Hide Navigation Pane
Show Navigation Pane
Download
SHA1
Configuring Parameters for the Script Service for Packet Mirroring
Provide parameter substitutions with the values that are in the service definitions for the script service.
Table 6 lists the parameters specified by the sample packet-mirroring script service. In most cases, you can use the sample script service without modification.
Table 6: Parameter Substitutions for Packet-Mirroring Services
Parameter Name | Description |
|---|---|
dynAnalyzerIPAddress | RADIUS VSA that is the IP address of the analyzer device. This attribute is required. |
dynAnalyzerPortNumber | RADIUS VSA that is the UDP port number of the monitoring application in the analyzer device. If specified, dynMirrorIdentifier must also be specified. |
dynMirrorIdentifier | RADIUS VSA in the form of a hexadecimal string. If specified, dynAnalyzerPortNumber must also be specified. |
dynClientIp | IP address of the dynamic RADIUS client. |
dynClientPort | UDP port number of the dynamic RADIUS client. |
dynServerIp | IP address of the C Series Controller. |
dynServerPort | UDP port number of the C Series Controller. |
dynSecret | Shared secret. |
dynRetry | Number of retries for sending dynamic RADIUS packet when no RADIUS response is received. The retry interval is 3 seconds. |
dynConfig | Content of dynamic RADIUS request packets in the format <action>. <radiusAttributeName>=<pluginEventAttribute>\n
|
To configure substitutions for the script parameters:
- At the hierarchy for the script service, specify substitutions
for the parameters. For example:[edit services global service packetMirroring]user@host# set parameter substitution [ dynAnalyzerIPAddress=10.227.6.221
dynAnalyzerPortNumber=9100 dynMirrorIdentifier=0x0000000100000001
dynSecret=\”secret\” dynRetry=2 dynClientIp=10.227.7.111 dynClientPort=9099
"dynConfig=\"start-stop.Acct-Session-Id =
ifSessionId\\nstart.vendor-specific.JUNIPER.Unisphere-LI-Action.salt=1\\nstar
t.vendor-specific.JUNIPER.Unisphere-Med-Dev-Handle.salt=custom['dynMirrorIde
ntifier']\\nstart.vendor-specific.JUNIPER.Unisphere-Med-Ip-Address.salt=intIp(c
ustom['dynAnalyzerIPAddress'])\\nstart.vendor-specific.JUNIPER.Unisphere-Me
d-Port-Number.salt =
int(custom['dynAnalyzerPortNumber'])\\nstop.vendor-specific.JUNIPER.Unisph
ere-LI-Action.salt=0\"" ] - Verify the configuration.
[edit services global service packetMirroring] user@host# show type script; status active; parameter { substitution [ dynAnalyzerIPAddress=10.227.6.221 dynAnalyzerPortNumber=9100
dynMirrorIdentifier=0x0000000100000001 dynSecret=secret dynRetry=2
dynClientIp=10.227.7.111 dynClientPort=9099 "dynConfig=\"start-stop.
Acct-Session-Id = ifSessionId\\nstart.vendor-specific.JUNIPER.
Unisphere-LI-Action.salt= 1\\nstart.vendor-specific.JUNIPER.
Unisphere-Med-Dev-Handle.salt= custom['dynMirrorIdentifier']
\\nstart.vendor-specific.JUNIPER.
Unisphere-Med-Ip-Address.salt= intIp(custom['dynAnalyzerIPAddress'])
\\nstart.vendor-specific.JUNIPER.
Unisphere-Med-Port-Number.salt = int(custom['dynAnalyzerPortNumber'])
\\nstop.vendor-specific.JUNIPER.Unisphere-LI-Action.salt=0\"" ]; } script { script-type url; class-name net.juniper.smgt.scriptServices.packetMirroring.LiService; file file:///opt/UMC/sae/lib/pm.jar; }
Related Documentation
- Configuring Packet-Mirroring Support in an SRC Network
- Adding a Normal Service (SRC CLI)
- Setting Parameter Values for Services (SRC CLI)
- Customizing Service Implementations
- Defining RADIUS Attributes for Dynamic Authorization Requests with the SAE Core API
