Overview
General information
A dynamic service is a service in which sites are created using information contained in RADIUS Change of Authorization messages instead of manual operator input.
You can configure dynamic services for the following service types:
Dynamic service structure
The creation of a dynamic service is triggered by a CPE device establishing a control channel (PPPoE, IPoE, or DHCP) with an L3 NE. The control channel is authenticated using RADIUS, and the RADIUS server sends Access-Accept or Change of Authorization messages that contain the parameters for the dynamic service required by the triggering device.
The L3 NE passes the information from the RADIUS messages to a Python script, which returns CLI commands that create the required dynamic sites on the NE.
Data-triggered RADIUS authentication is possible through association of the dynamic service policy with a VPLS capture SAP, allowing dynamic service policy binding to an MSAP. The dynamic service policy is associated with a RADIUS server policy for authentication purposes. In deployments where RADIUS is used for accounting and dynamic changes (CoA) but cannot provide actual service provisioning parameters, you can configure a local authentication database object and associate it with the dynamic services policy, in place of a RADIUS server policy. In this case, the local authentication database is also associated with the dynamic service-enabled NE.
Figure 86-1: Basic dynamic service
When the control channel fails - for example, when the CPE device is removed - the NE deletes any dynamic services that were created for the control channel.