DTCP Attributes Used for Subscriber Secure Policy

DTCP-initiated subscriber secure policy mirroring is triggered by a DTCP attribute that identifies the subscriber interface on which traffic is to be mirrored. The traffic mirroring session starts when the router (intercept access point) receives a DTCP ADD message that contains the trigger and other DTCP attributes that provide mirroring-related information, and then applies the subscriber secure policy configuration to the appropriate interface. The DTCP ADD message can be sent either before or after subscribers log on through the interface.

Table 28 lists the mirroring trigger and the other DTCP attributes that the DTCP server administrator must include in the DTCP ADD message.

DTCP Traffic Mirroring Attributes

Table 28 lists the DTCP attributes that trigger traffic mirroring and provide mirroring-related information.

Table 28: DTCP Mirroring Attributes

Attribute Name

DTCP Message Semantic

Description

Interface-ID

X-Interface-Id

The mirroring trigger. The interface description string on which traffic mirroring is performed (for example, ge-0/0/0.1 or demux0.107472834).

Mediation Device IP Address

X-JTap-Cdest-Source-Address

IPv4 address of the mediation device to which the router sends intercepted traffic.

Mediation Device UDP Port

X-JTap-Cdest-Port

UDP port of the mediation device.

Intercept ID (also known as the Mirror ID)

X-MD-Intercept-Id

Identifier that the mediation device uses to correlate traffic from a particular subscriber.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.