Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Subscriber Classification Conditions

 

Subscriber classification conditions define match criteria that are used to find the subscriber profile. Use the fields in this section to define subscriber classification conditions.

dhcp

domainName

  • Domain name of the subscriber.

  • Value—Valid domain name

  • Example—domainName=isp99.com

ifAlias

  • Description of the interface.

  • Value—Interface description that is configured on the router. For JunosE routers, it is the description configured with the interface description command

  • Example—ifAlias=dhcp-subscriber12

ifDesc

  • Alternate name for the interface that is used by SNMP. This name is a system-generated name.

  • Value

    • On a JunosE router, the format of the description is

    • On the devices running Junos OS, ifDesc is the same as interfaceName.

  • Example—ifDesc=IP3/1.1

interfaceType

  • Type of the interface.

  • Value

    • IP for IPv4

    • IPV6 for IPv6

    • IP,IPV6 for dual-stack interface

Example—For dual-stack interface: interfaceType=IP,IPV6

interfaceName

  • Name of the interface.

  • Value

    • Name of the interface in your router CLI syntax

    • FORWARDING_INTERFACE for routing instance (used by traffic mirroring)

    • Router for a JunosE router instance

  • Example—For JunosE routers: interfaceName=fastEthernet6/0

For devices running Junos OS: interfaceName=fe-0/1/0.0

For forwarding interface: interfaceName=FORWARDING_INTERFACE

loginName

  • Name to be used to create a loginName attribute for a subscriber session for JunosE interfaces that are not otherwise assigned a loginName when a session starts, such as unauthenticated DHCP addresses, unauthenticated IP interfaces (that are not using PPP connections), or core-facing interfaces.

    The loginName can also be used to identify a subscriber session through the SAE CORBA remote API.

  • Value—Name in the form subscriber@domain

  • Guideline—The format is not defined. A loginName can be of form subscriber, domain\subscriber, subscriber@domain, or as otherwise defined by the login setup of the operator.

  • <Login name>

  • Example—idp@idp

loginType

  • Type of subscriber session to be created.

  • Value—One of the following login types:

    • ASSIGNEDIP—For assigned IP subscribers. Triggered when an application accesses a subscriber object for an assigned IP subscriber that is not currently loaded into memory.

    • AUTHINTF—For authenticated interface login requests. Triggered when a login Name is reported together with the interface, such as authenticated PPP or auto configured ATM interface, by means of the subscriber command.

    • INTF—For unauthenticated interface login requests. Triggered when an interface comes up and the interface classification script determines that the SAE should manage the interface.

    • ADDR—For unauthenticated address login requests. Triggered when the DHCP server on the JunosE router provides an unauthenticated IP address.

    • AUTHADDR—For authenticated address login requests. Triggered when the DHCP server on the JunosE router provides an authenticated IP address.

    • PORTAL—Triggered when the portal API is invoked to log in a subscriber.

  • Example—loginType=AUTHADDR

macAddress

  • String representation of the DHCP subscriber media access control (MAC) address.

  • Value—Valid MAC address

  • Example—macAddress=00:11:22:33:44:55

nasPort

  • Numeric identifier that the router uses to identify the interface to RADIUS.

  • Value—32-integer value

  • Example—nasPort=1666

nasPortId

  • Port identifier of an interface.

  • Value—Includes interface name and additional layer 2 information

  • Example—nasPortId=fastEthernet 3/1 (There is a space between fastEthernet and slot number 3/1 in the nasPortId.)

framedIpv6Prefix

Configures a condition that uses the IPv6 address prefix.

framedIpv6Prefix is available for JunosE (COPS-PR), Junos OS (JSRC), as well as AAA (COA).

delegatedIpv6Prefix

Using the delegatedIpv6Prefix attribute, the NAS can receive a set of IPv6 prefixes that are delegated to subscribers. An IPv6 subscriber can be identified through multiple prefixes that use the delegatedIpv6Prefix attribute with the framedIpv6Prefix attribute.

delegatedIpv6Prefix is available for Junos OS (JSRC), AAA (COA), and DHCPv6 subscribers on the JunosE router.

radiusClass

  • RADIUS class used for authorization.

  • Value—RADIUS class name

  • Example—radiusClass=Premium

remoteTunnelInetAddress

  • InetAddress of the far end of an L2TP tunnel. If the subscriber interface is an L2TP (LAC) interface, the field contains the address of the LNS. If the subscriber interface is an IP interface on top of an LNS, the field contains the address of the LAC.

  • Value—Valid IPv4 or IPv6 IP address format

  • Example—ipAddress=10.10.30.1

retailerDn

  • DN of the retailer object. The object is found when the domain name is mapped to a retailer object in LDAP.

  • Value—DN of a retailer

serviceBundle

  • Content of the vendor-specific RADIUS attribute for the service bundle.

  • Value—Name of a service bundle

  • Example—serviceBundle=goldSubscriber

unauthenticatedUserDn

  • DN of the unauthenticated subscriber profile (usable for target expressions only).

  • Value—DN of a subscriber profile

userName

  • Name of the subscriber.

  • Value—Subscriber name without the domain name

  • Example—userName=peter

virtualRouterName

  • Name of the virtual router or routing instance.

  • Value—For JunosE routers: name of the virtual router in the format vrname@hostname

    For devices running Junos OS: name of the routing instance

  • Example—virtualRouterName=default@e_series5