- Overview of ISG
- Configuring ISG Control Policies
- Configuring ISG Access for PPP Sessions
- Configuring ISG Access for IP Subscriber Sessions
- Configuring ISG IPv6 Support
- Configuring MQC Support for IP Sessions
- Configuring ISG Port-Bundle Host Key
- Configuring ISG as a RADIUS Proxy
- Configuring ISG as a RADIUS Proxy in Passthrough Mode
- ISG RADIUS Proxy Support for Mobile Users—Hotspot Roaming and Accounting Start Filtering
- Walk-By User Support in ISG
- ISG L2 Subscriber Roaming
- Configuring RADIUS-Based Policing
- ISG Dynamic VLAN Interface Provisioning
- Ambiguous VLAN Support for IP sessions over ISG
- Configuring ISG Policies for Automatic Subscriber Logon
- Configuring DHCP Option 60 and Option 82 with VPN-ID Support for Transparent Automatic Logon
- Enabling ISG to Interact with External Policy Servers
- Configuring ISG Subscriber Services
- Configuring ISG Network Forwarding Policies
- Configuring ISG Accounting
- Configuring ISG Support for Prepaid Billing
- Configuring ISG Policies for Session Maintenance
- Redirecting Subscriber Traffic Using ISG Layer 4 Redirect
- Configuring Layer 4 Redirect Logging
- Configuring ISG Policies for Regulating Network Access
- Configuring ISG Integration with SCE
- Service Gateway Interface
- ISG MIB
- ISG SSO and ISSU
- ISG Debuggability
- Troubleshooting ISG with Session Monitoring and Distributed Conditional Debugging
- Configuring ISG Troubleshooting Enhancements
- Index
ISG Template-based Policy and Feature Provisioning
The ISG Template-based Policy and Feature Provisioning feature improves CPU utilization and supports higher Cisco Intelligent Services Gateway (ISG) session scale and calls per second (CPS) rates. This module describes how to configure ISG to bring up templates on subscriber sessions for policy and feature provisioning and management.
- Prerequisites for ISG Template-based Policy and Feature Provisioning
- Restrictions for ISG Template-based Policy and Feature Provisioning
- Information About ISG Template-based Policy and Feature Provisioning
- Configuration Examples for ISG Template-based Policy and Feature Provisioning
Prerequisites for ISG Template-based Policy and Feature Provisioning
- If the Cisco IOS software on the device is upgraded to Cisco IOS XE Release 3.11S or downgraded to a prior version, IP subscriber sessions need to be cleared.
- Before using the information in this module, it is recommended that you be familiar with how to configure and use ISG control policies. For more information about ISG control policies, see the “Configuring ISG Control Policies” module.
Restrictions for ISG Template-based Policy and Feature Provisioning
- Subscriber templating is supported only on the Cisco ASR 1000 Series Aggregation Services Routers.
- Templating is enabled by default in Cisco IOS XE Release 3.11S and later releases. This is applicable even when the Cisco IOS software is upgraded to Cisco IOS XE Release 3.11S or later releases. It is recommended not to disable it.
- The lawful intercept (LI), per-user access control list (ACL), and per-user QoS features are not supported. However, these features can be provisioned on a session even if they are not provisioned through the template.
- Performance improvements due to templating are applicable only to IP-based sessions.
- Software path in IOL is not supported for templating.
- PPP subscriber sessions are not templated.
- Lite session limits are handled more gracefully.
- Sessions cannot be scaled beyond 128k on FP40.
- Walkby sessions cannot be scaled beyond 1.05M sessions.
- During ISSU upgrade to Cisco IOS XE Release 3.11S or downgrade to an earlier release, the existing sessions are lost and need to be recreated.
- The Layer 4 redirect (L4R) feature appears twice in the template.
Information About ISG Template-based Policy and Feature Provisioning
ISG Policy Provisioning Model
Historically, ISG subscriber policies and services were provisioned individually as separate features. There were very few policies that varied from session to session. As most sessions shared common policies, this led to poor utilization of CPU resources and hence a sluggish system.
To enhance system performance, a template of each policy is assigned an ID and provisioned once on the layer. This template policy is then customized for each subscriber session with the features specific to that session. Templating also applies to services where a template service can be provisioned on a layer. In this case, the policy template can be represented by a set of service template IDs. In the event that an applied policy on a session changes (on policy event or CoA), a new policy template is referenced.
 Note | Prior to Cisco IOS XE Release 3.11S, the service policy was removed when the number of sessions using it becomes zero. However, after templating is enabled by default, a delay of 5 minutes is introduced to remove the idle service. This prevents the service policy from being modified during this period (that is the new service policy will not be downloaded until the older one gets deleted). As a workaround, the new service policy name can be renamed so that it is treated as a new service and is downloaded immediately. |
Benefits of Templating
- It improves system resource utilization resulting in better performance.
- It enables better Quantum Flow Processor (QFP) memory usage per single stack or dual stack session.
- It improves CPS rates and scaling.
- It enhances CPU utilization and reduces delays due to reduced messaging for policy provisioning on sessions.
Configuration Examples for ISG Template-based Policy and Feature Provisioning
Example: Verifying ISG Template-based Policy and Feature Provisioning
The following examples show sample output generated from the configuration of ISG templating:
Device# show subscriber template
Template Id Associated Sessions Creation Time
1 1 4:15:2013 7:38:850
Device# show subscriber template id 1
Template Id Associated Sessions Creation Time
1 1 4:15:2013 7:38:850
Class-id: 0
Features:
Idle Timeout:
Dir: In/Out
Keepalive:
Dir: In/Out
Portbundle Hostkey:
Dir: In/Out
Forced flow Routing:
URL Based Redirection:
Next-Hop Ip: 10.10.0.2
Class-id: 12
Features:
Accounting:
Dir Traffic Status
In/Out Allowed/Not Allowed
Prepaid Idle Time:
Dir: In/Out
Prepaid Volume Monitor:
Dir Traffic Status
In/Out Allowed/Not Allowed
Prepaid Time Monitor:
Dir Traffic Status
In/Out Allowed/Not Allowed
Class-id: 6
Features:
L4 Redirect:
Aclnum Srv_ip Duration Frequency
0 3:3:3:1 0 0
Class-id: 2
Features:
Policing:
Dir Rate_in Limit_in Extended_Limit_in
In/Out 40 480000 960000
Device# show subscriber template state ISG templating is ON Total number of templates 1
Feedback