Step 2
Step 3
Step 4 Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode command save configuration. For additional information on how to verify and save configuration files, refer to the System Administration Guide and the Command Line Interface Reference.Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
• Note that only Administrator and Config-administrator level users can provision ECS functionality. Refer to the Configuring System Settings chapter of the System Administration and Configuration Guide for additional information on administrative user privileges.For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.interface <interface_name>ip address <ip_address/mask>
• The require active-charging command must be configured before any services are configured, so that the resource subsystem can appropriately reserve adequate memory for ECS-related tasks. After configuring this command, the configuration must be saved and the system rebooted in order to allocate the resources for ECS on system startup.
Step 2
Step 4
Step 5
Step 6
Step 7
Step 8 Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode command save configuration. For additional information on how to verify and save configuration files, refer to the System Administration Guide and the Command Line Interface Reference.Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
active-charging service <ecs_service_name>active-charging service <ecs_service_name>ruledef <ruledef_name>
• For information on all the protocol types, expressions, operators, and conditions supported, refer to the ACS Ruledef Configuration Mode Commands chapter of the Command Line Interface Reference.
• The rule-application command specifies the ruledef type. By default, if not specified, the system considers a ruledef as a charging ruledef.
• TPO ruledefs are used for Traffic Performance Optimization (TPO) in-line service match-rule and match-advertisement features. For more information on TPO, refer to the Traffic Performance Optimization Administration Guide.show active-charging ruledef { all | charging | name ruledef_name | post-processing | routing | tpo }active-charging service <ecs_service_name>group-of-ruledefs <ruledef_group_name>
• The group-of-ruledefs-application command specifies the group-of-ruledef type. By default, if not specified, the system considers a group-of-ruledef as a charging group-of-ruledef.
• TPO group-of-ruledefs are used for Traffic Performance Optimization (TPO) in-line service match-rule and match-advertisement features. For more information on TPO, refer to the Traffic Performance Optimization Administration Guide.show active-charging group-of-ruledefs name <ruledef_group_name>active-charging service <ecs_service_name>charging-action <charging_action_name>content-id <content_id>billing-action { create-edrs { charging-edr <charging_edr_format_name> | reporting-edr <reporting_edr_format_name> } + [ wait-until-flow-ends ] | egcdr | exclude-from-udrs | radius | rf } +show active-charging charging-action name <charging_action_name>active-charging service <ecs_service_name>charging-action <charging_action_name>active-charging service <ecs_service_name>charging-action <charging_action_name>nexthop-forwarding-address <ip_address>active-charging service <ecs_service_name>rulebase <rulebase_name>flow end-condition { content-filtering | hagr | handoff | normal-end-signaling | session-end | url-blacklisting | timeout } [ flow-overflow ] + { charging-edr <charging_edr_format_name> | reporting-edr <reporting_edr_format_name> }billing-records udr udr-format <udr_format_name>action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledef_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }route priority <route_priority> ruledef <ruledef_name> analyzer <analyzer> [ description <description> ]udr threshold interval <interval>cca radius accounting interval <interval>show active-charging rulebase name <rulebase_name>active-charging service <ecs_service_name>edr-format <edr_format_name>attribute <attribute> { [ format { MM/DD/YY-HH:MM:SS | MM/DD/YYYY-HH:MM:SS | YYYY/MM/DD-HH:MM:SS | YYYYMMDDHHMMSS | seconds } ] [ localtime ] | [ { ip | tcp } { bytes | pkts } { downlink | uplink } ] priority <priority> }Important: For information on EDR format configuration and rule variables, refer to the EDR Format Configuration Mode Commands chapter of the Command Line Interface Reference.
show active-charging edr-format name <edr_format_name>active-charging service <ecs_service_name>udr-format <udr_format_name>attribute <attribute> { [ format { MM/DD/YY-HH:MM:SS | MM/DD/YYYY-HH:MM:SS | YYYY/MM/DD-HH:MM:SS | YYYYMMDDHHMMSS | seconds } ] [ localtime ] | [ { bytes | pkts } { downlink | uplink } ] ] priority <priority> }Important: For information on UDR format configuration and rule variables, refer to the UDR Format Configuration Mode Commands chapter of the Command Line Interface Reference.
show active-charging udr-format name <udr_format_name>context <context_name>
• You must specify the sftp keyword to enable the new account to SFTP into the context to retrieve record files.Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
context <context_name>subscriber name <subscriber_name>active-charging rulebase <rulebase_name>context <context_name>apn <apn_name>active-charging rulebase <rulebase_name>This section describes how to configure the internal optimization level for improved performance when the system evaluates each instance of the action CLI command.active-charging service <ecs_service_name>rulebase <rulebase_name>
• In 11.0 and later releases, the medium option is deprecated.
• Both the high and medium options cause reorganization of the entire memory structure whenever any change is made (for example, addition of another action CLI command).
• The high option causes allocation of a significant amount of memory for the most efficient organization.Important: To configure and enable Diameter and DCCA functionality with ECS, you must obtain and install the relevant license on the chassis. Contact your Cisco account representative for detailed information on licensing requirements.
Important: Before configuring Diameter or RADIUS CCA, you must configure AAA parameters as described in the AAA and GTPP Interface Administration and Reference.
Step 1Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
active-charging service <ecs_service_name>charging-action <charging_action_name>
• <ecs_service_name> must be the name of the Enhanced Charging Service in which you want to configure Prepaid Credit Control Application.
• <charging_action_name> must be the name of the charging action for which you want to configure Prepaid Credit Control Application.
• Optional: To configure the redirection of URL for packets that match a ruledef and action on quota request timer, in the Charging Action Configuration Mode, enter the following command. This command also specifies the redirect-URL action on packet and flow for Session Control functionality.In 12.2 and later releases: flow action redirect-url <redirect_url> [ [ encryption { blowfish128 | blowfish64 } [ encrypted ] key <key> ] [ clear-quota-retry-timer ]
• Optional: To configure credit control quota related parameters, use the following configuration:active-charging service <ecs_service_name>rulebase <rulebase_name>cca quota { holding-time <holding_time> content-id <content_id> | retry-time <retry_time> [ max-retries <max_retries> ] }cca quota time-duration algorithm { consumed-time <consumed_time> [ plus-idle ] [ content-id <content_id> ] | continuous-time-periods <seconds> [ content-id <content_id> ] | parking-meter <seconds> [ content-id <content_id> ] }<rulebase_name> must be the name of the rulebase in which you want to configure Prepaid Credit Control configurables.
• Optional: To define credit control rules for quota state and URL redirect match rules with RADIUS AVP, use the following configuration:active-charging service <ecs_service_name>ruledef <ruledef_name>cca redirect-indicator <operator> <indicator_value><ruledef_name> must be the name of the ruledef that you want to use for Prepaid Credit Control Application rules.cca redirect-indicator configuration is a RADIUS-specific configuration.
• Optional: This is a Diameter-specific configuration. To configure the failure handling options for credit control session, in the Credit Control Configuration Mode, use the following configuration:active-charging service <ecs_service_name>failure-handling { ccfh-session-timeout <session_timeout> | { initial-request | terminate-request | update-request } { continue [ go-offline-after-tx-expiry | retry-after-tx-expiry ] | retry-and-terminate [ retry-after-tx-expiry ] | terminate }
• Optional: To configure the triggering option for credit reauthorization when the named values in the subscriber session changes, use the following configuration:active-charging service <ecs_service_name>
• Optional: This is a Diameter-specific configuration. If the configuration is for 3GPP network, to configure the virtual or real APN name to be sent in Credit Control Application (CCA) message, use the following configuration:active-charging service <ecs_service_name>Important: To configure and enable Diameter and DCCA functionality with ECS, you must obtain and install the relevant license on the chassis. Contact your Cisco account representative for detailed information on licensing requirements.
Important: It is assumed that you have already fully configured the AAA parameters as described in the AAA and GTPP Interface Administration and Reference, and Credit Control Application as described in Configuring Prepaid Credit Control Application (CCA) section for Diameter mode.
active-charging service <ecs_service_name>diameter origin endpoint <endpoint_name>diameter dictionary <dcca_dictionary>diameter peer-select peer <peer_name> [ realm <realm_name> ] [ secondary-peer <sec_peer_name> [ realm <realm_name> ] ] [ imsi-based { [ prefix | suffix ] <imsi/prefix/suffix_start_value> } [ to <imsi/prefix/suffix_end_value> ] ]
• Diameter peer configuration set with the diameter peer-select command can be overridden by the dcca peer-select peer command in the APN Configuration mode for 3GPP service networks, and in Subscriber Configuration mode in other service networks.
• The specific Credit Control Group to be used for subscribers must be configured in the APN Configuration Mode using the credit-control-group <cc_group_name> command.
• Optional: To configure the maximum time, in seconds, to wait for a response from Diameter peer, in the Credit Control Configuration Mode, enter the following command:diameter pending-timeout <duration>
• Optional: To configure Diameter Credit Control Session Failover, in the Credit Control Configuration Mode, enter the following command:When enabled, in the event of failure, failure handling action is based on the failure-handling CLI.
• Optional: If you want to configure the service for IMS authorization in 3GPP service network, you can configure dynamic rule matching with Gx interface and dynamic rule matching order in rulebase, use the following configuration:active-charging service <ecs_service_name>rulebase <rulebase_name>action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledef_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }
• Optional: To configure Diameter group AVP Requested-Service-Unit for Gy interface support to include a sub-AVP in CCRs using volume, time, and unit specific charging, in the Rulebase Configuration Mode, enter the following command:cca diameter requested-service-unit sub-avp { time cc-time <duration> | units cc-service-specific-units <charging_unit> | volume { cc-input-octets <bytes> | cc-output-octets <bytes> | cc-total-octets <bytes> } + }
• If the Diameter endpoint parameters are not yet configured, see the Configuring Diameter Endpoint section in the AAA and GTPP Interface Administration and Reference.Important: The dcca peer-select configuration completely overrides all instances of diameter peer-select configured within the Credit Control Configuration Mode for an Enhanced Charging Service.
context <context_name>subscriber name <subscriber_name>dcca peer-select peer <host_name> [ [ realm <realm_name> ] [ secondary-peer <host_name> [ realm <realm_name> ] ] ]Important: The dcca peer-select configuration completely overrides all instances of diameter peer-select configured within the Credit Control Configuration Mode for an Enhanced Charging Service.
context <context_name>apn <apn_name>dcca peer-select peer <host_name> [ [ realm <realm_name> ] [ secondary-peer <host_name> [ realm <realm_name> ] ] ]Important: The RADIUS Prepaid feature of ECS has no connection to the system-level Prepaid Billing Support or the 3GPP2 Prepaid features that are enabled under different licenses.
Important: It is assumed that you have already fully configured the AAA parameters as described in the AAA and GTPP Interface Administration and Reference, and Credit Control Application as described in Configuring Prepaid Credit Control Application (CCA) section for RADIUS mode.
active-charging service <ecs_service_name>rulebase <rulebase_name>
• <rulebase_name> must be the name of the rulebase in which you want to configure Prepaid Credit Control configurables.
• <vpn_context> must be the charging context in which the RADIUS parameters are configured:
• Optional: To specify the accounting interval duration for RADIUS prepaid accounting, in the Rulebase Configuration Mode, enter the following command:cca radius accounting interval <interval>
• Optional: To specify the user password for RADIUS prepaid services, in the Rulebase Configuration Mode, enter the following command:
• If RADIUS server parameters are not yet configured, configure them as described in the Configuring AAA Functionality section of the AAA and GTPP Interface Administration and Reference.
Step 1
Step 2
Step 3Important: Commands used in the configuration examples in this section provide base functionality to the extent that the most common or likely commands and/or keyword options are presented. In many cases, other optional commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands.
To create an ACL to use in steering subscriber traffic through ECS, use the following configuration:context <context_name>ip access-list <access_list_name>redirect css service <ecs_service_name> <keywords> <options>
• <ecs_service_name> must be the enhanced charging service’s name; no CSS service needs to be configured.To apply an ACL to a RADIUS-based subscriber, use the Filter-Id attribute. For more information on this attribute, refer to the AAA and GTPP Interface Administration and Reference.context <context_name>subscriber name <subscriber_name>context <context_name>context <context_name>apn <apn_name>For information on configuring GTPP accounting, refer to the GTPP Accounting Overview chapter in the AAA and GTPP Interface Administration and Reference.active-charging service <ecs_service_name>ip dns-learnt-entries timeout <timeout_period>ruledef <ruledef_name>ip server-domain-name { = | contains | ends-with | starts-with }<domain_name/domain_name_segment>rulebase <rulebase_name>context <context_name>cdr { purge { storage-limit <storage_limit> | time-limit <time_limit> } [ max-files <max_records_to_purge> ] | push-interval <push_interval> | push-trigger space-usage-percent <trigger_percentage> | remove-file-after-transfer | transfer-mode { pull [ module-only ] | push primary { encrypted-url <encrypted_url> | url <url> } [ [ max-files <max_records> ] [ module-only ] [ secondary { encrypted-secondary-url <encrypted_secondary_url> | secondary-url <secondary_url> } ] [ via local-context ] + ] | use-harddisk }file [ charging-service-name { include | omit } ] [ compression { gzip | none } ] [ current-prefix <string> ] [ delete-timeout <seconds> ] [ directory <directory_name> ] [ edr-format-name ] [ exclude-checksum-record ] [ field-separator { hyphen | omit | underscore } ] [ file-sequence-number rulebase-seq-num ] [ headers ] [ name <file_name> ] [ reset-indicator ] [ rotation [ num-records <number> | time <seconds> | volume <bytes> ] ] [ sequence-number { length <length> | omit | padded | padded-six-length | unpadded } ] [ storage-limit <limit> ] [ single-edr-format ] [ time-stamp { expanded-format | rotated-format | unix-format } ] [ trailing-text <string> ] [ trap-on-file-delete ] [ xor-final-record ] +file [ charging-service-name { include | omit } ] [ compression { gzip | none } ] [ current-prefix <string> ] [ delete-timeout <seconds> ] [ directory <directory_name> ] [ exclude-checksum-record ] [ field-separator { hyphen | omit | underscore } ] [ file-sequence-number rulebase-seq-num ] [ headers ] [ name <file_name> ] [ reset-indicator ] [ rotation [ num-records <number> | time <seconds> | volume <bytes> ] ] [ sequence-number { length <length> | omit | padded | padded-six-length | unpadded } ] [ storage-limit <limit> ] [ time-stamp { expanded-format | rotated-format | unix-format } ] [ trailing-text <string> ] [ trap-on-file-delete ] [ udr-seq-num ] [ xor-final-record ] +
• The cdr command keywords can be configured either in the EDR or the UDR Configuration Mode. Configuring in one mode prevents the configurations from being applied in the other mode.
• If the edr-module active-charging-service command is configured without the charging or reporting keywords, by default the EDR module is enabled for charging EDRs.
• The use-harddisk keyword is only available on the ASR 5000.To manually push EDR/UDR files to the configured L-ESS, in the Exec mode, use the following command:
• The cdr-push command is available in the Exec Mode.
• <file_name> must be absolute path of the local file to push.This was done with the FTP-enabled account that you configured in the Enabling Charging Record Retrieval sectionThe following commands use SFTP to log on to a context named ECP as a user named ecpadmin, through an interface configured in the ECS context that has the IP address 192.168.1.10 and retrieve all EDR or UDR files from the default locations:active-charging service <ecs_service_name>fair-usage threshold-percent <usage_threshold>fair-usage deact-margin <deactivate_margin>fair-usage adjust-factor <adjust_factor>fair-usage inline-memory-share <max_mem_for_in-line>rulebase <rulebase_name>fair-usage session-waiver-percent <session_waiver>
• fair-usage command enables the Fair Usage feature.
• fair-usage threshold-percent <usage_threshold> command configures when to enable resource monitoring. As long as the amount of available memory is greater than the configured threshold, any memory requests are granted.<usage_threshold> is a percent value, and must be an integer from 1 through 100.
• fair-usage deact-margin <deactivate_margin> command configures when to disable resource monitoring. It is the window size between restricting/not restricting memory utilization.<deactivate_margin> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 10 percent.
• fair-usage adjust-factor <adjust_factor> is a hidden CLI command available to operators. This command configures the accuracy of memory reporting. When Session Manager reports its memory consumption, this percentage is added to the value being reported. With this, the reported memory will change as the sessions obtain/release memory.<adjust_factor> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 10 percent.
• fair-usage inline-memory-share <max_mem_for_in-line> is a hidden CLI command available to operators for fine tuning the the performance of this feature. This command configures the amount of memory possibly allocated to in-line services on a Session Manager instance. This limit is per Session Manager.<max_mem_for_in-line> is a percentage value, and must be an integer from 1 through 100. By default, it is set to 60 percent.
• fair-usage session-waiver-percent <session_waiver> command configured in the rulebase configures a waiver for subscribers using the rulebase to use more than the average amount of memory limit configured in the fair-usage threshold-percent <usage_threshold> command.<session_waiver> is a percentage value, and must be an integer from 0 through 1000. By default, it is set to 20 percent.active-charging service <ecs_service_name>ruledef <ruledef_name>charging-action <charging_action_name>rulebase <rulebase_name>action priority <action_priority> { [ dynamic-only | static-and-dynamic | timedef <timedef_name> ] { group-of-ruledefs <ruledef_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ monitoring-key <monitoring_key> ] [ description <description> ] }active-charging service <ecs_service_name>rulebase <rulebase_name>tcp proxy-mode { dynamic { all | content-filtering | dcca | ip-readdressing | nexthop-readdressing | xheader-insert + } | static [ port [ <port_number> [ to <port_number> ] ] ] }active-charging service <ecs_service_name>fair-usage tcp-proxy max-flows-per-subscriber <max_flows>fair-usage tcp-proxy memory-share <memory_share>
• <max_flows> specifies the maximum number of flows for which TCP Proxy can be used per subscriber. Note that this limit is per Session Manager.
• <memory_share> specifies what portion of ECS memory should be reserved for TCP Proxy flows. Note that it is a percentage value.show active-charging tcp-proxy statistics [ rulebase <rulebase_name> ] [ verbose ] [ | { grep <grep_options> | more } ]active-charging service <ecs_service_name>tethering-database [ os-signature <os_signature_db_file_name> | tac <tac_db_file_name> | ua-signature <ua_signature_db_file_name> ] +ruledef <tethering_detection_ruledef_name>rulebase <rulebase_name>action priority <priority> ruledef <tethering_detection_ruledef_name> charging-action <charging_action_name>Any further upgrades to the database files can be done by placing the file named new-filename in the designated directory path. ECS auto-detects the presence of files available for upgrade daily. When a new version of a file is found, the upgrade process is triggered. The upgrade can also be forced by running the upgrade command in the CLI. On a successful upgrade this file is renamed to filename.active-charging service <ecs_service_name>ruledef <ruledef_name>timedef <timedef_name>start day { friday | monday | saturday | sunday | thursday | tuesday | wednesday } time <hh> <mm> <ss> end day { friday | monday | saturday | sunday | thursday | tuesday | wednesday } time <hh> <mm> <ss>charging-action <charging_action_name>rulebase <rulebase_name>action priority <action_priority> timedef <timedef_name> { group-of-ruledefs <ruledef_group_name> | ruledef <ruledef_name> } charging-action <charging_action_name> [ description <description> ]show active-charging timedef name <timedef_name>active-charging service <ecs_service_name>group-of-prefixed-urls <prefixed_urls_group_name>To configure the URLs to be filtered in the group-of-prefixed-URLs, use the following configuration:active-charging service <ecs_service_name>group-of-prefixed-urls <prefixed_urls_group_name>prefixed-url <url_1>prefixed-url <url_10>active-charging service <ecs_service_name>rulebase <rulebase_name>url-preprocessing bypass group-of-prefixed-urls <prefixed_urls_group_name>url-preprocessing bypass group-of-prefixed-urls <prefixed_urls_group_name>show active-charging group-of-prefixed-urls name <prefixed_urls_group_name>Important: This feature is license dependent. Please contact your Cisco account representative for more information.
Step 1
Step 2
Step 5 active-charging service <ecs_service_name>xheader-format <xheader_format_name>active-charging service <ecs_service_name>xheader-format <xheader_format_name>insert <xheader_field_name> { string-constant <xheader_field_value> | variable { bearer { 3gpp { apn | charging-characteristics | charging-id | imei | imsi | qos | rat-type | s-mcc-mnc | sgsn-address } | acr | customer-id | ggsn-address | mdn | msisdn-no-cc | radius-calling-station-id | session-id | sn-rulebase | subscriber-ip-address | username } [ encrypt ] | http { host | url } }active-charging service <ecs_service_name>charging-action <charging_action_name>xheader-insert xheader-format <xheader_format_name> [ encryption rc4md5 [ encrypted ] key key ] [ first-request-only ] [ -noconfirm ]Important: This feature is license dependent. Please contact your Cisco account representative for more information.
Step 2
Step 3 active-charging service <ecs_service_name>rulebase <rulebase_name>xheader-encryption certificate-name <certificate_name>xheader-encryption re-encryption period <re-encryption_period>
• certificate name <certificate_name> pem { { data <pem_certificate_data> private-key pem [ encrypted ] data <pem_pvt_key> } | { url <url> private-key pem { [ encrypted ] data <pem_pvt_key> | url <url> } }show active-charging xheader-format name <xheader_format_name>
|
| Cisco Systems Inc. |
| Tel: 408-526-4000 |
| Fax: 408-527-0883 |