Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     
     

    Using the SRC Software to Support PTSP

    When you use the SRC software to support PTSP on MX Series routers, the SRC software can become aware of the subscribers before or after a PTSP session has been created. This topic describes the interaction among the components in the basic scenario and the sequence of events for different situations.

    Accessing the Network Before the SRC Cluster Is Notified About a PTSP Session

    The CPE connects to the network and the SRC cluster is notified about the connection before a PTSP session is created. In this case, the attachment session exists before the PTSP session. The sequence of events is:

    1. The CPE connects to the network through the access device.
    2. The access device notifies the access manager about the session start.
    3. The access manager forwards the session start notification to the SIC, which translates the attributes into SRC-specific attributes.
    4. The SIC creates an attachment session in the SSR.
    5. (Optional) The subscriber activates a service through the ASG. (In the sequence of events, this step is the earliest one for using the ASG.)
    6. (Optional) The ASG creates a service session in the SSR that is associated with the attachment session. If the attachment session does not exist, the service activation fails.
    7. The CPE accesses the network. The service node detects a new IP flow and creates a PTSP session.
    8. The service node notifies the SAE that is currently managing the MX Series router. The SAE extracts the IP address, and optionally the VPN ID, from the PTSP session information.
    9. The SAE starts managing the PTSP session and calls the SSR reader authentication plug-in to obtain attachment session information from the SSR. The data from the SSR is used in the classification context.
    10. The SAE runs the subscriber classification script, loads a subscriber profile, and creates a subscriber session. The subscriber session activates any subscribed activate-on-login service.
    11. When the subscriber session is completely activated, the SAE installs any active policies on the service node.

    Accessing the Network After the SRC Cluster Is Notified About a PTSP Session

    The CPE connects to the network and the SRC cluster is notified about the connection after a PTSP session is processed. In this case, the attachment session does not exist before the PTSP session. The sequence of events is:

    1. The CPE connects to the network through the access device.
    2. The CPE accesses the network. The service node detects the new IP flow and creates a PTSP session.
    3. The service node notifies the SAE that is currently managing the MX Series router. The SAE extracts the VPN ID from the PTSP session information.
    4. The SAE starts managing the PTSP session and calls the SSR reader authentication plug-in to obtain attachment session information from the SSR. No information is returned to the SAE because the attachment session does not exist yet.
    5. The SAE creates an unauthenticated (anonymous) subscriber session.
    6. When the subscriber session is completely activated, the SAE installs any active policies on the service node.
    7. The access device notifies the access manager about the session start.
    8. The access manager forwards the session start notification to the SIC.
    9. The SIC creates the attachment session in the SSR.
    10. The SSR notifies the SAE that the attachment session has been modified. The SAE finds any affected subscriber sessions. The SSR notifies all active SAEs in the same cluster.
    11. For any affected subscriber session, the SAE updates the classification context and initiates a login. This login runs the subscriber classification script and compares the result.
      • If the subscriber profile has changed, the existing session is terminated and a new session is created.
      • If the subscriber profile has not changed, the provisioned policies for active services are verified to determine whether they are affected by the updated attachment information.
    12. Any changes are applied to the service node. If no policies have changed but the subscriber identity is different, the SAE changes the subscriber identity on the service node.
    13. The subscriber activates a service through the ASG.
    14. The ASG creates a service session in the SSR.
    15. The SSR notifies all SAEs that a new service session exists.
    16. The SAE that manages PTSP sessions for the attachment session activates a service session for the appropriate subscriber session.

    Changing the Network Connection

    The CPE connects to the network by different means. The attachment session is modified without changing the IP layer. The sequence of events is:

    1. The CPE connects to the network through the access device in a different manner. For example, a wireless device roams to a different access point.
    2. The access device notifies the access manager about the modified session parameters.
    3. The access manager forwards the notification to the SIC.
    4. The SIC updates the attachment session in the SSR.
    5. The SSR notifies the SAE that the attachment session has been modified. The SAE finds any affected subscriber sessions. The SSR notifies all active SAEs in the same cluster.
    6. For any affected subscriber session, the SAE updates the classification context and initiates a login. This login runs the subscriber classification script and compares the result.
      • If the subscriber profile has changed, the existing session is terminated and a new session is created.
      • If the subscriber profile has not changed, the provisioned policies for active services are verified to determine whether they are affected by the updated attachment information.
    7. Any changes are applied to the service node. If no policies have changed but the subscriber identity is different, the SAE installs a policy on the service node with the changed subscriber identity.

    If the IP layer is modified, the existing attachment session is terminated and a new attachment session is created.

    Disconnecting from the Network

    The network connection is terminated. The sequence of events for attachment session termination is:

    1. The CPE disconnects from the network.
    2. The access device notifies the access manager.
    3. The access manager forwards the notification to the SIC.
    4. The SIC terminates the attachment session in the SSR.
    5. The SSR notifies the SAE.
    6. The SAE terminates the subscriber session.
    7. The SAE terminates the PTSP session on the service node.

    Terminating the PTSP Session

    The service node detects the end of the PTSP session because of an idle timeout. The sequence of events for PTSP session termination is:

    1. The service node detects an idle timeout, terminates the PTSP session, and notifies the SAE.
    2. The SAE terminates any subscriber session associated with the PTSP session, which terminates any service session and generates final accounting information.

    PTSP session termination does not affect the attachment session.

    If the attachment session remains active and the CPE accesses the network again, the sequence of events is the same as connecting to the network without a PTSP session.

    If the attachment session terminates, the SAE receives a notification and terminates any remaining PTSP sessions associated with the attachment session. If there are no associated PTSP sessions, the SAE ignores the event.

     
     

    Published: 2014-06-25