The ECS is an enhanced or extended premium service. The System Administration Guide provides basic system configuration information, and the product administration guides provide information to configure the core network service functionality. It is recommended that you select the configuration example that best meets your service model, and configure the required elements for that model before using the procedures in this document.
The ECS in-line service runs on Cisco ASR 5x00 chassis running StarOS. The chassis can be configured with a variety of components to meet specific network deployment requirements. For additional information, refer to the Installation Guide for the chassis and/or contact your Cisco account representative.
For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.
Important: For more information on CSS, refer to the Content Service Steering chapter of the System Administration Guide. For more information on ACLs, refer to the IP Access Control Lists chapter of the System Administration Guide.|
•
|
Shallow Packet Inspection—Inspection of the layer 3 (IP header) and layer 4 (for example, UDP or TCP header) information.
|
|
•
|
Deep Packet Inspection—Inspection of layer 7 and 7+ information. DPI functionality includes:
|
|
•
|
Routing Ruledefs—Routing ruledefs are used to route packets to content analyzers. Routing ruledefs determine which content analyzer to route the packet to when the protocol fields and/or protocol-states in ruledef expression are true. Up to 256 ruledefs can be configured for routing.
|
|
•
|
Charging Ruledefs—Charging ruledefs are used to specify what action to take based on the analysis done by the content analyzers. Actions can include redirection, charge value, and billing record emission. Up to 2048 charging ruledefs can be configured in the system.
|
|
•
|
Post-processing Ruledefs—Used for post-processing purposes. Enables processing of packets even if the rule matching for them has been disabled.
|
|
•
|
TPO Ruledefs—Used for Traffic Performance Optimization (TPO) in-line service match-rule and match-advertisement features.
|
For more information on TPO, refer to the Traffic Performance Optimization Administration Guide.
Important: When a ruledef is created, if the rule-application is not specified for the ruledef, by default the system considers the ruledef as a charging ruledef.
Important: Ruledef priorities control the flow of the packets through the analyzers and control the order in which the charging actions are applied. The ruledef with the lowest priority number invokes first. For routing ruledefs, it is important that lower level analyzers (such as the TCP analyzer) be invoked prior to the related analyzers in the next level (such as HTTP analyzer and S-HTTP analyzers), as the next level of analyzers may require access to resources or information from the lower level. Priorities are also important for charging ruledefs as the action defined in the first matched charging rule apply to the packet and ECS subsystem disregards the rest of the charging ruledefs.ruledef port-80
rule-application routing
ruledef bbc-news
http url starts-with http://news.bbc.co.uk
rule-application charging
ruledef catch-all
ip any-match = TRUE
rule-application charging
charging-action free-site
content-id 100
charging-action charge-by-duration
content-id 101
rulebase standard
|
Step a
|
|
Step b
|
Important: In the current release traffic routes to the ICMP, TCP, and UDP analyzers by default. Therefore, defining routing ruledefs for these analyzers is not required.
Important: The features described in this section may be licensed Cisco features. A separate feature license may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.|
•
|
Flow Control Functionality—Provides the ability to define and manage the number of simultaneous IP-based sessions and/or the number of simultaneous instances of a particular application permitted for the subscriber.
|
|
•
|
Subscriber-Level Session Quota—Configurable on a per-rulebase basis
|
|
•
|
Application-Level Session Quota—Configurable on a per-charging-action basis
|
|
•
|
Bandwidth Control Functionality—Allows the operator to apply rate limit to potentially bandwidth intensive and service disruptive applications.
|
|
•
|
|
•
|
Start of PDP context—Upon encountering this event, a Credit Control Request (CCR) starts, indicating the start of the PDP context, is sent towards the Online Charging Service. The data volume is captured per service data flow for the PDP context.
|
|
•
|
Start of service data flow—An interim CCR is generated for the PDP context, indicating the start of a new service data flow, and a new volume count for this service data flow is started.
|
|
•
|
Termination of service data flow—The service data flow volume counter is closed, and an interim CCR is generated towards the Online Charging Service, indicating the end of the service data flow and the final volume count for this service data flow.
|
|
•
|
End of PDP context—Upon encountering this event, a CCR stop, indicating the end of the PDP context, is sent towards the Online Charging Service together with the final volume counts for the PDP context and all service data flows.
|
|
•
|
Expiration of an operator configured time limit per PDP context—This event triggers the emission of an interim CCR, indicating the elapsed time and the accrued data volume for the PDP context since the last report.
|
|
•
|
Expiration of an operator configured time limit per service data flow—The service data flow volume counter is closed and an interim CCR is sent to the Online Charging Service, indicating the elapsed time and the accrued data volume since the last report for that service data flow. A new service data flow container is opened if the service data flow is still active.
|
|
•
|
Expiration of an operator configured data volume limit per PDP context—This event triggers the emission of an interim CCR, indicating the elapsed time and the accrued data volume for the PDP context since the last report.
|
|
•
|
Expiration of an operator configured data volume limit per service data flow—The service data flow volume counter is closed and an interim CCR is sent to the Online Charging Service, indicating the elapsed time and the accrued data volume since the last report for that service data flow. A new service data flow container is opened if the service data flow is still active.
|
|
•
|
Change of charging condition—When QoS change, tariff time change are encountered, all current volume counts are captured and sent towards the Online Charging Service with an interim CCR. New volume counts for all active service data flows are started.
|
|
•
|
Administrative intervention by user/service also force trigger a chargeable event.
|
The file naming convention for created xDRs (EDR/UDR/FDRs) are described in the Impact on xDR File Naming section.
|
•
|
Instance-Level Load Balancing—Enables load balancing of calls based on resource usage for in-line service memory allocations. If an in-line service is configured on the chassis, all resource allocation and release (memory) would involve maintaining instance-level credit usage. Sessions would be more equally distributed based on the in-line memory credits rather than the number of sessions running on individual instances.
|
|
•
|
Subscriber Session Resource Monitoring—Enables monitoring individual subscriber resource usage and restricting unacceptable usage of resources by subscriber sessions. Every subscriber session will have a free ride until the operator configured threshold is reached. After that, any new resource requirement may be allowed based on the entitled services and the currently available memory in the system. Once resource allocation is failed for a subscriber session, the in-line service application requesting resource manages the failure handling.
|
Important: For more information on Content Filtering support, refer to the Content Filtering Services Administration Guide.
Important: In the 12.2 release, the DNS Snooping feature is supported only on the GGSN and P-GW.DNS Snooping is a licensed Cisco feature. A separate feature license may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.
Important: If the rule created using this feature is removed from the configuration then all the associated dynamic SDFs are removed immediately. The usage incurred by the subscriber for traffic matching the removed SDFs will be reported over the Gy interface when the usage reporting for the corresponding rating group is due.
|
•
|
The ip server-domain-name ruledef can be used as a predefined dynamic rule, static rule, or as a part of group of ruledefs. However, it cannot be used as a dynamic-only rule, as dynamic-only rules apply up to L4 and this is an L7 rule.
|
Important: In this release, the Tethering Detection feature is supported only on the GGSN and HA.
Important: In the 12.2 release, Tethering Detection is supported only for IPv4 (TCP) traffic flows.|
•
|
HTTP UserAgent String based Device Signature Detection—In this method the HTTP analyzers extract and analyze the UserAgent string from the first HTTP request sent by the MS.
|
|
•
|
TCP-SYN based Device OS Fingerprint Signature Detection—In this method the IP (L3) and TCP (L4) analyzers extract and analyze certain values from the following IP and TCP header fields of the first packet of a TCP flow sent by the MS.
|
|
•
|
|
•
|
|
•
|
|
•
|
Mobile Device TAC Number based Detection—The Type Allocation Code (TAC) number is part of the IMEI number which is available after the call is established. The TAC number of the bearer is looked up in the mobile smartphone TAC database. If a match is found, the actual tethering detection decision for that subscriber session depends on subsequent OS and/or UA match. If required, subsequently ECS performs tethering detection for all flows for that subscriber.
|
Important: Note that TAC number based detection by itself is not a tethering detection method. It only aids in deciding for which of the mobile smartphones connecting to the gateway tethering detection must be carried out. It helps in reducing the scope of tethering detection to only those smartphones that provide users tethering capability.If MUR is not deployed, then the database file must be manually placed on the ASR chassis, in the /mnt/hd-raid/data/databases/ directory, and loaded into configuration using CLI command.
For more information on MUR, refer the MUR Online Help System and the Mobility Unified Reporting System Installation and Administration Guide.
Before the database(s) can be loaded for the first time, tethering detection must be enabled using the tethering-database CLI command in the ACS Configuration Mode.
|
•
|
tlen: Total IP Packet Length
|
|
•
|
ttl: Initial TTL
|
|
•
|
d: IP DF bit
|
|
•
|
wlen: TCP Window Length
|
|
•
|
mss: TCP Maximum Segment Size
|
|
•
|
wss: TCP option Window Size Scale
|
|
•
|
S: TCP option Selective ACK OK
|
|
•
|
T: TCP option Timestamp
|
|
•
|
E: TCP option EOL
|
|
•
|
N: TCP option NOP (count)
|
Any further upgrades to the database files can be done by placing the file named new-filename in the designated directory path. ACS auto-detects the presence of files available for upgrade daily. When a new version of a file is found, the upgrade process is triggered. The upgrade can also be forced by running the upgrade command in the CLI. On a successful upgrade this file is renamed to filename.
Important: The time considered for timedef matching is the system’s local time.
Important: A prefixed URL can be detected and stripped if it is of the type “http://www.xyz.com/http://www.abc.com”. Here, “http://www.xyz.com” will be stripped off. But in “http://www.xyz.com/www.abc.com”, it cannot detect and strip off “http://www.xyz.com” as it looks for occurrence of “http” or “https” within the URL.
Important: After TCP Proxy is enabled for a connection, the connection will remain proxied for it’s lifetime. TCP Proxy cannot be disabled for the flow.ECS supports bulkstats for the TCP Proxy feature. For details see the ECS Schema Statistics chapter of the Statistics and Counters Reference.
|
5.
|
|
6.
|
|
1.
|
|
1.
|
Important: In this release, the X-Header Insertion and Encryption features are supported only on the GGSN, IPSG, and P-GW.X-Header Insertion and Encryption are both licensed Cisco features. A separate feature license may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.
For example, if you want to insert the field x-rat-type in the HTTP header with a value of rat-type, the header inserted should be:
Important: Recovery of flows is not supported for this feature.
Important: Some feature described in this section are licensed Cisco features. A separate feature license may be required. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of the Software Management Operations chapter in the System Administration Guide.For more information on GTPP accounting, refer to the GTPP Accounting Overview chapter in the AAA and GTPP Interface Administration and Reference.
|
•
|
Subscriber Category Request—ECS obtains the subscriber category from the AAA server (either prepaid or postpaid) when a new data session is detected. The AAA server used for the subscriber category request can be different from the AAA server used for service authorization and accounting.
|
|
•
|
Service Access Authorization—ECS requests access authorization for a specific subscriber and a newly detected data session. The AAA server is the access Policy Decision Point and the ECS the Policy Enforcement Point.
|
|
•
|
On-line Service Accounting (Prepaid)—ECS reports service usage to the AAA server. The AAA server acts as a prepaid control point and the ECS as the client. Accounting can be applied to a full prepaid implementation or just to keep ECS updated of the balance level and trigger a redirection if the subscriber balance reaches a low level.
|
|
•
|
Real-time Rate Service Information—DCCA can verify when end subscribers' accounts are exhausted or expired; or deny additional chargeable events.
|
|
•
|
Support for Multiple Services: DCCA supports the usage of multiple services within one subscriber session. Multiple service support includes:
|
Important: For more information on Gx interface support, see the Gx Interface Support appendix in the administration guide for the product that you are deploying.
Important: For more information on Gy interface support, see the Gy Interface Support appendix in the administration guide for the product that you are deploying.
Important: In EDRs, the maximum field length for normal and escaped strings is 127 characters. If a field’s value is greater than 127 characters, in the EDR it is truncated to 127 characters.|
•
|
RADIUS Credit Control Application—RADIUS is used as the interface between ECS and the prepaid charging server. The RADIUS Prepaid feature of ECS is separate to the system-level Prepaid Billing Support and that is covered under a different license key.
|
|
•
|
Diameter Credit Control Application—The Diameter Credit Control Application (DCCA) is used to implement real-time credit control for a variety of services, such as networks access, messaging services, and download services.
|
|
•
|
Real-time Rate Service Information—DCCA can verify when end subscribers' accounts are exhausted or expired; or deny additional chargeable events.
|
|
•
|
Support for Multiple Services—DCCA supports the usage of multiple services within one subscriber session. Multiple service support includes:
|
Important: G-CDRs and eG-CDRs are only available in UMTS networks.ECS also supports FBC and TBC methods for postpaid billing. For more information on FBC and TBC in ECS, see the Enhanced Services in ECS section.
Important: For information on ESS contact your Cisco account representative.
Important: For information on availability/support for L-ESS, contact your Cisco account representative.
Important: For more information on the L-ESS, refer to the ESS Installation and Administration Guide. 
Caution: Persistent data flows are NOT recoverable during session recovery.
Important: Redundancy is not available in the current version of the Cisco XT2 platform.
Important: In order for session recovery to work there should be at least four packet processing cards, one standby and three active. Per active CPU with active SessMgrs, there is one standby SessMgr, and on the standby CPU, the same number of standby SessMgrs as the active SessMgrs in the active CPU.The system supports the simultaneous use of ECS and the Inter-chassis Session Recovery feature. (For more information on the Inter-chassis Session Recovery feature, refer to the System Administration Guide.) When both features are enabled, ECS session information is regularly checkpointed from the active chassis to the standby as part of normal Service Redundancy Protocol processes.
In the event of an unplanned switchover, all accounting data that has not been written to the external storage is lost. (Note that either the ESS can pull the xDR data from the chassis, or the chassis can push the xDR files to a configured ESS at user-configured intervals. For more information, see External Storage System section.) Upon completion of switchover, the ECS sessions are maintained and the “now-active” chassis recreates all of the session state information including the generation of new xDRs.
Regardless of the type of switchover that occurred, the names of the new xDR files will be different from those stored in the /records directory of packet processing card RAM on the “now-standby” chassis. Also, in addition to the file name, the content of many of the fields within the xDR files created by the “now-active” chassis will be different. ECS manages this impact with recovery mechanism. For more information on the differences and how to correlate the two files and other recovery information, see the Impact on xDR File Naming section.
|
•
|
basename—A global configurable text string that is unique per system that uniquely identifies the global location of the system running ECS.
|
|
•
|
ChargSvcName—A system context-based configurable text string that uniquely identifies a specific context-based charging service.
|
|
•
|
timestamp—Date and time at the instance of file creation. Date and time in the form of “MMDDYYYYHHmmSS” where HH is a 24-hour value from 00-23.
|
|
•
|
SeqNumResetIndicator—A one-byte counter used to discern the potential for duplicated FileSeqNumber with a range of 0 through 255, which is incremented by a value of 1 for the following conditions:
|
|
•
|
FileSeqNumber—Unique file sequence number for the file with nine-digit integer having range from 000000000 to 999999999. It is unique on each system.
|
|
•
|
|
•
|
