ON THIS PAGE
Juniper BNG CUPS CLI Configuration Statements
This topic provides an overview of configuration commands, including syntax and option descriptions, that you use with Juniper BNG CUPS.
address-pool-manager
Syntax
address-pool-manager { inet ip-address; port port-number; local-reserve{ partition partition-name{ prefix ipv4-prefix; } auto-reclemation { drain-delay number; } apportion-delay number; } secrets { certificate certificate-file; key private-key-file; ca-cert cacertificate-file; } } ]
Hierarchy Level
[edit access]
Description
Configures Juniper Address Pool Manager's (APM) connection to Juniper BNG CUPS. This configuration is done on the Juniper BNG Controller.
Options
inet ip-address |
APM's IPv4 address. |
port port-number |
The port that APM is listening on for incoming address pool manager connections. |
local-reserve |
A BNG CUPS Controller configured set of partitions. Partitions can be either IPv4 or IPv6 addresses. |
Partition partition-name |
The configured partion. |
prefix ipv4-prefix |
Specify an IPv4 prefix to include in the partition. |
drain-delay number |
Specifies a hold down time to wait after reconnecting with APM, to start draining local pools. |
apportion-delay number |
Specifies a hold down time to wait before entering the local apportionment mode, following the loss of connectivity with APM. |
secrets |
If the gRPC Network Management Interface (gMI) connection is secured, configure any Transport Layer Security (TLS) keys, as follows:
|
bng-director
Syntax
bng-director { bng-controller { bng-controller-name bng-cups-controller-name; security-profiles security-profile-name { ca-cert-file-name ca-certificate-name; cert-file-name certificate-name; key-file-name key-name; } user-plane { bng-user-plane-name { transport { inet ip-address; inet6 ip-address; security-profiles security-profile-name { } dynamic-address-pools { partion partition-name; } user-plane-profile bng-user-plane-profile-name; } } control-plane-instances { control-plane-instance-name { control-plane-config-group control-plane-config-group-name; user-plane bng-user-plane-name; } } subscriber-groups { } load-balancing-groups { } } } } }
Hierarchy Level
[edit groups]
Description
Configures the BNG Director on the BNG CUPS Controller. The BNG Director manages all the control plane instances (CPi).
Options
bng-controller-name bng-cups-controller-name |
The bng-cups-controller-name is a mandatory reference to the local system and can be 1 to 12 characters long. You can combine uppercase letters and lowercase letters, numbers, hyphens, and periods in this reference but cannot start or end it with a hyphen. |
security-profiles |
Secify a security profile. See security-profiles. |
user-plane |
Specify the BNG User Planes to be associated with the BNG CUPS Controller. See user-planes (bng-controller). |
control-plane-instances |
|
subscriber-groups |
See subscriber-groups. |
load-balancing-groups |
See load-balancing-groups. |
captive-portal-content-delivery-profile (Services)
Syntax
captive-portal-content-delivery-profile profile-name;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name]
Description
Configure converged HTTP redirect services on the Routing Engine. This command runs on the BNG CUPS Controller.
Options
captive-portal-content-delivery-profile
profile-name
—Name of the CPCD profile.
Required Privilege Level
services—To view this statement in the configuration.
services–control—To add this statement to the configuration.
Release Information
Statement introduced before Juniper BNG CUPS Release 23.1.
control-plane-instances
Syntax
control-plane-instances{ control-plane-instance-name{ control-plane-config-group control-plane-config-group-name; user-plane user-plane-name; } }
Hierarchy Level
[edit groups bng-director bng-controller]
Description
Control plane instances to which BNG User Planes are mapped. This mapping enables you to easily move BNG User Planes from one control plane instance to another to adapt to changing scaling or use case demands. A control plane instance is assigned to a control plane configuration group.
Options
control-plane-instance-name |
Name of the control plane instance. |
control-plane-config-group
control-plane-config-group-name |
Specify the name of an existing control plane configuration group from which the control plane instance obtains its configuration. |
user-plane user-plane-name |
Specify the name of a BNG User Plane assigned to the control plane instance. You can assign more than one BNG User Plane to a control plane instance. |
domain-profile
Syntax
domain-profile domain-profile-name{ family{ inet ip-address | inet6 ip-address{ partion-type [delegated-prefix | non-temporary-address | router-advertisement]; preferred-prefix-length number; allocation-length number; install-discard-routes{ tag <value>; backup-tag <value>; } source-partition-qualifier string; excluded-address last-octet number; dhcp-gateway-address-last-octet number; protocol-attributes dhcp-attribute; } }
Hierarchy Level
[edit access address-assignment]
Description
Configures the domain profile. The domain profile defines the BNG attributes for creating domains. The domain is created based on the framed pool received from RADIUS.
Options
domain-profile
domain-profile-name |
Set the name of the domain profile. |
family |
Specify an address family protocol. Specify |
partion-type [delegated-prefix | non-temporary-address |
router-advertisement] |
Only applies to |
preferred-prefix-length number |
Define the preferred prefix length.
|
allocation-length number |
Define the allocation length of the IPv6 address or prefix that are assigned from the dynamic address pool prefix to the subscriber. This option is supported only for the inet6 address family. |
source-partition-qualifier
string |
(Optional) A string that is applied as a suffix to the domain’s location, to create a partition name that is passed to Juniper Address Pool Manager. |
excluded-address last-octet
number |
(Optional) When you configure the preceding code phrase, the domain profile excludes all addresses with a domain pool prefix that matches the specified last-octet value. This option is supported only for the inet address family.
|
dhcp-gateway-address-last-octet
number |
specifies the value of the last byte to reserve in each dynamic pool
prefix to be used as the DHCP gateway address for the DHCP Local
Server. For example, if the dynamically allocated pool prefix is
192.32.6.0/24 and |
protocol-attributes
dhcp-attribute |
Specifies the name of the protocol attributes profile that defines the DHCP attributes to use for dynamic pools created in the domain. |
install-discard-routes tag number backup-tag
number |
(Optional) Indicates that you must configure a discard route (with the associated route tag supplied with the pool prefix) separately on the BNG User Planes to import these routes into the exported route set. Valid route tags are 0..2^(32-1) |
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.4R1.
igmp
Syntax
igmp { accounting; interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; group-threshold immediate-leave; log-interval oif-map map-name; passive; promiscuous-mode; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; } }
Hierarchy Level
[edit dynamic-profiles profile-name]
Description
Enable IGMP on the router or switch. IGMP must be enabled for the router or switch to receive multicast packets. This command runs on the BNG CUPS Controller.
The remaining statements are explained separately. See CLI Explorer.
Default
IGMP is disabled on the router or switch. IGMP is automatically enabled on all broadcast interfaces when you configure Protocol Independent Multicast (PIM) or Distance Vector Multicast Routing Protocol (DVMRP).
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
interface (Protocols IGMP)
Syntax
interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; immediate-leave; oif-map map-name; passive; promiscuous-mode; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; }
Hierarchy Level
[edit dynamic-profiles profile-name protocols]
Description
Enable IGMP on an interface and configure interface-specific properties. This command runs on the BNG CUPS Controller.
Options
interface-name—Name of the interface. Specify the full interface name, including the physical and logical address components. To configure all interfaces, you can specify all.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
interface (Protocols MLD)
Syntax
interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; group-threshold value; immediate-leave; log-interval seconds; oif-map [ map-names ]; passive; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number group-increment increment source ip-address { source-count number; source-increment increment; } } } version version; }
Hierarchy Level
[edit dynamic-profiles profile-name protocols]
Description
Enable MLD on an interface and configure interface-specific properties. This command runs on the BNG CUPS Controller.
Options
interface-name—Name of the interface. Specify the full interface name, including the physical and logical address components. To configure all interfaces, you can specify all.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
load-balancing-groups
Syntax
load-balancing-groups { group-name; user-plane bng-user-plane-name{ weight-based-mode{ port port-number{ max-weight max-weight-number; preferred; } report-based-mode port port-number{ preferred; ] }
Hierarchy Level
[edit groups bng-director bng-controller]
Description
Enables load balancing on Juniper BNG CUPS. This command runs on the BNG CUPS Controller.
Options
group-name |
Specify the load balancing group name. |
user-plane bng-user-plane-name |
Specify the BNG User Plane that is associated with the BNG CUPS Controller for load balancing. |
weight-based-mode |
Used to configure weight-based load balancing. |
report-based-mode |
Used to configure report-based load balancing. |
port port-identifier |
Specify the logical port that is associated with the BNG CUPS Controller load balancing. You use the format up:user-plane-name:physical-port-name. |
max-weight max-weight-number |
Specify the maximum weight value (1 through 255) for the logical port. |
mld
Syntax
mld { accounting; interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; immediate-leave; oif-map [ map-names ]; passive; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; } }
Hierarchy Level
{edit dynamic-profiles profile-name]
Description
Enable MLD on the router. MLD must be enabled for the router to receive multicast packets. This command runs on the BNG CUPS Controller.
Default
MLD is disabled on the router. MLD is automatically enabled on all broadcast interfaces when you configure Protocol Independent Multicast (PIM) or Distance Vector Multicast Routing Protocol (DVMRP).
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
multicast
Syntax
multicast { asm-override-ssm; backup-pe-group group-name { backups [ addresses ]; local-address address; } cont-stats-collection-interval interval; flow-map flow-map-name { bandwidth (bps | adaptive); forwarding-cache { timeout (never non-discard-entry-only | minutes); } policy [ policy-names ]; redundant-sources [ addresses ]; } forwarding-cache { threshold suppress value <reuse value>; timeout minutes; } interface interface-name { enable; maximum-bandwidth bps; no-qos-adjust; reverse-oif-mapping { no-qos-adjust; } subscriber-leave-timer seconds; } local-address address omit-wildcard-address pim-to-igmp-proxy { upstream-interface [ interface-names ]; } pim-to-mld-proxy { upstream-interface [ interface-names ]; } rpf-check-policy [ policy-names ]; scope scope-name { interface [ interface-names ]; prefix destination-prefix; } scope-policy [ policy-names ]; ssm-groups [ addresses ]; ssm-map ssm-map-name { policy [ policy-names ]; source [ addresses ]; } traceoptions { file filename <files number> <size size> <world-readable | no-world-readable>; flag flag <disable>; } }
Hierarchy Level
[edit routing-options]
Description
Configure multicast routing options properties. Note that you cannot apply a
scope policy to a specific routing instance. That is, all scoping policies are
applied to all routing instances. However, the scope
statement
does apply individually to a specific routing instance.
The multicast
command runs on the BNG CUPS Controller.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
no-usage-report
Syntax
no-usage-report;
Hierarchy Level
[edit system services resource-monitor]
Description
Disable subscriber physical interface usage reporting to the BNG CUPS Controller. This command runs on the BNG User Planes.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
overrides
Syntax
overrides { no-unsolicited-ra; statistics-reporting-interval seconds; }
Hierarchy Level
[edit groups group-name user-plane-profiles user-plane-profile-name]
Description
Override the default configuration settings for the enhanced subscriber management software for subscriber management.
Options
statistics-reporting-interval
seconds |
The interval at which statistics are reported from a BNG User Plane to the BNG CUPS Controller. The statistics reporting interval is reported in seconds.
|
no-unsolicited-ra |
Disable the default transmission and periodic refresh of unsolicited
Router Advertisement messages by the router when the subscriber
interface is created, and at configured periodic intervals
thereafter. When you include the |
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
partition
Syntax
partition partition-name;
Hierarchy Level
[edit groups bng-director bng-controller user-planes bng-user-plane-name dynamic-address-poolsl-plane]
Description
Defines the BNG User Plane partition attribute. The partition attribute defines the geographical region or area to which the BNG User Plane belongs.
For Juniper BNG CUPS to operate with Juniper Address Pool Manager, you must configure the partition attribute.
Options
partition partition-name |
Name of the partition. |
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
pfcp
Syntax
pfcp { retransmission-timer seconds; retries number; heartbeat-interval seconds; enable-tracing }
Hierarchy Level
[edit groups bng-director bng-controller]
Description
Sets the Packet Forwarding Control Protocol (PFCP) protocol attributes for the control plane manager and any other daemons using Packet Forwarding Control Protocol to communicate with their peers.
Options
pfcp |
Specify the Packet Forwarding Control Protocol protocol attributes. Note:
We recommend that you configure the BNG CUPS Controller and the BNG User Planes with the same Packet Forwarding Control Protocol attributes.
|
policy-options
Syntax
policy-options policy-statement policy-name { term term-name { from { family family-name; match-conditions; policy subroutine-policy-name; prefix-list prefix-list-name; prefix-list-filter prefix-list-name match-type <actions>; route-filter destination-prefix match-type <actions>; source-address-filter source-prefix match-type <actions>; } to { match-conditions; policy subroutine-policy-name; } then actions; } }
Hierarchy Level
[edit]
Description
Configure options such as application maps for DCBX application protocol exchange and policy statements. This command runs on the BNG User Planes.
Required Privilege Level
storage—To view this statement in the configuration.storage-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
policy-statement
Syntax
policy-statement policy-name { term term-name { from { as-path-neighbors (as-list | as-list-group); as-path-origins (as-list | as-list-group); as-path-transits (as-list | as-list-group); as-path-unique-count count (equal | orhigher | orlower); as-path-calc-length count (equal | orhigher | orlower); family family-name; match-conditions; policy subroutine-policy-name; prefix-list prefix-list-name; prefix-list-filter prefix-list-name match-type <actions>; programmed; protocol protocol-name; route-filter destination-prefix match-type <actions>; validation-database-instance { database <database-name> state (valid|invalid|unknown); state (valid|invalid|unknown); } source-address-filter source-prefix match-type <actions>; tag value; traffic-engineering; } to { match-conditions; policy subroutine-policy-name; } then actions; } then { advertise-locator; aggregate-bandwidth; dynamic-tunnel-attributes dynamic-tunnel-attributes; limit-bandwidth limit-bandwidth; multipath-resolve; no-entropy-label-capability; prefix-attribute-flags; prefix-segment { index index; node-segment; } priority (high | medium | low); resolution-map map-name; set-down-bit } }
Hierarchy Level
[edit policy-options]
Description
Define a routing policy, including subroutine policies. This command runs on the BNG User Planes.
A term is a named structure in which match conditions and actions are defined. Routing policies are made up of one or more terms. Each routing policy term is identified by a term name. The name can contain letters, numbers, and hyphens (-) and can be up to 255 characters long. To include spaces in the name, enclose the entire name in double quotation marks.
Each term contains a set of match conditions and a set of actions:
-
Match conditions are criteria that a route must match before the actions can be applied. If a route matches all criteria, one or more actions are applied to the route.
-
Actions specify whether to accept or reject the route, control how a series of policies are evaluated, and manipulate the characteristics associated with a route.
Generally, a router compares a route against the match conditions of each term in
a routing policy, starting with the first and moving through the terms in the
order in which they are defined, until a match is made and an explicitly
configured or default action of accept
or
reject
is taken. If none of the terms in the policy match
the route, the router compares the route against the next policy, and so on,
until either an action is taken or the default policy is evaluated.
If none of the match conditions of each term evaluates to true, the final action
is executed. The final action is defined in an unnamed term. Additionally, you
can define a default action (either accept
or
reject
) that overrides any action intrinsic to the
protocol.
The order of match conditions in a term is not relevant, because a route must match all match conditions in a term for an action to be taken.
To list the routing policies under the [edit policy-options]
hierarchy level by
policy-statement policy-name
in
alphabetical order, enter the show policy-options
configuration
command.
The statements are explained separately.
Options
actions
—(Optional) One or more actions to
take if the conditions match.
family family-name
—(Optional) Specify an
address family protocol. Specify inet
for IPv4. Specify
inet6
for 128-bit IPv6, and to enable interpretation of
IPv6 router filter addresses. For IS-IS traffic, specify iso
.
For IPv4 multicast VPN traffic, specify inet-mvpn
. For IPv6
multicast VPN traffic, specify inet6-mvpn
. For
multicast-distribution-tree (MDT) IPv4 traffic, specify
inet-mdt
. For BGP route target VPN traffic, specify
route-target
. For traffic engineering, specify
traffic-engineering
.
When family
is not specified, the routing device or routing
instance uses the address family or families carried by BGP. If
multiprotocol BGP (MP-BGP) is enabled, the policy defaults to the protocol
family or families carried in the network layer reachability information
(NLRI) as configured in the family statement for BGP. If MP-BGP is not
enabled, the policy uses the default BGP address family unicast IPv4.
from
—(Optional) Match a route based on its source address.
as-path-neighbors (as-list | as-list-group)
—Compares the AS that
originated the route. Evaluates if the right most AS number on the AS path
belongs to the as-list
or as-list-group
specified in the as-path-origins
configuration statement. In
the case where the route has been aggregated, and the location of the
originating AS contains an AS-set, the as-path-origins
operator
evaluates to true if any AS contained in the AS-set belongs to the
as-list
or as-list-group
specified in the
as-path-origins
configuration statement.
as-path-origins (as-list | as-list-group)
—Compares the neighbor
AS in the AS path. Evaluates if the first AS number on the AS path matches the
as-list
or as-list-group
specified in the
as-path-neighbors
configuration statement. If the
neighboring AS location happens to be an AS-set, the
as-path-neighbors
operator evaluates to true if any AS
contained in the AS-set belongs to the as-list
or
as-list-group
specified in the
as-path-neighbors
configuration statement.
as-path-transits (as-list | as-list-group)
—Compares any AS in
the AS-Path. Evaluates when any AS belongs to the as-list
or
as-list-group
specified in the
as-path-transit
configuration statement. In the case of
AS-set, the as-path-transit
operator compares all the ASes in
the AS-set.
as-path-calc-length count (equal | orhigher |
orlower)
—(Optional) Specify a number from 0 through 1024 to filter
routes based on the number of calculated autonomous systems (ASs) in the AS
path.
-
ASs in a sequence count as 1.
-
AS sets count as 1.
-
BGP confederation segments count as 0.
as-path-unique-count count (equal | orhigher |
orlower)
—(Optional) Specify a number from 0 through 1024 to filter
routes based on the total number of unique non-BGP confederation autonomous
systems (ASs) in the AS path.
Duplicate AS numbers are ignored for the count.
advertise-locator
—(Optional) Enable IS-IS to summarize and
advertise locator prefixes.
Range: 0-255
aggregate-bandwidth
—(Optional) Enable BGP to advertise aggregate
outbound link bandwidth for load balancing.
dynamic-tunnel-attributes
dynamic-tunnel-attributes
—(Optional) Choose a
set of defined dynamic tunnel attributes for forwarding traffic over V4oV6
tunnels.
match-conditions
—(Optional in
from
statement; required in to
statement)
One or more conditions to use to make a match. The qualifiers are described in
Routing Policy Match Conditions.
multipath-resolve
multipath-resolve
–(Optional) Enable the use of all
paths for resolution over the specified prefix.
limit-bandwidth limit-bandwidth
—(Optional)
Specify the limit for advertised aggregate outbound link bandwidth for load
balancing.
-
Range: 0 through 4,294,967,295 bytes
no-entropy-label-capability
—(Optional) Disable the entropy label
capability advertisement at egress or transit routes specified in the
policy.
priority (high | medium | low)
—(Optional) Configure the priority
for an IS-IS route to change the default order in which the routes are installed
in the routing table, in the event of a network topology change.
policy subroutine-policy-name
—Use another
policy as a match condition within this policy. The name identifying the
subroutine policy can contain letters, numbers, and hyphens (-) and can be up to
255 characters long. To include spaces in the name, enclose it in quotation
marks (“ ”). Policy names cannot take the form __.*-internal__
,
as this form is reserved. For information about how to configure subroutines,
see Understanding Policy Subroutines in Routing Policy Match
Conditions.
policy-name
—Name that identifies the policy.
The name can contain letters, numbers, and hyphens (-) and can be up to
255 characters long. To include spaces in the name, enclose it in quotation
marks (“ ”).
prefix-list prefix-list-name
—Name of a list
of IPv4 or IPv6 prefixes.
prefix-list-filter prefix-list-name
—Name of a
prefix list to evaluate using qualifiers;
match-type
is the type of match, and
actions
is the action to take if the
prefixes match.
programmed
—(Optional) Allow policy matches for routes injected
by JET APIs.
protocol protocol-name
—Name of the protocol
used to control traffic engineering database import at the originating
point.
You can specify options to match label IS-IS and label OSPF routes using the
l-isis
and l-ospf
options, respectively.
The isis
options matches all IS-IS routes, excluding labelled
IS-IS routes. The ospf
option matches all OSPF routes,
including OSPFv2, OSPFv3 and labelled OSPF routes.
resolution-map
—(Optional) Set resolution map modes. A given
resolution-map can be shared across multiple policy-statements.
route-filter
destination-prefix match-type
<actions>
—(Optional) List of routes on
which to perform an immediate match;
destination-prefix
is the IPv4 or
IPv6 route prefix to match, match-type
is
the type of match (see Configuring Route Lists), and
actions
is the action to take if the
destination-prefix
matches.
source-address-filter
source-prefix match-type
<actions>
—(Optional) Unicast source
addresses in multiprotocol BGP (MBGP) and Multicast Source Discovery Protocol
(MSDP) environments on which to perform an immediate match.
source-prefix
is the IPv4 or IPv6
route prefix to match, match-type
is the
type of match (see Configuring Route Lists), and
actions
is the action to take if the
source-prefix
matches.
tag value
—(Optional) A numeric value that
identifies a route. You can tag certain routes to prioritize them over other
routes. In the event of a network topology change, Junos OS updates these routes
in the routing table before updating other routes with lower priority. You can
also tag some routes to identify and reject them based on your requirement.
term term-name
—Name that identifies the term.
The term name must be unique in the policy. It can contain letters, numbers, and
hyphens (-) and can be up to 64 characters long. To include spaces in the name,
enclose the entire name in quotation marks (“ ”). A policy statement can include
multiple terms. We recommend that you name all terms. However, you do have the
option to include an unnamed term which must be the final term in the policy. To
configure an unnamed term, omit the term
statement when
defining match conditions and actions.
to
—(Optional) Match a route based on its destination address or
the protocols into which the route is being advertised.
then
—(Optional) Actions to take on matching routes. The actions
are described in Configuring Flow Control Actions and Configuring Actions That Manipulate Route Characteristics.
set-down-bit
—(Optional) Configure this option to aggregate
leaked locator routes using routing policies.
validation-database-instance
—(Optional) Name to identify a
validation-state with database name.database-name
<database-name>
—(Optional) Route Validation Database name to
be looked at. state (valid|invalid|unknown)
—(Optional) Name to
identify a validation-state
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-interval (Protocols IGMP)
Syntax
query-interval seconds;
Hierarchy Level
[edit protocols igmp]
Description
Specify how often the querier routing device sends general host-query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval.
-
Range: 1 through 1024
-
Default: 125 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-interval (Protocols MLD)
Syntax
query-interval seconds;
Hierarchy Level
{edit protocols mld]
Description
Specify how often the querier router sends general host-query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval.
-
Range: 1 through 1024
-
Default: 125 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-last-member-interval
Syntax
query-last-member-interval seconds;
Description
Specify how often the querier routing device sends group-specific query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval, in fractions of a second or seconds.
-
Range: 0.1 through 0.9, then in 1-second intervals 1 through 1024
-
Default: 1 second
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-response-interval
Syntax
query-response-interval seconds;
Description
Specify how long the querier routing device waits to receive a response to a host-query message from a host. This command runs on the BNG User Planes.
Options
seconds—The query response interval must be less than the query interval.
-
Range: 1 through 1024
-
Default: 10 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
robust-count
Syntax
robust-count number;
Description
Tune the expected packet loss on a subnet. This factor is used to calculate the group member interval, other querier present interval, and last-member query count. This command runs on the BNG User Planes.
Options
number—Robustness variable.
-
Range: 2 through 10
-
Default: 2
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
routing-engine-services
Syntax
routing-engine-services;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name service-set-options]
Description
When configuring a Routing Engine-based captive portal service, specify the service set options to apply to a service set. The services interfaces on the Routing Engine are identified with an si- prefix (for example, si-1/1/0). The si- interface contains all redirect and rewrite traffic and services for the Routing Engine. This command runs on the BNG CUPS Controller.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.1.
routing-instance
Syntax
routing-instance routing-instance-name}
Hierarchy Level
[edit system services subscriber-management mode user-plane user-plane-name user-plane-name transport]
Description
(Optional) Designate the routing instance for the BNG User Plane to communicate with the BNG CUPS Controller. If not specified, the default routing instance is used by the BNG User Plane to communicate with the BNG CUPS Controller.
Options
routing-instance-name |
The name of the routing instance to use. |
Required Privilege Level
root—To view this statement in the configuration.
root—To add this statement to the configuration.
security-profiles
Syntax
security-profiles profile-name{ ca-cert-file-name ca-certificate-name; cert-file-name certificate-name; key-file-name key-name; }
Hierarchy Level
[edit groups bng-director bng-controller user-planes transport]
Description
Defines one or more profiles that specify security requirements to secure the BNG CUPS Controller channels to the BNG User Planes using Data Transport Layer Security and Transport Layer Security. If the security-profiles is not configured, the related BNG CUPS Controller or BNG CUPS User Plane assumes that the transport interfaces are not secure.
Options
security-profiles profile-name |
Give the security profile a name. |
ca-cert-file-name
ca-certificate-name |
Name of the CA profile. |
cert-file-name certificate-name |
Name of the public certificate. |
key-file-name key-name |
Name of the private key pair. |
service-interface (Services Interfaces)
Syntax
service-interface interface-name;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name interface-service]
Description
Specify the name for the services interface associated with an interface-wide service set. This command runs on the BNG CUPS Controller.
Options
interface-name |
Identifier of the service interface. |
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.1.
selection-function
Syntax
selection-function { cluster cluster-name, cluster-name; service-group service-group-name, service-group-name; }
Hierarchy Level
[edit system services subscriber-management mode user-plane]
Description
Sets the clusters in which the BNG User Plane is a member. Also, you can set the service class that the BNG User Plane supports within each cluster.
Options
cluster cluster-name |
The name or names of the cluster to which the BNG User Plane belongs. You can enter one or more names. |
service-group
service-group-names |
The names of the service classes that the BNG User Plane supports within each cluster. You can enter one or more names. |
Required Privilege Level
root—To view this statement in the configuration.
root—To add this statement to the configuration.
subscriber-group (control-plane-managed-mode)
Syntax
subscriber-group subscriber-group-name subscriber-group-name{ virtual-mac mac-address; control-plane-managed-mode{ preferred-user-plane-name user-plane-name; redundancy-interface alpha{ logical-port up:user-plane-name:logical-port-name,up:user-plane-name:logical-port-name; } redundancy-interface beta { logical-port up:user-plane-name:logical-port-name,up:user-plane-name:logical-port-name; } } }
Hierarchy Level
[edit groups bbe-bng-director bng-controller]
Description
A group of subscribers. Subscriber sessions that are subject to the same restoration capability are placed into the same subscriber group. Grouping subscribers together helps to increase core routing efficiency. The use of subscriber groups minimizes the messaging, which reduces the elapsed time between the detection of a failure (or any request to switchover from active to backup) and the restoration of the service.
Options
subscriber-group-name
subscriber-group-name |
Specify the subscriber group name. |
virtual-mac mac-address |
A logical MAC address assigned to the subscriber group that is used for all communication between the BNG CUPS Controller and the subscriber sessions assigned to the subscriber group. This ensures that the same MAC address is used by the BNG CUPS Controller for communication with subscriber sessions, irrespective of which BNG User Plane is currently active for the subscriber group. A virtual MAC address is required for a resiliency subscriber group. |
control-plane-managed-mode |
Establishes that the BNG CUPS Controller determines which BNG User Plane is the active one for a resiliency subscriber group |
preferred-user-plane-name
user-plane-name |
When operating in control plane managed mode for a resiliency subscriber group, it establishes which of the member BNG User Planes is the preferred active BNG User Plane. |
redundancy-interface alpha
|
Configures a named set of logical ports on a BNG User Plane that is assigned to the subscriber group. |
redundancy-interface beta
|
For a resiliency subscriber group, you configure a named set of
logical ports on the BNG User Planes that are assigned to the
subscriber group. The two redundancy interfaces form a resiliency
subscriber group, that for
|
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
subscriber-group (user-plane-managed-mode)
Syntax
subscriber-group subscriber-group-name subscriber-group-name{ virtual-mac mac-address; user-plane-managed-mode{ redundancy-interface alpha{ logical-port up:user-plane-name:logical-port-name,up:user-plane-name:logical-port-name; } }
Hierarchy Level
[edit groups bbe-bng-director bng-controller]
Description
A group of subscribers. Subscriber sessions that are subject to the same restoration capability are placed into the same subscriber group. Grouping subscribers together helps to increase core routing efficiency. The use of subscriber groups minimizes the messaging, which reduces the elapsed time between the detection of a failure (or any request to switchover from active to backup) and the restoration of the service.
Options
subscriber-group-name
subscriber-group-name |
Specify the subscriber group name. |
virtual-mac mac-address |
A logical MAC address assigned to the subscriber group that is used for all communication between the BNG CUPS Controller and the subscriber sessions assigned to the subscriber group. This ensures that the same MAC address is used by the BNG CUPS Controller for communication with subscriber sessions, irrespective of which BNG User Plane is currently active for the subscriber group. A virtual MAC address is required for a resiliency subscriber group. |
user-plane-managed-mode |
Establishes that the BNG User Plane determines which BNG User Plane is the active one for a resiliency subscriber group |
redundancy-interface alpha
|
Configures a named set of logical ports on a BNG User Plane that is assigned to the subscriber group. |
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
subscriber-group-default-tag
Syntax
subscriber-group-default-tag { tag number; backup-tag number; }
Hierarchy Level
[edit access address-assignment]
Description
Configures active and backup global tags for subscriber groups.
Options
tag number |
Set the global active tag. |
backup-tag number |
Set the global backup tag. |
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.4R1.
transport
Syntax
transport { inet ip-address; security-profile security-profile-name; }
Hierarchy Level
[edit groups bng-dirctor bng-controller user-planes]
Description
Defines the transport security for all BNG CUPS Controller and BNG User Plane
inter-communication. You use the transport command to configure either the BNG
CUPS Controller or the BNG User Planes, depending on which option you choose at
the mode
level of the hierarchy.
Options
inet ip-address |
The IP address of either the BNG CUPS Controller or the BNG User Plane that you are configuring. |
security-profile
security-profile-name |
Specify the configured security profile that lists the CA profile, public certificate, and private key pair (see security-profiles). |
user-plane-profile
Syntax
user-plane-profiles { user-plane-profile-name { capabilities { hardware-family (juniper-mx | juniper-acx) } pfcp { retransmission-timer seconds; retries number; heartbeat-interval seconds; } interfaces interface-name { auto-configure { stacked-vlan-ranges { dynamic-profile <dynamic-profile-name> { accept any; ranges { any,any; } } } remove-when-no-subscribers; } } } } }
Hierarchy Level
[edit groups bbe-common-0
Description
A user-plane-profile
is a template for configuring a BNG User
Plane in terms of interfaces, pfcp behavior, and subscriber management override
behavior. A user-plane-profile
is specified as part of the BNG
User Plane configuration in the bbe-bng-director
configuration
group. It is defined in the common group configuration that is part of
the control-plane-instance
configuration. So, when a BNG
User Plane is assigned to a control-plane-instance
during its
configuration, the BNG User Plane's user-plane-profile
must be
defined in the control plane instance's
control-plane-config-group
(bbe-common-0).
Options
user-plane-profile-name |
Name of the user plane profile. |
hardware-family |
Specify configuration pertaining to the capabilities of the BNG User Plane type. Currently, only the juniper-mx BNG User Plane type is supported. You can assign this profile to all BNG User Planes with the same characteristics and use case. |
pfcp |
Specify the PFCP configuration to be used for the BNG User Plane (see pfcp). |
interfaces interface-name |
Specify interfaces configuration to be used for the BNG User Plane (see interfaces (Static and Dynamic Subscribers). |
user-planes (bng-controller)
Syntax
user-planes { bng-user-plane-name { transport { inet ip-address; security-profile security-profile-name; } dynamic-address-pools { partion partition-name; ] user-plane-profile bng-user-plane-profile-name; } }
Hierarchy Level
[edit groups bng-director bng-controller]
Description
Define the BNG User Planes that are authorized to associate with the BNG CUPS Controller. You must list each BNG User Plane.
Options
user-plane-name |
Name of the BNG User Plane. |
transport |
Specify transport information. See transport. |
dynamic-address-pools |
Specify the dynamic address pool related configuration. You should at least configure the partition name. |
partition partition-name |
The partition from which IPv4 and IPv6 addresses and prefixes are assigned. |
user-plane-profile
user-plane-profile-name |
Specify one or more user plane profiles. See user-plane-profile. |
weight
Syntax
weight weight-number;
Hierarchy Level
[edit dynamic-profiles dynamic-profiles-name interfaces $junos-interface-ifd-name unit $junos-interface-unit load-balance] [edit dynamic-profiles dynamic-profiles- name interfaces interface-set $junos-phy-ifd-interface-set-name load-balance]
Description
Set the load-balancing weight for either subscribers or the logical interface set.
You can define weight based on your needs: you can define it by using subscriber bandwidth, logical interface set bandwidth, or an even number of subscribers per logical interface set. This command runs on the BNG CUPS Controller.
Options
weight weight-number |
Defines the load-balancing weight value (1 through 255). |
Required Privilege Level
root—To view this statement in the configuration.
root—To add this statement to the configuration.