IMS Authorization Service Configuration Mode Commands


IMS Authorization Service Configuration Mode Commands
 
 
IP Multimedia Sub-system (IMS) authorization service is used to configure authorization parameters to manage policy control functions and Gx and Ty interface support with Diameter based procedures for flow based charging within a context. The system uses Gx/Gy andTx/Ty functionality based on the charging policy and rules configured to flow based charging for a subscriber session.
 
Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
 
end
Exits the IMS Authorization Configuration mode and returns to the Exec mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
end
Usage
Use this command to change to the Exec mode.
 
exit
Exits the current configuration mode and returns to the parent configuration mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
exit
Usage
Use this command to return to the parent configuration mode.
 
p-cscf discovery
This command defines the method of Proxy-Call Session Control Function (P-CSCF) discovery to be used.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
p-cscf discovery { table { 1 | 2 } [ algorithm { ip-address-modulus | msisdn-modulus | round-robin } ] | diameter-configured }
[ default | no ] p-cscf discovery
default
Sets the P-CSCF discovery to default parameter.
no
Removes/deletes configured parameters for P-CSCF discovery.
table { 1 | 2 }
This keyword specifies that which P-CSCF table is to be used to obtain the primary and secondary P-CSCF addresses. Total 2 tables can be configured for P-CSCF discovery.
algorithm { ip-address-modulus | msisdn-modulus | round-robin }
Default: round-robin.
This keyword specifies the algorithm to select the row from the P-CSCF table to be used for P-CSCF discovery.
ip-address-modulus: This algorithm divides the IP address, in binary, of the subscriber by the number of rows in the table, and the remainder is used as an index into the specified table to select the row.
msisdn-modulus: This algorithm divides the MSISDN value in binary without the leading “+” of the subscriber by the number of rows in the table, and the remainder is used as an index in the specific table to select the row.
round-robin: This algoritm rotates all rows in the active table for selection of the row in round-robin way. if no algorithm is specified this is the default behavior.
diameter-configured
This option enables the table number and algorithm specified by the diameter host-select table configuration in Policy Control Configuration mode.
If the primary host in that configuration is down it assumes that the primary P-CSCF in the row of P-CSCF table is also down, and it does not return that IP address in the create PDP context response.
This option also performs the deactivation processing of the PDP contexts when Diameter Policy Control Application (DPCA) switches, host tables as detailed in the diameter host-select command description in Policy Control Configuration mode.
Usage
Use this command to configure the table and row selection methods to select IP address/host address for P-CSCF discovery .
Example
The following command specifies table 1 with round-robin algorithm to select the rows with IP address for P-CSCF discovery.
p-cscf discovery table 1 algorithm round-robin
 
p-cscf table
This command adds/appends rows with primary and/or secondary IPv4/IPv6 address to a P-CSCF discovery table with precedence for Proxy-Call Session Control Function (P-CSCF) discovery.
Product
All
Privilege
Security Administrator, Administrator
Syntax
p-cscf table { 1 | 2 } row-precedence precedence_value { address ip_address | ipv6-address ipv6_address } [ secondary { address ip_address | ipv6-address ipv6_address } ]
no p-cscf table { 1 | 2 } row-precedence precedence_value
no
Removes/deletes configured row with precedence in specified table for P-CSCF discovery address.
{ 1 | 2 }
Specifies which P-CSCF table is to be used to add/append the primary and secondary P-CSCF addresses. Two tables can be configured for P-CSCF discovery address.
row-precedence precedence_value
This keyword adds/appends the row with the specified row-precedence to the P-CSCF address table.
In StarOS 8.1 and later, precedence_value must be an integer from 1 through 128, and a maximum of 128 rows can be added to a table.
In StarOS 8.0, precedence_value must be an integer from 1 through 100, and a maximum of 16 rows can be added to a table.
secondary
Specifies the secondary IPv4/IPv6 address to be entered in P-CSCF table rows.
address ip_address
Specifies the primary and/or secondary IPv4 address for P-CSCF discovery table. This keyword, if used with secondary keyword, specifies the secondary IPv4 address.
ip_address must be an IPv4 IP address entered using dotted decimal notation.
ipv6-address ipv6_address
Specifies the primary and/or secondary IPv6 address for P-CSCF discovery table. This keyword, if used with secondary keyword, specifies the secondary IPv6 address.
ipv6_address must be an IPv6 IP address entered using colon ( : ) separated notation.
Usage
Use this command to add rows with primary and/or secondary IP addresses for P-CSCF discovery. he row is added with the specified row-precedence.
The operator can add/remove rows to the table that is not currently selected by the diameter host-select table command in Policy Control Configuration Mode.
Example
The following command adds a row in table 2 with primary IP address 1.2.3.4, secondary IP address as 5.6.7.8, and row-precedence value as 20 for P-CSCF discovery.
p-cscf table 2 row-precedence 20 address 1.2.3.4 secondary 5.6.7.8
 
policy-control
This command enters the Policy Control Configuration mode for Diameter Policy Control Application (DPCA) to configure Diameter authorization and policy control parameter for IMS authorization.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ no ] policy-control
no
Disables the pre-configured policy control parameters for IMS authorization in this IMS authorization service.
Usage
Use this command to enter the Policy Control Configuration Mode to configure the policy control parameters for Diameter authorization and charging policy in IMS Authorization Service.
Example
policy-control
 
qos-update-timeout
This command sets the Quality of Service update timeout for a subscriber in IMS authorization service.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
qos-update-timeouttimeout_duration
[ no ] qos-update-timeout
no
Disables the pre-configured QoS update timeout parameter in this IMS authorization service.
timeout_duration
Default: 60
Specifies the duration of timeout in seconds, and must be an integer from 0 through 3600.
Usage
Use this command to set the maximum time to wait for a subscriber to initiate the update QoS procedure in IMS authorization service.
Example
Following command sets the QoS update timeout to 90 seconds.
qos-update-timeout 90
 
reauth-trigger
This command specifies the trigger events to initiate re-authorization for a subscriber in IMS authorization service.
 
Important: This command now moved to Policy Control Config mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ default ] reauth-trigger{ all | { an-gw-change | bearer-loss | bearer-recovery | plmn-change | policy-failure | qos-change | rat-change | sgsn-change | tft-change | tft-delete } + }
Default
Sets the pre-configured Re-authorization trigger to default value.
all
Sets the IMS authorization service to initiate re-authorization process for a subscriber on all events listed in this command.
an-gw-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber whose access network gateway changed.
bearer-loss
Sets the IMS authorization service to initiate re-authorization process for a subscriber on loss of bearer or service.
bearer-recovery
Sets the IMS authorization service to initiate re-authorization process for a subscriber when a bearer or service recovered after loss of bearer or service.
default-bearer-qos-change
Sets the IMS authorization service to initiate re-authorization process when QoS is changed and DEFAULT_EPS_BEARER_QOS_CHANGE event triggered for the default EPS bearer context of a subscriber in LTE network.
plmn-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber on change in Public Land Mobile Network (PLMN) of subscriber.
policy-failure
Sets the IMS authorization service to initiate re-authorization process for a subscriber on failure of credit and charging policy for subscriber.
qos-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber on change in Quality of Service level/rating of subscriber.
rat-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber on change in Radio Access Type (RAT) of subscriber node.
sgsn-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber on change in SGSN for subscriber node.
tft-change
Sets the IMS authorization service to initiate re-authorization process for a subscriber on change in Traffic Flow Template (TFT) of subscriber session.
tft-delete
Sets the IMS authorization service to initiate re-authorization process for a subscriber when Traffic Flow Template (TFT) of subscriber session is deleted by a system administrative user.
Usage
Use this command to set the triggers to initiate QoS re-authorization process for a subscriber in IMS authorization service.
Example
Following command sets the re-authorization trigger to bearer-loss, so that re-authorization of subscriber session is initiated on loss of bearer.
reauth-trigger bearer-loss
 
signaling-flag
This command specifies whether a request for a PDP context dedicated to signaling (for IMS sessions) should be granted or denied.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
signaling-flag { deny | permit }
[ default ] signaling-flag
default
Sets the signaling flag to default mode of deny.
deny
Default: Enabled.
When specified this keyword denies the request for a signaling PDP context for IMS session and keeps signaling co-existed with other traffic on PDP contexts.
permit
Default: Disabled.
When specified this keyword permit the request for a signaling PDP context for IMS session and a separate signaling context activated.
Usage
Use this command to allow or deny the activation of dedicated PDP context for signaling. The user equipment (UE) may indicate that the PDP context should be dedicated for IP multimedia (IM) signaling by setting the IP Multimedia Core Network (IM CN) signaling flag in the Protocol Configuration Options (PCO).
The deny option causes the system to inform the UE that the PDP context will not be dedicated for IM signaling and signaling will co-exist with other traffic on PDP context.
The permit option is used to activate the signaling context for signal traffic and the other traffic uses other PDP context for traffic with the following destinations:
The UE is not trusted to follow these restrictions, and the system monitors and restricts the traffic from the dedicated PDP context. The signaling-flow class-map command is used to configure the restrictions.
Example
Following command denies the request for a signaling PDP context for IMS session.
default signaling-flag
 
signaling-flow permit
This command specifies the packet filters and policy servers for bandwidth control and singling context enforcement that define the traffic that is allowed through the dedicated signaling context.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
signaling-flow permit server-addressip_address[ server-port {port_num| rangestart_porttoend_port} ] [ descriptionSTRING]
[ no ] signaling-flow permit server-address ip_address [ server-port { port_num | range start_port to end_port } ]
no
Disables the signaling flow option configured with his command.
server-address ip_address
The server address ip_address refers to the destination IP address in uplink packets, and the source IP address in downlink packets.
ip_address is IPv4/IPv6 address in standard notation and can be used with sub-net mask.
A maximum of 16 signaling server address can be configured per IMS Authorization service.
server-port { port_num | range start_port to end_port }
Specifies the TCP/UDP port number(s) of the server and to be used for communication.
port_num must be an integer from 1 through 65535.
range start_port to end_port provides the option to configure the range of ports on server for communication.
start_port must be an integer from 1 through 65535 but lesser than end_num, and end_port must be an integer from 1 through 65535 but greater than start_num.
description STRING
Specifies the customized description for configured signaling server.
STRING must be an alpha and/or numeric string with maximum of 64 characters.
Usage
Traffic that matches any instance of the signaling-flow command will be forwarded via the signaling PDP context. In addition, the policy server gives policy gates to use for the signaling PDP context.
Example
Following command sets the packet filter server address to 1.2.3.4 with port number 1234 for packet filtering.
signaling-flow server-address 1.2.3.4 server-port 1234
 
traffic-policy general-pdp-context
This command specifies the action on packets which do not match any policy gates in the general purpose PDP context.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
traffic-policy general-pdp-context no-matching-gates direction { downlink | uplink } { forward | discard }
default traffic-policy general-pdp-context no-matching-gates direction { downlink | uplink }
default
Sets the default traffic policy for packets without any policy gate match in general purpose PDP context.
By default packets which do not have any matching policy gate are forwarded.
no-matching gates
This keyword applies traffic policy for packets which do not match any policy gate.
direction { downlink | uplink }
Specifies the direction of traffic to apply this traffic policy in general PDP context.
downlink: specifies the traffic from system to MN. Default is set to forward.
uplink: specifies the traffic from MN to system. Default is set to forward.
forward
Default: Enabled.
This option forward the packets which do not match any policy gates.
discard
Default: Disabled.
This option discards the packets which do not match any policy gates.
Usage
This command provides configuration on traffic policy applied on packets which are not matching any policy gate in general PDP context. Packets can either forwarded or discarded on the basis of operators configuration.
This command needs to be configured once for downlink and once for uplink separately.
Example
Following command discard uplink packets which do not match any policy gate in general purpose PDP context.
traffic-policy general-pdp-context no-matching-gates direction uplink discard
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883