Technical Documentation

Configuring Static PTSP Rules

You can configure the static PTSP policies on the router. If the PTSP service is configured on the underlying interface, the PTSP service enforces the policies associated with the subscriber context.

To configure static PTSP rules:

  1. Specify the rule that you want to configure.
    [edit services ptsp]user@host# edit rule ptspRule1
  2. Specify the direction in which the rule match is applied.
    [edit services ptsp rule ptspRule1]user@host# set match-direction input
  3. Specify the IP address used for the subscriber context. Subscriber instantiation is always triggered for ingress packets, so this value indicates which IP address in the ingress packets for the flow is used.
    [edit services ptsp rule ptspRule1]user@host# set demux source-address
  4. Specify the statistics aggregation, collection, and reporting style. Terms and rules cannot mix and match different styles.
    [edit services ptsp rule ptspRule1]user@host# set count-type rule

    If you specify the rule style, statistics collection is performed by the Diameter application. If you specify the application style, statistics collection is in a flat file controlled by the local policy decision function (L-PDF).

  5. (Optional) Specify the forward rule used for forwarding packets. See Configuring the PTSP Forwarding Instance.
    [edit services ptsp rule ptspRule1]user@host# set forward-rule forward-rule-name
  6. Configure the term precedence for the rule.
    [edit services ptsp rule ptspRule1]user@host# edit term 1
  7. Configure the match conditions for the term. See Table 1.
    [edit services ptsp rule ptspRule1 term 1]user@host# set from remote-address-range low 203.0.0.2 high 203.0.0.100user@host# set from remote-address-range low 204.0.0.2 high 204.0.0.253
  8. (Optional) Specify the action taken when the match conditions are met. See Table 2.
    [edit services ptsp rule ptspRule1 term 1]user@host# set then count ruleuser@host# set then accept

Table 1 describes the match conditions for PTSP rules.

Table 1: PTSP Match Conditions

Match Condition

Description

application-group-any

Application group name defined in the application identification configuration.

application-groups [ application-group-name ]

Application group name defined in the application identification configuration.

applications

Application name defined in the application identification configuration.

local-port-range low low-value high high-value

Local port range.

local-ports value-list

Local ports.

protocol protocol-number

IP protocol number.

remote-address (address | any-unicast)

Remote IP address. IPv4 only.

remote-address-range low low-value
high low-value

Remote address range. IPv4 only.

remote-port-range low low-value high high-value

Remote port range.

remote-ports value-list

Remote ports.

remote-prefix-list prefix-list-name

Prefixes in the specified list.

Table 2 describes the actions for PTSP rules.

Table 2: PTSP Actions

Action or Action Modifier

Description

accept

Accept the packet.

count

Increment the specified counter.

discard

Drop the packet.

forwarding-class

Classify the packet into the specified forwarding class.

police

Rate-limit packets based on the specified policer.


Published: 2010-04-15