Guest

Cisco PGW 2200 Softswitch

RADIUS Enhancement for Accounting

  • Viewing Options

  • PDF (742.6 KB)
  • Feedback
RADIUS Enhancement for Accounting

Table Of Contents

RADIUS Enhancement for Accounting

Feature Overview

Generating RADIUS Authentication Records

Generating RADIUS Accounting Records

Communication with RADIUS Servers

Saving RADIUS Records on Disk

Retrieving RADIUS Records from Disk

Rules and Restrictions

Related Documents

Supported Standards, MIBs, and RFCs

Prerequisites for Using this Feature

XECfgParm.dat Configuration Tasks

Verifying the XECfgParm.dat Changes

Configuration Examples

Troubleshooting the XECfgParm.dat Configuration

Provisioning This Feature

Provisioning Basics

Starting a Provisioning Session

Saving and Activating Your Provisioning Changes

Ending a Provisioning Session Without Saving Activating Your Changes

Retrieving Provisioning Data

Provisioning Examples

Add a RADIUS Accounting Server as an External Node

Add a RADIUS Accounting Server Signal Path

Add a RADIUS Accounting Server Signal Channel

Retrieve the RADIUS Accounting Server Status

Troubleshooting Provisioning Data

Alarm Troubleshooting Procedures

RADIUS Server Is in OOS State

Command Reference

New MML Commands

PROV-ADD:RAPATH (Release 9.7(3))

PROV-ADD:RASERVER (Release 9.7(3))

RTRV-RASERVER (Release 9.7(3))

Modified MML Commands

PROV-ADD:EXTNODE (Release 9.7(3))

RTRV-DEST—Retrieve Destination (Release 9.7(3))

Software Changes for this Feature

Alarms

New Alarms

XECfgParm.dat Parameter

Billing Interface

NAS-IP-ADDRESS

NAS-Port

Service Type

Called-Station-Id

Calling-Station-Id

NAS-Identifier

Proxy-State

Acct-Status-Type

Acct-Delay-Time

Acct-Session-Id

Acct-Session-Time

Acct-Input-Packets

Connect-Info

h323-incoming-conf-id

subscriber

session-protocol

release-source

alert-timepoint

remote-media-address

in-trunkgroup-label

out-trunkgroup-label

outgoing-area

gk-xlated-cdn

gw-rxd-cdn

gw-final-xlated-cdn

coder-type-rate

vad-enable

round-trip-delay

early-packets

late-packets

lost-packets

cisco-nas-port

h323-conf-id

h323-ivr-out

h323-setup-time

h323-call-origin

h323-call-type

h323-connect-time

h323-disconnect-time

h323-disconnect-cause

h323-voice-quality

h323-gw-id

Components

New Components

External Node Types

Obtaining Documentation, Obtaining Support, and Security Guidelines

Glossary


RADIUS Enhancement for Accounting


Document Release History

Publication Date
Comments

October 16, 2009

Modified version of document.

March 12, 2007

Initial version of the document.


Feature History

Release
Modification

9.7(3)

The RADIUS Enhancement for Accounting feature was introduced on the Cisco MGC software.


This document describes the Remote Authentication Dial-in User Service (RADIUS) Enhancement for Accounting feature.

This feature is described in the following sections:

Feature Overview

Supported Standards, MIBs, and RFCs

Prerequisites for Using this Feature

XECfgParm.dat Configuration Tasks

Provisioning This Feature

Command Reference

Software Changes for this Feature

Obtaining Documentation, Obtaining Support, and Security Guidelines

Glossary

Feature Overview

This feature provides RADIUS interface support on the PGW 2200 for Call Detail Record (CDR) data. CDR data is sent to a preconfigured RADIUS server at the end of the call. CDR data for PSTN-to-IP calls as well as IP-to-PSTN calls is supported. The PGW 2200 can be configured for both RADIUS and normal CRD.

The PGW 2200 generates one RADIUS record for each originating call or terminating call, that is leg 1, leg 2, leg 3, or leg 4. In the call case that traverses a single PGW (Figure 1) or in a Hairpin call (Figure 2), only one originating call and one terminating call are included, therefore only two RADIUS records, leg 1 and leg 4, are sent to the RADIUS server.

Figure 1 Call Traverses a Single PGW

Figure 2 Hairpin Call

For those calls that span PGWs, since two originating calls and two terminating calls are included, four RADIUS records are sent to RADIUS server. See Figure 3.

Figure 3 RADIUS Call Legs in PGW

Generating RADIUS Authentication Records

The Cisco PGW 2200 Softswitch generates one RADIUS authentication record when the RADIUS sigpath is enabled. Table 1 presents the attributes in an authentication record.

Table 1 RADIUS Authentication Record Attributes

Number
IETF Attribute
Description
Value: Example

1

NAS-IP-Address

Specifies the IP address of the network access server that is requesting authentication.

209.165.84.198

2

User-Name

User name

cisco

3

Service-Type

Indicates the type of service requested or the type of service to be provided.

Authentication-Only

4

User-Password

Password of the user

Cisco123


Generating RADIUS Accounting Records

Four RADIUS records are generated for each call, since there are four call legs included in each call. Attributes for each call leg are shown in the following tables:

Leg 1—Answer telephony (see Table 2)

Leg 2—Originate VoIP (see Table 3)

Leg 3—Answer VoIP (Table 4)

Leg 4—Originate Telephony Table 4)

Table 2 Leg 1 Attributes 

Number
IETF Attribute
CDR TAG
Description
Value: Example

4

NAS-IP-Address

Specifies the IP address of the network access server that is requesting authentication. It is the ipaddress of originating the GW.

209.165.84.198

5

NAS-Port

Indicates the physical port number of the network access server that is authenticating the user. It is not useful and is 0 by default.

0

6

Service Type

Indicates the type of service requested or the type of service to be provided.

Login

26

Vendor-Specific

See Table 5.

30

Called-Station Id

4014

Called party number.

1333502

31

Calling-Station-Id

4010

Calling party number.

2333502

32

NAS-Identifier

String identifying the network access server originating the Access-Request. It is not useful and is an empty string by default.

pgw

33

Proxy-State

Attribute that can be sent by a proxy server to another server when the server is forwarding Access-Requests; this must be returned unmodified in the Access-Accept, Access-Reject, or Access-Challenge and removed by the proxy server before the server sends the response to the network access server. It is not useful and is an empty string by default.

pgw

40

Acct-Status-Type

(Accounting) Indicates whether this Accounting-Request marks the beginning of the user service (start) or the end (stop).

Stop

44

Acct-Session-Id

(Accounting) A unique accounting identifier that makes it easy to match start and stop records in a log file. This is a call ID.

80

46

Acct-Session-Time

(Accounting) Indicates how long (in seconds) the user has received service.

74

77

Connect-Info

Indicates the nature of the user's connection. The NAS can send this attribute in an Access-Request or Accounting-Request to indicate the nature of the user's connection.

28800 V42BIS/LAPM


Table 3 Leg 2 Attributes 

Number
IETF Attribute
CDR TAG
Description
Value: Example

4

NAS-IP-Address

Specifies the IP address of the network access server that is requesting authentication. It is the IP address of the originating gateway.

209.165.84.198

5

NAS-Port

Indicates the physical port number of the network access server that is authenticating the user.

0

6

Service-Type

Indicates the type of service requested or the type of service to be provided.

Login

26

Vendor-Specific

See Table 5.

 

30

Called-Station-Id

4014

Called party number.

1333502

31

Calling-Station-Id

4010

Calling party number.

2333502

32

NAS-Identifier

String identifying the network access server originating the Access-Request. It is an empty string by default.

pgw

33

Proxy-State

Attribute that can be sent by a proxy server to another server when the server is forwarding Access-Requests; this must be returned unmodified in the Access-Accept, Access-Reject, or Access-Challenge and removed by the proxy server before the server sends the response to the network access server. It is an empty string by default.

pgw

40

Acct-Status-Type

(Accounting) Indicates whether this Accounting-Request marks the beginning of the user service (start) or the end (stop).

Stop

41

Acct-Delay-Time

(Accounting) indicates how many seconds the client has been trying to send a particular record. It is not useful and is 0 by default.

0

44

Acct-Session-Id

(Accounting) A unique accounting identifier that makes it easy to match start and stop records in a log file.

80

46

Acct-Session-Time

(Accounting) Indicates how long (in seconds) the user has received service.

74

47

Acct-Input-Packets

(Accounting) Indicates how many packets have been received from the port over the course of this service being provided to a framed user.

100

77

Connect-Info

Indicates the nature of the user's connection. The NAS can send this attribute in an Access-Request or Accounting-Request to indicate the nature of the user's connection.

28800 V42BIS/LAPM


Table 4 Leg 3 and Leg 4 Attributes 

Number
IETF Attribute
CDR TAG
Description
Value: Example

4

NAS-IP-Address

Specifies the IP address of the network access server that is requesting authentication. It is the ipaddress of originating gateway.

209.165.84.198

5

NAS-Port

Indicates the physical port number of the network access server that is authenticating the user.

0

6

Service-Type

Indicates the type of service requested or the type of service to be provided.

Login

26

Vendor-Specific

See Table 5.

 

30

Called-Station-Id

4014

Called party number.

1333502

31

Calling-Station-Id

4010

Calling party number.

2333502

32

NAS-Identifier

String identifying the network access server originating the Access-Request. It is an empty string by default.

pgw

33

Proxy-State

Attribute that can be sent by a proxy server to another server when forwarding Access-Requests; this must be returned unmodified in the Access-Accept, Access-Reject, or Access-Challenge and removed by the proxy server before sending the response to the network access server. It is an empty string by default.

pgw

40

Acct-Status-Type

(Accounting) Indicates whether this Accounting-Request marks the beginning of the user service (start) or the end (stop).

Stop

44

Acct-Session-Id

(Accounting) A unique accounting identifier that makes it easy to match start and stop records in a log file.

80

46

Acct-Session-Time

(Accounting) Indicates how long (in seconds) the user has received service.

74

77

Connect-Info

Indicates the nature of the user's connection. The NAS can send this attribute in an Access-Request or Accounting-Request to indicate the nature of the user's connection.

28800 V42BIS/LAPM


Table 5 Supported VSA Subattributes 

Sub-Type
Number
VSA Attribute
CDR Tag
Description
Value: Example

1

h323-incoming-
conf-id

Unique number for identifying a calling session on a gateway, where a session is closed when the calling party hangs up.

3C5AEAB9 95C80008 AF27092C 587F34

1

subscriber

T1/channel associated signaling (CAS) or E1/R2 signal information about a subscriber.

RegularLine

1

session-protocol

Session protocol used for calls between the local and remote routers through IP backbone. Always equal to sip for SIP or Cisco for H.323.

cisco

1

release-source

Indicates whether a call was released by the calling party, called party, or an internal or external source.

1

1

alert-timepoint

4102/4103

Alerting time point.

18:27:30.094 PST Fri Aug 25 2000

1

remote-media-
address

Remote-media gateway IP address.

10.74.57.2

1

in-trunkgroup-label

Contains the trunk group label associated with the group of voice ports from which the incoming time-division multiplexing (TDM) call arrived on the gateway.

2000001

1

out-trunkgroup-label

Trunk-group label associated with the group of voice ports from which the outgoing TDM call leaves on the gateway.

1000000

1

outgoing-area

Gatekeeper identifier, or the destination zone or area, of the outgoing VOIP call.

Egress-zone

1

interface

Same as cisco-nas-port

 

1

gk-xlated-cdn

The gatekeeper presented called number in the ACF RAS message. The GK/GKTMP can modify the called number by appending a prefix or it can be left unchanged.

7324501661

1

gw-rxd-cdn

Called number as received by the gateway in the incoming signaling message before any translation rules are applied.

3048832

1

gw-final-xlated-cdn

Called number to be sent out of the gateway.

3048832

1

coder-type-rate

Negotiated coder rate. Specifies the transmit rate of voice/fax compression to its associated call leg for the call.

g711ulaw

1

vad-enable

Indicates whether or not voice-activity detection (VAD) is enabled for the voice call.1

enable

1

round-trip-delay

Voice packet round-trip-delay, in ms, between the local and remote devices on the IP backbone during the call. 1

2ms

1

early-packets

Number of received voice packets that arrived too early for storage in jitter buffer during the call.1

0

1

late-packets

Number of received voice packets that arrived too late to be played out with codec during the call.1

0

1

lost-packets

Number of voice packets lost during the call.

0

1

h323-ivr-out

User-definable AV pairs sent from the voice gateway to the RADIUS server. You can set (write) the value with a customized Tcl IVR script.

Tariff:Unknown

2

cisco-nas-port

Incoming port identification on NAS or gateway. The syntax is ISDN <slot number>/<subunit number>:<port number>:D:<channel number>. If the gateway has no subunit, this field is '*'. This VSA has the same function as RADIUS attribute 5 and uses strings assigned by Cisco IOS software to its hardware ports.

ISDN 7/0:12:D:21

23

cisco-h323-remote-
address

IP address of the H.323 gateway.

209.165.84.104

24

h323-conf-id

5001

Gives the conference ID.

3C5AEAB9 95C80008 0 587F34

25

h323-setup-time

4003

Indicates the setup time for this connection in Coordinated Universal Time (UTC), formerly known as Greenwich Mean Time (GMT) or Zulu time.

18:27:28.032 UTC Wed Dec 9 1998

26

h323-call-origin

Indicates the origin of the call relative to the gateway. Possible values are originating and terminating (answer).

answer

27

h323-call-type

Indicates call leg type. Possible values are telephony and VOIP.

VOIP

28

h323-connect-time

4005

Indicates the connection time in UTC for this call leg.

18:27:30:094 PST Fri Aug 25 2000

29

h323-disconnect-time

4006/4020

Indicates the time in UTC this call leg was disconnected.

18:27:30.094 PST Fri Aug 25 2000

30

h323-disconnect-
cause

2008/3008

Specifies the reason a connection was taken offline per Q.931 specification.

4

31

h323-voice-quality

Specifies the impairment factor (ICPIF) affecting voice quality for a call.

5

32

h323-gw-id

Indicates the name of the underlying gateway.

bowie.cisco.com, AS5300_5

1 Early-packets, late-packets, round-trip-delay, and vad-enable are not supported because MGX does not send these values to PGW in the way that the IOS gateway does.


Communication with RADIUS Servers

If retransmission of the RADIUS record packets exceeds the defined retry count, PGW regards the IP link between PGW and the RADIUS server as down. In the case, PGW selects another RADIUS server to retransmit those records according to configured order. The server with lowest order is selected as the new primary server. At the same time, the I/O channel controller (IOCC) in the PGW reports the unreachable event to the I/O channel manager (IOCM) and raises a "Radius server unreachable" alarm.

When the RADIUS (RA) IOCC detects recovery of an unreachable RADIUS server, a recover event is sent to IOCM to report recovery in communication with this RADIUS server. IOCM cleans up the "One Radius server unreachable alarm".

If server A is down and the PGW switches to server B, the PGW keeps on communicating with server B even when server A recovers.

If IOCC finds connectivity to all servers is down, an "all connection down" event is sent to IOCM and a "Lost connectivity to all RADIUS servers" alarm is raised. Then IOCM raises a "Radius records need collecting" alarm to tell the operator to copy from RADIUS records. In this situation, IOCC must save all unsent, unacknowledged, and succeeding records to local disk. The file format and location of the records are defined in "Retrieving RADIUS Records from Disk" section.

When RA IOCC detects recovery of either unreachable server, it uses the server as the primary server to send all succeeding records immediately. A recover event is sent to IOCM to report recovery in communication with one RADIUS server. IOCM cleans up the "Lost connectivity to all Radius servers" alarm.

Saving RADIUS Records on Disk

RADIUS records are written on disk in the following situations:

Failover. When failover happens, the RA IOCC on the formerly active PGW writes a RADIUS record in shared memory to disk. If some records are saved, IOCC reports this event to IOCM, Then IOCM raises a "Radius records need collecting" alarm to tell the operator to copy those records from the disk.

Lost connectivity to all RADIUS servers. See the "Communication with RADIUS Servers" section.

Out of memory in IOCC. If IOCC runs out of shared memory, it should save succeeding RADIUS records to local disk to prevent data being lost. The file format is defined in the "Retrieving RADIUS Records from Disk" section. At the same time, a "Radius records need collecting" alarm is raised by the IOCC. After receiving the alarm, the operator copies those local files from the PGW and cleans up the alarm. If shared memory is not full any more, IOCC behaves normally.

Once the records are saved onto a local disk, IOCC does not send them again.

Retrieving RADIUS Records from Disk

The PGW preserves as many RADIUS records as possible during failover. Unsent or unacknowledged records in the PGW that is transitioning from the active host to OOS are written to disk. When a "Radius records need collecting" alarm appears, the operator needs to copy the RADIUS record file from the PGW and then delete them from the PGW. The file is stored at directory /opt/CiscoMGC/var/spool, but it is configurable; you can change it in dmprSink.dat.

The file format is

<prefix>_yyyymmddhhmmss_<number>.csv

<prefix> is defined in dmprSink.dat. <number> is generated as it would be for cdrDmpr. One example is

"radius_20060513123456_000001.csv"

It is defined in dmprSink.dat; the default value is /opt/CiscoMGC/var/spool.

Rules and Restrictions

Basic rule: The PGW generates a RADIUS record for all kinds of call flows.

Some examples are shown below. In the following connections, ( ) denotes the interworking protocol; {}* denotes optional connections that can be repeated zero or more times.

The PGW generates a RADIUS record when either OCC or TCC is released.

Call ends before TCC create, such as invalid B number. One RADIUS record is produced, corresponding to the OCC.

Call ends after TCC create, such as busy, no answer, or released by either side. Two RADIUS records are produced, corresponding to the OCC and TCC respectively.

When one side (OCC or TCC) of a call is destroyed and a new one is created for replacement, RADIUS record matched basic rule above at that moment is produced corresponding to the destroyed side. For example:

For an SS7-H.323 call that is rerouted by the PGW to another SS7 destination, the PGW generates an H.323 record when the call leg releases. The PGW also generates two records at the end of rerouted SS7-SS7 call.

For a H.323-SS7 call that is rerouted by the PGW to another H.323 destination, the PGW generates a SS7 record when the call leg releases. The PGW also generates two records at the end of a rerouted H.323-H.323 call.

The PGW generates RADIUS records for each of the following CDR events: aborted attempt call event, deselected outgoing circuit CDB record, end of a call CDB, interrupted CDB record, or maintenance CDB record

Transfer service is transparent for the PGW; the PGW treats a transferred call normally. If the transferred call goes through the PGW too, the PGW treats it as two separate calls and generates records based on the rules stated above. It does not go through the PGW, the PGW only generates records as normal call For example:

For an SS7-H.323 call that is transferred by H.323 to another SS7 destination, there are two separate calls: SS7-H.323 and H.323-SS7. SS7-H.323 call releases after the H.323-SS7 call releases and records the whole conversation during both calls. The PGW generates two RADIUS records for SS7-H.323 and 2 RADIUS records for H.323-SS7.

For an SS7-H.323 call that is transferred by H.323 to another H.323 destination, there are two separate calls: SS7-H.323 and H.323-H.323. The SS7-H.323 call releases after the H.323-H.323 call releases and records the whole conversation duration of both calls.The PGW generates only two RADIUS records for an SS7-H.323 call for which the called-party number is the first H.323 number. The PGW also generates RADIUS records for an H.323-H.323 call.

Restrictions:

The PGW does not generate RADIUS records for H.323 hairpin calls.

Related Documents

This document contains information that is related to this feature. The documents that contain additional information related to the Cisco Media Gateway Controller (MGC) are at the following url:

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

Supported Standards, MIBs, and RFCs

Standards

No new or modified standards are supported by this feature.

MIBs

No new or modified MIBs are supported by this feature.

For more information on the MIBs used in the Cisco MGC software, see the Cisco Media Gateway Controller Release 9 Management Information Base Guide.

RFCs

This feature supports the following RFCs:

RFC 2865, Remote Authentication Dial-In User Service (RADIUS)

RFC 2866, RADIUS Accounting

RFC 2869, RADIUS Extensions

Prerequisites for Using this Feature

The Cisco PGW 2200 must be running Cisco MGC software Release 9.7(3). Prerequisites for this release can be found in the Release Notes for the Cisco Media Gateway Controller Software Release 9.7(3) at:

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

XECfgParm.dat Configuration Tasks

This section contains the steps necessary for configuration of the Cisco MGC software to support this feature. If you are installing and configuring the Cisco MGC software on your system for the first time, use the procedures in the Cisco Media Gateway Controller Software Release 9 Installation and Configuration Guide, return to this section once you encounter the RADIUS parameters in the XECfgParm.dat file.


Caution Configuration of the Cisco MGC software requires that the system software be shut down. In a simplex system, calls cannot be processed during system shutdown. In a continuous service system, your system loses the ability to maintain calls during a critical event if the system software on one of the PGW hosts is shut down.

To configure the RADIUS values, perform the following steps:


Step 1 If you have not already done so, open the /opt/CiscoMGC/etc/XECfgParm.dat file on the active and standby Cisco PGW hosts using a text editor, such as vi.

Step 2 If you have not already done so, ensure that the pom.dataSync parameter is set to false on the active and standby Cisco PGW hosts.

Step 3 Search for the RADIUS parameters and enter the desired values. See the "XECfgParm.dat Parameter" section for more information on the RADIUS parameters.

a. RadiusAccounting.output = on or off. The default is off.

b. RadiusAccounting.numberPort = # The number of local ports that communicate with the RADIUS server. The range is 10 to 99. The default is 20.

c. RadiusAccounting.smSize = # The size of shared memory in MB. The default is 30. The range is 10 to 199.

Step 4 Save your changes; close the text editor.


Verifying the XECfgParm.dat Changes

To verify the XECfgParm.dat settings for this feature, perform the following steps.


Caution Do not modify the other XECfgParm.dat parameters associated with this feature.


Step 1 Log in to the standby Cisco MGC as root and change directories to the etc subdirectory by entering the following UNIX command:

cd /opt/CiscoMGC/etc 

Step 2 Open the XECfgParm.dat file using a text editor, such as vi.

Step 3 Search for the RADIUS parameters and verify the displayed values. If the value are correct, proceed to Step 4. Otherwise, correct the values and then proceed to Step 4.

Step 4 Save your changes and close the text editor.

Step 5 Manually stop the Cisco MGC software on the standby Cisco MGC by entering the following UNIX command:

/etc/init.d/CiscoMGC stop

Step 6 Once the software shutdown is complete, manually start the Cisco MGC software on the standby Cisco MGC by entering the following command:

/etc/init.d/CiscoMGC start

Step 7 Log in to the active Cisco MGC, start an MML session, and enter the following command:

mml> sw-over::confirm

Alarms are automatically set until the out-of-service (OOS) Cisco MGC host is returned to an in-service (IS) state.

Step 8 Repeat steps 1 through 7 for the newly standby Cisco MGC host. Once you have verified the settings on both hosts, the procedure is complete.


Configuration Examples

This section provides a configuration example for the XECfgParm.dat parameter associated with this feature. Additional configuration examples for the Cisco MGC software can be found in the Cisco Media Gateway Controller Software Release 9 Installation and Configuration Guide at

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

# Radius Accounting Parameters 
#-------------------------------- 
RadiusAccounting.output = off 
RadiusAccounting.numberPort = 20 
RadiusAccounting.smSize = 30 

Troubleshooting the XECfgParm.dat Configuration

Check Platform.log error information for ra-1 using the keywords "Error" and "ra-1".

For example:

The following error information indicates that the RadiusAccounting.numberPort in XECfgParm.dat is not large enough, and you should increase the number:

"raSigPath::isFdIdChanIdUsed(), local port number is not enough, you had better 
increase it in XECfgParm.dat"

The following error information indicates that the RadiusAccounting.smSize in XECfgParm.dat is not large enough, and you should increase the size:

"raSigPath::procEngineIDU(),No share memory for incoming message, transId:", if you 
see this error information, that indicate RadiusAccounting.smSize in XECfgParm.dat is 
not big enough, just increase it as section XECfgParm.dat shows.

Provisioning This Feature

You must start a provisioning session to enable this feature. See the Cisco Media Gateway Controller Software Release 9 Provisioning Guide for details on how to start a provisioning session.

Provisioning Basics

The procedures in this section describe how to start a provisioning session and how to save and activate the changes you have made.

Starting a Provisioning Session

Saving and Activating Your Provisioning Changes

Ending a Provisioning Session Without Saving Activating Your Changes

Retrieving Provisioning Data

For more detailed information about provisioning your Cisco MGC, refer to the Cisco Media Gateway Controller Software Release 9 Provisioning Guide.

Starting a Provisioning Session

You may need to start a provisioning session as part of your system operations. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-sta::srcver="curr_ver",dstver="mod_ver"

Where:

curr_ver—The name of the current configuration version. In place of the name of the current configuration version, you can also enter:

new—A new default session configuration; no existing source configuration is available.

active—Selects the active configuration as the source for configuration changes.


Note If you do not know the name of your current configuration session, you can use the procedure described in the "Retrieving Data on the Current Provisioning Session" section ".


mod_ver—A new configuration version name that contains your provisioning changes.

For example, to use a configuration version called ver1 as the basis for a version to be called ver2, you would enter the following command:

prov-sta::srcver="ver1",dstver="ver2"

Once a provisioning session is underway, you can use the prov-add, prov-ed, or prov-dlt MML command to add, modify, or delete components on your system. This document describes how to provision this feature. For more information on provisioning other components on your Cisco MGC, refer to the Cisco Media Gateway Controller Software Release 9 Provisioning Guide.

There are two ways to close your provisioning session: saving and activating your provisioning changes, as described in the "Saving and Activating Your Provisioning Changes" section or ending your provisioning session without saving and activating your changes, as described in the "Ending a Provisioning Session Without Saving Activating Your Changes" section.

Saving and Activating Your Provisioning Changes

When you have completed making provisioning changes in your session, you must enter a command to save and activate your changes. There are two different provisioning MML commands that do this: prov-cpy and prov-dply.


Caution Using the prov-cpy and prov-dply MML commands can severely impact your system's call processing performance, depending on the extent of your provisioning changes. We recommend that these commands be issued during a maintenance window when traffic is minimal.

The prov-cpy MML command is used to save and activate your changes on simplex Cisco MGC (single host) systems.


Note When you enter the prov-cpy command, your provisioning session is also automatically ended. If you want to make additional provisioning changes, you must start a new provisioning session as described in the "Provisioning Basics" section.



Caution Do not use the prov-cpy command to save and activate your changes on a continuous-service Cisco MGC (active and standby hosts) system. Saving and activating changes using prov-cpy on such a system requires use of the prov-sync MML command to synchronize the provisioning data on the active and standby hosts. The system does not indicate when the synchronization process fails, which creates problems when a switchover operation occurs.

The prov-dply MML command is used to save and activate your changes on the active and standby
Cisco MGCs in a continuous-service system. This command should not be used on a Cisco MGC in a simplex configuration.


Note When you enter the prov-dply command, your provisioning session is also automatically ended, unless an error occurs during execution. If you want to make additional provisioning changes, you must start a new provisioning session, as described in the "Starting a Provisioning Session" section.


Ending a Provisioning Session Without Saving Activating Your Changes

If you want to end a provisioning session without saving and activating the changes you have entered, enter the prov-stp MML command. This command ends your current provisioning session and your changes are not committed.

Retrieving Provisioning Data

You can use the prov-rtrv MML command to retrieve information about your current provisioning settings. The ways you can use this command to retrieve provisioning data are described in the following sections:

Retrieving Data for an Individual Component

Retrieving Data for All Components

Retrieving Data for All Components of a Particular Type

Retrieving Data on the Current Provisioning Session

Retrieving Data on Supported Signaling Protocols

Retrieving Data for an Individual Component

You can retrieve provisioning data on any individual component in your system. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-rtrv:component:name=MML_name

Where:

component—The MML component type associated with the desired component. You can find a complete list of MML component types in the Cisco Media Gateway Controller Software Release 9 Provisioning Guide.

MML_name—The MML name for the desired component. You can determine the MML names for the various components using the prov-rtrv:all MML command.

For example, to view the provisioning data for an SS7 signaling service called ss7svc1, you enter the following command:

prov-rtrv:ss7path:name="ss7svc1"

The response to the command is dependent upon the component type associated with the desired component. For example, to view the properties for an SUA routing key called suakey1, you enter the following command:

prov-rtrv:suakey:name="suakey1"

Retrieving Data for All Components

You can retrieve data on all of the components provisioned on your system. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-rtrv:all

Retrieving Data for All Components of a Particular Type

You can retrieve provisioning data on all components of a particular type on your system. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-rtrv:component:"all"

Where component is the MML component type associated with the desired component group. You can find a complete list of MML component types in the Cisco Media Gateway Controller Software Release 9 Provisioning Guide.

For example, to view the provisioning data for all SS7 signaling services, you would enter the following command:

prov-rtrv:ss7path:"all"

Retrieving Data on the Current Provisioning Session

You can retrieve provisioning data on the current provisioning session. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-rtrv:session

The system returns a response similar to the following:

MGC-02 - Media Gateway Controller 2003-01-13 13:39:19
M RTRV
   "session=jtest:session"
   /*
Session ID = mml1
SRCVER = active
DSTVER = jtest
   */

Retrieving Data on Supported Signaling Protocols

You can retrieve protocol data on supported signaling protocols. To do this, log in to the active Cisco MGC, start an MML session, and enter the following command:

prov-rtrv:variants

Provisioning Examples

This section lists the provisioning examples for the RADIUS accounting feature.

Add a RADIUS Accounting Server as an External Node

In an open provisioning session, enter the following command to define a RADIUS server as an external node:

Mml> prov-add:EXTNODE:NAME="ranode",TYPE="RACLUSTER",DESC="Radius accounting server 
cluster"

Add a RADIUS Accounting Server Signal Path

In an open provisioning session, enter the following command to define a communication path to a RADIUS accounting server cluster. Each cluster is made up of one or multiple RADIUS servers.

Mml> prov-add:RAPATH:NAME="racluster",DESC="Radius accounting server 
cluster",EXTNODE="ranode"

Add a RADIUS Accounting Server Signal Channel

In an open provisioning session, enter the following commands to define a signal channel to the RADIUS accounting server. This command also associates a RADIUS accounting signal path to this channel.

Mml> prov-add:RASERVER:NAME="raserver1", DESC="radius accounting server1",SVC="racluster", 
IPADDR=" IP_Addr1",PORT=1660,PEERADDR="10.74.50.170", PEERPORT=1660,IPROUTE=",ORDER=1, 
KEY="Cisco-h323",TIMEOUT=5,RETRYCOUNT=2, 
username="Cisco",password="cisco123",authport=1661

Mml> prov-add:RASERVER:NAME="raserver2", DESC="radius accounting server2",SVC="racluster", 
IPADDR=" IP_Addr1",PORT=1660,PEERADDR="10.74.50.171", PEERPORT=1660, IPROUTE=",ORDER =2, 
KEY="Cisco-h323",TIMEOUT=10,RETRYCOUNT=4, 
username="Cisco",password="cisco123",authport=1661

Retrieve the RADIUS Accounting Server Status

In an open provisioning session, enter the following command to display the status of one or more RADIUS servers. Only one RADIUS server can be in service.

rtrv-raserver:raserver1

Troubleshooting Provisioning Data

For more information on troubleshooting the rest of the Cisco MGC software, refer to the Cisco Media Gateway Controller Software Release 9 Operations, Maintenance, and Troubleshooting Guide.

The following sections contain troubleshooting procedures related to provisioning:

Alarm Troubleshooting Procedures

Here are some procedures for resolving alarms that are triggered due to mistakes in the provisioning of the feature. See the "Alarms" section for a list of the alarms generated.

Use rtrv-dest:<rapath name> to check the RADIUS accounting signaling path state. If rapath is OOS, that indicates that all the RADIUS servers are down. Check the IP connection for each RADIUS server.

Use rtrv-raserver:<server name> or rtrv-raserver:all to check the RADIUS accounting server state. If one RADIUS server is OOS, that indicates that the server is unreachable, either because it is overloaded or because the IP connection to it is down.

Use rtrv-alms to check the current alarms.

RADIUS Server Is in OOS State

If the RADIUS server is in OOS state, use snoop or ethereal to catch the packet and check whether the response for a RADIUS request packet is received. If it is not received, check the network connection or the RADIUS server's status. If there is a response, the radius server will be in IS in a short time.

There are three cases for a RADIUS server being OOS because the configuration of the PGW is not consistent with that on the RADIUS server:

The IP address of the PGW is not configured in an AAA client on the RADIUS server.

The peerport in the RADIUS server configuration is not correct. It should be the RADIUS accounting port number to which the RADIUS server is listening. Commonly, the port RADIUS server used is 1646 or 1813, according to the RFC.

The key in the RADIUS server configuration is not correct. It should be the same as the one that is configured on the RADIUS server for this PGW client. For example, if the key of an AAA client configuration on a RADIUS server is "Cisco-h323", it must be also "Cisco-h323" for the RADIUS server configuration on the PGW.

Command Reference

This section documents new, modified, or deleted Man-Machine Language (MML) commands. All other MML commands are documented in the Cisco Media Gateway Controller Software Release 9 MML Command Reference Guide:

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

New MML Commands

This section contains the MML commands that are new for this feature.

PROV-ADD:RAPATH (Release 9.7(3))

Purpose:

This MML command adds a RADIUS accounting server signal path.

Syntax:

prov-add:rapath:name=sigpath,desc=description,extnode=ra-name

Input Description:

sigpath—The MML name of the RADIUS accounting server signal path. Enter an alphanumeric value up to 20 characters in length that starts with an alphabetic character.

description—An assigned name. It can be as many as 128 alphanumeric characters in length.

ra-name—The MML name of a previously defined external node.

Output Description:

COMPLD—Provision succeeds

DENY— Provision fails

Example:

mml> prov-rtrv:rapath:name=''racluster1'' 

MGC-01 - Media Gateway Controller 2006-11-22 02:31:57.559 EST 
M RTRV 
''session=radius-magnolia:rapath'' 
/* 
NAME = racluster1 
DESC = Radius accounting server cluster 
EXTNODE = ranode1 
*/ 

Comments:

The following rules apply when creating, deleting, or editing of the rapath:

Only one rapath is allowed. This check is done at the add operation.

The rapath cannot be edited.

A racluster type extnode must be added before the rapath can be added. This check is done at the add rapath operation.

A raserver must be defined when rapath is defined. This check is done at prov-cpy time.

All raservers that are associated with rapath must be deleted before a rapath can be deleted. This check is done at the rapath delete operation.


PROV-ADD:RASERVER (Release 9.7(3))

Purpose:

This MML command adds a RADIUS accounting server.

Syntax:

prov-add:raserver:name=server-name, desc=description,svc=sigpath, 
ipaddr=local-address,port=local-port,peeraddr=ra-address, 
peerport=ra-port, [iproute=iproute],order=order, 
key=key,[timeout=timeout],[retrycount=retrycount], 
[username=username],[password=password],[authport=ra-auth-port]

Input Description:

server-name—The name of the RADIUS server.

description—An assigned name. It can be as many as 128 alphanumeric characters in length.

sigpath—The name of RAPATH (RADIUS Accounting Server Signal Path). The raserver component supports this command and associates a RADIUS accounting sigpath to this channel.

local-address—The local IP address of the MGC.

local-port—The local port number.

ra-address—One IP address of the RADIUS server, expressed in dot notation.

ra-port—The remote port number of the RADIUS server.

iproute—The MML name of a previously defined IP route. This is an optional parameter.

order—Order is the order of the server as primary server. The range is 1 to 99. The order with the lowest value is selected as primary server. PGW does not allow equal order and displays an error to prevent a provision of same order. This check is done when a raserver is added.

key—The shared key for encryption used for this server. The length of the key is 1 to 20. Alphanumerics and dashes are allowed. The key must start with a character.

timeout—Timeout is the duration in seconds before the RADIUS packet is retransmitted. Timeout is equal to or greater than 1.This is an optional parameter.

retrycount—Retrycount is the number of times that PGW retransmits a packet before giving up. The range is 1 to 10. The default value is 2. This is an optional parameter.

username—Username is the user name provisioned on RADIUS server. This is an optional parameter.

password—Passord is the user password provisioned on RADIUS server. This is an optional

parameter.

authport—Authport is the authentication port number of the RADIUS server. This is an optional parameter.

Output Description:

COMPLD—Provision succeeds

DENY—Provision fails

Example:

prov-rtrv:raserver:name="raserver1" 

MGC-01 - Media Gateway Controller 2006-11-22 02:30:05.403 EST 
M RTRV 
"session=radius-magnolia:raserver"
/* 
NAME = raserver1 
DESC = radius accounting server1 
SVC = racluster1 
IPADDR = IP_Addr2 
PORT = 9595 
PEERADDR = 10.74.50.171 
PEERPORT = 1646 
IPROUTE = 
ORDER = 1 
KEY = Cisco-h323 
TIMEOUT = 5 
RETRYCOUNT = 2 
USERNAME = Cisco
PASSWORD = Cisco123
AUTHPORT = 1647
*/ 

Comments:

The following rules apply when you are creating, deleting, or editing a RASERVER:

The maximum number of RASERVERs is 5.

RAPATH must be added before RASERVER can be added. This is checked at the add RASERVER operation.

To delete the only RASERVER, you must also delete the RAPATH. This is checked at the prov-cpy or prov-dply time.

For you to add or edit the second RASERVER, the PORT must match the port for the first RASERVER. This is checked at the add/edit RASERVER operation.

The PGW uses PORT from <local-port> to <local-port + <number of port>>.

The Operator must try to prevent PORT conflict from <local-port> to <local-port + <number of port>>

IPADDR, PORT, PEERADDR, PEERPOT, ORDER, KEY, TIMEOUT, and RETRYCOUNT are mandatory. IPROUTE is optional.


RTRV-RASERVER (Release 9.7(3))

Purpose:

This MML command displays the status of one or more RADIUS servers. Only one RADIUS server can be in service at any given time.

Syntax:

rtrv-raserver:name=server-name

Input Description:

server-name—The name of the RADIUS accounting server for which you want to display status.

Output Description:

IS—In service

IS—Off duty

OOS—Out of service

Example:

mml> rtrv-raserver:raserver1
MGC-13 - Media Gateway Controller 2006-08-30 14:42:10
M RTRV
   	"raserver1, ST=IS "
   	;
           mml> rtrv-raserver:all
MGC-13 - Media Gateway Controller 2003-08-30 14:42:10
M  RTRV
   	"raserver1, ST=IS"
   	"raserver2, ST=IS,OFF_DUTY" 
   	;


Modified MML Commands

This section contains the MML commands that are modified for this feature.

PROV-ADD:EXTNODE (Release 9.7(3))

Purpose:

This MML command adds a RADIUS accounting server as an external node.

Syntax:

prov-add:extnode:name=ra-name,type="racluster",desc=<description>

Input Description:

ra-name—The MML name of the external node. Enter an alphanumeric value up to 20 characters in length that starts with an alphabetic character.

racluster—The RACLUSTER external node type.

description—Description of the external node. Enter a value up to 128 characters in length.

Example:

prov-rtrv:extnode:name="ranode1" 

MGC-01 - Media Gateway Controller 2006-11-22 02:26:30.736 EST 
M RTRV 
''session=radius-magnolia:extnode'' 
/* 
NAME = ranode1 
DESC = notSet 
TYPE = RACLUSTER 
ISDNSIGTYPE = N/A 
GROUP = 0 
*/ 

Comments:

Only one racluster type extnode is supported. This is checked at the add operation.


RTRV-DEST—Retrieve Destination (Release 9.7(3))

Purpose:

This MML command retrieves information about one or more destinations.

Syntax:

rtrv-dest:sigpath
rtrv-dest:all

Input Description:

sigpath—The name of the rapath.

all—Displays information about all external point codes and signal paths.

Output Description:

SIGPATH—Signal path.

PKG—Protocol family.

ASSOC—Associated channels.

UNK—Unknown.

SWITCHED—The destination is switched, not associated.

<CHANNEL>—The channel with which the destination is associated.

PST—Primary state.

AOOS—The system has taken it out of service.

INB—Installed busy (resource has been created but not yet commanded IS or OOS by means of the SET-DEST-STATE command).

IS—In service.

MOOS—Manually taken out of service.

OOS—Out of service.

TRNS—Transient; the state is currently being changed.

UNK—Unknown.

SST—Secondary State.

UND—Undefined.

CRTE—Created.

DLT—Deleted.

CIS—Commanded in service.

COOS—Commanded out of service.

FLD—Failed.

RSTO—Restored.

RST—Reset.

CONG—Congestion.

FOOS—Forced out of service.

CINH—Commanded to the inhibited state.

CUINH—Commanded to the uninhibited state.

CEA—Commanded into emergency alignment.

EIS—Engine in service.

EOOS—Engine out of service.

Examples:

The MML command shown in the following example retrieves the destination of racluster signal path:

mml> RTRV-DEST:racluster1
   MGC-01 - Media Gateway Controller 2006-08-08 13:06:29
M RTRV
"racluster1:PKG=MGCP,ASSOC=SWITCHED,PST=IS,SST=RSTO"

Comments:

Performance impact category: C

This command supports wildcarding.


Software Changes for this Feature

The following section contains software changes related to this feature:

Alarms

XECfgParm.dat Parameter

Billing Interface

Proxy-State

External Node Types

Alarms

This section lists the alarms that are added or modified to support this feature. For information on the other alarms for the Cisco MGC software, see the Cisco Media Gateway Controller Software Release 9 Messages Reference Guide

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

The alarms that are added for this feature are listed below.

New Alarms

Lost connectivity to all RADIUS servers

Description

All RADIUS servers are unreachable after several retry actions.

Severity

Major (service affecting)

Cause

All RADIUS servers are unreachable after trying several times.

Type

Communication alarm.

Action

Check network traffic and get RADIUS servers up. Log in to the PGW to copy RADIUS files and delete them.

RADIUS records need collecting

Description

Unsent or unack records were saved locally and need collecting.

Severity

Informational (non-service affecting)

Cause

This alarm occurs when failover happens, when connectivity is lost to all servers, or when the shared memory in IOCC is used up.

Type

Processing error alarm.

Action

Log in to the PGW to manually copy RADIUS files and delete them soon. After that, clean up the alarms on your SNMP server.

This alarm notifies you that some records are left in the PGW. It does not display in rtrv-alms. The PGW does not clean up the alarms.

RADIUS server unreachable

Description

RADIUS server is unreachable after several retry actions.

Severity

Potentially service affecting.

Cause

RADIUS server is unreachable after trying several times.

Type

Communication alarm.

Action

Check network traffic and get RADIUS server up.

XECfgParm.dat Parameter

The XECfgParm.dat file configuration parameters added for this feature are in Table 6. For information on the other XECfgParm.dat parameters, see the Cisco Media Gateway Controller Software Release 9 Installation and Configuration Guide at

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

Table 6 XECfgParm.dat Configuration Parameter

Configuration Parameter
Definition

RadiusAccounting.output =

RADIUS output flag. The values are on or off. The default is off.

RadiusAccounting.numberPort =

The number of local ports to communicate with the RADIUS server. One port is used for 256 records. The range is 10 to 99. The default is 20.

This port is configured as: RadiusAccounting.numberPort = (2 x cps x (timeout x (retryCount+1)) /256) +1

For example, if the PGW is 160 CPS, there are 320 RADIUS records per second. If retry count is 2 and the time-out is 5 seconds, there are 4800 records in the queue before there is a switch to another RADIUS server. One port is used for 256 records. So 20 ports are enough for communication.

RadiusAccounting.smSize =

The size of shared memory in MB. The range is between 10 and 199. The default is 30.

Be careful when changing the size. If the size is reduced, the records in shared memory might be lost.

This size is configured as RadiusAccounting.smSize= (2x cps x (timeout x (retryCount+1)) x size of (RADIUS record) / (1024 x 1024) * (number of RADIUS server)

For example, you can use the following method to roughly estimate the size. If the PGW is 160 CPS, considering 4096 bytes for each record at the maximum, there are 320 RADIUS records and 1280K memory at the maximum is used each second. If the retry count is 2 and time-out is 5, 19M memory is used at the maximum. If there are 3 servers in the cluster, total memory can be 57M before a "Lost connectivity to all servers" alarm is raised.


Billing Interface

This section identifies the call detail record (CDR) data added for this feature. For billing interface information for the rest of the Cisco MGC software, see the Cisco Media Gateway Controller Software Release 9 Billing Interface Guide at

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

NAS-IP-ADDRESS

Table 7 NAS-IP-ADDRESS

Name: NAS-IP-ADDRESS

RADIUS IETF Tag: 4

Source: IOCC

Description/Purpose: Specifies the IP address of the network access server that is requesting authentication.

Format: Integer

Length in Octets: 4

Data Value: Integer

Example: 0x0a4a39b4

Extended Data Value: No extended value.

General Information: This attribute indicates the identifying IP address of the NAS which is requesting authentication of the user, and should be unique to the NAS within the scope of the RADIUS server.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


NAS-Port

Table 8 NAS-Port

Name: NAS-Port

RADIUS IETF Tag: 5

Source: IOCC

Description/Purpose: Indicates the physical port number of the network access server that is authenticating the user.

Format: Integer

Length in Octets: 4

Data Value: The value of the port.

Example: 0

Extended Data Value: No extended value.

General Information: This attribute indicates the physical port number of the NAS that is authenticating the user. (This is using "port" in its sense of a physical connection on the NAS, not in the sense of a TCP or UDP port number.)

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Service Type

Table 9 Service Type

Name: Service Type

RADIUS IETF Tag: 6

Source: MDL

Description/Purpose: Indicates the type of service requested or the type of service to be provided.

Format: Integer

Length in Octets: 4

Data Value: Integer

1 Login

2 Framed

3 Callback login

4 Callback framed

5 Outbound

6 Administrative

7 NAS prompt

8 Authenticate Only

9 Callback NAS prompt

10 Call check

11 Callback administrative

Example: 1

Extended Data Value: No extended value.

General Information: This attribute indicates the type of service the user has requested, or the type of service to be provided. It can be used in both Access-Request and Access-Accept packets. A NAS is not required to implement all of these service types, and must treat unknown or unsupported Service-Types as though an Access-Reject had been received instead.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Called-Station-Id

Table 10 Called-Station-Id

Name: Called-Station-Id

RADIUS IETF Tag: 30

Source: MDL

Description/Purpose: Called party number

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: 1333502

Extended Data Value: No extended value.

General Information: Called party number.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Calling-Station-Id

Table 11 Calling-Station-Id

Name: Calling-Station-Id

RADIUS IETF Tag: 31

Source: MDL

Description/Purpose: Calling party number

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: 134567

Extended Data Value: No extended value.

General Information: Calling party number.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


NAS-Identifier

Table 12 NAS-Identifier

Name: NAS-Identifier

RADIUS IETF Tag: 32

Source: IOCC

Description/Purpose: String identifying the network access server originating the request.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: pgw

Extended Data Value: No extended value.

General Information: This attribute contains a string identifying the network access server originating the request.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Proxy-State

Table 13 Proxy-State

Name: Proxy-State

RADIUS IETF Tag: 33

Source: IOCC

Description/Purpose: Attribute that can be sent by a proxy server to another server when forwarding requests.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: pgw

Extended Data Value: No extended value.

General Information: Attribute that can be sent by a proxy server to another server when forwarding Access-Requests; this must be returned unmodified in the Access-Accept, Access-Reject, or Access-Challenge and removed by the proxy server before the server sends the response to the network access server.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Acct-Status-Type

Table 14 Acct-Status-Type

Name: Acct-Status-Type

RADIUS IETF Tag: 40

Source: MDL

Description/Purpose: Indicates the status of this Accounting-Request.

Format: Integer

Length in Octets: 4

Data Value: Integer

1 Start

2 Stop

3 Interim-Update

7 Accounting-On

8 Accounting-Off

9-14 Reserved for Tunnel Accounting

15 Reserved for Failed

Example: 2

Extended Data Value: No extended value.

General Information: Indicates whether this Accounting-Request marks the beginning of the user service (start) or the end (stop).

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Acct-Delay-Time

Table 15 Acct-Delay-Time

Name: Acct-Delay-Time

RADIUS IETF Tag: 41

Source: IOCC

Description/Purpose: Indicates how many seconds the client has been trying to send a particular record.

Format: Integer

Length in Octets: 4

Data Value: Integer

Example: 0

Extended Data Value: No extended value.

General Information: Indicates how many seconds the client has been trying to send a particular record for, and can be subtracted from the time of arrival on the server to find the approximate time of the event generating this Accounting-Request.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Acct-Session-Id

Table 16 Acct-Session-Id

Name: Acct-Session-Id

RADIUS IETF Tag: 44

Source: Engine

Description/Purpose: A unique accounting identifier that makes it easy to match start and stop records in a log file.

Format: IA5 (string)

Length in Octets: 1-10

Data Value: String

Example: "80"

Extended Data Value: No extended value.

General Information: A unique accounting identifier that makes it easy to match start and stop records in a log file. The start and stop records for a given session must have the same Acct-Session-Id. An accounting-request packet must have an Acct-Session-Id. An access-request packet can have an Acct-Session-Id; if it does, then the NAS must use the same Acct-Session-Id in the Accounting-Request packets for that session.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Acct-Session-Time

Table 17 Acct-Session-Time

Name: Acct-Session-Time

RADIUS IETF Tag: 46

Source: MDL

Description/Purpose: Indicates how long (in seconds) the user has received service.

Format: Integer

Length in Octets: 4

Data Value: Integer

Example: 80

Extended Data Value: No extended value.

General Information: This attribute indicates how many seconds the user has received service and can be present in Accounting-Request records only where the Acct-Status-Type is set to Stop.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Acct-Input-Packets

Table 18 Acct-Input-Packets

Name: Acct-Input-Packets

RADIUS IETF Tag: 47

Source: MDL

Description/Purpose: Indicates how many packets have been received from the port over the course of this service being provided to a user.

Format: Integer

Length in Octets: 4

Data Value: Integer

Example: 100

Extended Data Value: No extended value.

General Information: Indicates how many packets have been received from the port over the course of this service being provided to a user.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Connect-Info

Table 19 Connect-Info

Name: Connect-Info

RADIUS IETF Tag: 77

Source: IOCC

Description/Purpose: Indicate the nature of the user's connection.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "28800 V42BIS/LAPM"

Extended Data Value: No extended value.

General Information: Indicate the nature of the user's connection. The NAS might send this attribute in an Access-Request or Accounting-Request to indicate the nature of the user's connection.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-incoming-conf-id

Table 20 h323-incoming-conf-id

Name: h323-incoming-conf-id

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Unique number for identifying a calling session on a gateway, where a session is closed when the calling party hangs up.

Format: IA5 (string)

Length in Octets: 32

Data Value: String

Example: "3C5AEAB9 95C80008 AF27092C 587F34"

Extended Data Value: No extended value.

General Information: Unique number for identifying a calling session on a gateway, where a session is closed when the calling party hangs up. It is used to do the following:

Match the outbound and inbound call legs for a session on a particular gateway

Collect and match all records for multiple calls placed (within the bounds of a session) on the gateway

The value used for legs 1 and 2 on the originating gateway can differ from that for legs 3 and 4 on a terminating gateway. The h323-incoming-conf-id is different from h323-conf-id. For example, the h323-incoming-conf-id value remains the same in the start/stop records for long pound calls.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


subscriber

Table 21 subscriber

Name: subscriber

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: T1/channel-associated signaling (CAS) or E1/R2 signal information about a subscriber.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "RegularLine"

Extended Data Value: No extended value.

General Information: T1/channel-associated signaling (CAS) or E1/R2 signal information about a subscriber.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


session-protocol

Table 22 session-protocol

Name: session-protocol

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Session protocol used for calls between the local and remote router through IP backbone.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: other

cisco

h323

multicast

sipv2

sdp

frf11-trunk

cisco-switched

MarsAnalog

C1000Isdn

aal2-trunk

Extended Data Value: No extended value.

General Information: Session protocol used for calls between the local and remote routers through the IP backbone. Always equal to "sip" for SIP or "cisco" for H.323.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


release-source

Table 23 release-source

Name: release-source

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Indicates whether a call was released by a calling party, a called party, or an internal or external source.

Format: Integer

Length in Octets: 1-2

Data Value:

1 Calling party located in PSTN

2 Calling party located in VoIP network

3 Called party located in PSTN

4 Called party located in VoIP network

5 Internal release in POTS leg

6 Internal release in VOIP leg

7 Internal call-control application (Tcl or VoiceXML script)

8 Internal release in VoIP AAA

9 Console command line (CLI or MML)

10 External RADIUS server

11 External network management application

12 External call control agent

Extended Data Value: No extended value.

General Information: Indicates whether a call was released by a calling party, a called party, or an internal or external source.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


alert-timepoint

Table 24 alert-timepoint

Name: alert-timepoint

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Alerting timepoint.

Format: IA5 (string)

Length in Octets: 1-96

Data Value:

Time in NTP format: hours, minutes, seconds, microseconds, time_zone, day, month, day_of_month, year.

hh:mm:ss:mmm ZON DDD MMM ## YYYY

Example: "18:27:30.094 PST Fri Aug 25 2000"

Extended Data Value: No extended value.

General Information: Alerting time point.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


remote-media-address

Table 25 remote-media-address

Name: remote-media-address

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: This is the remote-media gateway IP address.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "100.100.100.100"

Extended Data Value: No extended value.

General Information: Remote-media gateway IP address.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


in-trunkgroup-label

Table 26 in-trunkgroup-label

Name: in-trunkgroup-label

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: The trunk group label associated with the group of voice ports.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "2000001"

Extended Data Value: No extended value.

General Information: Contains the trunk group label associated with the group of voice ports from which the incoming time-division multiplexing (TDM) call arrived on the gateway.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


out-trunkgroup-label

Table 27 out-trunkgroup-label

Name: out-trunkgroup-label

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: The trunk group label associated with the group of voice ports.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "1000000"

Extended Data Value: No extended value.

General Information: Trunk-group label associated with the group of voice ports on the gateway from which the outgoing TDM call leaves.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


outgoing-area

Table 28 outgoing-area

Name: outgoing-area

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Gatekeeper identifier, or the destination zone or area of the outgoing Voice over IP (VoIP) call.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "Egress-zone"

Extended Data Value: No extended value.

General Information: Gatekeeper identifier, or the destination zone or area of the outgoing VoIP call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


gk-xlated-cdn

Table 29 gk-xlated-cdn

Name: gk-xlated-cdn

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: The gatekeeper-presented called number in the Advanced Communications Function (ACF) Registration, Admission, and Status Protocol (RAS) message.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "7324501661"

Extended Data Value: No extended value.

General Information: The gatekeeper-presented called number in the ACF RAS message. The GK/GKTMP can modify the called number by appending a prefix or by leaving it unchanged.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


gw-rxd-cdn

Table 30 gw-rxd-cdn

Name: gw-rxd-cdn

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Called number received by the gateway in the incoming signaling message before any translation rules are applied.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "3048832"

Extended Data Value: No extended value.

General Information: Called number received by the gateway in the incoming signaling message before any translation rules are applied.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


gw-final-xlated-cdn

Table 31 gw-final-xlated-cdn

Name: gw-final-xlated-cdn

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Called number to be sent out of the gateway.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "3048832"

Extended Data Value: No extended value.

General Information: Called number to be sent out of the gateway.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


coder-type-rate

Table 32 coder-type-rate

Name: coder-type-rate

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Negotiated coder rate.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

g729r8

g729br8

g729ar8

g729abr8

g729br8

g726r16

g726r24

g726r32

g711alaw

g711ulaw

g728

g723r63

g723r53

g723ar63

g723ar53

clear-channel

gismo

gossamer

gossamer

transparent

no-upspeed

voice

none

Example: g711ulaw

Extended Data Value: No extended value.

General Information: Negotiated coder rate. Specifies the transmit rate of voice or fax compression to its associated call leg for the call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


vad-enable

Table 33 vad-enable

Name: vad-enable

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: Whether or not voice-activity detection (VAD) is enabled for the voice call.

Format: IA5 (string)

Length in Octets: 6-7

Data Value: String

Enable

Disable

Example: "enable"

Extended Data Value: No extended value.

General Information: Whether or not VAD is enabled for the voice call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


round-trip-delay

Table 34 round-trip-delay

Name: round-trip-delay

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: Voice-packet round-trip delay, in ms, between the local and remote device on the IP backbone during the call.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

## ms

Example: 2 ms

Extended Data Value: No extended value.

General Information: Voice packet round-trip-delay, in ms, between the local and remote devices on the IP backbone during the call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


early-packets

Table 35 early-packets

Name: early-packets

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: Number of received voice packets that arrived too early to be stored in a jitter buffer during the call.

Format: IA5 (string)

Length in Octets: 1-10

Data Value: String

Example: "0"

Extended Data Value: No extended value.

General Information: Number of received voice packets that arrived too early to be stored in a jitter buffer during the call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


late-packets

Table 36 late-packets

Name: late-packets

Cisco VSA Tag: 1

Source: Engine

Description/Purpose: Number of received voice packets that arrived too late to be played out with a codec during the call.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "0"

Extended Data Value: No extended value.

General Information: Number of received voice packets that arrived too late to be played out with a codec during the call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


lost-packets

Table 37 lost-packets

Name: lost-packets

Cisco VSA Tag: 1

Source: MDL

Description/Purpose: Number of voice packets lost during the call.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "0"

Extended Data Value: No extended value.

General Information: Number of voice packets lost during the call.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


cisco-nas-port

Table 38 cisco-nas-port

Name: cisco-nas-port

Cisco VSA Tag: 2

Source: Engine

Description/Purpose: Incoming port identification on NAS or gateway.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

signaling type controller: timeslot group/control channel: bearer channel

Example: "BRI 0/0:1"

Extended Data Value: No extended value.

General Information: Incoming port identification on NAS or gateway. The syntax is as follows:

signaling type controller: timeslot group/control channel: bearer channel

This VSA has the same function as RADIUS attribute 5 and uses strings assigned by Cisco IOS software to its hardware ports.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-conf-id

Table 39 h323-conf-id

Name: h323-conf-id

Cisco VSA Tag: 24

Source: MDL

Description/Purpose: Gives the conference ID.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "3C5AEAB9 95C80008 0 587F34"

Extended Data Value: No extended value.

General Information: This is a unique call identifier generated by the gateway. It is used to identify the separate billable events (calls) within a single calling session. In the Cisco IOS call-control application programming interface (Cisco IOS CCAPI), this value is called the globally unique identifier (GUID). The h323-conf-id is different from the h323-incoming-conf-id. For example, in long pound calls (calls in which you press the # key to make a new call) with a prepaid application, a new h323-conf-id value is generated for each new call. The new value is generated in the leg following authorization (either leg 2 or leg 4) and is subsequently passed to each downstream leg. Gateway retries because of a connection request failure do not result in a new value; each retry uses the same h323-conf-id value.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-ivr-out

Table 40 h323-ivr-out

Name: h323-ivr-out

Cisco VSA Tag: 24

Source: MDL

Description/Purpose: User-definable AV pairs sent from the voice gateway to the RADIUS server.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Value1: value2

Always "Tariff:Unknown" for the PGW.

Extended Data Value: No extended value.

General Information: User-definable AV pairs sent from the voice gateway to the RADIUS server. You can set (write) the value with a customized Tool Command Language (TCL) Interactive Voice Response (IVR) script on a media gateway (MGW).

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-setup-time

Table 41 h323-setup-time

Name: h323-setup-time

Cisco VSA Tag: 25

Source: MDL

Description/Purpose: Indicates the setup time for this connection.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Time in NTP format: hours, minutes, seconds, microseconds, time_zone, day, month, day_of_month, year.

hh:mm:ss:mmm ZON DDD MMM ## YYYY

Example: "18:27:28.032 UTC Wed Dec 9 1998"

Extended Data Value: No extended value.

General Information: Indicates the setup time for this connection in Coordinated Universal Time (UTC), formerly known as Greenwich Mean Time (GMT) or Zulu time.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-call-origin

Table 42 h323-call-origin

Name: h323-call-origin

Cisco VSA Tag: 26

Source: MDL

Description/Purpose: Indicates the origin of the call relative to the gateway. Possible values are originating and terminating (answer).

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

answer = Legs 1 and 3

originate = Legs 2 and 4

callback = Legs 1 and 3

Example: "answer"

Extended Data Value: No extended value.

General Information: Indicates the origin of the call relative to the gateway. Possible values are originating and terminating (answer).

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-call-type

Table 43 h323-call-type

Name: h323-call-type

Cisco VSA Tag: 27

Source: MDL

Description/Purpose: Indicates call leg type. Possible values are telephony and VoIP.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Telephony

VOIP

Example: "VOIP"

Extended Data Value: No extended value.

General Information: Specifies the IP address of the network access server that is requesting authentication.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-connect-time

Table 44 h323-connect-time

Name: h323-connect-time

Cisco VSA Tag: 28

Source: MDL

Description/Purpose: Indicates the connection time for this call leg in UTC.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Time in NTP format: hours, minutes, seconds, microseconds, time_zone, day, month, day_of_month, year.

hh:mm:ss:mmm ZON DDD MMM ## YYYY

Example: "18:27:28.032 UTC Wed Dec 9 1998"

Extended Data Value: No extended value.

General Information: Indicates the connection time in UTC for this call leg.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-disconnect-time

Table 45 h323-disconnect-time

Name: h323-disconnect-time

Cisco VSA Tag: 29

Source: MDL

Description/Purpose: Indicates the time in UTC this call leg was disconnected.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Time in NTP format: hours, minutes, seconds, microseconds, time_zone, day, month, day_of_month, year.

hh:mm:ss:mmm ZON DDD MMM ## YYYY

Example: "18:27:28.032 UTC Wed Dec 9 1998"

Extended Data Value: No extended value.

General Information: Indicates the time this call leg was disconnected in UTC.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-disconnect-cause

Table 46 h323-disconnect-cause

Name: hh323-disconnect-cause

Cisco VSA Tag: 30

Source: MDL

Description/Purpose: Specifies the reason a connection was taken offline per Q.931 specification.

Format: IA5 (string)

Length in Octets: 1-A0

Data Value: 2-character, ASCII-encoded hexadecimal number representing a Q.931 code. Range: 01 to A0 (which is 1 to 160 decimal).

Example: "04"

Extended Data Value: No extended value.

General Information: Specifies the reason a connection was taken offline per Q.931 specification.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-voice-quality

Table 47 h323-voice-quality

Name: h323-voice-quality

Cisco VSA Tag: 31

Source: Engine

Description/Purpose: Specifies the impairment factor (ICPIF) affecting voice quality for a call.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: Decimal numbers from ICPIF table of G.113

Example: "5"

Extended Data Value: No extended value.

General Information: Value representing impairment/calculated planning impairment factor (ICPIF) of the voice quality on the connection provided by lower-layer drivers (such as the digital-signal-processor). Low numbers represent better quality.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


h323-gw-id

Table 48 h323-gw-id

Name: h323-gw-id

Cisco VSA Tag: 32

Source: Engine

Description/Purpose: Indicates the name of the underlying gateway.

Format: IA5 (string)

Length in Octets: 1-96

Data Value: String

Example: "bowie.cisco.com, AS5300_5"

Extended Data Value: No extended value.

General Information: Indicates the name of the underlying gateway.

MGC Release: Release 9.7(3) and later.

 

Records to be included in:

Stop


Components

The sections below describe the provisioning components that are added or modified for this feature. For information on the rest of the components in the Cisco MGC software, see the Cisco Media Gateway Controller Software Release 9 Provisioning Guide at

http://www.cisco.com/en/US/products/hw/vcallcon/ps2027/tsd_products_support_series_home.html

New Components

This feature adds the network element (NE) component RASERVER.

External Node Types

This feature adds an external node whose type is RACLUSTER. Only one RACLUSTER is supported.

Obtaining Documentation, Obtaining Support, and Security Guidelines

For information on obtaining documentation, obtaining support, providing documentation feedback, security guidelines, and also recommended aliases and general Cisco documents, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Glossary

Table 49 contains expansions of acronyms and technical terms used in this feature module.

Table 49 Acronyms and Expansions 

Acronym
Expansion

AAA

Authentication, Authorization, and Accounting

ACF

Advanced Communications Function

CDR

Call Detail Record

GUID

Globally Unique IDentifier

IETF

Internet Engineering Task Force

IVR

Interactive Voice Response

MGC

(Cisco) Media Gateway Controller

OCC

Originating Call Control

PGW

PSTN Gateway

PSTN

Public Switched Telephone Network

RA

RADIUS Accounting

RADIUS

Remote Authentication Dial-in User Service

RAS

Registration, Admission, and Status Protocol

SC

Signaling Controller

TCC

Terminating Call Control

TCL

Tool Command Language

TDM

Time-Division Multiplexing

VAD

Voice-Activity Detection

VoIP

Voice over IP

VSA

Vendor-Specific Attribute