SDX 6.4.x Application Library Guide > Configuring Services and Subscriptions to Integrate IDP > Classifying Subscribers for IDP Integration

Classifying Subscribers for IDP Integration

You configure additional entries in the subscriber classification script to support services for IDP integration.

To add entries to a subscriber classification script to support IDP integration:

1. Add an entry to host aggregate service on JUNOSe routers.
2. (Policy-based routing) Add an entry to host a core interface fragment service for policy-based routing traffic on a JUNOSe router.
3. (Mirroring) Add an entry to host a router fragment service for mirroring traffic on a JUNOS routing platform.

To view the sample subscriber classifications referenced in this section, see l=IDP, l=SAE, ou=staticConfiguration, ou=Configuration, o=Management, o=umc in the sample data.

Example: Router Subscriber Session to Host an Aggregate Service

For JUNOSe routers the subscriber classification script must assign a subscriber profile to the router interface. For example:

[ou=routers,retailername=SP-IDP,o=Users,o=UMC??sub?(routerName=<-virtualRouterN
ame->)]

# host subscriber for JUNOSe routers

interfaceName=="Router"

Example: Interface Subscriber Session to Policy-Route Traffic to IDP

For JUNOSe routers the subscriber classification script must also assign a shared subscriber profile and a login name to a subscriber session when a core interface service is activated. The following example assigns a login name and IP address for the subscriber session to an interface that has core specified as the ifAlias (as configured on the JUNOSe router).

[routerName=idp,ou=interfaces,retailername=SP-IDP,o=Users,o=UMC

?loginName=idp@idp]

# core facing interfaces on JUNOSe routers in JUNOSe POPs

ifAlias=="core"

The login name specified in this classification must be the same as the value set in the subscriber reference expression for the core interface fragment service in the aggregate service. The interface alias must be the same as the one specified in the interface classification script.

Example: Router Subscriber Session to Mirror Traffic to IDP

For JUNOS routing platforms, the subscriber classification script must assign subscriber profiles for the forwarding interface. For example:

[ou=routers,retailername=SP-IDP,o=Users,o=UMC??sub?(routerName=

<-virtualRouterName->)]

# host subscriber for JUNOS routers

interfaceName=="FORWARDING_INTERFACE"

For general information about classifying subscribers, see SDX Subscribers and Subscriptions Guide, Chapter 4, Classifying Interfaces and Subscribers.