Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.
  • 1.  MX BNG attribute nas-port format and domain stripping

    Posted 10-02-2020 00:42



    I am trying to port an IOS-XE BNG config over to Junos.

    I have an entry on my cisco which states:


    aaa group server radius FREERADIUS
    server-private auth-port 1812 acct-port 1813 timeout 3 retransmit 2 
    ip radius source-interface Loopback20
    attribute nas-port format d
    throttle accounting 100 access 100 access-timeout 3


    I can see that the NAS port format d is PPPoX


    NAS-Port format. Possible values for the format argument are as follows:

    • a--Standard NAS-Port format
    • b--Extended NAS-Port format
    • c--Carrier-based format
    • d--PPPoX (PPP over Ethernet or PPP over ATM) extended NAS-Port format
    • e--C onfigurable NAS-Port format

    Does anyone know what the equivalent command is on Junos?


    also in that piece of code there is a domain-stripping entry.

    I have seen on junos a domain-map that can allow me to strip the domain name


      domain {
        map default {


    But this seems to be at a global level rather than per radius server/group


    many thanks



  • 2.  Re: MX BNG attribute nas-port format and domain stripping

    Posted 10-02-2020 01:07



    If you want to change/modify NAS-PORT-ID from its default setting, use the following knob:

    #set access profile test radius options nas-
    'nas-' is ambiguous.
    Possible completions:
    nas-identifier NAS-Identifier to be used for authentication and accounting requests (RADIUS attribute 32)
    > nas-port-extended-format RADIUS client's use of an extended format for RADIUS attribute 5
    nas-port-id-delimiter Single character delimiter character to use in the NAS-Port-Id
    > nas-port-id-format Format methods for building the NAS-Port-Id radius attribute
    > nas-port-type Translation mechanism for changing the NAS-Port-Type radius attribute

    and in case if you want to exclude NAS-PORT-ID information from AAA messages, use the following knob:

    # set access profile test radius attributes exclude nas-
    'nas-' is ambiguous.
    Possible completions:
    + nas-identifier Excludes RADIUS attribute 32, NAS-identifier
    + nas-port Excludes RADIUS attribute 5, NAS-Port
    + nas-port-id Excludes RADIUS attribute 87, NAS-Port-ID
    + nas-port-type Excludes RADIUS attribute 61, NAS-Port-Type


    More info on NAS-PORT-ID, visit the following document:


    As for domain map, it is supported in the default logical system only:

    Though you can strip a domain based on domain name other than the default by creating one:
    # set access domain map test.com strip-domain