Enables the DSCP marking feature for IP headers carrying outgoing A11-signalling A11 packets (such as RRP, RU, SU).

default

Restores the specified parameter to its default setting of 0x0.

no

Disables the specified functionality.

ip-header-dscp value

Configures the QoS Differentiated Services Code Point (DSCP) marking for IP header encapsulation.

value : Represents the DSCP setting as the first six most-significant bits of the ToS field. It can be configured to any hex value from 0x0 through 0x3F. Default is 0x0.

Associates accounting policies and QCI-QoS mapping parameters with this HSGW service.

no

Removes the specified associated policy or mapping from the service.

accounting-policy name

Specifies an existing accounting policy to associate with the HSGW service as an alphanumeric string of 1 through 63 characters.

qci-qos-mapping name

Specifies an existing QCI-QoS mapping configuration as an alphanumeric string of 1 through 63 characters.

QCI-QoS mapping is configured through the qci-qos-mapping command in the Global Configuration Mode.

Binds the service to a logical IP interface serving as the A10 interface and specifies the maximum number of subscribers that can access this service over the configured interface.

no

Removes the interface binding from this service.

address ip_address

Specifies the IP address of the A10/A11 interface in IPv4 dotted-decimal notation.

max-subscribers num

Specifies the maximum number of subscribers that can access this service on this interface as an integer from 0 through 2500000. Default: 2500000

Important

The maximum number of subscribers supported is dependant on the license key installed and the number of active PSCs in the system. A fully loaded system with 13 active PSCs can support 3,000,000 total subscribers. Refer to the license key command and the Usage section (below) for additional information.

Configures the maximum number of consecutive seconds that a UE session context (which includes the LCP, authentication and A10 session context for a given UE) is maintained by the HSGW before it is torn down.

default

Disables the timer.

no

Disables the timer.

timeout [ sec ]

Specifies the amount of time (in seconds) that the session context is maintained before it is disassembled as an integer from 1 through 3600. Default: 60.

In Release 15.0 and later, the maximum value has been increased to 86400 seconds (24 hours).

Enables sending the Data Available Indicator extension in A10/A11 Registration Reply messages.

Enables the data-over-signaling marking feature for A10 packets.

default

Enables the data-over signaling feature for A10 packets.

no

Disables the data-over signaling feature for A10 packets.

Identifies the location of the DNS client to the HSGW service and enables/disables P-GW load balancing using DNS SRV lookup.

default

Returns the command to its default setting of the current context.

By default, topology will be enabled and weight will be disabled.

no

Removes the configured DNS client context name or P-GW DNS selection criteria from this service.

context name

Specifies an existing context in which the DNS client is configured as an alphanumeric string of 1 through 79 characters.

selection { topology [ weight ] | weight }

Specifies P-GW DNS selection criteria.

topology : Enables topology selection, which selects a P-GW topologically closer to the HSGW.

topology weight : Enables topology selection with weight.

weight : Enables selection with weight only when both preference values are the same; disables topology selection.

Exits the current configuration mode and returns to the Exec mode.

Exits the current mode and returns to the parent configuration mode.

Configures the Fully Qualified Domain Name (FQDN) for this HSGW service.

default

Returns the command to the default setting of "null".

no

Removes the configured FQDN name from this service.

domain_name

Specifies an FQDN for the HSGW service as an alphanumeric string of 1 through 256 characters.

Important

In order to properly interact with other nodes in the network, the FQDN should be 96 alpha and/or numeric characters or less.

Enables or disables Point-to-Point Protocol (PPP) payload fragmentation.

default

Returns the command to its default setting of enabled.

no

Disables PPP payload fragmentation.

Configures Generic Routing Encapsulation (GRE) parameters for the A10 protocol within the HSGW service.

default

Restores the specified parameter to its default setting.

no

Disables the specified functionality.

checksum

Enables the introduction of the checksum field in outgoing GRE packets. Default: disabled

checksum-verify

Enables verification of the GRE checksum (if present) in incoming GRE packets. Default: disabled

flow-control [ action { disconnect-session | resume-session } ] [ timeout msecs ] +

Default: no GRE flow-control

Enables 3GPP2 GRE flow control which causes the HSGW to send flow control enabled Normal Vendor Specific Extensions (NVSE) in A11 RRPs.

action { disconnect-session | resume-session } :

Default: disconnect-session

timeout msecs

Specifies the amount of time (in milliseconds) to wait for an XON indicator from the RAN (after receiving an XOFF). Also sets the action to be taken if the timeout limit is reached.

msecs is an integer from 1 through 1000000. Default: 1000

ip-header-dscp value { all-control-packets | setup-packets-only }

Default: Disabled

reorder-timeout msecs

Configures the maximum number of milliseconds to wait before processing reordered out-of-sequence GRE packets as an integer from 0 through 5000. Default: 100

segmentation

Enables GRE Segmentation for the HSGW service. Default: disabled

sequence-mode { none | reorder }

Default: none

Configures handling of incoming out-of-sequence GRE packets.

none : Specifies that sequence numbers in packets are ignored and all arriving packets are processed in the order they arrive.

sequence-numbers

Enables insertion of GRE sequence numbers in data that is about to be transmitted over the A10 interface. Data coming into the system containing sequence numbers but that is out of sequence is not re-sequenced.

threegppp2-ext-headers qos-marking

When threegppp2-ext-headers qos-marking is enabled and the PCF negotiates capability in the A11 RRQ, the HSGW will include the QoS optional data attribute in the GRE 3gpp2 extension header.

The no keyword, enables qos-marking in the GRE header based on the tos value in the header.

Enables the use of Robust Header Compression (RoHC) and enters the HSGW Service ROHC Configuration Mode where RoHC parameters are configured for the service.

Configures the local User Datagram Protocol (UDP) port for the A10/A11 interface IP socket.

Sets the parameters for IP source validation. Source validation is useful if packet spoofing is suspected or for verifying packet routing and labeling within the network. Source validation requires the source address of received packets to match the IP address assigned to the subscriber (either statically or dynamically) during the session.

default

Resets the keyword to its default value.

no

header-compression rohc : Removes the RoHC configuration from this service.

ip source-violation clear-on-valid-packet : Disables the ability of the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed packet.

header-compression rohc

Specifies that Robust Header Compression will be applied to sessions using this service and enters the HSGW Service RoHC Configuration Mode where RoHC parameters are configured.

local-port number

Specifies the UDP port number as an integer from 1 through 65535. Default: 699

source-violation { clear-on-valid-packet | drop-limit num | period secs | reneg-limit num }

clear-on-valid-packet

Configures the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed packet. Default: disabled

drop-limit num

Specifies the number of allowed source violations within a detection period before forcing a call disconnect as an integer from 1 through 1000000. If num is not specified, the value is set to the default. Default: 10

period secs

Specifies the length of time (in seconds) for a source violation detection period to last; drop-limit and reneg-limit counters are decremented each time this value is reached.

The counters are decremented in this manner: reneg-limit counter is reduced by one (1) each time the period value is reached until the counter is zero (0); drop-limit counter is halved each time the period value is reached until the counter is zero (0). If secs is not specified, the value is set to the default.

secs is an integer from 1 through1000000. Default: 120

reneg-limit num

Sets the number of allowed source violations within a detection period before forcing a PPP renegotiation. If num is not specified, the value is set to the default.

num is an integer from 1 through 1000000. Default: 5

Specifies how long an A10 connection can exist before its registration is considered expired.

default

Resets the lifetime value to the default setting of 1800 seconds.

no

Specifies that an A10 connection can exist for an infinite amount of time.

time

Specifies the time (in seconds) that an A10 connection can exist before its registration is considered expired as an integer from 1 through 65534. Default: 1800

Configures the maximum number of times the HSGW service will attempt to communicate with an eAN/PCF before it marks it as unreachable.

default

Resets the maximum number of allowed retransmissions to the default value of 5.

count

Specifies the maximum number of times the HSGW service will attempt to communicate with an eAN/PCF before it marks it as unreachable.

count is an integer from 1 through 1000000. Default: 5

Identifies the mobile access gateway (MAG) context through which MIPv6 calls are to be routed.

no

Removes the configured MAG context route from this service.

context context_name [ mag-service service_name ]

Specifies the name of the context and, optionally, the service through which MIPv6 sessions are to be routed.

context_name is an existing context expressed as an alphanumeric string of 1 through 79 characters.

service_name is an existing MAG service expressed as an alphanumeric string of 1 through 63 characters.

Enables the use of network initiated QoS functionality.

default

Returns the command to its default setting of enabled.

no

Disables the ability to use network initiated QoS functionality.

Configures Public Land Mobile Network identifiers used to determine if a mobile station is visiting, roaming or belongs to this network.

mcc number mnc number

mcc number : Specifies the mobile country code (MCC) portion of the PLMN identifier as an integer fromn 100 through 999.

mnc number : Specifies the mobile network code (MNC) portion of the PLMN identifier as a 2- or 3-digit integer from 00 through 999.

Specifies how an HSGW service should handle overload conditions.

default

Returns the command to it default setting of "reject" with the "admin-prohibited" code.

no

Removes a specified "redirect address" from this service.

redirect address [ weight weight_num ] [ address2 [ weight weight_num ] ... address16 [ weight weight_num ] ]

This option enables a redirect policy for overloading conditions. When a redirect policy is invoked, the HSGW service rejects new sessions with an A11 Registration Reply Code of 88H (unknown HSGW address) and provides the IP address of an alternate HSGW. This command can be issued multiple times.

address : The IP address of an alternate HSGW expressed in IPv4 dotted decimal notation. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values.

weight weight_num : When multiple addresses are specified, they are selected in a weighted round-robin scheme. Entries with higher weights are more likely to be chosen. If a weight is not specified, the entry is automatically assigned a weight of 1 (default). weight_num must be an integer value from 1 through 10.

reject [ use reject-code { admin-prohibite | insufficient-resources } ]

This option will cause any overload traffic to be rejected. The HSGW sends an A11 Registration Reply Code of 82H (insufficient resources).

use-reject-code admin-prohibited : When this keyword is specified and traffic is rejected, the error code admin prohibited is returned instead of the error code "insufficient resources". This is the default behavior.

use-reject-code insufficient-resources : When this keyword is specified and traffic is rejected, the error code "insufficient resources" is returned instead of the error code admin prohibited.

Associates a configured mapping table for RP QoS Profile ID to LTE QoS Class Index (QCI) mapping with this service.

no

Removes all profile maps or a specific profile map from this service.

name

Specifies the name of an existing Profile ID - QCI Mapping table to be associated with this service as an alphanumeric string of 1 through 63 characters.

Configures parameters related to registration rejection.

default | no

Returns the command to its default settings.

handoff connection-setup-record-absent

When enabled, the HSGW denies or discards handoff R-P sessions that do not have an Airlink Connection Setup record in the A11 Registration Request.

Default is disabled. Default HSGW behavior is to accept such requests.

newcall connection-setup-record-absent

When enabled, the HSGW denies or discards new R-P sessions that do not have the Airlink Connection Setup record in the A11 Registration Request.

Default is disabled. Default HSGW behavior is to accept such requests.

use-deny-code { poorly-formed-request | reason-unspecified }

Sets the specified Registration Deny Code when denying a new call or handoff because of a missing connection setup record.

Configures the maximum allowable time for the HSGW service to wait for a response from the eAN/PCF before it attempts to communicate with the eAN/PCF again (if the system is configured to retry the PCF), or marks the eAN/PCF as unreachable.

default

Resets the timeout setting to the default value of 3.

no

Deletes a previously configured timeout value.

time

Specifies the maximum allowable time (in seconds) for the HSGW service to wait for a response from the eAN/PCF before it: a) attempts to communicate with the eAN/PCF again (if the system is configured to retry the PCF), or b) marks the eAN/PCF as unreachable.

time is an integer from 1 through 1000000. Default: 3

Configures resource reservation protocol (RSVP) parameters for this HSGW service in support of the network initiated QoS feature.

default

Resets the maximum number of allowed retransmissions to the default value of 5 or the timeout setting to the default value of 3.

no

Disables the feature.

max-retransmissions count

Specifies the maximum retransmission count of RP control packets as an integer from 1 through 1000000. Default: 5

retransmission-timeout seconds

Specifies the maximum amount of time (in seconds) to allow for retransmission of RP control packets as an integer from 1 through 1000000. Default: 3

Specifies the maximum amount of time allowed for session setup.

default

Resets the command to the default value of enabled with a timeout of 60 seconds.

no

Disables the feature.

seconds

Specifies the maximum amount of time (in seconds) to allow for setup of a session in this service as an integer from 1 though 1000000. Default: 60

Configures the security parameter index (SPI) between the HSGW service and the evolved Access Network/evolved Packet Control Function (eAN/ePCF). This command also configures the redirection of calls based on the PCF zone.

pcf_ip_address | ip_addr_mask_combo

pcf_ip_address : Specifies the IP address of the ePCF. pcf_ip_address is an IP address expressed in IPv4 dotted decimal notation or IPv6 colon separated notation.

ip_addr_mask_combo : Specifies the IP address and mask bits of the PCF. ip_addr_mask_combo must be specified using the form "IP Address/Mask Bits" where the IP address must in IPv4 dotted-decimal or IPv6 colon-separated notation, and the mask bits are a numeric value corresponding to the number of bits in the subnet mask.

spi-number number

Specifies the SPI which indicates a security context between the PCF and the HSGW as an integer from 256 through 4294967295.

encrypted secret enc_secret | secret secret

Configures the shared-secret between the HSGW service and the PCF. The secret can be either encrypted or non-encrypted.

encrypted secret enc_secret : Specifies the encrypted shared key (enc_secret ) between the PCF and the HSGW service. enc_secret must be between 1 and 236 alpha and/or numeric characters and is case sensitive.

secret secret : Specifies the shared key (secret) between the PCF and the HSGW services. secret must be between 1 and 127 alpha and/or numeric characters and is case sensitive.

The encrypted keyword is intended only for use by the chassis while saving configuration scripts. The system displays the encrypted keyword in the configuration file as a flag that the variable following the secret keyword is the encrypted version of the plain text secret key. Only the encrypted secret key is saved as part of the configuration file.

description string

This is a description for the SPI expressed as an alphanumeric string of 1 through 31 characters.

hash-algorithm { md5 | rfc2002-md5 }

Specifies the hash-algorithm used between the HSGW service and the PCF. Default: md5

md5 : Configures the hash-algorithm to implement MD5.

rfc2002-md5 : Configures the hash-algorithm to implement keyed-MD5.

replay-protection { nonce | timestamp }

Specifies the replay-protection scheme that should be implemented by the HSGW service. Default: timestamp

nonce : Configures replay protection to be implemented using NONCE (Number ONCE).

timestamp : Configures replay protection to be implemented using timestamps.

timestamp-tolerance tolerance

Specifies the allowable difference (in seconds) between timestamps as an integer from 0 through 65535. If the difference is exceeded, the session will be rejected. If set to 0, timestamp tolerance checking is disabled at the receiving end. Default: 60

zone zone_id

Specifies the different PCF zones to configure in HSGW service. Mapping of a zone-number to a set of HSGWs can be done per HSGW service basis.

zone_id is an integer value from 1 through 32. A maximum of 32 PCF zones can be configured for a HSGW service.

Configures the HSGW behavior for UE initiated QoS requests.

default

Returns the HSGW to the default behavior, where UE initiated QoS requests are accepted and forwarded to the PCRF via Gxa interface.

no

Enables rejection of UE initiated QoS request for dedicated bearer in HSGW service. HSGW does not forward the request to the PCRF over Gxa and instead rejects the UE initiated QoS immediately.

Configures the service to wait a specified number of seconds before triggering a QoS update to downgrade an unauthorized flow.

default

Returns the command to its default setting.

no

Removes the configure wait-timeout setting for this service.

qos-update wait-timeout seconds

Specifies the number of seconds to wait before triggering the QoS update to downgrade the unauthorized flow as an integer from 1 through 65534.