TechLibrary

ContentIndex

[+] Expand All

[-] Collapse All

SRC PE 4.9.x Solutions Guide
- Copyright and Trademark Information
- Table of Contents
- List of Figures
- List of Tables
- About the Documentation
- Providing Specialized Services in an SRC Environment
  - Managing Tiered and Premium Services with QoS on JunosE Routers (SRC CLI)
    - QoS on JunosE Routers Overview
    - Dynamically Managing QoS Profiles
      - How QoS Profile Tracking Works
        Identifying QoS Services
        Determining the QoS Profile
        Setting Up Policy Groups
        Policy Group for QoS Profile Attachment Service
        Setting Up Services
        Reestablishing Default QoS Profile
      - Example: How QTP Activates a QoS Service
    - Configuring QoS Profile-Tracking Plug-Ins (SRC CLI)
    - Configuring Search Filters for QoS Profile-Tracking Plug-Ins
    - Updating QoS Profile Data in the Directory
    - Query Fields
    - Examples: Searching for QoS Information
  - Managing Subscribers for a Wireless Roaming Environment
    - Wireless Roaming Environment Overview
    - Subscriber Access in a Wireless Roaming Environment
    - Configuring Subscriber Access for a Wireless Location
  - Configuring VoIP Services in an SRC Network
    - Session Management for VoIP Services Overview
      - Accounting and Tracking
      - VoIP Call Setup
    - Configuring Policies and Services for VoIP
    - Activating VoIP Services for Assigned IP Subscribers
    - Setting Timeouts for Assigned IP Subscriber Sessions
  - Providing Packet Mirroring in an SRC Network
    - Packet-Mirroring Services Overview
    - Configuring Packet-Mirroring Support in an SRC Network
    - Configuring the Script Service for Packet Mirroring
    - Configuring Parameters for the Script Service for Packet Mirroring
    - Specifying Maximum Number of RADIUS Peers (SRC CLI)
    - Example: Using the Sample Packet-Mirroring Application
      - Example: Packet Mirroring for PPP Subscribers
      - Example: Packet Mirroring for DHCP Subscribers
        Configuring DHCP Subscriber Sessions
        Disabling RADIUS Authentication for DHCP Subscribers
    - Defining RADIUS Attributes for Dynamic Authorization Requests with the SAE Core API
- Managing Services in a PCMM Environment
  - Providing Premium Services in a PCMM Environment
    - PCMM Environment Overview
      - PCMM Architecture
        DOCSIS Protocol
        Service Flows
        Client Types
        Client Type 1 Single Phase Resource Reservation Model
        Client Type 2 Single Phase Resource Reservation Model
      - SRC Software in the PCMM Environment
        Traffic Profiles
      - End-to-End QoS Architecture
        Extending QoS to the Subscriber Edge Domain
        Extending QoS to the Service Edge Domain
        Provisioning End-to-End Services
        Example for Videoconferencing Services
        Example for Video-on-Demand Services
    - Using the SAE in a PCMM Environment
      - Logging In Subscribers and Creating Sessions
        Assigned IP Subscribers
        Login Interactions with Assigned IP Subscribers
        Event Notification from an IP Address Manager
        Login with Event Notification
      - SAE Communities
      - Storing Session Data
      - PCMM Record-Keeping Server Plug-In
  - Configuring the SAE for a PCMM Environment (SRC CLI)
  - Adding Objects for CMTS Devices (SRC CLI)
    - Adding Objects for CMTS Devices (SRC CLI)
    - Creating Virtual Routers for the CMTS Device (SRC CLI)
  - Using the NIC Resolver in a PCMM Environment
    - Using the NIC Resolver in PCMM Environments
  - Using PCMM Policy Servers
  - Configuring the JPS (SRC CLI)
  - Monitoring the JPS (SRC CLI)
  - Monitoring the JPS (C-Web Interface)
- Managing Services on RADIUS and Diameter Devices
  - Managing Services on Third-Party Devices in the SRC Network
  - Managing the SRC Diameter Server
    - Configuring the Diameter Application (SRC CLI)
    - Configuring Diameter Peers (SRC CLI)
  - Monitoring the SRC Diameter Server (SRC CLI)
  - Managing Services with Diameter on MX Series Routers
  - Managing an MX Series Router as a Service Node
    - Service Nodes in an SRC Environment Overview
      - SRC Software in the Service Node Environment
      - Service Node Scenario When the Access Device is Managed by the SRC Software
        User Login
        User Login Scenario When the Access Session is Created Before the PTSP Session
        User Login Scenario When the PTSP Session is Created Before the Access Session
        User Logout
    - Using the SRC Software to Support PTSP
    - Configuring SRC Software to Support Service Nodes
  - Managing Subscriber-Level Policies on MX Series Routers
  - Managing Subscriber Sessions on MX Series Routers in an SRC Network
    - Subscriber Sessions on MX Series Routers Overview
    - Managing Subscriber Sessions on MX Series Routers (SRC CLI)
      - Configuring External Subscriber Monitor (SRC CLI)
      - Configuring Pseudo–RADIUS Authorization Server Properties (SRC CLI)
        Configuring the Pseudo–RADIUS Authorization Server (SRC CLI)
        Configuring the Directory Connection Properties for the Subscriber Data
        Configuring Directory Connection Properties for the Cached DHCP Profiles
      - Configuring the NIC Proxy for the Pseudo-RADIUS Authorization Server (SRC CLI)
        Configuring Resolution Information for a NIC Proxy
        Changing the Configuration for the NIC Proxy Cache
        Configuring a NIC Proxy for NIC Replication
      - Extracting RADIUS Attributes with the Pseudo–RADIUS Authorization Server (SRC CLI)
        Extracting Interface Name Attribute Values
        Extracting Virtual Router Name Attribute Values
      - Enabling the Pseudo-RADIUS Authorization Server (SRC CLI)
      - Disabling the Pseudo-RADIUS Authorization Server (SRC CLI)
      - Setting Up MX Series Routers in the SRC Network (SRC CLI)
      - Configuring the COA Script Service for MX Series Routers (SRC CLI)
      - Configuring Parameters for the Script Service for MX Series Routers (SRC CLI)
      - Configuring Subscriptions to the Script Service
    - Viewing Statistics for the Pseudo–RADIUS Authorization Server (SRC CLI)
    - Monitoring Statistics for the Pseudo–RADIUS Authorization Server (SRC CLI)
  - Configuring Services for SRC-Managed Routers
  - Configuring PCC or ePCC Rules for Router Running Junos OS and Acting as PCEF
- Using SRC Configuration Wizards
  - SRC Configuration Wizards Overview (SRC CLI)
    - SRC Configuration Wizards Overview (SRC CLI)
      - How Configuration Wizards Work (SRC CLI)
      - Navigating Screens in the Wizard (SRC CLI)
    - Running a Configuration Wizard (SRC CLI)
  - SRC Configuration Wizards Overview (C-Web Interface)
    - SRC Configuration Wizards Overview (C-Web Interface)
      - How the Configuration Wizards Work (C-Web Interface)
      - Navigating Screens in the Wizard (C-Web Interface)
    - Running a Configuration Wizard (C-Web Interface)
  - Using the Fair Usage on MX Series Routers Configuration Wizard
    - Fair Usage on MX Series Routers Configuration Wizard Overview
    - Fair Usage on MX Series Routers Configuration Wizard Configuration Overview
    - Running the Fair Usage on MX Series Routers Configuration Wizard (SRC CLI)
- Index
  - Index

address pools
assigned IP subscribers
configuring
address pools.     See IP address pools
application manager
role, in PCMM environment
assigned IP subscribers
PCMM network    1, 2
address pools
IP address pools
setting timeouts
voice over IP

cable modem termination system.     See CMTS devices
classify-traffic condition
match direction, setting
SRC CLI
client type 1, PCMM
client type 2, PCMM
CMTS devices
adding objects to directory
SRC CLI
adding virtual router objects to directory
SRC CLI
configuration statements    1, 2
role
CMTS locator
monitoring
C-Web interface
SRC CLI
COA script services, configuring
configuration wizard
fair usage
configuration overview
running
running    1, 2
configuration wizards
fair usage
overview
overview    1, 2
conventions
notice icons
text
custom RADIUS authentication plug-ins
customer support    1
contacting JTAC

Data over Cable Service Interface Specifications.     See DOCSIS protocol
Diameter
peers
configuring    1, 2
Diameter server
clients, viewing
SRC CLI
message flows, viewing
SRC CLI
message handler, viewing
SRC CLI
monitoring
SRC CLI
peers, viewing
SRC CLI
server process, viewing
SRC CLI
server requests, viewing
SRC CLI
statistics, viewing
SRC CLI
status, viewing
SRC CLI
DOCSIS protocol
documentation
comments on
domains
IP service edge
IP subscriber edge
radio frequency
Dynamic policy changes
Dynamic policy changes, managing
dynamic RADIUS authorization requests
RADIUS packets, defining    1, 2

end-to-end services
event notification, PCMM network
configuration statements
description
properties, configuring
SRC CLI

filter actions
configuring
SRC CLI
flexible RADIUS authentication plug-ins
configuring
forwarding class actions
configuring
SRC CLI

Gx router driver
application information, configuring
SRC CLI
dynamic PCC rules, configuring
SRC CLI
flow information, configuring
SRC CLI
overview
policies, configuration statements
SRC CLI
policies, configuring
SRC CLI
policy list, configuring
SRC CLI
QoS information, configuring
SRC CLI
redirect information, configuring
SRC CLI
static PCC rules, configuring
SRC CLI
steering information, configuring
SRC CLI

IP address pools
assigned IP subscribers
assigned IP subscribers, configuring
SRC CLI
local address pools, configuring
SRC CLI
static pools, configuring
SRC CLI

JPS (Juniper Policy Server)
application manager-to-policy server interface, configuring
application manager-to-policy server interface, monitoring
C-Web interface    1, 2
SRC CLI
architecture
CMTS devices, monitoring
C-Web interface
CMTS locator, monitoring
C-Web interface
SRC CLI
JPS state, monitoring
logging, configuring
logging, modifying
message flows, monitoring
C-Web interface
SRC CLI
message handler, monitoring
C-Web interface
SRC CLI
monitoring
C-Web interface
SRC CLI    1, 2
operational status
overview
policy server-to-CMTS interface, configuring
policy server-to-CMTS interface, monitoring
C-Web interface    1, 2
SRC CLI
policy server-to-RKS interface, configuring
policy server-to-RKS interface, monitoring
C-Web interface
SRC CLI
server process, monitoring
C-Web interface
SRC CLI
starting
SRC CLI
stopping
SRC CLI
subscriber address mappings, configuring
subscriber configuration, modifying
JSRC
JSRC and PTSP configuration example
SRC CLI
Juniper Policy Server.     See JPS

login process
assigned IP subscribers, PCMM

manuals
comments on
MX Series router as a PTSP network device
MX Series router as a PTSP network device, adding
SRC CLI

NIC (network information collector)
IP address pools, configuring
SRC CLI
notice icons

packet mirroring, configuring
PCMM (PacketCable Multimedia)
application manager, role
client type 1
client type 2
CMTS device, role
configuring SAE
SRC CLI
creating sessions
description
end-to-end QoS architecture
end-to-end services
integrating SRC software
IP service edge domain
IP subscriber edge domain
logging in subscribers
assigned IP method
overview
overview
policy server, role
provisioning end-to-end services
record-keeping server
RF domain
SAE
SAE communities
session store
single-phase resource reservation model
SRC software in
description
traffic profiles
video-on-demand example
videoconferencing example
PCMM device driver
configuration statements
configuring
SRC CLI
PCMM record-keeping server plug-in
configuration statements
configuring
SRC CLI
description
plug-ins
PCMM record-keeping server plug-in
policy actions
filter
configuring, SRC CLI
forwarding class
configuring, SRC CLI
forwarding instance
configuring, SRC CLI
policy groups
configuring
SRC CLI
policy servers
adding application manager groups
SRC CLI
adding objects to directory
SRC CLI
role, in PCMM architecture
specifying application managers
SRC CLI
specifying SAE communities
SRC CLI
PTSP
configuring
SRC CLI
PTSP and JSRC configuration example
SRC CLI
PTSP configuration example
SRC CLI
PTSP policies, configuration statements
SRC CLI
ssr-writer
SRC CLI
PTSP actions
PTSP actions, configuring
SRC CLI    1, 2
PTSP classify-traffic condition
destination grouped network, configuring
SRC CLI
destination network, configuring
SRC CLI
protocol conditions with parameters, setting
SRC CLI
protocol conditions with ports, setting
SRC CLI
protocol conditions, setting
SRC CLI
TCP conditions, setting
SRC CLI
traffic match conditions, setting
SRC CLI
PTSP classify-traffic conditions
creating
SRC CLI
PTSP classify-traffic conditions, configuring
SRC CLI
PTSP device driver
overview
PTSP device driver, configuring
SRC CLI
PTSP on MX Series router
PTSP on MX Series router, configuring
SRC CLI
PTSP policer instance
PTSP policer instance, configuring
SRC CLI
PTSP policies
PTSP policies, configuring
SRC CLI
PTSP policy list
PTSP policy list, configuring
SRC CLI
PTSP policy rules
network, specifying
PTSP policy rules, configuring
SRC CLI
PTSP session store
PTSP device driver session store, configuring
SRC CLI
PTSP traffic match
conditions, setting
SRC CLI

QoS (quality of service)
PCMM environments
end-to-end QoS architecture
extending to service edge domain
extending to subscriber edge domain
searching for policies in directory
QoS profile-tracking plug-in
description
QoS profiles, routers running JunosE Software
how tracking works
managing dynamically
updating directory, using
qosProfilePublish
quality of service.     See QoS

RADIUS
vendor-specific attributes for wireless ISP roaming
record-keeping server.     See RKS
RKS (record-keeping server)
peers, configuration statements
peers, configuring in plug-ins
SRC CLI
plug-in
plug-in, configuration statements
plug-in, configuring
SRC CLI
role in PCMM environment
roaming wireless environment

SAE (service activation engine)
configuring as an application manager
SRC CLI
PCMM environment
redundancy.     See SAE communities
SAE (service activation engine), configuring
community manager
SRC CLI
event notification API properties
SRC CLI
PCMM device driver
SRC CLI    1, 2
SAE communities
configuration overview
SRC CLI
configuration statements
configuring manager
SRC CLI
defining members
SRC CLI
description
service flows
services
voice over IP (VoIP)
session store
in PCMM environment
single phase resource reservation model, PCMM
subscriber
wireless environment
support, technical     See technical support

technical support
contacting JTAC
text conventions defined
traffic policies, PCMM

wireless environment

Download This Guide

Download this guide: SRC PE 4.9.x Solutions Guide

Configuring Subscriber Access for a Wireless Location

Tasks to use the SAE to manage a wireless access point that participates in a roaming agreement are:

Configuring RADIUS Authentication

You configure RADIUS authentication for users who connect from a wireless location, and set up RADIUS authentication to support a roaming environment between wireless Internet service providers. You can use the Flexible RADIUS Authentication plug-in that is provided with the SRC software, or you can create a custom RADIUS authentication plug-in.

Configuring a Custom RADIUS Authentication Plug-In

If you create a custom plug-in, be sure that it supports the same RADIUS attributes as those configured for the flexible RADIUS authentication plug-in. See Configuring the Flexible RADIUS Authentication Plug-In.

For information about creating a custom plug-in, see SAE CORBA Plug-In Service Provider Interface (SPI) on the Juniper Networks website at: https://www.juniper.net/techpubs/software/management/src/api-index.html.

Configuring the Flexible RADIUS Authentication Plug-In

The default flexible RADIUS authentication plug-in, flexRadiusAuth, provides support for RADIUS vendor-specific attributes for WISPr, which are listed in the following procedure. These attributes use the IANA private enterprise number 14122 assigned to the Wi-Fi Alliance. For more information about these attributes, see http://www.wi-fialliance.org/opensection/wispr.asp.

You should be familiar with the general procedure for configuring the flexible RADIUS authentication plug-in before configuring it to include the WISPr attributes. For information about configuring the flexible RADIUS authentication plug-in, see Configuring Tracking Plug-Ins (SRC CLI).

When you configure the plug-in, you can use the following standard attribute values to set values in authentication response packets:

setAcctInterimTime
setSubstitution
setTerminateTime

Examples in the following procedure show how you can use these attribute values.

To configure the plug-in to support a roaming environment:

Configure attributes.
- Required attributes:
  - An identifier for the wireless location:
    vendor-specific.WISPr.Location-ID=Identifier
    This attribute can be an interface description (ifAlias) or other value that identifies the JunosE interface to which the wireless access point connects.
  - The URL of the start page returned by the RADIUS server of the ISP:
    vendor-specific.WISPr.Redirection-URL=Command to make the URL available to the SRC software
    For example:
    vendor-specific.WISPr.Redirection-URL=setProperty(“ startURL=%s” % ATTR)
    The default configuration sets a session property named startURL.
  - The URL of a page that a subscriber can use to log out of the network:
    vendor-specific.WISPr.Logoff-URL=URL of a log out page
- Bandwidth attributes (recommended):
  - The maximum transmission rate in bits per second:
    vendor-specific.WISPr.Bandwidth-Max-Up=Command to make the rate available to the SRC software
    For example:
    vendor-specific.WISPr.Bandwidth-Max-Up=setSubstitution(“ max_up_rate=%s” % ATTR)
  - The maximum receive rate in bits per second:
    vendor-specific.WISPr.Bandwidth-Max-Down=Command to make the rate available to the SRC software
    For example:
    vendor-specific.WISPr.Bandwidth-Max-Down=setSubstitution(“ max_down_rate=%s” % \ ATTR)
- Optional attributes:
  - The name of the wireless location:
    vendor-specific.WISPr.Location-Name=Name of the wireless location
  - The date and time that the subscriber session is to end:
    vendor-specific.WISPr.Session-Terminate-Time=Command to set the session terminate time
    For example:
    vendor-specific.WISPr.Session-Terminate-Time=setTerminateTime(ATTR)
  - The end of the subscriber session at the end of the billing day:
    vendor-specific.WISPr.Session-Terminate-End-Of-Day=ATTR or setTerminateTime("00:00:00")
    If the operator of the wireless location does not support daily billing, do not configure this attribute, and remove it if present.
  - A service type for billing:
    vendor-specific.WISPr.Billing-Class-Of-Service=Service type

For each attribute that you configure, configure the packet type to which the attribute applies. Table 5 shows the packet types associated with each attribute.

Table 5: Packet Types for RADIUS Attributes

RADIUS Attribute	Associated RADIUS Packet Definition
vendor-specific.WISPr.Location-ID	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Location-ID
vendor-specific.WISPr.Redirection-URL	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Redirection-URL
vendor-specific.WISPr.Logoff-URL	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Logoff-URL
vendor-specific.WISPr.Bandwidth-Max-Up	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Bandwidth-Max-Up
vendor-specific.WISPr.Maximum-Max-Down	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Maximum-Max-Down
vendor-specific.WISPr.Location-Name	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Location-Name
vendor-specific.WISPr.Session-Terminate-Time	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Session-Terminate-Time
vendor-specific.WISPr.Session-Terminate- End-Of-Day	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Session-Terminate-End-Of-Day
vendor-specific.WISPr.Billing-Class-Of-Service	RadiusPacket.stdAuth.auth.vendor-specific.WISPr.Billing-Class-Of-Service

Creating Subscriber Access to an ISP

Configure a service that lets subscribers connect to an ISP through a captive portal, a single webpage to which subscribers connect. The policies associated with the service should specify a Junos OS policing or JunosE rate-limiting policy to set the maximum bandwidth at which:

A subscriber can send traffic.
A subscriber can receive traffic.

When you configure the policies, define the bandwidth values as parameters so that the policies can be applied across a number of subscribers.

To configure a service to access the ISP:

Create the SRC service to use RADIUS authentication.
See Adding a Normal Service (SRC CLI).
Create a policy group the sets the maximum bandwidth at which a subscriber can send traffic, and the maximum bandwidth at which a subscriber can receive traffic. Use parameters to set these values.
To configure policies, see:
- Configuring Policy Groups (SRC CLI)
- Configuring Global Parameters (SRC CLI)
- Configuring Local Parameters (SRC CLI)

For example, you can create a policy configuration that includes:

A local parameter named max_up_rate that sets the maximum rate at which the subscriber can send data
A local parameter named max_down_rate that sets the maximum rate at which the subscriber can receive data
A policy group Receive(Downstream) that references max_down_rate
A policy group Send(Upstream) that references max_up_rate

Substitutions for these parameters can then be referenced in the RADIUS attributes:

vendor-specific.WISPr.Bandwidth-Max-Up=setSubstitution(“ max_up_rate=%s” % ATTR)vendor-specific.WISPr.Bandwidth-Max-Down=setSubstitution(“ max_down_rate=%s” % ATTR)

Creating Web Access

When subscribers connect to and log in to a wireless access point, they are directed to a single webpage that is referred to as a captive portal page. This page is part of a service selection portal. A captive portal page receives and manages redirected Web requests. The SRC Application Library provides an unsupported, demonstration application for a residential service selection portal.

When creating a captive portal page for a wireless roaming environment, configure the page to:

Start an access service that is configured to be authenticated by the RADIUS server of the ISP.
After the access service starts, redirect the subscriber to the page specified by the Redirect-URL RADIUS attribute. This page is the start page for the subscriber's home ISP.
You can retrieve the URL of the start page from the service session property startURL. Note that startURL is the default name used for the flexible RADIUS authentication plug-in; you can assign a different name to this property.
You can use the Subscriber.readSubscription() method in the Common Object Request Broker Architecture (CORBA) remote application programming interface (API) to retrieve the redirect URL.

Note that when you develop the portal, you can use the following methods in the SAE CORBA remote API to retrieve session data after the access service starts:

Subscriber.readSubscriber()
Subscriber.readSubscription()

For more information about these methods, see the SAE CORBA remote API documentation on the Juniper Networks website at

https://www.juniper.net/techpubs/software/management/src/api-index.html.

Setting Idle Timeout Options for the SAE

You can configure the following options to ensure that the timeout values are consistent with the requirements for your environment:

Idle timeout—Defines how long a session is idle before the connection is closed.
Adjust session time—Adjusts the session time reported in an accounting messaged by subtracting idle time from the time if the session times out.

To configure the timeout settings:

Configure the service activation authentication through a RADIUS server to return an idle timeout. This configuration requires that the RADIUS server returns the idle timeout vendor-specific attribute (VSA).
or
Configure the idle timeout in the SRC service definition. For example:
[edit services global service service1]user@host# set idle-timeout 5
Although an interval up to 5 minutes is typically recommended, for the SRC software, we recommend a minimum of 15 minutes.
Configure the adjust-session-time statement for the SAE to ensure that session time is accurately reported for accounting purposes. For example:
[edit shared sae group wireless configuration]user@host# set idle-timeout adjust-session-time