IMS Authorization Service Configuration Mode Commands

The IMS Authorization Service Configuration Mode enables to configure IP Multimedia Subsystem (IMS) authorization services to manage policy control functions and Gx interface support.

IMPORTANT:

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

end

Exits the current configuration mode and returns to the Exec mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
end

Usage:

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
exit

Usage:

Use this command to return to the parent configuration mode.

p-cscf discovery

This command defines the method of Proxy-Call Session Control Function (P-CSCF) discovery to be used.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
p-cscf discovery { table { 1 | 2 } [ algorithm
 { ip-address-modulus | msisdn-modulus | round-robin } ] | diameter-configured }[ default | no ] p-cscf discovery
default

Sets the P-CSCF discovery to default parameter.

no

Removes/deletes configured parameters for P-CSCF discovery.

table { 1 | 2 }

Specifies that which P-CSCF table is to be used to obtain the primary and secondary P-CSCF addresses. Total 2 tables can be configured for P-CSCF discovery.

algorithm { ip-address-modulus | msisdn-modulus | round-robin }
Specifies the algorithm to select the row from the P-CSCF table to be used for P-CSCF discovery.
  • ip-address-modulus: This algorithm divides the IP address, in binary, of the subscriber by the number of rows in the table, and the remainder is used as an index into the specified table to select the row.
  • msisdn-modulus: This algorithm divides the MSISDN value, in binary without the leading “+”, of the subscriber by the number of rows in the table, and the remainder is used as an index in the specific table to select the row.
  • round-robin: This algorithm rotates all rows in the active table for selection of the row in round-robin way. If no algorithm is specified this is the default behavior.

Default: round-robin

diameter-configured

This option enables the table number and algorithm specified by the diameter host-select table configuration in Policy Control Configuration mode.

If the primary host in that configuration is down it assumes that the primary P-CSCF in the row of P-CSCF table is also down, and it does not return that IP address in the create PDP context response.

This option also performs the deactivation processing of the PDP contexts when Diameter Policy Control Application (DPCA) switches, host tables as detailed in the diameter host-select command description in Policy Control Configuration mode.


Usage:

Use this command to configure the table and row selection methods to select IP address/host address for P-CSCF discovery.


Example:
The following command specifies table 1 with round-robin algorithm to select the rows with IP address for P-CSCF discovery.
p-cscf discovery table
1 algorithm round-robin
p-cscf table

This command adds/appends rows with primary and/or secondary IPv4/IPv6 addresses to a P-CSCF discovery table with precedence for P-CSCF discovery.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
p-cscf table { 1 | 2 } row-precedence precedence_value { address ip_address | ipv6-address ipv6_address } [ secondary { address ip_address | ipv6-address ipv6_address } ]no p-cscf table { 1 | 2 } row-precedence precedence_value
no

Removes/deletes configured row with precedence in specified table for P-CSCF discovery address.

{ 1 | 2 }

Specifies which P-CSCF table is to be used to add/append the primary and secondary P-CSCF addresses. Two tables can be configured for P-CSCF discovery address.

row-precedence precedence_value

This keyword adds/appends the row with the specified row-precedence to the P-CSCF address table.

In 8.1 and later releases, precedence_value must be an integer from 1 through 128, and a maximum of 128 rows can be added to a table.

In release 8.0, precedence_value must be an integer from 1 through 100, and a maximum of 16 rows can be added to a table.

secondary

Specifies the secondary IPv4/IPv6 address to be entered in P-CSCF table rows.

address ip_address

Specifies the primary and/or secondary IPv4 address for P-CSCF discovery table. This keyword, if used with secondary keyword, specifies the secondary IPv4 address.

ip_address must be entered in IPv4 dotted-decimal notation.

ipv6-address ipv6_address

Specifies the primary and/or secondary IPv6 address for P-CSCF discovery table. This keyword, if used with secondary keyword, specifies the secondary IPv6 address.

ipv6_address must be entered in IPv6 colon-separated-hexadecimal notation.


Usage:

Use this command to add rows with primary and/or secondary IP addresses for P-CSCF discovery. The row is added with the specified row-precedence.

The operator can add/remove rows to the table that is not currently selected by the diameter host-select table command in Policy Control Configuration Mode.


Example:
The following command adds a row in table 2 with primary IP address 10.2.3.4, secondary IP address as 50.6.7.8, and row-precedence value as 20 for P-CSCF discovery.
p-cscf table 2 row-precedence
20 address 10.2.3.4 secondary 50.6.7.8
policy-control

This command enters the Policy Control Configuration mode for Diameter Policy Control Application (DPCA) to configure Diameter authorization and policy control parameter for IMS authorization.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
[ no ] policy-control
no

Disables the pre-configured policy control parameters for IMS authorization in this IMS authorization service.


Usage:

Use this command to enter the Policy Control Configuration Mode to configure the policy control parameters for Diameter authorization and charging policy in IMS Authorization Service.

Entering this command results in the following prompt:

[context_name]hostname(config-imsa-dpca)#

Policy Control configuration commands are described in the Policy Control Configuration Mode Commands chapter.

qos-update-timeout

This command is obsolete in release 11.0 and later releases. This command sets the Quality of Service update timeout for a subscriber in IMS authorization service.

Platform:

ASR 5000

Product:

GGSN


Privilege:

Security Administrator, Administrator


Syntax
qos-update-timeout timeout_durationno qos-update-timeout
no

Disables the pre-configured QoS update timeout parameter in this IMS authorization service.

timeout_duration

Specifies the duration of timeout in seconds as an integer from 0 through 3600.

Default: 60


Usage:

Use this command to set the maximum time to wait for a subscriber to initiate the update QoS procedure in IMS authorization service.


Example:
The following command sets the QoS update timeout to 90 seconds.
qos-update-timeout 90
signaling-flag

This command specifies whether a request for a PDP context dedicated to signaling (for IMS sessions) should be granted or denied.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
signaling-flag { deny | permit }default signaling-flag
default

Sets the signaling flag to default mode of deny.

deny

Denies the request for a signaling PDP context for IMS session and keeps signaling co-existed with other traffic on PDP contexts. Default: Enabled

permit

Permits the request for a signaling PDP context for IMS session and a separate signaling context activated. Default: Disabled


Usage:

Use this command to allow or deny the activation of a dedicated PDP context for signaling. The user equipment (UE) may indicate that the PDP context should be dedicated for IP multimedia (IM) signaling by setting the IP Multimedia Core Network (IM-CN) signaling flag in the Protocol Configuration Options (PCO).

The deny option causes the system to inform the UE that the PDP context will not be dedicated for IM signaling and signaling will co-exist with other traffic on PDP context.

The permit option is used to activate the signaling context for signal traffic and the other traffic uses other PDP context for traffic with the following destinations:
  • Towards the DHCP and DNS servers for the IMS domain
  • Towards the P-CSCF(s)

The UE is not trusted to follow these restrictions, and the system monitors and restricts the traffic from the dedicated PDP context. The signaling-flow class-map command is used to configure the restrictions.


Example:
The following command denies the request for a signaling PDP context for IMS session.
default signaling-flag
signaling-flow

This command specifies the packet filters and policy servers for bandwidth control and singling context enforcement that define the traffic that is allowed through the dedicated signaling context.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
signaling-flow permit
server-address ipv4/ipv6_address [ server-port
 { port_num | range start_port to end_port } ] [ description STRING ]no signaling-flow permit
server-address ipv4/ipv6_address [ server-port { port_num | range start_port to end_port } ]
no

Disables the signaling flow option configured with this command.

server-address ipv4/ipv6_address

The server address refers to the destination IP address in uplink packets, and the source IP address in downlink packets.

ipv4/ipv6_address is an IP address in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation and can be used with a subnet mask.

A maximum of 16 signaling server addresses can be configured per IMS Authorization service.

server-port { port_num | range start_port to end_port }

Specifies the TCP/UDP port number(s) of the server to be used for communication.

port_num must be an integer from 1 through 65535.

range start_port to end_port provides the option to configure the range of ports on server for communication.

start_port must be an integer from 1 through 65535 but lesser than end_port, and end_port must be an integer from 1 through 65535 but greater than start_port.

description STRING

Specifies the customized description for configured signaling server as an alphanumeric string of 1 through 63 characters.


Usage:

Traffic that matches any instance of the signaling-flow command will be forwarded via the signaling PDP context. In addition, the policy server gives policy gates to use for the signaling PDP context.


Example:
The following command sets the packet filter server address to 10.2.3.4 with port number 1234 for packet filtering.
signaling-flow server-address
10.2.3.4 server-port 1234
traffic-policy

This command specifies the action on packets which do not match any policy gates in the general purpose PDP context.

Platform:

ASR 5000

Product:

All


Privilege:

Security Administrator, Administrator


Syntax
traffic-policy general-pdp-context
no-matching-gates direction { downlink | uplink } { forward | discard }default traffic-policy
general-pdp-context no-matching-gates direction { downlink | uplink }
default

Sets the default traffic policy for packets without any policy gate match in general purpose PDP context.

By default packets which do not have any matching policy gate are forwarded.

no-matching gates

Applies traffic policy for packets which do not match any policy gate.

direction { downlink | uplink }

Specifies the direction of traffic to apply this traffic policy in general PDP context.

downlink: Specifies the traffic from system to MN. Default is set to forward.

uplink: Specifies the traffic from MN to system. Default is set to forward.

forward

Forwards the packets which do not match any policy gates. Default: Enabled

discard

Discards the packets which do not match any policy gates. Default: Disabled


Usage:

This command provides configuration on traffic policy applied on packets which are not matching any policy gate in general PDP context. Packets can either be forwarded or discarded on the basis of operator’s configuration.

This command needs to be configured once for downlink and once for uplink separately.


Example:
The following command discards uplink packets which do not match any policy gate in general purpose PDP context.
traffic-policy general-pdp-context
no-matching-gates direction uplink discard