Cabletron Systems 9032578-05 manual Start the Lfap protocol on the SSR

Chapter 24: LFAP Configuration Guide

attempts to connect to it via TCP first. If the connection fails, then the next configured FAS is tried. A FAS can be configured as the primary FAS for one group of SSRs and the secondary FAS for another group of SSRs.

Note: The Traffic Accountant is not designed to reconcile duplicate data records. For example, if an ACL that is configured for filtering traffic on one SSR matches an ACL on another SSR in the network, the same flow information may be collected on each SSR. This can result in duplicate information in the Traffic Accountant database, which can cause disproportionate accounting and billing numbers.

To configure and enable LFAP on an SSR:

1.Configure the ACL rules for the accounting policy and apply the ACL to one or more interfaces:

ssr(config)# acl 101 permit ip any any any any accounting ssr(config)# acl 101 apply interface all-ip input output logging off policy local

Note: The accounting keyword in the ‘acl permit ip’ command specifies that accounting information for the flows that match the ACL are sent to the configured FAS.

2.Identify the primary (and secondary) FAS system to which the SSR will send LFAP messages (up to three FAS systems can be configured):

ssr(config)# lfap set server 134.141.170.82

3.Start the LFAP protocol on the SSR:

ssr(config)# lfap start

You can use the Policy Manager application on the FAS to create ACLs that are external to the SSR. If you want to configure ACLs on the SSR via the Policy Manager application on the FAS, you will need to configure the following commands on the SSR:

1.Set SNMP read-write community strings:

ssr(config)# snmp set community private privilege read-write

2.Allow external ACL policy control:

ssr(config)# acl-policy enable external