Table: Host limits list the host limits and Table: Session limits lists the session limits that can be configured in the following profiles:
sla-profile
The limits are enforced per SLA profile instance.
sub-profile
The limits are enforced per subscriber.
Example
For a bridged RGW, allow one dual stack IPoE session (IPv4 and IPv6 IA-PD) per SLA profile instance and up to two sessions per subscriber.
configure
subscriber-mgmt
sla-profile "sla-profile-1"
description "host and sessions limits per SLA Profile Instance"
host-limits
ipv4-overall 1
ipv4-arp 0
ipv4-dhcp 1
ipv6-pd-overall 1
ipv6-wan-overall 0
exit
session-limits
ipoe 1
pppoe-overall 0
l2tp-overall 0
exit
exit
sub-profile "sub-profile-1"
description "host and session limits per subscriber"
session-limits
overall 2
Table: Host limit counters applicable per subscriber host type specifies the host-limits counters that are applicable for each of the different subscriber host types in SR OS. Table: Session limit counters applicable per subscriber session type specifies the session-limits counters that are applicable for each of the different subscriber session types in SR OS.
Host and session limits are checked when the host or session is created in the system. When a limit is reached, the host or session setup fails, and an error event is logged. For example:
6338 2020/09/24 09:48:50.612 UTC WARNING: DHCP #2005 Base Lease State Population Error
"Lease state table population error on SAP 1/1/4:2111.1 in service 1000 - sub-profile 'sub-profile-1' : host-limit overall (1) exceeded for subscriber 'ipoe-001'"
When a host or session limit is reached for an ARP host, an IPoE host or an IPoE session, a host-limit-exceeded Subscriber Host Connectivity Verification (SHCV) can be triggered to clean up the state of disconnected devices.
Command name | Description |
---|---|
overall |
Limits the total number of subscriber hosts |
ipv4-overall |
Limits the total number of IPv4 hosts |
ipv4-arp |
Limits the number of IPv4 ARP hosts |
ipv4-dhcp |
Limits the number of IPv4 DHCP hosts |
ipv4-ppp |
Limits the number of IPv4 PPP hosts |
ipv6-overall |
Limits the total number of IPv6 hosts |
ipv6-pd-overall |
Limits the total number of IPv6 DHCP Prefix Delegation hosts (IA-PD) |
ipv6-pd-ipoe-dhcp |
Limits the number of IPv6 IPoE DHCP Prefix Delegation hosts (IA-PD) |
ipv6-pd-ppp-dhcp |
Limits the number of IPv6 PPPoE DHCP Prefix Delegation hosts (IA-PD) |
ipv6-wan-overall |
Limits the total number of IPv6 WAN hosts |
ipv6-wan-ipoe-dhcp |
Limits the number of IPv6 IPoE DHCP WAN hosts (IA-NA) |
ipv6-wan-ipoe-slaac |
Limits the number of IPv6 IPoE SLAAC WAN hosts |
ipv6-wan-ppp-dhcp |
Limits the number of IPv6 PPPoE DHCP WAN hosts (IA-NA). |
ipv6-wan-ppp-slaac |
Limits the number of IPv6 PPPoE SLAAC WAN hosts |
lac-overall |
Limits the total number of L2TP LAC hosts |
Subscriber host type | Counts toward following host limits |
---|---|
IPv4 - PPP Hosts - IPCP |
ipv4-ppp, ipv4-overall, overall |
IPv4 - PPP Hosts - PFCP |
— |
IPv4 - IPOE Hosts - DHCP |
ipv4-dhcp, ipv4-overall, overall |
IPv4 - IPOE Hosts - ARP |
ipv4-arp, ipv4-overall, overall |
IPv4 - IPOE Hosts - Static |
ipv4-overall, overall |
IPv4 - IPOE Hosts - PFCP |
— |
IPv4 - IPOE Mngd Hosts - Data-trig |
ipv4-overall, overall |
IPv4 - IPOE Mngd Hosts - AAA |
ipv4-overall, overall |
IPv4 - IPOE Mngd Hosts - GTP |
ipv4-overall, overall |
IPv4 - IPOE Mngd Hosts - Bonding |
ipv4-overall, overall |
IPv4 - IPOE Hosts BSM - DHCP |
— |
IPv4 - IPOE Hosts BSM - Static |
— |
IPv4 - IPOE BSM - DHCP |
— |
IPv4 - IPOE BSM - Static |
— |
IPv6 - PPP Hosts - SLAAC |
ipv6-wan-ppp-slaac, ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Hosts - DHCP6 (NA) |
ipv6-wan-ppp-dhcp, ipv6-wan-overall, ipv6-overall, overall |
IPv6 - PPP Hosts - DHCP6 (PD) |
ipv6-pd-ppp-dhcp, ipv6-pd-overall, ipv6-overall, overall |
IPv6 - PPP Mngd Routes - DHCP6 (PD) |
— |
IPv6 - PPP Hosts - PFCP (SLAAC) |
— |
IPv6 - PPP Hosts - PFCP (NA) |
— |
IPv6 - PPP Hosts - PFCP (PD) |
— |
IPv6 - IPOE Hosts - SLAAC |
ipv6-wan-ipoe-slaac, ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Hosts - DHCP6 (NA) |
ipv6-wan-ipoe-dhcp, ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Hosts - DHCP6 (PD) |
ipv6-pd-ipoe-dhcp, ipv6-pd-overall, ipv6-overall, overall |
IPv6 - IPOE Mngd Routes - DHCP6 (PD) |
— |
IPv6 - IPOE Hosts - Static (WAN) |
ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Hosts - Static (Pfx) |
ipv6-pd-overall, ipv6-overall, overall |
IPv6 - IPOE Hosts - PFCP (SLAAC) |
— |
IPv6 - IPOE Hosts - PFCP (NA) |
— |
IPv6 - IPOE Hosts - PFCP (PD) |
— |
IPv6 - IPOE Mngd Hosts - Data-trig (WAN) |
ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Mngd Hosts - Data-trig (Pfx) |
ipv6-pd-overall, ipv6-overall, overall |
IPv6 - IPOE Mngd Routes - Data-trig (Pfx) |
— |
IPv6 - IPOE Mngd Hosts - AAA |
ipv6-wan-overall, ipv6-overall, overall |
IPv6 - IPOE Mngd Hosts - GTP (SLAAC) |
ipv6-pd-overall, ipv6-overall, overall |
IPv6 - IPOE Mngd Hosts - Bonding |
ipv6-pd-overall, ipv6-overall, overall |
IPv6 - IPOE BSM - DHCP6 (NA) |
— |
IPv6 - IPOE BSM - DHCP6 (PD) |
— |
L2TP LAC Hosts |
lac-overall, ipv4-overall, ipv6-overall, overall |
Command name | Description |
---|---|
overall |
Limits the total number of subscriber sessions |
ipoe |
Limits the number of IPoE sessions |
pppoe-overall |
Limits the total number of PPPoE sessions |
pppoe-local |
Limits the number of PPPoE local terminated sessions (PTA) |
pppoe-lac |
Limits the number of PPPoE L2TP LAC sessions |
l2tp-overall |
Limits the total number of L2TP sessions |
l2tp-lns |
Limits the number of L2TP LNS sessions |
l2tp-lts |
Limits the number of L2TP LTS sessions |
Subscriber session type | Counts toward following session limits |
---|---|
Local PPP Sessions - PPPoE |
pppoe-local, pppoe-overall, overall |
Local PPP Sessions - L2TP (LNS) |
l2tp-lns, l2tp-overall, overall |
LAC PPP Sessions - PPPoE |
pppoe-lac, pppoe-overall, overall |
LAC PPP Sessions - L2TP (LTS) |
l2tp-lts, l2tp-overall, overall |
IPOE Sessions |
ipoe, overall |
PFCP Sessions - PPP |
— |
PFCP Sessions - IPOE |
— |
PFCP Sessions - default tunnels |
— |
The host and session limits per SLA profile instance and per subscriber can be overridden at subscriber host or session creation by the following.
Include the 245.26.6527.5 Alc-Spi-Host-And-Session-Limits and 245.26.6527.6 Alc-Sub-Host-And-Session-Limits VSAs in the RADIUS Access-Accept message during authentication.
See the 7450 ESS, 7750 SR, and VSR RADIUS Attributes Reference Guide for a detailed description of the VSAs.
Include the NOKIA-1047 Alc-Spi-Host-And-Session-Limits and NOKIA-1048 Alc-Sub-Host-And-Session-Limits Vendor Specific Diameter AVPs in a CCA-I or CCA-U message during authentication.
See the 7750 SR Gx AVPs Reference Guide for a detailed description of the AVPs.
The combination of overrides and configured limits is only checked when the host or session is created.
Overrides are stored in the subscriber host and session ESM info and can be displayed using the following show commands:
show service id service-id dhcp lease-state detail
show service id service-id dhcp6 lease-state detail
show service id service-id slaac host detail
show service id service-id arp-host detail
show service id service-id ppp session detail
show service id service-id pppoe session detail
show service id service-id ipoe session detail
show service id service-id managed-hosts type {aaa | bonding | data-triggered | gtp | wpp}
For example:
# show service id 1000 ipoe session subscriber "ipoe-001" detail
===============================================================================
IPoE sessions for service 1000
===============================================================================
SAP : [1/1/4:2111.1]
Mac Address : 0a:11:00:00:00:01
Circuit-Id : pe1|1000|group-int-2-1|1/1/4:2111.1
Remote-Id : 0a:11:00:00:00:01
Session Key : sap-mac
--- snip ---
Subscriber Session Limit Overrides
ipoe : 3
pppoe-overall : 0
l2tp-overall : 0
SLA Profile Instance Session Limit Overrides
ipoe : 1
pppoe-overall : 0
l2tp-overall : 0
-------------------------------------------------------------------------------
Number of sessions : 1
===============================================================================
It is the operator's responsibility to keep consistency in the overrides that are stored per subscriber host and session by the following:
ensure that all hosts and sessions that belong to the same SLA profile instance receive the same dynamic SLA profile instance limit overrides
ensure that all hosts and sessions that belong to the same subscriber receive the same dynamic subscriber limit overrides
For existing hosts or sessions, this consistency can be achieved by a mid-session change, for example, by RADIUS CoA or Diameter Gx RAR or CCA-U.