Day One: SBR Change of Authorization (CoA) and the MX Series

By John Rolfe

Day One: SBR Change of Authorization (CoA) and the MX Series - John Rolfe
  • Release Date: 2013-03-19
  • Genre: Internet

Description

Day One: SBR Change of Authorization (CoA) and the MX Series describes the steps needed to build a MX subscriber management solution along with RADIUS authentication, authorization, accounting, and change of authorization using Juniper’s Steel Belted Radius (SBR). The author walks you through the process, step-by-step, setting up a dynamic profile on the MX, setting firewall/policers to the profile via RADIUS, and then changing those values via RADIUS CoA. Then John Rolfe guides you through the required XML envelopes, setting up a web server, and implementing a self-service portal to invoke the CoA, utilizing an HTML Web page with a PHP script built on XAMPP (from Apache Friends), which includes the Apache web server, PHP, Perl, and other components.

Day One: SBR Change of Authorization (CoA) and the MX Series is meant for the lab, for a day exploring the basic tenets of software defined networks (SDN) by using the MX Series, Junos, and SBR to create a CoA solution.

Juniper CoA solutions can enable a number of network use cases, from automating service provisioning, to credit card authorization portals, to self-service portals for network and subscriber provisioning. Learn the basics here, in a day, and you’ll be able to explore these and other use cases for your own network needs.

IT’S DAY ONE AND YOU HAVE A JOB TO DO, SO LEARN HOW TO:
•  Handle DHCP subscribers using MX DHCP local server. 
•  Configure IP demux on the subscriber interface.
•  Create QoS configuration templates for deployment.
•  Build dynamic profiles using the firewall filter/policer for QOS.
•  Use SBR Carrier using Session Control Module (SCM) for CoA. 
•  Utilize SBR Carrier XML over HTTPS API.
•  Perform PHP scripting to implement the HTTPS XML post.
•  Build a basic Apache web server page.

About the Author
John Rolfe has over 30 years of experience in the networking industry. He is presently a consulting system engineer in the Technologies and Solution group at Juniper Networks, focusing on identity and policy management as well as network management systems. Prior to Juniper Networks, he worked in the VOIP industry with session border controllers at NexTone. Prior to that, he spent seven years in the semiconductor industry primarily in Network Processing silicon with Agere.