Service Creation Using Groups and Rules
TUT Systems, Inc Page 62 of 104 P/N 220-06288-20
Chapter 10 - Service Creation Using
Groups and Rules
Groups are created on the SMS2000 in order to provide an easier way to manage multiple
subscribers. Subscribers are placed into groups according to a set of rules. Rules may be
configured directly on the SMS2000 through the command line interface or, more
typically, are generated automatically by the OCS and downloaded to the SMS2000.
Rules are a set of Boolean operators that compare a subscriber’s MACaddress, IP
address, VLAN tag, and SNMP-reported origin (for Tut Systems’ Expresso GS/MDU
Chassis media).
When a rule is matched, the subscriber is placed in the appropriate group. Rules also
specify attributes such as IP addressing or traffic shaping parameters, which override the
group defaults.
The SMS2000 can treat subscribers differently, depending on the group into which they
are placed. By default, a single group is used for all subscribers, but additional groups can
be added. Group membership controls the following attributes:
• DHCP pool selection
• Authentication and accounting server selection
• DNS server for queries
• Default traffic shaping parameters
Groups
Many configuration items, including authentication type, IP type, and shaping can be tied
to groups. For example, if a manager had previously configured an SMS2000 to use
RADIUS to authenticate users, but had a particular subscriber who wanted to use a NAT
box which could not conduct RADIUS authentication, the manager might use a rule to
place that particular box in a special group which did not require authentication.
Adding a Group
To add groups with specific characteristics, use this command:
group add groupname [noinherit | inherit groupname]
For example, to add a group named custnat, type:
SMS2000% group add custnat
Note:
The new group automatically becomes the new group context. Group
specific commands affect the new group.