Configuring Enhanced Charging Services


Configuring Enhanced Charging Services
 
This chapter describes how to configure the Enhanced Charging Service (ECS) / Active Charging Services (ACS) functionality.
The following topics are covered in this chapter:
 
 
Initial Configuration
To perform the initial configuration:
Step 1
Step 2
Step 3
Step 4
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
Creating the ECS Administrative User Account
At least one administrative user account with ECS privileges must be configured on the system. This is the account that is used to log on and execute ECS-related commands. For security purposes, it is recommended that these user accounts be created along with general system functionality administration.
 
To create the ECS administrative user account, use the following configuration:
configure
  context local
     administrator <user_name> password <password> ecs
     end
Notes:
 
Note that only Administrator and Config-administrator level users can provision ECS functionality. Refer to the Configuring System Settings chapter of the System Administration and Configuration Guide for additional information on administrative user privileges.
Installing the ECS License
For ECS functionality you must obtain and install one of the following licenses on your chassis:
 
 
[ 600-00-7526 ] Enhanced Charging Bundle 1 1k Sessions: To enable and configure ECS functionality.
[ 600-00-7574 ] Enhanced Charging Bundle 2 1k Sessions: To enable and configure Diameter and DCCA functionality with ECS.
For information on installing licenses, see the Managing License Keys section of the Software Management Operations chapter in the Administration and Configuration Guide.
Enabling Enhanced Charging Service
Enhanced Charging must be enabled before configuring charging services.
 
To enable Enhanced Charging Services, use the following configuration:
configure
  require active-charging
     context local
        interface <interface_name>
           ip address <ip_address/mask>
           exit
        server ftpd
        end
Notes:
 
If you are using the Category-based Content Filtering application, refer to the Content Filtering Services Administration Guide for specific configuration procedures.
 
Configuring the Enhanced Charging Service
A charging service has analyzers that define which packets to examine and ruledefs (ruledefs) that define what packet contents to take action on and what action to take when the ruledef is matched. Charging services are configured at the global configuration level and are available to perform packet inspection on sessions in all contexts.
To configure the Enhanced Charging Service:
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
Step 8
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
Creating the Enhanced Charging Service
To create an Enhanced Charging Service, use the following configuration:
configure
  active-charging service <ecs_service_name> [ -noconfirm ]
  end
Configuring Rule Definitions
This section describes how to create and configure rule definitions. A ruledef can be a charging, routing, or a post-processing rule. If the same ruledef is to be used for charging in one rulebase and for post-processing rule in another one, then two separate identical ruledefs must be defined.
The following topics are covered in this section:
 
Configuring Charging Rule Definitions
To create and configure a charging ruledef, use the following configuration:
 
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        <protocol> <expression> <operator> <condition>
        rule-application charging
        end
Notes:
 
For information on all the protocol types, expressions, operators, and conditions supported, refer to the Ruledef Configuration Mode Commands chapter of the Command Line Interface Reference.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring Routing Rule Definitions
To create and configure a routing ruledef, use the following configuration:
 
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        <protocol> <expression> <operator> <condition>
        rule-application routing
        end
Notes:
 
For information on all the protocol types, expressions, operators, and conditions supported, refer to the Ruledef Configuration Mode Commands chapter of the Command Line Interface Reference.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring Post-processing Rule Definitions
To create and configure a post-processing ruledef, use the following configuration:
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        <protocol> <expression> <operator> <condition>
        rule-application post-processing
        end
Notes:
 
For information on all the protocol types, expressions, operators, and conditions supported, refer to the Ruledef Configuration Mode Commands chapter of the Command Line Interface Reference.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring Group of Ruledefs
A group-of-ruledefs enables grouping rules into categories, so that charging systems can base the charging policy on the category.
To create and configure a group-of-ruledefs, use the following configuration:
configure
  active-charging service <ecs_service_name>
     group-of-ruledefs <group_name> [ -noconfirm ]
        add-ruledef priority <priority> ruledef <ruledef_name>
        group-of-ruledefs-application { charging | post-processing }
        end
Notes:
 
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring Charging Actions
Charging actions are used with rulebases and must be created before a rulebase is configured.
 
To create a charging action, use the following configuration:
configure
  active-charging service <ecs_service_name>
     charging-action <charging_action_name> [ -noconfirm ]
        content-id <content_id>
        retransmissions-counted
        billing-action [ edr <edr_format> [ wait-until-flow-ends ] | egcdr | exclude-from-udrs | radius ] +
        end
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring IP Readdressing
Readdressing of packets based on the destination IP address of the packets enables redirecting unknown gateway traffic to known/trusted gateways. This is implemented by configuring the re-address server in the charging action.
To configure the IP Readdressing feature, use the following configuration:
configure
  active-charging service <ecs_service_name>
     charging-action <charging_action_name>
        flow action readdress { server <ip_address> [ port <port_number> ] | port <port_number> }
        end
Configuring Next Hop Address
To configure the Next Hop Address configuration feature, use the following configuration:
configure
  active-charging service <ecs_service_name>
     charging-action <charging_action_name>
        nexthop-forwarding-address <ip_address>
        end
Configuring Rulebases
A rulebase specifies which protocol analyzers to run and which packets are analyzed. Multiple rulebases may be defined for the Enhanced Charging Service. A rulebase is basically a subscriber’s profile in a charging service.
 
To create and configure a rulebase, use the following configuration:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name> [ -noconfirm ]
        flow end-condition { { content-filtering | normal-end-signaling | timeout + } | { { hagr | handoff | session-end } [ flow-overflow ] + } [ url-blacklisting ] } edr <edr_format_name>
        billing-records udr udr-format <udr_format_name>
        action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledefs_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }
        route priority <route_priority> ruledef <ruledef_name> analyzer <analyzer> [ description <description> ]
        rtp dynamic-flow-detection
        udr threshold interval <interval>
        cca radius charging context <context> group <group_name>
        cca radius accounting interval <interval>
        end
Notes:
 
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Setting EDR Formats
ECS generates postpaid charging data files which can be retrieved from the system periodically and used as input to a billing mediation system for postprocessing.
 
EDRs are generated according to action statements in rule commands.
Up to 32 different EDR schema types may be specified, each composed of up to 32 fields or analyzer parameter names. The records are written at the time of each rule event in a comma-separated (CSV) format.
Important: If you have configured RADIUS Prepaid Billing, configuring charging records is optional.
To set the EDR formats use the following configuration:
configure
  active-charging service <ecs_service_name>
     edr-format <edr_format_name> [ -noconfirm ]
        attribute <attribute> { [ format { MM/DD/YY-HH:MM:SS | MM/DD/YYYY-HH:MM:SS | YYYY/MM/DD-HH:MM:SS | YYYYMMDDHHMMSS | seconds } ] [ localtime ] | [ { ip | tcp } { bytes | pkts } { downlink | uplink } ] priority <priority> }
        rule-variable <protocol> <rule> priority <priority>
        event-label <event-label> priority <priority>
        end
Important: For information on EDR format configuration and rule variables, refer to the EDR Format Configuration Mode Commands chapter of the Command Line Interface Reference.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Setting UDR Formats
ECS generates postpaid charging data files which can be retrieved from the system periodically and used as input to a billing mediation system for postprocessing.
 
UDRs are generated according to action statements in rule commands. Up to 32 different UDR schema types may be specified, each composed of up to 32 fields or analyzer parameter names. The records are written thresholds in a comma-separated (CSV) format.
Important: If you have configured RADIUS Prepaid Billing, configuring charging records is optional.
To set the UDR format, use the following configuration:
configure
  active-charging service <ecs_service_name>
     udr-format <udr_format_name> [ -noconfirm ]
        attribute <attribute> { [ format { MM/DD/YY-HH:MM:SS | MM/DD/YYYY-HH:MM:SS | YYYY/MM/DD-HH:MM:SS | YYYYMMDDHHMMSS | seconds } ] [ localtime ] | [ { bytes | pkts } { downlink | uplink } ] ] priority <priority> }
        end
Important: For information on UDR format configuration and rule variables, refer to the UDR Format Configuration Mode Commands chapter of the Command Line Interface Reference.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Enabling Charging Record Retrieval
To retrieve charging records you must configure the context that stores the charging records to accept SFTP connections.
 
To enable SFTP, use the following configuration:
configure
  context local
     administrator <user_name> [ encrypted ] password <password>
     config-administrator <user_name> [ encrypted ] password <password>
     exit
  context <context_name>
     ssh generate key
     server sshd
     subsystem sftp
     end
Notes:
 
You must specify the sftp keyword to enable the new account to SFTP into the context to retrieve record files.
Optional Configurations
This section describes the following optional configuration procedures:
 
Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
Configuring a Rulebase for a Subscriber
This section describes how to apply an existing rulebase to a subscriber.
For information on how to configure rulebases, see the Configuring Rulebases section.
To configure a rulebase for a subscriber, use the following configuration:
configure
  context <context_name>
     subscriber name <subscriber_name> [ -noconfirm ]
        active-charging rulebase <rulebase_name>
        end
Notes:
 
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Configuring a Rulebase in an APN
This section describes how to configure an existing rulebase within an APN for a GGSN.
For information on how to configure rulebases, see the Configuring Rulebases section.
Important: This information is only applicable to GGSN networks.
To configure a rulebase in an APN, use the following configuration:
configure
  context <context_name>
     apn <apn_name> [ -noconfirm ]
        active-charging rulebase <rulebase_name>
        end
Notes:
 
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Configuring Charging Rule Optimization
This section describes how to configure the internal optimization level for improved performance when the system evaluates each instance of the action CLI command.
To configure the rule optimization level, use the following configuration:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name>
        charging-rule-optimization { high | low | medium }
        end
Notes:
 
Both the medium and high options causes reorganization of the entire memory structure whenever any change is made (for example, adding another action CLI command).
high option causes allocation of a significant amount of memory for the most efficient organization.
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
 
Configuring Prepaid Credit Control Application (CCA)
This section describes how to configure the Prepaid Credit Control Application for Diameter or RADIUS.
Important: To configure and enable Diameter and DCCA functionality with ECS on your system, you must obtain and install the [600-00-7574] Enhanced Charging Bundle 2 1k Sessions license.
Important: Before configuring Diameter or RADIUS CCA, you must configure AAA parameters as described in the AAA Interface Administration and Reference.
To configure Prepaid Credit Control Application:
Step 1
Step 2
Configuring Diameter Prepaid Credit Control Application (DCCA)
Configuring RADIUS Prepaid Credit Control Application
Step 3
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
Configuring Prepaid CCA for Diameter or RADIUS
To configure the Prepaid Credit Control Application for Diameter or RADIUS, use the following configuration:
 
configure
  active-charging service <ecs_service_name>
     charging-action <charging_action_name>
        cca charging credit [ preemptively-request | rating-group <coupon_id> ]
        exit
     credit-control [ group <group_name> ]
        mode { diameter | radius }
        quota time-threshold { <absolute_value> | percent <percent_value> }
        quota unit-threshold { <absolute_value> | percent <percent_value> }
        quota volume-threshold { <absolute_value> | percent <percent_value> }
        end
Notes:
 
<ecs_service_name> must be the name of the Enhanced Charging Service in which you want to configure Prepaid Credit Control Application.
<charging_action_name> must be the name of the charging action for which you want to configure Prepaid Credit Control Application.
Optional: To configure the redirection of URL for packets that match a ruledef and action on quota request timer, in the Charging Action Configuration mode, enter the following command. This command also specifies the redirect-URL action on packet and flow for Session Control functionality.
flow action redirect-url <redirect_url> [ clear-quota-retry-timer ]
The following sample shows the redirection of a URL for packets that match a ruledef:
charging-action http-redirect
  content-id 3020
  retransmissions-counted
  billing-action exclude-from-udrs
  flow action redirect-url "http://10.1.67.214/cgi-bin/aoc.cgi\077 imsi=#bearer.calling-station-id#&url=#http.url#&acctsessid=#bearer.acct-session-id#&correlationid=#bearer.correlation-id#&username=#bearer.user-name#&ip=#bearer.served-bsa-addr#&subid=#bearer.subscriber-id#&host=#http.host#&httpuri=#http.uri#" clear-quota-retry-timer
  end
 
Optional: To configure credit control quota related parameters, use the following configuration:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name>
        cca quota { holding-time <holding_time> content-id <content_id> | retry-time <retry_time> [ max-retries <max_retries> ] }
        cca quota time-duration algorithm { consumed-time <consumed_time> [ plus-idle ] [ content-id <content_id> ] | continuous-time-periods <seconds> [ content-id <content_id> ] | parking-meter <seconds> [ content-id <content_id> ] }
        end
<rulebase_name> must be the name of the rulebase in which you want to configure Prepaid Credit Control configurables.
 
Optional: To define credit control rules for quota state and URL redirect match rules with RADIUS AVP, use the following configuration:
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        cca quota-state <operator> { limit-reached | lower-bandwidth }
        cca redirect-indicator <operator> <indicator_value>
        end
<ruledef_name> must be the name of the ruledef that you want to use for Prepaid Credit Control Application rules.
cca redirect-indicator configuration is a RADIUS-specific configuration.
 
Optional: This is a Diameter-specific configuration. To configure the failure handling options for credit control session, in the Credit Control Configuration Mode, use the following configuration:
configure
  active-charging service <ecs_service_name>
     credit-control [ group <group_name> ]
        failure-handling { ccfh-session-timeout <session_timeout> | { initial-request | terminate-request | update-request } { continue [ go-offline-after-tx-expiry | retry-after-tx-expiry ] | retry-and-terminate [ retry-after-tx-expiry ] | terminate }
        end
Optional: To configure the triggering option for credit reauthorization when the named values in the subscriber session changes, in the Credit Control Configuration Mode, enter the following command:
configure
  active-charging service <ecs_service_name>
     credit-control [ group <group_name> ]
        trigger type { cellid | lac | qos | rat | sgsn }+
        end
 
Optional: This is a Diameter-specific configuration. If the configuration is for 3GPP network, to configure the virtual or real APN name to be sent in Credit Control Application (CCA) message, in the Credit Control Configuration Mode, enter the following command:
configure
  active-charging service <ecs_service_name>
     credit-control [ group <group_name> ]
        apn-name-to-be-included { gn | virtual }
        end
Configuring Diameter Prepaid Credit Control Application (DCCA)
This section describes how to configure the Diameter Prepaid Credit Control Application.
 
Important: To configure and enable Diameter and DCCA functionality with ECS on your system, you must obtain and in stall the [ 600-00-7574 ] Enhanced Charging Bundle 2 1k Sessions license.
Important: It is assumed that you have already fully configured the AAA parameters as described in the AAA Interface Administration and Reference, and Credit Control Application as described in Configuring Prepaid Credit Control Application (CCA) section for Diameter mode.
To configure Diameter Prepaid Credit Control Application, use the following configuration.
configure
  active-charging service <ecs_service_name>
     credit-control [ group <group_name> ]
        mode diameter
        diameter origin endpoint <endpoint_name>
        diameter dictionary <dcca_dictionary>
        diameter peer-select peer <peer_name> [ realm <realm_name> ] [ secondary-peer <sec_peer_name> [ realm <realm_name> ] ] [ imsi-based { [ prefix | suffix ] <imsi/prefix/suffix_start_value> } [ to <imsi/prefix/suffix_end_value> ] ]
        end
Notes:
 
Diameter peer configuration set with the diameter peer-select command can be overridden by the dcca peer-select peer command in the APN Configuration mode for 3GPP service networks, and in Subscriber Configuration mode in other service networks.
Optional: To configure the maximum time, in seconds, to wait for a response from Diameter peer, in the Credit Control Configuration Mode, enter the following command:
diameter pending-timeout <duration>
Optional: To configure Diameter Credit Control Session Failover, in the Credit Control Configuration Mode, enter the following command:
diameter session failover
When enabled, in the event of failure, failure handling action is based on the failure-handling CLI.
Optional: If you want to configure the service for IMS authorization in 3GPP service network, you can configure dynamic rule matching with Gx interface and dynamic rule matching order in rulebase, use the following configuration:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name>
        dynamic-rule order { always-first | first-if-tied }
        action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledefs_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }
        end
 
Optional: To configure Diameter group AVP Requested-Service-Unit for Gy interface support to include a sub-AVP in CCRs using volume, time, and unit specific charging, in the Rulebase Configuration Mode, enter the following command:
cca diameter requested-service-unit sub-avp { time cc-time <duration> | units cc-service-specific-units <charging_unit> | volume { cc-input-octets <bytes> | cc-output-octets <bytes> | cc-total-octets <bytes> } + }
If the Diameter endpoint parameters are not yet configured, see the Configuring Diameter Endpoint section in the AAA Interface Administration and Reference.
Configuring Peer-Select in Subscriber Configuration Mode (Optional)
This section describes how to configure Diameter peer-select within a subscriber configuration.
Important: The dcca peer-select configuration completely overrides all instances of diameter peer-select configured within the Credit Control Configuration Mode for an Enhanced Charging service.
To configure DCCA peers within a subscriber configuration, use the following configuration:
configure
  context <context_name>
     subscriber name <subscriber_name>
        dcca peer-select peer <host_name> [ [ realm <realm_name> ] [ secondary-peer <host_name> [ realm <realm_name> ] ] ]
        end
Configuring Peer-Select in APN Configuration Mode (Optional)
This section describes how to configure Diameter peer-select within an APN configuration.
Important: This information is only applicable to GGSN networks.
Important: The dcca peer-select configuration completely overrides all instances of diameter peer-select configured within the Credit Control Configuration Mode for an Enhanced Charging Service.
To configure DCCA peers within an APN, use the following configuration:
configure
  context <context_name>
     apn <apn_name>
        dcca peer-select peer <host_name> [ [ realm <realm_name> ] [ secondary-peer <host_name> [ realm <realm_name> ] ] ]
        end
Configuring RADIUS Prepaid Credit Control Application
RADIUS prepaid billing operates on a per content-type basis. Individual content-types are marked for prepaid treatment. When a traffic analysis rule marked with prepaid content-types matches, it triggers prepaid charge management.
 
Important: The RADIUS Prepaid feature of ECS has no connection to the system-level Prepaid Billing Support or the 3GPP2 Prepaid features that are enabled under different licenses.
Important: It is assumed that you have already fully configured the AAA parameters as described in the AAA Interface Administration and Reference, and Credit Control Application as described in Configuring Prepaid Credit Control Application (CCA) section for RADIUS mode.
To configure RADIUS Prepaid Charging with Enhanced Charging, use the following configuration.
configure
  active-charging service <ecs_service_name>
     credit-control [ group <group_name> ]
        mode radius
        exit
     rulebase <rulebase_name>
        cca radius charging context <vpn_context> [ group <group_name> ]
        end
Notes:
 
<rulebase_name> must be the name of the rulebase in which you want to configure Prepaid Credit Control configurables.
<vpn_context> must be the charging context in which the RADIUS parameters are configured:
Optional: To specify the accounting interval duration for RADIUS prepaid accounting, in the Rulebase Configuration Mode, enter the following command:
cca radius accounting interval <interval>
Optional: To specify the user password for RADIUS prepaid services, in the Rulebase Configuration Mode, enter the following command:
cca radius user-password [ encrypted ] password <password>
If RADIUS server parameters are not yet configured, configure them as described in the Configuring AAA Functionality section of the AAA Interface Administration and Reference.
Configuring Gy Interface
To configure the standard Gy interface for GGSN/UMTS networks, use the following configuration:
configure
  context <context_name>
     diameter endpoint <endpoint_name>
        origin realm <realm>
        origin host <diameter_host> address <ip_address>
        peer <peer> realm <realm> address <ip_address>
        exit
     exit
  active-charging service <service_name>
     credit-control [ group <group_name> ]
        diameter origin endpoint <endpoint_name>
        diameter peer-select peer <peer> realm <realm>
        diameter pending-timeout <timeout>
        diameter session failover
        diameter dictionary <dictionary>
        failure-handling initial-request continue go-offline-after-tx-expiry
        failure-handling update-request continue
        failure-handling terminate-request continue
        exit
     exit
  context <context_name>
     apn <apn_name>
        selection-mode sent-by-ms
        ims-auth-service <service>
        ip access-group <access_list> in
        ip access-group <access_list> out
        ip context-name <context_name>
        active-charging rulebase <rulebase_name>
        credit-control-group <cc_group_name>
        end
 
Configuring Redirection of Subscriber Traffic to ECS
User traffic is directed through the ECS service inspection engine by using Access Control List (ACL) mechanism to selectively steer subscriber traffic.
To configure redirection of subscriber traffic to ECS:
Step 1
Step 2
Step 3
Step 4
Step 5
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
Creating an ECS ACL
To create an ACL to use in steering subscriber traffic through ECS, use the following configuration:
configure
  context <context_name>
     ip access-list <access_list_name>
        redirect css service <ecs_service_name> <keywords> <options>
        end
Notes:
 
<ecs_service_name> must be the enhanced charging service’s name; no CSS service needs to be configured.
Applying an ACL to an Individual Subscriber
IP ACLs are applied to subscribers via attributes in their profile. The subscriber profile could be configured locally on the system or remotely on a RADIUS server.
To apply an ACL to a RADIUS-based subscriber, use the Filter-Id attribute. For more information on this attribute, refer to the AAA Interface Administration and Reference.
To apply an ACL to an individual subscriber, use the following configuration:
configure
  context <context_name>
     subscriber name <subscriber_name>
        ip access-group <acl_name> [ in | out ]
        end
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Applying an ACL to the Subscriber Named default
To apply an ACL to the default subscriber, use the following configuration:
 
configure
  context <context_name>
     subscriber default
        ip access-group <acl_name> [ in | out ]
        end
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Applying the ACL to an APN
To apply an ACL to an APN, use the following configuration:
Important: This information is only applicable to GGSN networks.
configure
  context <context_name>
     apn <apn_name>
        ip access-group <acl_name> [ in | out ]
        end
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring GTPP Accounting
This section describes how to configure GTPP accounting which generates G-CDRs for ECS. Generated G-CDRs are sent to a configured Charging Gateway Function (CGF). ECS G-CDRs are sent in ASN.1 format and are encoded as described in 3GPP TS 32.015 V3.9.0 (2002–03) and 3GPP TS 29.060 V6.7.0 (2004–12).
 
Important: This section assumes that a GGSN service is already fully configured. The GGSN service must be configured in the source context.
Important: If the RADIUS accounting is configured you do not need to configure GTPP accounting.
To configure GTPP accounting, use the following configuration:
configure
  gtpp single-source
  context <context_name>
     apn <apn_name>
        accounting-mode none
        exit
     gtpp charging-agent address <ip_address>
     gtpp server <ip_address>
     end
Notes:
 
The gtpp single-source command must be entered before any other configuration commands. If you add it to an existing configuration, make sure that it is the first command implemented after cards and ports are configured. This ensures that this command is implemented before any AAA Manager or Session Manager processes are started.
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Configuring EDR/UDR Parameters
This section provides an example configuration to configure EDR/UDR file transfer and file properties parameters, including configuring hard disk support on SMC card on ASR 5000, transfer modes, transfer interval, etc.
To configure EDR/UDR file parameters:
configure
  context <context_name>
     edr-module active-charging-service
        cdr [ [ push-interval <interval> ] [ push-trigger space-usage-percent <trigger_percentage> ] [ remove-file-after-transfer ] [ transfer-mode { pull | push primary { encrypted-url <encrypted_url> | url <url> } [ secondary { encrypted-secondary-url <encrypted_secondry_url> | url <secondary_url> } ] } ] [ via local-context ] + | use-harddisk ]
        file [ charging-service-name { include | omit } ] [ compression { gzip | none } ] [ current-prefix <string> ] [ delete-timeout <seconds> ] [ directory <directory_name> ] [ edr-format-name ] [ exclude-checksum-record ] [ field-separator { hyphen | omit | underscore } ] [ file-sequence-number rulebase-seq-num ] [ headers ] [ name <file_name> ] [ reset-indicator ] [ rotation [ num-records <number> | time <seconds> | volume <bytes> ] ] [ sequence-number { omit | padded | padded-six-length | unpadded } ] [ storage-limit <limit> ] [ time-stamp { expanded-format | rotated-format | unix-format } ] [ trailing-text <string> ] [ trap-on-file-delete ] [ xor-final-record ] +
        exit
     udr-module active-charging-service
        file [ charging-service-name { include | omit } ] [ compression { gzip | none } ] [ current-prefix <string> ] [ delete-timeout <seconds> ] [ directory <directory_name> ] [ exclude-checksum-record ] [ field-separator { hyphen | omit | underscore } ] [ file-sequence-number rulebase-seq-num ] [ headers ] [ name <file_name> ] [ reset-indicator ] [ rotation [ num-records <number> | time <seconds> | volume <bytes> ] ] [ sequence-number { omit | padded | padded-six-length | unpadded } ] [ storage-limit <limit> ] [ time-stamp { expanded-format | rotated-format | unix-format } ] [ trailing-text <string> ] [ trap-on-file-delete ] [ udr-seq-num ] [ xor-final-record ] +
        end
Notes:
 
The cdr command keywords can be configured either in the EDR or the UDR Configuration Mode. Configuring in one mode prevents the configurations from being applied in the other mode.
The use-harddisk keyword is only available on the ASR 5000.
Verifying your Configurations
To view EDR-UDR file statistics, in the Exec Mode, enter the following command:
show active-charging edr-udr-file statistics
Pushing EDR/UDR Files Manually
To manually push EDR/UDR files to the configured L-ESS, in the Exec mode, use the following command:
cdr-push { all | local-filename <file_name> }
Notes:
 
The cdr-push command is available in the Exec Mode.
<file_name> must be absolute path of the local file to push.
Retrieving EDR and UDR Files
To retrieve UDR or EDR files you must SFTP into the context that was configured for EDR or UDR file generation.
This was done with the FTP-enabled account that you configured in the Enabling Charging Record Retrieval section
The following commands use SFTP to log on to a context named ECP as a user named ecpadmin, through an interface configured in the ECS context that has the IP address 192.168.1.10 and retrieve all EDR or UDR files from the default locations:
sftp -oUser=ecpadmin@ECP 192.168.1.10:/records/edr/*
sftp -oUser=ecpadmin@ECP 192.168.1.10:/records/udr/*
Configuring Fair Usage Feature
This section describes how to configure the Fair Usage feature to perform instance level load balancing and subscriber resource usage control.
To configure the Fair Usage feature, use the following configuration:
configure
  active-charging service <ecs_service_name>
fair-usage
     fair-usage threshold-percent <usage_threshold>
     fair-usage deact-margin <deactivate_margin>
     fair-usage adjust-factor <adjust_factor>
     fair-usage inline-memory-share <max_mem_for_in-line>
     rulebase <rulebase_name>
        fair-usage session-waiver-percent <session_waiver>
        end
Notes:
 
fair-usage command enables the Fair Usage feature.
fair-usage threshold-percent <usage_threshold> command configures when to enable resource monitoring. As long as the amount of available memory is greater than the configured threshold, any memory requests are granted.
<usage_threshold> is a percent value, and must be an integer from 1 through 100.
fair-usage deact-margin <deactivate_margin> command configures when to disable resource monitoring. It is the window size between restricting/not restricting memory utilization.
For example, if the “fair-usage threshold-percent” is set to 75%, on reaching this threshold resource monitoring is enabled. If the “fair-usage deact-margin” is set to 5%, when memory utilization falls 5% below “fair-usage threshold-percent”, i.e. to 70%, resource monitoring is disabled.
<deactivate_margin> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 10 percent.
fair-usage adjust-factor <adjust_factor> is a hidden CLI command available to operators. This command configures the accuracy of memory reporting. When Session Manager reports its memory consumption, this percentage is added to the value being reported. With this, the reported memory will change as the sessions obtain/release memory.
<adjust_factor> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 10 percent.
fair-usage inline-memory-share <max_mem_for_in-line> is a hidden CLI command available to operators for fine tuning the the performance of this feature. This command configures the amount of memory possibly allocated to in-line services on a Session Manager instance. This limit is per Session Manager.
<max_mem_for_in-line> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 60 percent.
fair-usage session-waiver-percent <session_waiver> command configured in the rulebase configures a waiver for subscribers using the rulebase to use more than the average amount of memory limit configured in the fair-usage threshold-percent <usage_threshold> command.
<session_waiver> is a percentage value, and must be an integer from 0 through 1000. By default, it is set to 20 percent.
Configuring Post Processing Feature
This section describes how to configure the Post-processing feature to enable processing of packets even if rule matching for them has been disabled.
To configure the Post-processing feature, use the following configuration:
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        <protocol> <expression> <operator> <condition>
        rule-application post-processing
        exit
     charging-action <charging_action_name>
        ...
        exit
     rulebase <rulebase_name>
        action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledefs_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }
        post-processing priority <priority> ruledef <ruledef_name> charging-action <charging_action_name>
        ...
        end
Notes:
 
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring Time-of-Day Activation/Deactivation of Rules Feature
This section describes how to configure the Time-of-Day Activation/Deactivation of Rules feature to enable charging according to day/time.
To configure the Time-of-Day Activation/Deactivation of Rules feature, use the following configuration:
configure
  active-charging service <ecs_service_name>
     ruledef <ruledef_name>
        ...
        exit
     timedef <timedef_name> [ -noconfirm ]
        start day { friday | monday | saturday | sunday | thursday | tuesday | wednesday } time <hh> <mm> <ss> end day { friday | monday | saturday | sunday | thursday | tuesday | wednesday } time <hh> <mm> <ss>
        start time <hh> <mm> <ss> end time <hh> <mm> <ss>
        exit
     charging-action <charging_action_name>
        ...
        exit
     rulebase <rulebase_name>
        action priority <action_priority> timedef <timedef_name> { group-of-ruledefs <group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ description <description> ]
        ...
        end
Notes:
 
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
Configuring URL Filtering Feature
This section describes how to configure the URL Filtering feature to simplify rules for URL detection.
To create a group-of-prefixed-URLs, use the following configuration:
configure
  active-charging service <ecs_service_name>
     group-of-prefixed-urls <group_name> [ -noconfirm ]
     end
To configure the URLs to be filtered in the group-of-prefixed-URLs, use the following configuration:
configure
  active-charging service <ecs_service_name>
     group-of-prefixed-urls <group_name>
        prefixed-url <url_1>
        ...
        prefixed-url <url_10>
        end
To enable or disable the group in the rulebase for processing prefixed URLs, use the following configuration:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name>
        url-preprocessing bypass group-of-prefixed-urls <group_name>
        ...
        url-preprocessing bypass group-of-prefixed-urls <group_name>
        end
Notes:
 
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
 
Configuring X-Header Insertion and Encryption Feature
This section describes how to configure the X-Header Insertion and Encryption feature.
 
Configuring X-Header Insertion
This section describes how to configure the X-Header Insertion feature.
Important: This feature is license dependent. Please contact your sales representative for more information.
To configure the X-Header Insertion feature:
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Creating the X-Header Format
To create an x-header format, use the following configuration:
configure
  active-charging service <ecs_service_name>
     xheader-format <xheader_format_name> [ -noconfirm ]
     end
Configuring the X-Header Format
To configure an x-header format, use the following configuration:
configure
  active-charging service <ecs_service_name>
     xheader-format <xheader_format_name> [ -noconfirm ]
        insert <xheader_field_name> { string-constant <xheader_field_value> | variable { bearer { 3gpp { apn | charging-characteristics | charging-id | imei | imsi | rat-type | sgsn-address } | acr | customer-id | ggsn-address | mdn | radius-calling-station-id | session-id | sn-rulebase | subscriber-ip-address | username } [ encrypt ] | http { host | url } }
        end
Configuring Charging Action for Insertion of X-Header Fields
To configure a charging action for insertion of x-header fields, use the following configuration:
configure
  active-charging service <ecs_service_name>
     charging-action <charging_action_name> [ -noconfirm ]
        xheader-insert xheader-format <xheader_format_name> [ -noconfirm ]
        end
Notes:
 
The encrypt option specifies encryption of x-header field configuration. This option must be configured in the case the X-Header Encryption feature will be configured.
 
Configuring X-Header Encryption
This section describes how to configure the X-Header Encryption feature.
Important: This feature is license dependent. Please contact your sales representative for more information.
To configure the X-Header Encryption feature:
Step 1
Step 2
Step 3
Step 4
Save your configuration as described in the Verifying and Saving Your Configuration chapter.
Configuring X-Header Encryption
To configure X-Header Encryption, use the following configuration example:
configure
  active-charging service <ecs_service_name>
     rulebase <rulebase_name>
        xheader-encryption certificate-name <certificate_name>
        xheader-encryption re-encryption period <period>
        end
Notes:
 
Configuring Encryption Certificate
To configure the encryption certificate, use the following configuration example:
configure
  certificate name <certificate_name> pem { { data <pem_certificate_data> private-key pem [ encrypted ] data <pem_pvt_key> } | { url <url> private-key pem { [ encrypted ] data <pem_pvt_key> | url <url> } }
  end
Verifying your Configuration
To verify your configuration, in the Exec Mode, enter the following command:
show active-charging ruledef charging
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883