Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring SRC ACP Properties (SRC CLI)

    To configure SRC ACP properties, perform these tasks:

    1. Configuring Logging Destinations for SRC ACP
    2. Configuring SRC ACP Operation
    3. Configuring CORBA Interfaces
    4. Configuring SRC ACP Redundancy
    5. Configuring Connections to the Subscribers’ Directory
    6. Configuring Connections to the Services’ Directory
    7. Configuring SRC ACP Scripts and Classification

    Configuring Logging Destinations for SRC ACP

    You can store log messages in a file or in the system logging facility. To format log messages in an easy to understand audit pattern, define the logger name as “audit”. The events captured in an audit logger include:

    • ACP’s calculation result of edge congestion points for a user session.
    • ACP’s calculation result of backbone congestion points for a service authorization request.
    • ACP’s decision (grant or deny) on a service authorization event. If denied, the congestion point that is over the limit is logged.
    • Bandwidth usage update to congestion points following a service start, interim (only when it is different from start event), or stop tracking event.
    • Bandwidth usage update to congestion points following an interface tracking event.

    Use the following configuration statements to configure logging destinations for SRC ACP:

    shared acp configuration logger name ...
    shared acp configuration logger name file { filter filter; filename filename; rollover-filename rollover-filename; maximum-file-size maximum-file-size; }
    shared acp configuration logger name syslog { filter filter;host host;facility facility;format format; }

    Configuring Logging Destinations to Store Messages in a File

    To configure logging destinations to store log messages in a file:

    1. From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called file-1 is configured in the config group.
      user@host# edit shared acp group config configuration logger file-1 file
    2. Specify the properties for the logging destination.
      [edit shared acp group config configuration logger file-1 file] user@host# set ?

      For more information about configuring properties for the logging destination, see Configuring an SRC Component to Store Log Messages in a File (SRC CLI).

    3. (Optional) Verify your configuration.
      [edit shared acp group config configuration logger file-1 file] 
      user@host# show 
      filename var/log/acp_debug.log;
      rollover-filename var/log/acp_debug.alt;

    Configuring Logging Destinations to Send Messages to System Logging Facility

    To configure logging destinations to send log messages to the system logging facility:

    1. From configuration mode, access the configuration statement that configures the name and type of logging destination. In this sample procedure, the logging destination called syslog-1 is configured in the config group.
      user@host# edit shared acp group config configuration logger syslog-1 syslog
    2. Specify the properties for the logging destination.
      [edit shared acp group config configuration logger syslog-1 syslog] user@host# set ?

      For more information about configuring properties for the logging destination, see Configuring System Logging (SRC CLI).

    3. (Optional) Verify your configuration.
      [edit shared acp group config configuration logger syslog-1 syslog] 
      user@host# show 
      filter /error-;
      host loghost;

    Configuring SRC ACP Operation

    Use the following configuration statements to configure how SRC ACP operates:

    shared acp configuration acp-options { backup-directory backup-directory; mode (edge | backbone | dual); event-cache-size event-cache-size; overload-method overload-method; reservation-timeout reservation-timeout; congestion-point-auto-completion; tuning-factor tuning-factor; subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message; network-bandwidth-exceed-message network-bandwidth-exceed-message; backup-database-maximum-size backup-database-maximum-size; remote-update-database-index-keys remote-update-database-index-keys; interface-tracking-filter interface-tracking-filter; state-sync-bulk-size state-sync-bulk-size; }

    To configure SRC ACP operation:

    1. From configuration mode, access the configuration statement that configures SRC ACP operation. In this sample procedure, the SRC ACP operating properties are configured in the config group.
      user@host# edit shared acp group config configuration acp-options
    2. Specify the folder that stores backup information about subscribers, services, and congestion points.
      [edit shared acp group config configuration acp-options] user@host# set backup-directory
    3. Specify the regions of the network that SRC ACP manages.
      [edit shared acp group config configuration acp-options] user@host# set mode (edge | backbone | dual)
    4. Specify the number of plug-in events from the SAE that SRC ACP can store in its cache.
      [edit shared acp group config configuration acp-options] user@host# set event-cache-size event-cache-size
    5. Specify how SRC ACP deals with situations in which the components exceed the allocated bandwidth because the service was activated after the authorization was granted.
      [edit shared acp group config configuration acp-options] user@host# set overload-method overload-method

      If you specify -1, SRC ACP ignores overload. An integer greater than or equal to 0 specifies the bandwidth (in bits per second) by which the maximum may be exceeded.

    6. Specify the time to wait before a bandwidth reservation expires. The reserved bandwidth is reclaimed by SRC ACP when the reservation expires.
      [edit shared acp group config configuration acp-options] user@host# set reservation-timeout reservation-timeout
    7. Specify whether SRC ACP uses the information acquired from the router to determine the congestion points.
      [edit shared acp group config configuration acp-options] user@host# set congestion-point-auto-completion
    8. Specify the factors that compensate for actual use of bandwidth, as opposed to allocated bandwidth.
      [edit shared acp group config configuration acp-options] user@host# set tuning-factor tuning-factor
    9. Specify the error message that SRC ACP sends when the subscriber exceeds the allocated bandwidth.
      [edit shared acp group config configuration acp-options] user@host# set subscriber-bandwidth-exceed-message subscriber-bandwidth-exceed-message
    10. Specify the error message that SRC ACP sends when traffic flow exceeds the allocated bandwidth on an interface between the subscriber and the router.
      [edit shared acp group config configuration acp-options] user@host# set network-bandwidth-exceed-message network-bandwidth-exceed-message
    11. Specify the value by which the sum of the sizes of the files that contain SRC ACP data can increment before SRC ACP reorganizes the files.
      [edit shared acp group config configuration acp-options] user@host# set backup-database-maximum-size backup-database-maximum-size

      Choose a value that is significantly lower than the capacity of the machine’s hard disk.

    12. Specify the values to look for in the configuration data. Specifying index keys can improve performance by filtering the data.
      [edit shared acp group config configuration acp-options] user@host# set remote-update-database-index-keys remote-update-database-index-keys

      The value is a list of attributes, separated by commas. An attribute is one of the following text strings:

      • accountingId—Value of directory attribute accountingUserId.
      • dhcpPacket—Content of the DHCP discover request.
      • hostname—Name of the host on which the SAE is installed.
      • ifIndex—SNMP index of the interface. This attribute is not supported on devices running Junos OS.
      • ifRadiusClass—RADIUS class attribute on the JunosE interface. This attribute is not supported on devices running Junos OS.
      • ifSessionId—Identifier for RADIUS accounting on the JunosE interface. This attribute is not supported on devices running Junos OS.
      • interfaceAlias—Alias of the interface; that is, the IP description in the interface configuration.
      • interfaceDescr—SNMP description of the interface.
      • interfaceName—Name of the interface.
      • loginName—Subscriber's login name.
      • nasInetAddress—IP address of the router; using a byte array instead of an integer.
      • nasPort—NAS port used by the router to identify the interface to RADIUS.
      • portId—Identifier of VLAN or virtual circuit. For a virtual circuit, use the format <VPI>/<VCI>. This attribute is not supported on devices running Junos OS.
        • <VPI>—Virtual path identifier
        • <VCI>—Virtual connection identifier
      • primaryUserName—PPP login name or the public DHCP username. This attribute is not supported on devices running Junos OS.
      • routerName—Name of the virtual router in the format <virtualRouter>@<router>.
        • <virtualRouter>—Virtual router name
        • <router>—Router name
      • routerType—Type of router driver.
      • userInetAddress—IP address of the subscriber that uses a byte array instead of an integer.
      • userMacAddress—MAC address of the DHCP subscriber. This attribute is not supported on devices running Junos OS.
      • userRadiusClass—RADIUS class attribute of the subscriber session for a service. This attribute can occur multiple times and can be returned by an authorization plug-in.
      • userType—Type of subscriber.
    13. Specify the interface tracking event to be ignored by SRC ACP.
      [edit shared acp group config configuration acp-options] user@host# set interface-tracking-filter interface-tracking-filter

      The value is filter strings in the format of a list of <attribute>=<value> pairs. The filter strings can be contained within query operations.

      • <attribute>—Name of an attribute for an interface tracking event. See value for the remote-update-database-index-keys option described Configuring SRC ACP Properties (SRC CLI).
      • <value>—Filtering string of the following types:
        • *—Any value
        • Explicit string—Any value matching the specified string (not case-sensitive)
        • String containing an asterisk—Any value containing the specified string (not case-sensitive)
      • To perform query operations on filter strings, you can use the following values in your filter strings:
        • ()—Match no objects.
        • (*)—Match all objects.
        • (&<filter><filter>...)—Performs logical AND operation on filter strings; true if all filter strings match.
        • (|<filter><filter>...)—Performs logical OR operation on filter strings; true if at least one filter string matches.
        • (!<filter>)—Performs logical NOT operation on filter string; true if the filter string does not match.
    14. (Optional) Specify the number of events the SAE sends to SRC ACP in a single method call during state synchronization.
      [edit shared acp group config configuration acp-options] user@host# set state-sync-bulk-size state-sync-bulk-size
    15. (Optional) Verify your configuration.
      [edit shared acp group config configuration acp-options] 
      user@host# show 

    Configuring CORBA Interfaces

    Use the following configuration statements to configure CORBA interfaces for SRC ACP:

    shared acp configuration corba { acp-ior acp-ior; remote-update-ior remote-update-ior; }

    To configure CORBA interfaces:

    1. From configuration mode, access the configuration statement that configures CORBA interfaces for SRC ACP. In this sample procedure, the CORBA interfaces are configured in the config group.
      user@host# edit shared acp group config configuration corba
    2. Export the object reference for SRC ACP through either a local file or a Common Object Services (COS) naming service.
      [edit shared acp group config configuration corba] user@host# set acp-ior acp-ior
    3. Specify the object reference for the ACP external interface.
      [edit shared acp group config configuration corba] user@host# set remote-update-ior remote-update-ior
    4. (Optional) Verify your configuration.
      [edit shared acp group config configuration corba] 
      user@host# show 
      acp-ior file:///var/acp/acp.ior;
      remote-update-ior file:///var/acp/sra.ior;

    Configuring SRC ACP Redundancy

    Use the following configuration statements to configure SRC ACP redundancy and state synchronization with the SAE:

    shared acp configuration redundancy {enable-redundancy; local-ior local-ior; remote-ior remote-ior; ignore-user-tracking-out-of-sync; community-heartbeat community-heartbeat; community-acquire-timeout community-acquire-timeout; community-blackout-timeout community-blackout-timeout; redundant-naming-service redundant-naming-service; }

    To configure SRC ACP redundancy and state synchronization with the SAE:

    1. From configuration mode, access the configuration statement that configures SRC ACP redundancy. In this sample procedure, the properties are configured in the config group.
      user@host# edit shared acp group config configuration redundancy
    2. (Optional) Enable SRC ACP redundancy.
      [edit shared acp group config configuration redundancy] user@host# set enable-redundancy
    3. Export the object reference for this SRC ACP (local interface) through a Common Object Services (COS) naming service in a redundant SRC ACP configuration.
      [edit shared acp group config configuration redundancy] user@host# set local-ior local-ior
    4. Resolves the object reference for the other SRC ACP (remote interface) through a Common Object Services (COS) naming service in a redundant SRC ACP configuration. For redundancy, the remote IOR value of one SRC ACP must match the local IOR value of the other SRC ACP.
      [edit shared acp group config configuration redundancy] user@host# set remote-ior remote-ior
    5. (Optional) Specify whether user-tracking events should be ignored when they raise an OutOfSync exception to the SAE when state synchronization is enabled. SRC ACP raises an OutOfSync exception when SRC ACP handles service tracking or authentication events without receiving a user start event first.
      [edit shared acp group config configuration redundancy] user@host# set ignore-user-tracking-out-of-sync
    6. (Optional) Specify the time interval for community members to check each other’s availability when both redundancy and state synchronization are enabled.
      [edit shared acp group config configuration redundancy] user@host# set community-heartbeat community-heartbeat
    7. (Optional) Specify the time to wait before trying to reacquire the distributed lock when both redundancy and state synchronization are enabled.
      [edit shared acp group config configuration redundancy] user@host# set community-acquire-timeout community-acquire-timeout
    8. (Optional) Specify the time to wait before regaining control when both redundancy and state synchronization are enabled.
      [edit shared acp group config configuration redundancy] user@host# set community-blackout-timeout community-blackout-timeout
    9. Export the object reference for the backup naming service through a local file or COS naming service in a redundant SRC ACP configuration. The primary SRC ACP registers the IOR and redundancy IOR to both naming services, while the secondary SRC ACP registers the redundancy IOR to both naming services.
      [edit shared acp group config configuration redundancy] user@host# set redundant-naming-service redundant-naming-service
    10. (Optional) Verify your configuration.
      [edit shared acp group config configuration redundancy] 
      user@host# show 

    Configuring Connections to the Subscribers’ Directory

    Use the following configuration statements to configure how SRC ACP connects to the directory that contains subscriber information:

    shared acp configuration ldap subscriber-data { congestion-points-eventing; server-address server-address; server-port server-port; dn dn; principal principal; password password; event-dn event-dn; directory-eventing; polling-interval polling-interval; }

    To configure connections to the directory that stores subscriber information:

    1. From configuration mode, access the configuration statement that configures SRC ACP connections to the subscribers’ directory. In this sample procedure, the connections are configured in the config group.
      user@host# edit shared acp group config configuration ldap subscriber-data
    2. (Optional) Enable directory eventing for congestion points.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set congestion-points-eventing
    3. Specify the list of primary and redundant servers that manage data for subscribers.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set server-address server-address
    4. Specify the TCP port for the directory.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set server-port server-port
    5. Specify the DN of the root of the directory.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set dn dn
    6. Specify the DN used to authorize connections to the directory.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set principal principal
    7. Specify the password used to authorize connections to the directory.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set password password
    8. Specify the DN of the directory that contains event information.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set event-dn event-dn
    9. (Optional) Enable directory eventing.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set directory-eventing
    10. Specify the time interval at which the SRC component polls the directory.
      [edit shared acp group config configuration ldap subscriber-data] user@host# set polling-interval polling-interval
    11. (Optional) Verify your configuration.
      [edit shared acp group config configuration ldap subscriber-data] 
      user@host# show 

    Configuring Connections to the Services’ Directory

    Use the following configuration statements to configure how SRC ACP connects to the directory that contains information about services:

    shared acp configuration ldap service-data { edge-congestion-point-dn edge-congestion-point-dn; backbone-congestion-point-dn backbone-congestion-point-dn; reload-congestion-points; congestion-points-eventing; server-address server-address; server-port server-port; dn dn; principal principal; password password; event-dn event-dn; directory-eventing; polling-interval polling-interval; }

    To configure connections to the directory that stores service information:

    1. From configuration mode, access the configuration statement that configures SRC ACP connections to the services’ directory. In this sample procedure, the connections are configured in the config group.
      user@host# edit shared acp group config configuration ldap service-data
    2. Specify the DN of the directory that contains information about network interfaces for edge congestion points.
      [edit shared acp group config configuration ldap service-data] user@host# set edge-congestion-point-dn edge-congestion-point-dn
    3. Specify the DN of the directory that contains information about network interfaces for backbone congestion point objects.
      [edit shared acp group config configuration ldap service-data] user@host# set backbone-congestion-point-dn backbone-congestion-point-dn
    4. (Optional) Specify whether SRC ACP detects changes in the backbone congestion point for a service while SRC ACP is operative.
      [edit shared acp group config configuration ldap service-data] user@host# set reload-congestion-points

      Set this value only when you want to modify a congestion point.

    5. (Optional) Enable directory eventing for congestion points.
      [edit shared acp group config configuration ldap service-data] user@host# set congestion-points-eventing
    6. Specify the list of primary and redundant servers that manage data for subscribers.
      [edit shared acp group config configuration ldap service-data] user@host# set server-address server-address
    7. Specify the TCP port for the directory.
      [edit shared acp group config configuration ldap service-data] user@host# set server-port server-port
    8. Specify the DN of the root of the directory.
      [edit shared acp group config configuration ldap service-data] user@host# set dn dn
    9. Specify the DN used to authorize connections to the directory.
      [edit shared acp group config configuration ldap service-data] user@host# set principal principal
    10. Specify the password used to authorize connections to the directory.
      [edit shared acp group config configuration ldap service-data] user@host# set password password
    11. Specify the DN of the directory that contains event information.
      [edit shared acp group config configuration ldap service-data] user@host# set event-dn event-dn
    12. (Optional) Enable directory eventing.
      [edit shared acp group config configuration ldap service-data] user@host# set directory-eventing
    13. Specify the time interval at which the SRC component polls the directory.
      [edit shared acp group config configuration ldap service-data] user@host# set polling-interval polling-interval
    14. (Optional) Verify your configuration.
      [edit shared acp group config configuration ldap service-data] 
      user@host# show 

    Configuring SRC ACP Scripts and Classification

    Use the following configuration statements to configure SRC ACP scripts and classification:

    shared acp configuration scripts-and-classification { script-factory-class script-factory-class; classification-factory-class classification-factory-class; classification-script classification-script; congestion-point-profile-script congestion-point-profile-script; extension-path extension-path; }

    To configure scripts and classification:

    1. From configuration mode, access the configuration statement that configures SRC ACP scripts and classification. In this sample procedure, the properties are configured in the config group.
      user@host# edit shared acp group config configuration scripts-and-classification
    2. Specify the script factory class name.
      [edit shared acp group config configuration scripts-and-classification] user@host# set script-factory-class script-factory-class
    3. Specify the congestion point classifier factory class name.
      [edit shared acp group config configuration scripts-and-classification] user@host# set classification-factory-class classification-factory-class
    4. Specify the class name for congestion point classification.
      [edit shared acp group config configuration scripts-and-classification] user@host# set classification-script classification-script
    5. Specify the class name for generating the congestion point DN by using the congestion point profile.
      [edit shared acp group config configuration scripts-and-classification] user@host# set congestion-point-profile-script congestion-point-profile-script
    6. Specify the extension class path for classes not located in the /opt/UMC/acp/lib directory.
      [edit shared acp group config configuration scripts-and-classification] user@host# set extension-path extension-path
    7. (Optional) Verify your configuration.
      [edit shared acp group config configuration scripts-and-classification] 
      user@host# show 

    Modified: 2016-12-29