|
|
Release Highlights
Release 13.0.0 includes the features described in this section.
IPv6
- AAA Route Downloader for IPv6
AAA route downloader for IPv6 provides periodic and automatic distribution of IPv6 static access routes without manual configuration of systems. IPv6 routes are periodically downloaded using the AAA route downloader application from an AAA RADIUS server. This feature enables preconfiguration and preadvertisement of access routes by routing protocols. Therefore, upon establishment of customer connections, routing protocol storms and other delays in client service activation that can be caused by protocol convergence are avoided.
You can use the aaa route-download ipv6 command to enable the IPv6 route-download operation.
The downloaded routes are in the following format:
[{vir | virtual-router} virtual-router-name] [vrf vrfName] prefix-mask [{ null0 | null 0} [cost]] [tag tagValue]
Routes are specified using the Framed-IPv6-Route (RADIUS attribute 99) or the Cisco-AVpair (Cisco VSA 26-1) RADIUS attributes. For example:
Framed-IPv6-Route (RADIUS attribute 99):
Framed-IPv6-Route = "vir zzz vrf test1 2001:DB8:cc00:1::/48 null0 0 tag 8"
Cisco-AVpair (Cisco VSA 26-1):
cisco-avpair = "ipv6:route=vir zzz vrf test1 2001:DB8:cc00:1::/48 null0 0 tag 8"
The following commands have been added or enhanced to support this feature:
Change in existing behavior: New feature added as described here.
- Support for Configuring Local Address Pools for Neighbor Discovery Router Advertisements
You can now configure IPv6 local address pools on a virtual router to be used for allocation of prefixes to Neighbor Discovery clients. These pools can be used to assign prefixes from a delegating router, which is an E Series router configured as an IPv6 server, to the requesting router, which is the customer premises equipment (CPE) at the edge of the remote client site that acts as the IPv6 client. The Neighbor Discovery router advertisement feature is useful in scenarios in which the delegating router does not have information about the topology of the networks in which the customer edge device or requesting router is located. In such cases, the delegating router requires only the identity of the requesting router to choose a prefix for delegation.
You must enable the IPv6 local address pool feature using the ipv6 address-pool ndra command in Global Configuration mode to configure IPv6 local address pools. You can configure multiple local address pools on a single virtual router up to a maximum of 500 pools per virtual router. You can also configure multiple address pools on multiple virtual routers.
You can configure the name of an IPv6 local address pool in an AAA domain map using the ipv6-ndra-pool-name command in Domain Map Configuration mode. If the authentication server returns the IPv6 local address pool name in the Framed-IPv6-Pool attribute or Ipv6-NdRa-Pool attribute of the RADIUS-Access-Accept message, this pool overrides the IPv6 local address pool configured in the domain map.
The following commands have been added to support configuration of IPv6 local address pools for Neighbor Discovery Router Advertisements:
In addition, the output of the show configuration command has been modified to support this feature.
As a part of this feature, the lasv6General event log category has been added to support the IPv6 local address pool for the Neighbor Discovery Router Advertisements feature.
Change in existing behavior: Existing feature extended as described here.
IS-IS
- Support for Ignoring the Attach Bit in Level 1 LSPs
You can configure IS-IS to disregard the Attach Bit (ATT) in level 1 LSPs in a multiarea environment. In level 1 routing, the closest level 1-2 router determines the default routes within IS-IS routing domains. The attach bit in the level 1 LSP determines the closest level 1-2 router. The ability to disregard the attach bit enables IS-IS to prevent default routes from being installed.
You can use the ignore-attached-bit command to disregard the attach bit in level 1 LSPs. For example:
host1(config-router)# ignore-attached-bit
The following command has been added in this release:
Change in existing behavior: In lower-numbered releases, this feature was available for early field trial purposes only. This is no longer the case.
- Ability to Advertise IP Prefixes of Passive Interfaces
You can configure IS-IS to advertise IP prefixes that belong to only passive interfaces. Enabling this feature causes only connected passive IP prefixes to be retained and all other entries ro be removed from the LSP database. Disabling this command restores all the entries in the LSP database, thus allowing all IP prefixes to be advertised.
You can use the advertise-passive-only command to advertise IP prefixes of passive interfaces only. For example:
host1(config-router)# advertise-passive-only
Configuring IS-IS to advertise only passive interfaces reduces network convergence time between two integrated IS-IS systems.
The following command has been added in this release:
Change in existing behavior: In lower-numbered releases, this feature was available for early field trial purposes only. This is no longer the case.
Policy Management
- Support for Statistics Collection for Output Policies on Tunnel Interfaces Based on Fragments
You can now configure the policy manager application to collect and store statistical counters for output policies attached to tunnel interfaces as a measure of the number of fragments. In certain network environments, it might be useful to monitor and track the outgoing traffic from a tunnel interface to which policies are applied in terms of number of fragments, instead of monitoring the outgoing policed traffic in terms of number of packets.
You can use the enable-frag-stats command in Global Configuration mode to enable the generation and storage of output policy statistics for tunnel interfaces as a number of fragments. By default, the output policy counters for tunnel interfaces is calculated as a number of packets.
You can enter the show enable-frag-stats command to verify whether collection of output policy statistics for traffic on tunnel interfaces is enabled. The packets field in the IP policy output section of the show ip interface tunnel interfaceSpecifier displays the number of packets or fragments transmitted from the tunnel interface for which output policies are applied. The value for the packets field denotes the measure of packets or fragments, depending on whether you enabled the collection of output policy statistics using the enable frag-stats command.
The following line module combinations on E Series routers support the configuration of output policy statistics collection in number of fragments:
The following commands have been added to support the control of client packets forwarded from DHCP relay:
Change in existing behavior: Existing feature extended as described here. In lower-numbered releases, the output policy counters for IP interfaces always displayed the statistics as number of packets. You could not configure the policy manager to collect statistics based on number of fragments transmitted from an outgoing IP interface.
RADIUS
- Support for Handling IPv6-Specific Policies Returned from the RADIUS Server for Dual-Stack (IPv4 and IPv6) Subscribers
You can now receive Ipv6-Ingress-Policy-Name and Ipv6-Egress-Policy-Name VSAs from the RADIUS server through the Access-Accept packet and apply IPv6-specific policies to the subscriber interface. You can ignore or accept the VSAs returned in the Access-Accept packet using the radius ignore command. You can enable or disable the inclusion of these VSAs in Acct-Start and Acct-Stop packets using the radius include command.
The following commands have been enhanced to support this feature:
The outputs of the following commands have been changed to support this feature:
Change in existing behavior: Existing feature extended as described here. In lower-numbered releases, you could receive only IPv4 ingress and egress policies from the RADIUS server, and apply them to the subscriber interface.
- Support for Transfer of the Calling-Station-Id Attribute to the SRC Server Irrespective of the RADIUS Settings
You can now configure a virtual router to send the default calling station ID or the overridden calling station ID to the SRC Server irrespective of the RADIUS settings. The radius-default-value attribute and radius-overridden-value attribute have been added to the send-calling-station-id keyword to support this feature. The radius-overridden-value attribute must be configured after configuring the radius calling-station-format command. If either the radius calling-station-format command or the radius override calling-station-id remote-circuit-id command is not configured, then the default calling station ID will be sent to SRC server instead of the overridden calling station ID.
The following command has been modified to support this feature:
The output of the following command has been updated to support this feature:
Change in existing behavior: Existing feature extended as described here.
|
Copyright © 2012, Juniper Networks, Inc. Report An Error |
|
|