Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
cea-timeout timeouttimeout must be an integer from 1 through 120.cea-timeout 16connection retry-timeout timeoutconnection timeout timeoutconnection timeout timeouttimeout specifies the connection timeout duration, in seconds, and must be an integer from 1 through 30.device-watchdog-request max-retries retry_countdpa-timeout timeoutdpa-timeout 16max-outstanding messagesmax-outstanding 1024origin host host_name address ip_address [ port port_number ] [ accept-incoming-connections ] [ address ip_address_secondary ]host_name must be the local Diameter host name, and must be a string of 1 through 255 characters in length.address ip_addressip_address must either be an IPv4 address expressed in dotted decimal notation, or an IPv6 address expressed in colon notation.port port_numberport_number must be an integer from 1 through 65535.address ip_address_secondaryip_address_secondary must either be an IPv4 address expressed in dotted decimal notation, or an IPv6 address expressed in colon notation.The command origin host host-name must be entered exactly once. Alternatively, the origin host host-name address ip_address [ port port_number ] command may be entered one or more times. The host names should be unique across all endpoints within the context. The address values or address/port combinations should be unique across all endpoints within the context.[ no ] origin realm realm_namerealm_name must be an alpha and/or numeric string of 1 through 127 characters in length.origin realm companyxpeer peer_name [ realm realm_name ] { address ip_address [ [ port port_number ] [ connect-on-application-access ] [ send-dpr-before-disconnect disconnect-cause disconnect_cause ] [ sctp ] ] + | fqdn fqdn [ [ port port_number ] [ send-dpr-before-disconnect disconnect-cause disconnect_cause ] ] }peer_name must be an alpha and/or numeric string of 1 through 63 characters in length, and allows punctuation characters.realm realm_namerealm_name must be an alpha and/or numeric string of 1 through 127 characters in length. The realm name can be a company or service name.address ip_addressip_address can either be an IPv4 address expressed in dotted decimal notation, or an IPv6 address expressed in colon notation.fqdn fqdnfqdn must be an alpha and/or numeric string of 1 through 127 characters in length.port port_numberport_number must be an integer from 1 through 65535.
• response-timeout timeoutThe following command sets the response timeout to 100 seconds:response-timeout 100route-entry { [ host host_name ] [ peer peer_id [ weight priority ] ] [ realm realm_name { application credit-control peer peer_id [ weight value ] | peer peer_id [ weight value ] } ] }no route-entry { [ host host_name ] [ peer peer_id ] [ realm realm_name { application credit-control peer peer_id | peer peer_id } ] }host host_namehost_name must be an alpha and/or numeric string of 1 through 63 characters in length.realm realm_namerealm_name must be an alpha and/or numeric string of 1 through 127 characters in length.peer peer_idpeer_id must be an alpha and/or numeric string of 1 through 63 characters in length.weight prioritypriority must be an integer from 0 through 255.The following command creates a route entry with the host name dcca_host1 and peer ID dcca_peer with priority weight of 10:route-failure { deadtime seconds | recovery-threshold percent percentage | result-code result_code | threshold counter }no route-failure result-code result_codedeadtime secondsseconds must be the deadtime duration, in seconds, and must be an integer from 1 through 86400.recovery-threshold percent percentagepercentage must be the value in percentage of the counter which caused FAILED, and must be an integer from 1 through 99.result-code result_coderesult_code must be an integer from 0 through 4,294,967,295.threshold countercounter must be an integer from 0 through 4,294,967,295.certificate certificatecertificate must be an encrypted certificate, and must be an alpha and/or numeric string of 700 through 900 characters in length.password passwordpassword must be an encrypted password, and must be an alpha and/or numeric string of 6 through 50 characters in length.privatekey private_keyprivate_key must be an encrypted key, and must be an alpha and/or numeric string of 900 through 1500 characters in length.Important: Both the Diameter client and server must be configured with TLS enabled or TLS disabled; otherwise, the Diameter connection will be rejected.
tls certificate "-----BEGIN CERTIFICATE-----\nMIICGDCCAYECAgEBMA0GCSqGSIb3DQEBBAUAMFcxCzAJBgNVBAYTAlVTMRMwEQYD\nVQQKEwpSVEZNLCBJbmMuMRkwFwYDVQQLExBXaWRnZXRzIERpdmlzaW9uMRgwFgYD\nVQQDEw9UZXN0IENBMjAwMTA1MTcwHhcNMDEwNTE3MTYxMDU5WhcNMDQwMzA2MTYx\nMDU5WjBRMQswCQYDVQQGEwJVUzETMBEGA1UEChMKUlRGTSwgSW5jLjEZMBcGA1UE\nCxMQV2lkZ2V0cyBEaXZpc2lvbjESMBAGA1UEAxMJbG9jYWxob3N0MIGfMA0GCSqG\nSIb3DQEBAQUAA4GNADCBiQKBgQCiWhMjNOPlPLNW4DJFBiL2fFEIkHuRor0pKw25\nJ0ZYHW93lHQ4yxA6afQr99ayRjMY0D26pH41f0qjDgO4OXskBsaYOFzapSZtQMbT\n97OCZ7aHtK8z0ZGNW/cslu+1oOLomgRxJomIFgW1RyUUkQP1n0hemtUdCLOLlO7Q\nCPqZLQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAIumUwl1OoWuyN2xfoBHYAs+lRLY\nKmFLoI5+iMcGxWIsksmA+b0FLRAN43wmhPnums8eXgYbDCrKLv2xWcvKDP3mps7m\nAMivwtu/eFpYz6J8Mo1fsV4Ys08A/uPXkT23jyKo2hMu8mywkqXCXYF2e+7pEeBr\ndsbmkWK5NgoMl8eM\n-----END CERTIFICATE-----\n"tls privatekey "-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-CBC,5772A2A7BE34B611\n\n1yJ+xAn4MudcIfXXy7ElYngJ9EohIh8yvcyVLmE4kVd0xeaL/Bqhvk25BjYCK5d9\nk1K8cjgnKEBjbC++0xtJxFSbUhwoKTLwn+sBoJDcFzMKkmJXXDbSTOaNr1sVwiAR\nSnB4lhUcHguYoV5zlRJn53ft7t1mjB6RwGH+d1Zx6t95OqM1lnKqwekwmotVAWHj\nncu3N8qhmoPMppmzEv0fOo2/pK2WohcJykSeN5zBrZCUxoO0NBNEZkFUcVjR+KsA\n1ZeI1mU60szqg+AoU/XtFcow8RtG1QZKQbbXzyfbwaG+6LqkHaWYKHQEI1546yWK\nus1HJ734uUkZoyyyazG6PiGCYV2u/aY0i3qdmyDqTvmVIvve7E4glBrtDS9h7D40\nnPShIvOatoPzIK4Y0QSvrI3G1vTsIZT3IOZto4AWuOkLNfYS2ce7prOreF0KjhV0\n3tggw9pHdDmTjHTiIkXqheZxZ7TVu+pddZW+CuB62I8lCBGPW7os1f21e3eOD/oY\nYPCI44aJvgP+zUORuZBWqaSJ0AAIuVW9S83Yzkz/tlSFHViOebyd8Cug4TlxK1VI\nq6hbSafh4C8ma7YzlvqjMzqFifcIolcbx+1A6ot0UiayJTUra4d6Uc4Rbc9RIiG0\njfDWC6aii9YkAgRl9WqSd31yASge/HDqVXFwR48qdlYQ57rcHviqxyrwRDnfw/lX\nMf6LPiDKEco4MKej7SR2kK2c2AgxUzpGZeAY6ePyhxbdhA0eY21nDeFd/RbwSc5s\neTiCCMr41OB4hfBFXKDKqsM3K7klhoz6D5WsgE6u3lDoTdz76xOSTg==\n-----END RSA PRIVATE KEY-----\n"tls password password_for_TLSEach proxy task will automatically select one of the host names configured with the origin host CLI command. Multiple proxy tasks will not use the same host names, so there should be at least as many host names as proxy tasks. Otherwise, some proxy tasks will not be able to perform Diameter functionality. The chassis automatically selects which proxy tasks are used by which managers (i.e., ACSMgrs/SessMgrs), without verifying whether the proxy task is able to perform Diameter functionality.To be able to run this command, the Diameter proxy must be enabled. In the Global Configuration Mode, see the require diameter-proxy CLI command.watchdog-timeout timeoutUse this command to configure the Watchdog Timeout parameter for the Diameter endpoint. If this timer expires before getting a response from the destination, other route to the same destination is tried, as long as the retry count setting has not been exceeded (see the device-watchdog-request CLI command) and as long as the response timer has not expired (see the response-timeout CLI command).
![]() |
Cisco Systems Inc. |
Tel: 408-526-4000 |
Fax: 408-527-0883 |