[j-nsp] Cisco to Juniper BNG

Dave Bell me at geordish.org
Fri Sep 17 12:44:24 EDT 2021 

You can control shaping from RADIUS fairly easily.

Define a dynamic-profile which configures your subscriber as you need:
PPPOE-PROFILE {
    predefined-variable-defaults {
        cos-shaping-rate 1m;
        cos-byte-adjust -4;
    }
    interfaces {
        pp0 {
            unit "$junos-interface-unit" {
                actual-transit-statistics;
                no-traps;
                ppp-options {
                    chap;
                }
                pppoe-options {
                    underlying-interface "$junos-underlying-interface";
                    server;
                }
                keepalives interval 30;
                family inet {
                    rpf-check;
                    unnumbered-address "$junos-loopback-interface";
                }
                family inet6 {
                    rpf-check;
                    address $junos-ipv6-address;
                }
            }
        }
    }
    class-of-service {
        traffic-control-profiles {
            SUBSCRIBER-TCP {
                scheduler-map SUB_MAP;
                shaping-rate "$junos-cos-shaping-rate";
                overhead-accounting frame-mode-bytes
"$junos-cos-byte-adjust";
            }
        }
        interfaces {
            pp0 {
                unit "$junos-interface-unit" {
                    output-traffic-control-profile SUBSCRIBER-TCP;
                }
            }
        }
    }
}

You can then populate the various CoS parameters using VSA 26-108
CoS-Parameter-Type
https://www.juniper.net/documentation/us/en/software/junos/subscriber-mgmt-sessions/topics/topic-map/radius-std-attributes-vsas-support.html#id-juniper-networks-vsas-supported-by-the-aaa-service-framework

On Fri, 17 Sept 2021 at 17:14, Mike via juniper-nsp <
juniper-nsp at puck.nether.net> wrote:

> Hello,
>
>      I have decided to investigate reorganizing how I terminate customer
> broadband sessions and I have some questions about differences in Cisco
> vs Juniper radius profiles:
>
>      Currently in radius, I have a number of attributes I push out upon
> authentication which can include things like Framed-IP-Address,
> Framed-IP-Netmask,  Framed-Route and Filter-id. I know these are pretty
> standard and likely are supported out of the box on Cisco and likely
> juniper too. However, I also do rate limiting in radius since my BNGs
> are cisco, and these rely on the 'Cisco-Service-Info' attribute with
> values like "QU;30000000;5625000;11250000;D;30000000;5625000;11250000",
> which establishes a 30m/30m pipe. I like using radius for this but most
> of what I have seen says I need instead to establish profiles on the
> Junos box itself in advance and reference them by name. This seems
> really inconvenient. I have done some poking around and see there is
> some dynamic profile support, but I am just not connecting the dots how
> I would get a similar feature to allow me to set the shaping rates in
> radius for juniper. If it matters, my primary access method is PPPoE but
> in the future I will move to a DHCP / CGNAT arrangement but still want
> to have the filtering/shaping functionality.
>
> Thank you.
>
> Mike-
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>

More information about the juniper-nsp mailing list