Configuring Packet-Mirroring Support in an SRC Network
To support packet mirroring in an SRC network, configure a script service that can be activated to set up RADIUS-based packet-mirroring policies on a router running JunosE Software. The script service defines the parameters needed to mirror subscriber traffic, such as the address of the subscriber or the analyzer device. This script service is activated for the subscriber whose traffic should be mirrored.
You must have preconfigured RADIUS-based packet mirroring on routers running JunosE Software. The JunosE software provides RADIUS-based packet mirroring, which allows the router to create dynamic secure policies for the mirroring operation. The RADIUS administrator can configure and manage interface mirroring services that are activated by means of COA.
To set up the SRC software for packet mirroring:
Create a script service for packet mirroring.
The SRC software includes a sample script service that you can configure to send dynamic RADIUS requests to the router running JunosE Software. You can use the sample service definition and customize it for your environment by modifying the service substitutions.
Configure subscriptions to the packet-mirroring service.
You can set up the subscriptions to activate immediately on login.
See Configuring Subscriptions (SRC CLI).
(Optional) Configure the maximum number of RADIUS peers.
For information about configuring RADIUS-based packet mirroring on the router running JunosE Software, see the JunosE Policy Management Configuration Guide.
For information about dynamic RADIUS requests, see RFC 3576—Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) (July 2003).