I have configured subscriber management on an interface on my MX80 router. Both single and dual-stacked customers can be assigned (an) IP-address(es).
For this I have created two dynamic VLAN profiles for creating virtual VLAN interfaces.
DYNINTF-VLAN-DHCP-INET-KPN {
interfaces {
"$junos-interface-ifd-name" {
unit "$junos-interface-unit" {
proxy-arp restricted;
vlan-id "$junos-vlan-id";
family inet {
unnumbered-address lo0.0 preferred-source-address xx.xx.xx.xx;
}
}
}
}
DYNINTF-STACKED-VLAN-INET-KPN {
interfaces {
"$junos-interface-ifd-name" {
unit "$junos-interface-unit" {
proxy-arp restricted;
vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id";
family inet {
unnumbered-address lo0.0 preferred-source-address xx.xx.xx.xx;
}
}
}
}
For traffic policing on stacked VLANs, I have created a dynamic IP profile:
DYNSUB-IP-PROFILE-KPN {
interfaces {
"$junos-interface-ifd-name" {
unit "$junos-underlying-interface-unit" {
family inet {
filter {
input "$junos-input-filter";
output "$junos-output-filter";
}
}
}
}
}
}
At last but not least, I have to configure the IP profile under the DHCP group for it to be active.
dhcp-local-server {
group local-kpn {
interface xe-0/0/3.0 {
dynamic-profile DYNSUB-IP-PROFILE-KPN;
}
}
}
With this last profile activated, stacked VLAN customers get their IP addresses and traffic policies applied just fine, but single tagged VLAN customers don't. Deactivating the IP profile under the DHCP server group makes it work again for single tagged VLAN customers.
How would I solve this? I could create blank firewall filters for single tagged VLANs, but that seems like a dirty trick doesn't it?
Best Answer
What is the configuration of the physical interfaces?
Do you use auto-configure under your interfaces where you are receiving users requests ?
EXAMPLE:
Interface configuration:
xe-1/0/0 { description Subscribers; hierarchical-scheduler maximum-hierarchy-levels 2; flexible-vlan-tagging; auto-configure { stacked-vlan-ranges { dynamic-profile StakedVlan { accept [ dhcp-v4 dhcp-v6 pppoe ]; ranges { 1600-1999,1600-1999; } } access-profile SubscriberDhcp; } vlan-ranges { dynamic-profile SingleVlan { accept [ dhcp-v4 dhcp-v6 pppoe ]; ranges { 1600-1999; } } access-profile SubscriberDhcp; } remove-when-no-subscribers; } mtu 9192; encapsulation flexible-ethernet-services; }Dynamic profiles:
StakedVlan { routing-instances { "$junos-routing-instance" { interface "$junos-interface-name"; } } interfaces { demux0 { unit "$junos-interface-unit" { demux-source inet; proxy-arp; vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id"; demux-options { underlying-interface "$junos-interface-ifd-name"; } family inet { unnumbered-address "$junos-loopback-interface"; } } } } } SingleVlan { routing-instances { "$junos-routing-instance" { interface "$junos-interface-name"; } } interfaces { demux0 { unit "$junos-interface-unit" { demux-source inet; proxy-arp; vlan-id "$junos-vlan-id"; demux-options { underlying-interface "$junos-interface-ifd-name"; } family inet { unnumbered-address "$junos-loopback-interface"; } } } } }