Global Configuration Mode Commands


Global Configuration Mode Commands
 
 
The Global Configuration Mode is used to set basic system wide options.
 
 
aaa accounting-overload-protection
This command configures Overload Protection Policy for accounting requests.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa accounting-overload-protection prioritize-gtpp
{ default | no } aaa accounting-overload-protection
default
Configures the default setting.
Default: no priority assigned
no
Disables the Overload Protection configuration.
prioritize-gtpp
Specifies to give higher priority to GTPP requests among the other outstanding requests. So while purging the lower priority requests will be selected first.
Usage
Use this command to configure Overload Protection Policy for accounting requests.
Example
The following command prioritizes GTPP requests among the other outstanding requests:
aaa accounting-overload-protection prioritize-gtpp
 
aaa default-domain
Configure global accounting and authentication default domain for subscriber and context-level administrative user sessions.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa default-domain { administrator | subscriber } domain_name
no aaa default-domain { administrator | subscriber } [ domain_name ]
no
Removes all or only the specified configured domain.
administrator | subscriber
administrator: Configures the default domain for context-level administrative users.
subscriber: Configures the default domain for subscribers.
domain_name
Specifies the context which is to be set as the default. domain_name must be from 1 to 79 alpha and/or numeric characters with no spaces.
Usage
This command configures the default domain which is used when accounting and authentication services are required for context-level administrative user and subscriber sessions whose user name does not include a domain.
Example
The following commands configure the default domains for context-level administrative users and subscribers, respectively:
aaa default-domain administrator sampleAdministratorDomain
aaa default-domain subscriber sampleSubscriberDomain
The following command removes the sampleSubscriberDomain domain:
no aaa default-domain subscriber sampleSubscriberDomain
 
aaa domain-matching ignore-case
This command disables case sensitivity when performing domain matching. When this command is enabled, the system disregard case when matching domains.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ no ] aaa domain-matching ignore-case
default aaa domain-matching
default
Configures ignore-case as the domain matching method.
no
Specifies that the system consider case when domain matching.
Usage
Use this command to configure the system to ignore case when matching domains.
Example
The following command configures the system to ignore case when matching domains:
aaa domain-matching ignore-case
 
aaa domain-matching imsi-prefix
This command enables domain lookup for session based on the IMSI prefix length. Default: Disabled
Important: This command is only available in Release 8.3 and later.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa domain-matching imsi-prefix prefix-length prefix_length
no aaa domain-matching imsi-prefix
no
Specifies the system must not consider imsi-prefix domain matching method.
prefix-length
Specifies the IMSI length to be matched with the domain.
prefix_length must be an integer from 1 through 15.
Usage
Use this command to configure the IMSI-prefix method of domain matching. This command enables domain lookup for the session based on the IMSI prefix length. If there is a domain configured with the matching IMSI prefix, the associated configuration is used.
This feature does not support partial matches.
Example
The following command configures the IMSI prefix method for domain matching setting the prefix length to 10.
aaa domain-matching imsi-prefix prefix-length 10
 
aaa large-configuration
This command enables/disables the system to accept a large number of RADIUS configurations to be defined and stored.
 
Important: For this command to take affect, after entering the command the configuration must be saved and reloaded.
When aaa large-configuration is disabled, the following restrictions are in place:
The RADIUS attribute nas-ip-address can only be configured if the RADIUS group is default.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa large-configuration
no aaa large-configuration
no
Disables AAA large configuration support.
Usage
When aaa large-configuration is enabled, the system provides the ability to configure multiple NAS IP addresses in a single context to used with different radius groups. As well, the command allows support for up to 1600 RADIUS server configurations and for a PDSN a maximum of 400 or for a GGSN a maximum of 800 RADIUS server group configurations system-wide.
Example
To enable the definition of a large number of RADIUS configurations, enter the following commands in the following order:
In APN Configuration mode, use the aaa group command and enter:
default aaa group
In Global Configuration mode, enter
aaa large-configuration
In Exec mode, use the save configuration command and then the reload command.
 
aaa last-resort
Configure global accounting and authentication last resort domain for subscriber and context-level administrative user sessions.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa last-resort context { administrator | subscriber } context_name
no aaa last-resort context { administrator | subscriber } [ context_name ]
no
Removes all or only the specified previously configured authentication last resort domain name.
administrator | subscriber
administrator: Configures the last resort domain for context-level administrative.
subscriber: Configures the last resort domain for the subscribers.
context_name
Specifies the context which is to be set as the last resort. context_name must be from 1 to 79 alpha and/or numeric characters with no spaces.
Usage
Set the last resort context which is used when there is no applicable default domain (context) and there is no domain provided with the subscriber’s or context-level administrative user’s name for use in the AAA functions.
Example
The following commands configure the last resort domains for context-level administrative user and subscribers, respectively:
aaa last-resort administrator sampleAdministratorDomain
aaa last-resort subscriber sampleSubscriberDomain
The following command removes the previously configured domain called sampleAdministratorDomain:
no aaa last-resort administrator sampleAdministratorDomain
 
aaa username-format
Configure global accounting and authentication user name formats for AAA functions. Up to six formats may be configured.
Product
All
Privilege
Security Administrator, Administrator
Syntax
aaa username-format { domain | username } separator
no aaa username-format { domain | username } separator
no
Removes the specified user name format from the configuration.
domain | username
Default: username @
domain: indicates the left side of the string from the separator character is a domain name and the right side is the user name.
username: indicates the left side of the string from the separator character is a user name and the right side is the domain name.
Important: The user name string is always searched from right to left for the first occurrence of the separator character.
separator
Specifies the character to use for delimiting the domain from the user name for global AAA functions as one of: @, %, -, \, #, or /. Note: to specify a slash )’\’) as the separator it is necessary to enter a double slash (‘\\’) on the command line.
Usage
Define the formats for user name delimiting if certain domains or groups of users are to be authenticated based upon their user name versus domain name.
Example
aaa username-format domain @
aaa username-format username %
no aaa username-format username %
 
active-charging service
This command creates/selects an Active Charging Service.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
active-charging service ecs_service_name [ -noconfirm ]
no active-charging serviceecs_service_name
no
Removes the specified Active Charging Service.
ecs_service_name
Creates/selects the specified Active Charging Service, and changes to the Active Charging Service Configuration Mode.
ecs_service_name must be an alpha and/or numeric string of 1 through 15 characters in length.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to create/select an active charging service on the system.
Use this command after enabling Enhanced Charging Service using the require active-charging command. This command allows administrative users to configure the Enhanced Charging Service functionality.
Example
The following command creates an active charging service named test:
active-charging service test
 
alarm
Enables/disables alarming options for the switch processor card internal alarms and the central-office external alarms. To verify the state of the alarms, refer to the show alarm command.
Product
All
Privilege
Security Administrator, Administrator
Syntax
alarm { audible | central-office }
no alarm { audible | central-office }
no
Disables the option specified.
audible | central-office
audible: indicates the internal audible alarm on the switch processor cards are to be enabled.
central-office: indicates the central office alarms are to be enabled.
Usage
Disable CO and audible alarms when an existing device provides such capability.
Example
The following commands enable the SMC internal alarm and disable the central office alarms, respectively.
alarm audible
no alarm central-office
 
arp
Configures a system-wide time interval for performing Address Resolution Protocol (ARP) refresh.
Product
All
Privilege
Security Administrator, Administrator
Syntax
arp base-reachable-time time
default arp base-reachable-time
default
Restores the parameter to its default setting.
time
Default: 30
Specifies the ARP refresh interval (in seconds). The range is 30 to 86400 seconds.
Usage
Use this command to configure a system-wide ARP refresh interval. Once a neighbor is found, the entry is considered valid for at least a random value between the time/2 and the time*1.5.
Example
The following command configures an ARP refresh interval of 1 hour:
arp base-reachable-time 3600
 
autoconfirm
This command disables or enables confirmation for certain commands. This command affects all future CLI sessions.
 
Important: To change the behavior for the current CLI session only, use the autoconfirm command in the Exec Mode.
Product
All
Privilege
Security Administrator, Administrator, Operator
Syntax
autoconfirm
no autoconfirm
Usage
When autoconfirm is enabled, certain commands ask you to answer yes or no to confirm that you want to execute the command. When autoconfirm is disabled the confirmation questions never appear. Disabling autoconfirm disables command confirmation for all future CLI sessions.
By default autoconfirm is enabled.
Example
The following command enables command confirmation for all future CLI sessions;
autoconfirm
The following command disables command confirmation for all future CLI sessions;
no autoconfirm
 
autoless
This command is obsolete. It is included in the CLI for backward compatibility with older configuration files. When executed, this command issues a warning and performs no function.
Product
All
Privilege
Security Administrator, Administrator
Syntax
autoless
no autoless
 
banner
Configures the CLI banner which is displayed upon the initialization of a CLI session.
Product
All
Privilege
Security Administrator, Administrator
Syntax
banner { charging-service |lawful-intercept | motd | pre-login } string
no banner { charging-service | lawful-intercept | motd | pre-login }
no
Removes the banner message by setting it to be string of zero length.
charging-service
Specifies the Enhanced Charging Service banner message. That banner is displayed upon the initialization of an SSH CLI session with ECS-admin privileges (whenever anyone with the CLI privilege bit for ECS logs in.
lawful-intercept
Configures the CLI banner message of the day which is displayed upon the initialization of an SSH CLI session with li-admin privileges.
motd
Configures the CLI banner message of the day which is displayed upon the initialization of any CLI session.
pre-login
Configures the CLI banner displayed before a CLI user logs in.
Important: This banner is displayed only for serial port and telnet log ins. It is not supported in ssh and, therefore, will not be displayed before ssh log ins.
string
Specifies the banner or message to be displayed at session initialization. string may be from 0 to 2048 characters and must be enclosed in double quotation marks if the banner or message is to include spaces.
Usage
Set the message of the day banner when an important system wide message is needed. For example, in preparation for removing a chassis from service, set the banner 1 or more days in advance to notify administrative users of the pending maintenance.
Example
banner motd “Have a nice day.”
banner motd No_News_Today
no banner motd
 
boot
The commands in this section set system boot time parameters.
 
boot delay
Configures the delay period, in seconds, before attempting to boot the system from a software image file residing on an external network server.
Product
All
Privilege
Security Administrator, Administrator
Syntax
boot delaytime
no boot delay
no
Deletes the setting for the boot delay. The boot process executes immediately.
time
Specifies the amount of time (in seconds) to delay prior to requesting the software image from the external network server. The range is 1 to 300 seconds.
Usage
Useful when booting from the network when connection delays may cause timeouts. Such as when the Spanning Tree Protocol is used on network equipment.
Important: The settings for this command are stored immediately in the boot.sys file. No changes are made to the system configuration file.
Example
The following sets the boot delay to 10 seconds:
boot delay 10
 
boot interface
Configures the Switch Processor I/O card network interfaces for obtaining a system software image during the system boot process.
Product
All
Privilege
Security Administrator, Administrator
Syntax
boot interface { spio-eth1 | spio-eth2 } [ medium { auto | speedmedium_speedduplexmedium_duplex } [ mediamedium_media ] ]
no boot interface
no
Removes the boot interface configuration from the boot.sys file. Only files from the local file system can be loaded.
spio-eth1 | spio-eth2
Specifies the network interface to be configured where spio-eth1 is the primary interface on the SPIO (slot 24 interface 1 or slot 25 interface 1) and spio-eth2 is the secondary interface on the SPIO (slot 24 interface 2 or slot 25 interface 2). The interfaces refer to either the RJ-45 interfaces for speeds of 10, 100, or 1000 megabit per second (Mbps) or the SFP interface for the optical gigabit (1000 Mbps) interface.
medium { auto | speed medium_speed duplex medium_duplex }
Default: auto
auto: configures the interface to auto-negotiate the interface speed. and duplex.
speed medium_speed duplex medium_duplex: specifies the speed to use at all times where medium_speed must be one of:
The keyword duplex is used to set the communication mode of the interface where medium_duplex must be one of:
media medium_media
Default: rj45
Optionally sets the physical interface where medium_media must be either rj45 or sfp.
Usage
Modify the boot interface settings to ensure the system is able to obtain a software image from an external network server.
Important: The settings for this command are stored immediately in the boot.sys file. No changes are made to the system configuration file.
Example
The following configures the primary interface to auto-negotiate the speed.
boot interface spio-eth1 medium auto
The following command configures the secondary interface to a fixed gigabit speed at full duplex using RJ45 connectors for the physical interface.
boot interface spio-eth2 medium speed 1000 duplex full media rj45
The following restores the defaults for the boot interface.
no boot interface
 
boot nameserver
Configures the IP address of the DNS (Domain Name Service) server to use when looking up hostnames in URLs for network booting.
Product
All
Privilege
Security Administrator, Administrator
Syntax
boot nameserver ip_address
no boot nameserver
ip_address
IPv4 address of the DNS server the system uses to lookup hostnames in URLs for a software image from the network during the system boot process.
no
Removes the network boot nameserver information from the boot.sys file.
Usage
Use this command to identify the DNS server to use to lookup hostnames in a software image URL.
Important: The settings for this command are stored immediately in the boot.sys file. No changes are made to the system configuration file.
Example
The following configures the system to communicate with a DNS nameserver with the IP address of 1.2.3.4:
boot nameserver 1.2.3.4
 
boot networkconfig
Configures the networking parameters for the Switch Processor I/O card network interfaces to use when obtaining a software image from an external network server during the system boot process.
Product
All
Privilege
Security Administrator, Administrator
Syntax
bootnetworkconfig { dhcp | { { dhcp-static-fallback | static } ipaddressspio24ip_address [ spio25ip_address ] netmaskip_mask [ gatewaygw_address ] } }
no boot networkconfig
no
Removes the network configuration information from the boot.sys file.
dhcp
Indicates that a Dynamic Host Control Protocol (DHCP) server is used for communicating with the external network server.
dhcp-static-fallback | static
dhcp-static-fallback: provides static IP address fallback network option when a DHCP server is unavailable.
static: specifies a fixed network IP address for the external network server that hosts the software image.
spio24 ip_address [ spio25 ip_address ] netmask ip_mask [ gateway gw_address ]
spio24 ip_address [ spio25 ip_address ]: the IP address to use for the SPIO in slot 24 and optionally the SPIO in slot 25 for network booting. ip_address must be specified using the standard IPv4 dotted-decimal notation.
netmask ip_mask: the network mask to use in conjunction with the IP address(es) specified for network booting. ip_mask must be specified using the standard IPv4 dotted-decimal notation.
gateway gw_address: the IP address of a network gateway to use in conjunction with the IP address(es) specified for network booting. gw_address must be specified using the standard IPv4 dotted-decimal notation.
Important: If gw_address is not specified, then the network server must be on the same LAN as the system. Since both SPIOs must be in the same network, the netmask and gateway settings are shared.
Usage
Configure the network parameters for the ports on the SPIO cards to use to communicate with an external network server that hosts software images.
Important: The settings for this command are stored immediately in the boot.sys file. No changes are made to the system configuration file.
Important: When configuring static addresses both SPIOs must have different IP addresses. Neither address can be the same as the local context IP address.
Example
The following configures the system to communicate with the external network server via DHCP with a fallback to IP address 1.2.3.4, respectively.
boot networkconfig dhcp-static-fallback ip address spio24 192.168.100.10 netmask 255.255.255.0
The following command configures the system to communicate with an external network server using the fixed (static) IP address 1.2.3.4 with a network mask of 255.255.255.0.
boot networkconfig static ip address spio24 192.168.100.10 netmask 255.255.255.0
The following restores the system default for the network boot configuration options.
no boot networkconfig
 
boot system priority
Specifies the priority of a boot stack entry to use when the system first initializes or restarts. Up to 10 boot system priorities (entries in the boot.sys file located on the /flash device in the SMC) can be configured.
Product
All
Privilege
Security Administrator, Administrator
Syntax
boot system prioritynumberimageimage_urlconfigconfig_path
no boot system prioritynumber
no
Remove a boot stack entry at the priority specified from the boot stack when it is no longer used.
priority number
Specifies the priority for the file group (consisting of an image (.bin) and its corresponding configuration (.cfg) file) specified in the boot stack. The value must be in the range from 1 through 100 where a priority of 1 is the highest. Up to 10 boot system priorities (boot stack entries) can be configured.
Important: When performing a software upgrade it is important that the new file group have the highest priority (lowest value) configured.
Important: It is suggested that an “N-1” priority numbering methodology, where “N” is the first priority in the current boot stack be employed to ensure that higher priority numbers remain open.
image image_url
Specifies the location of a image file to use for system startup. The URL may refer to a local or a remote file. The URL must be formatted according to one of the following formats:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /directory ]/filename
[ http: | tftp: ]//host[ :port ][ /directory ]/filename
Important: Use of the SMC hard drive is not supported in this release.
directory is the directory name.
filename is the actual file of interest.
host is the IP address or host name of the server.
port# is the logical port number that the communication protocol is to use.
Important: A file intended for use on an ASR 5000 uses the convention xxxxx.asr5000.bin, where xxxxx is the software build information.
Important: When using the TFTP, it is advisable to use a server that supports large blocks, per RFC 2348. This can be implemented by using the “block size option” to ensure that the TFTP service does not restrict the file size of the transfer to 32MB.
config config_path
Specifies the location of a configuration file to use for system startup. This must be formatted according to the following format:
[ file: ]{ /flash | /pcmcia1 | /pcmcia2 }[ /path ]/filename
[ file: ]{ /flash | /pcmcia1 | /hd }[ /path ]/filename
Important: Use of the SMC hard drive is not supported in this release.
Where path is the directory structure to the file of interest, and filename is the name of the configuration file. This file typically has a .cfg extension.
Usage
This command is useful in prioritizing boot stack entries in the boot.sys file, typically located on the /flash device of the Active SMC, for automatic recovery in case of a failure of a primary boot file group.
Important: The configuration file must reside on the SMC’s local filesystem, stored on one of its local devices (/flash, /pcmcia1, /pcmcia2, /hd). Attempts to load the configuration file from an external network server will result in a failure to load that image and configuration file group, causing the system to load the image and configuration file group with the next highest priority in the boot stack.
Important: Configuration changes do not take effect until the system is reloaded.
Important: The settings for this command are stored immediately in the boot.sys file. No changes are made to the system configuration file.
Example
The following commands set up two locations to obtain a boot file group from.
boot system priority 1 image tftp://remoteABC/pub/2003jan.bin config /flash/pub/data/2003feb.cfg
boot system priority 2 image /flash/pub/data/2002jun.bin config /pcmcia1/pub/data/2003feb.cfg
The following removes the current priority 1 boot entry from the boot.sys file.
no boot system priority 1
 
bulkstats
Enables the collection of bulk statistics by the system and/or enters the bulk statistic configuration mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
bulkstats { collection | historical | mode }
no bulkstatscollection
no
Disables the collection of bulk statistics.
collection
Enables the statistics collection process. Collects a period snapshot of data, i.e. “here is what the value is right now”.
historical collection
Enables the system to collect historical bulk statistics.
If enabled, the system keeps track of some things which require the storing of more data, such as “the highest value that’s been seen over the last 24 hours”.
mode
Enters the bulk statistics configuration mode. The resulting command-line prompt will look similar to:
[<context-name>]asr5000(config-bulkstats)#
Usage
The Bulk Statistics Configuration Code consists of commands for configuring bulk statistic properties, such as the period of collection. Bulk Statistics configuration mode commands are defined in the “Bulk Statistics Configuration Mode Commands” chapter.
The system can be configured to collect bulk statistics and send them to a collection server (called a receiver). Bulk statistics are statistics that are collected in a group or schema, for example, system stats, port stats, radius stats.
Once bulk statistics receiver, schema, and collection properties are configured, this bulkstats command is used to enable or disable the collection of the data.
To collect a sample that will provide an average, for example, an average of CPU counters, the “historical” features must be enabled with the bulkstats historical collection command.
Since bulk statistics are collected at regular, user-defined intervals, the bulkstats force command in the Exec Mode can be used to manually initiate the collection of statistics at any time.
Example
bulkstats collection
bulkstats mode
no bulkstats collection
 
ca-certificate
Configures and selects an X.509 CA root certificate to enable a security gateway to perform certificate-based peer (client) authentication. The system supports a maximum of 16 certificates and 16 CA root certificates. A maximum of four CA root certificates can be bound to a crypto template.
Product
Privilege
Administrator, Security Administrator, Operator
Syntax
[ no ] ca-certificate name name pem { data pemdata | url url }
no
Removes the named CA certificate.
name
Names the CA certificate.
pem data pemdata | url
The PEM-formatted data can be specified (data pemdata) or the information can be read from a file via url url). When read via a file, note that show configuration will not contain the url reference, but will instead output the data via data pemdata, such that the configuration file is self-contained.
Usage
In addition to the X.509 certificate-based gateway authentication method and the PSK (Pre-Shared Key) and EAP-AKA (Extensible Authentication Protocol - Authentication and Key Agreement) peer (client) authentication methods, the FNG supports X.509 certificate-based peer authentication.
The FNG checks the network policy on whether a FAP is authorized to provide service. If the network policy states that all FAPs that pass device authentication are authorized to provide service, no further authorization check may be required. If the network policy requires that each FAP be individually authorized for service (in the case where the FEID is associated with a valid subscription), the FNG sends a RADIUS Access-Request message to the AAA server. If the AAA server sends a RADIUS Access-Accept message, the FNG proceeds with device authentication. Otherwise, the FNG terminates the IPSec tunnel setup by sending an IKEv2 Notification message indicating authentication failure.
The operator/administrator is responsible for configuring the certificates through the CLI. The FNG will generate an SNMP notification when the certificate is within 30 days of expiration, and then once a day.
Example
Use the following command to remove a certificate named fap1:
no ca-certificate data fap1
 
card
Enters the card configuration mode for the card specified.
Product
All
Privilege
Security Administrator, Administrator
Syntax
cardnumber
number
Specifies the number of the card for which the card configuration mode is to be entered. number must be a value in the range 1 through 48.
Usage
Enter the configuration mode for a specific card when changes a required.
Important: This command is not supported on all platforms.
Example
card 8
 
card-standby-priority
Configures the redundancy priorities for the Packet Services Cards (PSC or PSC2) by specifying the slot number search order for a standby card when needed. Not available for the XT2 platform.
Product
All
Privilege
Security Administrator, Administrator
Syntax
card-standby-priorityslot_num [ slot_num ] [ slot_num ] ...
slot_num
Specifies the slot of the card for the order of the standby cards. slot_num must be in the range from 1 through 16 excluding slots 8 and 9. slot_num may be repeated as many times as necessary to indicate the complete search order.
Usage
Set the standby order of the redundant cards when multiple standby cards are available.
Questionable hardware should be placed lower in the priority list.
Important: This command replaces the pac-standby-priority command.
Important: This command is not supported on all platforms.
Example
The following command configures the redundancy priority to use the standby cards in slots 16, 14, and 12 in that order:
card-standby-priority 16 14 12
 
cdr-multi-mode
This command enables multiple instances of CDRMOD.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ default ] cdr-multi-mode
default
Configures the default setting.
Usage
Use this command to enable multiple instances of CDRMOD.
 
certificate
Configures and selects an X.509 Trusted Author certificate.
Product
ECS
PDG/TTG
PDIF
Privilege
Administrator, Security Administrator, Operator
Syntax
[ no ] certificate name name pem { data pemdata | url url }
no
Removes the named certificate.
name
Names the certificate.
pem data pemdata | url
The PEM-formatted data can be specified (data pemdata) or the information can be read from a file via url url). When read via a file, note that show configuration will not contain the URL reference, but will instead output the data via data pemdata, such that the configuration file is self-contained.
Usage
A certificate authority or certification authority (CA) is an entity which issues digital certificates for use by other parties. It is an example of a trusted third party. CAs are characteristic of many public key infrastructure (PKI) schemes.
If CERT information is configured, PDIF will include the CERT payload in the first IKE_AUTH Response during the first authentication. PDIF stores its own certificate for use in the first AUTH calculation. MS will not have its own certificate from CA. Still it will be capable of accepting a certificate from PDIF and verify AUTH.
The operator/administrator is responsible for configuring the certificates through the CLI. PDIF will generate an SNMP notification when the certificate is within 30 days of expiration, and then once a day.
Example
Use the following command to remove a certificate named box1:
no certificate data box1
 
cli
Configures global CLI parameters.
Product
All
Privilege
Security Administrator, Administrator
Syntax
cli { access { monitor-protocol | monitor-subscriber } { administrator | operator }} | login-failure-delaynumber| max-sessionsnumber| operator clear-subscriber-one-only | trap config-mode }
no cli { max-sessions | login-failure-delaynumber |operator clear-subscriber-one-only | trap config-mode }
default cli { access { monitor-protocol | monitor-subscriber } | max-sessions | login-failure-delaynumber |operator clear-subscriber-one-only | trap config-mode }
no
Removes the limit on the number of allowed simultaneous CLI sessions on the system. or removes the limit of how many subscribers an Operator can clear.
default
Resets the keywords to their default values.
access { monitor-protocol | monitor-subscriber } { operator | administrator }
Sets access privileges on the monitor protocol and monitor subscriber commands:
monitor-protocol: Selects privileges for the monitor protocol command.
monitor-subscriber: Selects privileges for the monitor subscriber command.
operator: Sets the privileges for the selected command to allow use by users with operator privileges.
administrator: Restricts use of the selected command to administrators only.
login-failure-delay number
This is the time to wait before a login failure is returned and another login may be attempted. Default is five seconds.
max-sessions number
Sets the number of allowed simultaneous CLI sessions on the system. If this value is set to a number below the current number of open CLI sessions, the open sessions will continue until closed. number must be from 2 through 100.
Caution: Use caution when setting this command. Limiting simultaneous CLI sessions prevents authorized users from accessing the system if the maximum number allowed has been reached. The system already limits CLI sessions based on available resources. Additional limitation could have adverse effects.
operator clear-subscriber-one-only
Restricts Operator to clearing only one subscriber session at a time.
trap config-mode
Enables sending an SNMP notification (trap) when a CLI user enters the configuration mode.
Usage
Control the number of simultaneous CLI sessions on the system at any given time.
Important: The maximum number of multiple CLI session support is based on the amount of available memory. The Resource Manager, however, reserves enough resources so that a minimum of 15 CLI sessions are assured for ASR 5000s. One of the CLI sessions is reserved for use exclusively by a CLI session on an SPIO console interface. Additional CLI sessions beyond the pre-reserved set are permitted if sufficient SMC resources are available. If the Resource Manager is unable to reserve resources for a CLI session beyond those that are pre-reserved, administrative users are prompted as to whether or not the system should attempt to create the new CLI session even without reserved resources.
Example
The following command sets the number of allowed simultaneous CLI sessions to 5.
cli max-sessions 5
The following command sets the command monitor protocol to administrator-only
cli access monitor-protocol administrator
 
clock
Configures system clock timezone and what local time zone to use.
Product
All
Privilege
Security Administrator, Administrator
Syntax
clock timezonetz[ local ]
no clock timezone
no
Resets the system timezone to the system default UTC.
tz
Specifies the system time zone to use as one of:
local
Indicates the timezone specified by tz is to be considered the local time zone for local time display and conversion.
Usage
Clock and timezone management is necessary for proper accounting records. The chassis may be set to display a different local time than that of the system clock which allows accounting records to use the system time but to display the proper local time for users.
Example
clock timezone utc
clock timezone us-indiana local
no clock timezone
 
congestion-control
Enables/disables congestion control support on the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
congestion-control policy
default congestion-control
no congestion-control
default
Sets the congestion control to its default value.
no
Disables congestion-control functionality. This is the default setting.
Usage
Congestion control on the system is used to monitor the system for conditions that could potentially degrade performance when the system is under heavy load. Typically, these conditions are temporary (i.e high CPU or memory utilization) and are quickly resolved. However, continuous or large numbers of these conditions within a specific time interval may impact the system’s ability to service subscriber sessions. The purpose of congestion control is to aid in the identification of such conditions and invoke policies for addressing the situation.
Congestion control operation is based on the configuration of the following:
Congestion condition thresholds: Thresholds dictate the conditions for which congestion control is to be enabled and establish limits for defining the state of the system (congested or clear). These thresholds function in a similar fashion to the operation thresholds that can be configured for the system (as described in later in this chapter). The primary difference is that when these thresholds are reached, not only is an SNMP trap generated (starCongestion), but a service congestion policy is invoked as well.
A threshold tolerance is configured to dictate the percentage under the configured threshold that must be reached in order for the condition to be considered “cleared”. An SNMP trap (starCongestionClear) is then triggered.
Service congestion policies: Congestion policies are configurable for each service (PDSN, GGSN, or HA). These policies dictate how services respond should the system detect that a congestion condition threshold has been crossed.
Because congestion control functionality on the system is disabled by default, this command should be executed once congestion-control thresholds and policies have been configured. (Refer to the congestion-control policy and congestion-control threshold commands for more information.)
 
congestion-control overload-disconnect
This command enables and disables the policy for disconnecting passive calls (chassis-wide) during an overload situation. It also configures and fine-tunes the overload-disconnect congestion control policy for an entire chassis.
To verify the congestion-control configuration use show congestion-control configuration from the Exec mode.
To set overload-disconnect policies for individual subscribers., see overload-disconnect in Subscriber Configuration Mode Commands.
Product
All
Privilege
Security Administrator, Administrator
Syntax
congestion-control overload-disconnect [ iterations-per-stage integer | percent percentage_value| threshold { license-utilizationpercentage_value| max-sessions-per-service-utilizationpercentage_value | tolerance number } ]
default congestion-control overload-disconnect [ iterations-per-stage | percent | threshold { license-utilization | max-sessions-per-service-utilization | tolerance } ]
no congestion-control overload-disconnect
iterations-per-stage integer
An integer between 2 and 8. This value defines the number of calls to be disconnected during the defined number of seconds. The default value for this keyword is 8.
percent percentage_value
An integer between 1 and 100 specifies the percentage of calls to be disconnected, in stages, during an overload situation. The default value is 5.
threshold
license-utilization: An integer value between 1 and 100 that specifies the license-utilization percentage threshold for overload situations. If candidates are available, passive calls are disconnected when this threshold is exceeded. The default value is 80.
max-sessions-per-service-utilization: An integer value between 1 and 100 that specifies a percentage of the maximum sessions per service. If candidates are available, passive calls are disconnected when this threshold is exceeded. The default value is 80.
tolerance: An integer between 1 and 25 that specifies the percentage of calls the system disconnects below the values set for the other two thresholds. In either case, a Clear Traps message is sent after the number of calls goes below the corresponding threshold value. The tolerance default value is 10.
default
When ‘default’ and one of the keywords is added to the command, then the policy remains in its current state and the value for the specified keyword is reset to its default value.
When ‘default’ and the command are entered without keywords, then the overload-disconnect policy for congestion control is disabled.
no congestion-control overload-disconnect
Disables the overload-disconnect policy for congestion control.
Usage
Use this command to set the policy for call disconnects when the chassis experiences call overload.
Example
The following command sets an overload-disconnect policy for the chassis in which 5 calls would be disconnected very 5 seconds during an overload situation.
congestion-control overload-disconnect interations-per-stage 5
Both of the following commands disable the overload-disconnect policy without changing the policy configuration.
default congestion-control overload-disconnect
or
no congestion-control overload-disconnect
To instruct the system to stop call disconnects when the number of calls goes down 85% of the total allowed calls for that service, enter both of the following commands to set the max-sessions-per-service-utilization value to 90% and the tolerance value to 5%:
congestion-control overload-disconnect threshold max-sessions-per-service -utilization 90congestion-control overload-disconnect threshold tolerance 5
 
congestion-control policy
Configures congestion control policies.
Product
All
Privilege
Security Administrator, Administrator
Syntax
default congestion-control policy {asngw-service� | asnpc-service | ggsn-service |ha-service | lns-service | mipv6ha-service | pdsn-servicepdg-service | pdif-service || sgsn-service}
default congestion-control policy service
Sets the congestion policy action for the selected service to its default value.
asngw-service
Sets the congestion policy action for the ASN GW service.
asnpc-service
Sets the congestion policy action for the ASN PC-LR service.
cscf-service
Sets the congestion policy action for the CSCF service.
ggsn-service
Sets the congestion policy action for the GGSN service.
ha-service
Sets the congestion policy action for the HA service.
lma-service
Sets the congestion control policy action for the LMA service
lns-service
Sets the congestion policy action for the LNS service.
mipv6ha-service
Sets the congestion policy action for the MIPv6-HA service.
mme-service
Sets the congestion control policy for action to take when subscriber sessions exceeds the defined threshold limit.
For MME type of session/calls redirect action is not supported.
pdg-service
Sets the congestion policy action for the PDG service.
pdif-service
Sets the congestion policy action for the PDIF service.
pdsn-service
Sets the congestion policy action for the PDSN service.
sgsn-service
Sets the congestion policy action for the SGSN service.
action { drop | none | redirect | reject }
Defines what policy action is taken:
drop: Specifies that the system is to drop incoming packets containing new session requests. (PDSN, GGSN, ASN GW, LMA, MME, and ASN PC and HA only)
none: Specifies that the system is take no action. This is the default for PDIF-service.
redirect: Specifies that the system is to redirect new session requests to an alternate device. (PDSN and HA only)
Important: If this option is used, the IP address of the alternate device must be configured using the policy overload redirect command that is part of the service configuration. Note that this option can not be used in conjunction with GGSN and MME services.
reject: Specifies that the system processes new session request messages and responds with a reject message. (For PDSN and HA, the reply code is 130, “insufficient resources”. For the GGSN, the reply code is 199, “no resources available”.)
Usage
Congestion policies can be configured for each service. When congestion control functionality is enabled, these policies dictate how services respond should the system detect that a congestion condition threshold has been crossed.
Example
The following command configures a congestion control policy of reject for PDSN services:
congestion-control policy pdsn-service action reject
The following command configures a congestion control policy of reject for MME services:
congestion-control policy mme-service action reject
 
congestion-control threshold
Configures the congestion control threshold values that are to be monitored.
Product
All
Privilege
Security Administrator, Administrator
Syntax
congestion-control threshold { license-utilizationpercent| max-sessions-per-service-utilization percent| message-queue-utilizationpercent| message-queue-wait-timetime| port-rx-utilizationpercent| port-specific {slot/port| all} [tx-utilizationpercent] [rx-utilizationpercent] | port-tx-utilizationpercent| service-control-cpu-utilizationpercent| system-cpu-utilizationpercent| system-memory-utilizationpercent| tolerancepercent }
default congestion-control threshold { license-utilization | max-sessions-per-service-utilization| message-queue-utilization| message-queue-wait-time | port-rx-utilization | port-specific | tx-utilization | rx-utilization | port-tx-utilization|service-control-cpu-utilization | system-cpu-utilization | system-memory-utilization | tolerance }
no congestion-control threshold port-specific {slot/port| all}
no congestion-control threshold port-specific {slot/port| all} [rx-utilizationpercent] [tx-utilizationpercent]
no congestion-control threshold { message-queue-utilization | message-queue-wait-time | port-rx-utilizationpercent |port-tx-utilizationpercent |service-control-cpu-utilization | system-cpu-utilization | system-memory-utilization }
default congestion-control threshold keyword
Sets the threshold keyword to its default value.
no congestion-control threshold port-specific { slot/port | all }
This command disables port specific threshold monitoring on the specified port or on all ports.
slot/port: Specifies the port for which port specific threshold monitoring is being configured. The slot and port must refer to an installed card and port.
all: Set port specific threshold monitoring for all ports on all cards.
license-utilization percent
Default: 100
The percent utilization of licensed session capacity as measured in 10 second intervals.
percent can be configured to any integer value from 0 to 100.
max-sessions-per-service-utilization percent
Default: 80
The percent utilization of the maximum sessions allowed per service as measured in real-time. This threshold is based on the maximum number of sessions or PDP contexts configured for the a particular service. (Refer to the bind command for the PDSN, GGSN, SGSN, or HA services.)
percent can be configured to any integer value from 0 to 100.
message-queue-utilization percent
Default: 80
The percent utilization of the Demux Manager software task’s message queue as measured in 10 second intervals. The queue is capable of storing a maximum of 10000 messages.
percent can be configured to any integer value from 0 to 100.
message-queue-wait-time time
Default: 5
The maximum time (in seconds) messages can be held in queue as measured by packet time stamps.
time is measured in seconds and can be configured to any integer value from 1 to 30.
Important: In the event that this threshold is crossed, an SNMP trap is not triggered. In addition, the service congestion policy invocation resulting from the crossing of this threshold is enforced only for the packet that triggered the action.
[no] port-rx-utilization percent
Default: 80
The average percent utilization of port resources for all ports by received data as measured in 5 minute intervals.
percent can be configured to any integer value from 0 to 100.
[no] port-specific {slot/port | all} [rx-utilization percent] [tx-utilization percent]
Default: Disabled
Sets port-specific thresholds. If you set port-specific thresholds, when any individual port-specific threshold is reached, congestion control is applied system-wide.
slot/port: Specifies the port for which port-specific threshold monitoring is being configured. The slot and port must refer to an installed card and port.
all: Set port specific threshold monitoring for all ports on all cards.
rx-utilization percent: Default 80%. The average percent utilization of port resources for the specified port by received data as measured in 5 minute intervals. percent must an integer from 0 through 100.
tx-utilization percent: Default 80%. The average percent utilization of port resources for the specified port by transmitted data as measured in 5 minute intervals. percent must be an integer from 0 through 100.
[no] port-tx-utilization percent
Default: 80
The average percent utilization of port resources for all ports by transmitted data as measured in 5 minute intervals.
percent can be configured to any integer value from 0 to 100.
service-control-cpu-utilization percent
Default: 80
The average percent utilization of CPUs on which a Demux Manager software task instance is running as measured in 10 second intervals.
percent can be configured to any integer value from 0 to 100.
system-cpu-utilization percent
Default: 80
The average percent utilization for all PSC/PSC2 CPUs available to the system as measured in 10 second intervals.
percent can be configured to any integer value from 0 to 100.
This threshold setting can be disabled with no congestion-control threshold system-cpu-utilization command. In case later you want to enable the same threshold setting congestion-control threshold system-cpu-utilization command will enable the CPU utilization threshold to preconfigured level.
system-memory-utilization percent
Default: 80
The average percent utilization of all CPU memory available to the system as measured in 10 second intervals.
percent can be configured to any integer value from 0 to 100.
tolerance percent
Default: 10
The percentage under a configured threshold that dictates the point at which the condition is cleared.
percent is an integer value from 0 to 100.
Usage
Thresholds dictate the conditions for which congestion control is to be enabled and establish limits for defining the state of the system (congested or clear). These thresholds function in a similar fashion to the operation thresholds that can be configured for the system (as described in later in this chapter). The primary difference is that when these thresholds are reached, not only is an SNMP trap generated (starCongestion), but a service congestion policy is invoked as well.
The tolerance parameter establishes the threshold at which the condition is cleared. An SNMP trap (starCongestionClear) is generated for the clear condition, as well.
Example
The following command configures a system CPU utilization threshold of 75%.
congestion-control threshold system-cpu-utilization 75
This setting will remain in configuration unless you specify another threshold value in place of 75. This threshold setting can be disabled with no congestion-control threshold system-cpu-utilization command but can not be removed from configuration. Later if you want to enable the previously configured threshold value of 75 percent you only need to enter congestion-control threshold system-cpu-utilization command without specifying any threshold value and it will enable the CPU utilization threshold to preconfigured level of 75 percent.
For example, no congestion-control threshold system-cpu-utilization will disable the configured threshold setting and congestion-control threshold system-cpu-utilization will again enable the threshold setting of 75%.
The following command configures a threshold tolerance of 5%:
congestion-control threshold tolerance 5
In the above examples, the starCongestion trap gets triggered if the system CPU utilization goes above 75% and the starCongestionClear trap gets triggered if it reaches or goes below 70%.
 
content-filtering category database directory
This command configures the base directory to be used for storing all content-rating databases that are required for Category-based Content Filtering application.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
content-filtering category database directory pathdirectory_path
default content-filtering category database directory path
default
Specifies the default base directory and directory path for Category-based Content Filtering application.
directory_path
Default: /pcmcia1/cf
Specifies the base directory and its path to store all of the full or incremental content rating databases for the Category-based Content Filtering application.
directory_path must be an alpha and/or numeric string of 1 through 255 characters in length.
Usage
Use this command to specify the directory and its path to download all full or incremental category-rating databases to be used for the Category-based Content Filtering application.
Merging of incremental database can be done as part of the database upgrade process preformed with upgrade content-filtering category database command in the Executive Mode.
Example
The following command configures the /flash/cf_temp/DB as base directory to download all full and incremental content-rating databases for content filtering application.
content-filtering category database directory path /flash/cf_temp/DB
 
content-filtering category database max-versions
This command configures the number of full content-rating databases to maintain/archive in the base directory for category-based content filtering application.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
content-filtering category database max-versions num_archive
default content-filtering category database max-versions
default
Sets the default number of full databases for specified directory path/location.
num_archive
Default: 2
Specifies the maximum number of database to be archived or maintained in the specific location.
num_archive must be an integer between 1 and 3.
Usage
Use this command to set the number of full content-rating database to be maintained in the specified directory path with the base file name specified using the content-filtering database override file command. Note that the specified directory path is the location specified using the content-filtering category database directory path command.
Example
The following command configures the system to maintain 3 full content-rating databases for category-based content filtering application.
content-filtering category database max-versions 3
 
content-filtering category database override
This command specifies the name of a file to be used by the category-rating database load process for category-based content filtering application.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
content-filtering category database override filefile_name.extension
default content-filtering category database override file
default
Sets the default content rating database file name; i.e. optcmd.bin.
file file_name.extension
Specifies the header of the file in the database directory path location to determine the newest full database.
file_name must be an alpha and/or numeric string of up to 10 characters with an extension of 3 character after a period (.) as extension.
Usage
Use this command to configure the category-rating database file name to determine the newest version of full database. A process called “LOAD_DATABASE” invokes during the system startup or the database upgrade process by upgrade content-filtering category database command in Executive Mode. This process examines the header of each of the files in the database folder specified by content-filtering category directory path command in this mode.
Note that by default system examines the header of those files only which begins with the string “OPTCMDB” and having extension “.bin”.
Example
The following command configures the system to examine the header of files that begins with CF_sta.DB only for content filtering application.
content-filtering category database override file CF_sta.DB
 
context
Enters the context configuration mode or is used to add or remove a specified context.
Product
All
Privilege
Security Administrator, Administrator
Syntax
contextname[ -noconfirm ]
no contextname
no
Removes the specified context from the configuration.
name
Specifies the name of a context to enter, add, or remove. When creating a new context, the context name must be unique, it may not be the same as any existing context or any domain specified within any context.
Important: When creating a new context, the context name specified must not conflict with the name of any existing context or domain names.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Configure contexts or remove obsolete contexts.
Important: A maximum of 64 contexts may be created.
Example
context sampleContext
no context sampleContext
 
crash enable
Enables/disables the copying of crash data to a specified location.
Product
All
Privilege
Security Administrator, Administrator
Syntax
crash enable [ encrypted ] urlcrash_url [ filename-pattern pattern ] [ restrictmbyte ]
no crash enable
no
Removes the specified context from the configuration.
Important: System crash information is generated and stored in the crash list even when the no keyword is specified. The information maintained in the crash lists is minimal crash information when the no keyword has been specified.
encrypted
The URL specified is in an encrypted format for security reasons.
filename-pattern pattern
The filename-pattern is a string containing any or all of the following variables:
%hostname% - The system hostname.
%ip% - A SPIO IP address
%cpu% - CPU number
%card% - Card number
%time% - POSIX timestamp in hexadecimal notation
%filename% - Alias for crash-%card%-%cpu%-%time-core%
%% - A single % sign
If no pattern is specified the result is the same as the pattern filename.
Use '/' characters in the filename pattern part to store crashes in per-system subdirectories.
url crash_url
Specifies the location to store crash files. crash_url may refer to a local or a remote file. crash_url must be entered using one of the following formats:
tftp://{host[:port#]}[/directory]/
[ftp:|sftp:]//[username[:password]@] {host}[:port#][/directory]/
tftp://{host[:port#]}[/directory]/
[ftp:|sftp:]//[username[:password]@] {host}[:port#][/directory]/
Important: Use of the SMC hard drive is not supported in this release.
directory is the directory name.
filename is the actual file of interest.
username is the user to be authenticated.
password is the password to use for authentication.
host is the IP address or host name of the server.
port# is the logical port number that the communication protocol is to use.
restrict mbyte
Default: 128
Specifies a maximum amount of memory to use for storing crash files where mbyte is in megabytes and must be in the range from 1 through 128 megabytes.
The restrict keyword is only applicable to local URLs.
Usage
Enable crashes if there are systems that are not stable and the crash information will be useful for trouble shooting. The remote storage of the crash file reduces the memory utilized on the chassis.
Example
crash enable ftp://remoteABC/pub/crash.dmp
crash enable /flash/pub/data/crash.dmp restrict 64
no crash enable
 
cs-network
This command creates/removes an HNB-CS network configuration instance for Femto UMTS access over Iu-CS/Iu-Flex interface between Home NodeB Gateway (HNB-GW) service and CS networks elements; i.e. MSC/VLR. This command also configures an existing HNB-CS network instance and enters the HNB-CS Network Configuration mode on a system.
Product
HNB-GW
Privilege
Administrator
Syntax
cs-network cs_instance [-noconfirm]
no cs-network cs_instance
no
Removes the specified HNB-CS network instance from the system.
Caution: Removing the HNB-CS network instance is a disruptive operation and it will affect all UEs accessing MSC(s) configured in specific CS core network through the HNB-GW service.
Caution: If any HNB-CS Network instance is removed from system all parameters configured in that mode will be deleted and Iu-CS/Iu-Flex interface will be disabled.
cs_instance
Specifies the name of the Circuit Switched Core Networks instance which needs to be associated with HNB Radio Network PLMN in HNB RN-PLMN configuration mode. If cs_instance does not refer to an existing HNB-PS network instance, the new HNB-CS network instance is created.
cs_instance must be from 1 to 63 alpha and/or numeric characters.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to enter the HNB-CS Network Configuration mode for an existing CS network instance or for a newly defined HNB-CS network instance. This command is also used to remove an existing HNB-CS network instance.
This configuration enables/disables the Iu-CS/Iu-Flex interface on HNB-GW service with CS core network elements; i.e. MSC/VLR.
A maximum of 8 HNB-CS network instance can be configured on a system which is further limited to a maximum of 256 services (regardless of type) can be configured per system.
Caution: This is a critical configuration. The HNBs can not access MSC(s) in CS core network without this configuration. Any change to this configuration would lead to disruption in HNB access to CS core network.
Entering this command results in the following prompt:
[context_name]hostname(config-cs-network)#
The various parameters available for configuration of an HNB-CS network instance are defined in the HNB-CS Network Configuration Mode Commands chapter of Command Line Interface Reference.
Example
The following command enters the existing HNB-CS Network configuration mode (or creates it if it doesn’t already exist) for the instance named hnb-cs1:
cs-network hnb-cs1
The following command will remove HNB-CS network instance hnb-cs1 from the system without any warning to operator:
no cs-network hnb-cs1
 
css acsmgr-selection-attempts
 
This is a restricted command. In Release 9.0 and later, this command is obsoleted.
 
css delivery-sequence
 
This is a restricted command. In Release 9.0 and later, this command is obsoleted.
 
css service
 
This is a restricted command. In Release 9.0 and later, this command is obsoleted.
 
default
Restores the system default values for the specified parameters.
Product
All
Privilege
Security Administrator, Administrator
Syntax
default { aaa { domain-matching | username-format }| autoconfirm | banner [ lawful-intercept | motd | pre-login ] | boot [ delay | interface | nameserver | networkconfig ] | card-standby-priority | cli max-sessions | congestion-control | logging { display | filter runtime } | operational-mode | pac-standby-priority | qos npu inter-subscriber traffic { bandwidth | priority[ assigned-to dscp { af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | ef } ] } | require session recovery | snmp { engine-id | notif-threshold } | system hostname | task { facility sessmgr start | resource cpu-memory-low } | threshold { value } | timestamps | upgradelimit [ time ] [ usage] }
aaa { domain-matching | username-format}
domain-matching - Resets the system to consider case when matching domains.
username-format - Resets the username format to the default of username @
autoconfirm
Restores the autoconfirm behavior to its default of disabled.
banner
lawful-intercept - Restores the system default message of the day for SSH CLI sessions.
motd - Restores the system default message of the day banner.
pre-login - Restores the CLI log in banner to the system default.
boot [delay | interface | nameserver | networkconfig]
interface | networkconfig - Restores the default boot interface and network configuration options. The keywords interface and networkconfig are used to restore the default option settings for the interface and network configuration options, respectively.
Defaulting the network configuration boot option removes the network boot option from the boot.sys file. It does not remove the network config options from the configuration file which is managed separately from the boot.sys file.
delay - Removes the boot delay setting (if any). The default for boot delay is “no boot delay”.
nameserver - Removes the nameserver IP address.
card-standby-priority
Resets the standby priority of the Packet Services Cards.
cli max-sessions
Restores the default value of this command to no cli max-sessions which removes the limit on the number of allowed simultaneous CLI sessions on the system.
congestion-control
Restores the system’s congestion-control functionality to its default setting of disabled.
logging {display | filter runtime}
display: sets the default level of detail to display for trace log information to the system default.
filter runtime: resets the filtering of logged information to log in real time.
operational-mode
Sets the operational mode of the chassis to the system default.
pac-standby-priority
This parameter has been replaced by the card-standby-priority keyword.
qos npu inter-subscriber traffic {bandwidth | priority [ assigned-to dscp { af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | ef } ] }
Restores the following NPU QoS parameters to their default values:
priority : All DSCP values are mapped to the best-effort priority queue but are not configured.
require session recovery
Resets the session recovery feature to its default setting of disabled.
snmp { engine-id | notif-threshold | system hostname | timestamps }
engine-id: restores the SNMP engine ID to the system default.
notif-threshold: restores the SNMP notification threshold to the system default.
task { facility sessmgr start | resource cpu-memory-low }
facility sessmgr start: Restores the default session manager start policy.
resource cpu-memory-low: Resets the system so that when a CPU runs very low on memory (below 12MB) the most over limit task is killed.
system hostname
Sets the system host name for SNMP use to the system default value.
threshold { value }
Restores thresholding values to their default setting. The possible values are:
10sec-cpu-utilization: CPU utilization using a 10 sec average.
aaa-acct-failure: AAA accounting failure threshold settings
aaa-acct-failure-rate: AAA accounting failure rate threshold settings
aaa-auth-failure: AAA authentication failure threshold settings
aaa-auth-failure-rate: AAA authentication failure rate threshold settings
aaa-retry-rate: AAA retry rate threshold settings
call-reject-no-resource: Calls rejected due to no resources threshold settings
call-setup: Calls setup threshold settings
call-setup-failure: Call setup failure threshold settings
cpu-available-memory: CPU available memory threshold settings
cpu-load: PSC/PSC2 CPU load using a 5 minute average measurement
cpu-memory-usage: Percentage of total CPU memory usage
cpu-session-throughput: CPU session throughput threshold settings
cpu-utilization: CPU utilization threshold settings
license: Session license threshold settings
model: Thresholding model settings
monitoring: Threshold monitoring configuration settings
packets-filtered-dropped: Filtered/dropped packet threshold settings
packets-forwarded-to-cpu: Forwarded packet threshold settings
per-service-ggsn-sessions: The number of GGSN sessions per GGSN service
per-service-gprs-sessions: The number of GPRS sessions per GPRS service
per-service-gprs-pdp-sessions: The number of PDP contexts per GPRS service
per-service-ha-sessions: The number of HA sessions per HA service
per-service-lns-sessions: The number of LNS sessions per LNS service
per-service-pdsn-sessions: The number of PDSN sessions per PDSN service
per-service-sgsn-sessions: The number of SGSN sessions per SGSN service
per-service-sgsn-pdp-sessions: The number of PDP contexts per SGSN service
poll: Threshold polling interval configuration settings
total: Total subscriber threshold settings
total-ggsn-sessions: Total GGSN sessions for all GGSN services in the system
total-gprs-sessions: Total GPRS sessions per for all GPRS services in the system
total-gprs-pdp-sessions: Total PDP contexts for all GPRS services in the system
total-ha-sessions: Total HA sessions for all HA services in the system
total-lns-sessions: Total LNS sessions for all LNS services in the system
total-pdsn-sessions: Total PDSN sessions for all PDSN services in the system
total-sgsn-sessions: Total SGSN sessions per for all SGSN services in the system
total-sgsn-pdp-sessions: Total PDP contexts for all SGSN services in the system
timestamps
Resets the inclusion of timestamps in command.
upgrade limit [ time ] [ usage ]
Sets upgrade limit values to the defaults. If the optional keywords are not specified all values are reset to their defaults.
time: Resets the maximum time a session may exist during a software upgrade to the default of 120.
usage: Resets the minimum number of sessions before closing the sessions during a software upgrade to the system default of 100.
Usage
Restore system defaults to aid in trouble shooting or just prior to modifying additional configuration options.
Example
default banner motd
default boot
default logging display
default system hostname
default upgrade limit time
 
diameter-proxy ram-disk-limit
This command configures the amount of extra RAM disk space in MB to be allocated to Diamproxy task when local storage (hard disk) is enabled.
Product
SGW, PGW, HSGW
Privilege
Security Administrator, Administrator
Syntax
diameter-proxy ram-disk-limit mb space_mb
default diameter-proxy ram-disk-limit mb
default
Configures the default setting.
Default: 32 MB
mb space_mb
Specifies the storage space in MB.
space_mb must be an integer from 10 through 256.
Usage
Specifies the additional storage space to be allocated to Diamproxy for file write, in MB. The specified memory in MB is added to the existing memory allocated to Diamproxy only if HDD storage is enabled. By default, 32 MB is additionally allocated.
Example
The following command specifies that 100 MB of additional storage space be allocated tot he Diamproxy task:
diameter-proxy ram-disk-limit mb 100
 
end
Exits the configuration mode and returns to the Exec mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
end
Usage
Change the mode back to the Exec mode.
 
enforce imsi-min equivalence
Enables the PDSN/HA to treat IMSI and MIN as the same for identifying the PDSN/HA session.
Product
PDSN, HA
Privilege
Security Administrator, Administrator
Syntax
enforce imsi-min equivalence
[ no | default ] enforce imsi-min equivalence
[ no | default ]
Disables the PDSN/HA from treating IMSI and MIN as the same for identifying the PDSN/HA session.
Default: Disabled.
Usage
Generally on an HA, the IMSI and MIN are treated as different and hence the RRQs with 1x and DO PDSNs are processed as different sessions. You can use this feature to treat the IMSI and MIN with the matching lower 10-digit as the same for identifying a session. The 10-digit MIN and the 15-digit IMSI are treated as equivalent for the purpose of matching sessions if the lower 10 digits are the same. Any handoff from 1x to DO or vice-versa is treated as the same session if the NAI and HoA also match. If the NAI and/or HoA do not match, then the duplicate IMSI session detect and terminate feature is applicable.
Generally on a PDSN, the IMSI and MIN are treated as different and hence RP messages from 1x and DO PDSNs are processed as different sessions. You can use this feature to treat the IMSI and MIN with the matching lower 10-digit as the same for identifying a session. The 10-digit MIN and the 15-digit IMSI are treated as equivalent for the purpose of matching PDSN sessions if the lower 10 digits are the same. Any handoff from 1x to DO or vice-versa is treated as the same session.
Example
To monitor or clear subscriber session information filtered by on IMSI/MIN refer to the show subscribers msid command.
Important: This command must be executed at startup only and will not take effect when reconfigured without rebooting.
Example
The following command enables the treatment of the IMSI and MIN as the same for identifying the session:
enforce imsi-min equivalence
Either of the following commands disables the treatment of the IMSI and MIN as the same for identifying sessions:
no enforce imsi-min equivalence
default enforce imsi-min equivalence
 
exit
Exits the current mode, global configuration mode, and returns the CLI session to the previous mode, Exec mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
exit
Usage
Return to the Exec mode. This command has the same effect as the end command as the global configuration mode’s parent mode is the Exec mode.
 
gtpp compression-process
This command configures the maximum number of child compression processes that AAA proxy can have. This command is only applicable to the ASR 5000 platform.
Product
GGSN, SGSN
Privilege
Security Administrator, Administrator
Syntax
gtpp compression-processmax_number
default gtpp compression-process
default
Restores the system to the default settings for the number of child compression processes allowed.
max_number
Specifies the maximum number of child processes. The default is 1
max_number: Must be an integer from 1 to 4.
Usage
This command configures the maximum number of child compression processes that AAA proxy can have only if hard disk storage is enabled.
Example
gtpp compression-process 3
 
gtpp ram-disk-limit
This command configures additional storage space to be allocated for writing files. This command is only applicable to the ASR 5000 platform.
Product
GGSN, SGSN
Privilege
Security Administrator, Administrator
Syntax
gtpp ram-disk-limit mb mega_bytes
default gtpp ram-disk-limit
default
Restores the system to the default settings of 32 MB of storage.
mb mega_bytes
Specifies the number of megabytes of storage allocated for files.
mega_bytes: Must be an integer from 10 to 256. The default is 32 MB.
Usage
The memory specified with this command would be added to the existing memory allocated to the AAA proxy only if hard disk storage is enabled.
Example
gtpp ram-disk-limit mb 256
 
gtpp single-source
Configures the system to reserve a CPU for performing a proxy function for accounting.
Product
GGSN, SGSN, P-GW
Privilege
Security Administrator, Administrator
Syntax
gtpp single-source [ centralized-lrsn-creation | private-extensions ]
no gtpp single-source
centralized-lrsn-creation
Defines the LRSN generation at proxy. The AAA proxy will generate the LRSN for all CDR types generated by either the GGSN or the SGSN.
Default: disabled
private-extensions
It is an optional keyword, enables the proprietary use of customer-specific GTPP extensions.
If private-extensions is not configured, all customer specific private extensions related to GTPP message transfer with CGF and recovery through GSS are disabled.
Important: In order for the customer-specific extensions to work properly, the gtpp max-pdu-size command in the Context Configuration Mode should be set to 65400 and the gtpp server command’s max value should be set to “1”.
no
Disables GTPP single-sourcing. This is the default setting.
Caution: Entering this command while PDP contexts are in process could cause the loss of pending CDRs. The configuration must be saved and the chassis reloaded for this option to take effect.
Usage
When GTPP single-sourcing is enabled, the system’s AAA proxy function generates requests to the accounting server using a single UDP source port number, instead of having each AAA Manager generate independent requests with unique UDP source port numbers. This is accomplished by the AAA Managers forwarding their GTPP PDUs to the AAA Proxy function that runs on a reserved PSC/PSC2 CPU. Since a PSC/PSC2 CPU is being reserved, fewer Session Managers and AAA Managers will be started on that PSC.
Caution: This command must be entered prior to the configuration of other services. Specifying it later may return an error due to a lack of CPU availability.
Example
The following command enables GTPP single-sourcing with the use of private GTPP extensions:
gtpp single-source private-extensions
The following command disables GTPP single-sourcing:
no gtpp single-source
 
global-title-translation address-map
Creates an instance of a Global Title Translation (GTT) address-map, a database, for global titles (ISDN-type address) used for SCCP routing. Upon creating the instance, the system enters global title translation address-map configuration mode. For the commands to configuration the database, go to the Global Title Translation Address-Map Configuration Mode chapter in this guide.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
global-title-translation address-mapname
no global-title-translation address-mapname
no
Removes the specified GTT address-map database from the SCCP portion of the configuration.
name
This value uniquely identifies a specific instance of a GTT address-map.
name: must be a string of 1 to 63 alphanumeric characters.
Usage
Create a GTT address-map with a unique identifier and enter the GTT address-map configuration mode.
Example
global-title-translation address-map gtt-map1
 
global-title-translation association
Creates an instance of a Global Title Translation (GTT) association which defines the rules for handling global title translation. Upon creating the instance, the system enters global title translation association configuration mode. For the commands to configure the rules, go to the Global Title Translation Association Configuration Mode chapter in this guide.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
global-title-translation associationname
no global-title-translation associationname
no
Removes the specified instance of a GTT association from the SCCP portion of the configuration.
name
This value uniquely identifies a specific instance of a GTT association.
name: must be a string of 1 to 63 alphanumeric characters.
Usage
Create a GTT association with a unique identifier and enter the GTT association configuration mode.
Example
global-title-translation association gtt-assoc1
 
hd raid
Provides access to a local RIAD hard drive configuration mode in order to manage parameters supporting local storage of records.
Product
All
Privilege
Security Administrator, Administrator
Syntax
hd raid
raid
Provides access to the HD RAID configuration mode in order to manage the RAID on the ASR 5000 SMC hard drive.
Usage
Enters the HD RAID configuration mode.
Entering this command results in the following prompt:
[context_name]hostname(config-hd-raid)#
HD RAID Configuration Mode commands are defined in the HD RAID Configuration Mode Commands chapter.
Example
The following command opens the hd-raid mode:
hd raid
 
hd storage-policy
Provides access to the local hard drive configuration mode in order to manage parameters supporting local storage of records.
Product
GGSN, SGSN, HSGW, P-GW, S-GW
Privilege
Administrator
Syntax
hd storage-policy name
no hd storage-policy name
no
Removes a configured HD storage policy from the system.
storage-policy name
Specifies a name for an HD storage policy and enters the HD Storage Policy Configuration Mode. name must be from 1 to 63 alpha and/or numeric characters.
Usage
Creates a new policy or specifies an existing policy and enters the HD Storage Policy Configuration Mode.
Entering this command results in the following prompt:
[context_name]hostname(config-hd-storage-policy)#
HD Storage Policy Configuration Mode commands are defined in the HD Storage Policy Configuration Mode Commands chapter.
Example
The following command creates an HD storage policy named policy3 and enters the HD Storage Policy Configuration Mode:
hd storage-policy policy3
 
high-availability
Configures PSC/PSC2 task failure detection speed.
Product
PDSN, GGSN, ASN GW
Privilege
Security Administrator, Administrator
Syntax
high-availability fault-detection speed { agressive | normal }
default high-availability fault-detection speed
{ agressive | normal
Default: normal
aggressive: Initiates PSC failover without performing additional checks.
normal: Initiates PSC failover after additional checks are performed.
Usage
Use this command to increase the fault detection speed for faster switchovers after a PSC/PSC2 task failure.
Setting fault detection speed to aggressive will trigger PSC/PSC2 failover as soon as possible if a potential failure is detected. Aggressive mode will reduce the duration of subscriber outages caused by a failed PSC/PSC2 if session recovery is enabled.
Aggressive mode also bypasses most information gathering steps and logs that can be used to determine the root cause of the failure.
In normal mode, additional checks are performed before triggering a PSC/PSC2 failover to ensure the card has actually failed. In aggressive mode these checks are bypassed so that session recovery can start as soon as possible. These additional checks reduce the likelihood of a false positive failure.
Example
The following command sets the fault detection speed for PSC/PSC2/tasks to aggressive:
high-availability fault-detection speed agressive
 
license
Configures the session license key.
Product
All
Privilege
Security Administrator, Administrator
Syntax
license keykey_value [ -force ] session-limit
no license keykey_value [ -force ] session-limit
no
Removes the license key(s) installed.
key key_value
Installs the license key specified by key_value. key_value is provided by Cisco Systems operations staff.
session-limit
Use this keyword to suppress fail-over calls from being rejected if the licensed threshold is crossed.
Important: This is a customer-specific command that is available for HA, PDSN, EHA, and PDIF. Please contact your local sales representative for more information.
-force
Sets the license key even if resources are not available. The system supports the dynamic resizing of demultiplexor software tasks based on the licensed session capacity and feature type. When installing a license, the system automatically attempts to resize currently functioning tasks. Warning messages are displayed if there is an issue. Though it’s use is not recommended, the -force keyword can be used to suppress these warning messages.
Caution: Use of this option is not recommended.
Usage
Install or update system session keys when necessary due to expiration and/or capacity needs.
Example
license key sampleKeyValue
no license key
 
line
Enters the terminal display line configuration mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
line
Usage
Change the terminal display configuration based upon the users own terminal characteristics.
 
local-user allow-aaa-authentication
Enables/disables the use of administrative accounts other than local-user administrative accounts.
Product
All
Privilege
Security Administrator, Administrator
Syntax
local-user allow-aaa-authentication
no local-user allow-aaa-authentication
default local-user allow-aaa-authentication
no
Disables administrative user accounts other than local-user accounts.
default
Returns this parameter to its default setting of enabled.
Usage
Local-user administrative accounts are separate from other administrative user accounts configured at the context level (Security Administrator, Administrator, Operator, and Inspector).
Context-level administrative users rely on the system’s AAA subsystems for validating user names and passwords during login. This is true for both administrative user accounts configured locally through a configuration file or on an external RADIUS server.
Since the T1.276-2003 password security mechanisms are supported only for local-user administrative accounts and not for the AAA-based administrative accounts, this command provides a mechanism for disabling AAA-based administrative accounts.
By default, AAA-based administrative accounts are allowed.
Example
The following command forces the system to authenticate local-user accounts based only on the information in the security account file on its CompactFlash:
no local-user allow-aaa-authentication
 
local-user lockout-time
Configures the lockout period for local-user administrative accounts.
Product
All
Privilege
Security Administrator, Administrator
Syntax
local-user lockout-time time
default local-user lockout-time
default
Restores the parameter to its default setting.
time
Default: 60
The amount of time that must elapse before a previously locked-out local-user account can attempt to login again. time is measured in minutes and can be configured to any integer value between 1 and 10080.
Usage
Local-user administrative accounts can become locked for reasons such as exceeding the configured maximum number of login failures.
Once an account is locked, this parameter specifies the lockout duration. Once the amount of time configured by this parameter has elapsed, the local-user can once again attempt to login.
Example
The following command configures a lockout time of 120 minutes (2 hours):
local-user lockout-time 120
 
local-user max-failed-logins
Configures the maximum number of failed login attempts a local-user can have before their account is locked out.
Product
All
Privilege
Security Administrator, Administrator
Syntax
local-user max-failed-loginsnumber
no local-user max-failed-logins
default local-user max-failed-logins
no
Disables this functionality.
default
Restores this parameter to its default setting.
number
Default: 5
Specifies the maximum number of times a local-user could experience a login failure before their account is locked out. number can be configured to any integer value between 2 and 100.
Usage
This command configures the maximum number of failed login attempts a local-user can have before their account is locked out. For example if, this parameter is configured to “3” then after the third failed login attempt, the account would be locked.
Important: Local-user accounts can be configured to either enforce or reject a lockout due to the maximum number of failed login being reached. Refer to the local-user username command for more information.
Refer to the local-user lockout-time command for more information.
Example
The following command configures a maximum of three login attempts:
local-user max-failed-logins 3
 
local-user password
Configures local-user administrative account password properties.
Product
All
Privilege
Security Administrator, Administrator
Syntax
local-user password { [ complexity { ansi-t1.276-2003 | none } ] [ history length number [ duration days ] ] [ max-age days ] [ min-change-char number ] [ min-change-interval days ] [ min-length number ] }
no local-user password { [ history ] [ max-age ] [ min-change-interval ] }
default local-user password { [ complexity ] [ history ] [ max-age ] [ min-change-char ] [ min-change-interval ] [ min-length ] }
no
Disables the specified parameter.
default
Restores the specified parameter to its default setting.
[ complexity { ansi-t1.276-2003 | none } ]
Default: ansi-t1.276-2003
Specifies the password strength as one of the following:
ansi-t1.276-2003: If this option is selected, then the following rules are enforced:
none: No additional password checks are performed.
[ history length number [ duration days ] ]
Default: length is 5
Specifies the number of previous password entries kept in the history list maintained by the system. A password can not be reused if it is one of the entries kept in the history list unless the time it was last used was more than the number of days specified by the duration keyword.
If the duration keyword is not used, the only check performed by the system is that it is not in the history list.
number is the number of entries for each account stored in the history list and can be configured to any integer value from 1 to 100. days is the number of days during which a password can not be reused and can be configured to any integer value between 1 and 365.
[ max-age days ]
Default: 90
Specifies the maximum age for a password. Users logging in with a password older than the specified limit are locked out. Once the lockout period expires, at their next login attempt, they are prompted to change their password before accessing the CLI.
Important: Local-user accounts can be configured to either enforce or reject a lockout due to a password’s maximum age being reached. Refer to the local-user username command for more information.
days is the number of days that passwords remain valid and can be configured to any integer value from 1 to 365.
[ min-change-char number ]
Default: 2
Specifies the minimum number of characters that must be changed (in comparison to the current password) when a user changes their password.
Important: Changes in password length are counted as “character” changes. For example: changing a password from “password” to “passwo” is a 2-character change, changing a password from “password” to “password2” is a 1-character change, and changing a password from “password” to “apassword” is a 9-character change.
number is the number of characters and can be configured to any integer value between 0 and 16.
[ min-change-interval days ]
Default: 1
Specifies the frequency that passwords can be changed (other than first login).
days is the minimum number of days that must pass before a user can change their password. It can be configured to any integer value from 1 to 365.
Important: If the no local-user password min-change-interval command is used, users may change their password as often as desired which could allow them to circumvent the password history function.
[ min-length number ]
Default: 8
Specifies the minimum length allowed for user-defined password.
number is the minimum number of alpha and/or numeric characters that the password must contain and can be configured to any integer value between 3 and 32.
Usage
This command is used to set the property requirements for user-defined passwords and system behavior in relation to those passwords.
Information pertaining to user passwords, login failures, and password history are stored on the SMC’s CompactFlash and in the software’s Shared Configuration Task (SCT).
The system uses the information in SCT for runtime operations such as determining password ages and determining if new passwords meet the criteria specified by this command.
Example
The following command configures a minimum password length requirement of 6 characters:
local-user password min-length 6
The following command configures the system to store the 4 most recently used passwords per user-account in the history list:
local-user password history length 4
 
local-user username
Adds/removes local-user administrative accounts.
Product
All
Privilege
Security Administrator, Administrator
Syntax
local-user username name [ authorization-level { administrator | inspector | operator | security-admin } ] [ ecs | noecs ] [ ftp | noftp ] [ timeout-min-absolute time ] [ timeoute-min-idle time ] [ no-lockout-login-failure ] [ no-lockout-password-aging ] password password
no local-user usernamename
no
Removes a previously configured user.
name
Specifies the name of the user. The name must be from 3 to 16 alpha and/or numeric characters in length and is case sensitive.
[ authorization-level { administrator | inspector | operator | security-admin } ]
Default: Operator
Configures the authorization level for the user as one of the following:
administrator: Administrator users have read-write privileges and can execute any command throughout the CLI except for a few security functions allowed only in the administrator mode. Administrators can configure or modify the system and are able to execute all system commands, including those available to the operator and inspector user. This level corresponds to the both the System Administrator and Application Administrator levels in the T1.276-2003.
inspector: Inspector users are limited to a small number of read-only Exec Modecommands.The bulk of these are “show” commands giving the inspector the ability to view a variety of statistics and conditions. The Inspector cannot execute show configuration commands and do not have the privilege to enter the Config Mode.
operator: Operator users have read-only privileges to a larger subset of the Exec Mode commands as depicted in the following figure. Operator users can execute all commands that are part of the inspector mode, plus some system monitoring, statistic, and fault management functions. Operators do not have the ability to enter the Config Mode.
security-admin: Security Administrator users have read-write privileges and can execute any command throughout the CLI. Security Administrators can execute all system commands, including those available to the administrator, operator, and inspector users. This level corresponds to both the System Security Administrator and Application Security Administrator levels in T1.276-2003.
[ ecs | noecs ]
Default: ecs
Specifies whether or not the user has access to configuration parameters pertaining to the Enhanced Charging Service.
ecs: The user has access.
noecs: The user does not have access.
[ ftp | noftp ]
Default: ftp
Specifies whether or not the user is allowed to access the system via the File Transfer Protocol (FTP) and/or the Secure File Transfer Protocol (SFTP).
ftp: The user has access.
noftp: The user does not have access.
[ timeout-min-absolute time ]
Default: 0
Specifics the maximum session time for this user. time is measured in minutes and can be configured to any integer value between 0 and 525600. A value of “0” indicates no limit.
Important: This limit applies only to the user’s CLI sessions.
[ timeout-min-idle time ]
Default: 0
Specifics the maximum idle time for this user. time is measured in minutes and can be configured to any integer value between 0 and 525600. A value of “0” indicates no limit.
Important: This limit applies only to the user’s CLI sessions.
[ no-lockout-login-failure ]
Default: Disabled
Specifies that this user will never be locked out due to login attempt failures.
[ no-lockout-password-aging ]
Default: Disabled
Specifies that this user will never be locked out due to the age of their password.
password password
Specifies the initial password for this user. password must from 6 to 32 alpha and or numeric characters in length in length and is case sensitive.
Important: The user is requested to change their password upon their first login.
Usage
The ability to configure administrative local-users is provided in support of the login security mechanisms specified in ANSI T1.276-2003.
Like administrative users configured at the context level, local-users can be assigned one of 4 security levels:
Local-user configuration support is handled differently from that provided for administrative users configured at the context level.
Context-level administrative users rely on the system’s AAA subsystems for validating user names and passwords during login. This is true for both administrative user accounts configured locally through a configuration file or on an external RADIUS server. Passwords for these user types are assigned once and are accessible in the configuration file.
Local-user account information (passwords, password history, lockout states, etc.) is maintained in non-volatile memory on the CompactFlash module and in the software’s Shared Configuration Task (SCT). This information is maintained in a separate file--not in configuration files used by the system. As such, the configured local-user accounts are not visible with the rest of the system configuration.
Local-user and context-level administrative accounts can be used in parallel.
Example
The following command configures a security-administrator level local-user administrative account for a user named User672 that has FTP privileges, a temporary password of abc123, and that does not lockout due to either login attempt failures or password aging:
local-user username User672 authorization-level security-admin ftp no-lockout-login-failure no-lockout-password-aging password abc123
The following command deletes a previously configured local-user administrative account called admin32:
no local-user username admin32
 
logging
The commands in this section set logging parameters.
 
logging console
Enables the output of logged events to be displayed on the console terminal.
Product
All
Privilege
Security Administrator, Administrator
Syntax
logging console
no logging console
no
Disables the output of events to the console port.
Usage
Log console output to allow for offline review during system monitoring and/or trouble shooting.
 
logging disable
Enables/disables the logging of the specified event ID or range of IDs.
Product
All
Privilege
Security Administrator, Administrator
Syntax
logging disable eventidid [ toto_id ]
no logging disable eventidid [ toto_id ]
no
Indicates the event IDs specified are to be enabled for logging.
eventid id
Specifies the event for which no logging is to occur. id must be a value in the range 1 through 100000.
to to_id
Specifies the end ID of the events when a range of event ID is to be disabled from being logged. to_id must be a value in the range 1 through 100000. The to_id must be equal to or larger than the id specified.
Usage
Disable common events which may occur with a normal frequency are not of interest in monitoring the system for troubles.
Example
The following commands disables the logging of event ID 4580 and the range of events from 4500 through 4599, respectively.
logging disable eventid 4580
logging disable eventid 4500 to 4599
The following enables the subset of disabled event IDs:
no logging disable eventid 4500 to 4549
 
logging display
Configures the level of detail for information to be logged.
Product
All
Privilege
Security Administrator, Administrator
Syntax
logging display [ event-verbosityevt_level ] [ pdu-dataformat ] [ pdu-verbositypdu_level ]
event-verbosity evt_level
Specifies the level of verboseness to use in logging of events as one of:
pdu-data format
Specifies output format for packet data units when logged as one of:
Where none results in the output in raw format, hex results in the output being displayed in hexadecimal format, and hex-ascii results in the output being displayed in hexadecimal and ASCII similar to a main-frame dump.
pdu-verbosity pdu_level
Specifies the level of verboseness to use in logging of packet data units as a value from 1 to 5 where 5 is the most detailed.
Usage
Tune the level of information to be logged so as to avoid flooding a log file with information which is not useful or critical.
Example
The following sets the logging display for events to the maximum.
logging display event-verbosity full
The following command sets the logging display level of detail for packet data units to level 3 and sets the output format to the main-frame style hex-ascii:
logging display pdu-data hex-ascii pdu-verbosity 3
 
logging filter
Configures the logging of events to be done in real time for the specified facility.
Product
All
Privilege
Security Administrator, Administrator
Syntax
logging filter runtime facilityfacilitylevelreport_level [ critical-info | no-critical-info ]
facility facility
Specifies the facility to modify the filtering of logged information for as one of:
a10: A10 interface facility
a11: A11 interface facility
a11mgr: A11 Manager facility
aaa-client: AAA client facility
aaamgr: AAA manager logging facility
aaaproxy: AAA Proxy facility
acl-log: Access Control List logging facility
acsctrl: Active Charging Service (ACS) Controller facility
acsmgr: Active Charging Service (ACS) Manager facility
alarmctrl: Alarm Controller facility
all: All facilities
asf: Voice Application Server Framework logging facility
asfprt: ASF Protocol Task (SIP) logging facility
asngwmgr: ASN Gateway Manager facility
asnlrmgr: ASN Paging/Location-Registry Manager facility
bgp: Border Gateway Protocol (BGP) facility
bssap+: Base Station Sub-system Application Part+ logging facility
bssgp: Base Station Sub-system GPRS Protocol logging facility
cap: Camel Application Part logging facility
chatconf: Voice Chat/Conference logging facility
cli: CLI logging facility
credit-control: Credit Control facility
cscf: IMS/MMD CSCF
cscfmgr: SIP CSCF Manager facility
csp: Card Slot Port controller facility
css: Content Service Selection (CSS) facility
css-sig: Content Service Selection (CSS) RADIUS Signaling facility
dcardctrl: IPSEC Daughter card Controller logging facility (not used at this time)
dcardmgr: IPSEC Daughter card Manager logging facility (Not used at this time)
demuxmgr: Demux Manager API facility
dgmbmgr: Diameter Gmb Application Manager logging facility
dhcpv6: DHCPV6
dhcp: DHCP facility (GGSN product only)
dhost: Distributed Host logging facility
diameter: Diameter endpoint logging facility
diameter-acct: Diameter Accounting
diameter-auth: Diameter Authentication
diameter-ecs: ECS Diameter signaling facility
diameter-svc: Diameter Service
diamproxy: DiamProxy logging facility
dpath: IPSEC Data Path facility
drvctrl: Driver Controller facility
ds3mgr: DS3 Manager logging facility
ecs-css: ACSMGR <-> Session Manager Signalling Interface Logging facility
evlog: Event log facility
famgr: Foreign Agent manager logging facility
firewall: Inline per-subscriber Stateful Firewall facility
gmm: GMM Protocol logging facility
gprs-ns: GPRS-NS Protocol logging facility
gss-gcdr: GTPP Storage Server GCDR facility
gtpc: GTP-C protocol logging facility (GGSN product only)
gtpcmgr: GTP-C protocol Manager logging facility (GGSN product only)
gtpp: GTP-PRIME protocol logging facility (GGSN product only)
gtpu: GTP-U protocol logging facility (GGSN product only)
h248prt: H.248 Protocol logging facility
hamgr: Home Agent manager logging facility
hat: High Availability Task (HAT) process facility
hdctrl: HD Controller logging facility
igmp: IGMP
ikev2: IKEv2
ims-authorizatn: IMS Authorization Service facility
ims-sh: HSS SH Service facility
imsimgr: SGSN IMSI Manager facility
ip-arp: IP Address Resolution Protocol facility
ip-interface: IP interface facility
ip-route: IP route facility
ipsec: IP Security logging facility
ipsg: IP Service Gateway interface logging facility
ipsgmgr: IP Services Gateway facility
ipsp: IP Pool Sharing Protocol logging facility
kvstore: KV Store facility
l2tp-control: L2TP control logging facility
l2tp-data: L2TP data logging facility
l2tpdemux: L2TP Demux Manager logging facility
l2tpmgr: L2TP Manager logging facility
li: Lawful intercept facility (Logs are visible only to system accounts with li-administrator privileges.)
linkmgr: SGSN/SS7 Links Manager facility
llc: Logical Link Control (LLC) Protocol logging facility
m3ua: MTP3 User Adaptation (M3UA) Protocol logging facility
map: Mobile Application Part (MAP) Protocol logging facility
megadiammgr: Megadiameter Manager (SLF Service)
mmgr: Master Manager logging facility
mobile-ip: Mobile IP processes
mobile-ip-data: Mobile IP data facility
mobile-ipv6: Mobile IPv6 control logging facility
mtp3: Message Transfer Part (MTP3) Protocol logging facility
multicast-proxy: Multicast Proxy logging facility
netwstrg: Network Storage facility
npuctrl: Network Processor Unit Control facility
npumgr: Network Processor Unit Manager facility
nsctrl: Charging Service Controller facility (supported in conjunction with ECSv1)
nsmgr: Charging Service Manager facility
nsproc: Charging Service process facility
orbs: Object Request Broker System logging facility
ospf: OSPF logging facility
pdif: PDIF logging facility
pmm-app: PMM application logging facility
ppp: PPP link and packet facilities
ptt: Voice push-to-talk logging facility
push: VPNMGR CDR push logging facility
radius-acct: RADIUS accounting logging facility
radius-auth: RADIUS authentication logging facility
radius-coa: RADIUS change of authorization and radius disconnect
ranap: RANAP Protocol logging facility
rct: Recovery Control Task logging facility
rdt: Redirect Task logging facility
resmgr: Resource Manager logging facility
rip: RIP logging facility (RIP is not supported at this time.)
rohc: RObust Header Compression facility
rsvp: Reservation Protocol logging facility
sccp: SCCP Protocol logging facility
sct: Shared Configuration Task logging facility
sctp: SCTP Protocol logging facility
sessctrl: Session Controller logging facility
sessmgr: Session Manager logging facility
sft: Switch Fabric Task logging facility
sgsn-app: SGSN-APP interface logging facility
sgsn-gtpc: SGSNs GTP-C Protocol logging facility
sgsn-gtpu: SGSNs GTP-U Protocol logging facility
sgsn-misc: SGSN miscellaneous logging facility
sgsn-system: SGSNs System Components logging facility
sgsn-test: SGSN Tests logging facility
sgtpcmgr: SGSN GTPC Manager facility
sipcdprt: Sip Call Distributor facility
sitmain: System Initialization Task main logging facility
sm-app: Session Management (SM) Protocol logging facility
sms: Short Message Service (SMS) logging facility
sndcp: Sub-Network Dependent Convergence (SNDCP) Protocol logging facility
snmp: SNMP logging facility
srdb: Static Rating Database
srp: Service Redundancy Protocol (SRP) logging facility
sscfnni: Service Specific Co-ordination Function for UNNI (SCFNNI) Protocol logging facility
sscop: Service Specific Connection Oriented Protocol (SSCOP) logging facility
ssh-ipsec: SSH IP Security logging facility
stat: Statistics logging facility
system: System logging facility
tacacsplus: TACACS+ Protocol logging facility
taclcp: Type Allocation Code (TAC) Local Call Processing logging facility
tcap: Transaction Capabilities Application Part (TCAP) Protocol logging facility
threshold: threshold logging facility
ttg: TTG logging facility
tucl: TUCL logging facility
udr: User detail record facility (used with the Charging Service)
user-data: User data logging facility
user-l3tunnel: User layer-3 tunnel logging facility
vim: Voice Instant Messaging logging facility
vinfo: Voice Information logging facility
vpn: Virtual Private Network logging facility
wimax-data: WiMAX DATA
wimax-r6: WiMAX R6
level report_level [ critical-info | no-critical-info ]
level report_level: specifies the level of information to be logged, report_level, as one of:
critical-info | no-critical-info: indicates if critical information is to be displayed or not. The keyword critical-info specifies that events with a category attribute of critical information are to be displayed. Examples of these types of events can be seen at bootup when system processes and tasks are being initiated. The no-critical-info keyword specifies that events with a category attribute of critical information are not to be displayed.
Usage
This command is useful when it is necessary to get real time output of events. Event output may be cached otherwise which may make it difficult to trouble shoot problems which do not allow the last cache of events to be output prior to system problems.
Caution: Issuing this command could negatively impact system performance depending on system loading, the log level, and/or the type of facility(ies) being logged.
Example
Set real time output for the point-to-point protocol facility and all facilities, respectively, to avoid logging of excessive information.
logging filter runtime facility ppp
logging filter runtime facility all level warning
 
logging monitor
Enables/disables the monitoring of a specified user.
Product
All
Privilege
Security Administrator, Administrator
Syntax
logging monitor { ipaddrip_address | msidms_id | usernameuser_name }
no logging monitor { ipaddrip_address | msidms_id | usernameuser_name }
no
Disables the monitoring of the user specified by the options given.
ipaddr ip_address
Specifies the IP address of the user for which the monitoring filter is to be set. ip_address must be an IP v4 address in dotted decimal notation.
msid ms_id
msid ms_id: specifies the mobile subscriber ID for which the monitoring filter is to be set. ms_id must be from 7 to 16 digits.
This keyword/option can be used to specify the Mobile Subscriber ISDN (MSISDN) for GGSN calls which enables logging based on MSISDN.
username user_name
username user_name: specifies a user for which the monitoring filter is to be set. user_name must refer to a previously configured user.
Usage
Monitor subscribers which have complaints of service availability or to monitor a test user for system verification.
Caution: Issuing this command could negatively impact system performance depending on the number of subscribers for which monitoring is performed and/or the amount amount of data they’re passing.
Example
The following command enables the monitoring of user user1 and mobile subscriber ID 4441235555, respectively.
logging monitor username user1
logging monitor msid 44441235555
The following disables the monitoring of user user1.
no logging monitor username user1
 
mediation-device
This command is obsolete. Even though the CLI accepts the command no function is performed.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
mediation-device mode { tcs }
no mediation-device mode { tcs }
tcs
N/A
Usage
N/A
Example
N/A
 
network-overload-protection
This command configures an attach rate throttle mechanism to control the number of new connections (attaches or inter-SGSN RAUs), through the SGSN, on a per second basis.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
network-overload-protection sgsn-new-connections-per-second#_new_connections action { drop | reject with cause { congestion | network failure } }
default network-overload-protection sgsn-new-connections-per-second
default
Using default in the command, disables this attach rate throttle feature.
#_new_connections
Define the number of new connections to be accepted per second.
#_new_connections: Must be an integer from 50 to 5000.
action
Specifies the action to be taken by the SGSN when the attach rate exceeds the configured limit on the number of attaches. Select one of the following actions:
drop: Drop the new connection request.
reject-with-cause: Reject the new connection request. Include one of the following as the cause in the reject message:
Usage
Use this command to configure the rate at which the SGSN must process new connection requests. The rate is the number of new connections to be accepted per second.
In some cases, the incoming new connection rate is higher than this configured rate. When this occurs, all of the new connection requests cannot be processed. This command can also be used to configure the action to be taken when the rate limit is exceeded. The new connection requests, which cannot be processed, can be either dropped or rejected with a specific reject cause.
Counters for this feature are available in the show gmm-sm statistics command display in the Network Overload Protection portion of the table.
Example
Configure the throttle rate or limit to 2500 attaches per second and to drop all requests if the limit is exceeded.
network-overload-protection sgsn-new-connections-per-second 2500 action drop
 
network-service-entity
This command creates a new instance of an SGSN network service entity for either the IP environment or the Frame Relay environment.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
[ no ] network-service-entity ( ip-local | peer-nseipeer_nsei_number frame-relay )
no
Deletes the network service entity definition from the system configuration.
ip-local
Configures the local endpoint for NS/IP and enters the NSE-IP configuration mode. The prompt will change to [local]<hostname>(nse-ip-local)#
peer-nsei peer_nsei_number frame-relay
Configures a peer NSE and configures that peer with frame relay connectivity. This set of keywords also provides access to the NSE-FR configuration mode. The prompt will change to [local]<hostname>(nse-fr-peer-nsei-<peer_nsei_number>)#
Usage
Use this command to access the configuration modes for either the IP or Frame Relay network service entities.
Example
Enter the NSE for a Frame Relay configuration instance identified as 4554:
network-service-entity peer-nsei 4554 frame-relay
 
network-service-entity ip
 
This command has been deprecated. See the replacement command network-service-entity .
 
ntp
Enters the network timing protocol configuration mode or disables the use of NTP on the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
ntp
no ntp
no
Disables the use of NTP for clock synchronization. When omitted, the NTP client support is enabled on the chassis.
Important: If the use of NTP is disabled the system clock may drift over a period of time. This may require manual updates to the system clock to synchronize the clock with other network elements.
Usage
Used when it is necessary to configure NTP settings.
Example
The following command enters the NTP configuration mode:
ntp
The following disables the use of the network timing protocol for system clock synchronization.
no ntp
 
operational-mode
Configures the systems operational mode for general use or only as a home agent.
 
Important: This command is only required for code versions prior to 4.5.
Product
All
Privilege
Security Administrator, Administrator
Syntax
operational-mode{general|ggsn-only|ha-only}
general
Sets the system operational mode to general use allowing for FA, HA, PSDN, and/or GGSN services to be co-located.
ggsn-only
Configures the system to only allow Gateway GPRS Support Node (GGSN) services.
Important: Executing this keyword increases the maximum number of PDP contexts supported per Session Manager from 2000 to 4000.
ha-only
This command keyword has been deprecated and no longer performs any function.
Usage
Set the operational mode to segregating services across multiple systems.
Caution: In order for this command to function properly, this command must be executed prior to configuring services on the system.
Example
The following sets the operational mode to general and home agent, respectively.
operational-mode general
 
orbem
Enters the object request broker element manager configuration mode.
Product
All
Privilege
Security Administrator, Administrator
Syntax
orbem
Usage
Set the configuration mode to allow modification of the ORB element manager configuration data.
 
pac-standby-priority
 
This command has been renamed to card-standby-priority. Please refer to that command for details. Note that for backwards compatibility, the system accepts this command as valid.
 
port
The commands in this section set port parameters.
 
port atm
Identifies a physical port on a line card that supports ATM signaling and then enters the configuration mode for the specific interface-type. For the commands to configure the port interface, see the CLI chapter ATM Port Configuration Mode.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
portatmslot/port
atm
Indicates the port identified is an ATM interface port.
slot/port
To determine valid ATM slot and port numbers, use the Exec mode’s command show port table
slot: Identifies the chassis slot holding the line card that supplies ATM ports. The slot ID number can be any valid integer between 17 and 48.
port: Identifies the physical port that is to be configured to support ATM signaling. The ID number can be any valid integer between 1 and 4.
Usage
Change the current configuration mode to Ethernet Port Configuration mode.
Important: This command is not supported on all platforms.
Example
The following enters the ATM port configuration mode for ATM port 1 on the card in slot 19:
port atm 19/1
 
port bits
Enters the BITS port configuration mode by identifying the BITS port on the active or standby SPIO.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
portbitsslot/port
bits
Identifies the BITS port.
slot/port
slot: Identifies the chassis slot holding the SPIO. The slot ID can be either 24 (active SPIO) or 25 (standby SPIO).
port: Identifies the BITS port on the SPIO. The port ID number must be 4.
Usage
Change the current configuration mode to BITS port configuration mode.
Important: This command is not supported on all platforms.
Example
The following enters the BITS port configuration mode for the active SPIO:
port bits 24/4
 
port channelized
Identifies a physical port on a channelized line card that supports Frame Relay signaling and creates a Frame Relay interface. As well, this command enters the configuration mode for the commands to configure the Frame Relay interface and the channelized port interface, see the CLI chapter Channelized Port Configuration Mode.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
portchannelizedslot/port
channelized
Selects the channelized frame relay interface for the selected line card and port.
slot/port
To determine valid slots and port numbers, use the Exec mode’s command show port table to find the channelized line card.
slot: Identifies the chassis slot holding the Channelized line card that supplies Frame Relay ports. The slot ID number can be any valid integer between 17 and 48.
port: Identifies the physical port that is to be configured to support Frame Relay signaling. The ID number can only be 1.
Usage
Change the current configuration mode to Channelized Port configuration mode.
Example
The following enters the Channelized port configuration mode for port 1 on the card in slot 20:
port channelized 20/1
 
port ethernet
Enters the Ethernet Port Configuration mode for the identified port.
Product
All
Privilege
Security Administrator, Administrator
Syntax
portethernetslot/port
ethernet
Indicates the port identified is an Ethernet interface port.
slot/port
Specifies the port for which Ethernet Port Configuration mode is being entered. The slot and port must refer to an installed card and port.
Usage
Change the current configuration mode to Ethernet Port Configuration mode.
Example
The following enters the Ethernet Port Configuration mode for ethernet port 1 in slot 17:
port ethernet 17/1
 
port mac-address virtual-base-address
This command defines a block of 256 consecutive MAC addresses and enables virtual MAC addressing for Ethernet line card ports. Not available for the XT2 platform.
Product
All
Privilege
Security Administrator, Administrator
Syntax
port mac-address virtual-base-addressMAC_Address
no port mac-address virtual-base-address
no
Disables virtual MAC addressing for Ethernet line card ports. The block of virtual MAC addresses is not saved.
MAC_Address
The beginning address of a block of 256 MAC addresses that are used for virtual MAC addressing.
Usage
Use this command to disregard the MAC addresses assigned and stored in the IDEEPROM on Ethernet Line Cards and assign MAC addresses for all ports on all Ethernet Line Cards from the specified block of virtual MAC addresses. This command does not affect the MAC addresses on SPIO cards.
There are 65536 MAC addresses (00:05:47:FF:00:00 - 00:05:47:FF:FF:FF) reserved for use by customers. This range allows for the creation of 256 address blocks each containing 256 MAC addresses (e.g. 00:05:47:FF:00:00, 00:05:47:FF:01:00, 00:05:47:FF:02:00, 00:05:47:FF:03:00, 00:05:47:FF:04:00, etc.).
Caution: This configuration requires the configuration of a valid block of unique MAC addresses that are not used anywhere else. Use of non-unique MAC addresses can degrade and impair the operation of your network.
Important: This command is not supported on all platforms.
Example
To enable virtual MAC addressing for Ethernet ports on all Ethernet line cards in the system using a block of MAC addresses starting at 00:05:47:FF:00:00, enter the following command:
port mac-address virtual-base-address 00:05:47:FF:00:00
 
port rs232
Enters the RS-232 Port Configuration mode for the RS-232 port on the specified SPIO card. Not available on the XT2 platform.
Product
All
Privilege
Security Administrator, Administrator
Syntax
portrs232slot3
rs232
Indicates the port identified is an RS-232 port on a SPIO card.
slot
Specifies the slot of the SPIO for which RS-232 Port Configuration mode is being entered. The slot must refer to an installed SPIO card. The specified port must always be 3 for an RS-232 port.
The value for slot must be either 24 or 25.
Usage
Change the current configuration mode to RS-232 Port Configuration mode.
Example
The following command enters the RS-232 Port Configuration mode for the SPIO in slot 24;
port rs232 24 3
 
profile-id-qci-mapping
Creates a QCI - RAN ID mapping table or specifies an existing table and enters the QCI - RAN ID mapping configuration mode for the system.
Product
HSGW
Privilege
Administrator
Syntax
[ no] profile-id-qci-mapping name [ -noconfrm ]
no
Removes the specified mapping table from the system
name
Creates a new or enters an existing mapping table configuration. name must be from 1 to 63 alpha and/or numeric characters.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Enters the QCI - RAN ID mapping configuration mode for an existing table or for a newly defined table. This command is also used to remove an existing table.
Entering this command results in the following prompt:
[context_name]hostname(config-hsgw-association-table)#
QCI Mapping Configuration Mode commands are defined in the QCI Mapping Configuration Mode Commands chapter.
Use this command when configuring the following eHRPD component: HSGW.
Important: This command creates a mapping table available to any HSGW context configured on the system.
Example
The following command enters the existing QCI mapping configuration mode (or creates it if it doesn’t already exist) for a mapping table named qci_table1:
profile-id-qci-mapping qci_table1
The following command will remove qci_table1 from the system:
no profile-id-qci-mapping qci_table1
 
ps-network
This command creates/removes an HNB-PS network configuration instance for Femto UMTS access over Iu-PS/Iu-Flex interface between Home NodeB Gateway (HNB-GW) service and PS networks elements; i.e. SGSN. This command also configures an existing HNB-CS network instance and enters the HNB-CS Network Configuration mode on a system.
Product
HNB-GW
Privilege
Administrator
Syntax
[no] ps-network ps_instance [-noconfirm]
no ps-network ps_instance
no
Removes the specified HNB-PS network instance from the system.
Caution: Removing the HNB-PS network instance is a disruptive operation and it will affect all UEs accessing SGSN(s) in specific PS core network through the HNB-GW service.
Warning: If any HNB-PS Network instance is removed from system all parameters configured in that mode will be deleted and Iu-PS/Iu-Flex interface will be disabled.
ps_instance
Specifies the name of the Packet Switched Core Networks instance which needs to be associated with HNB Radio Network PLMN in HNB RN-PLMN configuration mode. If ps_instance does not refer to an existing HNB-PS instance, the new HNB-PS network instance is created.
ps_instance must be from 1 to 63 alpha and/or numeric characters.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to enter the HNB-PS Network Configuration mode for an existing PS network instance or for a newly defined HNB-PS network instance. This command is also used to remove an existing HNB-PS network instance.
This configuration enables the Iu-PS/Iu-Flex interface on HNB-GW service with CS core network elements; i.e. MSC/VLR.
A maximum of 8 HNB-PS networks instance can be configured on a system which is further limited to a maximum of 256 services (regardless of type) can be configured per system.
Caution: This is a critical configuration. The HNBs can not access SGSNs in PS core network without this configuration. Any change to this configuration would lead to disruption in HNB access to PS core network.
Entering this command results in the following prompt:
[context_name]hostname(config-ps-network)#
The various parameters available for configuration of an HNB-PS network instance are defined in the HNB-PS Network Configuration Mode Commands chapter of Command Line Interface Reference.
Example
The following command enters the existing HNB-PS Network configuration mode (or creates it if it doesn’t already exist) for the instance named hnb-ps1:
ps-network hnb-ps1
The following command will remove HNB-PS network instance hnb-ps1 from the system without any prompt to user:
no ps-network hnb-ps1
 
qci-qos-mapping
Global QCI-QoS mapping tables are used to map QCI values to appropriate QoS parameters.
Product
HSGW, P-GW, S-GW
Privilege
Administrator
Syntax
qci-qos-mapping name [ -noconfirm ]
no
Removes the specified mapping configuration from the system
name
Creates a new or enters an existing mapping configuration. name must be from 1 to 63 alpha and/or numeric characters.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Enter the QCI-QoS mapping configuration mode for an existing table or for a newly defined table. This command is also used to remove an existing table.
Entering this command results in the following prompt:
[context_name]hostname(config-qci-qos-mapping)#
QCI - QoS Mapping Configuration Mode commands are defined in the QCI - QoS Mapping Configuration Mode Commands chapter.
Use this command when configuring the following eHRPD component: HSGW, P-GW, S-GW.
Important: This command creates a mapping configuration available to any HSGW, P-GW, S-GW context configured on the system.
Example
The following command enters the existing QCI - QoS mapping configuration mode (or creates it if it doesn’t already exist) for a mapping configuration named qci-qos3:
qci-qos-mapping qci-qos3
 
qos npu inter-subscriber traffic bandwidth
Configures NPU QoS bandwidth allocations for the system.
Product
PDSN, GGSN
Privilege
Security Administrator, Administrator
Syntax
qos npu inter-subscriber trafficbandwidth goldpercentsilverpercentbronzepercentbest-effortpercent
no qos npu inter-subscriber trafficbandwidth
no
Removes a previous bandwidth allocation.
gold percent
Default: 10%
Specifies the maximum percentage of bandwidth to be allocated to the gold queue priority.
percent can be configured to any integer value from 0 to 100.
silver percent
Default: 20%
Specifies the maximum percentage of bandwidth to be allocated to the silver queue priority.
percent can be configured to any integer value from 0 to 100.
bronze percent
Default: 30%
Specifies the maximum percentage of bandwidth to be allocated to the bronze queue priority.
percent can be configured to any integer value from 0 to 100.
best-effort percent
Default: 40%
Specifies the maximum percentage of bandwidth to be allocated to the best-effort queue priority.
percent can be configured to any integer value from 0 to 100.
Usage
The bandwidth of a subscriber queue is maintained by rate limiting functions which implement packet-rate limiting at the first level and bit-rate limiting at the next level.
The packet-rate limit of a queue is defined by the number of packets-per-second (PPS) permitted for queuing. Before queuing a packet on a subscriber queue, the NPU ensures that the packet falls within the limit. If the packet to be queued exceeds the packet rate limit, it is dropped.
Each subscriber queue is configured with a bit rate limit, measured in megabits-per-second (Mbps), referred to as CP-BPS (bit-per-second to CP). The CP-BPS is available as the total bandwidth for the subscriber traffic that a CP can sustain. Each subscriber queue receives an allocation of a certain percentage of the CP-BPS. The following maximum CP-BPS values are supported:
For additional information on the NPU QoS functionality, refer to the System Administration and Configuration Guide.
Important: This functionality is not supported for use with the PDSN at this time.
Example
The following command configures bandwidth allocations of 20, 30, 40, and 50% for the gold, silver, bronze, and best-effort queues respectively:
qos npu inter-subscriber traffic bandwidth gold 20 silver 30 bronze 40 best-effort 50
Upon executing this command, the priority queues will have the following PSC/PSC2 CP bandwidth allocations based on the maximum CP bandwidth specifications:
 
qos npu inter-subscriber traffic bandwidth-sharing
Configures NPU QoS bandwidth sharing properties for the system.
Product
PDSN, GGSN
Privilege
Administrator
Syntax
qos npu inter-subscriber trafficbandwidth-sharing { { enable | disable } { all | slotslot_numcpucpu_num } }
enable
Enables bandwidth sharing for the specified criteria.
disable
Disables bandwidth sharing for the specified criteria.
all
Specifies that the bandwidth action is to be applied to all PSC/PSC2s and every CPU on each PSC/PSC2.
slot slot_num
Specifies that the bandwidth action is to be applied to a PSC/PSC2 in a specific chassis slot number.
slot_num is an integer from 1 to 48 that represents the slot in which a PSC/PSC2 is installed. These cards can be installed in slots 1 through 8, and/or 10 through 16.
cpu cpu_num
Specifies a specific PSC/PSC2 CP for which to perform the bandwidth action.
cpu_num is an integer value from 0 to 3. 0 represents the lead CP.
Usage
The available bandwidth of a subscriber queue can be shared equally among the other subscriber queues. Any unutilized bandwidth of a queue can be shared with the other queues equally. For example, if only one DSCP is configured and it is mapped to best-effort, that DSCP would get the bandwidth allocated to the best-effort in addition to the rest of the bandwidth allocated to the gold, silver, and bronze.
By default, the system enables sharing for all PSCs or PSC2s and their CPs.
For additional information on the NPU QoS functionality, refer to the System Administration and Configuration Guide.
Important: This functionality is not supported for use with the PDSN at this time.
Example
The following command disables bandwidth sharing for the fourth CP (CP 3) on a PSC/PSC2 installed in chassis slot 4:
qos npu inter-subscriber traffic bandwidth-sharing disable slot 4 cpu 3
 
qos npu inter-subscriber traffic priority
Configures the DSCP-to-Priority assignments for the system.
Product
PDSN, GGSN
Privilege
Security Administrator, Administrator
Syntax
qos npu inter-subscriber trafficpriority { best-effort | bronze | gold | silver } assigned-to dscp { af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | ef | dscp_num } }
no qos npu inter-subscriber trafficpriority [ assigned-to dscp { af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | ef } ]
best-effort
Specifies the best-effort queue priority.
bronze
Specifies the bronze queue priority.
gold
Specifies the gold queue priority.
silver
Specifies the silver queue priority.
afXX
Assigns the Assured Forwarding XX PHB DSCP.
Each Assured Forwarding PHB has a corresponding DSCP value as follows:
be
Assigns the Best Effort forwarding PHB which has a corresponding DSCP value of 0.
ef
Assigns the Expedited Forwarding PHB which has a corresponding DSCP value of 23.
dscp_num
Specifies a specific DSCP value. The value must be expressed as an integer value from 0 through 31.
Usage
The differentiated services (DS) field of a packet contains six bits (0-5) that represent the differentiated service code point (DSCP) value.
Five of the bits (1-5) represent the DSCP. Therefore, up to 32 (25) DSCPs can be assigned to the various priorities. By default, they're all assigned to the lowest priority (best-effort).
For additional information on the NPU QoS functionality, refer to the System Administration and Configuration Guide.
Important: This functionality is not supported for use with the PDSN at this time.
Example
The following command maps the ef DSCP to the gold priority queue:
qos npu inter-subscriber traffic priority gold assigned-to dscp ef
 
ran-peer-map
Creates a RAN Peer Map and enters the RAN Peer Map Configuration Mode.
Product
ASN GW, PHS
Privilege
Administrator
Syntax
[ no ] ran-peer-map name [ -noconfirm ]
no
Removes the RAN Peer Map from the system.
name
Specifies the name of the RAN Peer Map. name must be from 1 to 31 alpha and/or numeric characters.
Usage
Use this command to create a new RAN Peer Map or edit an existing one. RAN peer maps reconcile base station MAC addresses received in R6 protocol messages to the base station’s IP address.
Entering this command results in the following prompt:
[context_name]hostname(config-ran-peer-map)#
RAN Peer Map Configuration Mode commands are defined in the ASN RAN Peer Map Configuration Mode Commands chapter in this guide.
Example
The following command creates a RAN peer map named ran12:
ran-peer-map ran12
 
require active-charging
This command enables/disables Active Charging Service (ACS) with or without Category-based Content Filtering application.
Product
ACS, CF
Privilege
Security Administrator, Administrator
Syntax
require active-charging [ isolated-mode ] [ content-filtering category [ static-and-dynamic ] ] [ optimized-mode ]
no require active-charging
no
Disables ACS on the system.
isolated-mode
Enables ACS, and separates ACS-related resources from other sub-system resource sharing.
Important: In Release 8.1 and later, this keyword is not supported.
optimized-mode
Enables ACS in Optimized mode, wherein ACS functionality is managed by SessMgrs.
Important: In Release 8.0 and earlier and in Release 9.0 and later, this keyword is not supported.
Important: In Release 8.1, ACS must be configured in the Optimized mode.
Important: In Release 8.1, if the active-charging mode is changed from the default (Non-optimized) mode to the Optimized mode, or vice-versa, the system must be rebooted for the change to take effect.
Important: In Release 8.3, this keyword is obsolete. With or without this keyword ACS is always enabled in Optimized mode.
Use the require active-charging command to enable ACS in the non-optimized mode. Wherein, ACSMgrs will spawn to support ACS.
Use the require active-charging optimized-mode command to enable ACS in the Optimized mode. Wherein, ACS is enabled as part of SessMgr.
content-filtering category [ static-and-dynamic ]
Enables the Category-based Content Filtering application with Active Charging support and creates the necessary Static Rating Database (SRDB) tasks to utilize the internal database of static/dynamic URLs.
For Dynamic Content Filtering support, the static-and-dynamic keyword must be configured to specify that the Dynamic Rater Package (model and feature files) must be distributed to rating modules on startup, recovery, etc. If not configured, by default, the static-only mode is enabled.
Usage
Use this command to enable/disable ACS with or without Category-based Content Filtering application on a system.
In Release 8.0 and 8.1, this command must be configured before configuring any services. This is to ensure that the resource subsystem can appropriately reserve adequate memory for ACS Manager (ACSMgr) tasks. If this command is configured after all the Session Manager (SessMgr) tasks are already active, the ACSMgr tasks will not be started even if additional cards are added to the chassis—instead, the chassis must be rebooted.
Example
In Release 8.0, the following command enables resource subsystem to configure ACS in isolated mode:
require active-charging isoated-mode
In Release 8.1, the following command enables ACS in Optimized mode:
require active-charging optimized-mode
In Release 8.3, the following command enables ACS in Optimized mode:
require active-charging
 
require demux card
This command enables/disables the demux capabilities.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[default | no ] require demux card
default
Disables the demux capabilities on the card.
no
Disables the demux capabilities on the card.
Usage
Use this command configure the system to allow session recovery task placement scheme when session recovery is off.
Important: This command is not supported on all platforms.
Example
The following command enables demux capabilities:
require demux card
 
require detailed-rohc-stats
Enables or disables context-specific Robust Header Compression (RoHC) statistics.
Product
HSGW, PDSN
Privilege
Administrator
Syntax
[ no ] require detailed-rohc-stats
no
Disables require detailed-rohc-stats. This is the default condition.
Usage
Enables context-specific statistics for RoHC calls.
Example
Enter the following command to enable context specific stats for RoHC calls:
require detailed-rohc-stats
 
require diameter-proxy
This command enables/disables Diameter Proxy mode.
Default: no require diameter-proxy
Product
All
Privilege
Security Administrator, Administrator
Syntax
require diameter-proxy { multiple | single }
no require diameter-proxy
no
To disable Diameter Proxy mode.
multiple
To configure one Diameter proxy for each active PSC/PSC2.
Single
To configure one Diameter proxy for the entire chassis.
Usage
When the Diameter Proxy mode is enabled, each proxy process is a Diameter host, instead of requiring every Diameter application user (i.e., every ACSMgr and/or every SessMgr, depending on the application) to be a host.
Example
To configure a Diameter proxy for each active PSC/PSC2, enter the following command:
require diameter-proxy multiple
To configure a single Diameter proxy for the entire chassis, enter the following command:
require diameter-proxy single
 
require session recovery
Enables session recovery when hardware or software fault occurs within system.
Product
PDSN, GGSN, SGSN, HA, LNS, ASN GW,PDIF, MME
Privilege
Security Administrator, Administrator
Syntax
require session recovery
no require session recovery
no
Disables session recovery feature after configuration file is saved and system is restarted.
Usage
When this feature is enabled, the system attempts to recover any home agent-based Mobile IP sessions that would normally be lost due to a hardware or software fault within the system.
This functionality is available for the following call types:
The default setting for this command is disabled.
The no option of this command disables this feature.
It is important to note that this command only works when the Session Recovery feature is enabled through a valid Session and Feature Use License Key.
Important: Upon entering this command, the system must be restarted before the command takes effect. Remember to save the configuration file before issuing the reload command.
 
reveal disabled commands
Enables the input of commands for features that do not have license keys installed. The output of the command show cli indicates when this is enabled. This command effects all future CLI sessions. This is disabled by default.
Product
All
Privilege
Security Administrator, Administrator
Syntax
reveal disabled commands
no reveal disabled commands
no
Do not show disabled commands.
Usage
When this is enabled and a disabled command is entered, a message is displayed that informs you that the required feature is not enabled and also lists the name of the feature that you need to support the command.
When this is disabled and a disabled command is entered, the CLI does not acknowledge the existence of the command and displays a message that the keyword is unrecognized.
Example
Set the CLI to accept disabled commands and display the required feature for all future CLI sessions with the following command:
reveal disabled commands
Set the CLI to reject disabled commands and return an error message for all future CLI sessions:
no reveal disabled commands
 
rohc-profile
This command allows you to create an RoHC (Robust Header Compression) profile and enter the RoHC Profile Configuration Mode. This mode is used to configure RoHC Compressor and Decompressor parameters. RoHC profiles can then be assigned to specific subscriber sessions when RoHC header compression is configured.
Product
HSGW, PDSN
Privilege
Security Administrator, Administrator
Syntax
rohc-profile profile-name name [ -noconfirm ] [common-options | compression-options| decompression-options]
no rohc-profile profile-name name
common-options
Configures common parameters for compressor and decompressor.
compression-options
Configures ROHC compression options.
decompression-options
Configures ROHC decompression options.
no
Remove the specified RoHC profile.
name
The name of the RoHC profile to create or remove. name must be an alphanumeric string of from 1 through 63 characters in length.
-noconfirm
Do not prompt for additional verification when executing this command.
Usage
Use this command to enter the RoHC Profile Configuration mode.
Entering this command results in the following prompt:
[context_name]host(config-rohcprofile-<profile_name>)#
RoHC Profile Configuration Mode commands are defined in the RoHC Profile Configuration Mode Commands chapter.
Example
Enter the following command to create an RoHC profile named HomeUsers and enter the RoHC Configuration mode without prompting for verification:
rohc-profile profile-name HomeUsers
The following command removes the RoHC profile named HomeUsers:
no rohc-profile profile-name HomeUsers
 
sccp-network
This command creates or removes a Signaling Connection Control Part (SCCP) network instance which is used to define the SS7 end-to-end routing in a UMTS network. As well, this command enters the SCCP network configuration mode. The SGSN supports up to 12 SCCP network instances at one time.
Product
SGSN, HNB-GW
Privilege
Security Administrator, Administrator
Syntax
sccp-network sccp_net_id [-noconfirm]
no sccp-network sccp_net_id
no
Remove the SCCP network configuration with the specified index number from the system configuration.
sccp_net_id
This number identifies a specific SCCP network configuration.
sccp_net_id: must be an integer from 1 through 12.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to create or modify an SCCP network and enter the SCCP network configuration mode.
The SCCP network is not a standard SS7 or UMTS concept - this concept is specific to this platform.
For details about the commands and parameters needed to create and edit the SCCP Network configuration, check the SCCP Network Configuration Mode chapter.
Example
The following command creates an SCCP network with the index number of 1:
sccp-network 1
The following command creates an SCCP network with the index number of 2 to associate with HNB-GW service for HNB access network users without any prompt.:
sccp-network 2 -noconfirm
 
session trace
This command configures the type of network elements, file transfer protocol, and Trace collection entity mode to be used for the transportation of trace files collected for the subscriber session tracing on the EPC network element(s) along with network connection parameters and timers.
Product
MME, P-GW, S-GW
Privilege
Administrator
Syntax
session trace [ collection-timer sec ] [ network-element { all | mme | pgw | sgw } ] [ retry-timer sec ] [ tce-mode { none | push transport { ftp | sftp } path string username name { encrypted password enc_pw | password password }}]
no session trace [network-element {all | mme | pgw | sgw}]
no
Removes the entire session trace configuration from the system or a specific network element trace configuration.
collection-timer sec
Specifies the amount of time, in seconds, to wait from initial activation/data collection before data is reported to the Trace Collection Entity (TCE). sec must be an integer value from 0 to 255.
network-element {all | mme | pgw | sgw}
Identifies the type of service to the session trace application in order to determine the applicable interfaces.
all: Specifies that all network elements and their associated interfaces are to be made available to the session trace application.
mme: Specifies that the MME network element and it’s associated interfaces is to be made available to the session trace application.
pgw: Specifies that the P-GW network element and it’s associated interfaces is to be made available to the session trace application.
sgw: Specifies that the P-GW network element and it’s associated interfaces is to be made available to the session trace application.
retry-timer sec
Specifies the amount of time, in seconds, to wait before retrying a file transfer after a failure. sec must be an integer value from 0 to 255.
tce-mode none
Specifies that session trace files are to be stored locally and must be pulled by the TCE.
tce-mode push transport { ftp | sftp } path string username name { encrypted password enc_pw | password password }
Specifies that session trace files are to be pushed to the Trace Collection Entity (TCE).
{ ftp | sftp }: Specifies that FTP or Secure FTP is used to push session trace files to the TCE.
path string: Specifies the directory path on the TCE where files will be placed.
username name: Specifies the username to be used when pushing files to the TCE.
encrypted password enc_pw: Specifies the encrypted password to be used when pushing files to the TCE.
password password: Specifies the password to be used when pushing files to the TCE.
Usage
Use this command to configure the file transfer methods and modes for subscriber session trace functionality and to how and where session trace files are sent after collection.
This configuration contains collection timer, EPC network element, type of file transfer, and user credentials setting to send the collected trace files to the TCE.
Example
The following command configures the collection time for session traces to 30 seconds, identifies the network element as all elements (MME, S-GW, and P-GW), sets the retry timer to 5 seconds, and pushes session trace files to a TCE via SFTP into a directory named /trace/sgw using a username admin and a pasword of pw123:
session trace collection-timer 30 network-element all retry-timer 5 tce-mode push transport sftp path /trace/sgw username admin password pw123
The following command configures the collection time for session traces to 30 seconds, identifies the network element as an MME, sets the retry timer to 5 seconds, and pushes session trace files to a TCE via SFTP into a directory named /trace/sgw using a username admin and a password of pw123:
session trace collection-timer 30 network-element mme retry-timer 5 tce-mode push transport sftp path /trace/mme username admin password pw123
 
sgsn-operator-policy
This command creates an SGSN Operator Policy and enters the SGSN operator policy configuration mode. Commands for configuration of the policies are available in the SGSN Operator Policy Configuration Mode chapter elsewhere in this Command Line Interface Reference.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
sgsn-operator-policy ( default | name name } [ -noconfirm ]
no sgsn-operator-policy ( default | name name }
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
no
Remove the specified SGSN operator policy from the system configuration.
default
default, in this case, is the name of a specific operator policy. This default policy is used when no other defined operator policy matches the incoming IMSI.
Important: We recommend that you configure this default operator policy so that is it available to handle IMSIs that are not matched with other defined policies.
name name
Usage
Use this command to create an SGSN operator policy and to enter the SGSN operator policy configuration mode to define or modify policies.
The SGSN Operator Policy specifies rules governing the services, facilities and privileges available to subscribers. These policies can override standard behaviors and provide mechanisms for an operator to get around the limitations of other infrastructure elements such as DNS servers and HLRs.
The system supports up to 1000 operator policies, including the default operator policy.
Important: Once the instance of an operator policy is defined, to use the policy it is necessary to go into the SGSN Operator Policy Configuration Mode to define the IMSI range with the MCC command - this requirement does not hold if you are using a default operator policy.
Example
The following command accesses the default SGSN operator policy and enters the SGSN operator policy configuration mode to view or modify the specified policy:
sgsn-operator-policy default
 
snmp
The commands in this section set SNMP parameters.
 
snmp authentication-failure-trap
Enables/disables the SNMP traps for authentication failures.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp authentication-failure-trap
no snmp authentication-failure-trap
no
Disables SNMP traps for authentication failures. When omitted, SNMP traps for authentication failures will be generated.
Usage
Disables authentication failure traps if they are not of interest. At this time the option may be changed to support trouble shooting.
The chassis is shipped from the factory with the SNMP authentication failure traps disabled.
 
snmp community
Configures the SNMP v1 and v2 community strings.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp communitystring [ contextctx_name ] [ viewview_name ] [ read-only | read-write ]
no snmp communitystring
no
The specified community string is removed from the configuration.
string
Specifies a community string whose options are to be modified. string must be a from 1 to 31 alpha and/or numeric characters.
context ctx_name
Default: community string applies to all contexts.
Specifies a the context to which the community string shall be applied. ctx_name must be from 1 to 1023 alpha and/or numeric characters.
view view_name
Default: community string applies to all views.
Specifies the view to which the community string shall be applied. view_name must from 1 to 1023 alpha and/or numeric characters.
read-only | read-write
Default: read-only
Specifies if access rights for the community string.
read-only: the configuration may only be viewed.
read-write: the configuration may be viewed and edited.
Usage
The community strings define the privileges of SNMP users. It may be desirable to give read-only access to front line operators.
Example
snmp community sampleString
snmp community sampleString context sampleContext
snmp community sampleString context sampleContext view sampleView
snmp community sampleString view sampleView ] read-write
no snmp community sampleString
 
snmp engine-id
Configures the SNMP engine to use for SNMP requests when SNMPv3 agents are utilized.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp engine-id localid
id
Specifies the SNMPv3 engine to employ. id must be from 1 to 31 alpha and/or numeric characters.
Usage
When SNMPv3 is used for SNMP access to the chassis the engine ID can be used to quickly change which schema is used for SNMP access.
Important: The system can send either SNMPv1, SNMPv2c, or SNMPv3 traps to numerous target devices. However, the Web Element Manager can only process SNMP version 1 (SNMPv1) and SNMP version 2c (SNMPv2c) traps. If the SNMP target being configured is Web Element Manager application, then you must not configure this command to use.
Example
snmp engine-id local id
 
snmp heartbeat
Enables the sending of periodic “heartbeat” notifications (traps).
Product
All
Privilege
Administrator
Syntax
snmp heartbeat { interval [ minutes ] | second-interval [ seconds ] }
deafult snmp heartbeat
no snmp heartbeat
default
Returns the command to its default setting of disabled.
no
Disables the feature.
interval [ minutes ]
Default: 60
Specifies the interval time, in minutes, between notifications. minutes must be an integer value between 1 and 1440.
second-interval [ seconds ]
Default: 30
Specifies the secondary interval time, in seconds, between notifications. seconds must be an integer value between 10 and 50.
Usage
Use this command to enable the sending of a heartbeat notification periodically to confirm a system is up and communicating.
Example
The following command sets the snmp heartbeat notification interval to 2 hours, 15 minutes and 30 seconds:
snmp heartbeat interval 135 second-interval 30
 
snmp history heartbeat
Enables the recording of heartbeat notifications in SNMP history.
Product
All
Privilege
Administrator
Syntax
[ default | no ] snmp history heartbeat
default
Returns the command to the default setting of enabled.
no
Disables the history recording feature.
Usage
Use this command to enable the recording of SNMP heartbeat notifications in SNMP history files.
 
snmp notif-threshold
Configures the number of SNMP notification that need to be generated for a given event before it is propagated to the SNMP users.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp notif-thresholdcount [ lowlow_count ] [ periodseconds ]
no snmp notif-threshold
no
Removes all SNMP notification thresholds. All notifications will be broadcast to SNMP users.
count
Default: 100
Specifies the number of notifications that must be generated before the next notification is broadcast to SNMP users. count must be a value in the range from 1 to 10000.
low low_count
Default: 20
Specifies the number of notifications within the monitoring period before which any subsequent notification for each specific event. low_count must be a value in the range from 1 through 10000.
period seconds
Default: 300
Specifies the number of seconds of the monitoring window size used to determine when any subsequent notification may be broadcast to users. seconds must be a value in the range from 10 through 3600.
Usage
Set the notification threshold to avoid a flood of events which may be the result of a single failure or maintenance activity.
Example
snmp notif-threshold 100
snmp notif-threshold 100 period 30
 
snmp server
Enables the SNMP server as well the configuration of the SNMP server port.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp server [ portnumber ]
no snmp server
no
Restores the default SNMP port assignment.
port number
Default: 161
Specifies the port number to use for SNMP communications. number must be a value in the range from 1 to 65535.
Usage
Set the SNMP port for communications when SNMP is enabled.
Important: This will result in restarting the SNMP agent when the no keyword is omitted. SNMP queries as well as notifications/traps will be blocked until the agent has restarted.
Example
snmp server port 100
no snmp server
 
snmp target
Configures remote receivers of SNMP notifications.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp targetname ip_address [ portnumber ] [ non-default ] [ security-namestring ] [ version { 1 | 2c | 3| view ] [security-level { noauth | { auth | priv-auth privacy [encrypted] des privpassword } authentication [encrypted] { md5 | sha } authpassword } } [ informs | traps ]
no snmp targetname
no
Removes the specified target as a receiver of unsolicited SNMP messages.
authentication { md5 | sha } authpassword
Reads the authentication type and password if the security level of the SNMP messages is set to auth or priv-auth. Authentication types are:
md5: Configures the hash-algorithm to implement MD5 per RFC 1321.
sha: Specifies that the hash protocol is Secure Hash Algorithm.
security-level { noauth | { auth | priv-auth privacy [encrypted] des privpassword }
Sets the security level of the SNMPv3 messages, as follows:
noauth: No authentication and encryption is used.
auth: Only authentication will be used.
priv-auth: Both authentication and encryption will be used.
privacy des privpassword: Reads the privacy type and password.
name
Specifies a logical name to use to refer to the remote receiver. name must be from 1 to 31 alpha and/or numeric characters.
ip_address
Specifies the IP address of the receiver. ip_address must be specified using the standard IPv4 dotted decimal notation.
non-default
Specifies that this destination is only used for SNMP traps which have been specifically identified.
port number
Default: 162
Specifies the port which is to be used in communicating with the remote receivers. number must be a value in the range from 0 through 65535.
security-name string
Default: no community string included
Specifies the community string to use in the unsolicited messages. string must be from 1 to 31 alpha and/or numeric characters.
version { 1 | 2c | 3 } | view
Default: 1
Specifies the SNMP version the target supports and consequently the version of the SNMP protocol to use for communications.
Important: The system can send either SNMPv1, SNMPv2c, or SNMPv3 traps to numerous target devices.However, the Web Element Manager can only process SNMP version 1 (SNMPv1) and SNMP version 2c (SNMPv2c) traps. If the SNMP target being configured is Web Element Manager application, then you must configure this command to use version 1 or version 2c.
informs | traps
Default: traps
Specifies the type of SNMP event to use to send notifications to SNPM targets. traps are unacknowledged (fire and forget) whereas informs require a response from the SNMP target.
If the notification type is set to informs, the notification is resent if no response is received within 5 seconds. The notification is resent at most two times.
Usage
The target manages the list of remote receivers to which unsolicited messages are sent, e.g., this is necessary if a new monitoring system is added to a network or removed.
Example
snmp target sampleReceiver 1.2.3.4 security-name sampleComm
snmp target sampleReceiver 1.2.5.6 port 100
snmp target sampleReceiver 1.2.7.8 version 2c traps
no snmp target sampleReceiver
 
snmp trap
This command enables/disables generation of specific or all SNMP traps.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmp trap { enable | suppress } [trap_name1trap_name2...trap_nameN| all ]
enable
Enables or allows the generation of one or more SNMP traps by the system.
suppress
Disables the generation of one or more SNMP traps by the system.
trap_name1 trap_name2 ... trap_nameN
The name of the specific SNMP trap to enable or disable. Multiple traps can be listed for a single instance of this command.
Important: The system disregards character case when entering trap names.
all
Default: Enable All
Specifies that all SNMP traps will be affected by the specified operation (enable or suppress).
Usage
SNMP traps are used by the system to indicate that certain events have occurred. A complete listing of the traps supported by the system and their descriptions can be found in the SNMP MIB Reference. Additionally, a trap listing can be viewed using the following command:
snmp trap { enable | suppress } ?
By default, the system enables the generation of all traps. However, individual traps can be disabled allowing only traps of a certain type or alarm level to be generated. This command can be used to disable un-desired traps and/or re-enable previously suppressed traps.
Example
The following command suppresses the LogMessage trap:
snmp trap suppress logmessage
The following command suppresses the CLISessEnd and CLISessStart:
snmp trap suppress clisessend clisessstart
 
snmp trap-timestamps
Adds an additional system-time varbind to generated traps.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ no ] snmp trap-timestamps
no
Disables the adding of timestamps to generated traps.
Usage
The timestamp added to the generated trap reflects the current system time. The timestamp is proprietary. This functionality is disabled by default.
Important: If the Web Element Manager application is used as your alarm server, the application relies on the timestamp provided by enabling this command to identify duplicate traps. As a result, it is recommended that this parameter be enabled for this case.
Example
The following command enables the inclusion of a timestamp with each generated trap:
snmp trap-timestamps
 
snmp user
Configures an SNMPv3 user for SNMP access.
Product
All
Privilege
Security Administrator, Administrator
Syntax
snmpuseruser_name [ [ encrypted ] passwordpassword | engineid | groupgrp_name | security-modelmodelauth [ [ encrypted ] passwordpassword ] ]
no snmp useruser_name
no
Removes the specified user from the list of valid SNMPv3 users.
user_name
Specifies the user which is to use SNMPv3 interfaces to the system. user_name must be from 1 to 31 alpha and/or numeric characters.
engine id
The SNMP engine ID. id must be a string of alpha and/or numeric characters from 1 to 31characters in length.
group grp_name
Default: undefined (not a member of any group)
Specifies the user SNMPv3 group the into which user will be added. grp_name must be from 1 to 1023 alpha and/or numeric characters.
security-model model auth
Default: USM
Specifies the security model used to authenticate the user. model must be configured to the following:
usm : User Security Model
[ encrypted ] password password
Default: undefined
Specifies the password for authenticating the user when the security model is set to USM.
The encrypted keyword indicates the password will be received in an encrypted form. password must be from 8 to 31 alpha and/or numeric characters.
The encrypted keyword is intended only for use by the chassis while saving configuration scripts. The system displays the encrypted keyword in the configuration file as a flag that the variable following the password keyword is the encrypted version of the plain text password. Only the encrypted password is saved as part of the configuration file.
Usage
Add and remove SNMPv3 users as operations staff or automated systems are updated. The security model will be user dependant based upon the support the users system provides.
Important: The system can send either SNMPv1, SNMPv2c, or SNMPv3 traps to numerous target devices. However, the Web Element Manager can only process SNMP version 1 (SNMPv1) and SNMP version 2c (SNMPv2c) traps. If the SNMP target being configured is Web Element Manager application, then you must not configure this command to use.
Example
snmp user user1
snmp user user1 security-model 2c auth
snmp user user1 group sampleGroup security-model usm auth
no snmp user user1
 
ss7-routing-domain
This command creates an SS7 routing domain instance and enters the SS7 routing domain configuration mode.
Product
SGSN, HNB-GW
Privilege
Security Administrator, Administrator
Syntax
ss7-routing-domain rd_id variant v_type [-noconfirm]
no ss7-routing-domain rd_id
no
Removes the specified SS7 routing domain from the system configuration.
rd_id
This number identifies a specific SS7 routing domain. Once it has been created, it can be accessed for further configuration and modification by entering the rd_id without entering the variant.
rd_id must be an integer from 1 to 12.
variant v_type
Identifies the national standard to be used for call setup, routing and control, signaling. Select one of the following:
ansi: American National Standards Institute (U.S.A.)
bici: Broadband Intercarrier Interface standard
china: Chinese standard
itu: International Telecommunication Union (ITU-T) Telecommunication Standardization Sector
ntt: Japanese standard
ttc: Japanese standard
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to create an SS7 routing domain configuration instance or to enter the SS7 routing domain configuration mode to edit the configuration.
A routing domain groups configuration items to facilitate the management of the SS7 connection resources for an SGSN service. An Access Gateway supports up to 12 configured SS7 routing domains at one time.
After entering this command, the prompt appears as:
[context_name]<hostname>(config-ss7-routing-domain-routing_domain_id)#
For details about the commands and parameters used to define or edit an SS7 routing domain, refer SS7 Routing Domain Configuration Mode chapter.
Example
The following creates an SS7 routing domain with an index of 1 and the variant selection of Broadcast Intercarrier Interface (bici):
ss7-routing-domain 1 variant bici
The following command creates an SS7 routing domain instance with an index of 2 and the variant selection of Broadcast Intercarrier Interface (bici) to be associated with HNB RN-PLMN in an HNB access network:
ss7-routing-domain 1 variant bici
 
suspend local-user
Suspends a local-user administrative account.
Product
All
Privilege
Administrator
Syntax
suspend local-user name
no suspend local-user name
no
Removes the suspended status for the specified local-user account.
name
The name of the local-user account. It can be from 3 to 16 alpha and/or numeric characters and is case sensitive.
Usage
This command allows a security administrator to suspend local-user administrative accounts.
A “suspended” user can not login to the system. The user’s account information (passwords, password history, etc.), however, is preserved.
Example
The following command suspends a local-user account called Inspector1:
suspend local-user Inspector1
The following command removes the suspension from a local-user account called Admin300:
no suspend local-user Admin300
 
system
Configures system information which is accessible via SNMP.
Product
All
Privilege
Security Administrator, Administrator
Syntax
system { carrier-idmccmcc_idmncmnc_id | contactwho | hostnamehost_name | locationtext }
default system { contact | location }
default
This keyword removes the configured system contact and system location on system.
carrier-id mcc mcc_id mnc mnc_id
Important: This carrier ID is not used by the GGSN
This keyword specifies a carrier-id that is a unique identifier for the carrier that has installed the system. When the carrier ID values are set, the carrier-id and gmt_offset attributes are included in access-request and accounting packets when using the following RADIUS dictionaries:
mcc mcc_id : The mobile country code. This must be specified as a string of integers from 001 through 999. Values must be expressed as three integers.
mnc mnc_id: The mobile network code. This must be specified as a string of integers from 01 through 999. Values must be expressed as a minimum of two integers and a maximum of three integers.
contact who
Default: No contact specified.
contact who: specifies the contact information for the chassis. who must be a string of 0 to 255 characters. The string specified must be embedded in double quotes (“) if spaces and special punctuation is to be used.
hostname host_name
hostname host_name: configures the chassis host name where host_name must be from 1 to 63 characters.
Important: Please note that changing the chassis host name results in the command prompt changing as well to reflect the new name. This may affect any scripted interfaces from OSS or maintenance facility.
location text
Default: No location specified.
location text: specifies the location text to use which may be a string of 0 to 255 characters. The text specified must be embedded in double quotes (“) if spaces are to be used.
Usage
Specify system basic information which is useful back at a network operations center which uses the SNMP interfaces for management.
Example
The following commands configure the contact information, system host name, and location text, or remove configured location and system respectively.
system contact user1@company.com
system hostname system16
system location “Clark Street Closet\nBasement Rack 4”
The following commands remove the configured contact and location from system respectively
default system contact
default system location
 
task facility ipsecmgr
Configures IPSec manager settings.
Product
All
Privilege
Security Administrator, Administrator
Syntax
task facility ipsecmgr { max-crypto-maps-each-ipsecmgr max_num | max-ipsecmgr-tasks max_num | start-at-a-time num | task-count { increased | normal }}
default task facility ipsecmgr { max-crypto-maps-each-ipsecmgr | max-ipsecmgr-tasks | start-at-a-time | task-count }
max-crypto-maps-each-ipsecmgr max_num
Default: 2
The maximum number of crypto maps per IPSEC manager.
max_num must be an integer from 1 through 150.
max-ipsecmgr-tasks max_num
Default: 200
The maximum number of IPSEC manager tasks that can be started for all services.
max_num must be an integer from 1 through 200.
start-at-a-time num
Default: 1
The number of IPSEC manager tasks created at once when they are required.
num must be an integer from 1 to 128.
task-count { increased | normal }
Default: normal
Adjusts the IPSec manager task count to support EHA.
increased: Increases the number of IPSec manager tasks operating on the PSCs/PSC2s while reducing the number of session manager tasks.
normal: Uses the standard algorithm for allocationg memory for IPSec manager tasks.
Caution: If task-count is set to normal and session-recovery is enabled, IPSecMgr tasks are not allowed to start on most PSCs/PSC2s.
Usage
Set the IPSec manager parameters for all IPSec managers in the system.
Example
Use the following command to set the maximum number of crypto maps per IPSec manager to 25:
task facility ipsecmgr max-crypto-maps-each-ipsecmgr 25
 
task facility sessmgr
Configures system information which is accessible via SNMP.
Product
All
Privilege
Security Administrator, Administrator
Syntax
task { facility sessmgr start { aggressive | normal } | resourcecpu-memory-low { kill | warn } }
facility sessmgr start { aggressive | normal }
Default: Normal
Specifies the facility options for the session manager.
aggressive: specifies the maximum number of session manager processes are started immediately.
Caution: The task facility sessmgr start aggressive command should only be used if the system will reach capacity (for the existing configuration) during the first few minutes of service.
Caution: This command must only be executed last during configuration (or appended to the end of the configuration file) to ensure the availability of memory resources to contexts and services.
normal: indicates the session manager processes are started as needed.
resource cpu-memory-low { kill | warn }
Default: kill
Sets the action for the Resource Manager to take when the amount of free memory on a CPU falls below 12MB. An SNMP TRAP and CORBA notification are generated and the event is logged.
Once the free memory threshold is crossed, The Resource Manager examines all tasks on that cpu and finds the most over limit task and kills it. If there are no over limit tasks nothing happens. Resource Manager takes preference on killing a non-sessmgr task over a sessmgr task.
kill: The task most over memory limit (if any) is killed and recovered.
warn: The event is logged and no tasks are killed.
Usage
Set the session manager start policy to aggressive on heavily utilized systems to avoid undue delays in processing subscriber sessions.
Set the CPU memory low action to only log CPU low memory events.
Example
task facility sessmgr start aggressive
task facility sessmgr start normal
task resource cpu-memory-low warn
 
task facility acsmgr
This command configures the ACSMgr tasks setting.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
task facility acsmgr start [ aggressive | normal ]
no task facility acsmgr start
no
Disables the configured ACSMgr setting.
aggressive
Specifies to start the maximum possible ACSMgr tasks.
normal
Configures the resource subsystem to start/stop ACSMgr tasks on as needed basis.
Usage
This command provides option for the resource subsystem to start maximum possible ACSMgr tasks based on the license configured and the available system configuration.
Example
The following command starts the maximum possible ACSMgr tasks:
task facility acsmgr start aggressive
 
terminal
Configures the console port on the SPIO.
Product
All
Privilege
Security Administrator, Administrator
Syntax
terminal [ carrierdetect { off | on } | databits { 7 | 8 } | flowcontrol { hardware {off | on } | none } | parity { even | none | odd } | speed { 115200 | 19200 | 38400 | 57600 | 9600 } | stopbits { 1 | 2 } ]
carrierdetect { off | on }
Specifies whether or not the console port is to use Data Carrier Detect (DCD) when connecting to a terminal.
Default: off
off: Do not use DCD
on: Use DCD
databits { 7 | 8 }
Specifies the number of data bits used to transmit and receive characters.
Default: 8
7: Use 7 databits to transmit and receive characters.
8: Use 8 databits to transmit and receive characters.
flowcontrol { hardware {off | on } | none }
Specifies how the flow of data is controlled between the SPIO and a terminal.
Default: none
hardware: Enable or disable the use of hardware-based flow control
off: Disable the use of Ready to Send (RTS) and Clear to Send (CTS).
on: Enable the use of Ready to Send (RTS) and Clear to Send (CTS).
none: Disable the use of DCD, RTS and CTS.
parity { even | none | odd }
Specifies the type of error checking used on the port.
Default: none
even - Enables error checking by setting the parity bit to 1 (if needed) making the number of 1s in the data bits even.
none - Disables error checking.
odd - Enables error checking by setting the parity bit to 1 (if needed) making the number of 1s in the data bits odd.
speed { 115200 | 19200 | 38400 | 57600 | 9600 }
Specifies the flow of data in bits per second between the console port and terminal.
Default: 9600
stopbits { 1 | 2 }
Specifies the number of stop bits between each transmitted character.
Default: 1
1: Use one stop bit between each transmitted character.
2: Use two stop bits between each transmitted character.
Usage
Sets the SPIO’s console port parameters for communication with the terminal device.
Example
The following command sets the SPIO’s console port. The terminal must support these values.
terminal carrierdetect off databits 7 flowcontrol hardware on parity even speed 115200 stopbits 1
 
threshold
The commands in this section set global thresholding parameters.
 
threshold 10sec-cpu-utilization
Configures a threshold that measures a 10 second average of cpu utilization. Its polling interval can be set down to 30 seconds.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold 10sec-cpu-utilizationpercent [ clearpercent ]
percent
Default: 0
Configures the high threshold for 10 second average cpu-utilization. If the monitored CPU utilization is greater than or equal to the specified percentage an alert is sent. Regardless of the length of the polling interval, only one sample at the end of the polling interval is tested.
clear percent
Default: 0:
This is a low watermark value that sets the alarm clearing threshold value. If not specified it is taken from the first value.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set a threshold that sends an alert when CPU utilization over a 10 second average exceeds the limit set.
Alerts or alarms are triggered for 10-second sample of CPU utilization based on the following rules:
Enter condition: 10-second average percentage of CPU utilization ³ High Threshold
Clear condition: 10-second average percentage of CPU utilization < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
Send an alert when the 10 second average CPU utilization reaches 45 percent by entering the following command;
threshold 10sec-cpu-utilization 45
 
threshold aaa-acct-archive-size
This command configures accounting message archive size threshold.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-acct-archive-size high_thresh [ clear low_thresh ]
high_thresh
Default: 1
The high threshold number of archived accounting messages that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1044000.
clear low_thresh
Default: 1
The low threshold number of archived accounting messages that maintains a previously generated alarm condition. If the number of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1044000.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
In the event that the system cannot communicate with configured AAA accounting servers (RADIUS or CGFs), either due to the server being busy or loss of network connectivity, the system buffers, or archives, the accounting messages.
Accounting message archive size thresholds generate alerts or alarms based on the number of AAA accounting messages buffered in the archive during the specified polling interval. Accounting requests are counted for all AAA accounting servers that the system is configured to communicate with.
Alerts or alarms are triggered for accounting failures based on the following rules:
Enter condition: Actual number of archived messages ³ High Threshold
Clear condition: Actual number of archived messages < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 250 AAA accounting archived messages and low threshold of 100 for an system using the Alarm thresholding model:
threshold aaa-acct-archive-size 250 clear 100
 
threshold aaa-acct-failure
Configures accounting failure thresholds for the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-acct-failure high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold number of accounting failures that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of accounting failures that maintains a previously generated alarm condition. If the number of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Accounting failure thresholds generate alerts or alarms based on the number of failed AAA accounting message requests that occur during the specified polling interval. Accounting requests are counted for all AAA accounting servers that the system is configured to communicate with.
Alerts or alarms are triggered for accounting failures based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 AAA accounting failures and low threshold of 25 for an system using the Alarm thresholding model:
threshold aaa-acct-failure 100 clear 25
 
threshold aaa-acct-failure-rate
Configures accounting failure rate thresholds for the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-acct-failure-rate high_thresh [ clear low_thresh ]
high_thresh
Default: 1
The high threshold percent of accounting failures that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100.
clear low_thresh
Default: 1
The low threshold percent of accounting failures that maintains a previously generated alarm condition. If the percentage of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Accounting failure rate thresholds generate alerts or alarms based on the percentage of AAA accounting message requests that failed during the specified polling interval. Accounting requests are counted for all AAA accounting servers that the system is configured to communicate with.
Alerts or alarms are triggered for accounting failure rates based on the following rules:
Enter condition: Actual failure percentage ³ High Threshold
Clear condition: Actual failure percentage < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a AAA accounting failure rate high threshold percentage of 30 and a low threshold percentage of 10 for an system using the Alarm thresholding model:
threshold aaa-acct-failure-rate 30 clear 10
 
threshold aaa-auth-failure
Configures authentication failure thresholds for the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-auth-failure high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold number of authentication failures that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of authentication failures that maintains a previously generated alarm condition. If the number of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Authentication failure thresholds generate alerts or alarms based on the number of failed AAA authentication message requests that occur during the specified polling interval. Authentication requests are counted for all AAA authentication servers that the system is configured to communicate with.
Alerts or alarms are triggered for authentication failures based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 AAA authentication failures for an system using the Alert thresholding model:
threshold aaa-auth-failure 100
 
threshold aaa-auth-failure-rate
Configures authentication failure rate thresholds for the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-auth-failure-rate high_thresh [ clear low_thresh ]
high_thresh
Default: 5
The high threshold percent of authentication failures that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100.
clear
Allows the configuration of the low threshold.
low_thresh
Default: 5
The low threshold percent of authentication failures that maintains a previously generated alarm condition. If the percentage of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Authentication failure rate thresholds generate alerts or alarms based on the percentage of AAA authentication message requests that failed during the specified polling interval. Authentication requests are counted for all AAA authentication servers that the system is configured to communicate with.
Alerts or alarms are triggered for authentication failures based on the following rules:
Enter condition: Actual failure percentage ³ High Threshold
Clear condition: Actual failure percentage < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a AAA authentication failure rate high threshold percentage of 30 for an system using the Alert thresholding model:
threshold aaa-auth-failure-rate 30
 
threshold aaa-retry-rate
Configures AAA retry rate thresholds for the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaa-retry-ratehigh_thresh[ clearlow_thresh]
high_thresh
Default: 5
The high threshold percent of AAA request message retries that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100.
clear low_thresh
Default: 5
The low threshold percent of AAA request message retries that maintains a previously generated alarm condition. If the percentage of retries falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
AAA request message retry rate thresholds generate alerts or alarms based on the percentage of request messages (both authentication and accounting) that were retried during the specified polling interval. The percentage is based on a message count taken for all AAA authentication and accounting servers that the system is configured to communicate with.
Alerts or alarms are triggered for request message retries based on the following rules:
Enter condition: Actual retry percentage ³ High Threshold
Clear condition: Actual retry percentage < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a AAA message retry rate high threshold percentage of 25 and a low threshold percentage of 10 for an system using the Alarm thresholding model:
threshold aaa-retry-rate 25 clear 10
 
threshold aaamgr-request-queue
This command configures the AAA Manager internal request queue threshold.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold aaamgr-request-queuehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of AAA Manager Requests that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 1 and 100.
clear
Allows the configuration of the low threshold.
low_thresh
Default: 5
The low threshold number of AAA Manager Requests that maintains a previously generated alarm condition. If the percentage of failures falls beneath the low threshold within the polling interval, a clear alarm is generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
AAA Manager Request thresholds generate alerts or alarms based on the number of AAA Manager Requests for an AAA manager process during the specified polling interval.
Alerts or alarms are triggered for AAA Manager Requests based on the following rules:
Enter condition: Actual number of AAA Manager Requests per AAA manager ³ High Threshold
Clear condition: Actual number of AAA Manager Requests per AAA manager process < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm is not generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a AAA authentication failure rate high threshold percentage of 30 for an system using the Alert thresholding model:
threshold aaamgr-request-queue 30
 
threshold asngw-auth-failure
Configures authentication failure thresholds for the ASN-GW system.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-auth-failurehigh_thresh[ clearlow_thresh]
default threshold asngw-auth-failure
high_thresh
Default: 0
The high threshold number of authentication failures that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of authentication failures that maintains a previously generated alarm condition. If the number of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to configure threshold limits to generate alerts or alarms based on the number of failed ASN-GW authentication message requests that occur during the specified polling interval. Authentication requests are counted for all ASN Gateway authentication servers that the system is configured to communicate with.
Alerts or alarms are triggered for authentication failures based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 authentication failures for an ASN-GW using the Alert thresholding model:
threshold asngw-auth-failure 100
 
threshold asngw-handoff-denial
Configures thresholds for hand-off denial for the ASN-GW service.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-handoff-denialhigh_thresh[ clearlow_thresh]
default threshold asngw-handoff-denial
high_thresh
Default: 0
The high threshold number of hand-off denials that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of hand-off denials that maintains a previously generated alarm condition. If the number of hand-off denials falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of denied hand-off that occurred during the specified polling interval. Hand-off denial messages are counted for all ASN Gateways that the system is configured to communicate with.
Alerts or alarms are triggered for hand-off denials based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 hand-off denials using the Alert thresholding model:
threshold asngw-handoff-denial 100
 
threshold asngw-max-eap-retry
Configures thresholds for maximum retries for Extensible Authentication Protocol (EAP) authentication on an ASN-GW service.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-max-eap-retry high_thresh[ clearlow_thresh]
default threshold asngw-max-eap-retry
high_thresh
Default: 0
The high threshold number of retries for EAP authentication that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of retries for EAP authentication that maintains a previously generated alarm condition. If the number of retries falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of retries for EAP authentication that occur during the specified polling interval.
Alerts or alarms are triggered for maximum number of retries for EAP authentication based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 alerts or alarms generated on maximum number of retries for EAP authentication for an ASN Gateway using the Alert thresholding model:
threshold asngw-handoff-denial 100
 
threshold asngw-network-entry-denial
Configures thresholds for denial of network entry to an MS with in the ASN-GW service.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-network-entry-denialhigh_thresh[ clearlow_thresh]
default threshold asngw-network-entry-denial
high_thresh
Default: 0
The high threshold number of denial of network entry to an MS that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of denial of network entry to an MS that maintains a previously generated alarm condition. If the number of denials falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of network entry denials that occurred during the specified polling interval. Network denial messages are counted for an MS that the system is configured to communicate with.
Alerts or alarms are triggered for network entry denials based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 network entry denials for an MS using the Alert thresholding model:
threshold asngw-network-entry-denial 100
 
threshold asngw-r6-invalid-nai
Configures thresholds to generate alert/alarm for invalid Network Access Identifier (NAI) in R6 message.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-r6-invalid-naihigh_thresh[ clearlow_thresh]
default threshold asngw-r6-invalid-nai
high_thresh
Default: 0
The high threshold number of invalid NAIs in R6 messages that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of invalid NAIs in R6 messages that maintains a previously generated alarm condition. If the number of denials falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of invalid NAIs in R6 messages that occurred during the specified polling interval. Invalid NAIs are counted for an MS that the system is configured to communicate with or per system for all R6 messages.
Alerts or alarms are triggered for invalid NAIs based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 invalid NAIs in R6 messages using the Alert thresholding model:
threshold asngw-r6-invalid-nai 100
 
threshold asngw-session-setup-timeout
Configures thresholds to generate alert/alarm for session setup timeouts in an ASN-GW service.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-session-setup-timeouthigh_thresh[ clearlow_thresh]
default threshold asngw-session-setup-timeout
high_thresh
Default: 0
The high threshold number of timeouts during session setup that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of timeouts during session setup that maintains a previously generated alarm condition. If the number of denials falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of timeouts during session setup that occurred during the specified polling interval.
Alerts or alarms are triggered for session setup timeouts based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 timeouts during session setup using the Alert thresholding model:
threshold asngw-session-setup-timeout 100
 
threshold asngw-session-timeout
Configures thresholds to generate alert/alarm for session timeouts in an ASN-GW service.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold asngw-session-timeouthigh_thresh[ clearlow_thresh]
default threshold asngw-session-timeout
high_thresh
Default: 0
The high threshold number of timeouts during session that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of timeouts during session that maintains a previously generated alarm condition. If the number of session timeouts falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 10000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to set threshold limits to generate alerts or alarms based on the number of timeouts during a session that occurred during the specified polling interval.
Alerts or alarms are triggered for session timeouts based on the following rules:
Enter condition: Actual number of failures ³ High Threshold
Clear condition: Actual number of failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 timeouts during a session using the Alert thresholding model:
threshold asngw-session-timeout 100
 
threshold call-reject-no-resource
Configures thresholds on the system for calls rejected due to insufficient resources.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold call-reject-no-resourcehigh_thresh [ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of no-resource call rejects issued by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of no-resource call rejects issued by the system that maintains a previously generated alarm condition. If the number of rejections falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
No resource call reject thresholds generate alerts or alarms based on the total number of calls that were rejected by the system due to insufficient or no resources (memory and/or session licenses) during the specified polling interval.
Alerts or alarms are triggered for no-resource-rejected calls based on the following rules:
Enter condition: Actual number of calls rejected due to no resources ³ High Threshold
Clear condition: Actual number of calls rejected due to no resources < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count for the number of calls rejected by the system due to insufficient or no resources to 100 and allow threshold of 40 for an system using the Alarm thresholding model:
threshold call-reject-no-resource 100 clear 40
 
threshold call-setup
Configures call setup thresholds for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold call-setuphigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of calls setup by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of calls setup by the system that maintains a previously generated alarm condition. If the number of setups falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Call setup thresholds generate alerts or alarms based on the total number of calls setup by the system during the specified polling interval.
Alerts or alarms are triggered for call setups based on the following rules:
Enter condition: Actual number of call setups ³ High Threshold
Clear condition: Actual number of call setups < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 calls setup for an system using the Alert thresholding model:
threshold call-setup 100
 
threshold call-setup-failure
Configures call setup failure thresholds for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold call-setup-failurehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of call setup failures experienced by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of call setup failures experienced by the system that maintains a previously generated alarm condition. If the number of setup failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Call setup failure thresholds generate alerts or alarms based on the total number of call setup failures experienced by the system during the specified polling interval.
Alerts or alarms are triggered for call setup failures based on the following rules:
Enter condition: Actual number of call setup failures ³ High Threshold
Clear condition: Actual number of call setup failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 100 call setup failures and a low threshold of 80 for an system using the Alarm thresholding model:
threshold call-setup-failure 100 clear 80
 
threshold cpu-available-memory
Configures thresholds for available CPU memory for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-available-memorylow_thresh [ clearhigh_thresh]
low_thresh
Default: 32
The low threshold amount of CPU memory that must be met or exceeded at the polling time to generate an alert or alarm.
low_thresh is measured in mega bytes (MB) and can be configured to any integer value between 0 and 2048.
clear high_thresh
Default: 32
The high threshold amount of CPU memory that maintains a previously generated alarm condition. If the memory amount rises above the high threshold within the polling interval, a clear alarm will be generated.
high_thresh is measured in mega bytes (MB) and can be configured to any integer value between 0 and 2048.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
CPU available memory thresholds generate alerts or alarms based on the amount of available memory for each PSC/PSC2 CPU at the polling time. Although, a single threshold is configured for all CPUs, separate alerts or alarms can be generated for each CPU.
Alerts or alarms are triggered for available CPU memory based on the following rules:
Enter condition: Average measured amount of memory/CPU for last 5 minutes £ Low Threshold
Clear condition: Average measured amount of memory/CPU for last 5 minutes > High Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
The following command configures a low threshold count of 50 MB CPU memory available and a high threshold of 112 MB for an system using the Alarm thresholding model:
threshold cpu-available-memory 50 clear 112
 
threshold cpu-load
Configures the threshold for monitoring PSC/PSC2 CPU loads using a 5 minute average measurement. The threshold is enabled by enabling CPU resource monitoring.
Product
All
Privilege
Security Administrator, Administrator
Syntax
thresholdcpu-loadhigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
If the monitored CPU load is greater than or equal to the specified number an alert is sent. high_thresh must be an integer from 0 through 15.
clear low_thresh
Default: 0
This is a low watermark value that sets the alarm clearing threshold value. If not present it is taken from the first value. low_thresh must be an integer from 0 through 15.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
Use this command to set an alert when the card’s CPU load is equal to or greater than the number specified.
Alerts or alarms are triggered for CPU load based on the following rules:
Enter condition: Actual CPU load ³ High Threshold
Clear condition: Actual CPU load < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
To set an alert when the PSC/PSC2 CPU load is over 10 and set an alert clear when the CPU load drops down equal or less than 7, enter the following command;
threshold cpu-load 10 clear 7
 
threshold cpu-memory-usage
Configures the threshold for monitoring the percentage of total CPU memory used during the polling interval.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-memory-usagehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold for percentage of total memory used that must be met or exceeded at the end of the polling interval to generate an alert or alarm.
high_thresh is measured in percentage of total CPU memory used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold for percentage of total CPU memory used that maintains a previously generated alarm condition. If the memory usage falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh is measured in percentage of total CPU memory used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
CPU memory usage generate alerts or alarms based on the percentage of total CPU memory used during the polling interval.
Alerts or alarms are triggered for CPU memory usage session based on the following rules:
Enter condition: Actual percentage of CPU memory usage ³ specified percentage of total CPU memory.
Clear condition: Actual CPU memory usage < specified clear percentage of total CPU memory usage.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a threshold of 65 percent of total PSC/PSC2 CPU memory usage and a clear threshold of 35 percent:
threshold cpu-memory-usage 65 clear 35
 
threshold cpu-orbs-crit
Configures threshold for generating critical-level alerts or alarms based on the percentage of CPU utilization by the ORBS software task
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-orbs-crithigh_thresh[ clearlow_thresh]
[ default ] threshold cpu-orbs-crit
default
Restores this parameter to its default setting.
high_thresh
Default: 60
The high threshold percent of CPU utilization by the ORB software task that must be exceeded as measured at the time of polling to generate a critical-level alert or alarm.
high_thresh is measured in percentage of total CPU utilization and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
clear low_thresh
Default: 60
The low threshold percent of CPU utilization by the ORB software task that maintains a previously generated alarm condition. If the percentage is measured as less than or equal to the low threshold at the time of polling, a clear alarm will be generated.
low_thresh is measured in percentage of total CPU utilization and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
Object Request Broker (ORB) software task CPU utilization thresholds generate critical-level alerts or alarms based on the percentage of SMC CPU resources it is consuming at the time of polling.
Critical-level alerts or alarms are triggered for CPU usage by the ORBs software task based on the following rules:
Enter condition: Actual CPU usage percentage > High Threshold
Clear condition: Actual CPU usage percentage £ Low Threshold
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a critical-level alarm threshold of 35 percent of CPU utilization by the ORBS task and a clear threshold of 35 percent:
threshold cpu-orbs-crit 35 clear 35
 
threshold cpu-orbs-warn
Configures threshold for generating warning-level alerts or alarms based on the percentage of CPU utilization by the ORBS software task
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-orbs-warnhigh_thresh[ clearlow_thresh]
[ default ] threshold cpu-orbs-warn
default
Restores this parameter to its default setting.
high_thresh
Default: 50
The high threshold percent of CPU utilization by the ORB software task that must be exceeded as measured at the time of polling to generate a warning-level alert or alarm.
high_thresh is measured in percentage of total CPU utilization and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
clear low_thresh
Default: 50
The low threshold percent of CPU utilization by the ORB software task that maintains a previously generated alarm condition. If the percentage is measured as less than or equal to the low threshold at the time of polling, a clear alarm will be generated.
low_thresh is measured in percentage of total CPU utilization and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
Object Request Broker (ORB) software task CPU utilization thresholds generate warning-level alerts or alarms based on the percentage of SMC CPU resources it is consuming at the time of polling.
Warning-level alerts or alarms are triggered for CPU usage by the ORBs software task based on the following rules:
Enter condition: Actual CPU usage percentage > High Threshold
Clear condition: Actual CPU usage percentage £ Low Threshold
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a warning-level alarm threshold of 25 percent of CPU utilization by the ORBS task and a clear threshold of 25 percent:
threshold cpu-orbs-warn 25 clear 25
 
threshold cpu-session-throughput
Configures thresholds for CPU session throughput for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-session-throughputhigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold session throughput that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh is measured in Kilobytes per second (Kbps) and can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold session thereabout that maintains a previously generated alarm condition. If the throughput falls below the low threshold within the polling interval, a clear alarm will be generated.
low_thresh is measured in Kilobytes per second (Kbps) and can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
CPU session throughput thresholds generate alerts or alarms based on total throughput for all Session Manager tasks running on each PSC/PSC2 CPU during the polling interval. Although, a single threshold is configured for all CPUs, separate alerts or alarms can be generated for each CPU.
Alerts or alarms are triggered for CPU session throughput based on the following rules:
Enter condition: Actual CPU session throughput ³ High Threshold
Clear condition: Actual CPU session throughput < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
The following command configures a high threshold count of 900 Kbps session throughput and a low threshold of 500 KBps for an system using the Alarm thresholding model:
threshold cpu-session-throughput 900 clear 500
 
threshold cdr-file-space
Configures the threshold for monitoring the percentage of total file space allocated for CDRs used during the polling interval.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold cdr-file-space high_thresh [ clear low_thresh ]
default threshold cdr-file-space
default
Configures the default setting.
high_thresh
Default: 90
The high threshold for percentage of total allocated CDR file space used that must be met or exceeded at the end of the polling interval to generate an alert or alarm.
high_thresh is measured in percentage of total allocated CDR file space used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold for percentage of total allocated CDR file space used that maintains a previously generated alarm condition. If the space usage falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh is measured in percentage of total allocated CDR file space used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
CDR file space usage generate alerts or alarms based on the percentage of total allocated CDR file space used during the polling interval.
Alerts or alarms are triggered for CDR file space usage session based on the following rules:
Enter condition: Actual percentage of allocated CDR file space usage ³ specified percentage of total CDR file space.
Clear condition: Actual CDR file space used < specified clear percentage of total allocated CDR file space usage.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a threshold of 65 percent of total allocated CDR file space usage and a clear threshold of 35 percent:
threshold cdr-file-space 65 clear 35
 
threshold contfilt-block
Configures the threshold for Content Filtering rating operations blocked during a polling interval at which the threshold are raised or cleared.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
threshold contfilt-block high_thresh_value [ clear low_thresh_value ]
default threshold contfilt-block
high_thresh
Default: 90
The high threshold for number of rating operations blocked for content filtering service that must be met or exceeded at the end of the polling interval to generate an alert or alarm.
high_thresh is measured in numbers of total rating operations blocked and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold for the total number of rating operations blocked for a content filtering service that maintains a previously generated alarm condition. If the threshold falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh is measured in umber of total rating operations blocked and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Usage
Use this command to configure the threshold for a content filtering service to generates alerts or alarms based on the number of rating operations blocked for a content filtering service during the polling interval.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll contfilt-block command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a threshold of 65 percent of total rating operations blocked and a clear threshold of 35 percent:
threshold contfilt-block 65 clear 35
 
threshold contfilt-rating
Configures the threshold for Content Filtering rating operations performed during a polling interval at which the threshold are raised or cleared.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
threshold contfilt-rating high_thresh_value [ clear low_thresh_value ]
default threshold contfilt-rating
high_thresh
Default: 90
The high threshold for number of rating operations performed for content filtering service that must be met or exceeded at the end of the polling interval to generate an alert or alarm.
high_thresh is measured in numbers of total rating operations performed and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold for the total number of rating operations performed for a content filtering service that maintains a previously generated alarm condition. If the threshold falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh is measured in umber of total rating operations performed and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Usage
Use this command to configure the threshold for a content filtering service to generates alerts or alarms based on the number of rating operations performed for a content filtering service during the polling interval.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll contfilt-rating command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a threshold of 65 percent of total rating operations performed and a clear threshold of 35 percent:
threshold contfilt-rating 65 clear 35
 
threshold cpu-utilization
Configures thresholds for CPU utilization for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold cpu-utilizationhigh_thresh[ clearlow_thresh]
high_thresh
Default: 85
The high threshold CPU utilization percentage that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100.
clear low_thresh
Default: 85
The low threshold CPU utilization percentage that maintains a previously generated alarm condition. If the utilization percentage falls below the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
CPU utilization thresholds generate alerts or alarms based on the utilization percentage of each PSC/PSC2 CPU during the specified polling interval. Although, a single threshold is configured for all CPUs, separate alerts or alarms can be generated for each CPU.
Alerts or alarms are triggered for CPU utilization based on the following rules:
Enter condition: Average measured CPU utilization for last 5 minutes ³ High Threshold
Clear condition: Average measured CPU utilization for last 5 minutes < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
The following command configures a high threshold CPU utilization percentage of 90 for an system using the Alert thresholding model:
threshold cpu-utilization 90
 
threshold dcca-bad-answer
Configures the threshold for invalid or bad responses to the system from Diameter server.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold dcca-bad-answer high_thresh [ clear low_thresh ]
default
Disables the threshold for configured alarm and set the high_thresh and low_thresh values to 0.
high_thresh
Default: 0
The high threshold number of invalid messages or responses that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1044000.
clear low_thresh
Default: 0
The low threshold number of invalid messages/responses that maintains a previously generated alarm condition. If the number of failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1044000.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
In the event that the system receives invalid message or response from Diameter server dcca-bad-answer is generated.
DCCA bad answer messages size threshold generates alerts or alarms based on the number of invalid response or messages received during the specified polling interval.
Alerts or alarms are triggered for DCCA bad answers based on the following rules:
Enter condition: Actual number of DCCA bad answer messages ³ High Threshold
Clear condition: Actual number of DCCA bad answer messages < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Example
The following command configures a high threshold count of 250 DCCA bad answer messages and low threshold of 100 for an system using the Alarm thresholding model:
threshold dcca-bad-answer 250 clear 100
 
threshold dcca-protocol-error
Configures the threshold for Diameter Credit Control Application (DCCA) protocol error from Diameter server.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold dcca-protocol-error high_thresh [ clear low_thresh ]
default
Disables the threshold for configured alarm and sets the high_thresh and low_thresh values to 0.
high_thresh
Default: 0
The high threshold number of protocol error received from Diameter server that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1044000.
clear low_thresh
Default: 0
The low threshold number of protocol error received from Diameter server that maintains a previously generated alarm condition. If the number of errors falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1044000.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
In the event that the system receives the protocol errors from Diameter server, dcca-protocol-error is generated.
DCCA protocol error threshold generates alerts or alarms based on the number of protocol error messages received from Diameter server during the specified polling interval.
Alerts or alarms are triggered for DCCA protocol error based on the following rules:
Enter condition: Actual number of DCCA protocol error ³ High Threshold
Clear condition: Actual number of DCCA protocol errors < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Example
The following command configures a high threshold count of 250 protocol errors and low threshold of 100 for an system using the Alarm thresholding model:
threshold dcca-protocol-error 250 clear 100
 
threshold dcca-rating-failed
Configures Diameter Credit Control Application (DCCA) Rating Group (content-id) request reject thresholds.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold dcca-rating-failed high_thresh [ clear low_thresh ]
default
Disables the threshold for configured alarm and sets the high_thresh and low_thresh values to 0.
high_thresh
Default: 0
The high threshold number of requests for a block of credits due to invalid Rating Group (content-id), rejected from the Diameter server that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1044000.
clear low_thresh
Default: 0
The low threshold number of requests for a block of credits due to invalid Rating Group (content-id), rejected from the Diameter server that maintains a previously generated alarm condition. If the number of errors falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1044000.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
In the event that the Diameter server rejects the system request for a block of credits due to invalid Rating Group, defined as content-id, dcca-rating-failed message is generated.
Rating Group failed threshold generates alerts or alarms based on the number of requests rejected from Diameter server during the specified polling interval.
Alerts or alarms are triggered for Rating Group failed based on the following rules:
Enter condition: Actual number of DCCA Rating Group failed ³ High Threshold
Clear condition: Actual number of DCCA Rating Group failed < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Example
The following command configures a high threshold count of 250 requests rejected and low threshold of 100 for an system using the Alarm thresholding model:
threshold dcca-rating-failed 250 clear 100
 
threshold dcca-unknown-rating-group
Configures the unknown Diameter Credit Control Application (DCCA) Rating Group (content-id) returned by Diameter to system thresholds.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold dcca-unknown-rating-group high_thresh [ clear low_thresh ]
default
Disables the threshold for configured alarm and sets the high_thresh and low_thresh values to 0.
high_thresh
Default: 0
The high threshold number of unknown Rating Group (content-id) sent by Diameter server and received by system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1044000.
clear low_thresh
Default: 0
The low threshold number of unknown Rating Group (content-id) sent by Diameter server and received by system that maintains a previously generated alarm condition. If the number of errors falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1044000.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
In the event that the Diameter server sends invalid Rating Groups, content-ids to the system, dcca-unk-rating-group message is generated.
Unknown Rating Group threshold generates alerts or alarms based on the number of unknown Rating Groups received by the system from Diameter server during the specified polling interval.
Alerts or alarms are triggered for unknown rating groups based on the following rules:
Enter condition: Actual number of unknown rating groups ³ High Threshold
Clear condition: Actual number of unknown rating groups < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Example
The following command configures a high threshold count of 250 unknown rating groups and low threshold of 100 for an system using the Alarm thresholding model:
threshold dcca-unknown-rating-group 250 clear 100
 
threshold diameter diameter-retry-rate
This command configures Diameter Retry Rate threshold for generating alerts or alarms based on the percentage of Diameter requests that were retried during the polling interval.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold diameter diameter-retry-rate high_thresh [ clear low_thresh ]
default threshold diameter diameter-retry-rate
default
Configures the default setting.
Default: Disables the thresholds; the threshold values are reset to 0.
high_thresh
Default: 0
Specifies the high threshold. If, within the polling interval, the percentage of Diameter requests retried equals or exceeds high_thresh an alert or alarm is generated.
high_thresh must be an integer from 0 through 100.
clear low_thresh
Default: 0
Specifies the low threshold. If, within the polling interval, the percentage of Diameter requests retried falls below low_thresh, a clear alarm is generated.
low_thresh must be an integer from 0 through 100.
Important: This value is applicable for the Alarm mode, and ignored for the Alert mode. In addition, if this value is not configured for the Alarm mode, the system assumes it is identical to the high threshold.
Usage
Diameter Retry Rate threshold generates alerts or alarms based on the percentage of Diameter requests that were retried during the specified polling interval.
Alerts or alarms are triggered based on the following rules:
Enter condition: Percentage of Diameter requests retried High Threshold
Clear condition: Percentage of Diameter requests retried < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Example
The following command configures a high threshold of 75 percent, and a low threshold of 50 percent for a system using the Alarm thresholding model:
threshold diameter diameter-retry-rate 75 clear 50
 
threshold edr-file-space
Configures the threshold for monitoring the percentage of total file space allocated for EDRs used during the polling interval.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold edr-file-space high_thresh [ clear low_thresh ]
high_thresh
Default: 90
The high threshold for percentage of total allocated EDR file space used that must be met or exceeded at the end of the polling interval to generate an alert or alarm.
high_thresh is measured in percentage of total allocated EDR file space used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold for percentage of total allocated EDR file space used that maintains a previously generated alarm condition. If the space usage falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh is measured in percentage of total allocated EDR file space used and can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
EDR file space usage generate alerts or alarms based on the percentage of total allocated EDR file space used during the polling interval.
Alerts or alarms are triggered for EDR file space usage session based on the following rules:
Enter condition: Actual percentage of allocated EDR file space usage ³ specified percentage of total EDR file space.
Clear condition: Actual EDR file space used < specified clear percentage of total allocated EDR file space usage.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a threshold of 65 percent of total allocated EDR file space usage and a clear threshold of 35 percent:
threshold edr-file-space 65 clear 35
 
threshold edr-udr-dropped flow control
This command configures thresholds to monitor the total number of EDRs and UDRs discarded due to flow control.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold edr-udr-dropped-flow-control high_thresh [ clear low_thresh ]
default threshold edr-udr-dropped-flow-control
default
Configures the default setting.
Default: High threshold: 90; Low threshold: 10
high_thresh
Default: 90
The high threshold for total number of EDRs + UDRs dropped due to flow control, which must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh must be an integer from 0 through 100000.
A value of 0 indicates the threshold.
clear low_thresh
Default: 10
The low threshold for total number of EDRs + UDRs dropped that maintains a previously generated alarm condition. If the total number of EDRs + UDRs dropped falls below the low threshold within the polling interval, a clear alarm is generated.
low_thresh must be an integer from 0 through 100000, and must be lower than high_thresh.
A value of 0 disables the threshold.
Usage
Use this command to configure thresholds to monitor the total number of EDRs + UDRs discarded due to flow control. Alerts or alarms are generated based on the total number of EDRs + UDRs dropped during polling interval.
Alerts or alarms are triggered for EDR file space usage session based on the following rules:
Enter condition: Actual number of EDRs + UDRs dropped >= specified number of EDRs + UDRs dropped.
Clear condition: Actual number of EDR + UDRs dropped < specified clear number of EDRs + UDRs dropped.
If a trigger condition exists at the end of the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold of 90 and a clear threshold of 45 to monitor EDRs + UDRs dropped due to flow control:
threshold edr-udr-dropped-flow-control 90 clear 45
 
threshold fw-deny-rule
This command configures thresholds for Stateful Firewall Deny Rule.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
threshold fw-deny-rule high_thresh [ clear low_thresh ]
default threshold fw-deny-rule
default
Disables the threshold and sets high_thresh and low_thresh to the default values.
high_thresh
Specifies the Stateful Firewall Deny-Rule threshold value, which if met or exceeded generates an alert or alarm.
high_thresh must be an integer from 0 through 1000000.
Default: 0
clear low_thresh
Specifies the Stateful Firewall Deny-Rule alarm clear threshold value. If, in the same polling interval, the threshold falls below low_thresh a clear alarm is generated.
low_thresh must be an integer from 0 through 1000000.
Default: 0
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
When the number of Deny-Rule exceeds a given value, a threshold is raised and it is cleared when the number of Deny-Rule fall below a value within the polling interval.
Refer to the threshold poll command to configure the polling interval, and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a Stateful Firewall Deny Rule high threshold of 1000 and a low threshold of 100 for a system using the Alarm Thresholding model:
threshold fw-deny-rule 1000 clear 100
 
threshold fw-dos-attack
This command configures thresholds for Stateful Firewall Denial-of-Service (DoS) attacks.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
threshold fw-dos-attack high_thresh [ clear low_thresh ]
default threshold fw-dos-attack
default
Disables the threshold and sets high_thresh and low_thresh to the default values.
high_thresh
Specifies the Stateful Firewall DoS attacks threshold value, which if met or exceeded generates an alert or alarm.
high_thresh must be an integer from 0 through 1000000.
Default: 0
clear low_thresh
Specifies the Stateful Firewall DoS attacks clear threshold value. If, in the same polling interval, the threshold falls below low_thresh a clear alarm is generated.
low_thresh must be an integer from 0 through 1000000.
Default: 0
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
When the number of DoS attacks exceed a given value, a threshold is raised and it is cleared when the number of DoS attacks fall below a value within the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a Stateful Firewall DoS attacks high threshold of 1000 and a low threshold of 100 for a system using the Alarm Thresholding model:
threshold fw-dos-attack 1000 clear 100
 
threshold fw-drop-packet
This command configures thresholds for Stateful Firewall drop packets.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
threshold fw-drop-packet high_thresh [ clear low_thresh ]
default threshold fw-drop-packet
default
Disables the threshold and sets high_thresh and low_thresh to the default values.
high_thresh
Specifies the Stateful Firewall drop packets threshold value, which if met or exceeded generates an alert or alarm.
high_thresh must be an integer from 0 through 1000000.
Default: 0
clear low_thresh
Specifies the Stateful Firewall drop packets clear threshold value. If, in the same polling interval, the threshold falls below low_thresh a clear alarm is generated.
low_thresh must be an integer from 0 through 1000000.
Default: 0
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
When the number of drop packets exceed a given value, a threshold is raised and it is cleared when the number of drop packets fall below a value within the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a Stateful Firewall drop packets high threshold of 1000 and a low threshold of 100 for a system using the Alarm thresholding model:
threshold fw-drop-packet 1000 clear 100
 
threshold fw-no-rule
This command configures thresholds for Stateful Firewall no rules.
Product
FW
Privilege
Security Administrator, Administrator
Syntax
threshold fw-no-rule high_thresh [ clear low_thresh ]
default threshold fw-no-rule
default
Disables the threshold and sets high_thresh and low_thresh to the default values.
high_thresh
Specifies the Stateful Firewall no rules threshold value, which if met or exceeded generates an alert or alarm.
high_thresh must be an integer from 0 through 1000000.
Default: 0
clear low_thresh
Specifies the Stateful Firewall no rules clear threshold value. If, in the same polling interval, the threshold falls below low_thresh a clear alarm is generated.
low_thresh must be an integer from 0 through 1000000.
Default: 0
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
When the number of no rules exceed a given value, a threshold is raised and it is cleared when the number of no rules fall below a value within the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a Stateful Firewall no rules high threshold of 1000 and a low threshold of 100 for a system using the Alarm Thresholding model:
threshold fw-no-rule 1000 clear 100
 
threshold license
Configures thresholds for session license utilization for the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ no ] threshold license remaining-sessionslow_threshclearhigh_thresh
remaining-sessions low_thresh
Default: 10
The low threshold session license utilization percentage that must be met or exceeded within the polling interval to generate an alert or alarm.
low_thresh can be configured to any integer value between 0 and 100.
clear high_thresh
Default: 10
The high threshold session license utilization percentage that maintains a previously generated alarm condition. If the utilization percentage rises above the high threshold within the polling interval, a clear alarm will be generated.
high_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the low threshold.
Usage
Session license utilization thresholds generate alerts or alarms based on the utilization percentage of all session capacity licenses during the specified polling interval.
As described in Chapter 7 of the Administration and Configuration Guide, the system uses session capacity license to dictate the maximum number of simultaneous sessions that can be supported. There are multiple session types that require licenses (i.e. Simple IP, Mobile IP, L2TP, etc.). Although, a single threshold is configured for all session types, alerts or alarms can be generated for each type.
Alerts or alarms are triggered for session license utilization based on the following rules:
Enter condition: Actual session license utilization percentage per session type £ Low Threshold
Clear condition: Actual session license utilization percentage per session type > High Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a session license low threshold percentage of 10 and a high threshold of 35 for an system using the Alarm thresholding model:
threshold license remaining-sessions 10 clear 35
 
threshold mgmt-cpu-memory-usage
Configures the thresholds for CPU memory usage.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold mgmt-cpu-memory-usagehigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold percent of CPU memory usage that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh is measured in percentage of total memory used and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
clear low_thresh
The low threshold percent of CPU memory usage that maintains a previously generated alarm condition. If the percentage falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh is measured in percentage of total memory used and can be configured to any integer value 0 through 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
CPU memory usage thresholds generate alerts or alarms based on memory usage for the SMC CPU during the polling interval. A single threshold enables CPU monitoring for both the active and standby SMCs allowing for alerts or alarms to be generated for each CPU.
Alerts or alarms are triggered for SMC CPU memory usage based on the following rules:
Enter condition: Actual CPU memory usage ³ High Threshold
Clear condition: Actual CPU memory usage < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
The following command configures a threshold of 65 percent of total SMC CPU memory usage and a clear threshold of 35 percent:
threshold mgmt-cpu-memory-usage 65 clear 35
 
threshold mgmt-cpu-utilization
Configures the thresholds for CPU utilization.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold mgmt-cpu-utilizationhigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold CPU utilization percentage that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100.
clear low_thresh
The low threshold CPU utilization percentage that maintains a previously generated alarm condition. If the utilization percentage falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
CPU utilization thresholds generate alerts or alarms based on the utilization percentage of each SMC CPU during the specified polling interval. Although, a single threshold is configured for both SMC CPUs, separate alerts or alarms can be generated for each CPU.
Alerts or alarms are triggered for SMC CPU utilization based on the following rules:
Enter condition: Average measured CPU utilization for last 5 minutes ³ High Threshold
Clear condition: Average measured CPU utilization for last 5 minutes < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Important: This command is not supported on all platforms.
Example
The following command configures a high threshold SMC CPU utilization percentage of 90 for an system using the Alert thresholding model:
threshold mgmt-cpu-utilization 90
 
threshold mme-attach-failure
Use this command to configure thresholds for the total number of MME Attach Failure messages to count across all the MME services in the system as threshold limit to generate alert or alarm.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
threshold total-mme-attach-failurehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0 (Disabled)
The high threshold number of total MME Attach Failure messages across all MMM services on a system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0 (Disabled)
The low threshold number of total MME Attach Failure messages across all services on a system that maintains a previously generated alarm condition. If the number of MME Attach Failure messages, across all the services in a system, falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to monitor and set alarms or alerts when the total number of MME Attach Failure message across all the MME services in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of MME Attach Failure message based on the following rules:
Enter condition: Actual total number of MME Attach Failure messages ³ High Threshold
Clear condition: Actual total number of MME Attach Failure messages < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll mme-attach-failure command to configure the polling interval and the threshold monitoring mme-service command to enable thresholding for this value.
Example
The following command configures the limit of MME Attach Failure high threshold count of 10000 for an system using the Alert thresholding model:
threshold mme-attach-failure 10000
 
threshold mme-auth-failure
Use this command to configure thresholds for the total number of MME Auth Failure messages to count across all the MME services in the system as threshold limit to generate alert or alarm.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
threshold total-mme-auth-failurehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0 (Disabled)
The high threshold number of total MME Auth Failure messages across all MMM services on a system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0 (Disabled)
The low threshold number of total MME Auth Failure messages across all services on a system that maintains a previously generated alarm condition. If the number of MME Attach Failure messages, across all the services in a system, falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to monitor and set alarms or alerts when the total number of MME Auth Failure message across all the MME services in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of MME Auth Failure message based on the following rules:
Enter condition: Actual total number of MME Auth Failure messages ³ High Threshold
Clear condition: Actual total number of MME Auth Failure messages < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll mme-auth-failure command to configure the polling interval and the threshold monitoring mme-service command to enable thresholding for this value.
Example
The following command configures a total MME Auth Failure high threshold count of 10000 for an system using the Alert thresholding model:
threshold mme-auth-failure 10000
 
threshold model
Configures the thresholding model for the system to use.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold model { alarm | alert }
alarm
Selects the alarm thresholding model as described in the Usage section for this command.
alert
Selects the alert thresholding model as described in the Usage section for this command.
Usage
The system supports the following thresholding models:
Alert: A value is monitored and an alert condition occurs when the value reaches or exceeds the configured high threshold within the specified polling interval. The alert is generated then generated and/or sent at the end of the polling interval.
In the example shown in the figure below, this model generates alerts during period 2, 3, and 5 at the point where the count exceeded HT.
Alarm: Both high and low threshold are defined for a value. An alarm condition occurs when the value reaches or exceeds the configured high threshold within the specified polling interval. The alert is generated then generated and/or sent at the end of the polling interval.
The alarm is cleared at the end of the first interval where the measured value is below the low threshold.
In the example shown in the figure below, this model generates an alarm during period 2 when the count exceeds HT. A second alarm is generated in period 6 when the count falls beneath LT. The second alarm indicates a “clear” condition.
 
Thresholding Model Example
Important: Note that for certain values, the alert or alarm serves to warn of low quantities (i.e., memory, session licenses, etc.). In these cases, the low threshold is the condition that must be met or exceeded within the polling interval to generate the alert or alarm. Once the high threshold is exceeded during an interval, the low quantity condition is cleared.
Refer to the threshold monitoring command for additional information on thresholding.
Example
The following command configures the system to support the Alarm thresholding model:
threshold model alarm
 
threshold monitoring
Enables thresholding for the selected value.
Product
All
Privilege
Administrator
Syntax
[ no | default ] threshold monitoring { aaa-acct-archive-size | aaa-acct-failure | aaa-auth-failure | aaa-retry-rate | aaamgr-request-queue | asngw | call-setup | content-filtering | cpu-resource | cpu-session-throughput | cscf-service | diameter | ecs | fa-service | firewall | ha-service | hsgw-service | ipsec | license | lma-service | mme-service | packets-filtered-dropped | packets-forwarded-to-cpu | pdsn-service |pdg-service | pdif-service | pgw-service | route-service | sgw-service | subscriber | system }
no
Disables threshold monitoring for the specified value.
default
Sets / restores default value assigned for the specified parameter.
aaa-acct-archive-size
Enables threshold monitoring for the size of the AAA accounting record archive.
aaa-acct-failure
Enables threshold monitoring for AAA accounting failures and AAA accounting failure rate values.
Refer to the threshold aaa-acct-failure and threshold aaa-acct-failure-rate commands for additional information on these values.
aaa-auth-failure
Enables threshold monitoring for AAA authentication failures and AAA authentication failure rate values.
Refer to the threshold aaa-auth-failure and threshold aaa-auth-failure-rate commands for additional information on these values.
aaa-retry-rate
Enables threshold monitoring for the AAA retry rate value.
Refer to the threshold aaa-retry-rate command for additional information on this value.
aaamgr-request-queue
Enables threshold monitoring for AAA Manager Requests for each AAA manager process. Refer to the threshold aaamgr-request-queue command for additional information on these values.
asngw
Enables the threshold monitoring for ASN-GW services.
call-setup
Enables threshold monitoring for the call setup, call setup failures, and no-resource rejected call values.
Refer to the threshold call-setup, threshold call-setup-failure, threshold ppp-setup-fail-rate, threshold rp-setup-fail-rate, and threshold call-reject-no-resource commands for additional information on these values.
cpu-resource
Enables threshold monitoring for CPU thresholds.
Refer to the threshold 10sec-cpu-utilization, threshold cpu-available-memory, threshold cpu-load, threshold cpu-memory-usage, threshold cpu-orbs-crit, threshold cpu-orbs-warn, threshold cpu-session-throughput, threshold cpu-utilization, threshold mgmt-cpu-memory-usage, and threshold mgmt-cpu-utilization commands for additional information on these values.
cpu-session-throughput
Enables threshold monitoring for the CPU session throughput value.
Refer to the threshold cpu-session-throughput command for additional information on this value.
content-filtering
Enables threshold monitoring for the Content Filtering service.
cscf-service
Enables threshold monitoring for the CSCF service.
diameter
Enables threshold monitoring for Diameter.
ecs
Enables threshold monitoring for the Enhanced Charging Service (ECS).
fa-service
Enables threshold monitoring for Registration Reply errors for each FA service.
Refer to the threshold reg-reply-error FA Service Configuration Mode command for additional information on this value.
firewall
Enables threshold monitoring for the Stateful Firewall service.
Default: Disabled
Refer to the threshold fw-deny-rule, threshold fw-dos-attack, threshold fw-drop-packet, and threshold fw-no-rule commands for additional information on this value.
Important: Stateful Firewall thresholds can only be enabled if the Stateful Firewall license is present.
ha-service
Enables threshold monitoring for Registration Reply errors, re-registration reply errors, deregistration reply errors, and average calls setup per second for each HA service and average calls setup per second at the context level.
Refer to the threshold init-rrq-rcvd-rate, threshold reg-reply-error, threshold rereg-reply-error, and threshold dereg-reply-error HA Service Configuration Mode commands and the threshold ha-service init-rrq-rcvd-rate Context Configuration mode command for additional information on this value.
hsgw-service
Enables threshold monitoring for HSGW services.
Refer to the threshold total-hsgw-sessions for more information on HSGW thresholds.
ipsec
Enables monitoring of IPSec thresholds.
refer to the HA-Service Configuration Mode chapter of the Command Line Interface Reference for information on the IPSec thresholds.
license
Enables threshold monitoring for the session license value.
Refer to the threshold license command for additional information on this value.
lma-service
Enables threshold monitoring for LMA services.
Refer to the threshold total-lma-sessions for more information on LMA thresholds.
mme-service
Default: Disabled.
Enables threshold monitoring for the MME services.
Refer to the threshold total-mme-sessions commands for additional information on this value.
packets-filtered-dropped
Enables threshold monitoring for the filtered/dropped packet value.
Refer to the threshold packets-filtered-dropped command for additional information on this value.
packets-forwarded-to-cpu
Enables threshold monitoring for the forwarded packet value.
Refer to the threshold packets-forwarded-to-cpu command for additional information on this value.
pdg-service
Enables threshold monitoring for PDG service.
Threshold monitoring for PDG service is disabled by default.
pdif-service
Enables threshold monitoring for PDIF service.
pdsn-service
Enables threshold monitoring for average calls setup per second for contexts and for PDSN services, A11 Request.
Refer to the threshold packets-forwarded-to-cpu command for additional information on this value.
pgw-service
Enables threshold monitoring for P-GW services.
Refer to the threshold total-pgw-sessions for more information on P-GW thresholds.
route-service
Enables threshold monitoring for BGP/VRF route services.
Refer to the ip maximum-routes command in Context configuration mode and threshold route-service bgp-routes in this mode for more information on route thresholds.
sgw-service
Enables threshold monitoring for S-GW services.
Refer to the threshold total-sgw-sessions for more information on S-GW thresholds.
subscriber
Enables threshold monitoring for the subscriber and session values.
Refer to the threshold subscriber active, threshold subscriber total, threshold total-ggsn-sessions, threshold total-gprs-sessions, threshold total-gprs-pdp-sessions, threshold total-ha-sessions, threshold total-lns-sessions, threshold total-pdsn-sessions, threshold total-sgsn-sessions, threshold total-sgsn-pdp-sessions, threshold per-service-ggsn-sessions, threshold per-service-ha-sessions, threshold per-service-lns-sessions, and threshold per-service-pdsn-sessions commands for additional information on these values.
system
Enables system (chassis) thresholds monitoring.
Usage
Thresholding on the system is used to monitor the system for conditions that could potentially cause errors or outage. Typically, these conditions are temporary (i.e high CPU utilization, or packet collisions on a network) and are quickly resolved. However, continuous or large numbers of these error conditions within a specific time interval may be indicative of larger, more severe issues. The purpose of thresholding is to help identify potentially severe conditions so that immediate action can be taken to minimize and/or avoid system downtime.
Thresholding reports conditions using one of the following mechanisms:
SNMP traps: SNMP traps have been created that indicate the condition (high threshold crossing and/or clear) of each of the monitored values. Complete descriptions and other information pertaining to these traps is located in the starentMIB(8164).starentTraps(2) section of the SNMP MIB Reference.
The generation of specific traps can be enabled or disabled on the system allowing you to view only those traps that are most important to you.
Logs: The system provides a facility called threshold for which active and event logs can be generated. As with other system facilities, logs are generated Log messages pertaining to the condition of a monitored value are generated with a severity level of WARNING.
Alarm System: High threshold alarms generated within the specified polling interval are considered “outstanding” until a the condition no longer exists and/or a condition clear alarm is generated.
“Outstanding” alarms are reported to through the system’s alarm subsystem and are viewable through the system’s CLI.
The following table indicates the reporting mechanisms supported by each of the above models.
Thresholding Reporting Mechanisms by Model
In addition to the values that can be enabled by this command, the system supports the enabling of threshold monitoring for IP pool address availability (refer to the ip pool and threshold commands in this reference) and port utilization (refer to the threshold commands in this chapter).
Example
The following command enables thresholding for subscriber totals:
threshold monitoring subscriber
 
threshold nat-port-chunks-usage
This command configures the NAT port chunk utilization threshold settings.
Important: This command is only available in Release 8.3 and later releases.
Product
NAT
Privilege
Security Administrator, Administrator
Syntax
threshold nat-port-chunks-usage high_thresh [ clear low_thresh ]
default threshold nat-port-chunks-usage
default
Configures the default settings.
high_thresh
Default: 0
Specifies the high nat-port-chunks-usage threshold that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh must be an integer from 0 through 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
Specifies the low nat-port-chunks-usage threshold that must be met within the polling interval for a clear alarm to be generated.
low_thresh must be an integer from 0 through 100. A value of 0 disables the threshold. If not set, the high_thresh will be high and low threshold setting.
Usage
Use this command to configure the NAT port chunk utilization threshold settings.
Example
The following command sets the NAT port chunk utilization threshold settings to a high of 75 and a low of 15:
threshold nat-port-chunks-usage 75 clear 15
 
threshold packets-filtered-dropped
Configures filtered/dropped packet thresholds for the system.
Product
PDSN, GGSN, HA, SGSN, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold packets-filtered-dropped high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold number of filtered/dropped packets experienced by the system resulting from ACL rules that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of filtered/dropped packets experienced by the system resulting from ACL rules that maintains a previously generated alarm condition. If the number of packets falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Filtered/dropped packet thresholds generate alerts or alarms based on the total number of packets that were filtered or dropped by the system as a result of access control list (ACL) rules during the specified polling interval.
Alerts or alarms are triggered for filtered/dropped packets based on the following rules:
Enter condition: Actual number of filtered/dropped packets ³ High Threshold
Clear condition: Actual number of filtered/dropped packets < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value. In addition, refer to information on ACLs in this reference.
Example
The following command configures a filtered/dropped packet high threshold count of 150000 for an system using the Alert thresholding model:
threshold packets-filtered-dropped 150000
 
threshold packets-forwarded-to-cpu
Configures forwarded packet thresholds for the system.
Product
PDSN, GGSN, HA, SGSN, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold packets-forwarded-to-cpuhigh_thresh [ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of forwarded packets experienced by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of forwarded packets experienced by the system that maintains a previously generated alarm condition. If the number of packets falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1000000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Forwarded packet thresholds generate alerts or alarms based on the total number of packets that were forwarded to active system CPU(s) during the specified polling interval. Packets are forwarded to active system CPUs when the NPUs do not have adequate information to properly route them.
Important: Ping and/or traceroute packets are intentionally forwarded to system CPUs for processing. These packet types are included in the packet count for this threshold.
Alerts or alarms are triggered for forwarded packets based on the following rules:
Enter condition: Actual number of forwarded packets ³ High Threshold
Clear condition: Actual number of forwarded packets < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a forwarded packet high threshold count of 10000 for an system using the Alert thresholding model:
threshold packets-forwarded-to-cpu 10000
 
threshold pdg-current-active-sessions
Configures the threshold for monitoring the total number of all current PDG sessions only.
Product
PDG/TTG
Privilege
Security Administrator, Administrator
Syntax
threshold pdg-current-active-sessions high_thresh [ clear low_thresh ]
high_thresh
Configures the total number of active PDG sessions to be monitored on a chassis. high_thresh is any integer from 0 to 300000.
There is no default, but 0 means that there is no threshold monitoring.
clear low_thresh
Clears any percentage of the number of sessions being monitored using the high_thresh variable defined above.
low_thresh is any integer from 0 to 300000.
Usage
Thresholds are provided for monitoring the overall PDG usage on a chassis. This command is used to monitor the total number of active PDG sessions for an entire chassis.
Example
The following command configures a monitoring threshold of 300000 active PDG sessions on a chassis:
threshold pdg-current-active-sessions 300000
which turns out to be too many, so the following command clears 100000:
threshold pdg-current-active-sessions 300000 clear 100000
 
threshold pdg-current-sessions
Configures the threshold for monitoring the total number of all current PDG sessions, including inactive sessions.
Product
PDG/TTG
Privilege
Security Administrator, Administrator
Syntax
threshold pdg-current-sessions high_thresh [ clear low_thresh ]
high_thresh
Configures the total number of PDG sessions on a chassis, both active and inactive. high_thresh is any integer from 0 to 300000.
There is no default, but 0 means that there is no threshold monitoring.
clear low_thresh
Clears any percentage of the number of sessions being monitored using the high_thresh variable defined above.
low_thresh is any integer from 0 to 300000.
Usage
Thresholds are provided for monitoring the overall PDG usage on a chassis. This command is used to monitor the total number of PDG sessions, both active and inactive, for an entire chassis.
Example
The following command configures a monitoring threshold of 300000 active and inactive PDG sessions on a chassis:
threshold pdg-current-sessions 300000
which turns out to be too many, so the following command clears 100000:
threshold pdg-current-sessions 300000 clear 100000
 
threshold pdif-current-sessions
Configures the threshold for monitoring the total number of all current pdif sessions, including inactive sessions.
Product
PDIF
Privilege
Security Administrator, Administrator
Syntax
threshold pdif-current-sessions high_thresh [ clear low_thresh ]
high_thresh
Configures the total number of PDIF sessions on a chassis, both active and inactive. high_thresh is any integer from 0 to 300000.
There is no default, but 0 means that there is no threshold monitoring.
clear low_thresh
Clears any percentage of the number of sessions being monitored using the high_thresh variable defined above. low_thresh is any integer from 0 to 300000.
Usage
Thresholds are provided for monitoring the overall PDIF usage on a chassis. This command is used to monitor the total number of PDIF sessions, both active and inactive, for an entire chassis.
Example
The following command configures a monitoring threshold of 300000 active and inactive PDIF sessions on a chassis:
threshold pdif-current-sessions 300000
which turns out to be too many, so the following command clears 100000:
threshold pdif-current-sessions 300000 clear 100000
 
threshold pdif-current-active-sessions
Configures the threshold for monitoring the total number of current pdif sessions only.
Product
PDIF
Privilege
Security Administrator, Administrator
Syntax
threshold pdif-current-active sessions high_thresh [ clear low_thresh ]
high_thresh
Configures the total number of active PDIF sessions to be monitored on a chassis. high_thresh is any integer from 0 to 300000.
There is no default, but 0 means that there is no threshold monitoring.
clear low_thresh
Clears any percentage of the number of sessions being monitored using the high_thresh variable defined above. low_thresh is any integer from 0 to 300000.
Usage
Thresholds are provided for monitoring the overall PDIF usage on a chassis. This command is used to monitor the total number of active PDIF sessions for an entire chassis.
Example
The following command configures a monitoring threshold of 300000 active PDIF sessions on a chassis:
threshold pdif-current-active-sessions 300000
which turns out to be too many, so the following command clears 100000:
threshold pdif-current-active-sessions 300000 clear 100000
 
threshold per-service-ggsn-sessions
Configures thresholds for the number of PDP contexts per GGSN service in the system.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-ggsn-sessions high_thresh [clear low_thresh]
high_thresh
Default: 0
The high threshold number of PDP contexts for any one GGSN service that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of PDP contexts for any one GGSN service that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of PDP contexts for any GGSN service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDP contexts based on the following rules:
Enter condition: Actual number of PDP contexts for any GGSN service ³ High Threshold
Clear condition: Actual number of PDP contexts < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 10000 subscriber attaches per GGSN service for the Alert thresholding model:
threshold per-service-ggsn-sessions 10000
 
threshold per-service-gprs-pdp-sessions
Configures thresholds for the number of 2G-activated PDP contexts per GPRS service.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-gprs-pdp-sessionshigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold number of 2G-activated PDP contexts for any one GPRS service. This number must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of 2G-activated PDP contexts for any one GPRS service. This number or higher maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, then a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of 2G-activated PDP contexts for any GPRS service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDP contexts based on the following rules:
Enter condition: Actual number of PDP contexts for any GPRS service ³ High Threshold
Clear condition: Actual number of PDP contexts < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 10000 2G-activated PDP contexts per GPRS service for the Alert thresholding model:
threshold per-service-gprs-sessions 10000
 
threshold per-service-gprs-sessions
Configures the thresholds for the number of 2G-attached subscribers per GPRS service.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-gprs-sessionshigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold number of 2G-attached subscribers for any one GPRS service. This threshold number must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of 2G-attached subscribers for any one GPRS service. The number of subscribers must remain above this threshold in order to maintain a previously generated alarm condition. If the number of 2G subscribers falls beneath the low threshold within the polling interval, then a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of 2G-attached subscribers for any GPRS service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDP contexts based on the following rules:
Enter condition: Actual number of 2G-attached subscribers for any GPRS service ³ High Threshold
Clear condition: Actual number of 2G-attached subscribers < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 10000 2G-attaches per GPRS service for the Alert thresholding model:
threshold per-service-gprs-sessions 10000
 
threshold per-service-ha-sessions
Configures thresholds for the number of HA sessions per HA service in the system.
Product
HA
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-ha-sessionshigh_thresh [ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of HA sessions for any one HA service that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of HA sessions for any one HA service that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of HA sessions for any HA service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for HA sessions based on the following rules:
Enter condition: Actual number of HA sessions for any HA service ³ High Threshold
Clear condition: Actual number of HA sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a HA session per service high threshold count of 10000 for an system using the Alert thresholding model:
threshold per-service-ha-sessions 10000
 
threshold per-service-lns-sessions
Configures thresholds for the number of LNS sessions per LNS service in the system.
Product
PDSN, GGSN, HA, ASN GW
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-lns-sessionshigh_thresh [ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of LNS sessions for any one LNS service that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of LNS sessions for any one LNS service that maintains a previously generated alarm condition. If the number of LNS sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of LNS sessions for any LNS service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for LNS sessions based on the following rules:
Enter condition: Actual number of LNS sessions for any LNS service ³ High Threshold
Clear condition: Actual number of LNS sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a LNS session per service high threshold count of 10000 for an system using the Alert thresholding model:
threshold per-service-lns-sessions 10000
 
threshold per-service-pdsn-sessions
Configures thresholds for the number of PDSN sessions per PDSN service in the system.
Product
PDSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-pdsn-sessionshigh_thresh [ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of PDSN sessions for any one PDSN service that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of PDSN sessions for any one PDSN service that maintains a previously generated alarm condition. If the number of PDSN sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of PDSN sessions for any PDSN service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDSN sessions based on the following rules:
Enter condition: Actual number of PDSN sessions for any PDSN service ³ High Threshold
Clear condition: Actual number of PDSN sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a HA session per service high threshold count of 10000 for an system using the Alert thresholding model:
threshold per-service-pdsn-sessions 10000
 
threshold per-service-sgsn-pdp-sessions
Configures the thresholds for the number of 3G-activated PDP contexts per SGSN service on the system.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-sgsn-pdp-sessionshigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold number of 3G-activated PDP contexts for any one SGSN service. This number must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of 3G-activated PDP contexts for any one SGSN service. This number or higher maintains a previously generated alarm condition. If the number of 3G-activated PDP contexts falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2400000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of 3G-activated PDP contexts for any SGSN service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDP contexts based on the following rules:
Enter condition: Actual number of 3G-activated PDP contexts for any SGSN service ³ High Threshold
Clear condition: Actual number of 3G-activated PDP contexts < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 10000 3G-activated PDP contexts per SGSN service for the system’s Alert thresholding model:
threshold per-service-sgsn-sessions 10000
 
threshold per-service-sgsn-sessions
Configures the thresholds for the number of 3G-attached subscribers per SGSN service in the system.
Product
SGSN
Privilege
Security Administrator, Administrator
Syntax
threshold per-service-sgsn-sessionshigh_thresh [ clearlow_thresh ]
high_thresh
Default: 0
The high threshold number of 3G-attached subscribers for any one SGSN service. This number must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of 3G-attached subscribers for any one SGSN service. This number must be met or exceeded to maintain a previously generated alarm condition. If the number of subscribers falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the number of 3G-attached subscribers for any one SGSN service in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for PDP contexts based on the following rules:
Enter condition: Actual number of 3G-attached subscribers for any single SGSN service ³ High Threshold
Clear condition: Actual number of 3G-attached subscribers for any single SGSN service < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold count of 10000 3G-attached subscribers per SGSN service for a system using the Alert thresholding model:
threshold per-service-sgsn-sessions 10000
 
threshold poll
This command configures the polling interval over which to count or measure the thresholding value.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold poll { 10sec-cpu-utilization | all-ppp-send-discard | a11-rac-msg-discard |a11-rrp-failure | a11-rrq-msg-discard | aaa-acct-archive-size | aaa-acct-failure | aaa-acct-failure-rate | aaa-auth-failure | aaa-auth-failure-rate | aaa-retry-rate | aaamgr-request-queue | active-subscriber | asngw-auth-failure | asngw-handoff-denial | asngw-max-eap-retry | asngw-network-entry-denial | asngw-session-setup-timeout | asngw-session-timeout | asnpc-idle-mode-timeout | asnpc-im-entry-denial | asnpc-lu-denial | asnpc-session-setup-timeout | available-ip-pool-group | call-reject-no-resource | call-setup | call-setup-failure | call-setup-failures | call-total-active | cdr-file-space | contfilt-block | contfilt-rating | cpu-available-memory | cpu-load | cpu-memory-usage | cpu-orbs-crit | cpu-orbs-warn | cpu-session-throughput | cpu-utilization | cscf-invite-rcvd | cscf-reg-rcvd | cscf-service-route-failures | dcca-bad-answers | dcca-protocol-error | dcca-rating-failed | dcca-unknown-rating-group | dereg-reply-error | edr-file-space | edr-udr-dropped-flow-control | error-no-resource| error-presence | error-reg-auth| error-tcp| fa-reg-reply-error | fng-current-active-sessions | fng-current-sessions | fw-deny-rule | fw-dos-attack | fw-drop-packet | fw-no-rule | ha-init-rrq-rcvd-rate | ha-svc-init-rrq-rcvd-rate | ip-pool-free | ip-pool-hold | ip-pool-release | ip-pool-used | ipsec-call-req-rej | ipsec-ike-failrate | ipsec-ike-failures | ipsec-ike-requests | ipsec-tunnels-established | ipsec-tunnels-setup | license-remaining-session | mgmt-cpu-memory-usage interval | mgmt-cpu-utilization | nat-port-chunks-usage | packets-filtered-dropped | packets-forwarded-to-cpu | pdg-current-active-sessions | pdg-current-sessions |pdif-current-active-sessions pdif-current-sessions pdsn-init-rrq-rcvd-rate | pdsn-svc-init-rrq-rcvd-rate | per-service-asngw-sessions | per-service-ggsn-sessions | per-service-gprs-sessions | per-service-gprs-pdp-sessions | per-service-ha-sessions | per-service-lns-sessions | per-service-pdsn-sessions | per-service-sgsn-sessions | per-service-sgsn-pdp-sessions | port-high-activity | port-rx-utilization | port-tx-utilization | ppp-setup-fail-rate | reg-reply-error | reg-total-active | rereg-reply-error | route-service | rp-setup-fail-rate | storage-utilization total-asngw-sessions | total-ggsn-sessions |total-gprs-sessions | total-gprs-pdp sessions| total-ha-sessions | total-hsgw-sessions | total-lma-sessions |total-lns-sessions | total-mme-sessions | total-pdsn-sessions | total-pgw-sessions | total-sgsn-sessions | total-sgsn-pdp-sessions|total-sgw-sessions | total-subscriber } interval time
default
Restores the specified parameter to its default value.
10sec-cpu-utilization percent
Default: 300 seconds (5 minutes)
Configures the polling interval for measuring a 10 second average of CPU utilization.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
a11-rrp-failure
Default: 0
Configures the polling interval over which to count A11 Registration Response failures. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
a11-rrq-msg-discard
Default: 0
Configures the polling interval over which to count how many A11 Registration Request messages are discarded. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
a11-rac-msg-discard
Default: 0
Configures the polling interval over which to count how many A11 Registration Acknowledgement messages are discarded. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
aaa-acct-archive-size
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count archived AAA accounting messages.
aaa-acct-failure
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count failed AAA accounting requests.
aaa-acct-failure-rate
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of AAA accounting failures.
aaa-auth-failure
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count failed authentication requests.
aaa-auth-failure-rate
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of AAA authentication failures.
aaa-retry-rate
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percent of AAA request message retries.
aaamgr-request-queue
Default: 0
Configures the polling interval over which to count the number AA Manager Requests for each AAA manager process. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
active-subscriber
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of active subscriber sessions.
all-ppp-send-discard
Default: 0
Configures the polling interval over which to count the number of discarded PPP send packets. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
available-ip-pool-group
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure IP pool utilization.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
call-reject-no-resource
Default: 900 seconds (15 minutes)
Configures the polling interval over which to count the number of calls rejected due to insufficient resources.
call-setup
Default: 900 seconds (15 minutes)
Configures the polling interval over which to count the number of calls setup.
call-setup-failure
Default: 900 seconds (15 minutes)
Configures the polling interval over which to count the number of calls setup failures.
call-setup-failures
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF call setup failures.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
call-total-active
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF total active calls.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
cpu-available-memory
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure PSC/PSC2 CPU memory availability.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms
cpu-load
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure PSC/PSC2 CPU load using a 5 minute average measurement.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms
cpu-memory-usage
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of total PSC/PSC2 CPU memory used.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms
cpu-orbs-crit
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of CPU utilization by the ORBS software task for critical-level alerts.
cpu-orbs-warn
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of CPU utilization by the ORBS software task for warning-level alerts.
cpu-session-throughput
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure PSC/PSC2 CPU session throughput.
Important: This command is not supported on all platforms
cpu-utilization
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure PSC/PSC2 CPU utilization.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms
cscf-invite-rcvd
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count the CSCF calls.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
cscf-reg-rcvd
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count the CSCF registrations.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
cscf-service-route-failures
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count the CSCF service route failures.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
dcca-bad-answers
Configures the polling interval in seconds over which to count Diameter bad answers.
dcca-protocol-error
Configures the polling interval in seconds over which to count Diameter protocol errors.
dcca-rating-failed
Configures the polling interval in seconds over which to count Diameter rating failures.
dcca-unknown-rating-group
Configures the polling interval in seconds over which to count Diameter unknown rating group errors.
dereg-reply-error
Default: 0
Configures the polling interval over which to measure the number of de-registration reply errors for HA services. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
edr-file-space
Configures the polling interval in seconds over which to count EDR file space.
edr-udr-dropped-flow-control
Configures the polling interval in seconds over which to count EDR-UDRs Dropped due to Flow Control at ACSMGR.
error-no-resource
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF No Resource Errors.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
error-presence
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF Presence Errors.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
error-reg-auth
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF Reg-Auth Errors.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
error-tcp
Default: 300 seconds (5 minutes)
Configures the polling interval in seconds over which to count CSCF TCP Errors.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
fa-reg-reply-error
Default: 0
Configures the polling interval over which to measure the number of registration reply errors for FA services. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
fng-current-active-sessions
Configures the polling interval in seconds over which to count FNG current active sessions.
fng-current-sessions
Configures the polling interval in seconds over which to count FNG current sessions.
fw-deny-rule
Default: 900 seconds (15 minutes)
Configures the Stateful Firewall Deny-Rule threshold polling interval. For this threshold the interval time range is from 60 through 900 seconds.
fw-dos-attack
Default: 900 seconds (15 minutes)
Configures the Stateful Firewall DoS-Attacks threshold polling interval. For this threshold the interval time range is from 60 through 900 seconds.
fw-drop-packet
Default: 900 seconds (15 minutes)
Configures the Stateful Firewall Drop-Packet threshold polling interval. For this threshold the interval time range is from 60 through 900 seconds.
fw-no-rule
Default: 900 seconds (15 minutes)
Configures the Stateful Firewall No-Rule threshold polling interval. For this threshold the interval time range is from 60 through 900 seconds.
ha-init-rrq-rcvd-rate
Default: 0
Configures the polling interval over which to measure the average number of calls setup per minute for the context. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
ha-svc-init-rrq-rcvd-rate
Default: 0
Configures the polling interval over which to measure the average number of calls setup per minute for HA services. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
ip-pool-free
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of the IP pool addresses that are in the free state.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
ip-pool-hold
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of the IP pool address that are in the hold state.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
ip-pool-release
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of IP pool address that are in the release state.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
ip-pool-used
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure the percentage of the IP pool addresses that are used.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
ipsec-ipsec-call-req-rej
Default: 900
Configures the polling interval over which to count the IPSec call requests that are rejected.
ipsec-ike-failrate
Default: 900
Configures the polling interval over which to count the IPSec IKE failure rate.
ipsec-ike-failures
Default: 900
Configures the polling interval over which to count the IPSec IKE failures.
ipsec-ike-requests
Default: 900
Configures the polling interval over which to count the IPSec IKE request.
ipsec-tunnels-established
Default: 900
Configures the polling interval over which to count the IPSec tunnels established.
ipsec-tunnels-setup
Default: 900
Configures the polling interval over which to count the IPSec tunnels setup.
license-remaining-session
Default: 900 seconds (15 minutes)
Configures the polling interval over which to measure session license utilization.
mgmt-cpu-memory-usage interval
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure SMC CPU memory usage.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms
mgmt-cpu-utilization
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure SMC CPU usage.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
Important: This command is not supported on all platforms.
nat-port-chunks-usage
Important: This keyword is only available in Release 8.3 and later.
Default: 900 seconds (15 minutes)
Configures the polling interval over which to measure NAT port chunks usage.
packets-filtered-dropped
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the filtered/dropped packets.
packets-forwarded-to-cpu
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the forwarded packets.
pdg-current-active-sessions
Configures how frequently the system polls the pdg-current-active-sessions threshold.
pdg-current-sessions
Configures how frequently the system polls the pdg-current-sessions threshold.
threshold poll pdif-current-sessions interval period
Configures the polling interval for all current PDIF sessions in seconds rounded to the nearest multiple of 30 seconds. period is any integer from 30 to 60000.
threshold poll pdif-current-active-sessions interval period
Configures the polling interval for active sessions only in seconds rounded to the nearest multiple of 30 seconds. period is any integer from 30 to 60000.
pdsn-init-rrq-rcvd-rate
Default: 0
Configures the polling interval over which to measure the average number of calls setup per second for a PDSN-service. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
pdsn-svc-init-rrq-rcvd-rate
Configures the polling interval in seconds over which to count PDSN per-service call received rate.
per-service-asngw-sessions
Configures the polling interval in seconds over which to count per service ASNGW sessions.
per-service-ggsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the number of PDP contexts per GGSN service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-gprs-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval during which the SGSN counts the number of 2G-attached subscriber per GPRS service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-gprs-pdp-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval during which the SGSN counts the number of 2G-activated PDP contexts per GPRS service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-ha-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the number of HA sessions per HA service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-lns-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the number of LNS sessions per LNS service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-pdsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the number of PDSN sessions per PDSN service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-sgsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval during which the SGSN counts the number of 3G-attached subscribers per SGSN service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
per-service-sgsn-pdp-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval during which the SGSN counts the number of 3G-activated PDP contexts per SGSN service.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
port-high-activity
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure for high port activity.
Important: This command is not supported on all platforms
port-rx-utilization
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure receive port utilization.
Important: This command is not supported on all platforms
port-tx-utilization
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure transmit port utilization.
Important: This command is not supported on all platforms
ppp-setup-fail-rate
Default: 900 seconds (15 minutes)
Configure the polling interval over which to measure the PPP setup failure rate.
reg-reply-error
Default: 0
Configures the polling interval over which to measure number of registration reply errors for HA services. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
reg-total-active
Default: 300 seconds (5 minutes)
Configures the polling interval over which to measure CSCF Total Active Registrations.
time must an integer value from 60 to 60000 and expressed in multiples of 30. The system will round up all other configured values to a multiple of 30.
rereg-reply-error
Default: 0
Configures the polling interval over which to measure number of re-registration reply errors for HA services. When specifying interval time for this threshold, the range is from 60 through 900 seconds.
rp-setup-fail-rate
Default: 900 seconds (15 minutes)
Configure the polling interval over which to measure the RP setup failure rate.
spc-cpu-memory-usage interval
Important: This command has been renamed to threshold mgmt-cpu-memory-usage. Please refer to that command for details. Note that for backwards compatibility, the system accepts this command as valid.
Important: This command is not supported on all platforms
spc-cpu-utilization
Important: This command has been renamed to threshold mgmt-cpu-utilization. Please refer to that command for details. Note that for backwards compatibility, the system accepts this command as valid.
Important: This command is not supported on all platforms
storage-utilization
Default: 900 seconds (15 minutes)
Configures the polling interval over which to record the CompactFlash utilization percentage threshold interval in seconds.
total-asngw-sessions
Configures the polling interval over which to measure total ASNGW sessions on the system.
total-ggsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of GGSN sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-gprs-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of 2G-attached subscribers on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-gprs-pdp-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of 2G-activated PDP contexts per GPRS sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-ha-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of HA sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-hsgw-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of HSGW sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-lma-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of LMA sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-lns-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of LNS sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-pdsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of PDSN sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-pgw-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of P-GW sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-sgsn-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of SGSN sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-sgsn-pdp-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of SGSN sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-sgw-sessions
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of S-GW sessions on the system.
Important: When specifying interval time for this threshold, the range is from 30 through 60000 seconds. If the value entered is not a multiple of 30, the value is automatically rounded up to the next highest multiple of 30. (If you enter 35, the value is rounded to 60.)
total-subscriber
Default: 300 seconds (5 minutes)
Configures the polling interval over which to count the total number of subscriber sessions.
interval time
Specifies the amount of time that comprises the polling interval.
time is measured in seconds and can be configured to any integer value from 60 to 60000 unless otherwise noted in keyword descriptions.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold model and threshold monitoring commands for additional information on the system’s support for thresholding.
Example
The following command configures the polling interval for the total subscribers threshold value to 600 seconds (10 minutes):
threshold poll total-subscriber interval 600
 
threshold poll asngw-auth-failure
Configures the polling interval over which to count or measure the thresholding value for ASN Gateway authentication failure.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-auth-failure intervaldur
default threshold poll asngw-auth-failure interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for the ASN Gateway authentication failure threshold:
threshold poll asngw-auth-failure interval 600
 
threshold poll asngw-handoff-denial
Configures the polling interval over which to count or measure the thresholding value for ASN Gateway hand-off denial.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-handoff-denial intervaldur
default threshold poll asngw-handoff-denial interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the polling interval time.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for hand-off denial threshold:
threshold poll asngw-handoff-denial interval 600
 
threshold poll asngw-max-eap-retry
Configures the polling interval over which to count or measure the thresholding value for maximum EAP authentication retries.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-max-eap-retry intervaldur
default threshold poll asngw-max-eap-retry interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for maximum EAP authentication retry threshold:
threshold poll asngw-max-eap-retry interval 600
 
threshold poll asngw-network-entry-denial
Configures the polling interval over which to count or measure the thresholding value for network entry denial to an MS.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-network-entry-denial intervaldur
default threshold poll asngw-network-entry-denial interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for network entry denial threshold:
threshold poll asngw-network-entry-denial interval 600
 
threshold poll asngw-r6-invalid-nai
Configures the polling interval over which to count or measure the thresholding value for invalid NAIs in R6 messages.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-r6-invalid-nai intervaldur
default threshold poll asngw-r6-invalid-nai interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for invalid NAIs in R6 messages threshold:
threshold poll asngw-r6-invalid-nai interval 600
 
threshold poll asngw-session-setup-timeout
Configures the polling interval over which to count or measure the thresholding value for session setup timeout.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-session-setup-timeout intervaldur
default threshold poll asngw-session-setup-timeout interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for session setup timeout threshold:
threshold poll asngw-session-setup-timeout interval 600
 
threshold poll asngw-session-timeout
Configures the polling interval over which to count or measure the thresholding value for session timeout.
Product
ASN-GW
Privilege
Security Administrator, Administrator
Syntax
threshold poll asngw-session-timeout intervaldur
default threshold poll asngw-session-timeout interval
default
Restores the specified parameter to its default value 300 seconds.
interval dur
Default: 300 seconds.
Specifies the amount of time that comprises the polling interval.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for session timeout threshold:
threshold poll asngw-session-timeout interval 600
 
threshold poll cdr-file-space
This command configures the polling interval for CDR File Space Usage threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll cdr-file-space interval duration
default threshold poll cdr-file-space interval
default
Configures trhe default setting.
Default: 300 seconds.
interval duration
Specifies the polling interval for CDR File Space Usage threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval for CDR File Space Usage threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for the CDR file space usage threshold:
threshold poll cdr-file-space interval 600
 
threshold poll contfilt-block
This command configures the polling interval Content Filtering Block threshold.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
threshold poll contfilt-block interval duration
default threshold poll contfilt-block
default
Configures the default setting.
Default: 300 seconds.
interval duration
Specifies the polling interval for Content Filtering Block threshol d, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval Content Filtering Block threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for the content filtering blocking threshold:
threshold poll contfilt-block interval 600
 
threshold poll contfilt-rating
This command configures the polling interval for the Content Filtering Rating threshold.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
threshold poll contfilt-rating interval duration
default threshold poll contfilt-rating
default
Configures the default setting.
Default: 300 seconds.
interval dur
Specifies the polling interval for the Content Filtering Rating threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval for the Content Filtering Rating threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for the content filtering rating processing threshold:
threshold poll contfilt-rating interval 600
 
threshold poll dcca-protocol-error
This command configures the polling interval for DCCA Protocol Error threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll dcca-protocol-error interval duration
default threshold poll dcca-protocol-error interval
default
Configures the default setting.
Default: 900 seconds
interval duration
Specifies the polling interval for DCCA Protocol Error threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
Use this the polling interval for DCCA Protocol Error threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholding in this chapter.
Example
The following command configures the polling interval to 600 seconds for the DCCA protocol error threshold:
threshold poll dcca-protocol-error interval 600
 
threshold poll dcca-rating-failed
This command configures the polling interval for DCCA Rating Failed threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll dcca-rating-failed interval duration
default threshold poll dcca-rating-failed interval
default
Configures the default setting.
Default: 900 seconds
interval duration
Specifies the polling interval for DCCA Rating Failed threshold.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval for DCCA Rating Failed threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholding in this chapter.
Example
The following command configures the polling interval to 600 seconds for the Diameter Credit Control Application (DCCA) Rating Group (content-id) request reject thresholds:
threshold poll dcca-rating-failed interval 600
 
threshold poll dcca-bad-answers
This command configures the polling interval for DCCA Bad Answers threshold—invalid or bad response to the system from the Diameter server.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll dcca-bad-answers interval duration
default threshold poll dcca-bad-answers interval
default
Configures the default setting.
Default: 900 seconds
interval duration
Specifies the poling interval for DCCA Bad Answers threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the poling interval for DCCA Bad Answers threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholding in this chapter.
Example
The following command configures the polling interval to 600 seconds for invalid or bad response threshold to the system from Diameter server:
threshold poll dcca-rating-failed interval 600
 
threshold poll dcca-unknown-rating-group
This command configures the polling interval for DCCA Unknown Rating Group threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll dcca-unknown-rating-group interval duration
default threshold poll dcca-unknown-rating-group interval
default
Configures the default setting.
Defaut: 900 seconds
interval duration
Specifies the polling interval for DCCA Unknown Rating Group threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval for DCCA Unknown Rating Group threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands for additional information on the system’s support for thresholding in this chapter.
Example
The following command configures the polling interval to 600 seconds to threshold for the unknown DCCA Rating Group (content-id) returned by Diameter to system:
threshold poll dcca-unknown-rating-group interval 600
 
threshold poll diameter-retry-rate
This command configures the polling interval for Diameter Retry Rate threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll diameter-retry-rate interval duration
default threshold poll diameter-retry-rate interval
default
Configures the default setting.
Default: 300 seconds
interval duration
Specifies the polling interval for Diameter Retry Rate threshold, in seconds.
duration must be an integer from 60 through 60000. The input will be rounded up to the closest multiple of 30.
Usage
This command specifies the polling interval for Diameter Retry Rate threshold.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring and other threshold commands in this chapter for additional information on the system’s support for thresholding.
Example
The following command configures the Diameter Retry Rate threshold polling interval to 600 seconds:
threshold poll diameter-retry-rate interval 600
 
threshold poll edr-file-space
This command configures the polling interval for EDR File Space Usage threshold.
Product
ECS
Privilege
Security Administrator, Administrator
Syntax
threshold poll edr-file-space interval duration
interval duration
Default: 300 seconds.
Specifies the polling interval for EDR File Space Usage threshold, in seconds.
duration must be an integer value from 60 through 60000.
Usage
This command configures the polling interval for EDR File Space Usage threshold
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring ecs and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval to 600 seconds for the EDR file space usage threshold:
threshold poll edr-file-space interval 600
 
threshold poll mme-attach-failure
This command configures the polling interval to count the MME Attach Failure messages across all MME services in the system.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
threshold poll mme-attach-failure intervaldur
default threshold poll mme-attach-failure interval
default
Restores the poll interval value to its default value of 900 seconds.
interval dur
Default: 900 seconds.
Specifies the amount of time that comprises the polling interval for threshold to count the MME Attach Failure messages across all MME services in the system.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
Use this command to configure the polling interval to count the MME Attach Failure messages across all MME services in the system to generate threshold value.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring mme-service and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval of 600 seconds to count the MME Attach Failure messages for threshold limit:
threshold poll mme-attach-failure interval 600
 
threshold poll mme-auth-failure
This command configures the polling interval to count the MME Authentication Failure messages across all MME services in the system.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
threshold poll mme-auth-failure intervaldur
default threshold poll mme-auth-failure interval
default
Restores the specified poll interval value to its default value of 900 seconds.
interval dur
Default: 900 seconds.
Specifies the amount of time that comprises the polling interval for threshold to count the MME Authentication Failure messages across all MME services in the system.
dur is measured in seconds and can be configured to any integer value from 30 to 60000 in multiple of 30.
Usage
Use this command to configure the polling interval to count the MME Auth Failure messages across all MME services in the system to generate threshold value.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold monitoring mme-service and other threshold commands for additional information on the system’s support for thresholds in this chapter.
Example
The following command configures the polling interval of 600 seconds to count the MME Auth Failure messages for threshold limit:
threshold poll mme-auth-failure interval 600
 
threshold poll total-mme-sessions
This command configures the polling interval over which to count or measure the thresholding value for MME sessions on the system.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
[ default ] threshold poll total-mme-sessions interval time
default
Restores the threshold poll interval value to its default value of 300 seconds.
interval time
Default: 900 seconds
Specifies the amount of time that comprises the polling interval over which to count the total number of MME sessions on the system.
time is measured in seconds and can be configured to any integer value from 30 to 60000.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold model and threshold monitoring commands for additional information on the system’s support for thresholding.
Example
The following command configures the polling interval for the total MME session threshold polling duration value to 600 seconds (10 minutes):
threshold poll total-mme-sessions interval 600
 
threshold poll port-rx-utilization
Enables the generation of alerts or alarms based on the port utilization percentage for data received during the polling interval.
Product
All
Privilege
Administrator Security Administrator
Syntax
threshold poll port-rx-utilization interval seconds
interval seconds
Configures the threshold polling interval in multiples of 30 seconds from 30 to 60000
Usage
Receive port utilization thresholds generate alerts or alarms based on the utilization percentage of each configured port in relation to data received during the specified polling interval. This threshold is configured on a per-port basis configured using the port port-type slot#/port# command syntax.
Important: This command is not available on all platforms
Important: Ports configured for half-duplex do not differentiate between data received and data transmitted. (The transmitted and received percentages are combined.) Therefore, to avoid redundant alarms, it is recommended that only the receive or transmit utilization threshold be configured.
Example
Use the following example to configure a threshold poll interval of 300 seconds (5 minutes)
threshold poll port-rx-utilization interval 300
 
threshold poll port-tx-utilization
Enables the generation of alerts or alarms based on the port utilization percentage for data transmitted during the polling interval.
Product
All
Privilege
Administrator Security Administrator
Syntax
threshold poll port-tx-utilization interval seconds
interval seconds
Configures the threshold polling interval in multiples of 30 seconds from 30 to 60000
Usage
Transmit port utilization thresholds generate alerts or alarms based on the utilization percentage of each configured port in relation to data transmitted during the specified polling interval. This threshold is configured on a per-port basis configured using the port port-type slot#/port# command syntax.
Important: This command is not available on all platforms
Important: Ports configured for half-duplex do not differentiate between data received and data transmitted. (The transmitted and received percentages are combined.) Therefore, to avoid redundant alarms, it is recommended that only the receive or transmit utilization threshold be configured.
Example
Use the following example to configure a threshold poll interval of 300 seconds (5 minutes)
threshold poll port-tx-utilization interval 300
 
threshold poll port-high-activity
Enables the generation of alerts or alarms based on the overall port utilization percentage during the polling interval.
Product
All
Privilege
Administrator Security Administrator
Syntax
threshold poll port-high-activity interval seconds
interval seconds
Configures the threshold polling interval in multiples of 30 seconds from 30 to 60000
Usage
High port activity thresholds generate alerts or alarms based on the peak utilization percentage of each configured port during the specified polling interval. This threshold is configured on a per-port basis. Alerts or alarms are triggered for high port activity based on the following rules:
Enter condition: Actual percent peak utilization of a port ³High Threshold
Clear condition: Actual percent peak utilization of a port < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.This threshold is configured on a per-port basis configured using the port port-type slot#/port# command syntax.
Important: This command is not available on all platforms
Example
Use the following example to configure the polling interval over which to measure for high port activity to 300 seconds:
threshold poll port-high-activity interval 300
 
threshold poll route-service
This command configures the polling interval over which to count or measure the thresholding value for route services on the system.
Product
All
Privilege
Administrator Security Administrator
Syntax
[ default ] threshold poll route-service interval dur
default
Restores the threshold poll interval value to its default value of 900 seconds.
interval time
Default: 900 seconds
Specifies the amount of time that comprises the polling interval over which to count the total number of BGP route on the system.
dur is measured in seconds and can be configured to any integer value from 30 to 60000.
Usage
This command dictates the time period over which to monitor the specified value for threshold crossing.
Important: All configured polling intervals are rounded up to the closest multiple of 30. For example, if a polling interval is configured for 130 seconds, the system uses a polling interval of 150 seconds.
Refer to the threshold model and threshold monitoring commands for additional information on the system’s support for thresholding.
Example
The following command configures the polling interval for the total BGP routes threshold polling duration value to 600 seconds (10 minutes):
hreshold poll route-service interval 600
 
threshold ppp-setup-fail-rate
Configures PPP setup failure rate thresholds.
Product
PDSN, GGSN
Privilege
Security Administrator, Administrator
Syntax
threshold ppp-setup-fail-rate high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold rate for PPP setup failures experienced by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold rate for PPP setup failures experienced by the system that maintains a previously generated alarm condition. If the number of setup failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
PPP setup failure rate thresholds generate alerts or alarms based on the rate of call setup failures experienced by the system during the specified polling interval. The failure rate is the percentage of failures as determined by number of PPP setup failures divided by the total number of PPP sessions initiated.
Alerts or alarms are triggered for PPP setup failure rates based on the following rules:
Enter condition: Actual number of call setup failures ³ High Threshold
Clear condition: Actual number of call setup failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a PPP setup failure rate high threshold of 50 and a clear threshold of 45:
threshold ppp-setup-fail-rate 50 clear 45
 
threshold route-service bgp-routes
This command configures the threshold limits for route services to BGP routes.
Product
PDSN
Privilege
Security Administrator, Administrator
Syntax
threshold route-service bgp-routes high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold rate for BGP routes on the system that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold rate for BGP routes on the system that maintains a previously generated alarm condition. If the number of setup failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to configure a threshold in percentage of maximum BGP routes allowed. If the percentage of the number of BGP routes in a context (including all VRFs) reaches high_thresh, a notification is generated. Optionally, if the threshold subsystem is configured in ‘alarm’ mode, a Threshold_Clear notification is generated when the percentage of the number of BGP routes in a context (including all VRFs) goes below low_thresh. The maximum number of BGP routes is also sent by BGP task when getting the stats
Alerts or alarms are triggered for BGP routes based on the following rules:
Enter condition: Actual number of call setup failures > High Threshold
Clear condition: Actual number of call setup failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures system for high threshold of 50 and a clear threshold of 45:
threshold route-service bgp-routes 50 clear 45
 
threshold rp-setup-fail-rate
Configures RP setup failure rate thresholds.
Product
PDSN
Privilege
Security Administrator, Administrator
Syntax
threshold rp-setup-fail-rate high_thresh [ clear low_thresh ]
high_thresh
Default: 0
The high threshold rate for RP setup failures experienced by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
high_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold rate for RP setup failures experienced by the system that maintains a previously generated alarm condition. If the number of setup failures falls beneath the low threshold within the polling interval, a clear alarm will be generated.
low_thresh can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
RP setup failure rate thresholds generate alerts or alarms based on the rate of call setup failures experienced by the system during the specified polling interval. The failure rate is the percentage of failures as determined by number of Registration Request Messages rejected divided by the total number of Registration Request Messages received.
Alerts or alarms are triggered for RP setup failure rates based on the following rules:
Enter condition: Actual number of call setup failures ³ High Threshold
Clear condition: Actual number of call setup failures < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a RP setup failure rate high threshold of 50 and a clear threshold of 45:
threshold rp-setup-fail-rate 50 clear 45
 
threshold spc-cpu-memory-usage
This command has been renamed to threshold mgmt-cpu-memory-usage. Please refer to that command for details. Note that for backwards compatibility, the system accepts this command as valid.
 
Important: This command is not supported on all platforms.
 
threshold spc-cpu-utilization
 
This command has been renamed to threshold mgmt-cpu-utilization. Please refer to that command for details. Note that for backwards compatibility, the system accepts this command as valid.
 
threshold storage-utilization
Configures SMC CompactFlash memory utilization thresholds.
Product
All
Privilege
Security Administrator, Administrator
Syntax
threshold storage-utilizationhigh_thresh[ clearlow_thresh]
high_thresh
Default: 90
The high threshold memory utilization percentage that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
clear low_thresh
Default: 90
The low threshold memory utilization percentage that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
CompactFlash memory utilization thresholds generate alerts or alarms based on the utilization percentage of the CompactFlash on each installed SMC during the specified polling interval. Although, a single threshold is configured for both SMCs, separate alerts or alarms can be generated for each.
Alerts or alarms are triggered for CompactFlash memory utilization based on the following rules:
Enter condition: Actual percentage memory utilization ³ High Threshold
Clear condition: Actual percentage memory utilization < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a high threshold CompactFlash utilization percentage of 85 for an system using the Alert thresholding model:
threshold storage-utilization 85
 
threshold subscriber active
Configures active subscriber thresholds for the system.
Product
PDSN, GGSN, SGSN, HA
Privilege
Security Administrator, Administrator
Syntax
threshold subscriber activehigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of active subscriber sessions facilitated by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of active subscriber sessions facilitated by the system that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Active subscriber thresholds generate alerts or alarms based on the total number of active subscriber sessions facilitated by the system during the specified polling interval.
Alerts or alarms are triggered for active subscriber totals based on the following rules:
Enter condition: Actual total number of active subscriber sessions ³ High Threshold
Clear condition: Actual total number of active subscriber sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures an active subscriber high threshold count of 150000 and a low threshold of 1500 for an system using the Alarm thresholding model:
threshold subscriber active 150000 clear 1500
 
threshold subscriber total
Configures total subscriber thresholds for the system.
Product
PDSN, GGSN, HA
Privilege
Security Administrator, Administrator
Syntax
threshold subscriber totalhigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of subscriber sessions (active and dormant) facilitated by the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of subscriber sessions (active and dormant) facilitated by the system that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 100000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Total subscriber thresholds generate alerts or alarms based on the total number of subscriber sessions (active and dormant) facilitated by the system during the specified polling interval.
Alerts or alarms are triggered for subscriber totals based on the following rules:
Enter condition: Actual total number of subscriber sessions ³ High Threshold
Clear condition: Actual total number of subscriber sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures an active subscriber high threshold count of 450000 and a low threshold of 250000 for an system using the Alarm thresholding model:
threshold subscriber total 450000 clear 250000
 
threshold total-ggsn-sessions
Configures thresholds for the total number of GGSN sessions across all the services in the system.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
threshold total-ggsn-sessions high_thresh [ clear low_thresh ]
high_thresh
Default: 0 (Disabled)
The high threshold number of total GGSN sessions across all the sessions in the system that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0 (Disabled)
The low threshold number of total GGSN sessions that maintains a previously generated alarm condition. If the number of GGSN sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of GGSN sessions across all the services in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of GGSN sessions based on the following rules:
Enter condition: Actual total number of GGSN sessions ³ High Threshold
Clear condition: Actual total number of GGSN sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total GGSN session high threshold count of 10000 for an system using the Alert thresholding model:
threshold total-ggsn-sessions 10000
 
threshold total-gprs-sessions
Configures thresholds for the total number of GPRS sessions in the system.
Product
SGSN
Privilege
Administrator
Syntax
threshold total-gprs-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total GPRS sessions for all GPRS services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total GPRS sessions for all GPRS services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of GPRS sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for GPRS sessions based on the following rules:
Enter condition: Actual total number of GPRS sessions ³ High Threshold
Clear condition: Actual total number of GPRS sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of GPRS sessions high threshold count of 10000 for a system using the Alert thresholding model:
threshold total-gprs-sessions 10000
 
threshold total-gprs-pdp-sessions
Configures thresholds for the total number of PDP contexts per GPRS sessions in the system.
Product
SGSN
Privilege
Administrator
Syntax
threshold total-gprs-pdp-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total PDP contexts per GPRS session for all GPRS services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total PDP contexts per GPRS session for all GPRS services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of GPRS sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for GPRS sessions based on the following rules:
Enter condition: Actual total number of PDP Contexts ³ High Threshold
Clear condition: Actual total number of PDP contexts < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of PDP contexts per GPRS session high threshold count of 10000 for a system using the Alert thresholding model:
threshold total-gprs-pdp-sessions 10000
 
threshold total-ha-sessions
Configures thresholds for the total number of HA sessions across all services in the system.
Product
HA
Privilege
Security Administrator, Administrator
Syntax
threshold total-ha-sessionshigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of HA sessions for all HA services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of HA sessions for all HA services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of HA sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for HA sessions based on the following rules:
Enter condition: Actual total number of HA sessions ³ High Threshold
Clear condition: Actual total number of HA sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of HA sessions high threshold count of 10000 for an system using the Alert thresholding model:
threshold total-ha-sessions 10000
 
threshold total-hsgw-sessions
Configures thresholds for the total number of HSGW sessions across all services in the system.
Product
HSGW
Privilege
Administrator
Syntax
threshold total-hsgw-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of HSGW sessions for all HSGW services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 1500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of HSGW sessions for all HSGW services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of HSGW sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for HSGW sessions based on the following rules:
Enter condition: Actual total number of HSGW sessions ³ High Threshold
Clear condition: Actual total number of HSGW sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of HSGW sessions high threshold count of 500000 for an system using the Alert thresholding model:
threshold total-hsgw-sessions 500000
 
threshold total-lma-sessions
Configures thresholds for the total number of LMA sessions across all services in the system.
Product
P-GW
Privilege
Administrator
Syntax
threshold total-lma-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of LMA sessions for all LMA services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 1500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of LMA sessions for all LMA services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of LMA sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for LMA sessions based on the following rules:
Enter condition: Actual total number of LMA sessions ³ High Threshold
Clear condition: Actual total number of LMA sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of LMA sessions high threshold count of 500000 for an system using the Alert thresholding model:
threshold total-lma-sessions 500000
 
threshold total-lns-sessions
Configures thresholds for the total number of LNS sessions in the system.
Product
PDSN, GGSN, HA
Privilege
Security Administrator, Administrator
Syntax
threshold total-lns-sessionshigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total LNS sessions that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total LNS sessions that maintains a previously generated alarm condition. If the number of LNS sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of LNS sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of LNS sessions based on the following rules:
Enter condition: Actual total number of LNS sessions ³ High Threshold
Clear condition: Actual total number of LNS sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total LNS session high threshold count of 10000 for an system using the Alert thresholding model:
threshold total-lns-sessions 10000
 
threshold total-mme-sessions
Use this command to configure thresholds for the total number of MME sessions across all the MME services in the system.
Product
MME
Privilege
Security Administrator, Administrator
Syntax
threshold total-mme-sessionshigh_thresh[ clearlow_thresh]
high_thresh
Default: 0 (Disabled)
The high threshold number of total MME sessions that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0 (Disabled)
The low threshold number of total MME sessions that maintains a previously generated alarm condition. If the number of MME sessions, across all the services in a system, falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Use this command to monitor and set alarms or alerts when the total number of MME sessions across all the MME services in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of MME sessions based on the following rules:
Enter condition: Actual total number of MME sessions ³ High Threshold
Clear condition: Actual total number of MME sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll total-mme-sessions command to configure the polling interval and the threshold monitoring mme-service command to enable thresholding for this value.
Example
The following command configures a total MME session high threshold count of 10000 for an system using the Alert thresholding model:
threshold total-mme-sessions 10000
 
threshold total-pdsn-sessions
Configures thresholds for the total number of PDSN sessions in the system.
Product
PDSN
Privilege
Security Administrator, Administrator
Syntax
threshold total-pdsn-sessionshigh_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total PDSN sessions that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 0 through 4000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total PDSN sessions that maintains a previously generated alarm condition. If the number of PDSN sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 4000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of PDSN sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for the total number of PDSN sessions based on the following rules:
Enter condition: Actual total number of PDSN sessions ³ High Threshold
Clear condition: Actual total number of PDSN sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total PDSN session high threshold count of 10000 for an system using the Alert thresholding model:
threshold total-pdsn-sessions 10000
 
threshold total-pgw-sessions
Configures thresholds for the total number of P-GW sessions across all services in the system.
Product
P-GW
Privilege
Administrator
Syntax
threshold total-pgw-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of P-GW sessions for all P-GW services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 1500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of P-GW sessions for all P-GW services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of P-GW sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for P-GW sessions based on the following rules:
Enter condition: Actual total number of P-GW sessions ³ High Threshold
Clear condition: Actual total number of P-GW sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of P-GW sessions high threshold count of 500000 for an system using the Alert thresholding model:
threshold total-pgw-sessions 500000
 
threshold total-sgw-sessions
Configures thresholds for the total number of S-GW sessions across all services in the system.
Product
S-GW
Privilege
Administrator
Syntax
threshold total-sgw-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of S-GW sessions for all S-GW services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 1500000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of S-GW sessions for all S-GW services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 1500000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of S-GW sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for S-GW sessions based on the following rules:
Enter condition: Actual total number of S-GW sessions ³ High Threshold
Clear condition: Actual total number of S-GW sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of S-GW sessions high threshold count of 500000 for an system using the Alert thresholding model:
threshold total-sgw-sessions 500000
 
threshold total-sgsn-sessions
Configures thresholds for the total number of SGSN sessions in the system.
Product
SGSN
Privilege
Administrator
Syntax
threshold total-sgsn-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total SGSN sessions for all SGSN services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total SGSN sessions for all SGSN services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of SGSN sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for SGSN sessions based on the following rules:
Enter condition: Actual total number of SGSN sessions ³ High Threshold
Clear condition: Actual total number of SGSN sessions < Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of SGSN sessions high threshold count of 10000 for a system using the Alert thresholding model:
threshold total-sgsn-sessions 10000
 
threshold total-sgsn-pdp-sessions
Configures thresholds for the total number of PDP contexts per SGSN sessions in the system.
Product
SGSN
Privilege
Administrator
Syntax
threshold total-sgsn-pdp-sessions high_thresh[ clearlow_thresh]
high_thresh
Default: 0
The high threshold number of total PDP contexts per SGSN session for all SGSN services that must be met or exceeded within the polling interval to generate an alert or alarm.
The number can be configured to any integer value from 1 through 2000000. A value of 0 disables the threshold.
clear low_thresh
Default: 0
The low threshold number of total PDP contexts per SGSN session for all SGSN services that maintains a previously generated alarm condition. If the number of sessions falls beneath the low threshold within the polling interval, a clear alarm will be generated.
The number can be configured to any integer value between 0 and 2000000. A value of 0 disables the threshold.
Important: This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.
Usage
Monitor and set alarms or alerts when the total number of SGSN sessions in the system is equal to or greater than the set limit.
Alerts or alarms are triggered for SGSN sessions based on the following rules:
Enter condition: Actual total number of PDP contexts³ High Threshold
Clear condition: Actual total number of PDP contexts< Low Threshold
If a trigger condition occurs within the polling interval, the alert or alarm will not be generated until the end of the polling interval.
Refer to the threshold poll command to configure the polling interval and the threshold monitoring command to enable thresholding for this value.
Example
The following command configures a total number of PDP contexts per SGSN session high threshold count of 10000 for a system using the Alert thresholding model:
threshold total-sgsn-pdp-sessions 10000
 
timestamps
Enables/disables the generation of a timestamp in response to each commands entered. The timestamp does not appear in any logs as it is a CLI output only. This command affects all future CLI sessions. Use the timestamps command in the Exec Mode to change the behavior for the current CLI session only.
Product
All
Privilege
Security Administrator, Administrator
Syntax
timestamps
no timestamps
no
Disables generation of timestamp output for each command entered. When omitted, the output of a timestamp for each entered command is enabled.
Usage
Enable the timestamps when logging a CLI session on a remote terminal such that each command will have a line of text indicating the time when the command was entered.
Example
timestamps
no timestamps
 
upgrade limit
Configures upgrade session limits, which are used to trigger the system as to when it may execute the software upgrade.
Product
All
Privilege
Security Administrator, Administrator
Syntax
upgradelimit [ timesession_life ] [ usagesession_num ]
upgrade limit
This command issued with no keywords sets all parameters to their defaults.
time session_life
Default: 120
Defines the maximum number of minutes that a session may exist on the system, undergoing a software upgrade, before it is terminated by the system. As individual user sessions reach this lifetime limit, the system terminates the individual session(s). session_life must be an integer ranging from 1 through 1440.
usage session_num
Default: 100
This keyword defines a low threshold limit of sessions running either on a PSC/PSC2 or system-wide. When a software upgrade is invoked, this parameter applies to the entire system.
When the threshold is crossed (when the number of sessions on the PSC/PSC2 or system is less than this value), the remaining sessions on the card or system are terminated allowing the upgrade to begin. The remaining sessions on the PSC/PSC2 or system are terminated regardless of their session life. session_num must be an integer from 0 to 6000.
Usage
Use this command to configure upgrade session limits, which are used to trigger the system as to when it may execute the software upgrade.
Important: This command is not supported on all platforms.
Important: Software Patch Upgrades are not supported in this release.
Example
The following command sets the number of minutes a session can exist to 200 and the minimum number of sessions that may exist before terminating them to 50:
upgrade limit time 200 usage 50
 
url-blacklisting database
This command configures URL Blacklisting database directory parameters.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
url-blacklisting database { directory path path | max-versions max_versions | override file file_name }
default url-blacklisting database { directory path | max-versions | override file }
default
Configures the default values.
directory path path
Specifies the path to the directory to be used for storing URL Blacklisting databases.
path must be a string of 1 through 255 characters in length.
Default: /flash/bl
max-versions max_versions
Specifies the maximum number of URL Blacklisting database versions to be maintained in the URL Blacklisting database directory path with the base file name specified by the URL Blacklisting database override file.
max_versions must be an integer from 0 through 3.
Default: 0
override file file_name
Specifies the URL Blacklisting database override file name.
file_name must be in name.extension format. For example, abc.bin. And, must be a string of 1 through 10 characters in length.
Default: optblk.bin
Usage
Use this command to configure URL Blacklisting database directory parameters.
Example
The following command configures the maximum number of URL Blacklisting database versions to be maintained to 3:
url-blacklisting database max-versions 3
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883