Scribd Logo
Upload

Welcome to Scribd!

  • 182 views

    PPPoE JUNOS

    Uploaded by

    Ederson Silva
    The document contains configuration settings for different types of network interfaces on a Juniper device including: - PPPoE profiles that define parameters for PPPoE interfaces like authentication, addressing, and routing. - VLAN profiles that configure VLAN tagging and underlying interfaces for dynamic VLAN interfaces. - QinQ profiles that configure double VLAN tagging for dynamic QinQ interfaces. - IPoE profiles that set addressing and routing for dynamic IPoE interfaces. The configurations can be applied to pseudowire, physical fiber, or dynamic interfaces through assignment of the profiles. This allows different interface types to be configured for services like PPPoE, IPoE, or QinQ

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd

    PPPoE JUNOS

    Uploaded by

    Ederson Silva
    182 views14 pages
    The document contains configuration settings for different types of network interfaces on a Juniper device including: - PPPoE profiles that define parameters for PPPoE interfaces like authentication, addressing, and routing. - VLAN profiles that configure VLAN tagging and underlying interfaces for dynamic VLAN interfaces. - QinQ profiles that configure double VLAN tagging for dynamic QinQ interfaces. - IPoE profiles that set addressing and routing for dynamic IPoE interfaces. The configurations can be applied to pseudowire, physical fiber, or dynamic interfaces through assignment of the profiles. This allows different interface types to be configured for services like PPPoE, IPoE, or QinQ

    Original Description:

    juniper networks

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document contains configuration settings for different types of network interfaces on a Juniper device including: - PPPoE profiles that define parameters for PPPoE interfaces like authentication, addressing, and routing. - VLAN profiles that configure VLAN tagging and underlying interfaces for dynamic VLAN interfaces. - QinQ profiles that configure double VLAN tagging for dynamic QinQ interfaces. - IPoE profiles that set addressing and routing for dynamic IPoE interfaces. The configurations can be applied to pseudowire, physical fiber, or dynamic interfaces through assignment of the profiles. This allows different interface types to be configured for services like PPPoE, IPoE, or QinQ

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    182 views14 pages

    PPPoE JUNOS

    Uploaded by

    Ederson Silva
    The document contains configuration settings for different types of network interfaces on a Juniper device including: - PPPoE profiles that define parameters for PPPoE interfaces like authentication, addressing, and routing. - VLAN profiles that configure VLAN tagging and underlying interfaces for dynamic VLAN interfaces. - QinQ profiles that configure double VLAN tagging for dynamic QinQ interfaces. - IPoE profiles that set addressing and routing for dynamic IPoE interfaces. The configurations can be applied to pseudowire, physical fiber, or dynamic interfaces through assignment of the profiles. This allows different interface types to be configured for services like PPPoE, IPoE, or QinQ

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Download as txt, pdf, or txt
    of 14

    set dynamic-profiles PPPoE-Base routing-instances "$junos-routing-instance"

    interface "$junos-interface-name"
    set dynamic-profiles PPPoE-Base routing-instances "$junos-routing-instance"
    routing-options access-internal route $junos-subscriber-ip-address qualified-next-
    hop "$junos-interface-name"
    set dynamic-profiles PPPoE-Base routing-instances "$junos-routing-instance"
    routing-options access route $junos-framed-route-ip-address-prefix next-hop
    "$junos-framed-route-nexthop"
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" ppp-
    options ignore-magic-number

    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" ppp-


    options chap
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" ppp-
    options pap

    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" ppp-


    options mru 1492
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" ppp-
    options mtu 1492

    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" pppoe-


    options underlying-interface "$junos-underlying-interface"
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" pppoe-
    options server

    #PPPOE BASE
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit"
    keepalives interval 60 (mirktoik equivale a 180 segundos"
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" family
    inet rpf-check
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" family
    inet unnumbered-address "$junos-loopback-interface"
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" family
    inet tcp-mss 1450
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" family
    inet6 address $junos-ipv6-address
    set dynamic-profiles PPPoE-Base interfaces pp0 unit "$junos-interface-unit" family
    inet6 unnumbered-address "$junos-loopback-interface"
    set dynamic-profiles PPPoE-Base protocols router-advertisement interface "$junos-
    interface-name" prefix $junos-ipv6-ndra-prefix

    #IPOE BASE
    set dynamic-profiles CLIENTS-IPoE interfaces demux0 unit "$junos-interface-unit"
    proxy-arp
    set dynamic-profiles CLIENTS-IPoE interfaces demux0 unit "$junos-interface-unit"
    family inet unnumbered-address lo0.0
    set dynamic-profiles CLIENTS-IPoE interfaces demux0 unit "$junos-interface-unit"
    family inet6 unnumbered-address lo0.0
    set dynamic-profiles CLIENTS-IPoE protocols router-advertisement interface "$junos-
    interface-name" max-advertisement-interval 1800
    set dynamic-profiles CLIENTS-IPoE protocols router-advertisement interface "$junos-
    interface-name" min-advertisement-interval 900
    set dynamic-profiles CLIENTS-IPoE protocols router-advertisement interface "$junos-
    interface-name" managed-configuration
    set dynamic-profiles CLIENTS-IPoE protocols router-advertisement interface "$junos-
    interface-name" other-stateful-configuration
    set dynamic-profiles CLIENTS-IPoE protocols router-advertisement interface "$junos-
    interface-name" prefix $junos-ipv6-ndra-prefix

    #PERFIL DE INTERFACE VLAN NORMAL


    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-id "$junos-vlan-id"
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    demux-options underlying-interface "$junos-interface-ifd-name"
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe access-concentrator PPPOE-SPEEDNET
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe duplicate-protection
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe dynamic-profile PPPoE-Base

    #PERFIL DE INTERFACE QINQ


    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    no-traps
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-tags outer "$junos-stacked-vlan-id"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-tags inner "$junos-vlan-id"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    demux-optbomions underlying-interface "$junos-interface-ifd-name"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe access-concentrator BRAS-PPPOE-01-QINQ
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe duplicate-protection
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe dynamic-profile PPPoE-Base

    #PERFIL DE INTERFACE QINQ


    set dynamic-profiles VLAN-IPoE routing-instances "$junos-routing-instance"
    interface "$junos-interface-name" any
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" actual-transit-statistics
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-source inet
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-source inet6
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" proxy-arp
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" vlan-id "$junos-vlan-id"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-options underlying-interface "$junos-underlying-interface"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" keepalives interval 30
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" family inet unnumbered-address "$junos-loopback-interface"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" family inet6 unnumbered-address "$junos-loopback-interface"

    ###############################usando pseudowire
    #################################################

    #PPPOE ESTATICO
    set interfaces ps0.0 flexible-vlan-tagging
    set interfaces ps0.0 unit 10 vlan-id 10
    set interfaces ps0.0 unit 10 family inet address 192.168.78.1/24
    set interfaces ps0.0 unit 10 family pppoe access-concentrator PPPOE-SERVER-01
    set interfaces ps0.0 unit 10 family pppoe dynamic-profile PPPoE-Base

    #PPPOE DINAMICO
    set interfaces ps0.0 flexible-vlan-tagging
    set interfaces ps0.0 auto-configure stacked-vlan-ranges
    set interfaces ps0.0 auto-configure vlan-ranges dynamic-profile vlan-profile accept
    pppoe
    set interfaces ps0.0 auto-configure vlan-ranges dynamic-profile vlan-profile ranges
    1-4000

    #PPPOE DINAMICO Q-IN-Q


    set interfaces ps0.0 flexible-vlan-tagging
    set interfaces ps0.0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile accept pppoe
    set interfaces ps0.0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile ranges any,any
    set interfaces ps0.0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile ranges 1000-2000,any

    #IPOE DINAMICO
    set interfaces ps0.0 flexible-vlan-tagging
    set interfaces ps0.0 auto-configure vlan-ranges dynamic-profile VLAN-IPoE accept
    any
    set interfaces ps0.0 auto-configure vlan-ranges dynamic-profile VLAN-IPoE ranges 1-
    4000
    set interfaces ps0.0 encapsulation flexible-ethernet-services

    ###############################usando interface
    fisica#################################################
    #PPPOE ESTATICO
    set interfaces ge-0/0/0 flexible-vlan-tagging
    set interfaces ge-0/0/0 unit 10 vlan-id 10
    set interfaces ge-0/0/0 unit 10 family inet address 192.168.78.1/24
    set interfaces ge-0/0/0 unit 10 family pppoe access-concentrator PPPOE-SERVER-01
    set interfaces ge-0/0/0 unit 10 family pppoe dynamic-profile PPPoE-Base

    #PPPOE DINAMICO
    set interfaces ge-0/0/0 flexible-vlan-tagging
    set interfaces ge-0/0/0 auto-configure stacked-vlan-ranges
    set interfaces ge-0/0/0 auto-configure vlan-ranges dynamic-profile vlan-profile
    accept pppoe
    set interfaces ge-0/0/0 auto-configure vlan-ranges dynamic-profile vlan-profile
    ranges 1-4000
    #PPPOE DINAMICO Q-IN-Q
    set interfaces ge-0/0/0 flexible-vlan-tagging
    set interfaces ge-0/0/0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile accept pppoe
    set interfaces ge-0/0/0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile ranges any,any
    set interfaces ge-0/0/0 auto-configure stacked-vlan-ranges dynamic-profile qinq-
    profile ranges 1000-2000,any

    #IPOE DINAMICO
    set interfaces xe-0/0/2 flexible-vlan-tagging
    set interfaces xe-0/0/2 auto-configure vlan-ranges dynamic-profile VLAN-IPoE accept
    any
    set interfaces xe-0/0/2 auto-configure vlan-ranges dynamic-profile VLAN-IPoE ranges
    1-4000
    set interfaces xe-0/0/2 encapsulation flexible-ethernet-services

    #PERFIL DE INTERFACE VLAN NORMAL


    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-id "$junos-vlan-id"
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    demux-options underlying-interface "$junos-interface-ifd-name"
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe access-concentrator PPPOE-SPEEDNET
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe duplicate-protection
    set dynamic-profiles vlan-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe dynamic-profile PPPoE-Base

    #PERFIL DE INTERFACE QINQ


    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    no-traps
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-tags outer "$junos-stacked-vlan-id"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    vlan-tags inner "$junos-vlan-id"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    demux-optbomions underlying-interface "$junos-interface-ifd-name"
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe access-concentrator BRAS-PPPOE-01-QINQ
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe duplicate-protection
    set dynamic-profiles qinq-profile interfaces demux0 unit "$junos-interface-unit"
    family pppoe dynamic-profile PPPoE-Base

    set dynamic-profiles VLAN-IPoE routing-instances "$junos-routing-instance"


    interface "$junos-interface-name" any
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" actual-transit-statistics
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-source inet
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-source inet6
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" proxy-arp
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" vlan-id "$junos-vlan-id"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" demux-options underlying-interface "$junos-underlying-interface"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" keepalives interval 30
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" family inet unnumbered-address "$junos-loopback-interface"
    set dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit "$junos-
    interface-unit" family inet6 unnumbered-address "$junos-loopback-interface"
    deactivate dynamic-profiles VLAN-IPoE interfaces "$junos-interface-ifd-name" unit
    "$junos-interface-unit" family inet6

    #radius

    set access radius-server 35.166.241.25 port 1812


    set access radius-server 35.166.241.25 accounting-port 1813
    set access radius-server 35.166.241.25 secret frasesecreta
    set access radius-disconnect-port 3799
    set access radius-disconnect 35.166.241.25 secret frasesecreta

    set access profile PPPoE-Access-Profile authentication-order radius


    set access profile PPPoE-Access-Profile authentication-order none > usando quando
    estou sem radius, ele vai entregar accept para todos os clientes
    set access profile PPPoE-Access-Profile domain-name-server 8.8.8.8
    set access profile PPPoE-Access-Profile domain-name-server 10.10.11.11
    set access profile PPPoE-Access-Profile domain-name-server-inet6
    2001:4860:4860::8888
    set access profile PPPoE-Access-Profile domain-name-server-inet6
    2001:4860:4860::8844

    set access profile PPPoE-Access-Profile radius authentication-server 35.166.241.25


    set access profile PPPoE-Access-Profile radius accounting-server 35.166.241.25

    set access profile PPPoE-Access-Profile radius options nas-port-extended-format


    slot-width 5
    set access profile PPPoE-Access-Profile radius options nas-port-extended-format
    adapter-width 1
    set access profile PPPoE-Access-Profile radius options nas-port-extended-format
    port-width 3
    set access profile PPPoE-Access-Profile radius options client-authentication-
    algorithm round-robin
    set access profile PPPoE-Access-Profile accounting order radius
    set access profile PPPoE-Access-Profile accounting accounting-stop-on-failure
    set access profile PPPoE-Access-Profile accounting accounting-stop-on-access-deny
    set access profile PPPoE-Access-Profile accounting immediate-update
    set access profile PPPoE-Access-Profile accounting update-interval 20
    set access profile PPPoE-Access-Profile accounting statistics volume-time

    set access address-assignment high-utilization 85


    set access address-assignment abated-utilization 50
    set access address-assignment high-utilization-v6 85
    set access address-assignment abated-utilization-v6 50

    set access address-assignment pool pool-1 family inet network 100.64.0.0/20


    set access address-assignment pool pool-1 link pool-2
    set access address-assignment pool pool-2 family inet network 100.65.0.0/20

    set access address-assignment pool IPOE-1 family inet network 100.64.0.0/24


    set access address-assignment pool IPOE-1 family inet range IPoE-Pool low
    100.64.0.2
    set access address-assignment pool IPOE-1 family inet range IPoE-Pool high
    100.64.0.254
    set access address-assignment pool IPOE-1 family inet dhcp-attributes maximum-
    lease-time 1800
    set access address-assignment pool IPOE-1 family inet dhcp-attributes name-server
    170.150.220.2
    set access address-assignment pool IPOE-1 family inet dhcp-attributes name-server
    170.150.220.22
    set access address-assignment pool IPOE-1 family inet dhcp-attributes router
    100.64.0.1
    set access address-assignment pool IPOE-1 family inet dhcp-attributes t1-renewal-
    time 432000
    set access address-assignment pool IPOE-1 family inet dhcp-attributes t2-rebinding-
    time 756000

    #entre bng>onu/tplink)
    set access address-assignment pool ndra-2001 family inet6 prefix
    2804:3064:8007::/48
    set access address-assignment pool ndra-2001 family inet6 range ndra-range prefix-
    length 64

    #delegacao de blocos BNGx cliente


    set access address-assignment pool v6-prefix-pool-01 family inet6 prefix
    2804:3064:cc00::/40
    set access address-assignment pool v6-prefix-pool-01 family inet6 range prefix-
    range prefix-length 56
    set access address-assignment pool pool_bloqueado family inet network 10.0.0.0/22

    set access domain map default access-profile PPPoE-Access-Profile


    set access domain map default address-pool pool-1

    set access address-assignment neighbor-discovery-router-advertisement ndra-2001

    set interfaces lo0 unit 0 family inet address 10.10.10.101/32

    set interfaces lo0 unit 0 family iso address 49.0002.0192.0168.0101.00


    set interfaces lo0 unit 0 family inet6 address 2004:f1a::101/128

    set interfaces lo0 unit 0 family inet address 100.64.0.1/32


    set interfaces lo0 unit 0 family inet address 100.64.1.1/32
    set interfaces lo0 unit 0 family inet address 100.64.2.1/32
    set interfaces lo0 unit 0 family inet address 100.64.3.1/32
    set interfaces lo0 unit 0 family inet address 100.64.5.1/32
    set interfaces lo0 unit 0 family inet address 100.64.6.1/32
    set interfaces lo0 unit 0 family inet address 100.64.7.1/32

    set system services dhcp-local-server dhcpv6 overrides interface-client-limit 100


    set system services dhcp-local-server dhcpv6 overrides multi-address-embedded-
    option-response
    set system services dhcp-local-server dhcpv6 overrides delete-binding-on-
    renegotiation
    set system services dhcp-local-server dhcpv6 group dhcp6 overrides interface-
    client-limit 200
    set system services dhcp-local-server dhcpv6 group dhcp6 overrides delegated-pool
    V6-pool-client-delegate
    set system services dhcp-local-server dhcpv6 group dhcp6 interface xe-0/0/0.0
    deactivate system services dhcp-local-server dhcpv6 group dhcp6
    set system services dhcp-local-server pool-match-order external-authority
    set system services dhcp-local-server pool-match-order ip-address-first
    set system services dhcp-local-server duplicate-clients-in-subnet incoming-
    interface

    set system services dhcp-local-server liveness-detection method layer2-liveness-


    detection transmit-interval 300
    set system services dhcp-local-server liveness-detection method layer2-liveness-
    detection max-consecutive-retries 6

    set system services dhcp-local-server overrides no-unicast-replies


    set system services dhcp-local-server overrides delete-binding-on-renegotiation
    set system services dhcp-local-server group dhcp4 overrides dual-stack DS
    set system services dhcp-local-server group dhcp4 interface xe-0/0/1.0
    set system services dhcp-local-server dual-stack-group DS authentication password
    IPoE
    set system services dhcp-local-server dual-stack-group DS authentication username-
    include relay-agent-interface-id
    set system services dhcp-local-server dual-stack-group DS access-profile CLIENTS
    set system services dhcp-local-server dual-stack-group DS dynamic-profile CLIENTS-
    IPoE
    set system services dhcp-local-server dual-stack-group DS classification-key mac-
    address
    set system services dhcp-local-server no-stale-timer-refresh
    set system services dhcp-local-server stale-timer 60

    DHCP V4 E V6
    CONTROLE BANDA (PFERIL DE CONEXAO)

    ERX-Service-Activate:1 = "VELOCIDADE(2M,10M,600K,1M)"

    #2M
    set dynamic-profiles VELOCIDADE variables Bandwidth-IN default-value 32k
    set dynamic-profiles VELOCIDADE variables Bandwidth-IN mandatory

    #10M
    set dynamic-profiles VELOCIDADE variables Bandwidth-OUT default-value 32k
    set dynamic-profiles VELOCIDADE variables Bandwidth-OUT mandatory

    #600K
    set dynamic-profiles VELOCIDADE variables Burst-IN default-value 2m
    #1M
    set dynamic-profiles VELOCIDADE variables Burst-OUT default-value 2m

    set dynamic-profiles VELOCIDADE variables Policer-IN uid


    set dynamic-profiles VELOCIDADE variables Policer-OUT uid
    set dynamic-profiles VELOCIDADE variables Filter-IN uid
    set dynamic-profiles VELOCIDADE variables Filter-OUT uid
    set dynamic-profiles VELOCIDADE variables Filter-IN-V6 uid
    set dynamic-profiles VELOCIDADE variables Filter-OUT-V6 uid

    #aplicar na interface
    set dynamic-profiles VELOCIDADE interfaces pp0 unit "$junos-interface-unit" family
    inet filter input "$Filter-IN"
    set dynamic-profiles VELOCIDADE interfaces pp0 unit "$junos-interface-unit" family
    inet filter output "$Filter-OUT"

    set dynamic-profiles VELOCIDADE interfaces pp0 unit "$junos-interface-unit" family


    inet6 filter input "$Filter-IN-V6"
    set dynamic-profiles VELOCIDADE interfaces pp0 unit "$junos-interface-unit" family
    inet6 filter output "$Filter-OUT-V6"

    #UPLOAD
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-IN" interface-
    specific
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-IN" term 10
    then policer "$Policer-IN"
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-IN" term 10
    then accept
    #DOWNLOAD
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT"
    interface-specific
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term
    aceita-gerencia from prefix-list ACEITA-GERENCIA-CLIENTES
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term
    aceita-gerencia then accept
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term
    bloqueia-acesso-remoto from destination-port 1-1024
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term
    bloqueia-acesso-remoto the discard
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term 10
    then policer "$Policer-OUT"
    set dynamic-profiles VELOCIDADE firewall family inet filter "$Filter-OUT" term 10
    then accept

    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-IN-V6"


    interface-specific
    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-IN-V6" term
    10 then policer "$Policer-IN"
    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-IN-V6" term
    10 then accept
    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-OUT-V6"
    interface-specific
    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-OUT-V6" term
    10 then policer "$Policer-OUT"
    set dynamic-profiles VELOCIDADE firewall family inet6 filter "$Filter-OUT-V6" term
    10 then accept

    #UPLOAD
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-IN" logical-interface-
    policer
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-IN" if-exceeding
    bandwidth-limit "$Bandwidth-IN"
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-IN" if-exceeding burst-
    size-limit "$Burst-IN"
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-IN" then discard

    #DOWNLOAD
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-OUT" logical-interface-
    policer
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-OUT" if-exceeding
    bandwidth-limit "$Bandwidth-OUT"
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-OUT" if-exceeding burst-
    size-limit "$Burst-OUT"
    set dynamic-profiles VELOCIDADE firewall policer "$Policer-OUT" then discard

    ERX-Service-Activate:1 = "LIBERAR-CDN(2M,10M,600K,1M,400M)"

    #2M
    set dynamic-profiles LIBERAR-CDN variables Bandwidth-IN default-value 32k
    set dynamic-profiles LIBERAR-CDN variables Bandwidth-IN mandatory

    #10M
    set dynamic-profiles LIBERAR-CDN variables Bandwidth-OUT default-value 32k
    set dynamic-profiles LIBERAR-CDN variables Bandwidth-OUT mandatory
    #600K
    set dynamic-profiles LIBERAR-CDN variables Burst-IN default-value 2m
    #1M
    set dynamic-profiles LIBERAR-CDN variables Burst-OUT default-value 2m

    set dynamic-profiles LIBERAR-CDN variables CDN default-value 2m

    set dynamic-profiles LIBERAR-CDN variables Policer-IN uid


    set dynamic-profiles LIBERAR-CDN variables Policer-OUT uid
    set dynamic-profiles LIBERAR-CDN variables Filter-IN uid
    set dynamic-profiles LIBERAR-CDN variables Filter-OUT uid
    set dynamic-profiles LIBERAR-CDN variables Filter-IN-V6 uid
    set dynamic-profiles LIBERAR-CDN variables Filter-OUT-V6 uid
    set dynamic-profiles LIBERAR-CDN variables CDNuid uid

    #aplicar na interface
    set dynamic-profiles LIBERAR-CDN interfaces pp0 unit "$junos-interface-unit" family
    inet filter input "$Filter-IN"
    set dynamic-profiles LIBERAR-CDN interfaces pp0 unit "$junos-interface-unit" family
    inet filter output "$Filter-OUT"

    set dynamic-profiles LIBERAR-CDN interfaces pp0 unit "$junos-interface-unit" family


    inet6 filter input "$Filter-IN-V6"
    set dynamic-profiles LIBERAR-CDN interfaces pp0 unit "$junos-interface-unit" family
    inet6 filter output "$Filter-OUT-V6"

    #UPLOAD
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-IN"
    interface-specific
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-IN" term 10
    then policer "$Policer-IN"
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-IN" term 10
    then accept
    #DOWNLOAD
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT"
    interface-specific
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    aceita-gerencia from prefix-list ACEITA-GERENCIA-CLIENTES
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    aceita-gerencia then accept
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    bloqueia-acesso-remoto from destination-port 1-1024
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    bloqueia-acesso-remoto the discard
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    libera-cdn from prefix-list CDNS
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    libera-cdn then policer "$CDNuid"
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term
    libera-cdn then accept
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term 10
    then policer "$Policer-OUT"
    set dynamic-profiles LIBERAR-CDN firewall family inet filter "$Filter-OUT" term 10
    then accept

    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-IN-V6"


    interface-specific
    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-IN-V6" term
    10 then policer "$Policer-IN"
    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-IN-V6" term
    10 then accept
    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-OUT-V6"
    interface-specific
    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-OUT-V6" term
    10 then policer "$Policer-OUT"
    set dynamic-profiles LIBERAR-CDN firewall family inet6 filter "$Filter-OUT-V6" term
    10 then accept

    #UPLOAD
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-IN" logical-interface-
    policer
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-IN" if-exceeding
    bandwidth-limit "$Bandwidth-IN"
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-IN" if-exceeding burst-
    size-limit "$Burst-IN"
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-IN" then discard

    #DOWNLOAD
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-OUT" logical-interface-
    policer
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-OUT" if-exceeding
    bandwidth-limit "$Bandwidth-OUT"
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-OUT" if-exceeding
    burst-size-limit "$Burst-OUT"
    set dynamic-profiles LIBERAR-CDN firewall policer "$Policer-OUT" then discard

    #CDN
    set dynamic-profiles LIBERAR-CDN firewall policer "$CDNuid" logical-interface-
    policer
    set dynamic-profiles LIBERAR-CDN firewall policer "$CDNuid" if-exceeding bandwidth-
    limit "$CDN"
    set dynamic-profiles LIBERAR-CDN firewall policer "$CDNuid" if-exceeding burst-
    size-limit "$Burst-OUT"
    set dynamic-profiles LIBERAR-CDN firewall policer "$CDNuid" then discard

    ERX-Service-Activate:1 = "FIREWALL-LIBERADO(2M,10M)"

    #2M
    set dynamic-profiles FIREWALL-LIBERADO variables Bandwidth-IN default-value 32k
    set dynamic-profiles FIREWALL-LIBERADO variables Bandwidth-IN mandatory

    #10M
    set dynamic-profiles FIREWALL-LIBERADO variables Bandwidth-OUT default-value 32k
    set dynamic-profiles FIREWALL-LIBERADO variables Bandwidth-OUT mandatory

    #600K
    set dynamic-profiles FIREWALL-LIBERADO variables Burst-IN default-value 2m
    #1M
    set dynamic-profiles FIREWALL-LIBERADO variables Burst-OUT default-value 2m
    set dynamic-profiles FIREWALL-LIBERADO variables Policer-IN uid
    set dynamic-profiles FIREWALL-LIBERADO variables Policer-OUT uid
    set dynamic-profiles FIREWALL-LIBERADO variables Filter-IN uid
    set dynamic-profiles FIREWALL-LIBERADO variables Filter-OUT uid
    set dynamic-profiles FIREWALL-LIBERADO variables Filter-IN-V6 uid
    set dynamic-profiles FIREWALL-LIBERADO variables Filter-OUT-V6 uid

    #aplicar na interface
    set dynamic-profiles FIREWALL-LIBERADO interfaces pp0 unit "$junos-interface-unit"
    family inet filter input "$Filter-IN"
    set dynamic-profiles FIREWALL-LIBERADO interfaces pp0 unit "$junos-interface-unit"
    family inet filter output "$Filter-OUT"

    set dynamic-profiles FIREWALL-LIBERADO interfaces pp0 unit "$junos-interface-unit"


    family inet6 filter input "$Filter-IN-V6"
    set dynamic-profiles FIREWALL-LIBERADO interfaces pp0 unit "$junos-interface-unit"
    family inet6 filter output "$Filter-OUT-V6"

    #UPLOAD
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-IN"
    interface-specific
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-IN"
    term 10 then policer "$Policer-IN"
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-IN"
    term 10 then accept
    #DOWNLOAD
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-OUT"
    interface-specific
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-OUT"
    term 10 then policer "$Policer-OUT"
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet filter "$Filter-OUT"
    term 10 then accept

    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-IN-V6"


    interface-specific
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-IN-V6"
    term 10 then policer "$Policer-IN"
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-IN-V6"
    term 10 then accept
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-OUT-
    V6" interface-specific
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-OUT-
    V6" term 10 then policer "$Policer-OUT"
    set dynamic-profiles FIREWALL-LIBERADO firewall family inet6 filter "$Filter-OUT-
    V6" term 10 then accept

    #UPLOAD
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-IN" logical-
    interface-policer
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-IN" if-exceeding
    bandwidth-limit "$Bandwidth-IN"
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-IN" if-exceeding
    burst-size-limit "$Burst-IN"
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-IN" then discard

    #DOWNLOAD
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-OUT" logical-
    interface-policer
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-OUT" if-exceeding
    bandwidth-limit "$Bandwidth-OUT"
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-OUT" if-exceeding
    burst-size-limit "$Burst-OUT"
    set dynamic-profiles FIREWALL-LIBERADO firewall policer "$Policer-OUT" then discard

    ERX-Service-Activate:1 = "GAMER(2M,10M)"

    #2M
    set dynamic-profiles GAMER variables Bandwidth-IN default-value 32k
    set dynamic-profiles GAMER variables Bandwidth-IN mandatory

    #10M
    set dynamic-profiles GAMER variables Bandwidth-OUT default-value 32k
    set dynamic-profiles GAMER variables Bandwidth-OUT mandatory

    #600K
    set dynamic-profiles GAMER variables Burst-IN default-value 2m
    #1M
    set dynamic-profiles GAMER variables Burst-OUT default-value 2m

    set dynamic-profiles GAMER variables Policer-IN uid


    set dynamic-profiles GAMER variables Policer-OUT uid
    set dynamic-profiles GAMER variables Filter-IN uid
    set dynamic-profiles GAMER variables Filter-OUT uid
    set dynamic-profiles GAMER variables Filter-IN-V6 uid
    set dynamic-profiles GAMER variables Filter-OUT-V6 uid

    #aplicar na interface
    set dynamic-profiles GAMER interfaces pp0 unit "$junos-interface-unit" family inet
    filter input "$Filter-IN"
    set dynamic-profiles GAMER interfaces pp0 unit "$junos-interface-unit" family inet
    filter output "$Filter-OUT"

    set dynamic-profiles GAMER interfaces pp0 unit "$junos-interface-unit" family inet6


    filter input "$Filter-IN-V6"
    set dynamic-profiles GAMER interfaces pp0 unit "$junos-interface-unit" family inet6
    filter output "$Filter-OUT-V6"

    #UPLOAD
    set dynamic-profiles GAMER firewall family inet filter "$Filter-IN" interface-
    specific
    set dynamic-profiles GAMER firewall family inet filter "$Filter-IN" term 10 then
    policer "$Policer-IN"
    set dynamic-profiles GAMER firewall family inet filter "$Filter-IN" term 10 then
    accept
    set dynamic-profiles GAMER firewall family inet filter "$Filter-IN" term 10 then
    dscp cs5
    set dynamic-profiles GAMER firewall family inet filter "$Filter-IN" term 10
    forwarding-class network-control
    #DOWNLOAD
    set dynamic-profiles GAMER firewall family inet filter "$Filter-OUT" interface-
    specific
    set dynamic-profiles GAMER firewall family inet filter "$Filter-OUT" term 10 then
    policer "$Policer-OUT"
    set dynamic-profiles GAMER firewall family inet filter "$Filter-OUT" term 10 then
    accept

    set dynamic-profiles GAMER firewall family inet filter "$Filter-OUT" term 10 then
    dscp cs5
    set dynamic-profiles GAMER firewall family inet filter "$Filter-OUT" term 10 then
    forwarding-class network-control

    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-IN-V6" interface-


    specific
    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-IN-V6" term 10
    then policer "$Policer-IN"
    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-IN-V6" term 10
    then accept
    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-OUT-V6" interface-
    specific
    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-OUT-V6" term 10
    then policer "$Policer-OUT"
    set dynamic-profiles GAMER firewall family inet6 filter "$Filter-OUT-V6" term 10
    then accept

    #UPLOAD
    set dynamic-profiles GAMER firewall policer "$Policer-IN" logical-interface-policer
    set dynamic-profiles GAMER firewall policer "$Policer-IN" if-exceeding bandwidth-
    limit "$Bandwidth-IN"
    set dynamic-profiles GAMER firewall policer "$Policer-IN" if-exceeding burst-size-
    limit "$Burst-IN"
    set dynamic-profiles GAMER firewall policer "$Policer-IN" then discard

    #DOWNLOAD
    set dynamic-profiles GAMER firewall policer "$Policer-OUT" logical-interface-
    policer
    set dynamic-profiles GAMER firewall policer "$Policer-OUT" if-exceeding bandwidth-
    limit "$Bandwidth-OUT"
    set dynamic-profiles GAMER firewall policer "$Policer-OUT" if-exceeding burst-size-
    limit "$Burst-OUT"
    set dynamic-profiles GAMER firewall policer "$Policer-OUT" then discard

    You might also like