I testing Junos Subscriber Manager on virtual playgroung. All seems fine and work as expected on real hardware. But with dynamic profile with source-class sclass_mytest option not working.
If I disable only one line "source-class sclass_mytest" all becomes normal and client receives IP address with applied dynamic profile.
With source-class sclass_mytest client doesn't get IP address at all - because of profile problems.
Does anyone know how to debug profiles and see in logs errors/warning?
Dynamic profile config excerpt:
firewall {
family inet {
filter "$inet_in" {
interface-specific;
term service {
from {
service-filter-hit;
}
then accept;
}
term First{
from {
source-class sclass_mytest;
}
then {
policer "$policer_in";
service-accounting;
service-filter-hit;
accept;
}
}
term Last{
then accept;
}
}
}
...
Looks like source class has mark in routing table:
All prefixes with communities: 7:1 are marked with sclass_mytest
inet.0: 29 destinations, 29 routes (29 active, 0 holddown, 0 hidden)
1.0.4.0/22 (1 entry, 1 announced)
TSI:
KRT in-kernel 1.0.4.0/22 -> {50.0.0.1}
Source class: sclass_mytest
*BGP Preference: 170/-191
Next hop type: Router, Next hop index: 662
Address: 0xc808710
Next-hop reference count: 48
Source: 50.0.0.1
Next hop: 50.0.0.1 via ae0.100, selected
Session Id: 0x142
State: <Secondary Active Ext>
Peer AS: 123456
Age: 14:16 Metric: 0
Validation State: unverified
Task: BGP_123456_789.50.0.0.1
Announcement bits (1): 0-KRT
AS path: 123456 I
Communities: 7:1
Accepted
Localpref: 195
Router ID: 2.21.89.1
Primary Routing Table testrt.inet.0
