Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring SRC ACP Properties (SRC CLI)

    To configure SRC ACP properties, perform these tasks:

    1. Configuring Logging Destinations for SRC ACP
    2. Configuring SRC ACP Operation
    3. Configuring CORBA Interfaces
    4. Configuring SRC ACP Redundancy
    5. Configuring Connections to the Subscribers’ Directory
    6. Configuring Connections to the Services’ Directory
    7. Configuring SRC ACP Scripts and Classification

    Configuring Logging Destinations for SRC ACP

    You can store log messages in a file or in the system logging facility. To format log messages in an easy to understand audit pattern, define the logger name as “audit”. The events captured in an audit logger include:

    • ACP’s calculation result of edge congestion points for a user session.
    • ACP’s calculation result of backbone congestion points for a service authorization request.
    • ACP’s decision (grant or deny) on a service authorization event. If denied, the congestion point that is over the limit is logged.
    • Bandwidth usage update to congestion points following a service start, interim (only when it is different from start event), or stop tracking event.
    • Bandwidth usage update to congestion points following an interface tracking event.

    Use the following configuration statements to configure logging destinations for SRC ACP:

    shared acp configuration logger name ...
    shared acp configuration logger name file { filter filter; filename filename; rollover-filename rollover-filename; maximum-file-size maximum-file-size; }
    shared acp configuration logger name syslog { filter filter;host host;facility facility;format format; }

    Configuring Logging Destinations to Store Messages in a File

    To configure logging destinations to store log messages in a file:

    1. From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called file-1 is configured in the config group.
      user@host# edit shared acp group config configuration logger file-1 file
    2. Specify the properties for the logging destination.
      [edit shared acp group config configuration logger file-1 file] user@host# set ?

      For more information about configuring properties for the logging destination, see Configuring an SRC Component to Store Log Messages in a File (SRC CLI).

    3. (Optional) Verify your configuration.
      [edit shared acp group config configuration logger file-1 file] 
user@host# show 
filename var/log/acp_debug.log;
rollover-filename var/log/acp_debug.alt;
    Configuring Logging Destinations to Send Messages to System
Logging Facility
    To configure logging destinations to send log messages to the
system logging facility: 
    1. From configuration mode, access the configuration statement
that configures the name and type of logging destination. In this
sample procedure, the logging destination called syslog-1 is configured
in the config group. 
      user@host# edit shared acp group config configuration logger syslog-1 syslog 
    2. Specify the properties for the logging destination. 
      [edit shared acp group config configuration logger syslog-1
syslog] user@host# set ? 
      For more information about configuring properties
for the logging destination, see Configuring System Logging (SRC CLI). 
    3. (Optional) Verify your configuration.
      [edit shared acp group config configuration logger syslog-1 syslog] 
user@host# show 
filter /error-;
host loghost;
    Configuring SRC ACP Operation
    Use the following configuration statements to configure
how SRC ACP operates: 
    shared acp configuration acp-options { backup-directory backup-directory; mode (edge | backbone | dual); event-cache-size event-cache-size; overload-method overload-method; reservation-timeout reservation-timeout; congestion-point-auto-completion; tuning-factor tuning-factor; subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message; network-bandwidth-exceed-message network-bandwidth-exceed-message; backup-database-maximum-size backup-database-maximum-size; remote-update-database-index-keys remote-update-database-index-keys; interface-tracking-filter interface-tracking-filter; state-sync-bulk-size state-sync-bulk-size; }
    To configure SRC ACP operation: 
    1. From configuration mode, access the configuration statement
that configures SRC ACP operation. In this sample procedure, the SRC
ACP operating properties are configured in the config group. 
      user@host# edit shared acp group config configuration
acp-options 
    2. Specify the  folder that stores
backup information about subscribers, services, and congestion points. 
      [edit shared acp group config configuration acp-options] user@host# set backup-directory 
    3. Specify the regions of the network that SRC ACP manages. 
      [edit shared acp group config configuration acp-options] user@host# set mode (edge | backbone | dual) 
    4. Specify the number of plug-in events from the SAE that
SRC ACP can store in its cache. 
      [edit shared acp group config configuration acp-options] user@host# set event-cache-size event-cache-size 
    5. Specify how SRC ACP deals with situations in which the
components exceed the allocated bandwidth because the service was
activated after the authorization was granted. 
      [edit shared acp group config configuration acp-options] user@host# set overload-method overload-method 
      If you specify -1, SRC ACP ignores overload. An
integer greater than or equal to 0 specifies the bandwidth (in bits
per second) by which the maximum may be exceeded. 
    6. Specify the time to wait before a bandwidth reservation
expires. The reserved bandwidth is reclaimed by SRC ACP when the reservation
expires. 
      [edit shared acp group config configuration acp-options] user@host# set reservation-timeout reservation-timeout 
    7. Specify whether SRC ACP uses the information acquired
from the router to determine the congestion points. 
      [edit shared acp group config configuration acp-options] user@host# set congestion-point-auto-completion 
    8. Specify the factors that compensate for actual use of
bandwidth, as opposed to allocated bandwidth. 
      [edit shared acp group config configuration acp-options] user@host# set tuning-factor tuning-factor 
    9. Specify the error message that SRC ACP sends when the
subscriber exceeds the allocated bandwidth. 
      [edit shared acp group config configuration acp-options] user@host# set subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message 
    10. Specify the error message that SRC ACP sends when traffic
flow exceeds the allocated bandwidth on an interface between the subscriber
and the router. 
      [edit shared acp group config configuration acp-options] user@host# set network-bandwidth-exceed-message network-bandwidth-exceed-message 
    11. Specify the value by which the sum of the sizes of the
files that contain SRC ACP data can increment before SRC ACP reorganizes
the files. 
      [edit shared acp group config configuration acp-options] user@host# set backup-database-maximum-size backup-database-maximum-size 
      Choose a value that is significantly lower than
the capacity of the machine’s hard disk. 
    12. Specify the values to look for in the configuration
data. Specifying index keys can improve performance by filtering the
data. 
      [edit shared acp group config configuration acp-options] user@host# set remote-update-database-index-keys remote-update-database-index-keys 
      The value is a list of attributes, separated by
commas. An attribute is one of the following text strings: 
      • accountingId—Value of directory attribute accountingUserId. 
      • dhcpPacket—Content of the DHCP discover request. 
      • hostname—Name of the host on which the SAE is installed. 
      • ifIndex—SNMP index of the interface. This attribute
is not supported on devices running Junos OS. 
      • ifRadiusClass—RADIUS class attribute on the JunosE
interface. This attribute is not supported on devices running Junos
OS. 
      • ifSessionId—Identifier for RADIUS accounting on
the JunosE interface. This attribute is not supported on devices running
Junos OS. 
      • interfaceAlias—Alias of the interface; that is,
the IP description in the interface configuration. 
      • interfaceDescr—SNMP description of the interface. 
      • interfaceName—Name of the interface. 
      • loginName—Subscriber's login name. 
      • nasInetAddress—IP address of the router; using a
byte array instead of an integer. 
      • nasPort—NAS port used by the router to identify
the interface to RADIUS. 
      • portId—Identifier of VLAN or virtual circuit. For
a virtual circuit, use the format <VPI>/<VCI>. This attribute
is not supported on devices running Junos OS. 
        • <VPI>—Virtual path identifier 
        • <VCI>—Virtual connection identifier 
      • primaryUserName—PPP login name or the public DHCP
username. This attribute is not supported on devices running Junos
OS. 
      • routerName—Name of the virtual router in the format
<virtualRouter>@<router>. 
        • <virtualRouter>—Virtual router name 
        • <router>—Router name 
      • routerType—Type of router driver. 
      • userInetAddress—IP address of the subscriber that
uses a byte array instead of an integer. 
      • userMacAddress—MAC address of the DHCP subscriber.
This attribute is not supported on devices running Junos OS. 
      • userRadiusClass—RADIUS class attribute of the subscriber
session for a service. This attribute can occur multiple times and
can be returned by an authorization plug-in. 
      • userType—Type of subscriber. 
    13. Specify the interface tracking event to be ignored by
SRC ACP. 
      [edit shared acp group config configuration acp-options] user@host# set interface-tracking-filter interface-tracking-filter 
      The value is filter strings in the format of a
list of <attribute>=<value> pairs. The filter strings can be
contained within query operations. 
      • <attribute>—Name of an attribute for an interface
tracking event. See value for the remote-update-database-index-keys option described Configuring SRC ACP Properties (SRC CLI). 
      • <value>—Filtering string of the following types: 
        • *—Any value 
        • Explicit string—Any value matching the specified
string (not case-sensitive) 
        • String containing an asterisk—Any value containing
the specified string (not case-sensitive) 
      • To perform query operations on filter strings, you can
use the following values in your filter strings: 
        • ()—Match no objects. 
        • (*)—Match all objects. 
        • (&<filter><filter>...)—Performs logical
AND operation on filter strings; true if all filter strings match. 
        • (|<filter><filter>...)—Performs logical OR
operation on filter strings; true if at least one filter string matches. 
        • (!<filter>)—Performs logical NOT operation on
filter string; true if the filter string does not match. 
    14. (Optional) Specify the number of events the SAE sends
to SRC ACP in a single method call during state synchronization. 
      [edit shared acp group config configuration acp-options] user@host# set state-sync-bulk-size state-sync-bulk-size 
    15. (Optional) Verify your configuration.
      [edit shared acp group config configuration acp-options] 
user@host# show 
    Configuring CORBA Interfaces
    Use the following configuration statements to configure
CORBA interfaces for SRC ACP: 
    shared acp configuration corba {     acp-ior acp-ior;      remote-update-ior remote-update-ior; }
    To configure CORBA interfaces: 
    1. From configuration mode, access the configuration statement
that configures CORBA interfaces for SRC ACP. In this sample procedure,
the CORBA interfaces are configured in the config group. 
      user@host# edit shared acp group config configuration
corba 
    2. Export the object reference for SRC ACP through either
a local file or a Common Object Services (COS) naming service. 
      [edit shared acp group config configuration corba] user@host# set acp-ior acp-ior 
    3. Specify the object reference for the ACP external interface. 
      [edit shared acp group config configuration corba] user@host# set remote-update-ior remote-update-ior 
    4. (Optional) Verify your configuration.
      [edit shared acp group config configuration corba] 
user@host# show 
acp-ior file:///var/acp/acp.ior;
remote-update-ior file:///var/acp/sra.ior;
    Configuring SRC ACP Redundancy
    Use the following configuration statements to configure
SRC ACP redundancy and state synchronization
with the SAE: 
    shared acp configuration redundancy {enable-redundancy; local-ior local-ior; remote-ior remote-ior; ignore-user-tracking-out-of-sync; community-heartbeat community-heartbeat; community-acquire-timeout community-acquire-timeout; community-blackout-timeout community-blackout-timeout; redundant-naming-service redundant-naming-service; }
    To configure SRC ACP redundancy and state synchronization
with the SAE: 
    1. From configuration mode, access the configuration statement
that configures SRC ACP redundancy. In this sample procedure, the
properties are configured in the config group. 
      user@host# edit shared acp group config configuration
redundancy 
    2. (Optional) Enable SRC ACP redundancy. 
      [edit shared acp group config configuration redundancy] user@host# set enable-redundancy 
    3. Export the object reference for this SRC ACP (local interface)
through a Common Object Services (COS) naming service in a redundant
SRC ACP configuration. 
      [edit shared acp group config configuration redundancy] user@host# set local-ior local-ior 
    4. Resolves the object reference for the other SRC ACP (remote
interface) through a Common Object Services (COS) naming service in
a redundant SRC ACP configuration. For redundancy, the remote IOR
value of one SRC ACP must match the local IOR value of the other SRC
ACP. 
      [edit shared acp group config configuration redundancy] user@host# set remote-ior remote-ior 
    5. (Optional) Specify whether user-tracking events should
be ignored when they raise an OutOfSync exception to the SAE when
state synchronization is enabled. SRC ACP raises an OutOfSync exception
when SRC ACP handles service tracking or authentication events without
receiving a user start event first. 
      [edit shared acp group config configuration redundancy] user@host# set ignore-user-tracking-out-of-sync 
    6. (Optional) Specify the time interval for community members
to check each other’s availability when both redundancy and
state synchronization are enabled. 
      [edit shared acp group config configuration redundancy] user@host# set community-heartbeat community-heartbeat 
    7. (Optional) Specify the time to wait before trying to reacquire
the distributed lock when both redundancy and state synchronization
are enabled. 
      [edit shared acp group config configuration redundancy] user@host# set community-acquire-timeout community-acquire-timeout 
    8. (Optional) Specify the time to wait before regaining control
when both redundancy and state synchronization are enabled. 
      [edit shared acp group config configuration redundancy] user@host# set community-blackout-timeout community-blackout-timeout 
    9. Export the object reference for the backup naming service
through a local file or COS naming service in a redundant SRC ACP
configuration. The primary SRC ACP registers the IOR and redundancy
IOR to both naming services, while the secondary SRC ACP registers
the redundancy IOR to both naming services. 
      [edit shared acp group config configuration redundancy] user@host# set redundant-naming-service redundant-naming-service 
    10. (Optional) Verify your configuration.
      [edit shared acp group config configuration redundancy] 
user@host# show 
    Configuring Connections to the Subscribers’ Directory
    Use the following configuration statements to configure
how SRC ACP connects to the directory that contains subscriber information: 
    shared acp configuration ldap subscriber-data {     congestion-points-eventing;      server-address server-address;      server-port server-port;      dn dn;      principal principal;      password password;      event-dn event-dn;      directory-eventing;      polling-interval polling-interval; }
    To configure connections to the directory that
stores subscriber information: 
    1. From configuration mode, access the configuration statement
that configures SRC ACP connections to the subscribers’ directory.
In this sample procedure, the connections are configured in the config
group. 
      user@host# edit shared acp group config configuration
ldap subscriber-data 
    2. (Optional) Enable directory eventing for congestion points. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set congestion-points-eventing 
    3. Specify the list of primary and redundant servers that
manage data for subscribers. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set server-address server-address 
    4. Specify the TCP port for the directory. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set server-port server-port 
    5. Specify the DN of the root of the directory. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set dn dn 
    6. Specify the DN used to authorize connections to the directory. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set principal principal 
    7. Specify the password used to authorize connections to
the directory. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set password password 
    8. Specify the DN of the directory that contains event information. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set event-dn event-dn 
    9. (Optional) Enable directory eventing. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set directory-eventing 
    10. Specify the time interval at which the SRC component polls
the directory. 
      [edit shared acp group config configuration ldap subscriber-data] user@host# set polling-interval polling-interval 
    11. (Optional) Verify your configuration.
      [edit shared acp group config configuration ldap subscriber-data] 
user@host# show 
    Configuring Connections to the Services’ Directory
    Use the following configuration statements to configure
how SRC ACP connects to the directory that contains information about
services: 
    shared acp configuration ldap service-data {     edge-congestion-point-dn edge-congestion-point-dn;      backbone-congestion-point-dn backbone-congestion-point-dn;      reload-congestion-points;      congestion-points-eventing;      server-address server-address;      server-port server-port;      dn dn;      principal principal;      password password;      event-dn event-dn;      directory-eventing;      polling-interval polling-interval; }
    To configure connections to the directory that
stores service information: 
    1. From configuration mode, access the configuration statement
that configures SRC ACP connections to the services’ directory.
In this sample procedure, the connections are configured in the config
group. 
      user@host# edit shared acp group config configuration
ldap service-data 
    2. Specify the DN of the directory that contains information
about network interfaces for edge congestion points. 
      [edit shared acp group config configuration ldap service-data] user@host# set edge-congestion-point-dn edge-congestion-point-dn 
    3. Specify the DN of the directory that contains information
about network interfaces for backbone congestion point objects. 
      [edit shared acp group config configuration ldap service-data] user@host# set backbone-congestion-point-dn backbone-congestion-point-dn 
    4. (Optional) Specify whether SRC ACP detects changes in
the backbone congestion point for a service while SRC ACP is operative. 
      [edit shared acp group config configuration ldap service-data] user@host# set reload-congestion-points 
      Set this value only when you want to modify a congestion
point. 
    5. (Optional) Enable directory eventing for congestion points. 
      [edit shared acp group config configuration ldap service-data] user@host# set congestion-points-eventing 
    6. Specify the list of primary and redundant servers that
manage data for subscribers. 
      [edit shared acp group config configuration ldap service-data] user@host# set server-address server-address 
    7. Specify the TCP port for the directory. 
      [edit shared acp group config configuration ldap service-data] user@host# set server-port server-port 
    8. Specify the DN of the root of the directory. 
      [edit shared acp group config configuration ldap service-data] user@host# set dn dn 
    9. Specify the DN used to authorize connections to the directory. 
      [edit shared acp group config configuration ldap service-data] user@host# set principal principal 
    10. Specify the password used to authorize connections to
the directory. 
      [edit shared acp group config configuration ldap service-data] user@host# set password password 
    11. Specify the DN of the directory that contains event information. 
      [edit shared acp group config configuration ldap service-data] user@host# set event-dn event-dn 
    12. (Optional) Enable directory eventing. 
      [edit shared acp group config configuration ldap service-data] user@host# set directory-eventing 
    13. Specify the time interval at which the SRC component polls
the directory. 
      [edit shared acp group config configuration ldap service-data] user@host# set polling-interval polling-interval 
    14. (Optional) Verify your configuration.
      [edit shared acp group config configuration ldap service-data] 
user@host# show 
    Configuring SRC ACP Scripts and Classification
    Use the following configuration statements to configure
SRC ACP scripts and classification: 
    shared acp configuration scripts-and-classification {     script-factory-class script-factory-class;      classification-factory-class classification-factory-class;      classification-script classification-script;      congestion-point-profile-script congestion-point-profile-script;      extension-path extension-path; }
    To configure scripts and classification: 
    1. From configuration mode, access the configuration statement
that configures SRC ACP scripts and classification. In this sample
procedure, the properties are configured in the config group. 
      user@host# edit shared acp group config configuration
scripts-and-classification 
    2. Specify the script factory class name. 
      [edit shared acp group config configuration scripts-and-classification] user@host# set script-factory-class script-factory-class 
    3. Specify the congestion point classifier factory class
name. 
      [edit shared acp group config configuration scripts-and-classification] user@host# set classification-factory-class classification-factory-class 
    4. Specify the class name for congestion point classification. 
      [edit shared acp group config configuration scripts-and-classification] user@host# set classification-script classification-script 
    5. Specify the class name for generating the congestion point
DN by using the congestion point profile. 
      [edit shared acp group config configuration scripts-and-classification] user@host# set congestion-point-profile-script congestion-point-profile-script 
    6. Specify the extension class path for classes not located
in the /opt/UMC/acp/lib directory. 
      [edit shared acp group config configuration scripts-and-classification] user@host# set extension-path extension-path 
    7. (Optional) Verify your configuration.
      [edit shared acp group config configuration scripts-and-classification] 
user@host# show 
     
    Related Documentation
     
    Modified: 2014-12-09
    
						
    


    


    



    



    
    
    
        
        
    
    

    

    


    

    

    
    
    
        Previous Page
        Next Page