Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Parameter Types

    Global and local parameters are assigned a type. The type indicates the SRC CLI options in which you can use the parameter.

    For example, address is a type of parameter. In the SRC CLI, whenever there is an option for which you can specify an IP address, you can use the ? to display a list of all local and global parameters of type address. For example:

    user@host# set source-network network ip-address ?
    Possible completions: <ip-address> IP address of the source or destination network or host gateway_ipAddress interface_ipAddress service_ipAddress user_ipAddress virtual_ipAddress

    There are a few cases in which a global parameter value appears, but because of the context, the value does not make sense to use. For example, in NAT actions, the global parameter any appears in for the IP network setting. In this context, any is not a valid value.

    Table 1 lists the parameter types, the predefined parameters for each type, the policy objects in which you can use the parameter type, and how the type is used.

    Table 1: Parameter Types

    Type

    Predefined Parameters

    Used In

    Used to Specify

    address

    gateway_ipAddress

    interface_ipAddress

    service_ipAddress

    user_ipAddress

    virtual_ipAddress

    Classify-traffic condition

    Next-interface action

    Next-hop action

    IP addresses in dotted decimal notation.

    addressMask

    interface_ipMask

    service_ipMask

    user_ipMask

    Classify-traffic condition

    IP masks in dotted decimal notation.

    For JunosE policies and Junos OS policies (except for firewall policies), a mask must be equivalent to some prefix length. For example, 255.255.255.0 is allowed, but 255.255.255.1 is not. The software searches this constraint for default parameter values, but not for any other substitution values until runtime when the policy engine constructs the policy.

    allowIpOptions

     

    Classify-traffic condition

     

    any

      

    The set of all values.

    applicationProtocol

    bootp, dce_rpc, dce_rpc_portmap, dns, exec, ftp, h323, green, icmp_app, iiop, netbios, netshow, realaudio, rpc, rpc_portmap, rtsp, shell, snmp, sqlnet, tftp, traceroute, winframe, yellow

    Classify-traffic condition

    (Predefined parameters map protocol numbers to synonyms.)

     

    bandwidthSizeUnit

    bps

    percent

    Policer action

     

    boolean

    false

    true

      

    burst

     

    Rate-limit action

    Policer action

    DOCSIS action

    Burst sizes. The range is 214—232–1.

    color

    green

    red

    yellow

    Classify-traffic condition

    Color action

    Color of action or classifier.

    The policy engine validates these values; the substitution engine does not.

    dceRpcUuid

     

    Classify-traffic condition

     

    dropProfileProtocol

    any_protocol

    non_tcp

    tcp_only

    Scheduler action

     

    dropProfileType

    interpolated

    segmented

    Scheduler action

     

    exceptionApplication

    http

    Exception application actions

    The policy rule for traffic that has a specific application, such as a Web server

    forwardingClass

     

    Classify-traffic condition

    QoS condition

     

    fragOffset

     

    Classify-traffic condition

    The value of the fragment offset field of IP packets.

    For routers running JunosE software:

    • eq 0—Equal to 0
    • eq 1—Equal to 1
    • gt 1—Greater than 1
    • any—Any value

      For routers running Junos OS and PCMM policies, integer in the range 0–8191.

      The policy engine validates these values; the substitution engine does not.

    grantSize

     

    DOCSIS action

     

    icmpCode

    icmpType

     

    Classify-traffic condition

    8-bit values that represent patterns in the ICMP code and ICMP type fields in IP packets. The policy engine validates these values; the substitution engine does not.

    igmpType

     

    Classify-traffic condition

    8-bit values that represent patterns in the IGMP type field in IP packets. The policy engine validates these values; the substitution engine does not.

    interfaceGroup

     

    Classify-traffic condition

     

    InterfaceSpec

    bfwlf

    gfwlf

    Next-interface action

    The router interface.

    For JunosE interfaces, the format is:
    ‘<type of specifier>=<value>’

    For example: name=‘fastEthernet3/0’

    For Junos OS interfaces, the format is:
    ‘name= <mediatype>-<slot>/ <pic>/<port>.<unit>’

    For example: ‘name=AT-0/1/0.0’

    interval

     

    DOCSIS action

     

    ipFlags

    ipFlagsMask

     

    Classify-traffic condition

    3-bit values that represent patterns for the IP flags field in an IP packet. The high bit is reserved, the middle bit is don’t fragment, and the low bit is more fragments.

    ipSecSpi

     

    Classify-traffic condition

     

    IPv4range

     

     

     

    jitter

     

    DOCSIS action

     

    l2cAccessMode

    l2c_access_mode

      

    level-aggregation-node

    Set to one of the following values:

    • The default value is 0, which means the level-aggregation-node is not configured.
    • 1=Forwarding
    • 2=Vlan
    • 3=Atm
    • 4=Svlan
    • 5=atm-vc
    • 6=atm_vp
    • 7=Ethernet
    • 8=fr-vc
    • 9=ppp-interface

    Classify-traffic condition

    Parent Group

    (Optional) Specifies the level—for example, Forwarding, Vlan, and so on, where the external parent group needs to be grouped for JunosE hierarchical rate-limiting.

    level-aggregation-node-id

    • If level-aggregation-node=4 (svlan), this represents the svlanID in the range of 0 through 4095.
    • If level-aggregation-node=6 (atm_vp), this represents the atm-vpId in the range of 0 through 255.

    Classify-traffic condition

    Parent Group

    Specifies the JunosE aggregation node ID. You specify this parameter only if the level-aggregation-node attribute is set to 4 (svlan) or 6 (atm-vp). In this case, it is mandatory to set this attribute.

    l2cAccessStreamRate

    l2c_access_downstream_rate, l2c_access_upstream_rate, l2c_attainable_downstream_rate, l2c_attainable_upstream_rate, l2c_maximum_downstream_rate, l2c_maximum_upstream_rate, l2c_min_downstream_rate, l2c_min_upstream_rate, l2c_minimum_low_power_downstream_rate, l2c_minimum_low_power_upstream_rate

      

    l2cDelay

    l2c_actual_interleaving_downstream_delay, l2c_actual_interleaving_upstream_delay, l2c_maximum_interleaving_downstream_delay, l2c_maximum_interleaving_upstream_delay

      

    l2cDslStatus

    l2c_dsl_line_stat

      

    matchDirection

    both

    input

    output

    Classify-traffic condition

     

    maxLatency

     

    DOCSIS action

     

    messageType

     

    Reject action

     

    microSecond

     

     

     

    natTranslationType

     

    NAT action

     

    network

    any

    Classify-traffic condition

    NAT action

    IP subnets using two forms:

    <address>/<mask>

    <address>/<prefixLength>

    where <address> and <mask> are in the traditional dotted decimal notation.

    <prefixLength>is a number in the range 0–32, which specifies how many of the first bits in the address specify the network.

    In policy conditions, network specifies patterns for the address fields in packets. Networks can be preceded by “ not” to indicate that the condition matches every address not in the subnet.

    networkOperation

     

    Classify-traffic condition

    Whether a network field of a packet should match or not match the value specified in a policy condition.

    • 0—Does not match
    • 1—Matches

    numeric-aggregation-node

    0 through 65,535

    The default value of 0 means the numeric-aggregation-node is not configured.

    Classify-traffic condition

    Parent Group

    (Optional) Specifies the JunosE aggregation node numerically in the range of 0 through 65,535.

    packetLength

     

    Classify-traffic condition

    DOCSIS action

    FlowSpec action

     

    packetLossPriority

    any_priority

    high_priority

    low_priority

    Loss priority action

     

    packetOperation

     

    Rate-limit action

    Policer action

    Stateful firewall

    Actions taken on packets.

    For rate-limit actions, valid values are: $’forward’, $’filter’, and $’mark <tosByte> <tosMask>’.

    For policer actions, valid values are: filter, forwardingClass, lossPriority.

    For stateful firewalls, valid values are: filter, forward, reject.

    The policy engine validates these values; the substitution engine does not.

    percent

     

    Scheduler action

     

    policedUnit

     

    FlowSpec action

     

    port

    service_port

    Classify-traffic condition

    NAT action

    16-bit values that represent patterns in the port fields in IP packets.

    portOperation

    eq

    neq

    Classify-traffic condition

    Whether a port field should match or not match the value(s) specified in a condition. For JunosE policies valid values are: $’eq’, $’lt’, $’gt’, $’neq’ and $’range’.

    For Junos OS, the allowed values are:

    • 0—Does not match
    • 1—Matches

      The policy engine validates these values; the substitution engine does not.

    prPrecedence

     

    Policy rule

     

    protocol

    ah, egp, esp, gre, icmp, igmp, ip, ipip, ospf, pim, rsvp, tcp, udp

    Classify-traffic condition

    (Predefined parameters map protocol numbers to synonyms.)

    8-bit values that represent patterns in the protocol field in IP packets. The policy engine validates these values; the substitution engine does not.

    protocolOperation

    is

    not

    Classify-traffic condition

    Whether a protocol field of a packet should match or not match the value specified in a policy condition.

    • 0—Does not match
    • 1—Matches

    qosProfileSpec

     

    QoS-attachment action

    Strings in QoS attachment actions that specify QoS profiles. They can be any string that names a QoS profile on routers running JunosE Software.

    rate

    interface_speed

    Rate-limit action

    Policer action

    DOCSIS action

    FlowSpec action

    Traffic-shape action

    Rates in the range 0—232–1.

    rateLimitType

    one_rate

    two_rate

    Rate-limit action

    Rate-limit type. The allowed values are $’one-rate’ and $’two-rate’. The policy engine validates these values; the substitution engine does not.

    requestTransmissionPolicy

     

    DOCSIS action

     

    routingInstance

     

    Routing instance action

     

    rpcProgramNumber

     

    Classify-traffic condition

     

    schedulerBufferSize

     

    Scheduler action

     

    schedulerBufferSizeUnit

    buffer_size_percentage

    buffer_size_remainder

    temporal

    Scheduler action

     

    schedulerPriority

    high

    low

    medium_high

    medium_low

    strict_high

    Scheduler action

     

    schedulerTransmitRate

     

    Scheduler action

     

    schedulerTransmitRateUnit

    rate_in_bps

    rate_in_percentage

    rate_in_remainder

    Scheduler action

     

    serviceClassName

     

    Service class name action

     

    serviceNumber

    controlled_load_service

    guaranteed_service

    FlowSpec action

     

    sessionClassIdPriority

     

    GateSpec action

     

    slackTerm

     

    FlowSpec action

     

    snmpCommand

    get

    get_next

    set

    trap

    Classify-traffic condition

     

    tcpFlags

    tcpFlagsMask

     

    Classify-traffic condition

    6-bit values that represent patterns for the TCP flags field in IP packets. The bits from high to low mean: urgent, acknowledge, push, reset, synchronize, finish.

    timeout

     

    Classify-traffic condition

     

    tokenBucketSize

     

    FlowSpec action

     

    tosByte

    tosByteMask

     

    Classify-traffic condition

    Rate-limit action

    Mark action

    8-bit values that represent patterns in the ToS byte field in IP packets.

    When tosByteMask is used in ToS conditions, the allowed values are 0, 224, 252, and 255.

    The policy engine validates these values; the substitution engine does not.

    traceRouteTtlThreshold

     

    Classify-traffic condition

     

    trafficClassSpec

     

    Traffic-class action

    Strings in traffic-class actions that specify traffic-class profiles. They can be any string that names a traffic class on routers running JunosE Software.

    trafficPriority

     

    DOCSIS action

     

    trafficProfileType

    best_effort

    unsolicited_grant

    down_stream

    unsolicited_grant_with_activity_detection

    real_time

    non_real_time

    DOCSIS action

    Service flow scheduling type

    translationType

       

    userPacketClass

     

    User packet class action

    4-bit value. For JunosE policies, valid values are in the range 0–15.

    The policy engine validates these values; the substitution engine does not.

    Predefined Global Parameters

    Table 2 describes the predefined built-in and runtime global parameters that the SRC software provides. Only three of the predefined parameters can be modified: any, bfwlf, and gfwlf.

    Table 2: Predefined Global Parameters

    Predefined Parameter

    Description

    Type

    Runtime

    ah

    Maps protocol 51 to AH

    protocol

     

    any

    This network matches any address

    network

     

    any_priority

    Sets packet loss priority to “ any”

    packetLossPriority

     

    any_protocol

    Sets drop profile protocol to “ any”

    dropProfileProtocol

     

    best_effort

    Sets the service flow scheduling type to best effort

    trafficProfileType

     

    bfwlf

    Specifier of the interface that leads to the bronze firewall server

    interfaceSpec

    Yes

    bootp

    Specifies the BOOTP protocol

    applicationProtocol

     

    both

    Specifies the direction of the policy as input and output

    matchdirection

     

    bps

    Specifies that the indicated bandwidth size is in bps

    bandwidthSizeUnit

     

    buffer_size_percentage

    Specifies that the indicated buffer size is a percentage

    schedulerBufferSizeUnit

     

    buffer_size_remainder

    Specifies that the indicated buffer size is a remainder

    schedulerBufferSizeUnit

     

    controlled_load_service

    Specifies that the type of FlowSpec service is controlled-load service

    serviceNumber

     

    dce_rpc

    Specifies the DCE RPC protocol

    applicationProtocol

     

    dce_rpc_portmap

    Specifies the DCE RPC portmap

    applicationProtocol

     

    dns

    Specifies the DNS protocol

    applicationProtocol

     

    down_stream

    Sets the service flow scheduling type to downstream

    trafficProfileType

     

    egp

    Maps protocol 8 to EGP

    protocol

     

    eq

    Matches packets with a port that is equal to the specified port

    portOperation

     

    esp

    Maps protocol 50 to ESP

    protocol

     

    exec

    Specifies the Exec protocol

    applicationProtocol

     

    false

    Sets Boolean values to false

    boolean

     

    ftp

    Specifies the FTP protocol

    applicationProtocol

     

    gateway_ipAddress

    IP address of the gateway as specified by the service object

    address

    Yes

    get

    Specifies the get SNMP command

    snmpCommand

     

    get_next

    Specifies the get-next SNMP command

    snmpCommand

     

    gfwlf

    Specifier of the interface that leads to gold firewall server

    interfaceSpec

    Yes

    gre

    Maps protocol 47 to GRE

    protocol

     

    green

    Specifies the color that indicates a low drop preference

    color

    Yes

    guaranteed

    Specifies that the type of FlowSpec service is guaranteed service

    serviceNumber

     

    h323

    Specifies the H.323 protocol

    applicationProtocol

     

    high

    Sets the scheduler priority to high

    schedulerPriority

     

    high_priority

    Sets the packet loss priority (PLP) to high

    packetLossPriority

     

    icmp

    Maps protocol 1 to ICMP

    protocol

     

    icmp_app

    Specifies the ICMP protocol

    applicationProtocol

     

    igmp

    Maps protocol 2 to IGMP

    protocol

     

    iiop

    Specifies the Internet Inter-ORB Protocol, a TCP protocol

    applicationProtocol

     

    input

    Specifies the direction of the policy as input

    matchdirection

     

    interface_ipAddress

    IP address of the interface

    address

    Yes

    interface_ipMask

    IP mask of the interface

    addressMask

    Yes

    interface_speed

    Speed of the subscriber’s IP interface on the router or the speed of the subscriber’s DOCSIS interface

    rate

     

    interpolated

    Sets the drop profile type to interpolate

    dropProfileType

     

    ip

    Maps protocol 0 to IP

    protocol

     

    ipip

    Maps protocol 4 to IP-IP

    protocol

     

    is

    Matches packets with the protocol that is equal to the specified protocol

    protocolOperation

     

    l2c_access_downstream_rate

    L2C downstream rate

    l2cAccessStreamRate

    Yes

    l2c_access_mode

    L2C access mode

    l2cAccessMode

    Yes

    l2c_access_upstream_rate

    L2C upstream rate

    l2cAccessStreamRate

    Yes

    l2c_actual_interleaving_downstream_delay

    L2C interleaving downstream delay

    l2cDelay

    Yes

    l2c_actual_interleaving_upstream_delay

    L2C interleaving upstream delay

    l2cDelay

    Yes

    l2c_attainable_downstream_rate

    L2C attainable downstream rate

    l2cAccessStreamRate

    Yes

    l2c_attainable_upstream_rate

    L2C attainable upstream rate

    l2cAccessStreamRate

    Yes

    l2c_dsl_line_stat

    L2C DSL line status

    l2cDslStatus

    Yes

    l2c_maximum_downstream_rate

    L2C maximum downstream rate

    l2cAccessStreamRate

    Yes

    l2c_maximum_interleaving_downstream_delay

    L2C maximum interleaving downstream delay

    l2cDelay

    Yes

    l2c_maximum_interleaving_upstream_delay

    L2C maximum interleaving upstream delay

    l2cDelay

    Yes

    l2c_maximum_upstream_rate

    L2C maximum upstream rate

    l2cAccessStreamRate

    Yes

    l2c_min_downstream_rate

    L2C minimum downstream rate

    l2cAccessStreamRate

    Yes

    l2c_min_upstream_rate

    L2C minimum upstream rate

    l2cAccessStreamRate

    Yes

    l2c_minimum_low_power_downstream_rate

    L2C minimum low power downstream rate

    l2cAccessStreamRate

    Yes

    l2c_minimum_low_power_upstream_rate

    L2C minimum low power upstream rate

    l2cAccessStreamRate

    Yes

    low

    Sets scheduler priority to low

    schedulerPriority

     

    low_priority

    Sets packet loss priority to low

    packetLossPriority

     

    medium_high

    Sets scheduler priority to medium-high

    schedulerPriority

     

    medium_low

    Sets scheduler priority to medium-low

    schedulerPriority

     

    neq

    Matches packets with a port that is not equal to the specified port

    portOperation

     

    netbios

    Specifies the NetBIOS protocol

    applicationProtocol

     

    netshow

    Specifies the NetShow protocol

    applicationProtocol

     

    non_real_time

    Sets the service flow scheduling type to NRTPS

    trafficProfileType

     

    non_tcp

    Sets the drop profile protocol to any protocol other than TCP

    dropProfileProtocol

     

    not

    Matches packets with the protocol that is not equal to the specified protocol

    protocolOperation

     

    one_rate

    Sets the rate-limit type to one rate

    rateLimitType

     

    ospf

    Maps protocol 89 to OSPF

    protocol

     

    output

    Specifies the direction of the policy as output

    matchdirection

     

    percent

    Specifies that the indicated bandwidth size is a percentage of bandwidth

    bandwidthSizeUnit

     

    pim

    Maps protocol 103 to PIM

    protocol

     

    rate_in_bps

    Specifies that the indicated transmit rate is in bps

    schedulerTransmitRateUnit

     

    rate_in_percentage

    Specifies that the indicated transmit rate is a percentage

    schedulerTransmitRateUnit

     

    rate_in_remainder

    Specifies that the indicated transmit rate is a remainder

    schedulerTransmitRateUnit

     

    realaudio

    Specifies the RealAudio protocol

    applicationProtocol

     

    real_time

    Sets the service flow scheduling type to RTPS

    trafficProfileType

     

    red

    Specifies the color that indicates a high drop preference

    color

    Yes

    rpc

    Specifies the RPC UDP or TCP protocols

    applicationProtocol

     

    rpc_portmap

    Specifies the RPC portmap protocol

    applicationProtocol

     

    rsvp

    Maps protocol 46 to RSVP

    protocol

     

    rtsp

    Specifies the Real-Time Streaming Protocol

    applicationProtocol

     

    sctp

    Maps protocol 132 to the Stream Control Transmission Protocol

    protocol

     

    segmented

    Sets the drop profile type to segmented

    dropProfileType

     

    service_ipAddress

    IP address of the service as specified by the service object

    address

    Yes

    service_ipMask

    IP mask of the service as specified by the service object

    address

    Yes

    service_port

    Service port as specified by the service object

    port

    Yes

    set

    Specifies the set SNMP command

    snmpCommand

     

    shell

    Specifies the Shell protocol

    applicationProtocol

     

    snmp

    Specifies the SNMP protocol

    applicationProtocol

     

    sqlnet

    Specifies the SQLNet protocol

    applicationProtocol

     

    strict_high

    Sets scheduler priority to strict-high

    schedulerPriority

     

    tcp

    Maps protocol 6 to TCP

    protocol

     

    tcp_only

    Sets the drop profile protocol to TCP

    dropProfileProtocol

     

    temporal

    Specifies that the indicated buffer size is temporal

    schedulerBufferSizeUnit

     

    tftp

    Specifies the Trivial File Transfer Protocol

    applicationProtocol

     

    traceroute

    Specifies the Traceroute protocol

    applicationProtocol

     

    trap

    Specifies the trap SNMP command

    snmpCommand

     

    true

    Sets the Boolean value to true

    boolean

     

    two_rate

    Sets the rate-limit type to two rate

    rateLimitType

     

    udp

    Maps protocol 17 to UDP

    protocol

     

    unsolicited_grant

    Sets the service flow scheduling type to UGS

    trafficProfileType

     

    unsolicited_grant_with_activity_detection

    Sets the service flow scheduling type to UGS-AD

    trafficProfileType

     

    user_ipAddress

    IP address of the subscriber

    address

    Yes

    user_ipMask

    IP mask of the subscriber

    address

    Yes

    virtual_ipAddress

    Virtual portal address of the SSP that is used in redundant SAE installations

    address

    Yes

    winframe

    Specifies the WinFrame protocol

    applicationProtocol

     

    yellow

    Specifies the color that indicates a medium drop preference

    color

    Yes

    Naming Global Parameters

    A global parameter is stored in the directory with the parameter name as its naming attribute. The directory stores the case for the parameter name; however, the directory does not allow you to create another global parameter with a name that differs only by the use of upper and lowercase letters. For example, if there is a parameter named fastspeed, the directory will not allow the creation of a parameter named fastSpeed without first deleting fastspeed.

    Also, when you define a substitution for a global parameter, make sure that the case in the substitution matches the case of the global parameter.

     

    Published: 2014-12-10