JUNOSe 7.2.x Policy Management Configuration Guide
66 ! Applying Policy Lists to Interfaces and Profiles
Enabling ATM Cell Mode
When you configure a rate limit profile to account for ATM cell tax, the forwarding
code now calculates this information to determine the size of a frame instead of
using only the frame size. Use the show rate-limit-profile command to display the
state of the mode.
atm-cell-mode
! Use to account for the ATM cell tax in statistics and rate calculations.
! Example
host1(config-policy-list)#atm-cell-mode
! Use the no version to restore the default, which uses the frame size with the
layer 2 header included.
Enabling IP Options Filtering
You can filter packets with IP options on an interface. When a packet arrives on an
interface, the router checks to see if the packet contains IP options. If it does and if
IP options filtering is enabled, that packet is dropped. IP options filtering is disabled
by default.
ip filter-options all
! Use to enable filtering of packets with IP options.
! Example
host1(config-if)#ip filter-options all
! Use the no version to disable filtering of packets with IP options.
Using RADIUS to Create and Apply Policies
E-series routers enable you to use RADIUS to create and apply policies on IP
interfaces. This feature supports the Ascend-Data-Filter attribute [242] through a
RADIUS vendor-specific attribute (VSA) that specifies a hexadecimal field. The
hexadecimal field is encoded with policy attachment, classification, and policy
action information.
The policy defined in the Ascend-Data-Filter attribute is applied when RADIUS
receives a client authorization request and replies with an Access-Accept message.
When you use RADIUS to apply policies, a subset of the router’s classification fields
and actions is supported. The supported actions and classification fields are:
! Actions
! Filter
! Forward
! Packet marking
To Next Page
Loading...
Need help?
General
