User manual JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X BROADBAND ACCESS CONFIGURATION GUIDE 4-1-2010
Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... DON'T FORGET : ALWAYS READ THE USER GUIDE BEFORE BUYING !!!
If this document matches the user guide, instructions manual or user manual, feature sets, schematics you are looking for, download it now. Lastmanuals provides you a fast and easy access to the user manual JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X. We hope that this JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X user guide will be useful to you.
Lastmanuals help download the user guide JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X.
You may also download the following manuals related to this product:
JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X COMMAND REFERENCE A TO M 1-11-2010 (6806 ko)
JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X LINK LAYER CONFIGURATION GUIDE 4-1-2010 (7744 ko)
Manual abstract: user guide JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.XBROADBAND ACCESS CONFIGURATION GUIDE 4-1-2010
Detailed instructions for use are in the User's Guide.
[. . . ] JUNOSeTM Software for E SeriesTM Broadband Services Routers
Broadband Access Configuration Guide
Release 11. 0. x
Juniper Networks, Inc.
1194 North Mathilda Avenue Sunnyvale, California 94089 USA 408-745-2000
www. juniper. net
Published: 2010-01-04
Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. [. . . ] (L2TP supports only IP version 4 [IPv4]. )
host1(config-tunnel-group-tunnel)#medium ipv4
12. Specify the L2TP tunnel type (RADIUS attribute 64, Tunnel-Type). Currently, the
only supported value is L2TP.
host1(config-tunnel-group-tunnel)#type l2tp
13. Verify the L2TP tunnel configuration.
host1(config)# show aaa domain-map Domain: westford. com; router-name: default; ipv6-router-name: default Tunnel Tag -----3 Tunnel Peer -----------192. 168. 2. 13 Tunnel Tunnel Source ----------192. 168. 3. 3 Tunnel Tunnel Type -----l2tp Tunnel Medium -----ipv4 Tunnel Password --------temporary Tunnel Tunnel Id -----acton Tunnel Client Name -----host4
358
Mapping User Domain Names to L2TP Tunnels from Tunnel Group Tunnel Mode
Chapter 12: Configuring an L2TP LAC
Tunnel Tag -----3
Server Name -----boston
Tunnel Preference ---------5
Max Sessions -------0
Tunnel RWS -------------system chooses
Virtual Router ------vr2
host1#show aaa tunnel-parameters Tunnel password is 3&92k%b#q4 Tunnel client-name is <NULL> Tunnel nas-port-method is none Tunnel nas-port ignore disabled Tunnel nas-port-type ignore disabled tunnel assignmentId format is assignmentId aaa tunnel calling number format is descriptive
Related Topics
Mapping User Domain Names to L2TP Tunnels from Domain Map Tunnel Mode on page 353 aaa tunnel-group address client-name command identification command medium ipv4 command password command preference command router-name server-name source-address tunnel type
Configuring the RX Speed on the LAC
You can configure the E Series LAC to always generate L2TP Receive (RX) Speed AVP 38. If you do not specify this command, the RX Speed AVP is generated only when the RX speed differs from the TX speed. The AVPs can be used to generate the RADIUS Connect-Info attribute [77] on the LNS. To set up the router to always generate the Receive Speed (AVP 38), complete the following steps:
1.
On the ATM subinterface, configure the advisory receive speed. See Configuring ATM in the JUNOSe Link Layer Configuration Guide for information about configuring the advisory speed.
host1(config-subif)#atm atm1483 advisory-rx-speed 2000
Configuring the RX Speed on the LAC
359
JUNOSe 11. 0. x Broadband Access Configuration Guide
2.
Specify that the RX Speed AVP is always generated. If you do not specify this command, the RX Speed AVP is generated only when the RX speed differs from the TX speed.
host1(config)#l2tp rx-connect-speed-when-equal
Related Topics
atm atm1483 advisory-rx-speed l2tp rx-connect-speed-when-equal command
Managing the L2TP Destination Lockout Process
When multiple sets of tunneling parameters are available, L2TP uses a selection algorithm to choose the best tunnel for subscriber traffic. As part of this selection process, the JUNOSe software's L2TP implementation includes a lockout feature in which the router locks out, or disregards, destinations that are assumed to be unavailable. By default, when a destination becomes unavailable, L2TP locks out that destination for a lockout timeout of 300 seconds (5 minutes). After the lockout timeout expires, L2TP assumes that the destination is now available and includes the destination when performing the selection algorithm. Tasks to manage the L2TP lockout process include: 1. Modifying the Lockout Procedure on page 360 2. Verifying That a Locked-Out Destination Is Available on page 362 3. Configuring a Lockout Timeout on page 362 4. Unlocking a Destination that is Currently Locked Out on page 362 5. Starting an Immediate Lockout Test on page 363
Modifying the Lockout Procedure
You can optionally configure your own lockout procedure by specifying the lockout timeout you want to use or enabling a lockout test, or both. When the lockout timeout expires, the destination is either immediately unlocked (if lockout testing is not enabled) or begins the lockout test to verify that the destination is available. L2TP performs the lockout test by attempting to establish a tunnel to the unavailable destination. For the test, L2TP must first obtain the parameters for a tunnel to the destination. If no such tunnel currently exists, L2TP must wait until it receives a new session request that has tunnel parameters for the locked out destination. [. . . ] See DNIS digital subscriber line access multiplexers. See DSLs disable proxy lcp command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 Disconnect-Cause (RADIUS attribute 26-51). . . . . . . . . . . . . . . 221 Disconnect-Request messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 DNIS (dialed number identification service). . . . . . . . . . . 9, 372 DNS (Domain Name System) assigning IP addresses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 DNS addresses order of preference in allocation to clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 DNS domain names list of configured in IPv6 local address pools. . . . . . . . . 104 order of preference in responses to clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
734
Index
Index
DNS domains configuring more than one using the CLI interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 in IPv6 local address pools processing client requests for resolution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 in responses to clients Domain Search List option and. . . . . . . . . . . . . . . . . . . . 106 maximum number in IPv6 local address pools. . . . . . . . . . . . . . . . . . . . . . . . . . . 106 DNS Recursive Name Search option DHCPv6 server responses and DNS servers in local pools. . . . . . . . . . . . . . . . . . . . . 106 DNS servers addresses in responses to clients DNS Recursive Name Search option and. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 configuring in IPv6 local address pools. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 list of configured in IPv6 address pools. . . . . . . . . . . . . . . . . 104 order of preference in responses to clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 order of use for delegating prefixes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 primary and secondary for domain resolution requests from clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 responding with IPv6 addresses for client requests. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 documentation set comments on. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxxix domain command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582 Domain Name System. See DNS domain names allowing or denying. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 configuring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 default. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 mapping to virtual routers. . . . . . . . . . . . . . 8, 115, 125, 422 mapping user requests without domain name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8, 9 none. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 specifying single name for users. . . . . . . . . . . . . . . . . . . . . . . . . . . 16 stripping domain name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 using aliases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 using delimiters other than @. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 using either domain or realm asdomain name. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 using realm name as domain name. . . . . . . . . . . . . . . . . . . . . . 12 Downstream-Calculated-QoS-Rate (RADIUS attribute 26-141). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 DSL Forum VSAs controlling inclusion of. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 descriptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 in AAA access and accounting messages. . . . . . . . . . . . 182
DSLAMs (digital subscriber line access multiplexers). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 DSLs (digital subscriber lines). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 dual stack combined IPv4 and IPv6 services example of . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 IPv4 and IPv6 services combined, activating and deactivating. . . . . . . . . 664 combined, overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 independent, activating and deactivating. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664 independent, overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 service interim accounting, overview. . . . . . . . . . . 670 Service manager support, activating and deactivating. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664 Service manager support, overview. . . . . . . . . . . . . 663 statistics collection external parent groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683 duplicate AAA accounting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 configuring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 duplicate clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 duplicate MAC addresses identifying DHCP clients with. . . . . . . . . . . . . . . . . . . . . 520, 530 monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549 Dynamic Host Configuration Protocol. See DHCP See DHCP dynamic IP interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 dynamic subscriber interfaces commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 configuring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604, 616 configuring DHCP external server to interoperate with DHCP relay and DHCP relay proxy . . . . . . . . . 527 configuring DHCP external server to preserve. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519, 526 configuring DHCP external server to re-authenticate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531 DHCP server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 framed routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 GRE tunnel configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619 in same VR as DHCP relay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 inheriting MAC validation state. . . . . . . . . . . . . . . . . . . . . . . . . . . 607 IP over bridged Ethernet configuration. . . . . . . . . . . . . . . 618 IP over Ethernet configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . 616 IP over VLAN over Ethernet configuration. . . . . . . . . . . 617 monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629 overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 packet detection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606
E
E120 and E320 routers ATM interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603 EAP (Extensible Authentication Protocol) external RADIUS server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 local authentication server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 RADIUS attributes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
Index
735
JUNOSe 11. 0. x Broadband Access Configuration Guide
RADIUS authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 TACACS+ server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 EAP-Message (RADIUS attribute 79). . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 Egress-Policy-Name (RADIUS attribute 26-11). . . . . . . . . . . . 215 enable proxy authenticate command. . . . . . . . . . . . . . . . . . . . . . . . . 372 encapsulation commands encapsulation bridge1483. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 encapsulation vlan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 endpoint discriminator. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 equal-access DHCP local server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 Ethernet configuring dynamic subscriber interfaces. . . . . . . . . . 616 Ethernet interfaces commands interface tenGigabitEthernet. . . . . . . . . . . . . . . . . . . . . . . . 621 Ethernet links between CPE and PE routers pool section for Prefix Delegation. . . . . . . . . . . . . . . . 107 Event-Timestamp (RADIUS attribute 55). . . . . . . . . . . . . . . . . . . . 202 exclusion ranges configuring for delegation of prefixes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 example for non-PPP client requests. . . . . . . . . . . . . . . . . . . 107 for DHCPv6 prefixes delegated to clients. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 Extensible Authentication Protocol. [. . . ]
DISCLAIMER TO DOWNLOAD THE USER GUIDE JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X Lastmanuals offers a socially driven service of sharing, storing and searching manuals related to use of hardware and software : user guide, owner's manual, quick start guide, technical datasheets... In any way can't Lastmanuals be held responsible if the document you are looking for is not available, incomplete, in a different language than yours, or if the model or language do not match the description. Lastmanuals, for instance, does not offer a translation service. Click on "Download the user manual" at the end of this Contract if you accept its terms, the downloading of the manual JUNIPER NETWORKS JUNOSE SOFTWARE 11.0.X will begin.