Traffic Policy-Map Configuration Mode Commands


Traffic Policy-Map Configuration Mode Commands
 
 
Policy-Map is used to configure a flow-based traffic policy for Traffic Policy feature within a destination context. It designates the flow treatment based on the classification rules configured in Class-Map mode for a subscriber session flow.
 
 
3gpp2 data-over-signaling
This command configures 3GPP2 related flow treatment policy for the flow-based traffic policing to subscriber session.
Product
PDSN, HA
Privilege
Security Administrator, Administrator
Syntax
[ no ] 3gpp2 data-over-signaling marking
no
Disables configured 3GPP2 related flow treatment policy.
marking
Indicates 3GPP2 related traffic flow for data over signaling channel.
Usage
Use this command to mark traffic flows for 3GPP2 related policy.
Example
3gpp2 data-over-signaling marking
 
access-control
This command configures the access control action for traffic flow matching with Class-Map rules.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
access-control { allow | discard }
allow
This option allows the packets, if policy matches with the criteria defined in Class-Map assigned to the specific traffic policy.
discard
This option discards the packets, if policy matches with the criteria defined in Class-Map assigned to the specific traffic policy.
Usage
Configures the action or treatment for traffic flows matching with criteria specified in assigned Class-Map.
Example
The following command allows the packets or traffic flow on matching with criteria specified in assigned Class-Map for specific traffic policy.
access-control allow
 
accounting suppress
This command suppresses accounting action on traffic flow matching the policy map.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
[ no ] accounting suppress
no
Removes the suppression of accounting for traffic flow matching this policy map.
Usage
Use this command to suppress accounting action on traffic flow matching this policy map.
Policy maps configured for accounting suppression are used to implement the QChat Billing Suppression feature to selectively start and terminate accounting sessions based on the categorization of traffic as being interesting or non-interesting. See the accounting trigger command.
Example
The following command configures suppression of accounting on traffic flows matching this policy map:
accounting suppress
 
accounting trigger
This command configures an accounting trigger policy map to selectively start and terminate accounting sessions based on the categorization of traffic as being interesting or non-interesting to support the QCHAT Billing Suppression feature.
Product
PDSN
Privilege
Security Administrator, Administrator
Syntax
[ no | default ] accounting trigger { inactivity-timeout | interesting-traffic | intra-service-handoff }
default
Sets / Restores default value assigned for specified parameter.
no
Disables previously configured triggers.
inactivity-timeout
Generates an accounting stop message if there has been no data activity on the session for the interim accounting timeout interval.
Default: disabled
interesting-traffic
Generates an accounting start message upon arrival of interesting traffic.
Default: disabled
intra-service-handoff
Generates accounting start and stop messages during intra service handoffs within the same service.
Default: enabled
If this is disabled, the messages are suppressed during the handoffs. The current accounting session continues and no stop or start messages are generated during the intra service handoff.
Usage
Use this command to configure an accounting trigger policy map (ATPM) to selectively start and terminate accounting sessions based on the categorization of traffic as being interesting or non-interesting to support the QChat Billing Suppression feature.
Interesting traffic is identified as traffic that does not match any of the other Accounting Policy Maps (APMs) configured for accounting suppression. See the accounting suppress command.
An ATPM is similar to an APM, but without the class map rules. The ATPM is configured as of type accounting using the type accounting command.
In the ATPM, the trigger to start accounting for interesting traffic is configured using the accounting trigger interesting-traffic command. Accounting Start is triggered on arrival of interesting traffic, or change in airlink parameters conveyed through active-start airlink record. If an active-start record was included in the initial connection setup, Accounting Start is not triggered. But if the active-start comes separately and is the first one for the session, it is treated as airlink change and an Accounting Start is sent.
Optionally, timeout can be triggered when there is no data traffic for the interim accounting timeout interval using the accounting trigger inactivity-timeout stop command. On timeout, the accounting session is terminated and an Accounting Stop message is sent. A new accounting session is created if interesting traffic resumes.
The ATPM should have the lowest precedence among the APMs.
As the airlink events are generated on the ingress side, the ATPM must be included in a policy group that is applied to the ingress direction in the subscriber profile. The configuration is applicable only for standard trigger policy and session based accounting mode.
Example
The following command sets the trigger to generate accounting start message upon arrival of interesting traffic:
accounting trigger interesting-traffic
 
class-map
This command assigns a traffic classification rule (Class-Map) to the policy map.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
class-map name
name
Specifies the name of the class map assigned for this policy map. The class map should be one that was configured in the Class Map Configuration Mode.
name must be the name of a class map, and must be a string of 1 through 15 characters in length.
Usage
Use this command to assigns a class map to the policy map for traffic policing. The class map is configured in the Class Map Configuration Mode.
Example
The following command assigns the class map classification1 to the current policy map:
class classification1
 
end
This command exits the current mode and returns to the Exec mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
end
Usage
Use this command to change to the Exec mode.
 
exit
This command exits the current mode and returns to the parent mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
exit
Usage
Use this command to return to the parent mode.
 
flow-tp-trigger
This command specifies that the traffic volume will be calculated based on the traffic on the flow.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
flow-tp-trigger volume
no flow-tp-trigger volume
volume
Specifies the volume threshold to trigger traffic policing.
volume is the value in bytes, and must be an integer from 1 through 4294967295.
Usage
This command is available if you have purchased and installed the Intelligent Traffic Control License on your system. Use this command to calculate the traffic volume based on the traffic on the flow.
Example
flow-tp-trigger 500
 
ip header-compression
Enables the system to mark IP flows for RObust Header Compression.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
[ no ] ip header-compression rohc flow-marking
no
Disables the setting.
rohc flow-marking
Marks the IP flow for SO67 and PPP ROHC.
Usage
Use this command to mark IP flows for SO67 and PPP ROHC.
Example
ip header-compression rohc flow-marking
 
qos encaps-header
Enables and configures Quality of Service (QoS) policy to use Differentiated Service Code Point (DSCP) marking in IP header field for the flow-based traffic policing to subscriber session flow.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
qos encaps-header dscp-marking { dscp_code | copy-from-user-datagram [ ignore-pcf-signaled-dscp ] | user-datagram }
dscp_code
Specifies the DSCP code value marked in IP header of packet/flow to determine the QoS for traffic policing.
The value must be expressed as a hexadecimal value from 0x00 through 0x3F.
copy-from-user-datagram
Specifies to use DSCP code value from user datagram (UDP header) to determine the QoS for traffic policing.
ignore-pcf-signaled-dscp
Specifies to override the highest priority DSCP value signaled by the PCF.
user-datagram
Specifies to use the DSCP value copied from the user datagram.
Usage
Use this command to apply the QoS policy based on DSCP code value encapsulated in IP packet header or User datagram packet to subscriber session flow for flow-based traffic policing.
Important: Details on the QoS traffic policing functionality is located in the System Administration and Configuration Guide.
Example
The following command sets QoS policy with DSCP code value to 0x0C for Class 1, silver (AF12):
qos encaps-header dscp-marking 0x0C
 
qos traffic-police
Enables and configures Quality of Service (QoS) policy for the flow-based traffic policing to subscriber session flow on per-flow basis.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
qostraffic-policecommittedbpspeakbpsburst-sizebyteexceed-action { drop | lower-ip-precedence | allow } violate-action { drop | lower-ip-precedence | allow }
burst-size bytes
Default: 3000
The peak burst size allowed, in bytes.
bytes must be an integer from 0 through 4294967295.
Important: It is recommended that this parameter be configured to at least the greater of the following two values: 1) 3 times greater than packet MTU for the subscriber connection, OR 2) 3 seconds worth of token accumulation within the “bucket” for the configured peak-data-rate.
committed bps
Default: 144000
The committed data rate (guaranteed-data-rate) in bps (bits per second).
bps must be an integer from 0 through 4294967295).
exceed-action { drop | lower-ip-precedence | allow }
Default: lower-ip-precedence
The action to take on the packets that exceed the committed-data-rate but do not violate the peak-data-rate. The following actions are supported:
drop: Drop the packet
lower-ip-precedence: Transmit the packet after lowering the ip-precedence
allow: Transmit the packet
peak bps
Default: 256000
Specifies the peak data-rate for the subscriber, in bps (bits per second).
bps must be an integer from 0 through 4294967295.
violate-action { drop | lower-ip-precedence | allow }
Default: drop
The action to take on the packets that exceed both the committed-data-rate and the peak-data-rate. The following actions are supported:
drop: Drop the packet
lower-ip-precedence: Transmit the packet after lowering the IP precedence
allow: Transmit the packet
Usage
Use this command to apply the QoS policy to subscriber session flow for flow-based traffic policing.
Important: Details on the QoS traffic policing functionality are located in the System Administration.
Example
The following command sets committed data rate of 102400 bps with peak data rate of 128000 bps and burst size 2048 bytes. This lowers the IP precedence when the committed-data-rate exceeded and drops the packets when peak-data-rate are violated:
qos traffic-police commited 102400 peak-data-rate 128000 burst-size 2048 exceed-action lower-ip-precedence violate-action drop
 
qos user-datagram dscp-marking
Enables and configures Quality of Service (QoS) policy related to differentiated service code point (DSCP) marking in user datagram of subscriber session flow on per-flow basis.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
qos user-datagram dscp-markingdscp_code
dscp_code
Specifies the DSCP code value marked in IP header of packet/flow to determine the QoS for traffic policing.
The value must be expressed as a hexadecimal value from 0x00 through 0x3F.
Usage
Use this command to apply the QoS policy to subscriber session flow by DSCP marking in user datagram.
Example
The following command sets DSCP marking for user datagram as 0x01 for QoS to subscriber session flow:
qos user-datagram dscp-marking 0x01
 
sess-tp-trigger
This command configures the trigger traffic control based on traffic volume on a session.
Product
PDSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
sess-tp-trigger volume
no sess-tp-trigger volume
volume
Specifies the traffic volume threshold to trigger traffic control. volume is a value in bytes from 1 to 4294967295.
Usage
This command is available if you have purchased and installed the Intelligent Traffic Control License on your system. Use this command to configure the trigger traffic control based on traffic volume on a session.
Example
sess-tp-trigger 500
 
type
This command specifies the type of traffic policy within specific Policy-Map.
Product
PDSN, HA, ASN GW
Privilege
Administrator
Syntax
type { accounting | dynamic { three-gpp2 rev-A profile-id { any | id profile_id | range low_value to high_value } flow-id { any | id flow_id | range low_value to high_value } | pre-provisioned wimax asn-service-profile-id { any | id service_id } asn-pdfid { any | id pdf_id } | static | template }
accounting
Specifies the type of traffic policing as accounting for this specific policy map. This configuration is used for enabling/disabling the accounting of different flows matching with conditions within this Policy-Map.
dynamic
Identifies the type of policy map as dynamic.
three-gpp2 rev-A
Configures dynamic policy map type for CDMA2000-3GPP2 RevA service.
profile-id { any | id profile_id | range low_hex to high_hex }
Specifies the profile id matching in this policy map.
any allows any profile identifier matching with in this policy map.
id profile_id allows specific profile identifier matching with in this policy map. profile_id must be either a value in hexidecimal format from 0x0 to 0xFFFF or an integer from 0 to 65535.
range low_value to high_value: identifies a range in which a profile identifier must fall within to be considered a match. low_value and high_value must be either a value in hexidecimal format from 0x0 to 0xFFFF or an integer from 0 to 65535.
flow-id { any | id flow_id | range low_hex to high_hex }
Specifies the flow id matching in this policy map.
any allows any flow identifier matching with in this policy map.
id flow_id allows specific flow identifier matching with in this policy map. flow_id must be either a value in hexidecimal format from 0x0 to 0xFFFF or an integer from 0 to 65535.
range low_value to high_value: identifies a range in which a flow identifier must fall within to be considered a match. low_value and high_value must be either a value in hexidecimal format from 0x0 to 0xFFFF or an integer from 0 to 65535.
pre-provisioned
Identifies the type of policy map as pre-provisioned.
wimax
Configures WiMAX service policy map in an ASN-GW service.
asn-service-profile { any | id service_id }
Specifies the ASN Service profile identifier to match with in this policy map.
any: Allows any ASN Service Profile Identifier matching within this policy map.
id service_id: Allows specific Service Profile matching to a specified identifier. service_id must be an integer from 1 to 65535 and must match a service ID that was configured in the Subscriber Configuration Mode.
asn-pdfid { any | id pdf_id }
Specifies the ASN Packet Data Flow Identifier to match with in this policy map.
any: Allows any ASN Packet Data Flow Identifier matching within this policy map.
id pdf_id: Allows specific Packet Data Flow matching to a specified identifier. pdf_id must be an integer from 1 to 255 and must match a PDF ID that was configured in the Subscriber Configuration Mode.
static
Specifies the type of traffic policing as static for this specific Policy Map. In this type of policy, the traffic flow classification and flow treatment is pre-defined with classification rules through Class-Map configuration.
This is the detailed type of policy map.
template
Specifies the type of traffic policy to as a template to all subscribers associated with this policy map.
Usage
Specifies the type of traffic policy within the specific Policy-Map.
Example
The following commands configures the traffic policy for this Policy-Map as static:
type static
The following commands configures the traffic policy for this Policy-Map as pre-provisioned for WiMAX service requiring a match of any service profile and PDF id of 3:
type pre-provisioned wimax asn-service-profile any asn-pdfid id 3
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883