Use the following configuration to enable DNS filtering:
configure
active-charging-service service_name
content-filtering range start_min_val to end_max_val
If the range parameter is set from 10 through 1000, any subscriber profile with a content filter policy ID from 10 through
1000 uses the standard content filtering functionality. Any subscriber profile with a content filter policy ID higher than
1000 or lower than 10 triggers the new EDNS0 functionality.
Use the following configuration to disable DNS filtering:
configure
active-charging-service service_name
no content-filtering range
When DNS filtering is disabled, the standard content filtering policies resume as configured or as received from the PCF.
Use the following configuration to configure the EDNS packet action and format under the active-charging service:
configure
active-charging-service service_name
trigger-condition trigger_condition_name
external-content-filtering
app-proto = dns
end
NOTES:
-
external-content-filtering : Enables EDNS0 feature. When this flag is true along with the range criteria, EDNS0 feature is enabled. By default, this
flag is disabled.
-
app-proto = dns : Avoids the IP readdressing of the non-DNS traffic. If this CLI is enabled with multiline-or cli, then all DNS traffic is
EDNS encoded.
The following configuration leads the trigger action to define the EDNS format to be inserted in the EDNS packet:
configure
active-charging-service service_name
trigger-action trigger_action_name
edns-format format_name
security-profile profile_name
flow action readdress server-list server_list_name [ hierarchy ] [ round-robin ] [ discard-on-failure ]
end
NOTES:
-
trigger-action
trigger_action_name : Enables you to configure the flow action CLIs in the trigger action.
-
edns-format
format_name : Use the EDNS format when EDNS is applied.
-
security-profile
profile_name : Defines the security profile configuration in the EDNS to add mapping with the Device-ID.
Note |
Device ID in EDNS0 Records feature supports multiple security profiles.
|
-
flow action readdress server-list
server_list_name
[ hierarchy ] [ round-robin ] [ discard-on-failure ] : Associates the EDNS with IP readdressing. Use IP readdressing to readdress the packets to the configured server IPs. This
CLI in trigger action supports only server list configuration. It doesn’t support single-server IP or port configuration like
charging action.
Use the following configuration to insert the CF policy ID in the EDNS:
configure
active-charging-service service_name
edns
fields fields_name
tag { val { imsi | msisdn | cf-policy-id }}
end
To configure the 32 MS bit, static value is provided at the EDNS level with the security profile.
security-profile security_profile cf-policy-id-static-prefix value
Use the following configuration to insert a new tag specifying the payload length:
tag default payload-length [ tcp | udp ] value
Value range: 576–4096