number and Size of Adaptive Services Log Files Configuring Access to the Log File Configuring a Regular Expression for Lines to Be Logged Configuring the Trace Operations Example: Configuring Service Sets Summary of Service Set Configuration Statements adaptive-services-pics allow-multicast extension-service facility-override host ids-rules ike-access-profile interface-service ipsec-vpn-options ipsec-vpn-rules local-gateway log-prefix logging max-flows nat-rules next-hop-service pgcp-rules service-interface service-set services services (Hierarchy) services (System Logging) stateful-firewall-rules syslog traceoptions trusted-ca Interface Configuration Guidelines Naming Services Interfaces Configuring Interface Properties Configuring the Interface Address and Domain Configuring Default Timeout Settings Configuring Default System Log Properties Enabling Fragmentation on GRE Tunnels Applying Filters and Services to an Interface Configuring Service Filters Configuring AS or MultiServices PIC Redundancy Examples: Configuring a Services Interface Summary of Interface Configuration Statements address clear-dont-fragment-bit dial-options facility-override family host inactivity-timeout input interfaces log-prefix open-timeout output post-service-filter primary redundancy-options secondary service service-domain service-filter service-set services services-options syslog unit Packet Gateway Configuration Guidelines Configuring Virtual Packet Gateways Configuring a Connection to the Packet Gateway Controller Configuring NAT Pools for the Packet Gateway Configuring a Media Service Configuring a Virtual Interface Configuring H.248 Timers Configuring Default Values for H.248 Properties Limiting FUF Terms on VPGs Limiting the Rate of Messages Sent from the PIC Enabling Application Layer Gateways for RTP and RTCP for Media Flows Configuring Graceful Restart Detecting Latch Deadlocks and Inactivity Delays Configuring the Service State of a VPG or a Virtual Interface Configuring the Service State of a VPG Configuring the Service State of a Virtual Interface Configuring the Packet Gateway Rule Content Configuring the Packet Gateway Rule Set Configuring Session Mirroring Configuring Overload Control Enabling Wildcards for Service Changes Enabling a History of Media Inactivity Notifications Disabling Bit Mirroring of DSCP Marking Configuring ServiceChange Method and Reason Tracing PGCP Operations Example: Configuring a Packet Gateway Summary of Packet Gateway Configuration Statements administrative administrative (Control Association Down) administrative (Virtual Interface Down) algorithm application-data-inactivity-detection audit-observed-events-returns-history base-root cancel-graceful cancel-graceful (Control Association Up) cancel-graceful (Virtual Interface Up) cleanup-timeout context-indications control-association-indications controller-address controller-failure controller-port data-inactivity-detection delivery-function destination-address destination-port detect diffserv disable-session-mirroring disconnect down dscp encoding event-timestamp-notification failover-cold failover-warm failure failure (Control Association Down) failure (Virtual Interface Down) fast-update-filters gateway gateway-address gateway-controller gateway-port graceful graceful (Control Association Down) graceful (Virtual Interface Down) graceful-restart h248-options h248-properties h248-timers hanging-termination-detection inactivity-timeout inactivity-delay inactivity-duration inactivity-timer initial-average-ack-delay interface interim-ah-scheme ip-flow-stop-detection latch-deadlock-delay link-loss max-burst-size max-burst-size (All Streams) max-burst-size (RTCP Streams) max-concurrent-calls maximum-fuf-percentage maximum-inactivity-time maximum-net-propagation-delay maximum-synchronization-mismatches maximum-synchronization-time maximum-terms maximum-waiting-delay media media-service mg-maximum-pdu-size mg-originated-pending-limit mg-provisional-response-timer-value mg-segmentation-timer mgc-maximum-pdu-size mgc-originated-pending-limit mgc-provisional-response-timer-value mgc-segmentation-timer monitor nat-pool network-operator-id normal-mg-execution-time normal-mgc-execution-time notification-behavior notification-rate-limit notification-regulation no-dscp-bit-mirroring overload-control peak-data-rate peak-data-rate (All Streams) peak-data-rate (RTCP Streams) queue-limit-percentage reconnect report-service-change request-timestamp routing-instance rtcp rtp rule rule-set segmentation send-notification-on-delay service-change service-change-type service-interface service-state service-state (VPG) service-state (Virtual Interface) services session-mirroring source-address source-port state-loss stop-detection-on-drop sustained-data-rate sustained-data-rate (All Streams) sustained-data-rate (RTCP Streams) timerx traffic-management tmax-retransmission-delay traceoptions up virtual-interface virtual-interface-down virtual-interface-indications virtual-interface-up warm wildcard-response-service-change Service Interface Pools Configuration Guidelines Configuring Service Interface Pools Summary of Service Interface Pools Statements interface pool service-interface-pools Data Link Switching Overview Overview DLSw Standards Data Link Switching Configuration Guidelines Configuring DLSw Properties Minimum DLSw Configuration Configuring the Remote Peer Configuring Load Balancing Configuring DLSw Timers Configuring the Local Peer Examples: Configuring DLSw Peers Configuring the Initial Pacing Window Configuring the Idle Timeout Configuring the Multicast Address Configuring Class of Service Example: Configuring CoS for a DLSw Connection Tracing DLSw Protocol Traffic Configuring Logical Link Control on an Interface Example: Configuring LLC Options on an Interface Configuring DLSw Ethernet Redundancy Using LLC2 Properties Example: Configuring DLSw Ethernet Redundancy Summary of Data Link Switching Configuration Statements advertise-interval circuit-weight connection-idle-timeout cost destination destination-interface dlsw dlsw-cos explorer-wait-time hold-time interface load-balance local-mac local-peer map multicast-address no-preempt peer preempt priority promiscuous protocols reachability-cache-timeout receive-initial-pacing redundancy-group remote-mac remote-peer traceoptions track type-of-service Encryption Overview Encryption Interfaces Configuration Guidelines Configuring an Encryption Interface Specifying the Security Association Name Configuring the MTU for an Encryption Interface Example: Configuring an Encryption Interface Configuring Traffic Traffic Overview Configuring the Security Association Configuring an Outbound Traffic Filter Example: Configuring an Outbound Traffic Filter Applying the Outbound Traffic Filter Example: Applying the Outbound Traffic Filter Configuring an Inbound Traffic Filter Example: Configuring an Inbound Traffic Filter Applying the Inbound Traffic Filter to the Encryption Interface Example: Applying the Inbound Traffic Filter to the Encryption Interface Configuring an ES Tunnel Interface for a Layer 3 VPN Configuring ES PIC Redundancy Example: Configuring ES PIC Redundancy Configuring IPSec Tunnel Redundancy Summary of Encryption Configuration Statements address backup-destination backup-interface destination es-options family filter interfaces ipsec-sa source tunnel unit Flow Monitoring and Discard Accounting Overview Passive Flow Monitoring Active Flow Monitoring Flow Monitoring and Discard Accounting Configuration Guidelines Minimum Traffic Sampling or Forwarding Configuration Configuring Traffic Sampling Configuring Traffic Sampling Properties Disabling Traffic Sampling Configuring Traffic Sampling Output Traffic Sampling Output Files Tracing Traffic Sampling Operations Examples: Configuring Traffic Sampling Sampling a Single SONET Interface Sampling All Traffic from a Single IP Address Sampling All FTP Traffic Configuring Flow Monitoring Configuring the Flow-Monitoring Interface Configuring Flow-Monitoring Properties Configuring the Flow-Monitoring Interface Exporting Flows Configuring Timers Example: Configuring Flow Monitoring Configuring Flow Aggregation Configuring Version 5 or Version 8 cflowd Configuring Version 9 Flow Templates Configuring the Traffic to be Sampled Configuring the Version 9 Template Properties Restrictions Fields Included in Each Template Type MPLS Sampling Behavior Verification Examples: Configuring Version 9 Flow Templates Replicating Flows to Multiple Flow Servers Replicating Routing Engine–Based Sampling to Multiple Flow Servers Replicating Version 9 Flow Aggregation to Multiple Flow Servers Debugging cflowd Flow Aggregation Configuring Port Mirroring Configuring Tunnels Filter-Based Forwarding with Multiple Monitoring Interfaces Restrictions Configuring Port Mirroring on Services Interfaces Examples: Configuring Port Mirroring Load Balancing Among Multiple Monitoring Interfaces Configuring Discard Accounting Enabling Passive Flow Monitoring Passive Flow Monitoring for MPLS Encapsulated Packets Removing MPLS Labels from Incoming Packets Example: Enabling Passive Flow Monitoring Flow-Monitoring Redundancy Summary of Flow-Monitoring Configuration Statements accounting address aggregate-export-interval aggregation autonomous-system-type cflowd cflowd (Discard Accounting and Sampling) cflowd (Flow Monitoring) core-dump destination disable engine-id engine-type export-format family family (Interfaces) family (Monitoring) family (Port Mirroring) family (Sampling) file file (Sampling) file (Trace Options) filename files filter flow-active-timeout flow-export-destination flow-inactive-timeout flow-monitoring forwarding-options input input (Port Mirroring) input (Sampling) input-interface-index interface interface (Accounting or Sampling) interface (Monitoring) interface (Port Mirroring) interfaces ipv4-template label-position local-dump max-packets-per-second monitoring mpls-ipv4-template mpls-template multiservice-options next-hop next-hop-group no-core-dump no-filter-check no-local-dump no-stamp no-syslog no-world-readable option-refresh-rate output output (Accounting) output (Monitoring) output (Port Mirroring) output (Sampling) output-interface-index passive-monitor-mode pop-all-labels port port-mirroring rate receive-options-packets receive-ttl-exceeded required-depth run-length sampling sampling (Forwarding Options) sampling (Interfaces) services size source-address stamp syslog template template (Forwarding Options) template (Services) template-refresh-rate traceoptions unit version version9 version9 (Forwarding Options) version9 (Services) world-readable Flow Collection Configuration Guidelines Configuring Flow Collection Properties Configuring Flow Collector Destinations Configuring a Packet Analyzer Configuring File Formats Configuring Interface Mappings Configuring Transfer Logs Configuring Retry Attempts Sending cflowd Records to the Flow Collector Interface Enabling Flow Collection Mode and Interface Example: Flow Collector Interface Configuration Summary of Flow Collection Configuration Statements analyzer-address analyzer-id archive-sites collector data-format destinations filename-prefix file-specification file-specification (File Format) file-specification (Interface Mapping) flow-collector ftp ftp (Flow Collector Files) ftp (Transfer Log Files) interface-map maximum-age name-format password password (Flow Collector File Servers) password (Transfer Log File Servers) retry retry-delay transfer transfer-log-archive username variant Dynamic Flow Capture Configuration Guidelines Dynamic Flow Capture Architecture Liberal Sequence Windowing Configuring Dynamic Flow Capture Properties Configuring the Capture Group Configuring the Content Destination Configuring the Control Source Configuring the DFC PIC Interface Configuring System Logging Configuring Thresholds Configuring Maximum Duplicates Example: Dynamic Flow Capture Configuration Flow-Tap Configuration Guidelines Flow-Tap Architecture Configuring Flow-Tap Properties Configuring the Flow-Tap Interface Configuring Security Properties Restrictions Example: Flow-Tap Configuration Summary of Dynamic Flow Capture and Flow-Tap Configuration Statements address allowed-destinations capture-group content-destination control-source duplicates-dropped-periodicity dynamic-flow-capture flow-tap g-duplicates-dropped-periodicity g-max-duplicates hard-limit hard-limit-target input-packet-rate-threshold interface interfaces max-duplicates minimum-priority no-syslog notification-targets pic-memory-threshold service-port services shared-key soft-limit soft-limit-clear source-addresses ttl Link and Multilink Services Overview Link and Multilink Services Configuration Guidelines Configuring Multilink and Link Services Logical Interface Properties Default Settings for Multilink and Link Services Logical Interfaces Configuring a Link Services Point-to-Point DLCI Configuring a Link Services Multicast-Capable DLCI Configuring a Drop Timeout Period Configuring Logical Interface Encapsulation Configuring a Fragmentation Threshold Configuring Link Services Delay-Sensitive Packet Interleaving Configuring LFI with DLCI Scheduling Example: Configuring LFI with DLCI Scheduling Configuring Minimum Links Configuring the MRRU and MTU Values Configuring the Sequence Format Configuring Compressed RTP with MLPPP Encapsulation Example: Configuring Compressed RTP with MLPPP Encapsulation Configuring Compressed RTP with PPP Encapsulation Example: Configuring Compressed RTP with PPP Encapsulation Configuring Link Services Physical Interface Properties Default Settings for Link Services Interfaces Configuring the Link Services Physical Interface Encapsulation Configuring Link Services Acknowledgment Timers Configuring the Link Services Differential Delay Configuring Link Services Keepalive Settings on Frame Relay LMI Multilink and Link Services Interface Structure Multilink Services and Link Services PIC Capacities Link Services PIC Capabilities Configuring Bundles Configuring CoS Components on Link Services PICs Link Services CoS on J-series Services Routers Link Services CoS on M-series and T-series Platforms Example: Configuring Link Services CoS Components Examples: Configuring Multilink Interfaces Examples: Configuring Link Services Interfaces Summary of Link Services Configuration Statements acknowledge-retries acknowledge-timer action-red-differential-delay address bundle compression-device destination disable-mlppp-inner-ppp-pfc dlci drop-timeout encapsulation encapsulation (Logical Interface) encapsulation (Physical Interface) family fragment-threshold hello-timer interfaces interleave-fragments lmi-type minimum-links mlfr-uni-nni-bundle-options mrru mtu multicast-dlci n391 n392 n393 red-differential-delay short-sequence t391 t392 unit yellow-differential-delay Real-Time Performance Monitoring Services Overview Real-Time Performance Monitoring Configuration Guidelines Configuring BGP Neighbor Discovery Through RPM Configuring Real-Time Performance Monitoring Properties Configuring the Probe Configuring the Server Configuring the Maximum Number of Probes Configuring RPM Timestamping Timestamps on M-series and T-series Routing Platforms Timestamps on J-series Services Routers Configuring TWAMP Configuring the TWAMP Interface Configuring the TWAMP Server Properties Examples: Configuring BGP Neighbor Discovery Through RPM Examples: Configuring Real-Time Performance Monitoring Summary of Real-Time Performance Monitoring Configuration Statements client-list data-fill data-size destination-interface destination-port dscp-code-point hardware-timestamp history-size inactivity-timeout logical-system maximum-connections maximum-connections-per-client maximum-sessions maximum-sessions-per-connection moving-average-size one-way-hardware-timestamp port port (RPM) port (TWAMP) probe probe-count probe-interval probe-limit probe-server probe-type routing-instance routing-instances rpm server services source-address target tcp test test-interval thresholds traps twamp twamp-server udp Tunnel Services Overview Tunnel Interfaces Configuration Guidelines Configuring a Unicast Tunnel Configuring a Key Number on GRE Tunnels Enabling Fragmentation on GRE Tunnels Specifying an MTU Setting for the Tunnel Configuring a GRE Tunnel to Copy ToS Bits to the Outer IP Header Configuring Packet Reassembly Restricting a Tunnel to Multicast Traffic Configuring a Logical Tunnel Interface Connecting Logical Systems Configuring Logical Tunnels on J-series Platforms Configuring a Tunnel Interface for Routing Table Lookup Configuring a Virtual Loopback Tunnel for VRF Table Lookup Configuring PIM Tunnels Configuring an IPv6-over-IPv4 Tunnel Configuring a Dynamic Tunnel Configuring Tunnel Interfaces on MX-series Routers Example: Configuring Unicast Tunnels Example: Configuring a Virtual Loopback Tunnel for VRF Table Lookup Example: Configuring an IPv6-over-IPv4 Tunnel Example: Configuring a Logical Tunnel Summary of Tunnel Services Configuration Statements allow-fragmentation backup-destination copy-tos-to-outer-ip-header destination destination (Address) destination (Routing Instance) destination-networks do-not-fragment dynamic-tunnels interfaces key multicast-only peer-unit reassemble-packets routing-instance routing-instances routing-options source source-address ttl tunnel tunnel-type unit Index Index Index of Statements and Commands