ON THIS PAGE
Juniper BNG CUPS CLI Configuration Statements
This topic provides an overview of configuration commands, including syntax and option descriptions, that you use with Juniper BNG CUPS.
address-pool-manager
Syntax
address-pool-manager { system-id unique-identifier; inet ip-address; port port-number; secrets { certificate certificate-file; key private-key-file; ca-cert cacertificate-file; } }
Hierarchy Level
[edit access]
Description
Configures Juniper Address Pool Manager's (APM) connection to Juniper BNG CUPS. This configuration is done on the Juniper BNG Controller.
Options
system-id unique-identifier |
Give the BNG CUPS Controller a unique network string identifier for its interactions with APM.
|
inet ip-address |
APM's IPv4 address. |
port port-number |
The port that APM is listening on for incoming address pool manager connections. |
secrets |
If the gRPC Network Management Interface (gMI) connection is secured, configure any Transport Layer Security (TLS) keys, as follows:
|
captive-portal-content-delivery-profile (Services)
Syntax
captive-portal-content-delivery-profile profile-name;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name]
Description
Configure converged HTTP redirect services on the Routing Engine. This command runs on the BNG CUPS Controller.
Options
captive-portal-content-delivery-profile
profile-name
—Name of the CPCD profile.
Required Privilege Level
services—To view this statement in the configuration.
services–control—To add this statement to the configuration.
Release Information
Statement introduced before Juniper BNG CUPS Release 23.1.
control-plane
Syntax
control-plane { control-plane-name bng-cups-controller-name; transport { inet ip-address; inet6 ip-address; } user-plane bng-user-plane-name { inet ip-address; inet6 ip-address; netconf { user-name username; password password; port port-number; statistics-reporting-interval minutes } } pfcp { retransmission-timer seconds; retries number; heartbeat-interval seconds; } }
Hierarchy Level
[edit system services subscriber-management mode]
Description
Sets the system to take on the role of the Juniper BNG CUPS Controller.
Options
control-plane-name
bng-cups-controller-name |
The |
transport |
The transport stanza is a mandatory stanza that defines the transport
address on which the control plane manager listens for incoming
association requests. The control plane manager can listen on an
IPv4 address or an IPv6 address. On Juniper BNG CUPS Controller,
only the
|
user-plane bng-user-plane-name |
Defines the BNG User Planes that are authorized to associate with the BNG CUPS Controller. You must list each BNG User Plane.
|
pfcp |
Specify the Packet Forwarding Control Protocol protocol attributes for the control plane manager and any other daemons using Packet Forwarding Control Protocol to communicate with their peers. Note:
We recommend that you configure the BNG CUPS Controller and the BNG User Planes with the same Packet Forwarding Control Protocol attributes.
|
domain-profile
Syntax
domain-profile domain-profile-name{ family inet { preferred-prefix-length number; source-partition-qualifier string; excluded-address last-octet number; install-discard-routes; } }
Hierarchy Level
[edit access address-assignment]
Description
Configures the domain profile. The domain profile defines the BNG attributes for creating domains. The domain is created based on the framed pool received from RADIUS.
Options
domain-profile
domain-profile-name |
Set the name of the domain profile. |
preferred-prefix-length number |
Define the preferred prefix length.
|
source-partition-qualifier
string |
(Optional) A string that is applied as a suffix to the domain’s location, to create a partition name that is passed to Juniper Address Pool Manager. |
excluded-address last-octet
number |
(Optional) When you configure the preceding code phrase, the domain profile excludes all addresses with a domain pool prefix that matches the specified last-octet value.
|
install-discard-routes |
(Optional) Indicates that you must configure a discard route (with the associated route tag supplied with the pool prefix) separately on the BNG User Planes to import these routes into the exported route set. |
igmp
Syntax
igmp { accounting; interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; group-threshold immediate-leave; log-interval oif-map map-name; passive; promiscuous-mode; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; } }
Hierarchy Level
[edit dynamic-profiles profile-name]
Description
Enable IGMP on the router or switch. IGMP must be enabled for the router or switch to receive multicast packets. This command runs on the BNG CUPS Controller.
The remaining statements are explained separately. See CLI Explorer.
Default
IGMP is disabled on the router or switch. IGMP is automatically enabled on all broadcast interfaces when you configure Protocol Independent Multicast (PIM) or Distance Vector Multicast Routing Protocol (DVMRP).
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
interface (Protocols IGMP)
Syntax
interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; immediate-leave; oif-map map-name; passive; promiscuous-mode; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; }
Hierarchy Level
[edit dynamic-profiles profile-name protocols]
Description
Enable IGMP on an interface and configure interface-specific properties. This command runs on the BNG CUPS Controller.
Options
interface-name—Name of the interface. Specify the full interface name, including the physical and logical address components. To configure all interfaces, you can specify all.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
interface (Protocols MLD)
Syntax
interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; group-threshold value; immediate-leave; log-interval seconds; oif-map [ map-names ]; passive; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number group-increment increment source ip-address { source-count number; source-increment increment; } } } version version; }
Hierarchy Level
[edit dynamic-profiles profile-name protocols]
Description
Enable MLD on an interface and configure interface-specific properties. This command runs on the BNG CUPS Controller.
Options
interface-name—Name of the interface. Specify the full interface name, including the physical and logical address components. To configure all interfaces, you can specify all.
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
load-balancing
Syntax
load-balancing { group group-name; user-plane bng-user-plane-name { preferred; port port-number max-weight max-weight-number; } }
Hierarchy Level
[edit system services subscriber-management mode control-panel]
Description
Enables load balancing on Juniper BNG CUPS. This command runs on the BNG CUPS Controller.
Options
group group-name |
Specify the load-balancing group. |
user-plane bng-user-plane-name |
Specify the BNG User Plane that is associated with the BNG CUPS Controller for load balancing. |
port port-identifier |
Specify the logical port that is associated with the BNG CUPS Controller load balancing. |
max-weight max-weight-number |
Specify the maximum weight value (1 through 255) for the logical port. |
mld
Syntax
mld { accounting; interface interface-name { (accounting | no-accounting); disable; distributed; group-limit limit; group-policy [ policy-names ]; immediate-leave; oif-map [ map-names ]; passive; ssm-map ssm-map-name; ssm-map-policy ssm-map-policy-name; static { group multicast-group-address { exclude; group-count number; group-increment increment; source ip-address { source-count number; source-increment increment; } } } version version; } }
Hierarchy Level
{edit dynamic-profiles profile-name]
Description
Enable MLD on the router. MLD must be enabled for the router to receive multicast packets. This command runs on the BNG CUPS Controller.
Default
MLD is disabled on the router. MLD is automatically enabled on all broadcast interfaces when you configure Protocol Independent Multicast (PIM) or Distance Vector Multicast Routing Protocol (DVMRP).
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
multicast
Syntax
multicast { asm-override-ssm; backup-pe-group group-name { backups [ addresses ]; local-address address; } cont-stats-collection-interval interval; flow-map flow-map-name { bandwidth (bps | adaptive); forwarding-cache { timeout (never non-discard-entry-only | minutes); } policy [ policy-names ]; redundant-sources [ addresses ]; } forwarding-cache { threshold suppress value <reuse value>; timeout minutes; } interface interface-name { enable; maximum-bandwidth bps; no-qos-adjust; reverse-oif-mapping { no-qos-adjust; } subscriber-leave-timer seconds; } local-address address omit-wildcard-address pim-to-igmp-proxy { upstream-interface [ interface-names ]; } pim-to-mld-proxy { upstream-interface [ interface-names ]; } rpf-check-policy [ policy-names ]; scope scope-name { interface [ interface-names ]; prefix destination-prefix; } scope-policy [ policy-names ]; ssm-groups [ addresses ]; ssm-map ssm-map-name { policy [ policy-names ]; source [ addresses ]; } traceoptions { file filename <files number> <size size> <world-readable | no-world-readable>; flag flag <disable>; } }
Hierarchy Level
[edit routing-options]
Description
Configure multicast routing options properties. Note that you cannot apply a
scope policy to a specific routing instance. That is, all scoping policies are
applied to all routing instances. However, the scope
statement
does apply individually to a specific routing instance.
The multicast
command runs on the BNG CUPS Controller.
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
no-usage-report
Syntax
no-usage-report;
Hierarchy Level
[edit system services resource-monitor]
Description
Disable subscriber physical interface usage reporting to the BNG CUPS Controller. This command runs on the BNG User Planes.
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
partition
Syntax
partition partition-name;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name]
Description
Defines the BNG User Plane partition attribute. The partition attribute defines the geographical region or area to which the BNG User Plane belongs.
For Juniper BNG CUPS to operate with Juniper Address Pool Manager, you must configure the partition attribute.
Options
partition partition-name |
Name of the partition. |
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
policy-options
Syntax
policy-options policy-statement policy-name { term term-name { from { family family-name; match-conditions; policy subroutine-policy-name; prefix-list prefix-list-name; prefix-list-filter prefix-list-name match-type <actions>; route-filter destination-prefix match-type <actions>; source-address-filter source-prefix match-type <actions>; } to { match-conditions; policy subroutine-policy-name; } then actions; } }
Hierarchy Level
[edit]
Description
Configure options such as application maps for DCBX application protocol exchange and policy statements. This command runs on the BNG User Planes.
Required Privilege Level
storage—To view this statement in the configuration.storage-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
policy-statement
Syntax
policy-statement policy-name { term term-name { from { as-path-neighbors (as-list | as-list-group); as-path-origins (as-list | as-list-group); as-path-transits (as-list | as-list-group); as-path-unique-count count (equal | orhigher | orlower); as-path-calc-length count (equal | orhigher | orlower); family family-name; match-conditions; policy subroutine-policy-name; prefix-list prefix-list-name; prefix-list-filter prefix-list-name match-type <actions>; programmed; protocol protocol-name; route-filter destination-prefix match-type <actions>; validation-database-instance { database <database-name> state (valid|invalid|unknown); state (valid|invalid|unknown); } source-address-filter source-prefix match-type <actions>; tag value; traffic-engineering; } to { match-conditions; policy subroutine-policy-name; } then actions; } then { advertise-locator; aggregate-bandwidth; dynamic-tunnel-attributes dynamic-tunnel-attributes; limit-bandwidth limit-bandwidth; multipath-resolve; no-entropy-label-capability; prefix-attribute-flags; prefix-segment { index index; node-segment; } priority (high | medium | low); resolution-map map-name; set-down-bit } }
Hierarchy Level
[edit policy-options]
Description
Define a routing policy, including subroutine policies. This command runs on the BNG User Planes.
A term is a named structure in which match conditions and actions are defined. Routing policies are made up of one or more terms. Each routing policy term is identified by a term name. The name can contain letters, numbers, and hyphens (-) and can be up to 255 characters long. To include spaces in the name, enclose the entire name in double quotation marks.
Each term contains a set of match conditions and a set of actions:
-
Match conditions are criteria that a route must match before the actions can be applied. If a route matches all criteria, one or more actions are applied to the route.
-
Actions specify whether to accept or reject the route, control how a series of policies are evaluated, and manipulate the characteristics associated with a route.
Generally, a router compares a route against the match conditions of each term in
a routing policy, starting with the first and moving through the terms in the
order in which they are defined, until a match is made and an explicitly
configured or default action of accept
or
reject
is taken. If none of the terms in the policy match
the route, the router compares the route against the next policy, and so on,
until either an action is taken or the default policy is evaluated.
If none of the match conditions of each term evaluates to true, the final action
is executed. The final action is defined in an unnamed term. Additionally, you
can define a default action (either accept
or
reject
) that overrides any action intrinsic to the
protocol.
The order of match conditions in a term is not relevant, because a route must match all match conditions in a term for an action to be taken.
To list the routing policies under the [edit policy-options]
hierarchy level by
policy-statement policy-name
in
alphabetical order, enter the show policy-options
configuration
command.
The statements are explained separately.
Options
actions
—(Optional) One or more actions to
take if the conditions match.
family family-name
—(Optional) Specify an
address family protocol. Specify inet
for IPv4. Specify
inet6
for 128-bit IPv6, and to enable interpretation of
IPv6 router filter addresses. For IS-IS traffic, specify iso
.
For IPv4 multicast VPN traffic, specify inet-mvpn
. For IPv6
multicast VPN traffic, specify inet6-mvpn
. For
multicast-distribution-tree (MDT) IPv4 traffic, specify
inet-mdt
. For BGP route target VPN traffic, specify
route-target
. For traffic engineering, specify
traffic-engineering
.
When family
is not specified, the routing device or routing
instance uses the address family or families carried by BGP. If
multiprotocol BGP (MP-BGP) is enabled, the policy defaults to the protocol
family or families carried in the network layer reachability information
(NLRI) as configured in the family statement for BGP. If MP-BGP is not
enabled, the policy uses the default BGP address family unicast IPv4.
from
—(Optional) Match a route based on its source address.
as-path-neighbors (as-list | as-list-group)
—Compares the AS that
originated the route. Evaluates if the right most AS number on the AS path
belongs to the as-list
or as-list-group
specified in the as-path-origins
configuration statement. In
the case where the route has been aggregated, and the location of the
originating AS contains an AS-set, the as-path-origins
operator
evaluates to true if any AS contained in the AS-set belongs to the
as-list
or as-list-group
specified in the
as-path-origins
configuration statement.
as-path-origins (as-list | as-list-group)
—Compares the neighbor
AS in the AS path. Evaluates if the first AS number on the AS path matches the
as-list
or as-list-group
specified in the
as-path-neighbors
configuration statement. If the
neighboring AS location happens to be an AS-set, the
as-path-neighbors
operator evaluates to true if any AS
contained in the AS-set belongs to the as-list
or
as-list-group
specified in the
as-path-neighbors
configuration statement.
as-path-transits (as-list | as-list-group)
—Compares any AS in
the AS-Path. Evaluates when any AS belongs to the as-list
or
as-list-group
specified in the
as-path-transit
configuration statement. In the case of
AS-set, the as-path-transit
operator compares all the ASes in
the AS-set.
as-path-calc-length count (equal | orhigher |
orlower)
—(Optional) Specify a number from 0 through 1024 to filter
routes based on the number of calculated autonomous systems (ASs) in the AS
path.
-
ASs in a sequence count as 1.
-
AS sets count as 1.
-
BGP confederation segments count as 0.
as-path-unique-count count (equal | orhigher |
orlower)
—(Optional) Specify a number from 0 through 1024 to filter
routes based on the total number of unique non-BGP confederation autonomous
systems (ASs) in the AS path.
Duplicate AS numbers are ignored for the count.
advertise-locator
—(Optional) Enable IS-IS to summarize and
advertise locator prefixes.
Range: 0-255
aggregate-bandwidth
—(Optional) Enable BGP to advertise aggregate
outbound link bandwidth for load balancing.
dynamic-tunnel-attributes
dynamic-tunnel-attributes
—(Optional) Choose a
set of defined dynamic tunnel attributes for forwarding traffic over V4oV6
tunnels.
match-conditions
—(Optional in
from
statement; required in to
statement)
One or more conditions to use to make a match. The qualifiers are described in
Routing Policy Match Conditions.
multipath-resolve
multipath-resolve
–(Optional) Enable the use of all
paths for resolution over the specified prefix.
limit-bandwidth limit-bandwidth
—(Optional)
Specify the limit for advertised aggregate outbound link bandwidth for load
balancing.
-
Range: 0 through 4,294,967,295 bytes
no-entropy-label-capability
—(Optional) Disable the entropy label
capability advertisement at egress or transit routes specified in the
policy.
priority (high | medium | low)
—(Optional) Configure the priority
for an IS-IS route to change the default order in which the routes are installed
in the routing table, in the event of a network topology change.
policy subroutine-policy-name
—Use another
policy as a match condition within this policy. The name identifying the
subroutine policy can contain letters, numbers, and hyphens (-) and can be up to
255 characters long. To include spaces in the name, enclose it in quotation
marks (“ ”). Policy names cannot take the form __.*-internal__
,
as this form is reserved. For information about how to configure subroutines,
see Understanding Policy Subroutines in Routing Policy Match
Conditions.
policy-name
—Name that identifies the policy.
The name can contain letters, numbers, and hyphens (-) and can be up to
255 characters long. To include spaces in the name, enclose it in quotation
marks (“ ”).
prefix-list prefix-list-name
—Name of a list
of IPv4 or IPv6 prefixes.
prefix-list-filter prefix-list-name
—Name of a
prefix list to evaluate using qualifiers;
match-type
is the type of match, and
actions
is the action to take if the
prefixes match.
programmed
—(Optional) Allow policy matches for routes injected
by JET APIs.
protocol protocol-name
—Name of the protocol
used to control traffic engineering database import at the originating
point.
You can specify options to match label IS-IS and label OSPF routes using the
l-isis
and l-ospf
options, respectively.
The isis
options matches all IS-IS routes, excluding labelled
IS-IS routes. The ospf
option matches all OSPF routes,
including OSPFv2, OSPFv3 and labelled OSPF routes.
resolution-map
—(Optional) Set resolution map modes. A given
resolution-map can be shared across multiple policy-statements.
route-filter
destination-prefix match-type
<actions>
—(Optional) List of routes on
which to perform an immediate match;
destination-prefix
is the IPv4 or
IPv6 route prefix to match, match-type
is
the type of match (see Configuring Route Lists), and
actions
is the action to take if the
destination-prefix
matches.
source-address-filter
source-prefix match-type
<actions>
—(Optional) Unicast source
addresses in multiprotocol BGP (MBGP) and Multicast Source Discovery Protocol
(MSDP) environments on which to perform an immediate match.
source-prefix
is the IPv4 or IPv6
route prefix to match, match-type
is the
type of match (see Configuring Route Lists), and
actions
is the action to take if the
source-prefix
matches.
tag value
—(Optional) A numeric value that
identifies a route. You can tag certain routes to prioritize them over other
routes. In the event of a network topology change, Junos OS updates these routes
in the routing table before updating other routes with lower priority. You can
also tag some routes to identify and reject them based on your requirement.
term term-name
—Name that identifies the term.
The term name must be unique in the policy. It can contain letters, numbers, and
hyphens (-) and can be up to 64 characters long. To include spaces in the name,
enclose the entire name in quotation marks (“ ”). A policy statement can include
multiple terms. We recommend that you name all terms. However, you do have the
option to include an unnamed term which must be the final term in the policy. To
configure an unnamed term, omit the term
statement when
defining match conditions and actions.
to
—(Optional) Match a route based on its destination address or
the protocols into which the route is being advertised.
then
—(Optional) Actions to take on matching routes. The actions
are described in Configuring Flow Control Actions and Configuring Actions That Manipulate Route Characteristics.
set-down-bit
—(Optional) Configure this option to aggregate
leaked locator routes using routing policies.
validation-database-instance
—(Optional) Name to identify a
validation-state with database name.database-name
<database-name>
—(Optional) Route Validation Database name to
be looked at. state (valid|invalid|unknown)
—(Optional) Name to
identify a validation-state
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-interval (Protocols IGMP)
Syntax
query-interval seconds;
Hierarchy Level
[edit protocols igmp]
Description
Specify how often the querier routing device sends general host-query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval.
-
Range: 1 through 1024
-
Default: 125 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-interval (Protocols MLD)
Syntax
query-interval seconds;
Hierarchy Level
{edit protocols mld]
Description
Specify how often the querier router sends general host-query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval.
-
Range: 1 through 1024
-
Default: 125 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-last-member-interval
Syntax
query-last-member-interval seconds;
Description
Specify how often the querier routing device sends group-specific query messages. This command runs on the BNG User Planes.
Options
seconds—Time interval, in fractions of a second or seconds.
-
Range: 0.1 through 0.9, then in 1-second intervals 1 through 1024
-
Default: 1 second
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
query-response-interval
Syntax
query-response-interval seconds;
Description
Specify how long the querier routing device waits to receive a response to a host-query message from a host. This command runs on the BNG User Planes.
Options
seconds—The query response interval must be less than the query interval.
-
Range: 1 through 1024
-
Default: 10 seconds
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
robust-count
Syntax
robust-count number;
Description
Tune the expected packet loss on a subnet. This factor is used to calculate the group member interval, other querier present interval, and last-member query count. This command runs on the BNG User Planes.
Options
number—Robustness variable.
-
Range: 2 through 10
-
Default: 2
Required Privilege Level
routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 22.4R1.
routing-engine-services
Syntax
routing-engine-services;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name service-set-options]
Description
When configuring a Routing Engine-based captive portal service, specify the service set options to apply to a service set. The services interfaces on the Routing Engine are identified with an si- prefix (for example, si-1/1/0). The si- interface contains all redirect and rewrite traffic and services for the Routing Engine. This command runs on the BNG CUPS Controller.
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.1.
security-profile
Syntax
security-profile profile-name{ ca-cert-file-name ca-certificate-name; cert-file-name certificate-name; key-file-name key-name; }
Hierarchy Level
[edit system services subscriber-management]
Description
Defines the security requirements needed for Data Transport Layer Security and Transport Layer Security secure connections. If the security-profile is not configured, the related BNG CUPS Controller or BNG CUPS User Plane assumes that the transport interfaces are not secure.
Options
security-profile profile-name |
Give the security profile a name. |
ca-cert-file-name
ca-certificate-name |
Name of the CA profile. |
cert-file-name certificate-name |
Name of the public certificate. |
key-file-name key-name |
Name of the private key pair. |
service-interface (Services Interfaces)
Syntax
service-interface interface-name;
Hierarchy Level
[edit system services subscriber-management mode control-plane user-plane bng-user-plane-name service-set service-set-name interface-service]
Description
Specify the name for the services interface associated with an interface-wide service set. This command runs on the BNG CUPS Controller.
Options
interface-name |
Identifier of the service interface. |
Required Privilege Level
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
Release Information
Statement introduced in Juniper BNG CUPS Release 23.1.
selection-function
Syntax
selection-function { cluster cluster-name, cluster-name; service-group service-group-name, service-group-name; }
Hierarchy Level
[edit system services subscriber-management mode user-plane]
Description
Sets the clusters in which the BNG User Plane is a member. Also, you can set the service class that the BNG User Plane supports within each cluster.
Options
cluster cluster-name |
The name or names of the cluster to which the BNG User Plane belongs. You can enter one or more names. |
service-group
service-group-names |
The names of the service classes that the BNG User Plane supports within each cluster. You can enter one or more names. |
transport
Syntax
transport { inet ip-address; security-profile security-profile-name; }
Hierarchy Level
[edit system services subscriber-management mode (control-plane|user-plane)]
Description
Defines the transport security for all BNG CUPS Controller and BNG User Plane
inter-communication. You use the transport command to configure either the BNG
CUPS Controller or the BNG User Planes, depending on which option you choose at
the mode
level of the hierarchy.
Options
inet ip-address |
The IP address of either the BNG CUPS Controller or the BNG User Plane that you are configuring. |
security-profile
security-profile-name |
Specify the configured security profile that lists the CA profile, public certificate, and private key pair (see security-profile). |
user-plane
Syntax
user-plane { user-plane-name bng-user-plane-name; transport { inet ip-address | inet6 ip-address } control-plane control-plane-name bng-cups-controller-name; transport { inet ip-address | inet6 ip-address; } } pfcp { retransmission-timer seconds; retries number; heartbeat-interval seconds; } selection-function { cluster cluster-name, cluster-name; service-group service-group-name, service-group-name; }
Hierarchy Level
[edit system services subscriber-management mode]
Description
Sets the system to take on the role of a BNG User Plane.
Options
user-plane-name
bng-user-plane-name |
The
|
transport (user-plane-name) |
The transport stanza is a mandatory stanza that defines the source address from which the BNG User Plane initiates associations.
|
control-plane-name
bng-cups-controller-name |
Defines the BNG CUPS Controller to which this BNG User Plane will
associate. The |
transport (control-plane-name) |
Defines the IPv4 or IPv6 address and port number of the BNG CUPS Controller with which the BNG User Plane attempts to make an association. The address family that you choose must match the family in the BNG User Plane's transport stanza.
|
pfcp |
Specify the Packet Forwarding Control Protocol protocol attributes for the control plane manager and any other daemons using Packet Forwarding Control Protocol to communicate with their peer.
|
selection-function |
Sets the clusters in which the BNG User Plane is a member. Also, you can
set the service class that the BNG User Plane supports within each
cluster.
|
weight
Syntax
weight weight-number;
Hierarchy Level
[edit dynamic-profiles dynamic-profiles-name interfaces $junos-interface-ifd-name unit $junos-interface-unit load-balance] [edit dynamic-profiles dynamic-profiles- name interfaces interface-set $junos-phy-ifd-interface-set-name load-balance]
Description
Set the load-balancing weight for either subscribers or the logical interface set.
You can define weight based on your needs: you can define it by using subscriber bandwidth, logical interface set bandwidth, or an even number of subscribers per logical interface set. This command runs on the BNG CUPS Controller.
Options
weight weight-number |
Defines the load-balancing weight value (1 through 255). |