The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Configures Active Charging Service parameters.
Security Administrator, Administrator
Exec > Global Configuration
active-charging service service_name Specify the service name.
Must be a string.
Specify accelerated flow packet processing.
Use this command to configure the Active Charging Service parameters.
You can configure a maximum of one element with this command.
Configures bandwidth policy parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
bandwidth-policy bandwidth_policy_name Specify the active charging bandwidth policy name.
Must be a string.
Use this command to configure bandwidth policy parameters. Enters the Bandwidth Policy Configuration mode.
Configures bandwidth policy parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Bandwidth Policy Configuration
flow limit-for-bandwidth id id group-id group_id Specify the bandwidth ID.
Must be an integer in the range of 1-65535.
Specify the bandwidth policy group ID.
Must be an integer in the range of 1-65535.
Use this command to configure the bandwidth policy parameters.
Configures bandwidth policy group ID.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Bandwidth Policy Configuration
group-id group_id Specify the bandwidth policy group ID.
Must be an integer in the range of 1-65535.
Use this command to configure the bandwidth policy group ID.
Configures bandwidth control in downlink direction.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Bandwidth Policy Configuration
group-id group_id direction downlink Use this command to configure bandwidth control in downlink direction.
Configures peak bandwidth parameters.
Security Administrator, Administrator
Exec > Global Configuration
grpPeakBwp Specify the peak data rate option.
Must be one of the following:
peak-data-rate
peak-data-rate-kbps
Specify the bandwidth in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if Peak Data Rate is surpassed.
Must be one of the following:
discard
lower-ip-precedence
Specify the committed option.
Must be one of the following:
committed-data-rate
committed-data-rate-kbps
Specify the bandwidth in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the committed burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if committed data rate is surpassed.
Must be one of the following:
discard
lower-ip-precedence
Use this command to configure the peak bandwidth parameters.
Configures bandwidth control in uplink direction.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Bandwidth Policy Configuration
group-id group_id direction uplink Use this command to configure bandwidth control in uplink direction.
Configures peak bandwidth parameters.
Security Administrator, Administrator
Exec > Global Configuration
grpPeakBwp Specify the peak data rate option.
Must be one of the following:
peak-data-rate
peak-data-rate-kbps
Specify the bandwidth in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if Peak Data Rate is surpassed.
Must be one of the following:
discard
lower-ip-precedence
Specify the committed option.
Must be one of the following:
committed-data-rate
committed-data-rate-kbps
Specify the bandwidth in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the committed burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if committed data rate is surpassed.
Must be one of the following:
discard
lower-ip-precedence
Use this command to configure the peak bandwidth parameters.
Configures flow/session-based packet buffering.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
buffering-limit { [ flow-max-packets flow_max_packets ] [ subscriber-max-packets subscriber_max_packets ] } Specify the maximum number of packets to be buffered per flow.
Must be an integer in the range of 1-255.
Specify the maximum number of packets to be buffered per subscriber.
Must be an integer in the range of 1-255.
Use this command to configure flow/session-based packet buffering configuration.
Configures ACS charging actions.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
charging-action charging_action_name [ content-id content_id | nexthop-forwarding-address { ipv4_address | ipv6_address } | qos-class-identifier qos_class_id | service-identifier service_id | tft-notify-ue ] Specify the charging action name.
Must be a string.
Specify the content ID to use in the generated billing records, as well as the AVP used by the Credit Control Application, such as the "Rating-Group" AVP for use by the Diameter Credit Control Application (DCCA). This identifier assists the carrier's billing post processing and is also used by the credit-control system to use independent quotas for different value of content-id.
Must be an integer in the range of 1-2147483647.
Specify the nexthop forwarding address for this charging action. When an uplink packet matches a rule and a charging action is applied to it this nexthop forwarding address is used.
Must be an IP address.
Specify the QoS Class Identifier (QCI).
Must be an integer in the range of 1-9.
Specify the service identifier to use in the generated billing records, as well as the AVP used by the Credit Control Application, such as the "Service-Identifier" AVP for use by DCCA. This is a more general classifier than content-id.
Must be an integer in the range of 1-2147483647.
Specify whether or not TFT updates are sent to UE. Use this command to suppress the selected TFT updates from being sent to the UE. This helps to identify if the appropriate TFT defined in the charging action needs to be sent to the UE or not.
Use this command to create and configure an ACS charging action. A charging action represents actions to be taken when a configured rule is matched. Actions could range from generating an accounting record (for example, an EDR) to dropping the IP packet, etc. The charging action will also determine the metering principle whether to count retransmitted packets and which protocol field to use for billing (L3/L4/L7 etc).
charging-action action123 Configures the Allocation Retention Priority (ARP).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
allocation-retention-priority priority [ pci pci_value | pvi pvi_value ] Specify the priority.
Must be an integer in the range of 1-15.
Specify the Pre-emption Capability Indicator (PCI).
Must be one of the following:
NOT_PREEMPT
MAY_PREEMPT
Specify the Pre-emption Vulnerability Indicator (PVI).
Must be one of the following:
NOT_PREEMPTABLE
PREEMPTABLE
This command configures the ARP, which indicates the priority of allocation and retention of the service data flow. The ARP resolves conflicts in demand for network resources. At the time of resource crunch, this parameter prioritizes allocation of resources during bearer establishment and modification. In a congestion situation, a lower ARP flow may be dropped to free up capacity. Once a service flow is successfully established, this parameter plays no role in quality of service (QoS) experienced by the flow.
allocation-retention-priority 10 Configures the billing action for packets that match specific ruledefs.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
billing-action egcdr Specify to enable eG-CDR billing.
Use this command to enable eG-CDR type of billing for content matching this charging action.
Configures the credit control behavior.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
cca charging credit [ rating-group coupon_id ] [ preemptively-request ] Use this command to configure RADIUS/Diameter Prepaid Credit Control Charging behavior.
Configures credit control charging credit behavior.
Security Administrator, Administrator
credit rating-group coupon_id preemptively-request Specify the coupon ID used in prepaid charging as rating-group which maps to the coupon ID for prepaid customer. This option also assigns different content-types for the same charging action depending upon whether or not prepaid is enabled. This rating-group overrides the content ID, if present in the same charging-action for the prepaid customer in Diameter Credit Control Application (DCCA). But, only the content IDs will be used in eG-CDRs irrespective of the presence of rating-group in that charging action.
Must be an integer in the range of 0-65535.
Specify preemptively requested charging credit behavior.
Use this command to configure credit control charging credit behavior.
Configures to take the redirect-url or terminate-flow action on packets that match ruledefs.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
action { redirect-url | terminate-flow } Specify to redirect URL.
Must be a string.
Specify to terminate flow.
Use this command to specify the action to take on packets, for example to terminate.
flow action terminate-flow Configures discard action on packets that match ruledefs.
Security Administrator, Administrator
action discard { downlink | uplink } Specify only uplink packets.
Specify only downlink packets.
Use this command to configure discard action on packets that match ruledefs.
Configures the readdress server for this charging action.
Security Administrator, Administrator
readdress server { ipv4_address | ipv6_address } Specify the readdress server IP address.
Must be an IP address.
Use this command to configure the readdress server for this charging action.
For Session Control functionality, this command allows you to enable or disable bandwidth limiting.
Security Administrator, Administrator
flow limit-for-bandwidth direction id bw_limit_id Specify the bandwidth limiting identifier.
Must be an integer in the range of 1-65535.
Use this command to limit the bandwidth a subscriber uses in the uplink and downlink directions under Session Control.
Configures bandwidth control in downlink direction.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
direction downlink Use this command to configure bandwidth control in downlink direction.
Configures the peak data rate in bits per second.
Security Administrator, Administrator
peak-data-rate peak_data_rate Specify the peak data rate in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the peak burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if Peak Data Rate is surpassed.
Must be one of the following:
discard: Discards the packet.
lower-ip-precedence: Indicates lower the IP precedence of the packet.
Specify the Committed Data Rate in bits per second. This can also be used to specify GBR for Bearer Binding (without the exceed-action).
Must be an integer in the range of 1-4294967295.
Default Value: 144000.
Specify the committed burst size in bytes.
Must be an integer in the range of 1-4294967295.
Default Value: 3000.
Specify the action to be taken if Committed Data Rate is surpassed.
Must be one of the following:
discard: Specify to discard the packet.
lower-ip-precedence: Specify to lower IP precedence of the packet.
Use this command to configure the peak data rate in bits per second.
Configures bandwidth control in uplink direction.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
direction uplink Use this command to configure bandwidth control in uplink direction.
Configures the peak data rate in bits per second.
Security Administrator, Administrator
peak-data-rate peak_data_rate Specify the peak data rate in bits per second.
Must be an integer in the range of 1-4294967295.
Specify the peak burst size in bytes.
Must be an integer in the range of 1-4294967295.
Specify the action to be taken if Peak Data Rate is surpassed.
Must be one of the following:
discard: Discards the packet.
lower-ip-precedence: Indicates lower the IP precedence of the packet.
Specify the Committed Data Rate in bits per second. This can also be used to specify GBR for Bearer Binding (without the exceed-action).
Must be an integer in the range of 1-4294967295.
Default Value: 144000.
Specify the committed burst size in bytes.
Must be an integer in the range of 1-4294967295.
Default Value: 3000.
Specify the action to be taken if Committed Data Rate is surpassed.
Must be one of the following:
discard: Specify to discard the packet.
lower-ip-precedence: Specify to lower IP precedence of the packet.
Use this command to configure the peak data rate in bits per second.
Configures the packet filter to use in TFTs sent to the MS.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tft packet-filter packet_filter_name Specify the packet filter name.
Must be a string.
Use this command to configure the packet filter to be sent to the MS. Up to eight packet filters can be specified in a charging action.
You can configure a maximum of eight elements with this command.
tft packet-filter filter23 Configures using Assured Forwarding 11 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af11 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 11 Per Hop Behavior (PHB).
Configures using Assured Forwarding 12 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af12 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 12 Per Hop Behavior (PHB).
Configures using Assured Forwarding 13 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af13 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 13 Per Hop Behavior (PHB).
Configures using Assured Forwarding 21 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af21 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 21 Per Hop Behavior (PHB).
Configures using Assured Forwarding 22 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af22 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 22 Per Hop Behavior (PHB).
Configures using Assured Forwarding 23 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af23 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 23 Per Hop Behavior (PHB).
Configures using Assured Forwarding 31 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af31 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 31 Per Hop Behavior (PHB).
Configures using Assured Forwarding 32 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af32 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 32 Per Hop Behavior (PHB).
Configures using Assured Forwarding 33 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af33 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 33 Per Hop Behavior (PHB).
Configures using Assured Forwarding 41 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af41 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 41 Per Hop Behavior (PHB).
Configures using Assured Forwarding 42 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af42 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 42 Per Hop Behavior (PHB).
Configures using Assured Forwarding 43 Per Hop Behavior (PHB).
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos af43 [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Assured Forwarding 43 Per Hop Behavior (PHB).
Configures using Best Effort Forwarding PHB.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos be [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Best Effort Forwarding Per Hop Behavior (PHB).
Configures using Expedited Forwarding PHB.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos ef [ downlink | uplink ] Specify only uplink packets.
Specify only downlink packets.
Use this command to configure using Expedited Forwarding Per Hop Behavior (PHB).
Configures the least-significant 6 bits in the ToS byte with the specified numeric value.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
tos lower-bits value Specify the value.
Must be an integer in the range of 0-63.
Specify the ToS only for uplink packets.
Specify the ToS only for downlink packets.
Use this command to configure the least-significant 6 bits in the ToS byte with the specified numeric value.
Configures the extension-header (x-header) format whose fields have to be inserted in HTTP request packets and HTTP response packets.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Charging Action Configuration
xheader-insert xheader-format xheader_format_name [ encryption { rc4md5 | aes-256-gcm-sha384 [ salt ] } Specify the Xheader format name.
Must be a string.
Use this command to enable x-header mode, and specify the x-header format name whose fields are to be inserted in HTTP GET and POST request packets and HTTP response packets.
xheader-insert xheader-format test12 Configures encryption of x-header fields.
Security Administrator, Administrator
encrypted key encrypted_key Specify the key to encrypt xheader fields.
Specify the key that will be used for encryption of xheader fields.
Must be a string.
Use this command to configure use of aes-256-gcm-sha384 to encrypt the x-header fields with AES-256-GCM algorithm and SHA384 to hash key in 384 bits.
Configures key to encrypt xheader fields.
Security Administrator, Administrator
key encryption_key Specify the key to use for encryption of xheader fields.
Must be a string.
Use this command to configure key to encrypt xheader fields.
Configures encryption of x-header fields.
Security Administrator, Administrator
encrypted key encrypted_key Specify the key to encrypt xheader fields.
Specify the key that will be used for encryption of xheader fields.
Must be a string.
Use this command to configure use of aes-256-gcm-sha384 to encrypt the x-header fields with AES-256-GCM algorithm and SHA384 to hash key in 384 bits.
Configures key to encrypt xheader fields.
Security Administrator, Administrator
key encryption_key Specify the key to use for encryption of xheader fields.
Must be a string.
Use this command to configure key to encrypt xheader fields.
Configures encryption of x-header fields.
Security Administrator, Administrator
encrypted key encrypted_key Specify the key to encrypt xheader fields.
Specify the key that will be used for encryption of xheader fields.
Must be a string.
Use this command to configure use of aes-256-gcm-sha384 to encrypt the x-header fields with AES-256-GCM algorithm and SHA384 to hash key in 384 bits.
Configures key to encrypt xheader fields.
Security Administrator, Administrator
key encryption_key Specify the key to use for encryption of xheader fields.
Must be a string.
Use this command to configure key to encrypt xheader fields.
Configures Content filtering policy ID.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Content Filtering Category Policy ID Configuration
content-filtering category policy-id policy_id Specify the policy ID.
Must be an integer in the range of 1-4294967295.
Use this command to configure the Content Filtering policy ID.
Assigns priority to a Content Filtering Category in a Content Filtering Policy.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Content Filtering Category Policy ID Configuration
analyze priority priority Specify the priority.
Must be an integer in the range of 1-65535.
Use this command to assign priority to a Content Filtering Category in a Content Filtering Policy.
Configures all content to be rated.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Content Filtering Category Policy ID Configuration
all Specify the action.
Specify the allow action.
Specify the content insert action.
Must be a string.
Use this command to configure the all content to be rated.
Configures category of the content to be rated.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Content Filtering Category Policy ID Configuration
category category_name Specify the category name.
Must be one of the following:
ABOR
ADULT
ADVERT
ANON
ART
AUTO
BACKUP
BLACK
BLOG
BUSI
CAR
CDN
CHAT
CMC
CRIME
CULT
DRUG
DYNAM
EDU
ENERGY
ENT
FIN
FORUM
GAMB
GAME
GLAM
GOVERN
HACK
HATE
HEALTH
HOBBY
HOSTS
KIDS
LEGAL
LIFES
MIL
NEWS
OCCULT
PEER
PERS
PHOTO
PLAG
POLTIC
PORN
PORTAL
PROXY
REF
REL
SCI
SEARCH
SHOP
SPORT
STREAM
SUIC
SXED
TECH
TRAVE
UNKNOW
VIOL
VOIP
WEAP
WHITE
Specify the action.
Specify the allow action.
Specify the content insert action.
Must be a string.
Use this command to configure the category of the content to be rated.
Unclassified category to be rated.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Content Filtering Category Policy ID Configuration
x-category xcategory_name Specify the x-category name.
Must be a string.
Specify the action.
Specify the allow action.
Specify the content insert action.
Must be a string.
Use this command to configures the unclassified category to be rated.
Configures prepaid services for Diameter/RADIUS applications.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
credit-control group cc_group_name Specify the credit control group name.
Must be a string.
Use this command to enable/disable Prepaid Credit Control Configuration for RADIUS/Diameter charging mode, and specify the credit control group.
Associates failure handling template name.
Security Administrator, Administrator
associate failure-handling-template template_name Specify the failure-handling template name.
Must be a string.
Use this command to associate failure handling template name.
This command enables to accept/ignore service ID in the Service-Identifier AVP defined in the Diameter dictionaries.
Security Administrator, Administrator
diameter ignore-service-id { false | true } Disables usage of Service ID.
Must be either "false" or "true".
Default Value: false.
Use this command to ignore/accept service ID value in the Service-Identifier AVP in the Diameter dictionaries.
diameter ignore-service-id Configures the Diameter Credit Control Origin endpoint name.
Security Administrator, Administrator
origin origin_endpoint_name Specify the Diameter Credit Control Origin endpoint name.
Must be a string.
Use this command to configure the Diameter Credit Control Origin endpoint name.
Configures the value to be sent in the Service-Context-Id AVP, which defines the context in which DCCA is used.
Security Administrator, Administrator
Exec > Global Configuration
service-context-id service_context_id Specify the value to be sent in the Service-Context-Id AVP.
Must be a string.
Use this command to specify the value to be sent in the Service-Context-Id AVP, which defines the context in which DCCA is used.
Configures Diameter Credit Control Session Failover.
Security Administrator, Administrator
session failover Specify Diameter Credit Control Session Failover.
Use this command to configure Diameter Credit Control Session Failover.
Configures Diameter Credit Control Failure Handling action.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
failure-handling Use this command to configure Diameter Credit Control Failure Handling action.
Configures failure handling action to continue.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
continue continue_option Specify the continue option.
Must be one of the following:
go-offline-after-tx-expiry
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to continue.
Configures Diameter Credit Control Failure Handling action to retry, and in case of failure, to terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
retry-and-terminate retry_and_terminate_option Specify the retry-and-terminate option.
Must be one of the following:
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to retry, and in case of failure, to terminate.
Configures Diameter Credit Control Failure Handling action as terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
terminate Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to terminate.
Configures failure handling action to continue.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
continue continue_option Specify the continue option.
Must be one of the following:
go-offline-after-tx-expiry
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to continue.
Configures Diameter Credit Control Failure Handling action to retry, and in case of failure, to terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
retry-and-terminate retry_and_terminate_option Specify the retry-and-terminate option.
Must be one of the following:
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to retry, and in case of failure, to terminate.
Configures Diameter Credit Control Failure Handling action as terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
terminate Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to terminate.
Configures failure handling action to continue.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
continue continue_option Specify the continue option.
Must be one of the following:
go-offline-after-tx-expiry
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to continue.
Configures Diameter Credit Control Failure Handling action to retry, and in case of failure, to terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
retry-and-terminate retry_and_terminate_option Specify the retry-and-terminate option.
Must be one of the following:
retry-after-tx-expiry
Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to retry, and in case of failure, to terminate.
Configures Diameter Credit Control Failure Handling action as terminate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Credit Control Group Configuration
terminate Configures Diameter Credit Control Failure Handling action for CCR-Initial/CCR-Terminate/CR-Update to terminate.
Controls the pass/drop treatment of traffic while waiting for definitive credit information from the server.
Security Administrator, Administrator
pending-traffic-treatment { { { forced-reauth | trigger | validity-expired } drop | pass } | { noquota { buffer | drop | limited-pass volume | pass } } | { quota-exhausted { buffer | drop | pass } } } Use this command to set the Diameter credit control pending traffic treatment while waiting for definitive credit information from the server.
pending-traffic-treatment noquota drop Configures the Diameter Credit Control pending traffic treatment to forced reauthorization.
Security Administrator, Administrator
forced-reauth Specify to drop.
Specify to pass.
Use this command to configure the Diameter Credit Control pending traffic treatment to forced reauthorization.
Configures the Diameter Credit Control pending traffic treatment.
Security Administrator, Administrator
noquota Specify to tentatively count/time traffic, and then buffer traffic pending arrival of quota. Buffered traffic will be forwarded and fully charged against the quota when the quota is eventually obtained and the traffic is passed.
Specify to drop any traffic when there is no quota present.
Specify to pass all traffic more or less regardless of quota state.
Use this command to configure the Credit Control pending traffic treatment.
Enables limited access for subscribers when the OCS is unreachable.
Security Administrator, Administrator
limited-pass volume Specify limited volume access to subscriber in case OCS is unreachable.
Must be an integer in the range of 1-4294967295.
Use this command to enable limited access for subscribers when the OCS is unreachable.
Configures Diameter Credit Control pending traffic treatment to quota exhausted.
Security Administrator, Administrator
quota-exhausted Specify to tentatively count/time traffic, and then buffer traffic pending arrival of quota. Buffered traffic will be forwarded and fully charged against the quota when the quota is eventually obtained and the traffic is passed.
Drops any traffic when there is no quota present.
Passes all traffic more or less regardless of quota state.
Use this command to configure the Diameter Credit Control pending traffic treatment to quota exhausted.
Configures the Diameter Credit Control pending traffic treatment to trigger.
Security Administrator, Administrator
trigger Specify to drop.
Specify to pass.
Use this command to configure the Diameter Credit Control pending traffic treatment to trigger.
Configures the Diameter Credit Control pending traffic treatment to trigger.
Security Administrator, Administrator
validity-expired Specify to drop.
Specify to pass.
Use this command to configure the Diameter Credit Control pending traffic treatment to trigger.
This command sets various time-based quotas in the prepaid credit control service.
Security Administrator, Administrator
quota holding-time holding_time Use this command to configure the prepaid credit control quotas.
quota holding-time 30000 Specify the Credit Control Quota Holding Time (QHT).
Security Administrator, Administrator
holding-time holding_time Specify the holding time in seconds.
Must be an integer in the range of 1-4000000000.
Use this command to configure the Credit Control Quota Holding Time.
Configures Credit Control include/exclude packet causing threshold.
Security Administrator, Administrator
Exec > Global Configuration
request-trigger [ exclude-packet-causing-trigger | include-packet-causing-trigger ] Specify to exclude packet causing trigger.
Specify to include packet causing trigger.
Use this command to configure the Credit Control include/exclude packet causing threshold.
Configures the rounding mechanism for quota consumption.
Security Administrator, Administrator
timestamp-rounding Specify the rounding mechanism for quota consumption.
Must be one of the following:
ceiling
floor
roundoff
Use this command to configure the rounding mechanism for quota consumption.
Configures the ACS Credit Control usage reporting type.
Security Administrator, Administrator
usage-reporting quotas-to-report based-on-grant { report-only-granted-volume } Use this command to configure reporting usage only for granted quota. On issuing this command, the Used-Service-Unit AVP will report quotas based on grant i.e, only the quotas present in the Granted-Service-Unit AVP. With this command only the units for which the quota was granted by the DCCA server will be reported irrespective of the reporting reason.
usage-reporting quotas-to-report based-on-grant Configfures the quota types to be reported.
Security Administrator, Administrator
quotas-to-report Configures to report usage only for granted quota.
Security Administrator, Administrator
based-on-grant Suppresses the input and output octets. If the Granted-Service-Unit (GSU) AVP comes with CC-Total-Octets, then the device will send total, input and output octets in Used-Service-Unit (USU) AVP. If it comes with Total-Octets, the device will send only Total-Octets in USU.
Enables Event Data Record.
Security Administrator, Administrator
edr-format Specify the EDR format's name.
Must be a string.
Use this command to enable Event Data Record.
Configures the CSV position priority of the bandwidth-policy attribute in an EDR or UDR record. Contains the ACS Bandwidth Policy.
Security Administrator, Administrator
attribute bandwidth-policy priority priority Active Charging Service bandwidth policy.
Configures the CSV position priority of the radius-called-station-id attribute in an EDR or UDR record. Contains the Called Station ID of the flow.
Security Administrator, Administrator
attribute radius-called-station-id priority priority Called station ID of the flow.
Configures the CSV position priority of the radius-calling-station-id attribute in an EDR or UDR record. Contains the Calling Station ID of the mobile handling the flow.
Security Administrator, Administrator
attribute radius-calling-station-id priority priority Calling Station ID of the mobile handling the flow.
Configures the CSV position priority of the radius-fa-nas-identifier attribute in an EDR or UDR record. Contains the RADIUS NAS ID of the FA.
Security Administrator, Administrator
attribute radius-fa-nas-identifier priority priority RADIUS NAS ID of the FA.
Configures the CSV position priority of the radius-fa-nas-ip-address attribute in an EDR or UDR record. Contains the RADIUS IP address of the FA.
Security Administrator, Administrator
attribute radius-fa-nas-ip-address priority priority RADIUS IP address of the FA.
Configures the CSV position priority of the radius-nas-identifier attribute in an EDR or UDR record. Contains the RADIUS NAS identifer.
Security Administrator, Administrator
attribute radius-nas-identifier priority priority RADIUS NAS identifer.
Configures the CSV position priority of the radius-nas-ip-address attribute in an EDR or UDR record. Contains the RADIUS IP address.
Security Administrator, Administrator
attribute radius-nas-ip-address priority priority Configures RADIUS IP address.
Configures the CSV position priority of the radius-user-name attribute in an EDR or UDR record. Contains the user name associated with this flow.
Security Administrator, Administrator
attribute radius-user-name priority priority User name associated with this flow.
Configures the CSV position priority of the sn-acct-session-id attribute in an EDR or UDR record. Contains the Session ID.
Security Administrator, Administrator
attribute sn-acct-session-id priority priority Configures session ID.
Configures the CSV position priority of the sn-app-protocol attribute in an EDR or UDR record. Contains the Application protocol for the flow.
Security Administrator, Administrator
attribute sn-app-protocol priority priority Application protocol for the flow.
Configures the CSV position priority of the sn-cf-category-classification-used attribute in an EDR or UDR record. Contains the ACS Content Filtering category.
Security Administrator, Administrator
attribute sn-cf-category-classification-used priority priority ACS content filtering category.
Configures the CSV position priority of the sn-cf-category-flow-action attribute in an EDR or UDR record. Contains the ACS Content Filtering action taken.
Security Administrator, Administrator
attribute sn-cf-category-flow-action priority priority The ACS Content Filtering action taken.
Configures the CSV position priority of the sn-cf-category-policy attribute in an EDR or UDR record. Contains the ACS Content Filtering Policy ID.
Security Administrator, Administrator
attribute sn-cf-category-policy priority priority The ACS Content Filtering Policy ID.
Configures the CSV position priority of the sn-cf-category-rating-type attribute in an EDR or UDR record. Contains the ACS Content Filtering Rating Mode used.
Security Administrator, Administrator
attribute sn-cf-category-rating-type priority priority The ACS Content Filtering Rating mode used.
Configures the CSV position priority of the sn-cf-category-unknown-url attribute in an EDR or UDR record. Contains the ACS Content Filtering Unknown URL indication.
Security Administrator, Administrator
attribute sn-cf-category-unknown-url priority priority The ACS Content Filtering Unknown URL indication.
Configures the CSV position priority of the sn-charge-volume attribute in an EDR or UDR record. Excludes the dropped/retransmitted packets/bytes from the total charge volume.
Security Administrator, Administrator
attribute sn-charge-volume Specify the protocol.
Must be one of the following:
ip
Specify the data type.
Must be one of the following:
bytes
pkts
Specify the direction.
Must be one of the following:
uplink
downlink
Excludes the dropped/retransmitted packets/bytes from the total charge volume.
Configures the CSV position priority of the sn-charging-action attribute in an EDR or UDR record. Contains the name of the last charging action matched against flow.
Security Administrator, Administrator
attribute sn-charging-action priority priority Name of last charging action matched against flow.
Configures the CSV position priority of the sn-closure-reason attribute in an EDR or UDR record. Contains the reason for the termination of the flow.
Security Administrator, Administrator
attribute sn-closure-reason priority priority Reason for the termination of the flow.
Configures the CSV position priority of the sn-direction attribute in an EDR or UDR record. Contains the direction of the first packet for the flow.
Security Administrator, Administrator
attribute sn-direction priority priority Direction of the first packet for the flow.
Configures the CSV position priority of the sn-duration attribute in an EDR or UDR record. Contains the duration between the last and first packet for the record.
Security Administrator, Administrator
attribute sn-duration priority priority Duration between the last and first packet for the record.
Configures the CSV position priority of the sn-end-time attribute in an EDR or UDR record. Contains the time of last packet of flow.
Security Administrator, Administrator
attribute sn-end-time Time of last packet of flow - a string in MM/DD/YYYY HH:MM:SS format.
Timestamp format specified using seconds or combinations of "<YY/YYYY>: Year, <MM>: Month, <DD>: Day, <HH>: Hours, <MM>: Minutes, <SS>: seconds, <sss>: milliseconds".
Security Administrator, Administrator
format Specify the format.
Must be one of the following:
MM/DD/YY-HH:MM:SS
MM/DD/YY-HH:MM:SS:sss
MM/DD/YYYY-HH:MM:SS
MM/DD/YYYY-HH:MM:SS:sss
YYYY/MM/DD-HH:MM:SS
YYYY/MM/DD-HH:MM:SS:sss
YYYYMMDDHHMMSS
YYYYMMDDHHMMSSsss
seconds
Timestamp format specified using seconds or combinations of "<YY/YYYY>: Year, <MM>: Month, <DD>: Day, <HH>: Hours, <MM>: Minutes, <SS>: seconds, <sss>: milliseconds".
Configures using local time as against GM time.
Security Administrator, Administrator
localtime Use this command to configure using local time as against GM time.
Configures the CSV position priority of this field.
Security Administrator, Administrator
priority Use this command to configure the CSV position priority of this field.
Configures the CSV position priority of the sn-flow-end-time attribute in an EDR or UDR record. Contains the time of flow-end EDR generation.
Security Administrator, Administrator
attribute sn-flow-end-time Time of flow-end EDR generation.
Configures the timestamp format.
Security Administrator, Administrator
format Specify the timestamp format.
Must be one of the following:
MM/DD/YY-HH:MM:SS
MM/DD/YYYY-HH:MM:SS
YYYY/MM/DD-HH:MM:SS
YYYYMMDDHHMMSS
seconds
Use this command to configure the time of flow-end EDR generation timestamp format.
Configures using local time as against GM time.
Security Administrator, Administrator
localtime Use this command to configure using local time as against GM time.
Configures CSV position priority of this field.
Security Administrator, Administrator
priority Use this command to configure CSV position priority of this field.
Configures the CSV position priority of the sn-flow-id attribute in an EDR or UDR record. Contains the Flow ID of the flow.
Security Administrator, Administrator
attribute sn-flow-id priority priority Flow ID of the flow.
Configures the CSV position priority of the sn-flow-log attribute in an EDR or UDR record. Contains the flow log of the flow.
Security Administrator, Administrator
attribute sn-flow-log priority priority Flow log of the flow.
Configures the CSV position priority of the sn-flow-start-time attribute in an EDR or UDR record. Contains the time of first packet of flow.
Security Administrator, Administrator
attribute sn-flow-start-time Time of first packet of flow.
Configures the timestamp format specified using seconds or combinations of "<YY/YYYY>: Year, <MM>: Month, <DD>: Day, <HH>: Hours, <MM>: Minutes, <SS>: seconds, <sss>: milliseconds".
Security Administrator, Administrator
format Specify the timestamp format.
Must be one of the following:
MM/DD/YY-HH:MM:SS
MM/DD/YYYY-HH:MM:SS
YYYY/MM/DD-HH:MM:SS
YYYYMMDDHHMMSS
seconds
Timestamp format specified using seconds or combinations of "<YY/YYYY>: Year, <MM>: Month, <DD>: Day, <HH>: Hours, <MM>: Minutes, <SS>: seconds, <sss>: milliseconds".
Use local time as against GM time.
Security Administrator, Administrator
localtime Use this command to configure using local time as against GM time.
CSV position priority of this field.
Security Administrator, Administrator
priority Use this command to configure the CSV position priority of this field.
Configures the CSV position priority of the sn-rulebase attribute in an EDR or UDR record. Contains the name of the ACS rulebase.
Security Administrator, Administrator
attribute sn-rulebase priority priority Name of the ACS rulebase.
Configures the CSV position priority of the sn-ruledef-name attribute in an EDR or UDR record. Contains the ruledef name corresponding to last charging action matched.
Security Administrator, Administrator
attribute sn-ruledef-name priority priority Ruledef name corresponding to last charging action matched.
Configures the CSV position priority of the sn-server-port attribute in an EDR or UDR record. Contains the server port number.
Security Administrator, Administrator
attribute sn-server-port priority priority Server port number.
Configures the CSV position priority of the sn-service-id attribute in an EDR or UDR record. Contains the service ID corresponding to last charging action matched.
Security Administrator, Administrator
attribute sn-service-id priority priority Service ID corresponding to last charging action matched.
Configures the CSV position priority of the sn-start-time attribute in an EDR or UDR record. Contains the time of first packet of flow.
Security Administrator, Administrator
attribute sn-start-time Time of first packet of flow.
Configures the timestamp format.
Security Administrator, Administrator
format Specify the format.
Must be one of the following:
MM/DD/YY-HH:MM:SS
MM/DD/YY-HH:MM:SS:sss
MM/DD/YYYY-HH:MM:SS
MM/DD/YYYY-HH:MM:SS:sss
YYYY/MM/DD-HH:MM:SS
YYYY/MM/DD-HH:MM:SS:sss
YYYYMMDDHHMMSS
YYYYMMDDHHMMSSsss
seconds
Use this command to configure the timestamp format.";
Configures using local time as against GM time.
Security Administrator, Administrator
localtime Use this comamnd to configure using local time as against GM time.
Configures the CSV position priority of the field.
Security Administrator, Administrator
priority Use this command to configure CSV position priority of the field.
Configures the CSV position priority of the sn-subscriber-imsi attribute in an EDR or UDR record. Contains the Subscriber IMSI.
Security Administrator, Administrator
attribute sn-subscriber-imsi priority priority Subscriber IMSI.
Configures the CSV position priority of the sn-subscriber-nat-flow-ip attribute in an EDR or UDR record. Contains the NAT IP address of the subscriber.
Security Administrator, Administrator
attribute sn-subscriber-nat-flow-ip priority priority NAT IP address of the subscriber.
Configures the CSV position priority of the sn-subscriber-nat-flow-port attribute in an EDR or UDR record. Contains the NAT port of the subscriber.
Security Administrator, Administrator
attribute sn-subscriber-nat-flow-port priority priority NAT port of the subscriber.
Configures the CSV position priority of the sn-subscriber-port attribute in an EDR or UDR record. Contains the port number of the mobile handling this flow.
Security Administrator, Administrator
attribute sn-subscriber-port priority priority Port number of the mobile handling this flow.
Configures the CSV position priority of the sn-volume-amt attribute in an EDR or UDR record. Contains the EDR protocol specific uplink/downlink volume amount.
Security Administrator, Administrator
attribute sn-volume-amt Specify the protocol.
Must be one of the following:
ip
tcp
Specify the data type.
Must be one of the following:
bytes
pkts
Specify the direction.
Must be one of the following:
uplink
downlink
EDR protocol specific uplink/downlink volume amount.
Configures the CSV position priority of the transaction-charge-downlink-bytes attribute in an EDR or UDR record. Excludes the dropped/retransmitted bytes from the total transaction downlink bytes.
Security Administrator, Administrator
attribute transaction-charge-downlink-bytes priority priority Excludes the dropped/retransmitted bytes from the total transaction downlink bytes.
Configures the CSV position priority of the transaction-charge-downlink-packets attribute in an EDR or UDR record. Excludes the dropped/retransmitted packets from the total transaction downlink packets.
Security Administrator, Administrator
attribute transaction-charge-downlink-packets priority priority Excludes the dropped/retransmitted packets from the total transaction downlink packets.
Configures the CSV position priority of the transaction-charge-uplink-bytes attribute in an EDR or UDR record. Excludes the dropped/retransmitted bytes from the total transaction uplink bytes.
Security Administrator, Administrator
attribute transaction-charge-uplink-bytes priority priority Excludes the dropped/retransmitted bytes from the total transaction uplink bytes.
Configures the CSV position priority of the transaction-charge-uplink-packets attribute in an EDR or UDR record. Excludes the dropped/retransmitted packets from the total transaction uplink packets.
Security Administrator, Administrator
attribute transaction-charge-uplink-packets priority priority Excludes the dropped/retransmitted packets from the total transaction uplink packets.
Configures the CSV position priority of the transaction-downlink-bytes attribute in an EDR or UDR record. Contains the total downlink bytes for the transaction.
Security Administrator, Administrator
attribute transaction-downlink-bytes priority priority Total downlink bytes for the transaction.
Configures the CSV position priority of the transaction-downlink-packets attribute in an EDR or UDR record. Contains the total downlink packets for the transaction.
Security Administrator, Administrator
attribute transaction-downlink-packets priority priority Total downlink packets for the transaction.
Configures the CSV position priority of the transaction-uplink-bytes attribute in an EDR or UDR record. Contains the total uplink bytes for the transaction.
Security Administrator, Administrator
attribute transaction-uplink-bytes priority priority Total uplink bytes for the transaction.
Configures the CSV position priority of the transaction-uplink-packets attribute in an EDR or UDR record. Contains the total uplink packets for the transaction.
Security Administrator, Administrator
attribute transaction-uplink-packets priority priority Total uplink packets for the transaction.
Configures event labels to use as attributes in EDR or UDR.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > EDR Format Configuration
event-label label_name Specify the sequence of characters to be used at EDR attribute.
Must be a string.
Use this command to configure event labels to be used as attributes in EDR or UDR.
Configures the CSV position priority of this field in an EDR or UDR record.
Security Administrator, Administrator
priority priority Specify the field's CSV position priority in an EDR or UDR record.
Must be an integer in the range of 1-65535.
Use this command to configure the CSV position priority of this field in an EDR or UDR record.
Configures the rule variable attribute for EDR or UDR.
Security Administrator, Administrator
rule-variable Use this command to configure the rule variable attribute for EDR or UDR.
Configures bearer-related parameters.
Security Administrator, Administrator
bearer Specify the service.
Must be one of the following:
3gpp
Use this command to configure bearer-related parameters.
Configures IMEI or IMEISV (depending on the case) associated with the bearer flow.
Security Administrator, Administrator
imei Use this command to configure IMEI or IMEISV (depending on the case) associated with the bearer flow.
Configures specific Mobile Station Identification number.
Security Administrator, Administrator
imsi Use this command to configure specific IMSI number.
Configures RAT Type associated with the bearer flow.
Security Administrator, Administrator
rat-type Use this command to configure the RAT Type associated with the bearer flow.
Configures SGSN associated with the bearer flow.
Security Administrator, Administrator
sgsn-address Use this command to configure the SGSN associated with the bearer flow.
Configures the user location information associated with the bearer flow.
Security Administrator, Administrator
user-location-information Use this command to configure the user location information associated with the bearer flow.
Configures QCI of bearer data flow is associated with.
Security Administrator, Administrator
qci Use this command to configure QCI of bearer data flow is associated with.
Configures flow-related parameters.
Security Administrator, Administrator
flow Use this command to configure flow-related parameters.
First eight bytes of IPv6 header.
Security Administrator, Administrator
ip-control-param First eight bytes of IPv6 header.
Tethering detected on flow.
Security Administrator, Administrator
tethered Tethering detected on flow.
Application-based tethering detected on flow.
Security Administrator, Administrator
tethered-application Application-based tethering detected on flow.
DNS-based tethering detected on flow. Either 0 or 1.
Security Administrator, Administrator
tethered-dns DNS-based tethering detected on flow. Either 0 or 1.
IP-TTL based tethering detected on flow.
Security Administrator, Administrator
tethered-ip-ttl IP-TTL based tethering detected on flow.
Time To Live/Max hops.
Security Administrator, Administrator
ttl Time To Live/Max hops.
Content-related configurations.
Security Administrator, Administrator
content Content-related configurations.
Content disposition.
Security Administrator, Administrator
disposition Content disposition.
Content length.
Security Administrator, Administrator
length Content length.
Content type.
Security Administrator, Administrator
type Content type.
Cookie.
Security Administrator, Administrator
cookie Cookie.
HTTP header length.
Security Administrator, Administrator
header-length HTTP header length.
Host.
Security Administrator, Administrator
host Host.
Referer.
Security Administrator, Administrator
referer Referer.
Response code.
Security Administrator, Administrator
code Response code.
HTTP Request method.
Security Administrator, Administrator
method HTTP Request method.
URL.
Security Administrator, Administrator
url URL.
Configures the field size as against using the default size of 127.
Security Administrator, Administrator
length length Specify the field size.
Must be an integer in the range of 1-4095.
Specify the field size as against using the default size of 127.
Priority.
Security Administrator, Administrator
priority Priority.
User agent.
Security Administrator, Administrator
user-agent User agent.
Configures the field size as against using the default size of 127.
Security Administrator, Administrator
length length Specify the field size.
Must be an integer in the range of 1-255.
Specify the field size as against using the default size of 127.
Priority.
Security Administrator, Administrator
priority Priority.
Configures IP-related parameters.
Security Administrator, Administrator
ip Use this command to configure IP-related parameters.
Configures IP destination address.
Security Administrator, Administrator
dst-address Use this command to configure IP destination address.
Configures protocol being transported by IP packet.
Security Administrator, Administrator
protocol Use this command to configure protocol being transported by IP packet.
Configures IP source address.
Security Administrator, Administrator
src-address Use this command to configure IP source address.
Configures subscriber IP address.
Security Administrator, Administrator
subscriber-ip-address Use this command to configure subscriber IP address.
Total length of packet, including payload.
Security Administrator, Administrator
total-length Use this command to configure total length of packet, including payload.
IP version
Security Administrator, Administrator
version Use this command to configure IP version.
Configures TLS-SNI, QUIC-SNI, or any other identifier.
Security Administrator, Administrator
app-identifier app_id Specify the P2P app identifier.
Must be a string.
Use this command to configure TLS-SNI, QUIC-SNI, or any other identifier.
P2P protocol.
Security Administrator, Administrator
duration P2P protocol.
P2P protocol.
Security Administrator, Administrator
protocol P2P protocol.
P2P protocol group.
Security Administrator, Administrator
protocol-group P2P protocol group.
P2P protocol sub group.
Security Administrator, Administrator
protocol-sub-group P2P protocol sub group.
Configures TCP destination port.
Security Administrator, Administrator
dst-port Use this command to configure the TCP destination port.
Configures TCP retransmitted/duplicate packet.
Security Administrator, Administrator
duplicate Use this command to configure TCP retransmitted/duplicate packet.
Configures current packet TCP flag.
Security Administrator, Administrator
flag Use this command to configure current packet TCP flag.
Configures OS signature string for TCP flow.
Security Administrator, Administrator
os-signature Use this command to configure OS signature string for TCP flow.
Configures TCP out-of-order packet analyzed.
Security Administrator, Administrator
out-of-order Use this command to configure TCP out-of-order packet analyzed.
Configures TCP payload length.
Security Administrator, Administrator
payload-length Use this command to configure TCP payload length.
Configures previous state of MS.
Security Administrator, Administrator
previous-state Use this command to configure previous state of MS.
Confgiures TCP acceleration status for the TCP flow.
Security Administrator, Administrator
sn-tcp-accl Use this command to configure TCP acceleration status for the TCP flow.
Configures reason for not accelerating the TCP flow.
Security Administrator, Administrator
sn-tcp-accl-reject-reason Use this command to configure the reason for not accelerating the TCP flow.
Configures minimum RTT observed for accelerated TCP flow.
Security Administrator, Administrator
sn-tcp-min-rtt Use this command to configure the minimum RTT observed for accelerated TCP flow.
Configures smoothed RTT for accelerated TCP flow.
Security Administrator, Administrator
sn-tcp-rtt Use this command to configure the smoothed RTT for accelerated TCP flow.
Configures TCP source port.
Security Administrator, Administrator
src-port Use this command to configure TCP source port.
Configures current state of MS.
Security Administrator, Administrator
state Use this command to configure the current state of MS.
Configures eight-bytes following the TCP Acknowledgement in TCP SYN packet displayed as hex string of characters.
Security Administrator, Administrator
syn-control-params Use this command to configure eight-bytes following the TCP Acknowledgement in TCP SYN packet displayed as hex string of characters.
Configure TCP options received in TCP SYN packet displayed as hex string of characters.
Security Administrator, Administrator
syn-options Use this command to configure TCP options received in TCP SYN packet displayed as hex string of characters.
Configures sequence number in TCP SYN packet displayed as decimal value.
Security Administrator, Administrator
syn-seq Use this command to configure the sequence number in TCP SYN packet displayed as decimal value.
Configures OS signature string for IPv6 TCP flow.
Security Administrator, Administrator
v6-os-signature Use this command to configure OS signature string for IPv6 TCP flow.
Configures traffic type of flow.
Security Administrator, Administrator
traffic-type Use this command to configure the flow traffic type.
Configures ACS group-of-ruledefs parameters.
Security Administrator, Administrator
group-of-ruledefs ruledefs_group_name Specify the group-of-ruledefs name.
Must be a string.
Use this command to create/configure/delete a group-of-ruledefs. A group-of-ruledefs is a collection of ruledefs to use in access policy creation. Maximum of 384 group-of-ruledefs can be created.
You can configure a maximum of 384 elements with this command.
group-of-ruledefs group1 Adds ruledefs from a group-of-ruledefs.
Security Administrator, Administrator
add-ruledef priority ruledef_priority ruledef ruledef_name Use this command to add ruledefs to a group-of-ruledefs. A maximum of 512 ruledefs can be added to a group of ruledefs.
Configures the priority of the ruledef in the current group-of-ruledefs.
Security Administrator, Administrator
priority ruledef_priority Specify the ruledef priority. Priority must be unique within the group-of-ruledefs.
Must be an integer in the range of 1-10000.
Specify name of the ruledef to add to the current group-of-ruledefs.
Must be a string.
Use this command to configure the priority of the ruledef in the current group-of-ruledefs.
You can configure a maximum of 512 elements with this command.
Configures host pool parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
host-pool host_pool_name Specify the host pool name.
Must be a string.
Use this command to configure host pool parameters.
Configures IPv4-related configuration.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Host Pool Configuration
ip ipv4_address Specify the IPv4 address.
Must be IPv4 CIDR notation ##.##.##.##/x.
Use this command to configure IPv4-related parameters.
Configures IPv6-related parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Host Pool Configuration
ip ipv6_address Specify the IPv6 address.
Must be IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
Use this command to configure IPv6-related parameters.
Configures IP address range.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Host Pool Configuration
range start start_ip_address to end_ip_address Specify the first IP address of the range.
Must be an IP address.
Specify the last IP address of the range.
Must be an IP address.
Use this command to configure an IP address range.
Configures the detection of SSL renegotiation flows.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
p2p-detection attribute ssl-renegotiation [ max-entry-per-sessmgr max_entry_per_sessmgr | id-reduce-factor id_reduce_factor ] Use this command to enable or disable the detection of SSL renegotiation flows.
p2p-detection attribute ssl-renegotiation max-entry-per-sessmgr 40000 id-reduce-factor 4 Specify the supported attribute of configurable P2P detection attributes populated from the currently loaded P2P plugin.
Security Administrator, Administrator
ssl-renegotiation Specify maximum SSL Session IDs tracked per session manager.
Must be an integer in the range of 0-65535.
Specify by how much factor the SSL ID is stored in the SSL Session ID tracker table.
Must be an integer in the range of 0-65535.
Use this command to specify the supported attribute of configurable P2P detection attributes populated from the currently loaded P2P plugin.
Enables or disables ECS analysis for analyzers FTP, HTPP, HTTPS, RTSP and SIP.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
p2p-detection ecs-analysis analyzer Specify the analyzers.
Must be one of the following:
all: ECS analysis for all analyzers.
http: ECS analysis for HTTP analyzer.
sip: ECS analysis for SIP analyzer.
ftp: ECS analysis for FTP analyzer.
rtsp: ECS analysis for RTSP analyzer.
https: ECS analysis for HTTPS analyzer.
Use this command to enable or disable ECS analysis for analyzers. This feature is enabled by default if P2P protocols are enabled.
p2p-detection ecs-analysis ftp enables/disables the detection of all or specified peer-to-peer (P2P) protocols.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
protocol protocol Specify the P2P protocol.
Must be one of the following:
cisco-jabber
uber
ufc
eros
googlemaps
yahoo
skype
fasttrack
teamspeak
all
Use this command to specify P2P protocol.
p2p-detection protocol all Configures Active Charging Service Packet Filter parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
packet-filter packet_filter_name Specify the packet filter name.
Must be a string.
Specify the direction in which the current packet filter will be applied.
Must be one of the following:
bi-directional: The filter needs to be applied in uplink as well as downlink direction. This is the default value.
downlink: The filter needs to be applied in only downlink direction.
uplink: The filter needs to be applied in only uplink direction.
Default Value: "bi-directional".
Specify the current packet filter's priority.
Must be an integer in the range of 0-255.
Use this command to configure Active Charging Service Packet Filter parameters.
Configures port number of the local transport protocol.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Packet Filter Configuration
ip local-port Configures the IP 5-tuple local port(s) for the current packet filter. Use this command to configure the port number of the local transport protocol.
ip local-port 456 Configures the operator.
Security Administrator, Administrator
operator Specify how to match.
Must be one of the following:
=: Equals.
Specify a TCP or UDP port number to add to the current port map.
Must be an integer in the range of 0-65535.
Use this command to specifiy the operator.
Configures a port number range.
Security Administrator, Administrator
range start start_port_number to end_port_number Specify the first port number for the port number range.
Must be an integer in the range of 0-65535.
Specify the last port number for the port number range.
Must be an integer in the range of 0-65535.
Specify a port number range.
Configures the IP protocol(s) for the current packet filter.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Packet Filter Configuration
ip protocol operator protocol_number Specify how to match.
Must be one of the following:
=: Equals.
Specify the protocol number.
Must be an integer in the range of 0-255.
Configures the IP 5-tuple local port(s) for the current packet filter. Use this command to configure the protocol(s) for a packet filter.
ip protocol = 300 Configures the IP remote address(es) for the current packet filter.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Packet Filter Configuration
ip remote-address operator { { ipv4_address | ipv6_address } | { ipv4_address/mask | ipv6_address/mask } } Specify how to match.
Must be one of the following:
=: Equals.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
Configures the IP 5-tuple local port(s) for the current packet filter. Use this command to configure the remote address(es) for a packet filter.
ip remote-address = 10.2.3.4/24 Configures the IP remote port for the current packet filter.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Packet Filter Configuration
ip remote-port Configures the IP 5-tuple local port(s) for the current packet filter. Use this command to configure the remote port for a packet filter.
Configures the operator.
Security Administrator, Administrator
operator Specify how to match.
Must be one of the following:
=: Equals.
Specify a TCP or UDP port number to add to the current port map.
Must be an integer in the range of 0-65535.
Use this command to specifiy the operator.
Configures a port number range.
Security Administrator, Administrator
range start start_port_number to end_port_number Specify the first port number for the port number range.
Must be an integer in the range of 0-65535.
Specify the last port number for the port number range.
Must be an integer in the range of 0-65535.
Specify a port number range.
Configures the type of service/traffic class under charging action in the Packet filter mode.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Packet Filter Configuration
tos-traffic-class operator traffic_class Specify how to match.
Must be one of the following:
=: Equals.
Specify the traffic class value to filter the traffic.
Must be an integer in the range of 0-255.
Specify how to match.
Must be one of the following:
=: Equals.
Specify the type-of-service or traffic-class mask field.
Must be an integer in the range of 0-255.
Use this command to configure the type of service/traffic class under charging action in the Packet filter mode.
Configures policy control burst size parameter.
Security Administrator, Administrator
Exec > Global Configuration
auto-readjust duration duration Specify the seconds of traffic configured for burst size.
Must be an integer.
Use this command to configure the burst size parameter.
Configures port map related parameters.
Security Administrator, Administrator
Exec > Global Configuration
port-map port_map_name Specify the name of the port map.
Must be a string.
Use this command to configure the port map related parameters.
Configures the port number.
Security Administrator, Administrator
Exec > Global Configuration
port port_number Specify the port number.
Must be an integer.
Use this command to configure the port number.
Configures the port range.
Security Administrator, Administrator
Exec > Global Configuration
port-range Specify the first port number for the port range.
Must be an integer.
Specify the last port number for the port range.
Must be an integer.
Use this command to configure the port number range.
The ACS Rulebase Configuration Mode is used to configure Active Charging Service (ACS) rulebases.
Security Administrator, Administrator
rulebase rulebase_name [ retransmissions-counted ] Specify the rulebase name. If the named rulebase does not exist, it is created, and the CLI mode changes to the ACS Rulebase Configuration Mode wherein the rulebase can be configured. If the named rulebase already exists, the CLI mode changes to the ACS Rulebase Configuration Mode for that rulebase.
Must be a string.
Specify to count retransmissions in all charging modules.
Must be either "false" or "true".
Default Value: true.
Specify to enable or disable transactional rule matching (TRM), which allows the Enhanced Charging Service (ECS) to bypass per-packet rule matching on a transaction once the transaction is fully classified.
Use this command to create/configure/delete an ACS rulebase. A rulebase is a collection of protocol rules to match a flow and associated actions to be taken for matching flow. The default rulebase is used when a subscriber/APN is not configured with a specific rulebase to use.
rulebase test1 Configures the action priority for a ruledef / group-of-ruledefs in the current rulebase.
Security Administrator, Administrator
action priority action_priority { dynamic-only | static-and-dynamic | timedef timedef_name } Use this command to configure action priorities for ruledefs / group-of-ruledefs in a rulebase. This CLI command can be entered multiple times to specify multiple ruledefs and charging actions. The ruledefs are examined in priority order, until a match is found and the corresponding charging action is applied.
action priority 23 ruledef test charging-action test1 Configire priority for the specified ruledef / group-of-ruledefs in the current rulebase.
Security Administrator, Administrator
priority action_priority Specify the action priority.
Must be an integer in the range of 1-65535.
Use this command to assign priority to a rule in a rulebase.
Enables matching of dynamic rules with static rules for this action priority on a flow.
Security Administrator, Administrator
dynamic-only Use this command to enable matching of dynamic rules with static rules for this action priority on a flow.
Assigns a group-of-ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic group-of-ruledefs group_of_ruledefs_name Specify the group-of-ruledefs name.
Must be a string.
Use this command to assign a group-of-ruledefs to the rulebase.
Assigns ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic ruledef ruledef_name charging-action charging_action_name ruledef ruledef_name [ description description ] [ monitoring-key monitoring_key ] Specify the ruledef name.
Must be a string.
Use this command to assign ruledefs to the rulebase.
Assigns a group-of-ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic group-of-ruledefs group_of_ruledefs_name Specify the group-of-ruledefs name.
Must be a string.
Use this command to assign a group-of-ruledefs to the rulebase.
Assigns ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic ruledef ruledef_name charging-action charging_action_name ruledef ruledef_name [ description description ] [ monitoring-key monitoring_key ] Specify the ruledef name.
Must be a string.
Use this command to assign ruledefs to the rulebase.
The static-and-dynamic option causes the configuration to be defined and enabled, and allows a dynamic protocol to disable or re-enable the configuration.
Security Administrator, Administrator
static-and-dynamic static-and-dynamic
Assigns a group-of-ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic group-of-ruledefs group_of_ruledefs_name Specify the group-of-ruledefs name.
Must be a string.
Use this command to assign a group-of-ruledefs to the rulebase.
Assigns ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic ruledef ruledef_name charging-action charging_action_name ruledef ruledef_name [ description description ] [ monitoring-key monitoring_key ] Specify the ruledef name.
Must be a string.
Use this command to assign ruledefs to the rulebase.
Associates a time definition with the ruledef / group-of-ruledefs. Timedefs activate or deactivate ruledefs / groups-of-ruledefs, making them available for rule matching only when they are active.
Security Administrator, Administrator
action priority action_priority timedef group-of-ruledefs group_of_ruledefs_name charging-action charging_action_name [ description description ] [ monitoring-key monitoring_key ] Use this command to associate a specified time definition with the ruledef / group-of-ruledefs. Timedefs activate or deactivate ruledefs / groups-of-ruledefs, making them available for rule matching only when they are active.
Assigns a group-of-ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic group-of-ruledefs group_of_ruledefs_name Specify the group-of-ruledefs name.
Must be a string.
Use this command to assign a group-of-ruledefs to the rulebase.
Assigns ruledefs to the rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
action priority action_priority static-and-dynamic ruledef ruledef_name charging-action charging_action_name ruledef ruledef_name [ description description ] [ monitoring-key monitoring_key ] Specify the ruledef name.
Must be a string.
Use this command to assign ruledefs to the rulebase.
Configures bandwidth policy parameters.
Security Administrator, Administrator
Exec > Global Configuration
bandwidth default-policy default_firewall_policy_name Specify the default firewall policy.
Must be a string.
Use this command to configure the bandwidth policy parameter for default firewall policy.
Configures the type of billing to be performed for subscriber sessions.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
billing-records { egcdr | radius | rf } Generates an enhanced G-CDR (eG-CDR) for GGSN / P-GW-CDR for P-GW, and/or UDR with specified format on the occurrence of an interim trigger condition at the end of a subscriber session, or an SGSN-to-SGSN handoff
Generates postpaid RADIUS accounting records at the start and end of a subscriber session, and on the occurrence of an interim trigger condition. RADIUS accounting records are generated for each content ID.
Enables Rf accounting.
Use this command to generate enhanced G-CDRs (eG-CDRs), P-GW-CDR for P-GW, RADIUS CDRs and/or UDRs for billing records. The format of eG-CDRs for the default GTPP group is controlled by the inspector command in the Context Configuration Mode.
Generates Usage Data Record (UDR) with specified the format on the occurrence of an interim trigger condition, at the end of a subscriber session, or a handoff.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
billing-records udr udr-format udr_format_name Specify the UDR format name.
Must be a string.
Use this command to enable Usage Data Record.
billing-records udr udr-format udr_format1 Specify the Diameter sub-AVPs to be included in "Requested-Service-Unit" the Diameter group AVP sent with DCCA Credit Control Requests (CCRs).
Security Administrator, Administrator
cca diameter requested-service-unit sub-avp { time cc-time duration | units cc-service-specific-units charging_unit | volume { cc-input-octets bytes | cc-output-octets bytes | cc-total-octets bytes } } Use this command to include sub-AVPs based on time, volume, and service specific unit in the "Requested-Service-Unit" grouped AVP with CCRs.
cca diameter requested-service-unit sub-avp time cc-time 45 ACS Diameter Credit Control requesting service unit values.
Security Administrator, Administrator
requested-service-unit ACS Diameter Credit Control requesting service unit values.
Configures the sub-AVP of the requesting service unit AVP.
Security Administrator, Administrator
sub-avp Use this command to configure the sub-AVP of the requesting service unit AVP.
Configures the ACS Diameter Credit Control requesting service unit - time values.
Security Administrator, Administrator
time Specify requested service unit for charging time duration in seconds in included sub-AVP.
Must be an integer in the range of 1-4000000000.
Use this command to configure the ACS Diameter Credit Control requesting service unit - time values.
Specify requested service unit by service specific units in bytes/packets in included sub-AVP.
Security Administrator, Administrator
units cc-service-specific-units charging_unit Specify the service-specific charging units.
Must be an integer in the range of 1-4000000000.
Use this command to configure the ACS Diameter Credit Control requesting service unit - service specific values.
Specify the ACS Diameter Credit Control requesting service unit - time values.
Security Administrator, Administrator
volume Specify the volume in bytes.
Must be an integer in the range of 1-4000000000.
Specify the output charging octets in bytes.
Must be an integer in the range of 1-4000000000.
Specify the total charging octets in bytes.
Must be an integer in the range of 1-4000000000.
Use this command to configure the ACS Diameter Credit Control requesting service unit - time values.
Configures the value for the Quota Holding Time (QHT). QHT is used with both time- and volume-based quotas.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
cca quota holding-time holding_time content-id content_id Specify the holding time.
Must be an integer in the range of 1-4000000000.
Specify the content ID (Rating group AVP) to use for the Quota holding time for the current rulebase. Must be the content ID specified for Credit Control service in ACS.
Must be an integer in the range of 1-2147483647.
Command Description: Configures various time and threshold-based quotas in the Prepaid Credit Control Service (Credit Control Application). Use this command to configure the value for the Quota Holding Time (QHT). QHT is used with both time- and volume-based quotas. After the configured number of seconds has passed without user traffic, the quota is reported back and the charging stops until new traffic starts.
Configures the retry time for the quota request.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
cca quota retry-time retry_time [ max-retries max_retries ] Specify the retry interval in seconds.
Must be an integer in the range of 0-86400.
Specify the maximum number of retries allowed for blacklisted categories.
Must be an integer in the range of 1-65535.
Use this command to configure credit control quota retry time.
Configures the algorithm to compute time duration for Prepaid Credit Control Application quotas in the current rulebase.
Security Administrator, Administrator
cca quota time-duration algorithm { consumed-time consumed_time [ plus-idle ] | continuous-time-periods seconds | parking-meter seconds } [ content-id content_id ] Specify Credit Control Quota Time Duration Algorithm
Configures the Quota Consumption Time (QCT).
Security Administrator, Administrator
consumed-time consumed_time Specify the credit control consumed time in seconds.
Must be an integer in the range of 1-4294967295.
Specify the idle time for QCT. When used along with consumed-time it indicates the active usage + idle time, when no traffic flow occurs.
Configures the charging quota continuous period.
Security Administrator, Administrator
continuous-time-periods seconds Specify the charging quota continuous period, in seconds.
Must be an integer in the range of 1-4294967295.
Configures the Parking Meter (PM) period for a specific rating group.
Security Administrator, Administrator
parking-meter seconds Specify the Parking Meter (PM) period, in seconds.
Must be an integer in the range of 1-4294967295.
Specify the content ID (Rating group AVP) to use for the CCA Quota time duration algorithm selection in the current rulebase. Must be the content ID specified for Credit Control service in ACS.
Must be an integer in the range of 1-2147483647.
Use this command to set the various time charging algorithms/schemes for prepaid credit control charging. If operator chooses parking-meter style charging, then time is billed in seconds chunks.
Use this command to configure the Quota Consumption Time (QCT). QCT is used with active time-based quotas and to determine chargeable time envelopes for consuming time quota.
Use this command to configure the charging quota continuous period in seconds.
Use this command to configure the Parking Meter (PM) period for a specific rating group.
cca quota time-duration algorithm consumed-time 400 Configures the Content Filtering Category Policy Identifier for Policy-based Content Filtering support in the current rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
content-filtering category policy-id cf_policy_id Specify the Content Filtering policy ID.
Must be an integer in the range of 1-4294967295.
Use this command to configure the Content Filtering Category Policy ID for Policy-based Content Filtering support in the rulebase.
content-filtering category policy-id 101 Configures the action to take on Content Filtering packets in the case of ACS error scenarios.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
content-filtering flow-any-error { deny | permit } Specify the flow-any-error configuration as permit.
Specify the flow-any-error configuration as deny. All the denied packets will be accounted for by the discarded-flow-content-id configuration in the Content Filtering Policy Configuration Mode. This content ID will be used to generate UDRs for packets denied via content filtering.
Use this command to allow/discard content filtering packets in case of ACS error scenarios.
content-filtering flow-any-error permit This command allows you to enable/disable the specified Category-based Content Filtering mode in the current rulebase.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
content-filtering mode { category { static-and-dynamic | static-only } | server-group cf_server_group } Using Category-based Content Filtering support requires configuration of the require active-charging content-filtering category command in the Global Configuration Mode.
Must be one of the following:
static-only: Configures Category-based Content Filtering in static only mode, wherein all URLs are compared against an internal database to categorize the requested content.
static-and-dynamic: Configures Category-based Content Filtering in Static-and-Dynamic mode, wherein a static rating of the URL is first performed, and only if the static rating fails to find a match, dynamic rating of the content that the server returns is then performed.
Specify the content-filtering server group name.
Must be a string.
Use this command to enable and apply the content filtering mode in the rulebase to manage a content filtering server with an ICAP client system.
content-filtering mode server-group cf_server Configures the credit control group to be used for subscribers who use this rulebase.
Security Administrator, Administrator
credit-control-group cc_group_name Specify the credit control group name.
Must be a string.
Use this command to specify the desired CC group whenever the rulebase is selected during the subscriber session setup. This is an optional CLI configuration, and used only when customized Assume Positive behavior is required for subscribers. This CLI configuration is applicable only during the session setup. Mid-session change in the CC group is not allowed.
credit-control-group test Configfures whether dynamic rules are matched before statically configured rules.
Security Administrator, Administrator
dynamic-rule order dynamic_rule_order Specify dynamic rule order.
Must be one of the following:
always-first: Specify to match all the dynamic rules against the flow prior to any static rule. This is the default value.
first-if-tied: Specify to match rules against the flow based on their priority with the condition that dynamic rules match before a static rule of the same priority. A rule is a combination of a ruledef, charging action, and precedence. Static rules are defined by the "action" CLI command in the ACS Rulebase Configuration Mode, and are applicable to all subscribers that are associated with the rulebase. Dynamic rules are obtained via a dynamic protocol, such as, the Gx-interface for a particular subscriber session.
Use this command to configure the order in which rules are selected for matching in between dynamic rules (per subscriber) and static rules (from rulebase).
dynamic-rule order always-first Configures EDR-related parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Rulebase Configuration
edr transaction-complete { dns | http } [ charging-edr charging_edr_format_name | edr-format edr_format_name | reporting-edr reporting_edr_format_name ] DNS protocol related configuration
HTTP protocol related configuration
Specify to generate charging EDR on transaction completion.
Must be a string.
Specify to generate EDR on transaction completion for DNS or HTTP protocol.
Must be a string.
Specify the reporting EDR format name to generate reporting EDR on transaction completion.
Must be a string.
Configures the generation of an EDR on the completion of a transaction. Use this command to configure the generation of an EDR when certain application transactions (for example, request/response pairs) complete. EDR generation is supported for DNS or HTTP protocol. Note that these EDRs are in addition to those that might be generated due to other conditions, for example, EDR configurations in a charging action.
edr transaction-complete http charging-edr test123 Assigns volume or interval values to the interim G-CDRs.
Security Administrator, Administrator
egcdr threshold interval duration Specify the time interval, in seconds, for closing the eG-CDR/PGW-CDR if the minimum time duration thresholds are satisfied.
Must be an integer in the range of 60-40000000.
Configures the thresholds for generating eG-CDRs for GGSN and PGW-CDRs for P-GW. Use this command to assign the interval values to the interim G-CDRs.
egcdr threshold interval 600 Configures the uplink/downlink volume octet counts for the generation of the interim eG-CDRs/PGW-CDRs.
Security Administrator, Administrator
egcdr threshold volume { downlink | total | uplink } bytes Specify the limit for the number of downlink (from network to subscriber) octets after which the eG-CDR/PGW-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the number of uplink (from subscriber to network) octets after whichthe eG-CDR/PGW-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the total number of octets (uplink+downlink) after which theeG-CDR/PGW-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Configures the thresholds for generating eG-CDRs for GGSN and PGW-CDRs for P-GW. Use this command to configure the uplink/downlink volume octet counts for the generation of the interim GCDRs.
Configures the charge for the control traffic associated with an application.
Security Administrator, Administrator
flow control-handshaking { charge-to-application { [ all-packets ] [ initial-packets ] [ mid-session-packets ] [ tear-down-packets ] } | charge-separate-from-application } Use this command to configure how to charge for the control traffic associated with an application ruledef. Applications like HTTP use TCP to set up and tear down connections before the HTTP application starts. This command controls whether the packets that set up and tear down the connections should use the same content ID as the application's flow. In normal mode 3-way handshake TCP packets (SYN, SYN-ACK, and ACK) and closing or intermittent packets (FIN, RST, etc.) directed and charged based on configured matched rules. This command makes the system to wait for the start and stop of layer 7 packet flow and content ID and charge the initial, intermittent, and closing TCP packets as configured to the same matching rules and content ID as of the flow. This command also affects applications that do not use TCP but use other methods for control packets, for example WAP, where WTP/UDP may be used to set up and tear down connection-oriented WSP.
flow control-handshaking charge-to-application mid-session-packets tear-down-packets Specify control protocol handshake packets.
Security Administrator, Administrator
flow control-handshaking charge-separate-from-application Specify the charging action to separate the charging of the initial control packets or all subsequent control packets from regular charging.
Use this command to specify control protocol handshake packets.
Configures the charging action to include the flow control packets either during initial handshaking only or specified control packets during session for charging.
Security Administrator, Administrator
flow control-handshaking charge-to-application { [ all-packets ] [ initial-packets ] [ mid-session-packets ] [ tear-down-packets ] } Specify that the initial setup packets will wait until the application has been determined before assigning the content-id, and all mid-session ACK packets as well as the final tear-down packets will use that content-id.
Specify that the ACK packets after the initial setup will use the application's or content-id assignment.
Specify that only the initial setup packets will wait for content-id assignment.
Specify that the final tear-down packets (TCP or WAP) will use the application's or content-id assignment.
Use this command to charge control packets to application ruledefs.
Configures the end condition of the session flows related to a user session and triggers EDR generation.
Security Administrator, Administrator
flow end-condition { normal-end-signaling | session-end | timeout | charging-edr charging_edr_format_name } Creates an EDR with the specified EDR format whenever a flow ends due to a timeout condition.
Creates an EDR with the specified EDR format whenever flow end is signaled normally, for example like detecting FIN and ACK for a TCP flow, or a WSP-DISCONNECT terminating a connection-oriented WSP flow over UDP) and create an EDR for the flow using the specified EDR format.
Creates an EDR with the specified EDR format whenever a subscriber session ends. By this option ACS creates an EDR with the specified format name for every flow that has had any activity since last EDR was created for the flow on session end.
Specify the charging EDR format name.
Must be a string.
Use this command to enable or disable the capturing of EDRs based on flow end condition.
flow end-condition handoff charging-edr edr_format1 This command allows you to limit the total number of simultaneous flows per Subscriber/APN sent to a rulebase regardless of the flow type, or limit flows based on the protocol type under the Session Control feature.
Security Administrator, Administrator
flow limit-across-applications { limit | non-tcp limit | tcp limit } Specify the maximum limit of TCP flows.
Must be an integer in the range of 1-4000000000.
Specify the maximum limit of non-TCP type flows.
Must be an integer in the range of 1-4000000000.
-Or-Must be an integer in the range of 1-4000000000.
Use this command to limit the total number of flows allowed per subscriber for a rulebase regardless of flow type, or limit flows based on the protocol non-TCP (connection-less) or TCP (connection-oriented).
flow limit-across-applications 200000 Configures IP parameters related to user session.
Security Administrator, Administrator
Exec > Global Configuration
ip reassembly-timeout reassembly_timeout Specify the maximum duration for which ip packet fragments are retained, in milliseconds.
Must be an integer in the range of 100-30000.
Default Value: 5000.
Use this command to configure IP parameters related to user session.
Configures enabling/disabling the P2P analyzer to detect peer-to-peer (P2P) applications.
Security Administrator, Administrator
p2p dynamic-flow-detection Enables dynamic-flow detection, allowing the P2P analyzer to detect the P2P applications configured for the ACS.
Use this command to enable/disable the P2P analyzer to detect peer-to-peer (P2P) applications.";
Configures the post-processing action to be taken.
Security Administrator, Administrator
post-processing priority priority { group-of-ruledefs ruledefs_group_name | ruledef ruledef_name } charging-action charging_action_name [ description description ] Use this command to configure the post-processing priority and action to be taken on a ruledef in the rulebase.
Configures the post-processing priority and action to be taken on specific ruledef in the current rulebase.
Security Administrator, Administrator
post-processing priority priority_value { group-of-ruledefs ruledefs_group_name | ruledef ruledef_name } charging-action charging_action_name [ description description ] Specify the priority value.
Must be an integer in the range of 1-65535.
Use this command to configure the post-processing priority and action to be taken on a ruledef in the rulebase.
post-processing priority 10 ruledef test_ruledef charging-action test_ca Configures group-of-ruledef parameters.
Security Administrator, Administrator
group-of-ruledefs ruledefs_group_name Specify the group-of-ruledefs to add/configure/delete.
Must be a string.
Specify the charging action.
Must be a string.
Specify an optional description for this configuration.
Must be a string.
Use this command to configure group-of-ruledef parameters.
Assigns ruledefs to a rulebase.
Security Administrator, Administrator
ruledef ruledef_name Specify the ruledef name.
Must be a string.
Specify the charging action name.
Must be a string.
Specify an optional description for this configuration.
Must be a string.
Use this command to assign ruledefs to a rulebase.";
Configures the routing of packets to protocol analyzers.
Security Administrator, Administrator
route priority route_priority ruledef ruledef_name analyzer { dns | file-transfer | ftp-control | ftp-data | h323 | http | imap | mipv6 | mms | pop3 | pptp | radius | rtcp | rtp | rtsp | sdp | secure-http | sip | smtp | tftp | wsp-connection-less | wsp-connection-oriented } [ description description ] Instances of this CLI command control which packets are routed to which protocol analyzers. Packets sent to ACS are always passed through the IP protocol analyzer. This CLI command controls which higher layer analyzers are also invoked.
route priority 23 ruledef test analyzer test_analyzer description route_test1 Configures the priority of the route in the rulebase.
Security Administrator, Administrator
priority route_priority Specifythe route priority.
Must be an integer in the range of 0-65535.
Use this command to configure the priority of the route in the rulebase.
Configures the ruledef to evaluate packets to determine analyzer.
Security Administrator, Administrator
ruledef ruledef_name Specify the ruledef name.
Must be a string.
Specify the analyzer for the ruledef.
Must be one of the following:
dns: Configure the primary and secondary IPv4 or IPv6 address of the DNS servers.
file-transfer: Allows you to enter descriptive text for this configuration.
ftp-control: Charge volume for FTP-Control.
ftp-data: Charge volume for FTP-Data.
h323: Enables/disables H323 NAT ALG.
http: Specify to detect HTTP protocol.
imap: Route to IMAP protocol analyzer.
mipv6: Route to MIPv6 protocol analyzer.
mms: Route to MMS protocol analyzer.
pop3: Route to POP3 protocol analyzer.
pptp: Route to PPTP protocol analyzer.
radius: Route to RADIUS protocol analyzer.
rtcp: Route to RTCP protocol analyzer.
rtsp: Route to RTSP protocol analyzer.
rtp: Route to RTP protocol analyzer.
sdp: Route to SDP protocol analyzer.
sip: Route to SIP protocol analyzer.
secure-http: Route to secure HTTP protocol analyzer.
smtp: Route to SMTP protocol analyzer.
tftp: Route to TFTP protocol analyzer.
wsp-connection-less: Route to WSP connection-less protocol analyzer.
wsp-connection-oriented: Route to WSP connection-oriented protocol analyzer.
Enables to add a description to the rule and action for later reference in saved configuration file.
Must be a string.
Use this command to assign a ruledef to a rulebase,
This command allows you to enable/disable the Real Time Streaming Protocol (RTSP) and Session Description Protocol (SDP) analyzers to detect the start/stop of RTP and RTCP flows.
Security Administrator, Administrator
rtp dynamic-flow-detection Controls whether dynamic RTP/RTCP flow detection is enabled or not.
Use this command to enable the RTSP and SDP analyzer to detect the start/stop of RTP and RTCP flows. This command is used in conjunction with the route priority command.
rtp dynamic-flow-detection Configures TCP window size checking.
Security Administrator, Administrator
tcp check-window-size Enables/Disables TCP window-size check.
Use this command to enable/disable TCP window-size check for packets out of TCP window.
tcp check-window-size Configures the TCP Maximum Segment Size (MSS) in TCP SYN packets.
Security Administrator, Administrator
tcp mss mss_value { [ add-if-not-present ] [ limit-if-present ] } Specify the TCP MSS.
Must be an integer in the range of 496-65535.
Specify to add the TCP MSS if not present in the packet.
Specify to limit the TCP MSS if present in the packet.
Using this command, TCP MSS can be limited if already present in the TCP SYN packets. If there are no errors detected in IP header/TCP mandatory header and there are no memory allocation failures, TCP optional header is parsed. If TCP MSS is present in the optional header and its value is greater than the configured MSS value, the value present in the TCP packet is replaced with the configured one.
tcp mss 3000 limit-if-present add-if-not-present Configures processing of TCP packets that are out of order, while waiting for the earlier packet(s) to arrive.
Security Administrator, Administrator
tcp packets-out-of-order timeout timeout_duration Specify the timeout duration for re-assembly of TCP out-of-order packets in milliseconds.
Must be an integer in the range of 100-30000.
Default Value: 5000.
Use this command to configure how to process TCP packets that are out of order, while waiting for the earlier packet(s) to arrive.
tcp packets-out-of-order timeout 10000 Configures the TCP out-of-order segment behavior after buffering a copy.
Security Administrator, Administrator
transmit transmit_behavior Specify the TCP out-of-order segment behavior after buffering a copy.
Must be one of the following:
after-reordering: Delivers the TCP out-of-order segments in-sequence to the ECS analyzer after all packets are received and successfully reordered. The 'after-reordering' feature is doing this by buffering out-of-order packets, and only releasing them after the missing out-of-order packets are received (or after OOO timeout). When the missing packet is received, complete deep packet inspection of all the packets and all relevant in-line services is done, and then the last packet is forwarded (as the latest). If reordering is not successful within the specified OOO timeout, all the subsequent received packets in that TCP flow are forwarded without being passed through the analysers (except the L3/L4 analyzer). As a consequence, only L3/L4 rule matching will take place. If memory allocation fails or the received packet is partial retransmitted data, the packet will also be forwarded immediately without being passed through the protocol analyzers, except for the L3/L4 analyzers.
immediately: Delivers the TCP out-of-order segments in-sequence to the ECS analyzer after all packets are received and successfully reordered. The 'immediately' feature is accomplishing this by making a copy of out-of-order packets, and buffering those, while transmitting the original data packets through the outgoing interface immediately. When the missing packet is received, complete deep packet inspection of all the packets and all relevant in-line services is done, and then the last packet is forwarded. If reordering of the buffered packets is not successful within the specified OOO timeout, all the subsequent received packets in that TCP flow are forwarded without being passed through the analysers (except the L3/L4 analyzer). As a consequence only L3/L4 rule matching will take place. If memory allocation fails or the received packet is partial retransmitted data, the packet will also be forwarded immediately without being passed through the protocol analyzers, except for the L3/L4 analysers.
Use this command to configure the TCP out-of-order segment behavior after buffering a copy.
Enables or disables the Tethering Detection feature for the current rulebase, and specifies the database to use.
Security Administrator, Administrator
tethering-detection [ application | dns-based | ip-ttl value ttl_value | max-syn-packet-in-flow max_syn_packets | tether-db database ] Specify the number of SYN packets applicable for tethering detection in a flow.
Must be an integer in the range of 1-3.
Specify to perform tethering detection based on App-based method.
Specify to perform tethering detection based on DNS-based method.
Specify to perform tethering detection using the specified database.
Must be one of the following:
ua-db-only: Specify to perform tethering detection using only the UA signature database.
os-ua-db: Specify to perform tethering detection using IPv4 OS, IPv6 OS, and UA signature databases.
os-db-only: Specify to perform tethering detection using IPv4 and IPv6 OS signature databases.
This command allows you to perform tethering detection using IP-TTL configuration.
Security Administrator, Administrator
ip-ttl value ttl_value Specify TTL values for tethered flows.
Must be an integer in the range of 1-255.
Use this command to enable/disable the Tethering Detection feature for a rulebase, and configures the database to use. Tethering Detection can be done for IPv4, IPv6, TCP and UDP flows.
Use this command to perform tethering detection using ip-ttl configuration.
tethering-detection os-db-only This command allows you to enable/disable URL Blacklisting functionality for the current rulebase, and configures the action to be taken when there is a URL match.
Security Administrator, Administrator
url-blacklisting action { discard | redirect-url url | terminate-flow | www-reply-code-and-terminate-flow reply_code } [ content-id content_id ] Use this command to enable/disable URL Blacklisting at the rulebase level, and configure the action to be taken.
url-blacklisting action www-reply-code-and-terminate-flow 300 Configures URL Blacklisting action.
Security Administrator, Administrator
action { content-id content_id | discard | redirect-url redirect_url | terminate-flow | www-reply-code-and-terminate-flow reply_code } Specify the redirect URL/URI, which must be a fully qualified URL/URI.
Must be a string.
Specify the URL Blacklisting action as "discard".
Specify the URL Blacklisting action as "terminate-flow".
Specify the URL Blacklisting action as "terminate-flow action with reply code".
Must be an integer in the range of 400-599.
Specify the content ID, a number assigned to URL Blacklisting.
Must be an integer in the range of 1-65535.
Use this command to configure the URL Blacklisting action.
Configures URL Blacklisting match-method.
Security Administrator, Administrator
match-method match_method Specify the match method.
Must be one of the following:
exact
generic
Use this command to configure the URL Blacklisting match method.
Configures ACS rule definitions (ruledef).
Security Administrator, Administrator
ruledef ruledef_name [ rule-application ruledef_purpose ] Specify the ruledef name. If the named ruledef does not exist, it is created, and the CLI mode changes to the ACS Ruledef Configuration Mode wherein the ruledef can be configured. If the named ruledef already exists, the CLI mode changes to the ACS Ruledef Configuration Mode for that ruledef.
Must be a string.
Specify the purpose of the ruledef, such as for charging, post-processing, routing, and so on. When a ruledef is evaluated, if the multi-line-or all-lines command is configured, the logical OR.
Must be one of the following:
charging: Specify that the current ruledef is for charging purposes.
post-processing: Specify that the current ruledef is for post-processing purposes. This enables processing of packets even if the rule matching for them has been disabled.
routing: Specify that the current ruledef is for routing purposes. Up to 256 ruledefs can be defined for routing in an Active Charging Service.
Use this command to create/configure/delete an ACS ruledef. A ruledef represents a set of matching conditions across multiple L3 L7 protocol based on protocol fields and state information. Each ruledef can be used across multiple rulebases within the active charging service.
ruledef test1 Configures rule expression to match Radio Access Technology (RAT) in the bearer flow.
Security Administrator, Administrator
bearer service-3gpp rat-type operator rat_type Use this command to define rule expressions to match a RAT type.
bearer service-3gpp rat-type = wlan Specify 3GPP service.
Security Administrator, Administrator
service-3gpp service-3gpp
Specify RAT type associated with the bearer flow.
Security Administrator, Administrator
rat-type Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
Specify the RAT type.
Must be one of the following:
geran: GSM EDGE Radio Access Network type.
utran: UMTS Terrestrial Radio Access Network type.
wlan: Wireless LAN type.
Use this command to configure the RAT type associated with the bearer flow.
Configures rule expression to match answer name in the answer section of DNS response messages.";
Security Administrator, Administrator
dns answer-name [ case-sensitive ] operator value Use this command to define rule expressions to match an answer name from the answer section of DNS response messages.
dns answer-name = test Specify DNS answer name.
Security Administrator, Administrator
answer-name Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contains.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
case-sensitive: Strings will be matched in case-sensitive manner.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the value.
Must be a string.
Use this command to configure the DNS answer name. This depends upon the query type.
Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures rule expression to match previous state of the DNS FSM.
Security Administrator, Administrator
dns previous-state operator previous_state Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the previous state to match.
Must be one of the following:
dns-timeout: DNS timeout.
init: Init.
req-sent: Request sent.
resp-error: Response error.
resp-success: Response sucess..
Use this command to define rule expressions to match previous state of DNS FSM.
dns previous-state = req-sent Configures rule expression to match query name in DNS request messages.
Security Administrator, Administrator
dns query-name [ case-sensitive ] operator query_name Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
case-sensitive: Strings will be matched in case-sensitive manner.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the query name to match.
Must be a string.
Use this command to define rule expressions to match query name in DNS request messages.
dns query-name = test Configures rule expression to match the query type in the DNS request messages.
Security Administrator, Administrator
dns query-type operator query_type Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the previous state to match.
Must be one of the following:
a: Support query-type 'A'.
aaaa: Support query-type 'AAAA'.
cname: Support query-type 'CNAME'.
ns: Support query-type 'NS'.
null: Support query-type 'NULL'.
ptr: Support query-type 'PTR'.
srv: Support query-type 'SRV'.
txt: Support query-type 'TXT'.
Use this command to define rule expressions to match the query type in the DNS request messages.
dns query-type = txt Configures rule expression to match response code in DNS response messages.
Security Administrator, Administrator
dns return-code operator return_code Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the response code to match.
Must be one of the following:
format-error: DNS response: Format Error.
name-error: DNS response: Name Error.
no-error: DNS response: No Error.
not-implemented: DNS response: Name server does not support the requested query.
refused: DNS response: Refused to perform specified operation.
server-failure: DNS response: Server Failure.
Use this command to define rule expressions to match response code in DNS response messages.
dns return-code = refused Configures rule expressions to match current state of DNS FSM.
Security Administrator, Administrator
dns state operator current_state Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the state to match.
Must be one of the following:
dns-timeout
init
req-sent
resp-error
resp-success
Use this command to define rule expressions to match DNS FSM current state.
dns state = req-sent Configures rule expressions to match Transaction Identifier (TID) field in DNS messages.
Security Administrator, Administrator
dns tid operator tid_value Specify how to match.
Must be one of the following:
'!=': Does not equal.
<=: Lesser than or equals.
=: Equals.
>=: Greater than or equals.
Specify the query name to match.
Must be an integer in the range of 0-65535.
Use this command to define rule expressions to match a TID field of DNS messages.
dns tid = test Configures rule expression to match the User-Agent request-header field of HTTP packets.
Security Administrator, Administrator
http user-agent [ case-sensitive ] operator user_agent Use this command to define rule expressions to match value in HTTP user-agent header field.
http user-agent = xyz.123 Configures rule expression to match value in HTTP Content-Type entity-header field.
Security Administrator, Administrator
http content type [ case-sensitive ] operator content_type Use this command to define rule expressions to match value in HTTP Content-Type entity-header field.
http content type = abc100 Specify HTTP Content-Type.
Security Administrator, Administrator
type operator content_type Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the content type to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to configure rule expressions to match HTTP content type.
Configures rule expression to match value in HTTP Host Request header field.
Security Administrator, Administrator
http host [ case-sensitive ] operator host_name Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the host name to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to define rule expressions to match value in HTTP Host request-header field.
http host = host1 Configures rule expression to match the value in the HTTP Referer request-header field.
Security Administrator, Administrator
http referer [ case-sensitive ] operator referer_name Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!present: Not present.
!starts-with: Does not start with.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the HTTP referer name to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to define rule expressions to match value in HTTP Referer request-header field. This feature allows an operator to collect or track all URLs visited during a particular subscriber session. These URLs include the entire string of visited URLs, including all referral links. This information is output in an Event Data Record (EDR) format to support reporting or billing functions.
http referer = cricket.espn.com Configures rule expression to match HTTP URL.
Security Administrator, Administrator
http url [ case-sensitive ] operator url Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!present: Does not present.
!starts-with: Does not start with.
=: Equals.
case-sensitive: Is case sensitive.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the HTTP URL to match.
Must be a string.
Use this command to define rule expressions to match HTTP URL.";
Rule expressions to match the User-Agent.
Security Administrator, Administrator
user-agent operator user_agent Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equal.
present: Present.
!present: Not present.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the HTTP user agent value to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to configure rule expressions to match user agent.
Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
This command allows you to define rule expressions to match the IP address of the destination end of the connection.
Security Administrator, Administrator
ip server-ip-address { ipv4_address | ipv6_address } Use this command to define rule expressions to match the IP address of the destination end of the connection.
ip server-ip-address = 10.1.1.1 Configures rule expressions to match all IPv4/IPv6 packets.
Security Administrator, Administrator
ip any-match operator condition Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to define rule expressions to match IPv4/IPv6 packets.
ip any-match = TRUE Configures rule expressions to match IP destination address field within IP headers.
Security Administrator, Administrator
ip dst-address { ipv4_address | ipv6_address } Specify the destination IP address.
Must be one of the following:
dst-address: DST address.
Specify how to match.
Must be one of the following:
'!=': Does not equal.
!range: Not in the range.
<=: Lesser than or equal to.
=: Equals.
>=: Greater than or equal to.
range: In the range.
Specify the IP address prefix.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
-Or-Must be an IP address.
Specify a group of IPv6 addresses configured with wildcard input and/or specialized range input. Multiple wildcard characters can be accepted as input and only one 2 byte range input will be accepted. Both wildcard character input and 2 byte range input can be configured together within an IPv6 address.
Must be a string.
Specify the host pool name.
Must be a string.
Use this command to define rule expressions to match the IP destination address field within IP headers.
ip dst-address = 10.1.1.1 Configures rule expression to match based on protocol being transported by IP packet.
Security Administrator, Administrator
ip protocol operator protocol Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
<=: Lesser than or equal to.
>=: Greater than or equal to.
Specify the protocol.
Must be an integer in the range of 0-255.
-Or-Must be one of the following:
ah
esp
gre
icmp
icmpv6
tcp
udp
Use this command to define rule expressions to match based on protocol being transported by IP packet.
Specify the server's IP address.
Security Administrator, Administrator
server-ip-address Specify the server IP address.
Must be one of the following:
server-ip-address: server-ip-address.
Specify how to match.
Must be one of the following:
'!=': Does not equal.
!range: Not in the range.
<=: Lesser than or equal to.
=: Equals.
>=: Greater than or equal to.
range: In the range.
Specify the IP address prefix.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
-Or-Must be an IP address.
Specify a group of IPv6 addresses configured with wildcard input and/or specialized range input. Multiple wildcard characters can be accepted as input and only one 2 byte range input will be accepted. Both wildcard character input and 2 byte range input can be configured together within an IPv6 address.
Must be a string.
Specify the host pool name.
Must be a string.
Use this command to configure the server IP address.
Configures rule expression to match IP uplink packets.
Security Administrator, Administrator
Exec > Global Configuration
uplink operator condition Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
Specify the condition to match.
Must be one of the following:
TRUE: Analyzed.
FALSE: Not analyzed.
Use this command to configure matching IP uplink packets based on condition.
Configures rule expression to match based on IP version.
Security Administrator, Administrator
Exec > Global Configuration
version operator ip_version Specify how to match.
Must be one of the following:
=: Equals.
Specify the condition to match.
Must be one of the following:
ipv4
ipv6
Use this command to configure rule expression to match based on the IP version.
This command applies the OR operator to all lines in the current ruledef.
Security Administrator, Administrator
multi-line-or all-lines Applies the OR operator to all lines in the current ruledef.
When a ruledef is evaluated, if the multi-line-or all-lines command is configured, the logical OR operator is applied to all the rule expressions in the ruledef to decide if the ruledef matches or not. If the multi-line-or all-lines command is not configured, the logical AND operator is applied to all the rule expressions.";
This command allows you to define rule expressions to match P2P protocol. This command must be used for charging purposes. It must not be used for detection purposes.
Security Administrator, Administrator
p2p protocol operator protocol Specify the custom-defined protocol (CDP) name. CDP name specifies the name of the custom defined protocol (CDP) for TLS/SSL flows, QUIC flows or any app-identifier matching the ruledef. If the flow/packet matches the rule, the CDP name specified in the ruledef will be taken and the flow will be marked as CDP. If no CDP is configured in the rule, then the flow will be treated as TLS/SSL or QUIC flow.
Must be a string.
Use this command to define rule expressions to detect P2P protocols for charging purposes. For detection purposes use the "p2p-detection protocol" command in the ACS Configuration Mode.
p2p protocol = skype Configures application identifiers populated from the plugin and mark the matching flows to a custom-defined protocol (CDP) name.
Security Administrator, Administrator
p2p app-identifier app-type app_type operator string Specify the app type.
Must be one of the following:
tls-sni: Specify the TLS/SSL Server Name Indication (SNI) field.
quic-sni: Specify the QUIC Server Name Indication (SNI) field value.
tls-cname: Specify the common name in the Server Hello message of TLS. SSL renegotiation is supported for the flows that are marked using "tls-cname" rules.
Specify how to match.
Must be one of the following:
!=: Not equals.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the string.
Must be a string.
Use this command to configure application identifiers populated from the plugin and mark the matching flows to a custom-defined protocol (CDP) name. The SNI ruledef supports multi-line-or all-lines or default multi-line-and rule lines. The rule lines configured with "!=" operator will not be optimized.
p2p app-identifier quic-sni = fb.com Configures the protocol to match.
Security Administrator, Administrator
protocol operator protocol Specify how to match.
Must be one of the following:
=: Equals.
Specify the P2P protocol.
Must be one of the following:
skype: P2P detection protocol for "Skype" application.
bittorrent: P2P detection protocol for "bittorrent" application.
edonkey: P2P detection protocol for "edonkey" application.
msn: P2P detection protocol for "msn" application.
yahoo: P2P detection protocol for "yahoo" application.
orb: P2P detection protocol for "orb" application.
gnutella: P2P detection protocol for "gnutella" application.
jabber: P2P detection protocol for "jabber" application.
slingbox: P2P detection protocol for "slingbox" application.
winny: P2P detection protocol for "winny" application.
fasttrack: P2P detection protocol for "fasttrack" application.
manolito: P2P detection protocol for "manolito" application.
pando: P2P detection protocol for "pando" application.
filetopia: P2P detection protocol for "filetopia" application.
soulseek: P2P detection protocol for "soulseek" application.
ppstream: P2P detection protocol for "ppstream" application.
qqlive: P2P detection protocol for "qqlive" application.
qq: P2P detection protocol for "qq" application.
mute: P2P detection protocol for "mute" application.
gadugadu: P2P detection protocol for "gadugadu" application.
feidian: P2P detection protocol for "feidian" application.
applejuice: P2P detection protocol for "applejuice" application.
zattoo: P2P detection protocol for "zattoo" application.
skinny: P2P detection protocol for "skinny" application.
sopcast: P2P detection protocol for "sopcast" application.
ares: P2P detection protocol for "ares" application.
directconnect: P2P detection protocol for "directconnect" application.
imesh: P2P detection protocol for "imesh" application.
pplive: P2P detection protocol for "pplive" application.
oscar: P2P detection protocol for "oscar" application.
popo: P2P detection protocol for "popo" application.
irc: P2P detection protocol for "irc" application.
steam: P2P detection protocol for "steam" application.
ddlink: P2P detection protocol for "ddlink" application.
halflife2: P2P detection protocol for "halflife2" application.
hamachivpn: P2P detection protocol for "hamachivpn" application.
tvants: P2P detection protocol for "tvants" application.
tvuplayer: P2P detection protocol for "tvuplayer" application.
uusee: P2P detection protocol for "uusee" application.
vpnx: P2P detection protocol for "vpnx" application.
vtun: P2P detection protocol for "vtun" application.
winmx: P2P detection protocol for "winmx" application.
wofwarcraft: P2P detection protocol for "wofwarcraft" application.
xbox: P2P detection protocol for "xbox" application.
iskoot: P2P detection protocol for "iskoot" application.
fring: P2P detection protocol for "fring" application.
oovoo: P2P detection protocol for "oovoo" application.
gtalk: P2P detection protocol for "gtalk" application.
freenet: P2P detection protocol for "freenet" application.
aimini: P2P detection protocol for "aimini" application.
battlefld: P2P detection protocol for "battlefld" application.
openft: P2P detection protocol for "openft" application.
qqgame: P2P detection protocol for "qqgame" application.
quake: P2P detection protocol for "quake" application.
secondlife: P2P detection protocol for "secondlife" application.
actsync: P2P detection protocol for "actsync" application.
nimbuzz: P2P detection protocol for "nimbuzz" application.
iax: P2P detection protocol for "iax" application.
paltalk: P2P detection protocol for "paltalk" application.
warcft3: P2P detection protocol for "warcft3" application.
rdp: P2P detection protocol for "rdp" application.
iptv: P2P detection protocol for "iptv" application.
pandora: P2P detection protocol for "pandora" application.
icecast: P2P detection protocol for "icecast" application.
kontiki: P2P detection protocol for "kontiki" application.
meebo: P2P detection protocol for "meebo" application.
shoutcast: P2P detection protocol for "shoutcast" application.
truphone: P2P detection protocol for "truphone" application.
thunder: P2P detection protocol for "thunder" application.
armagettron: P2P detection protocol for "armagettron" application.
blackberry: P2P detection protocol for "blackberry" application.
citrix: P2P detection protocol for "citrix" application.
clubpenguin: P2P detection protocol for "clubpenguin" application.
crossfire: P2P detection protocol for "crossfire" application.
dofus: P2P detection protocol for "dofus" application.
fiesta: P2P detection protocol for "fiesta" application.
florensia: P2P detection protocol for "florensia" application.
funshion: P2P detection protocol for "funshion" application.
guildwars: P2P detection protocol for "guildwars" application.
isakmp: P2P detection protocol for "isakmp" application.
maplestory: P2P detection protocol for "maplestory" application.
mgcp: P2P detection protocol for "mgcp" application.
octoshape: P2P detection protocol for "octoshape" application.
off: P2P detection protocol for "off" application.
ps3: P2P detection protocol for "ps3" application.
rmstream: P2P detection protocol for "rmstream" application.
rfactor: P2P detection protocol for "rfactor" application.
splashfighter: P2P detection protocol for "splashfighter" application.
ssdp: P2P detection protocol for "ssdp" application.
stealthnet: P2P detection protocol for "stealthnet" application.
stun: P2P detection protocol for "stun" application.
teamspeak: P2P detection protocol for "teamspeak" application.
tor: P2P detection protocol for "tor" application.
veohtv: P2P detection protocol for "veohtv" application.
wii: P2P detection protocol for "wii" application.
wmstream: P2P detection protocol for "wmstream" application.
wofkungfu: P2P detection protocol for "wofkungfu" application.
xdcc: P2P detection protocol for "xdcc" application.
yourfreetunnel: P2P detection protocol for "yourfreetunnel" application.
facebook: P2P detection protocol for "facebook" application.
gamekit: P2P detection protocol for "gamekit" application.
facetime: P2P detection protocol for "facetime" application.
gmail: P2P detection protocol for "gmail" application.
itunes: P2P detection protocol for "itunes" application.
myspace: P2P detection protocol for "myspace" application.
teamviewer: P2P detection protocol for "teamviewer" application.
twitter: P2P detection protocol for "twitter" application.
viber: P2P detection protocol for "viber" application.
antsp2p: P2P detection protocol for "antsp2p" application.
imo: P2P detection protocol for "imo" application.
netmotion: P2P detection protocol for "netmotion" application.
ogg: P2P detection protocol for "ogg" application.
openvpn: P2P detection protocol for "openvpn" application.
quicktime: P2P detection protocol for "quicktime" application.
spotify: P2P detection protocol for "spotify" application.
tango: P2P detection protocol for "tango" application.
ultrabac: P2P detection protocol for "ultrabac" application.
usenet: P2P detection protocol for "usenet" application.
tunnelvoice: P2P detection protocol for "tunnelvoice" application.
scydo: P2P detection protocol for "scydo" application.
whatsapp: P2P detection protocol for "whatsapp" application.
flash: P2P detection protocol for "flash" application.
mojo: P2P detection protocol for "mojo" application.
pcanywhere: P2P detection protocol for "pcanywhere" application.
mypeople: P2P detection protocol for "mypeople" application.
webex: P2P detection protocol for "webex" application.
netflix: P2P detection protocol for "netflix" application.
implus: P2P detection protocol for "implus" application.
ebuddy: P2P detection protocol for "ebuddy" application.
msrp: P2P detection protocol for "msrp" application.
ficall: P2P detection protocol for "ficall" application.
gotomeeting: P2P detection protocol for "gotomeeting" application.
mig33: P2P detection protocol for "mig33" application.
comodounite: P2P detection protocol for "comodounite" application.
goober: P2P detection protocol for "goober" application.
iplayer: P2P detection protocol for "iplayer" application.
operamini: P2P detection protocol for "operamini" application.
rdt: P2P detection protocol for "rdt" application.
kakaotalk: P2P detection protocol for "kakaotalk" application.
nateontalk: P2P detection protocol for "" application.nateontalk
naverline: P2P detection protocol for "naverline" application.
callofduty: P2P detection protocol for "callofduty" application.
thunderhs: P2P detection protocol for "thunderhs" application.
avi: P2P detection protocol for "avi" application.
wuala: P2P detection protocol for "wuala" application.
wechat: P2P detection protocol for "wechat" application.
soribada: P2P detection protocol for "soribada" application.
icloud: P2P detection protocol for "icloud" application.
googleplay: P2P detection protocol for "googleplay" application.
kugou: P2P detection protocol for "kugou" application.
instagram: P2P detection protocol for "instagram" application.
voipdiscount: P2P detection protocol for "voipdiscount" application.
vopium: P2P detection protocol for "vopium" application.
plingm: P2P detection protocol for "plingm" application.
pinterest: P2P detection protocol for "pinterest" application.
magicjack: P2P detection protocol for "magicjack" application.
spdy: P2P detection protocol for "spdy" application.
amazoncloud: P2P detection protocol for "amazoncloud" application.
smartvoip: P2P detection protocol for "smartvoip" application.
rynga: P2P detection protocol for "rynga" application.
icall: P2P detection protocol for "icall" application.
actionvoip: P2P detection protocol for "actionvoip" application.
jumblo: P2P detection protocol for "" application.jumblo
talkatone: P2P detection protocol for "talkatone" application.
mapi: P2P detection protocol for "mapi" application.
imessage: P2P detection protocol for "imessage" application.
linkedin: P2P detection protocol for "linkedin" application.
google: P2P detection protocol for "google" application.
poco: P2P detection protocol for "poco" application.
ultrasurf: P2P detection protocol for "ultrasurf" application.
snapchat: P2P detection protocol for "snapchat" application.
truecaller: P2P detection protocol for "truecaller" application.
cyberghost: P2P detection protocol for "cyberghost" application.
googleplus: P2P detection protocol for "googleplus" application.
adobeconnect: P2P detection protocol for "adobeconnect" application.
ustream: P2P detection protocol for "ustream" application.
siri: P2P detection protocol for "siri" application.
softether: P2P detection protocol for "softether" application.
sudaphone: P2P detection protocol for "sudaphone" application.
svtplay: P2P detection protocol for "svtplay" application.
hyves: P2P detection protocol for "hyves" application.
silverlight: P2P detection protocol for "silverlight" application.
blackdialer: P2P detection protocol for "blackdialer" application.
rodi: P2P detection protocol for "rodi" application.
skydrive: P2P detection protocol for "skydrive" application.
vtok: P2P detection protocol for "vtok" application.
flickr: P2P detection protocol for "flickr" application.
kuro: P2P detection protocol for "kuro" application.
dropbox: P2P detection protocol for "dropbox" application.
heytell: P2P detection protocol for "heytell" application.
bitcasa: P2P detection protocol for "bitcasa" application.
clubbox: P2P detection protocol for "clubbox" application.
tumblr: P2P detection protocol for "tumblr" application.
youtube: P2P detection protocol for "youtube" application.
voxer: P2P detection protocol for "voxer" application.
hotspotvpn: P2P detection protocol for "hotspotvpn" application.
baidumovie: P2P detection protocol for "baidumovie" application.
badoo: P2P detection protocol for "badoo" application.
vine: P2P detection protocol for "vine" application.
yahoomail: P2P detection protocol for "yahoomail" application.
outlook: P2P detection protocol for "outlook" application.
monkey3: P2P detection protocol for "monkey3" application.
foursquare: P2P detection protocol for "foursquare" application.
jap: P2P detection protocol for "jap" application.
applemaps: P2P detection protocol for "applemaps" application.
regram: P2P detection protocol for "regram" application.
bbm: P2P detection protocol for "bbm" application.
chikka: P2P detection protocol for "chikka" application.
box: P2P detection protocol for "box" application.
imgur: P2P detection protocol for "imgur" application.
oist: P2P detection protocol for "oist" application.
vchat: P2P detection protocol for "vchat" application.
youku: P2P detection protocol for "youku" application.
cisco-jabber: P2P detection protocol for "cisco-jabber" application.
waze: P2P detection protocol for "waze" application.
hls: P2P detection protocol for "hls" application.
lync: P2P detection protocol for "lync" application.
path: P2P detection protocol for "path" application.
bittorrent-sync: P2P detection protocol for "bittorrent-sync" application.
apple-store: P2P detection protocol for "apple-store" application.
samsung-store: P2P detection protocol for "samsung-store" application.
blackberry-store: P2P detection protocol for "blackberry-store" application.
igo: P2P detection protocol for "igo" application.
mozy: P2P detection protocol for "mozy" application.
mapfactor: P2P detection protocol for "mapfactor" application.
opendrive: P2P detection protocol for "opendrive" application.
windows-azure: P2P detection protocol for "windows-azure" application.
nokia-store: P2P detection protocol for "nokia-store" application.
windows-store: P2P detection protocol for "windows-store" application.
navigon: P2P detection protocol for "navigon" application.
weibo: P2P detection protocol for "weibo" application.
hulu: P2P detection protocol for "hulu" application.
telegram: P2P detection protocol for "telegram" application.
didi: P2P detection protocol for "didi" application.
xing: P2P detection protocol for "xing" application.
kik-messenger: P2P detection protocol for "kik-messenger" application.
friendster: P2P detection protocol for "friendster" application.
tagged: P2P detection protocol for "tagged" application.
idrive: P2P detection protocol for "idrive" application.
hike-messenger: P2P detection protocol for "hike-messenger" application.
google-music: P2P detection protocol for "google-music" application.
apple-push: P2P detection protocol for "apple-push" application.
google-push: P2P detection protocol for "google-push" application.
twitch: P2P detection protocol for "twitch" application.
rhapsody: P2P detection protocol for "rhapsody" application.
speedtest: P2P detection protocol for "speedtest" application.
upc-phone: P2P detection protocol for "upc-phone" application.
iheartradio: P2P detection protocol for "iheartradio" application.
hbogo: P2P detection protocol for "hbogo" application.
slacker-radio: P2P detection protocol for "slacker-radio" application.
radio-paradise: P2P detection protocol for "radio-paradise" application.
beatport: P2P detection protocol for "beatport" application.
soundcloud: P2P detection protocol for "soundcloud" application.
amazonmusic: P2P detection protocol for "amazonmusic" application.
ssl: P2P detection protocol for "ssl" application.
slingtv: P2P detection protocol for "slingtv" application.
vessel: P2P detection protocol for "vessel" application.
8tracks: P2P detection protocol for "8tracks" application.
quic: P2P detection protocol for "quic" application.
tunein-radio: P2P detection protocol for "tunein-radio" application.
go90: P2P detection protocol for "go90" application.
vudu: P2P detection protocol for "vudu" application.
periscope: P2P detection protocol for "periscope" application.
hbonow: P2P detection protocol for "hbonow" application.
crackle: P2P detection protocol for "crackle" application.
espn: P2P detection protocol for "espn" application.
amazonvideo: P2P detection protocol for "amazonvideo" application.
showtime: P2P detection protocol for "showtime" application.
vevo: P2P detection protocol for "vevo" application.
mlb: P2P detection protocol for "mlb" application.
starz: P2P detection protocol for "starz" application.
tmo-tv: P2P detection protocol for "tmo-tv" application.
hgtv: P2P detection protocol for "hgtv" application.
nbc-sports: P2P detection protocol for "nbc-sports" application.
univision: P2P detection protocol for "univision" application.
dish-anywhere: P2P detection protocol for "dish-anywhere" application.
fox-sports: P2P detection protocol for "fox-sports" application.
newsy: P2P detection protocol for "newsy" application.
fandor: P2P detection protocol for "fandor" application.
odnoklassniki: P2P detection protocol for "odnoklassniki" application.
http: P2P detection protocol for "http" application.
kidoodle: P2P detection protocol for "kidoodle" application.
mega: P2P detection protocol for "mega" application.
fubotv: P2P detection protocol for "fubotv" application.
wwe: P2P detection protocol for "wwe" application.
curiosity-stream: P2P detection protocol for "curiosity-stream" application.
dns-tunneling: P2P detection protocol for "dns-tunneling" application.
Use this command to specify the protocol to match.
Configures rule expression to match the traffic type.
Security Administrator, Administrator
p2p traffic-type operator traffic_type Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
Specify the traffic type to match.
Must be one of the following:
unclassified
audio
video
im
file-transfer
voipout
ads
streaming-video
streaming-audio
tunnel
Use this command to configure the system to detect voice or non-voice P2P traffic. When the detection of a protocol is enabled then the detection of sub-type is enabled by default.
p2p traffic-type = video Configures rule expression to match all Real-time Transport Protocol (RTP) packets.
Security Administrator, Administrator
rtp any-match operator condition Use this command to define rule expressions to match all RTP packets.
rtp any-match = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures rule expression to match all Real Time Streaming Protocol (RTSP) packets.
Security Administrator, Administrator
rtsp any-match operator condition Use this command to define rule expressions to match all RTSP packets.
rtsp any-match = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures rule expression to match uplink (subscriber to network) HTTPS packets.
Security Administrator, Administrator
secure-http uplink operator condition Use this command to define rule expressions to match uplink HTTPS packets.
secure-http uplink = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Specify HTTPS uplink packet.
Security Administrator, Administrator
uplink Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition to match.
Must be one of the following:
TRUE
FALSE
Use this command to specify the HTTPS uplink packets.
Configures rule expression to match bit within the flag field of TCP headers.
Security Administrator, Administrator
tcp flag operator flag Use this command to configure the rule expression to match bit within the flag field of TCP headers.
tcp flag = reset Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures either-port.
Security Administrator, Administrator
either-port Use this command to configure either-port.
With port map range.
Security Administrator, Administrator
with-portMap-range operator port-map port_map_name Specify how to match.
Must be one of the following:
range: In the range of.
!range: Not in the range of.
Specify the port map name.
Must be a string.
Use this command to configure with port map range.
Configures operator start to-node end.
Security Administrator, Administrator
with-range operator start start_range to-node end end_range Specify how to match.
Must be one of the following:
range: In the range of.
!range: Not in the range of.
Specify the start range.
Must be an integer in the range of 1-65535.
Specify the to node.
Must be one of the following:
to
Specify the end range.
Must be an integer in the range of 1-65535.
Use this command to configure operator start to-node end.
Configures without-range.
Security Administrator, Administrator
without-range operator port port_range Specify how to match.
Must be one of the following:
=: Equals.
<=: Lesser than or equal to.
!=: Does not equal.
>=: Greater than or equal to.
Specify the port range.
Must be an integer in the range of 1-65535.
Use this command to configure without-range.
Flag field of TCP headers.
Security Administrator, Administrator
flag operator flag Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
contains: Contains.
!contains: Does not contain.
Specify the flag to match.
Must be one of the following:
ack
push
fin
reset
sync
Use this command to configure the Flag field of TCP headers.
Configures rule expression to match current state of TCP connections.
Security Administrator, Administrator
tcp state operator current_state Specify how to match.
Must be one of the following:
=: Equals.
'!=': Does not equal.
Specify the state to match.
Must be one of the following:
close
close-wait
closing
established
fin-wait1
fin-wait2
last-ack
listen
syn-received
syn-sent
time-wait
Use this command to define rule expressions to match a current state of TCP connections.
tcp state = close Configures rule expression to match tethered or non-tethered flows.
Security Administrator, Administrator
tethering-detection [ application | dns-based | ip-ttl | os-ua ] { tether-flow } Specify flow options.
Must be one of the following:
flow-tethered: If tethering is detected on flow.
flow-not-tethered: If tethering is not detected on flow.
Use this command to define rule expressions to match tethered/non-tethered flows. Note that in order for the rule containing the tethering-detection configuration to get matched, at least one valid rule line has to be present in it.
tethering-detection flow-tethered Configures application-based tethering detection.
Security Administrator, Administrator
application Specify flow options.
Must be one of the following:
flow-tethered: If tethering is detected on flow.
flow-not-tethered: If tethering is not detected on flow.
Use this command to select flows that were tethered or non-tethered based on application-based detection solution.
Configures DNS query pattern based tethering detection.
Security Administrator, Administrator
dns-based Specify flow options.
Must be one of the following:
flow-tethered: If tethering is detected on flow.
flow-not-tethered: If tethering is not detected on flow.
Use this command to select flows that were tethered or non-tethered based on DNS-based detection solution.
Configures IP-TTL based tethering detection.
Security Administrator, Administrator
ip-ttl Specify flow options.
Must be one of the following:
flow-tethered: If tethering is detected on flow.
flow-not-tethered: If tethering is not detected on flow.
Use this command to select flows that were tethered or non-tethered as per IP-TTL values.
Configures OS-UA based tethering detection.
Security Administrator, Administrator
os-ua Specify flow options.
Must be one of the following:
flow-tethered: If tethering is detected on flow.
flow-not-tethered: If tethering is not detected on flow.
Use this command to select flows that were tethered or non-tethered as per OS-UA lookups.
Configures rule expression to match all UDP packets.
Security Administrator, Administrator
udp any-match operator condition Use this command to define rule expressions to match all UDP packets.
udp any-match = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures either-port.
Security Administrator, Administrator
either-port Use this command to configure either-port.
With port map range.
Security Administrator, Administrator
with-portMap-range operator port-map port_map_name Specify how to match.
Must be one of the following:
range: In the range of.
!range: Not in the range of.
Specify the port map name.
Must be a string.
Use this command to configure with port map range.
Configures operator start to-node end.
Security Administrator, Administrator
with-range operator start start_range to-node end end_range Specify how to match.
Must be one of the following:
range: In the range of.
!range: Not in the range of.
Specify the start range.
Must be an integer in the range of 1-65535.
Specify the to node.
Must be one of the following:
to
Specify the end range.
Must be an integer in the range of 1-65535.
Use this command to configure operator start to-node end.
Configures without-range.
Security Administrator, Administrator
without-range operator port port_range Specify how to match.
Must be one of the following:
=: Equals.
<=: Lesser than or equal to.
!=: Does not equal.
>=: Greater than or equal to.
Specify the port range.
Must be an integer in the range of 1-65535.
Use this command to configure without-range.
Configures rule expression to match all Wireless Session Protocol (WSP) packets.
Security Administrator, Administrator
wsp any-match operator condition Use this command to specify a rule expression to match all WSP packets.
wsp any-match = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures rule expression to match all Wireless Transaction Protocol (WTP) packets.
Security Administrator, Administrator
wtp any-match operator condition Use this command to define rule expressions to match all WTP packets.
wtp any-match = TRUE Configures any-match.
Security Administrator, Administrator
wsp any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Use this command to configure any match.
Configures rule expression to match URL for any Web protocol analyzer HTTP, WAP1.X, WAP2.0.
Security Administrator, Administrator
www url [ case-sensitive ] operator url Use this command to define rule expressions to match the URL for any Web protocol analyzer HTTP, WAP1.X, WAP2.0.
www url = www.abc.com Configures rule expression to match all WWW packets. It is true for HTTP, WAP1.x, and WAP2.0 protocols.
Security Administrator, Administrator
www any-match operator condition Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
Specify the condition to match.
Must be one of the following:
TRUE
FALSE
Use this command to define rule expressions to match all WWW packets. This expression is true for HTTP, WAP1.x, and WAP2.0 protocols
www any-match = TRUE Configures rule expression to match the "host name" header field present in HTTP/WSP headers.
Security Administrator, Administrator
www host [ case-sensitive ] operator host_name Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the WWW host name to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to define rule expressions to match the host name header field present in HTTP/WSP headers.
www host = host1 Configures rule expressions to match URL.
Security Administrator, Administrator
url Specify how to match.
Must be one of the following:
!=: Does not equal.
!contains: Does not contain.
!ends-with: Does not end with.
!starts-with: Does not start with.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
regex: Regular expression.
Specify the URL to match.
Must be a string.
Specify that the rule expression be case-sensitive. By default, rule expressions are not case-sensitive.
Use this command to configure the rule expressions to match URLs.
Service scheme configuration, enable association of service-scheme based on triggers.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Service Scheme Configuration
service-scheme service_scheme_format_name Specify the service scheme format name.
Must be a string.
Service scheme configuration, enable association of service-scheme based on triggers.
Trigger at which service-scheme need to be updated.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Service Scheme Configuration
trigger attribute Specify the attribute.
Must be one of the following:
sess-setup
nsh-response-received
monitor-bearer-bandwidth
loc-update
flow-create
bearer-creation
Trigger at which service-scheme need to be updated.
Configures priority to the triggers in service-scheme. This priority must be unique within a trigger.
Security Administrator, Administrator
priority priority Specify the priority.
Must be an integer in the range of 1-127.
Use this command to assign priority to the triggers in service-scheme. This priority must be unique within a trigger.
Assign trigger condition definition.
Security Administrator, Administrator
trigger-condition Specify the trigger condition name.
Must be a string.
Specify the trigger action.
Must be a string.
Use this command to assign trigger condition definition.
Configures ruledef statistics collection.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
statistics-collection Specify to configure all stats.
Use this command to configure the ruledef statistics collection.
Configures ruledef stats collection.
Security Administrator, Administrator
ruledef ruledef-option ruledef_option Specify the ruledef option.
Must be one of the following:
all
charging
firewall
post-processing
Use this command to configure ruledef stats collection.
Configures ACS Subscriber Class configuration.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
subs-class subscriber_class_format_name Specify the subscriber class format name.
Must be a string.
Use this command to configure ACS Subscriber Class configuration.
Configures to check if the OR operator must be applied to all lines in a trigger-condition.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Subs-Class Configuration
multi-line-or all-lines Applies the OR operator to all lines in the current ruledef.
Use this command to check if the OR operator must be applied to all lines in a trigger-condition.
Configures rulebase name as a condition.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Subs-Class Configuration
rulebase operator value Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the value.
Must be a string.
Configures rulebase name as a condition.
Configures ACS subscriber base configuration.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
subscriber-base subscriber_base_name Specify thesubscriber base name.
Must be a string.
Use this command to configure ACS subscriber base configuration.
You can configure a maximum of one element with this command.
Assigns priority to the service-scheme association. This priority has to be unique within a subscriber-base.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Subscriber Base Configuration
priority priority Specify the priority to the service-scheme association.
Must be an integer in the range of 1-127.
Use this command to assign a priority to the service-scheme association. This priority must be unique within a subscriber-base.
Assigns subs-class definition to a subscriber base.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Subscriber Base Configuration
priority priority subs-class subs_class_name bind service-scheme service_scheme_name Specify the subs-class name.
Must be a string.
Specify the association of service scheme with subs-class.
Specify the service scheme definition.
Must be a string.
Use this command to assign subs-class definition to a subscriber base.
Configures tethering detection databases.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
tethering-database ipv6-os-signature file_name Specify the IPv6 OS signature database file name.
Must be a string.
Specify the IPv4 OS signature database file name.
Must be a string.
Specify the TAC database file name.
Must be a string.
Specify the ua-signature database file name.
Must be a string.
Use this command to configure the tethering detection databases.
Enables TAC-db lookup for tethering detection.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
tethering-detection tac-db Specify TAC-db lookup for tethering detection.
Use this command to enable TAC-db lookup for tethering detection.
Configures bypass tethering detection.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
bypass interface-id interface_id Specify the 64-bit interface ID from IPv6 address.
Must be a string in the pattern ([0-9a-fA-F]{2}[-]){7}([0-9a-fA-F]{2}).
Use this command to configure bypass tethering detection.
Configures the NAT64 IPv6 address for DNS-based lookup for tethering detection.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
nat64 ipv6-network-prefix ipv6_address_with_mask Specify the IPv6 address with mask.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
Use this command to configure the NAT64 IPv6 address for DNS-based lookup for tethering detectionNAT64 IPv6 address.
Configures Active Charging Service (ACS) trigger actions.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
trigger-action trigger_action_name Specify the active-charging trigger action name.
Must be a string.
Activates predefined rule or group of rules for a trigger action. When this CLI command is configured, the dedicated bearer is created by service flow at a specific location.
Must be a string.
Enables suppressing throttling when the subscriber is in a particular LAC or TAC location. Use this command to perform throttle suppression to provide unlimited bandwidth based on the subscriber location.
Associates a service chain to a trigger action.
Must be a string.
Use this command to configure ACS trigger actions.
Configures the delay charging request to response.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
charge-request-to-response http all Specify delay enagagement of TRM till HTTP method responses.
Use this command to delay charging until HTTP response for the configured HTTP request method(s).
charge-request-to-response http all Allows you to step down the initial configured value of committed data rate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Action Configuration
step-down committed-data-rate negotiated_value Defines the committed data rate.
Must be an integer in the range of 1-100.
Use this command to step down the initial configured value of committed data rate.
step-down committed-data-rate 30 Enables step up the initial configured value of committed data rate.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Action Configuration
step-up committed-data-rate negotiated_value Specify the committed data rate.
Must be an integer in the range of 1-100.
Use this command to step up the initial configured value of committed data rate.
step-up committed-data-rate 20 Specify HTTP protocol.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Action Configuration
http Specify to delay enagagement of TRM till HTTP method responses.
This command allows you to delay engagement of TRM till the specified HTTP response method(s) for the flow received.
transactional-rule-matching response http all Configures trigger-condition parameters.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration
trigger-condition trigger_condition_name Specify the trigger condition name.
Must be a string.
Use this command to configure trigger-condition parameters.
Applicable for all.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
any-match operator condition Specify how to match.
Must be one of the following:
=: Equals.
!=: Does not equal.
Specify the condition.
Must be one of the following:
TRUE
FALSE
Applicable for all.
Configures the ommitted data rate of a bearer.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
committed-data-rate [ lower-threshold lower_threshold | upper-threshold upper_threshold ] Specify the lower threshold as a percentage of the current negotiated value.
Must be an integer in the range of 1-100.
Specify the upper threshold as a percentage of the current negotiated value.
Must be an integer in the range of 1-100.
Use this command to configure the committed data rate of a bearer.
Configures content-type value to be matched.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
content-type operator content_type Specify how to match.
Must be one of the following:
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the content type.
Must be a string.
Use this command to configure the content-type value to be matched.
Configures delay action for configured period of time.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
delay operator delay_duration Specify how to match.
Must be one of the following:
=: Equals.
Specify the delay in seconds.
Must be an integer in the range of 1-600.
Use this command to configure the delay action for configured period of time.
Configures flow length threshold condition.
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
Security Administrator, Administrator
flow-length exceed Specify flow length threshold exceeded.
Use this command to configure the flow length threshold condition.
Configures protocol being transported by IP packet.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
protocol operator protocol Specify how to match.
Must be one of the following:
=: Equals.
Specify the protocol.
Must be one of the following:
tcp
udp
Use this command to configure protocol being transported by IP packet.
Configures the local policy rule name.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
local-policy-rule Specify how to match.
Must be one of the following:
=: Equals.
Specify the policy rule name.
Must be a string.
Use this command to configure the local policy rule name.
Whether to apply the OR operator to all lines in a ruledef.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
multi-line-or Specify to apply the OR operator to all lines in a ruledef.
Use this command to configure whether to apply the OR operator to all lines in a ruledef.
Will be applicable for a particular post-processing rule.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
post-processing-rule-name operator rule_name Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the rule name to match.
Must be a string.
Will be applicable for a particular post-processing rule.
Configures QCI value.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
qci operator qci Specify how to match.
Must be one of the following:
=: Equals.
Specify the QCI to match.
Must be an integer in the range of 1-254.
to
Must be a string.
Use this command to specfiy the QCI to match.
Will be applicable for a particular rule/GoR.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
rule-name operator rule_name Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the rule name.
Must be a string.
Will be applicable for a particular rule/GoR.
Configures TDF App ID value to be matched.
Security Administrator, Administrator
Exec > Global Configuration > ACS Configuration > Trigger Condition Configuration
tdf-appid operator tdf_appid Specify how to match.
Must be one of the following:
!=: Does not equal.
=: Equals.
contains: Contains.
ends-with: Ends with.
starts-with: Starts with.
Specify the TDF App ID to match.
Must be a string.
Use this command to specify the TDF App ID value to match.
Enable URL Blacklisting functionality.
Security Administrator, Administrator
url-blacklisting Specify the match method to look up for URLs in the URL Blacklisting database.
Must be one of the following:
exact
generic
Default Value: exact.
Use this command to enable URL Blacklisting functionality.
Configures ACS URR list configuration.
Security Administrator, Administrator
urr-list urr_list_name Specify the URR list name.
Must be a string.
Use this command to configure the ACS URR list configuration. Enters ACS URR List Configuration mode. This mode allows mapping of URR-ID with Rating Group and Service-ID
You can configure a maximum of one element with this command.
Configures URR list data.
Security Administrator, Administrator
urr-list-data Specify the rating ID used in prepaid charging.
Must be an integer in the range of 0-2147483647.
Specify the URR identifier for rating/service group.
Must be an integer in the range of 1-8388607.
Use this command to configure the URR list data.
Configures the service identifier.
Security Administrator, Administrator
service-identifier service_id Specify the service ID.
Must be an integer in the range of 0-2147483647.
Specify the URR identifier for rating/service group.
Must be an integer in the range of 1-8388607.
Use this command to configure the servoce identifier.
Enables ACS x-header Format Configuration Mode. This mode is used to create and configure extension-header (x-header) formats.
Security Administrator, Administrator
xheader-format xheader_format_name Specify the Xheader format name.
Must be a string.
Use this command to create/configure/delete an x-header format specification in the active charging service. Each x-header format must have a unique name.
xheader-format test This command inserts xheader field.
Security Administrator, Administrator
insert xheader_field_name Specify the Xheader field name.
Must be a string.
Specify the constant string value of xheader field to be inserted.
Must be a string.
Enables detection of spoofing in xheader fields, valid for Request packet.
Use this command to configure the x-header fields to be inserted in HTTP/WSP GET and POST request packets. The x-headers would be inserted at the end of the HTTP/WSP header. This CLI command may be used up to 10 times. There is no control over the order of the fields that are to be inserted. Any of the indicated ruledef variables may be inserted using the variable option, or a static string may be inserted using the string-constant option. Operators may insert x-headers in some HTTP/WSP packets, for which some rules will be configured. The charging-action associated with these rules will contain the list of x-headers to be inserted in the packets.
You can configure a maximum of 10 elements with this command.
insert test12 string-constant testing Configures name of the x-header field whose value must be inserted in the packets.
Security Administrator, Administrator
variable Use this command to specify name of the x-header field whose value must be inserted in the packets.
Configures bearer-related configuration.
Security Administrator, Administrator
bearer Use this command to configure bearer-related configuration.
GGSN IP address.
Security Administrator, Administrator
ggsn-address Use this command to configure the GGSN IP address field.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the Mobile Station ID.
Security Administrator, Administrator
imsi Use this command to specify the Mobile Station ID.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
MSISDN of the mobile handling the flow without the country code.
Security Administrator, Administrator
msisdn-no-cc Use this command to configure the MSISDN of the mobile handling the flow without the country code.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Calling Station ID of the mobile handling the flow. Use this for MSISDN of the mobile handling the flow with the country code.
Security Administrator, Administrator
radius-calling-station-id Use this command to specify the Calling Station ID of the mobile handling the flow.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the SGSN associated with the bearer flow. This field is deprecated from under bearer sgsn-address and has been moved within bearer three-gpp sgsn-address. The SGSN address as added via bearer three-gpp sgsn-address.
Security Administrator, Administrator
sgsn-address Use this command to specify the SGSN associated with the bearer flow.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the ACS rulebase.
Security Administrator, Administrator
sn-rulebase Use this command to specify the ACS rulebase name.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the subscriber IP address.
Security Administrator, Administrator
subscriber-ip-address Use this command to specify the subscriber IP address.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the 3GPP service to be configured.
Security Administrator, Administrator
three-gpp Use this command to specify the 3GPP service to be configured.
Specify charging ID of the bearer flow.
Security Administrator, Administrator
charging-id Use this command to configure the charging ID of the bearer flow.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify IMEI or IMEISV (depending on the case) associated with the bearer flow.
Security Administrator, Administrator
imei Use this command to specify the IMEI or IMEISV (depending on the case) associated with the bearer flow.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the Mobile Station Identification number.
Security Administrator, Administrator
imsi Use this command to specify the Mobile Station Identification number.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Specify the 3GPP serving node MCC + MNC associated with the bearer.
Security Administrator, Administrator
s-mcc-mnc Use this command to specify the 3GPP serving node MCC + MNC associated with the bearer.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
SGSN associated with the bearer flow.
Security Administrator, Administrator
sgsn-address Use this command to specify the SGSN associated with the bearer flow.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
3GPP User Location Info (ULI) associated with the bearer.
Security Administrator, Administrator
uli Use this command to specify the 3GPP ULI associated with the bearer.
Configures encryption of x-header field.
Security Administrator, Administrator
encrypt Use this command to configure encryption of x-header field. This option must only be configured when x-header encryption is enabled.
Configures the length of msisdn-no-cc.
Security Administrator, Administrator
msisdn-no-cc-length msisdn_no_cc_length Specify the msisdn-no-cc length.
Must be an integer in the range of 1-14.
Use this command to configure the length of msisdn-no-cc.
Configures Access Point Name (APN) templates.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
apn apn_name Specify the APN name.
Must be a string.
Use this command to create and configure an APN.
apn isp1 Enables a configured ACS rulebase.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
active-charging rulebase rulebase_name Specify the rulebase name.
Must be a string.
Use this command to enable a configured ACS rulebase.
Configures s6b authentication.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
authorize-with-hss [ report-ipv6 ipv6_address ] Use this command to configure s6b authentication. Enables IPv6 reporting through AAR towards s6b interface.
Enables s6b authorization for all the interfaces of EGTP along with GN-GP Handover except 3G initial attach.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration > Redundancy Group Configuration
authorize-with-hss egtp [ report-ipv6 ] Use this command to enable s6b authorization for all the interfaces of EGTP along with GN-GP Handover except 3G initial attach.
Enables s6b authorization for 3G initial attach and GNGP handover.
Security Administrator, Administrator
gn-gp-enabled report-ipv6 ipv6_address Use this command to enable s6b authorization for 3G initial attach and GNGP handover.
Enables s6b authorization for egtp-s2b.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
authorize-with-hss egtp s2b report-ipv6-addr Use this command to enable s6b authorization for egtp-s2b.
Enables s6b authorization for 3G initial attach and GNGP handover.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
gn-gp-enabled report-ipv6 ipv6_address Use this command to enable s6b authorization for 3G initial attach and GNGP handover.
Enables s6b authorization for egtp-s5s8.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
authorize-with-hss egtp s2b s5-s8 [ gn_gp_option | report-ipv6-addr ] Use this command to enable s6b authorization for egtp-s5s8.
Enables s6b authorization for egtp-s5s8.
Security Administrator, Administrator
s5-s8 Use this command to enable s6b authorization for egtp-s5s8.
Enables s6b authorization for egtp-s2b.
Exec > Global Configuration > Context Configuration
Security Administrator, Administrator
s2b Use this command to enable s6b authorization for egtp-s2b.
Enables IPv6 reporting through AAR towards s6b.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
lma [ report-ipv6 ipv6_address | s6b-aaa-group group_name ] Specify the AAA group name for s6b authorization.
Must be a string.
Use this command to enable IPv6 reporting through AAR towards s6b.
Configures the subscriber charging characteristics profile parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
cc-profile index { credit-control-group cc_group_name | prepaid-prohibited } Specify the charging characterstics profile index.
Must be an integer.
-Or-Must be one of the following:
any
Specify the credit control group name.
Must be a string.
Specify to disable prepaid for the configured profile index.
Use this command to configure the subscriber charging characteristics profile parameters.
Configures Content Filtering category.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
category policy-id policy_id Specify the Content Filtering policy ID.
Must be an integer in the range of 1-4294967295.
Use this command to configure Content Filtering category.
Configures the data tunnel MTU parameter.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
data-tunnel mtu max_transmission_unit Specify the data tunnel MTU value, in octets.
Must be an integer.
Use this command to configure the data tunnel MTU parameter.
Enables and configures the GTPP group to be used by this APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
gtpp group gtpp_group_name Specify the GTPP group name.
Must be a string.
Use this command to enable and configure the GTPP group to be used by this APN.
Configures IP-related parameters.
Security Administrator, Administrator
ip context-name context_name Specify name of the destination context to use for subscribers accessing this APN.
Must be a string.
Use this command to configure IP-related parameters.
Configures the access group to be used by this APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
ip access-group access_group_name [ in | out ] Specify the access group name.
Must be a string.
Specify the access group as inbound.
Specify the access group as outbound.
Use this command to specify the access group to be used by this APN.
You can configure a maximum of eight elements with this command.
Enables packet source validation.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
source-violation [ ignore ] Specify to disable source address checking for this APN.
Use this command to enable packet source validation.
Configures PPP parameters for specified APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
ppp mtu max_transmission_unit Specify the maximum transmission unit. Default: 1500.
Must be an integer.
Use this command to configure the PPP parameters for specified APN.
Configures redundancy group parameters.
Security Administrator, Administrator
redundancy-group group_name Specify the redundancy group name.
Must be a string.
Use this command to configure the redundancy group parameters.
Enables a configured ACS rulebase.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
active-charging rulebase rulebase_name Specify the rulebase name.
Must be a string.
Use this command to enable a configured ACS rulebase.
Configures s6b authentication.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
authorize-with-hss [ report-ipv6 ipv6_address ] Use this command to configure s6b authentication. Enables IPv6 reporting through AAR towards s6b interface.
Enables s6b authorization for all the interfaces of EGTP along with GN-GP Handover except 3G initial attach.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration > Redundancy Group Configuration
authorize-with-hss egtp [ report-ipv6 ] Use this command to enable s6b authorization for all the interfaces of EGTP along with GN-GP Handover except 3G initial attach.
Enables s6b authorization for 3G initial attach and GNGP handover.
Security Administrator, Administrator
gn-gp-enabled report-ipv6 ipv6_address Use this command to enable s6b authorization for 3G initial attach and GNGP handover.
Enables s6b authorization for egtp-s2b.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
authorize-with-hss egtp s2b report-ipv6-addr Use this command to enable s6b authorization for egtp-s2b.
Enables s6b authorization for 3G initial attach and GNGP handover.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
gn-gp-enabled report-ipv6 ipv6_address Use this command to enable s6b authorization for 3G initial attach and GNGP handover.
Enables s6b authorization for egtp-s5s8.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
authorize-with-hss egtp s2b s5-s8 [ gn_gp_option | report-ipv6-addr ] Use this command to enable s6b authorization for egtp-s5s8.
Enables s6b authorization for egtp-s5s8.
Security Administrator, Administrator
s5-s8 Use this command to enable s6b authorization for egtp-s5s8.
Enables s6b authorization for egtp-s2b.
Exec > Global Configuration > Context Configuration
Security Administrator, Administrator
s2b Use this command to enable s6b authorization for egtp-s2b.
Enables IPv6 reporting through AAR towards s6b.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
lma [ report-ipv6 ipv6_address | s6b-aaa-group group_name ] Specify the AAA group name for s6b authorization.
Must be a string.
Use this command to enable IPv6 reporting through AAR towards s6b.
Configures the subscriber charging characteristics profile parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
cc-profile index { credit-control-group cc_group_name | prepaid-prohibited } Specify the charging characterstics profile index.
Must be an integer.
-Or-Must be one of the following:
any
Specify the credit control group name.
Must be a string.
Specify to disable prepaid for the configured profile index.
Use this command to configure the subscriber charging characteristics profile parameters.
Configures Content Filtering category.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
category policy-id policy_id Specify the Content Filtering policy ID.
Must be an integer in the range of 1-4294967295.
Use this command to configure Content Filtering category.
Configures the data tunnel MTU parameter.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
data-tunnel mtu max_transmission_unit Specify the data tunnel MTU value, in octets.
Must be an integer.
Use this command to configure the data tunnel MTU parameter.
Enables and configures the GTPP group to be used by this APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
gtpp group gtpp_group_name Specify the GTPP group name.
Must be a string.
Use this command to enable and configure the GTPP group to be used by this APN.
Configures IP-related parameters.
Security Administrator, Administrator
ip context-name context_name Specify name of the destination context to use for subscribers accessing this APN.
Must be a string.
Use this command to configure IP-related parameters.
Configures the access group to be used by this APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
ip access-group access_group_name [ in | out ] Specify the access group name.
Must be a string.
Specify the access group as inbound.
Specify the access group as outbound.
Use this command to specify the access group to be used by this APN.
You can configure a maximum of eight elements with this command.
Enables packet source validation.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
source-violation [ ignore ] Specify to disable source address checking for this APN.
Use this command to enable packet source validation.
Configures PPP parameters for specified APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > APN Configuration
ppp mtu max_transmission_unit Specify the maximum transmission unit. Default: 1500.
Must be an integer.
Use this command to configure the PPP parameters for specified APN.
Configures session timeout parameters for the current APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
timeout idle idle_timeout Specify the session idle timeout period for the current APN.
Must be an integer in the range of 0-4294967295.
Use this command to configure the session timeout parameters for the current APN.
Configures session timeout parameters for the current APN.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
timeout idle idle_timeout Specify the session idle timeout period for the current APN.
Must be an integer in the range of 0-4294967295.
Use this command to configure the session timeout parameters for the current APN.
Clears all subscriber data.
Security Administrator, Administrator
Exec
clear subscriber all [ purge { false | true } ] Specify whether to purge data locally.
Must be either "false" or "true".
Default Value: false.
Use this command to clear all subscriber data.
Enable or disable code coverage utilities.
Security Administrator, Administrator
Exec
coverage container-stop string Specify to enable or disable code coverage utilities.
Must be a string.
Default Value: "false".
Use this command to enable or disable code coverage utilities.
Enables GTP-C path management.
Security Administrator, Administrator
Exec > Global Configuration
echo Specify the echo interval in seconds.
Must be an integer in the range of 60-360.
Default Value: 60.
Specify the retransmission timeout period in seconds.
Must be an integer in the range of 1-20.
Default Value: 5.
Specify the maximum number of retires for GTP echo request.
Must be an integer in the range of 0-10.
Default Value: 3.
Use this command to enable GTP-C path management.
Configures GTPP group related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration
gtpp gtpp_group_name Specify the GTPP group name.
Must be a string.
Use this command to configure GTPP group related parameters.
Disables GTPP trigger conditions that cause either partial CDR record closure or opening of a new CDR record container. GTPP Triggers are specified in 3GPP TS 32.251 v6.6.0. All GTPP trigger changes take effect immediately, except volume-limit.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp trigger { time-limit | volume-limit } Use this command to disable or enable GTTP triggers that can cause partial CDR record closure or cause a new CDR to be created.
gtpp trigger time-limit Configures the eG-CDR and P-CDR (P-GW CDR) parameters and triggers.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr { service-data-flow threshold { interval duration | volume { downlink bytes | uplink bytes | total bytes } } | service-idle-timeout { 0 | service_idle_timeout } } Use this command to configure individual triggers for eG-CDR/P-CDR generation. Use the service-data-flow threshold option to configure the thresholds for closing a service data flow container within an eG-CDR (eG-CDRs for GGSN and P-CDRs for P-GW) during flow-based charging (FBC). A service data flow container has statistics regarding an individual content ID.
Configures closing cause for final EGCDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr final-record closing-cause { same-in-all-partials | unique } Specify unique closing cause for final EGCDR.
Specify same closing cause for multiple final EGCDR(s).
Use this command to configure closing cause for final EGCDR.
Configures maximum number of LoSDV containers in one EGCDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
losdv-max-containers max_containers Specify the number of LOSDV containers.
Must be an integer in the range of 1-255.
Use this command to configure the maximum number of LoSDV containers in one EGCDR.
Configures service data flow related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
threshold interval duration Specify the time interval, in seconds, to close the eG-CDR/P-CDR if the minimum time duration thresholds for service data flow containers satisfied in flow-based charging. By default, this option is disabled.
Must be an integer in the range of 60-40000000.
Use this command to assign volume or interval values to the interim GCDRs.
Configures the uplink/downlink volume octet counts for the generation of interim GCDRs.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
volume { downlink bytes | uplink bytes | total bytes } Specify the limit for the number of downlink octets after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the number of uplink octets after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the total number of octets (uplink+downlink) after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Use this command to configure the uplink/downlink volume octet counts for the generation of interim GCDRs.
Enables configuration for service idle out closure of LOSDV container.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr service-idle-timeout { zero | service_idle_timeout } Specify time limit in seconds for service-idle-timeout.
Must be an integer in the range of 10-86400.
Specify no service-idle-timeout trigger.
Must be one of the following:
0
Use this command to enable configuration for service idle out closure.
Configures IP address of the external GTPP storage server for storing CDRs.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp storage-server { { ipv4_address | ipv6_address } | port port_number } Specify the IP address.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
-Or-Must be an IP address.
Specify the UDP port number that the GTPP Backup server is using.
Must be an integer in the range of 1-65535.
Use this command to configure the IP address of the external GTPP storage server for storing CDRs.
Configures storage-server local-mode configuration.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
local aaamgr-wait-time aaamgr_wait_time Specify the time in seconds that AAAmgr has to wait trying to accumlate 255 CDRs.
Must be an integer in the range of 1-300.
Default Value: 300.
Use this command to configure the storage-server local-mode configuration.
Configures GTPP file related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
file compression { file_compression | format file_format } Specify the GTPP file compression related configurations. By default, GZIP file compression is disabled.
Must be one of the following:
gzip
none
Default Value: "none".
Specify the file format to be used for local storage.
Must be one of the following:
custom1
custom2
custom3
custom4
custom5
custom6
custom7
custom8
Default Value: "custom1".
Use this command to configure the GTPP file related parameters.
Configures file name related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
name { format file_name_format | prefix file_name_prefix } Specify the file name format to be used.
Must be a string.
Specify the file name prefix to be used.
Must be a string.
Use this command to configure the file name related parameters.
Configures triggers for CDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
trigger { time-limit | volume-limit } When this trigger is disabled, no partial record closure occurs when the configured time limit is reached. Default: Enabled.
When this trigger is disabled no partial record closure occurs when volume limit is reached. Default: Enabled.
Use this command to configure triggers for CDR.
Enables or disables and configures eGCDR-related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
egcdr max-losdv Enable trigger for eGCDR release at MAX LoSDV containers.
Use this command to enable or disable and configure eGCDR-related parameters.
Configures redundancy group parameters.
Security Administrator, Administrator
Exec > Global Configuration
redundancy-group group_name Specify the redundancy group name.
Must be a string.
Use this command to configure the redundancy group parameters.
Configures redundancy group host parameters.
Security Administrator, Administrator
Exec > Global Configuration
host host_name Specify the host name.
Must be a string.
Use this command to configure the redundancy group host parameters.
Disables GTPP trigger conditions that cause either partial CDR record closure or opening of a new CDR record container. GTPP Triggers are specified in 3GPP TS 32.251 v6.6.0. All GTPP trigger changes take effect immediately, except volume-limit.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp trigger { time-limit | volume-limit } Use this command to disable or enable GTTP triggers that can cause partial CDR record closure or cause a new CDR to be created.
gtpp trigger time-limit Configures the eG-CDR and P-CDR (P-GW CDR) parameters and triggers.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr { service-data-flow threshold { interval duration | volume { downlink bytes | uplink bytes | total bytes } } | service-idle-timeout { 0 | service_idle_timeout } } Use this command to configure individual triggers for eG-CDR/P-CDR generation. Use the service-data-flow threshold option to configure the thresholds for closing a service data flow container within an eG-CDR (eG-CDRs for GGSN and P-CDRs for P-GW) during flow-based charging (FBC). A service data flow container has statistics regarding an individual content ID.
Configures closing cause for final EGCDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr final-record closing-cause { same-in-all-partials | unique } Specify unique closing cause for final EGCDR.
Specify same closing cause for multiple final EGCDR(s).
Use this command to configure closing cause for final EGCDR.
Configures maximum number of LoSDV containers in one EGCDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
losdv-max-containers max_containers Specify the number of LOSDV containers.
Must be an integer in the range of 1-255.
Use this command to configure the maximum number of LoSDV containers in one EGCDR.
Configures service data flow related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
threshold interval duration Specify the time interval, in seconds, to close the eG-CDR/P-CDR if the minimum time duration thresholds for service data flow containers satisfied in flow-based charging. By default, this option is disabled.
Must be an integer in the range of 60-40000000.
Use this command to assign volume or interval values to the interim GCDRs.
Configures the uplink/downlink volume octet counts for the generation of interim GCDRs.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
volume { downlink bytes | uplink bytes | total bytes } Specify the limit for the number of downlink octets after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the number of uplink octets after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Specify the limit for the total number of octets (uplink+downlink) after which the eG-CDR/P-CDR is closed.
Must be an integer in the range of 100000-4000000000.
Use this command to configure the uplink/downlink volume octet counts for the generation of interim GCDRs.
Enables configuration for service idle out closure of LOSDV container.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp egcdr service-idle-timeout { zero | service_idle_timeout } Specify time limit in seconds for service-idle-timeout.
Must be an integer in the range of 10-86400.
Specify no service-idle-timeout trigger.
Must be one of the following:
0
Use this command to enable configuration for service idle out closure.
Configures IP address of the external GTPP storage server for storing CDRs.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
gtpp storage-server { { ipv4_address | ipv6_address } | port port_number } Specify the IP address.
Must be IPv4 CIDR notation ##.##.##.##/x or in IPv6 CIDR notation ####:####:####:####:####:####:####:####/###.
-Or-Must be an IP address.
Specify the UDP port number that the GTPP Backup server is using.
Must be an integer in the range of 1-65535.
Use this command to configure the IP address of the external GTPP storage server for storing CDRs.
Configures storage-server local-mode configuration.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
local aaamgr-wait-time aaamgr_wait_time Specify the time in seconds that AAAmgr has to wait trying to accumlate 255 CDRs.
Must be an integer in the range of 1-300.
Default Value: 300.
Use this command to configure the storage-server local-mode configuration.
Configures GTPP file related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
file compression { file_compression | format file_format } Specify the GTPP file compression related configurations. By default, GZIP file compression is disabled.
Must be one of the following:
gzip
none
Default Value: "none".
Specify the file format to be used for local storage.
Must be one of the following:
custom1
custom2
custom3
custom4
custom5
custom6
custom7
custom8
Default Value: "custom1".
Use this command to configure the GTPP file related parameters.
Configures file name related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
name { format file_name_format | prefix file_name_prefix } Specify the file name format to be used.
Must be a string.
Specify the file name prefix to be used.
Must be a string.
Use this command to configure the file name related parameters.
Configures triggers for CDR.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
trigger { time-limit | volume-limit } When this trigger is disabled, no partial record closure occurs when the configured time limit is reached. Default: Enabled.
When this trigger is disabled no partial record closure occurs when volume limit is reached. Default: Enabled.
Use this command to configure triggers for CDR.
Enables or disables and configures eGCDR-related parameters.
Security Administrator, Administrator
Exec > Global Configuration > Context Configuration > GTPP Group Configuration
egcdr max-losdv Enable trigger for eGCDR release at MAX LoSDV containers.
Use this command to enable or disable and configure eGCDR-related parameters.
Enables PFCP path management.
Security Administrator, Administrator
Exec > Global Configuration
heartbeat { interval heartbeat_interval | retransmission-timeout retransmission_timeout } Specify the heartbeat interval in seconds.
Must be an integer in the range of 60-360.
Default Value: 60.
Specify the heartbeat retransmission timeout period in seconds.
Must be an integer in the range of 1-20.
Default Value: 5.
Specify the maximum number of retries for PFCP heartbeat request.
Must be an integer in the range of 0-10.
Default Value: 3.
Use this command to enable PFCP path management.
Clears IPAM operational data.
Security Administrator, Administrator
Exec > Global Configuration
clear ipam Use this command to clear IPAM operational data.
Configures NRF Client operational data.
Security Administrator, Administrator
Exec > Global Configuration
nrf Use this command to configure the NRF Client operational data.
Displays discovery information.
Security Administrator, Administrator
Exec > Global Configuration
show discovery-info Use this command to view discovery information.
Must be a string.
Displays NF discovery filter information.
Security Administrator, Administrator
Exec > Global Configuration
show discovery-filter Use this command to view NF discovery filter information.
Must be a string.
-Or-Must be a string.
Displays discovery profile information.
Security Administrator, Administrator
Exec > Global Configuration
show nf-discovery-profile Use this command to view NF discovery profile information.
Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be an integer.
-Or-Must be an integer.
-Or-Must be an integer.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be a string.
Displays NF service information.
Security Administrator, Administrator
Exec > Global Configuration
show nf-service Use this command to view NF service information.
Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be an integer.
-Or-Must be an integer.
-Or-Must be an integer.
-Or-Must be a string.
-Or-Must be a string.
Displays registration information.
Security Administrator, Administrator
Exec > Global Configuration
show registration-info Use this command to view registration information.
Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be an integer.
-Or-Must be a string.
-Or-Must be a string.
Displays NF subscription information.
Security Administrator, Administrator
Exec > Global Configuration
show subscription-info Use this command to view NF subscription information.
Must be a string.
-Or-Must be a string.
-Or-Must be a string.
-Or-Must be a string.
Configures the list of DNN profile names.
Administrator, Security Administrator
Exec > Global Configuration
nssai name name [ [ dnn profile_names_list ] [ sst slice/service_type ] [ sdt slice_differentiator_type> ] ] Specify the slice name.
Must be a string.
Specify the Slice/Service Type (SST).
Must be a 2-digit string in the pattern [0-9a-fA-F].
Specify the Slice Differentiator Type (SDT).
Must be a 6-digit string in the pattern [0-9a-fA-F].
Specify the list of actual DNN profile names configured.
Must be a string.
Use this command to configure the list of actual DNN profile names.
Configures the virtual DNN to operator DNN mapping.
Security Administrator, Administrator
dnn policy_name [ profile dnn_profile_name ] Specify the DNN name.
Must be a string.
Specify the DNN profile name.
Must be a string.
Use this command to configure the virtual DNN to operator DNN mapping.
Configures the virtual DNN to a network DNN.
Security Administrator, Administrator
dnn dnn_name [ profile dnn_profile_name ] Specify the DNN name.
Must be a string.
Specify the DNN profile name.
Must be a string.
Use this command to configure the virtual DNN to a network DNN.
Configures Network Capability Policy configuration.
Security Administrator, Administrator
Exec
network-capability policy_name [ nw-support-local-address-tft { false | true } ] Specify the network capability policy name.
Must be a string.
Enable or disable network support for local address in TFT.
Must be either "false" or "true".
Default Value: false.
Use this command to configure Network Capability Policy configuration.
Configures the operator policy configuration.
Security Administrator, Administrator
operator policy_name Specify the operator policy name.
Must be a string.
Use this command to configure the operator policy specific configuration.
Configures DNN policy parameters.
Security Administrator, Administrator
policy dnn dnn_policy_name [ network-capability network_capability ] Specify the DNN policy name.
Must be a string.
Specify the network capability.
Must be a string.
Use this command to configure DNN policy parameters.
Configures subscriber parameters.
Security Administrator, Administrator
subscriber policy_name Specify the subscriber policy name.
Must be a string.
Use this command to configure subscriber parameters.
Configures operator policy selection match criteria definition.
Security Administrator, Administrator
precedence precedence_number [ sst slice/service_type | sdt slice_differentiator_type | supi-start-range supi_start_range | supi-stop-range supi_stop_range | gpsi-start-range gpsi_start_range | gpsi-stop-range gpsi_stop_range | pei-start-range pei_start_range | pei-stop-range pei_stop_range | operator-policy operator_policy_name ] Specify the precedence for entry.
Must be an integer in the range of 1-512.
Specify the Slice/Service Type (SST).
Must be a 2-digit string in the pattern [0-9a-fA-F].
Specify the Slice Differentiator Type (SDT).
Must be a 6-digit string in the pattern [0-9a-fA-F].
Specify the SUPI start range. The supi-stop-range value must be greater than the supi-start-range value.
Must be an integer in the range of 100000000000000-999999999999999.
Specify the SUPI stop range. The supi-stop-range value must be greater than the supi-start-range value.
Must be an integer in the range of 100000000000000-999999999999999.
Specify the GPSI start range. The gpsi-stop-range value must be greater than the gpsi-start-range value.
Must be an integer in the range of 1000000000-9999999999.
Specify the GPSI stop range. The gpsi-stop-range value must be greater than the gpsi-start-range value.
Must be an integer in the range of 1000000000-9999999999.
Specify the PEI start range. The pei-stop-range value must be greater than pei-start-range.
Must be an integer in the range of 100000000000000-9999999999999999.
Specify the PEI stop range. The pei-stop-range value must be greater than pei-start-range.
Must be an integer in the range of 100000000000000-9999999999999999.
Specify the operator policy to be associated with the subscriber policy.
Must be a string.
Use this command to configure operator policy selection match criteria definition.
Configures serving PLMN parameters.
Security Administrator, Administrator
serving-plmn [ mcc mobile_country_code | mnc mobile_network_code | supi-start-range supi_start_range | supi-stop-range supi-stop-range | gpsi-start-range gpsi_start_range | gpsi-stop-range gpsi-stop-range | operator-policy operator_policy_name ] Specify the mobile country code (MCC) portion of the PLMN ID.
Must be a 3-digit integer.
Specify the mobile network code (MNC) portion of the PLMN ID.
Must be a 2- or 3-digit integer.
Use this command to configure serving PLMN parameters.
Configures the SMF NF profile that the configured Data Network Name (DNN) uses.
Security Administrator, Administrator
Exec > Global Configuration
profile dnn profile_name Use this command to configure the NF profile.
Configures the Access profile.
Security Administrator, Administrator
Exec > Global Configuration
access profile_name Specify the Access profile name.
Must be a string.
Use this command to configure the Access profile.
Configures Create Dedicated Bearer parameters.
Security Administrator, Administrator
Exec > Global Configuration > Access Profile Configuration
eps-fallback cbr delay delay_period max-retry max_retry timeout timeout_interval Specify the Create Dedicated Bearer delay time in milliseconds.
Must be an integer in the range of 0-10000.
Default Value: 0.
Specify the Create Dedicated Bearer maximum retry count.
Must be an integer in the range of 0-10.
Default Value: 0.
Specify the Create Dedicated Bearer Retry interval in seconds.
Must be an integer in the range of 1-3.
Default Value: 1.
Use this command to configure Create Dedicated Bearer parameters.
Configures handling EPS fallback expiry.
Security Administrator, Administrator
Exec > Global Configuration > Access Profile Configuration
eps-fallback guard timeout eps_fallback_timer Specify the EPS fallback guard timer in milliseconds.
Must be an integer in the range of 500-15000.
Default Value: 10000.
Use this command to configure handling EPS fallback expiry.
Configures the GTPC Failure profile.
Security Administrator, Administrator
Exec > Global Configuration
gtpc gtpc-failure-profile profile_name Specify the GTPC Failure profile name.
Use this command to configure the GTPC Failure profile.
Configures the n1 timer t3591 - PDU Session Modify Command Retransmission Timer.
Security Administrator, Administrator
Exec > Global Configuration
t3591-pdu-mod-cmd { timeout timeout_period | max-retry max_retries } Specify the PDU Modify Command timer in seconds.
Must be an integer in the range of 1-16.
Default Value: 4.
Specify the PDU Modify Command maximum retry count.
Must be an integer in the range of 0-10.
Default Value: 4.
Use this command to configure the n1 timer t3591 - PDU Session Modify Command Retransmission Timer.
Configures the n1 timer t3592 - PDU Sess Rel Command retransmission timer for cause 39 - retransmission required.
Security Administrator, Administrator
Exec > Global Configuration
t3592-pdu-rel-cmd { timeout timeout | max-retry max_retry } Specify the PDU Release Command timer in seconds for cause 39.
Must be an integer in the range of 1-16.
Default Value: 4.
Specify the PDU Release Command Max Retry Count.
Must be an integer in the range of 0-10.
Default Value: 4.
Use this command to configure the n1 timer t3592 - PDU Sess Rel Command retransmission timer for cause 39 - retransmission required.
Configures n2 indirect forwarding tunnel support.
Security Administrator, Administrator
Exec > Global Configuration
idft { enable | timeout idft_timeout } Specify to enable IDFT support.
Specify the IDFT timeout period in seconds.
Must be an integer in the range of 15-60.
Use this command to configure n2 indirect forwarding tunnel support.
Configures the N26 indirect forwarding tunnel support parameters.
Security Administrator, Administrator
Exec > Global Configuration > Access Profile Configuration
n26 idft enable timeout idft_timeout Specify to enable IDFT support.
Specify the IDFT timeout period in seconds.
Must be an integer in the range of 15-60.
Use this command to configure the N26 indirect forwarding tunnel support parameters.
Configures the charging profile.
Security Administrator, Administrator
Exec > Global Configuration
profile charging profile_name Specify the charging profile configuration.
Must be a string.
Specify the charging method. Default Value: none.
Must be one of the following:
online
offline
none
Specify the offline interim timer duration in seconds.
Must be an integer.
Default Value: 60.
Specify the maximum number of charging condition changes.
Must be an integer in the range of 0-500.
Default Value: 20.
Specify to enable or disable tight interworking mode for online/offline charging methods.
Must be either "false" or "true".
Default Value: false.
Specify the maximum number of deferred USU containers.
Must be an integer in the range of 1-200.
Default Value: 50.
Specify the parameters to be metered.
Must be one of the following:
duration
volume
duration-volume
Default Value: duration-volume.
Use this command to configure the charging profile.
Configures the duration and volume thresholds.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
limit { duration | volume } Specify the volume threshold for charging.
Must be an integer.
Specify the duration threshold for charging.
Must be an integer.
Use this command to configure the duration and volume thresholds.
Configures the rating group volume and duration thresholds.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
limit rating-group { duration duration_threshold | volume volume_threshold } Specify the volume threshold for charging.
Must be an integer.
Specify the duration threshold for charging.
Must be an integer.
Use this command to configure the rating group duration and volume thresholds.
Configures the charging quota parameters.
Security Administrator, Administrator
Exec > Global Configuration
quota request request_quota Specify the request quota from CHF.
Must be one of the following:
always
standard
Default Value: standard.
Use this command to configure the charging quota parameters.
Configures the list of triggers to be suppressed.
Security Administrator, Administrator
Exec > Global Configuration
suppress triggers triggers_to_suppress Specify the list of triggers to be suppressed.
Must be one of the following:
qht
Use this command to configure the list of triggers to be suppressed.
Configures the usage reporting level to be used if not sent by the PCF.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
reporting-level { online reporting_level | offline reporting_level } Specify the reporting level configuration for online.
Must be one of the following:
rating-group
service-id
Default Value: rating-group.
Specify the reporting level configuration for offline.
Must be one of the following:
rating-group
service-id
Default Value: rating-group.
Use this command to configure the usage reporting level to be used if not sent by the PCF.
Configures the Requested Service Unit time parameter.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
requested-service-unit time rsu_time Specify the Requested Service Unit time value in seconds.
Must be an integer in the range of 1-4000000000.
Use this command to configure the Requested Service Unit time parameter.
Configures the Requested Service Unit volume parameters.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
requested-service-unit volume { uplink uplink_volume | downlink downlink_volume | total total_volume } Specify the uplink volume in bytes.
Must be an integer in the range of 1-4000000000.
Specify the downlink volume in bytes.
Must be an integer in the range of 1-4000000000.
Specify the total volume in bytes.
Must be an integer in the range of 1-4000000000.
Use this command to configure the Requested Service Unit volume parameters.
Configures timestamps for tariff-time change.
Security Administrator, Administrator
Exec > Global Configuration
tariff-time-change hour hour minute minute Specify the minute timestamp for tariff-time change.
Must be an integer in the range of 0-59.
Specify the hour timestamp for tariff-time change.
Must be an integer in the range of 0-23.
Use this command to configure timestamps for tariff-time change.
Configures the list of triggers.
Security Administrator, Administrator
Exec > Global Configuration > Charging Profile Configuration
triggers session trigger Specify the list of session-level triggers.
Must be one of the following:
ambr-change
qos-change
serv-node-change
ue-pra-change
3gpp-ps-change
tarrif-time-change
max-number-of-changes-in-charging-conditions
user-loc-change
ue-time-change
plmn-change
rat-change
upf-add
upf-rem
Use this command to configure the list of triggers.
Configures the charging characteristics profile.
Security Administrator, Administrator
Exec > Global Configuration
charging-characteristics cc_profile_name [ charging-profile charging_profile_name ] Specify the charging characteristics profile name. For example, 1, 2, 3, 12, 14, till 16.
Must be an integer.
Specify the charging profile name.
Must be a string.
Use this command to configure the charging characteristics profile.
Configures the network elements profile list.
Security Administrator, Administrator
Exec > Global Configuration > Charging Characteristics Profile Configuration
network-element-profile-list chf charging_server Specify the list of charging servers.
Must be a string.
Use this command to configure the network elements profile list.
Configures 3GPP compliance configuration.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
compliance profile_name Specify the compliance profile name.
Must be a string.
Use this command to configure the 3GPP compliance configuration.
Configures the SMF service names. The service names are specified in 3GPPTS 29.510 V15.2.0, Section 6.1.6.3.11.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
service service_name Specify the service names.
Must be one of the following:
nsmf-pdusession
namf-comm
n1
n2
nudm-sdm
nudm-uecm
nnrf-disc
nnrf-nfm
npcf-smpolicycontrol
nchf-convergedcharging
threegpp23502
Use this command to configure the SMF service names.
Configures the 3GPP n1 specification version number.
Security Administrator, Administrator
Exec > Global Configuration
n1-version spec 3gpp_spec_version Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP n1 specification version number.
Must be one of the following:
15.2.0
15.4.0
Default Value: "15.2.0".
Use this command to configure the 3GPP n1 specification version number.
Configures the 3GPP n2 service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
n2-version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP n2 service specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.0.0".
Use this command to configure the 3GPP n2 service specification version number.
Configures the 3GPP namf-comm specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service namf-comm version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP namf-comm specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.0.0".
Use this command to configure the 3GPP namf-comm specification version number.
Configures the 3GPP nchf-convergedcharging service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service nchf-convergedcharging version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP nchf-convergedcharging service specification version number.
Must be one of the following:
15.0.0
15.1.0
15.2.1
15.3.0
Default Value: "15.0.0".
Use this command to configure the 3GPP nchf-convergedcharging service specification version number.
Configures the 3gpp nnrf-disc service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service nnrf-disc version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3gpp nnrf-disc service specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.2.0".
Use this command to configure the 3GPP nnrf-disc service specification version number.
Configures the 3GPP nnrf-nfm service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service nnrf-nfm version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP nnrf-nfm service specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.2.0".
Use this command to configure the 3GPP nnrf-nfm service specification version number.
Configures the 3GPP npcf-smpolicycontrol service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
version npcf-smpolicycontrol version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP npcf-smpolicycontrol service specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.2.0".
Use this command to configure the 3GPP npcf-smpolicycontrol service specification version number.
Configures the 3GPP nsmf-pdusession specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile configuration
service nsmf-version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP nsmf-pdusession specification version number.
Must be one of the following:
15.0.0
15.2.0
15.4.0
Default Value: "15.0.0".
Use this command to configure the 3GPP nsmf-pdusession specification version number.
Configures the 3GPP nudm-sdm service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service nudm-sdm version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP nudm-sdm service specification version number.
Must be one of the following:
15.1.0
15.2.1
15.4.0
Default Value: "15.2.1".
Use this command to configure the 3GPP nudm-sdm service specification version number.
Configures the 3GPP nudm-uecm service specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service nudm-uecm version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP nudm-uecm service specification version number.
Must be one of the following:
15.1.0
15.2.1
15.4.0
Default Value: "15.2.1".
Use this command to configure the 3GPP nudm-uecm service specification version number.
Configures the 3GPP 23.502 Stage-2 5GS specification version number.
Security Administrator, Administrator
Exec > Global Configuration > Compliance Profile Configuration
service threegpp23502 version { full full_version | spec 3gpp_spec_version | uri version_uri } Specify the version URI.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string in the pattern \d+.\d+.\d+^?(.alpha-\d+)?.
Specify the 3GPP 23.502 Stage-2 5GS specification version number.
Must be one of the following:
15.4.0
15.6.0
Default Value: "15.4.0".
Use this command to configure the 3GPP 23.502 Stage-2 5GS specification version number.
Configures DNN profile.
Security Administrator, Administrator
Exec > Global Configuration
profile dnn profile_name [ always-on { false | true } | charging-profile profile_name | dcnr { false | true } | pcscf-profile profile_name | ppd-profile profile_name | qos-profile qos_profile | userplane-inactivity-timer | virtual-mac mac_address | wps-profile profile_name ] Specify the DNN profile name.
Must be a string.
Specify the charging profile name.
Must be a string.
Specify the remote virtual MAC address used to generate interface ID for UE.
Must be a 17-digit string in the pattern [0-9a-fA-F:-].
Default Value: "00:14:22:01:23:45".
Specify the P-CSCF profile association.
Must be a string.
Specify the Paging-Policy differentition.
Must be a string.
Specify the Wireless Priority Service (WPS).
Must be a string.
Specify the QoS Profile configuration.
Must be a string.
Specify to enable or disable Always On PDU session.
Must be either "false" or "true".
Default Value: false.
Specify to enable or disable support for dual connectivity with new radio.
Must be either "false" or "true".
Default Value: false.
Specify the user plane inactivity timer in seconds.
Must be an integer in the range of 0-86400.
Default Value: 0.
Use this command to configure the DNN profile. The CLI prompt changes to the DNN Profile Configuration mode.
Configures the secondary authentication method.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
authentication secondary radius Specify to use RADIUS as secondary authentication method.
Use this command to configure the secondary authentication method.
Configures authorization method.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
authorization local Specify to use local policy configuration.
Use this command to configure the authorization method.
Configures a Virtual DNN profile under a DNN profile and NF user list.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
dnn profile_name network-function-list network_function_list Use this command to configure a DNN profile that is used to map a UE-requested DNN to a Virtual DNN. The SMF sends "Mapped" DNNs for configured network functions and "UE-requested" DNNs for other network functions. The UE-requested DNN is always sent on the N1 interface.
dnn testdnn network-function-list upf Configures network function parameters.
Security Administrator, Administrator
Exec > Global Configuration
nw-fu-conf { nwfunc-dnn dnn_name | network-function-list nf_list } Specify the DNN name.
Must be a string.
Specify the list of network functions that the selected DNN profile will be sent. The list of network functions supported are CHF, PCF, and UPF.
Must be a string.
Use this command to configure the network function parameters.
Configures the RMGR parameters.
Security Administrator, Administrator
Exec > Global Configuration
rmgr-conf rmgr rmgr_nf Specify the RMGR Network Function.
Must be a string.
Use this command to configure the RMGR parameters.
Configures the DNS server details.
Security Administrator, Administrator
Exec > Global Configuration
dns { primary { ipv4 ipv4_address | ipv6 ipv6_address } | secondary { ipv4 ipv4_address | ipv6 ipv6_address } } Use this command to configure the DNS server details.
Configures the primary DNS server details.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
dns primary { ipv4 ipv4_address | ipv6 ipv6_address } Specify the primary DNS server's ipv4 address.
Must be an IPv4 address.
Specify the primary DNS server's ipv6 address.
Must be an IPv6 address.
Use this command to configure the primary DNS server details.
Configures the secondary DNS server details.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
dns secondary { ipv4 ipv4_address | ipv6 ipv6_address } Specify the secondary DNS server's ipv4 address.
Must be an IPv4 address.
Specify the secondary DNS server's ipv6 address.
Must be an IPv6 address.
Use this command to configure the secondary DNS server details.
Configures network element profiles.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
profile dnn dnn_name network-element-profiles { amf | chf | pcf | udm } profile_name Specify the CHF network element profile name.
Must be a string.
Specify the AMF network element profile name.
Must be a string.
Specify the PCF network element profile name.
Must be a string.
Specify the UDM network element profile name.
Must be a string.
Use this command to configure network element profiles.
Configures the default NSSAI configuration.
Security Administrator, Administrator
Exec > Global Configuration
nssai Specify the S-NSSAI Slice/Service Type (SST).
Must be an integer in the range of 0-255.
Specify the S-NSSAI Slice Differentiator (SD).
Must be a 6-digit string in the pattern [0-9a-fA-F].
Use this command to configure the default NSSAI configuration.
Configures the PDU session type.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
session type default_session_type [ allowed allowed_session_type ] Specify the default session type.
Must be one of the following:
IPV4
IPV6
IPV4V6
Specify the SMF allowed session types. Up to two allowed session types can be configured in addition to the default session type. The same session type cannot be configured both as allowed and default.
Must be one of the following:
IPV4
IPV6
IPV4V6
Use this command to configure the PDU session type.
You can configure a maximum of two elements with this command.
Configures Session and Service Continuity (SSC) Mode parameters.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
ssc-mode default_ssc_mode [ allowed allowed_ssc_mode ] Specify the default SSC mode.
Must be one of the following:
1
2
3
Specify the allowed SSC Modes. Up to two allowed modes can be configured in addition to the default SSC mode. The same SSC mode cannot be configured both as allowed and default.
Must be one of the following:
1
2
3
Use this command to configure SSC mode parameters.
You can configure a maximum of two elements with this command.
Configures session time-to-live (TTL) configuration.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
timeout { absolute max_duration | idle-only { false | true } } Specify the maximum duration of the session in seconds, before the system automatically terminates the session. Value of 0 disables the function.
Must be an integer in the range of 0-2147483647.
Default Value: 0.
Specify whether to terminate only idle sessions.
Must be either "false" or "true".
Default Value: false.
Use this command to configure session time-to-live (TTL) configuration.
Configures the UPF APN profile.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
upf apn apn_name Specify the APN name.
Must be a string.
Use this command to configure the UPF APN profile.
Configures DNS proxy parameters.
Security Administrator, Administrator
Exec > Global Configuration > DNN Profile Configuration
dns-proxy Specify the DNS query type.
Must be one of the following:
ipv4
ipv6
ipv4-ipv6
Default Value: ipv4.
Specify the DNS timeout.
Must be an integer.
Default Value: 500.
Specify the TTL value of DNS responses in cache, in seconds.
Must be an integer in the range of 60-86400.
Specify to enable round-robin address fetch.
Use this command to configure DNS proxy parameters.
Configures DNS server parameters.
Security Administrator, Administrator
Exec > Global Configuration
servers dns_server_name [ ip ip_address | port port_number | protocol protocol | priority priority ] Specify the name of the DNS server.
Must be a string.
Specify the IP address of the DNS server.
Must be an IP address.
Specify the port number of the DNS server.
Must be an integer in the range of 1-65535.
Specify the protocol type for the DNS server.
Must be one of the following:
udp
tcp
Default Value: tcp.
Specify the priority for the DNS server.
Must be an integer in the range of 1-100.
Use this command to configure the DNS server parameters.
Configures ECGI Group profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
ecgi-group profile_name Specify the ECGI Group profile name.
Must be a string.
Use this command to configure ECGI Group profile parameters.
Configures the list of MCC, MNC, TAC, and ECGI groups.
Security Administrator, Administrator
Exec > Global Configuration
ecgis { mcc mobile_country_code | mnc mobile_network_code | tac tracking_area_code } Specify the Mobile Country Code (MCC). For example, 01, 001.
Must be a 3-digit integer.
Specify the Mobile Network Code (MNC). For example, 23, 456.
Must be a 2- or 3-digit integer.
Specify the Tracking Area Code (TAC). For example, A1a2, AaBbF1.
Must be a 4-digit string in the pattern [0-9a-fA-F], or a 6-digit string in the pattern [0-9a-fA-F].
Use this command to configure the list of MCC, MNC, TAC, and ECGI groups.
You can configure a maximum of 16 elements with this command.
Configures ECGI group parameters.
Security Administrator, Administrator
Exec > Global Configuration
ecgi list ecgi_values Specify the list of ECGI values.
Must be a 7-digit string in the pattern [0-9a-fA-F].
Use this command to configure ECGI group parameters.
You can configure a maximum of 64 elements with this command.
Configures an ECGI range.
Security Administrator, Administrator
Exec > Global Configuration
range start ecgi_range_start end ecgi_range_end Specify the ECGI range start value.
Must be a 7-digit string in the pattern [0-9a-fA-F].
Specify the ECGI range end value.
Must be a 7-digit string in the pattern [0-9a-fA-F].
Use this command to configure an ECGI range.
You can configure a maximum of 64 elements with this command.
Configures Emergency profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
emergency-profile profile_name [ udm-profile profile_name ] Specify the Emergency profile name.
Must be a string.
Specify the UDM profile name.
Must be a string.
Use this command to configure Emergency profile parameters.
Configures the Failure Handling profile.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling profile_name Specify the Failure Handling profile name.
Must be a string.
Use this command to configure the Failure Handling profile.
Configures GTPC failure-handling template message types.
Security Administrator, Administrator
Exec > Global Configuration > Failure Handling Profile Configuration
interface gtpc message message_type Specify the message type.
Must be one of the following:
S5S8CreateBearerReq
S5S8UpdateBearerReq
S5S8DeleteBearerReq
Use this command to configure GTPC failure-handling template message types.
Configures GTPC interface cause-code types.
Security Administrator, Administrator
Exec > Global Configuration > Failure Handling Profile Configuration
cause-code cause_code_type Specify the cause code type.
Must be one of the following:
temp-fail
Use this command to configure GTPC interface cause-code types.
Configures the action type for the cause.
Security Administrator, Administrator
action action_type [ timeout retry_interval | max-retry max_retry ] Specify the action type for the cause.
Must be one of the following:
retry
clear
terminate
Specify the retry interval in milliseconds.
Must be an integer in the range of 1000-5000.
Default Value: 1000.
Specify the maximum retry count.
Must be an integer in the range of 0-5.
Default Value: 1.
Use this command to configure the action type for the cause.
Configures the N11 interface - SMF/PGW-C timer for reattempting bearer creation/updation.
Security Administrator, Administrator
Exec > Global Configuration
n11 message message_types message_type Use this command to configure the N11 interface - SMF/PGW-C timer for reattempting bearer creation/updation.
Configures N11 message types.
Security Administrator, Administrator
Exec > Global Configuration
message message_type Specify the message type.
Must be one of the following:
n1n2transfer
Use this command to configure n11 message types.
Configures the n11 interface cause-code types.
Security Administrator, Administrator
Exec > Global Configuration
cause-code-value cause-code cause_code_type Specify the cause code type.
Must be one of the following:
temp-reject-register
temp-reject-handover
Use this command to configure the n11 interface cause-code types.
Configures the action type for the cause.
Security Administrator, Administrator
action action_type [ timeout retry_interval | max-retry max_retry ] Specify the action type for the cause.
Must be one of the following:
retry
clear
terminate
Specify the retry interval in milliseconds.
Must be an integer in the range of 1000-5000.
Default Value: 1000.
Specify the maximum retry count.
Must be an integer in the range of 0-5.
Default Value: 1.
Use this command to configure the action type for the cause.
Configures PFCP message types.
Security Administrator, Administrator
Exec > Global Configuration
message message_type Specify the message type.
Must be one of the following:
N4SessionEstablishmentReq
N4SessionModificationReq
Use this command to configure PFCP message types.
Configures PFCP interface cause code types.
Security Administrator, Administrator
Exec > Global Configuration
cause-code cause_code_type Specify the cause code type.
Must be one of the following:
pfcp-entity-in-congestion
system-failure
service-not-supported
no-resource-available
no-response-received
reject
Use this command to configure PFCP interface cause code types.
Configures the action type for the cause.
Security Administrator, Administrator
Exec > Global Configuration
action action_type [ timeout retry_interval | max-retry max_retry ] Specify the action type for the cause.
Must be one of the following:
retry-terminate
terminate
Specify the maximum reties count for the retry-terminate action.
Must be an integer in the range of 0-5.
Default Value: 1.
Use this command to configure the action type for the cause.
Configures PFCP interface cause code types.
Security Administrator, Administrator
Exec > Global Configuration
cause-code cause_code_type Specify the cause code type.
Must be one of the following:
no-response-received
mandatory-ie-incorrect
session-ctx-not-found
reject
Use this command to configure PFCP cause code type.
Configures the action type for the cause.
Security Administrator, Administrator
Exec > Global Configuration
action action_type Specify the action type for the cause.
Must be one of the following:
terminate
Use this command to configure the action type for the cause.
Configuration used in ICMPv6 messages.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
profile icmpv6 profile_name Specify the ICMPv6 profile name.
Must be a string.
Use this command to configure the ICMPv6 profile name.
Configures ICMPv6 configuration parameters.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
options { hop-limit hop_limit | mtu mtu_size | reachable-time reachable_period | retrans-timer retransmission_period | router-lifetime lifetime_period | virtual-mac mac_address } Specify the local virtual MAC address.
Must be a 17-digit string in the pattern [0-9a-fA-F:-].
Specify the hop limit.
Must be an integer in the range of 0-255.
Default Value: 255.
Specify the router lifetime in seconds.
Must be an integer in the range of 0-65535.
Default Value: 65535.
Specify the reachable time in milliseconds.
Must be an integer.
Default Value: 0.
Specify the retransmission time in milliseconds.
Must be an integer.
Default Value: 0.
Specify the MTU size.
Must be an integer.
Default Value: 1500.
Use this command to configure the ICMPv6 configuration parameters.
Configures the Location Area Group profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
location-area-group profile_name [ tai-group tai_group_name | ecgi-group ecgi_group_name | ncgi-group ncgi_group_name ] Specify the Location Area Group profile name.
Must be a string.
Specify the TAI group name.
Must be a string.
Specify the ECGI Group name.
Must be a string.
Specify the NCGI Group name.
Must be a string.
Use this command to configure the Location Area Group profile parameters.
Configures N3 tunnelling information profile configuration.
Security Administrator, Administrator
Exec > Global Configuration
profile n3-tunnel profile_name [ notify ] Specify the N3 tunnelling profile name.
Must be a string.
Specify to enable downlink data notification.
Use this command to configure N3 tunnelling information profile configuration.
Configures the buffering for downlink direction.
Security Administrator, Administrator
Exec > Global Configuration
buffer node Specify to enable buffering in UPF.
Must be one of the following:
upf
Use this command to configure the buffering for downlink direction.
Configures NCGI Group profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
ncgi-group profile_name Specify the NCGI Group profile name.
Must be a string.
Use this command to configure NCGI Group profile parameters.
Configures the list of MCC, MNC, TAC, and NCGI groups.
Security Administrator, Administrator
Exec > Global Configuration
ncgis { mcc mobile_country_code | mnc mobile_network_code | tac tracking_area_code } Specify the Mobile Country Code (MCC). For example, 01, 001.
Must be a 3-digit integer.
Specify the Mobile Network Code (MNC). For example, 23, 456.
Must be a 2- or 3-digit integer.
Specify the Tracking Area Code (TAC). For example, A1a2, AaBbF1.
Must be a 4-digit string in the pattern [0-9a-fA-F], or a 6-digit string in the pattern [0-9a-fA-F].
Use this command to configure the list of MCC, MNC, TAC, and NCGI groups.
You can configure a maximum of 16 elements with this command.
Configures NCGI Group parameters.
Security Administrator, Administrator
Exec > Global Configuration
ncgi ncgi_values [ range ncgi_range ] Specify the list of NCGI values - 9 digit hex string NR Cell ID.
Must be a 9-digit string in the pattern [0-9a-fA-F].
Use this command to configure NCGI Group parameters.
You can configure a maximum of 64 elements with this command.
Configures an NCGI range.
Security Administrator, Administrator
Exec > Global Configuration
range ncgi_range Specify the NCGI range start value.
Must be a 9-digit string in the pattern [0-9a-fA-F].
Specify the NCGI range end value.
Must be a 9-digit string in the pattern [0-9a-fA-F].
Use this command to configure an NCGI range.
You can configure a maximum of 64 elements with this command.
Configures peer AMF parameters.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
network-element amf peer_amf_name [ nf-client-profile profile_name | failure-handling-profile profile_name ] Specify name of the peer AMF.
Must be a string.
Specify the NF client profile name.
Must be a string.
Specify the failure handling profile name.
Must be a string.
Use this command to configure peer AMF configuration.
Configures the query parameter for AMF discovery.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
query-params { dnn | supi | tai | target-nf-instance-id | target-plmn } Specify the query parameters.
Must be one of the following:
supi
dnn
tai
target-plmn
target-nf-instance-id
Use this command to configure the query parameter for AMF discovery.
Configures peer CHF parameters.
Security Administrator, Administrator
Exec > Global Configuration > CHF Network Element Profile Configuration
chf peer_chf_name [ failure-handling-profile profile_name | failure-handling-profile-offline profile_name | nf-client-profile profile_name | nf-client-profile-offline profile_name | nf-client-profile profile_name ] Specify the peer CHF name.
Must be a string.
Specify the NF Client profile name.
Must be a string.
Specify the Failure Handling profile name.
Must be a string.
Specify the NF Client profile name for offline server.
Must be a string.
Specify the Failure Handling profile name for offline server.
Must be a string.
Use this command to configure peer CHF parameters.
Configures UDM discovery query parameters.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
query-params query_parameters Specify the query parameters.
Must be one of the following:
supi
dnn
tai
target-plmn
target-nf-instance-id
Use this command to configure UDM discovery query parameter.
Configures peer PCF parameters.
Security Administrator, Administrator
Exec > Global Configuration > PCF Network Element Profile Configuration
pcf peer_pcf_name [ failure-handling-profile profile_name | nf-client-profile profile_name | predefined-rule-prefix prefix_name | rulebase-prefix rulebase_prefix | use-amf-provided-pcf [ false | true ] ] Specifes the peer PCF name.
Must be a string.
Specify the NF client profile name.
Must be a string.
Specify the Failure Handling profile name.
Must be a string.
Specify the rulebase prefix string.
Must be a string.
Specify the predefined rule prefix to be added.
Must be a string.
Specify to enable or disable discovery of PCF using PCF ID provided by AMF.
Must be either "false" or "true".
Default Value: true.
Use this command to configure peer PCF parameters.
Configures query parameter for PCF discovery.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
query-params query_parameters Specify the query parameters.
Must be one of the following:
supi
dnn
tai
target-plmn
target-nf-instance-id
Use this command to configure the query parameter for PCF discovery.
Configures peer UDM configuration.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
udm peer_udm_name [ nf-client-profile profile_name | failure-handling-profile profile_name ] Specify the peer UDM name.
Must be a string.
Specify the NF client profile name.
Must be a string.
Specify the failure handling profile name.
Must be a string.
Use this command to configure the peer UDM configuration.
Configures query parameter for UDM discovery.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
query-params query_parameters Specify the query parameters.
Must be one of the following:
supi
dnn
tai
target-plmn
target-nf-instance-id
Use this command to configure the query parameter for UDM discovery.
Configures peer UPF parameters.
Security Administrator, Administrator
upf peer_upf_name [ node-id node_id ] Specify the UPF peer name.
Must be a string.
Specify the node ID for the UPF peer node.
Must be a string.
Specify the UPF N4 peer port number.
Must be an integer in the range of 0-65535.
Default Value: 8809.
Specify the UPF Group profile name.
Specify the list of DNNs supported by the UPF node.
Must be a string.
Specify to enable or disable notification from UPF for downlink data.
Must be either "false" or "true".
Default Value: true.
Specify to enable or disable buffering in UPF for downlink data.
Must be either "false" or "true".
Default Value: true.
Specify the static capacity relative to other UPFs used for load balancing.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the static priority relative to other UPFs used for load balancing.
Must be an integer in the range of 0-65535.
Default Value: 1.
Use this command to configure peer UPF parameters.
Configures the N4 peer address.
Security Administrator, Administrator
Exec > Global Configuration
n4-peer-address [ ipv4-address ipv4_address | ipv6-address ipv6_address | n4-peer-port port_number | keepalive heartbeat_interval | dnn-list dnn_list | downlink-data-report [ false | true ] | downlink-data-buffer [ false | true ] | capacity lb_capacity | priority lb_priority ] Specify the N4 peer IPv4 address.
Must be an IPv4 address.
Specify the N4 peer IPv6 address.
Must be an IPv6 address.
Use this command to confgure the N4 peer address.
Configures the network function client parameters.
Security Administrator, Administrator
Exec > Global Configuration
nf-client nf-type udm udm-profile profile_name Use this command to configure the NF client parameters.
Configures the NF client type.
Security Administrator, Administrator
Exec > Global Configuration
nf-type Use this command to configure the NF client type.
Configures AMF profile configuration.
Security Administrator, Administrator
Exec > Global Configuration
amf amf-profile profile_name Specify the AMF profile name
Must be a string.
Use this command to configure the AMF profile.
Configures the locality information.
Security Administrator, Administrator
Exec > Global Configuration
locality locality_name [ priority priority ] Specify the locality name.
Must be a string.
Specify the priority for the locality configuration.
Must be an integer.
Use this command to configure the locality information.
Configures AMF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type amf_service_name_type Specify the service name type.
Must be one of the following:
namf-comm
namf-evts
namf-mt
namf-loc
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the AMF service name type.
Configures endpoint profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-profile endpoint_profile_name { capacity capacity_value | priority priority_value | api-uri-prefix api_uri_prefix | api-root api_root | uri-scheme uri_scheme } Specify the endpoint profile name.
Must be a string.
Specify the profile capacity.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the profile priority.
Must be an integer in the range of 0-65535.
Default Value: 1.
Specify the API URI prefix.
Must be a string.
Specify the API root.
Must be a string.
Specify the URI scheme.
Must be one of the following:
http: HTTP.
https: HTTPS.
Use this command to configure endpoint profile parameters.
Configures the endpoint name.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-name endpoint_name [ priority priority_value | capacity capacity_value ] Specify the endpoint name. You can configure the primary, secondary, and tertiary host (IP: Port) within each endpoint for NF server failover handling. The server failover configuration accepts both the IPv4 and IPv6 addresses. However, the SMF gives preference to the IPv4 address.
Must be a string.
Specify the node priority for endpoint.
Must be an integer in the range of 0-65535.
Specify the node capacity.
Must be an integer in the range of 0-65535.
Use this configuration to configure the endpoint name.
Configures the URI version.
Security Administrator, Administrator
Exec > Global Configuration > UDM NF-Client Profile Configuration > UDM Profile Configuration > Locality Configuration > UDM Service Name Type Configuration > Endpoint Profile Configuration > Version Configuration > URL Version Configuration
version uri-version { uri_version | full-version full_version } Specify the URI version.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string.
Use this command to configure the URI version information.
Configures the AuSF profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
ausf-profile profile_name Specify the profile name.
Must be a string.
Use this command to configure the AuSF profile parameters.
Configures the locality parameters.
Security Administrator, Administrator
Exec > Global Configuration
locality locality_name [ priority priority ] Specify the locality name.
Must be a string.
Specify the locality configuration priority.
Must be an integer.
Use this command to configure the locality parameters.
Configures AuSF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type ausf_service_name_type Specify the AuSF service name type.
Must be one of the following:
nausf-auth
Use this command to configure AuSF service name type.
Configures endpoint profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-profile endpoint_profile_name { capacity capacity_value | priority priority_value | api-uri-prefix api_uri_prefix | api-root api_root | uri-scheme uri_scheme } Specify the endpoint profile name.
Must be a string.
Specify the profile capacity.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the profile priority.
Must be an integer in the range of 0-65535.
Default Value: 1.
Specify the API URI prefix.
Must be a string.
Specify the API root.
Must be a string.
Specify the URI scheme.
Must be one of the following:
http: HTTP.
https: HTTPS.
Use this command to configure endpoint profile parameters.
Configures the endpoint name.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-name endpoint_name [ priority priority_value | capacity capacity_value ] Specify the endpoint name. You can configure the primary, secondary, and tertiary host (IP: Port) within each endpoint for NF server failover handling. The server failover configuration accepts both the IPv4 and IPv6 addresses. However, the SMF gives preference to the IPv4 address.
Must be a string.
Specify the node priority for endpoint.
Must be an integer in the range of 0-65535.
Specify the node capacity.
Must be an integer in the range of 0-65535.
Use this configuration to configure the endpoint name.
Configures the URI version.
Security Administrator, Administrator
Exec > Global Configuration > UDM NF-Client Profile Configuration > UDM Profile Configuration > Locality Configuration > UDM Service Name Type Configuration > Endpoint Profile Configuration > Version Configuration > URL Version Configuration
version uri-version { uri_version | full-version full_version } Specify the URI version.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string.
Use this command to configure the URI version information.
Configures the CHF profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
chf chf-profile name profile_name Specify the CHF profile name.
Must be a string.
Use this command to configure the CHF profile parameters.
Configures the CHF locality parameters.
Security Administrator, Administrator
Exec > Global Configuration
locality name locality_name [ priority priority ] Specify the locality name.
Must be a string.
Specify the priority for the locality configuration.
Must be an integer.
Use this command to configure the locality parameters.
Configures the CHF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type service_name_type Specify the CHF service name type.
Must be one of the following:
nchf-spendinglimitcontrol
nchf-convergedcharging
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the CHF service name type.
Configures endpoint profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-profile endpoint_profile_name { capacity capacity_value | priority priority_value | api-uri-prefix api_uri_prefix | api-root api_root | uri-scheme uri_scheme } Specify the endpoint profile name.
Must be a string.
Specify the profile capacity.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the profile priority.
Must be an integer in the range of 0-65535.
Default Value: 1.
Specify the API URI prefix.
Must be a string.
Specify the API root.
Must be a string.
Specify the URI scheme.
Must be one of the following:
http: HTTP.
https: HTTPS.
Use this command to configure endpoint profile parameters.
Configures the endpoint name.
Security Administrator, Administrator
Exec > Global Configuration
endpoint-name endpoint_name [ priority priority_value | capacity capacity_value ] Specify the endpoint name. You can configure the primary, secondary, and tertiary host (IP: Port) within each endpoint for NF server failover handling. The server failover configuration accepts both the IPv4 and IPv6 addresses. However, the SMF gives preference to the IPv4 address.
Must be a string.
Specify the node priority for endpoint.
Must be an integer in the range of 0-65535.
Specify the node capacity.
Must be an integer in the range of 0-65535.
Use this configuration to configure the endpoint name.
Configures the URI version.
Security Administrator, Administrator
Exec > Global Configuration > UDM NF-Client Profile Configuration > UDM Profile Configuration > Locality Configuration > UDM Service Name Type Configuration > Endpoint Profile Configuration > Version Configuration > URL Version Configuration
version uri-version { uri_version | full-version full_version } Specify the URI version.
Must be a string in the pattern v\d.
Specify the full version in the format major-version .minor-version .patch-version .[alpha-draft-number ]
Must be a string.
Use this command to configure the URI version information.
PCF profile configuration.
Security Administrator, Administrator
Exec > Global Configuration
pcf pcf-profile name profile_name Specify the PCF profile name.
Must be a string.
Use this command to configure the PCF profile.
Configures the locality information.
Security Administrator, Administrator
Exec > Global Configuration
pcf locality locality_name [ priority priority_value ] Specify the locality name.
Must be a string.
Specify the priority for the locality configuration.
Must be an integer.
Use this command to configure the locality information.
Configures the PCF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type service_name_type Specify the PCF service name parameters.
Must be one of the following:
npcf-am-policy-control
npcf-smpolicycontrol
npcf-policyauthorization
npcf-bdtpolicycontrol
npcf-eventexposure
npcf-ue-policy-control
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the PCF service name type.
Configures SMF profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
smf-profile smf_profile_name Specify the SMF profile name.
Must be a string.
Use this command to configure the SMF profile parameters.
Configures locality parameters.
Security Administrator, Administrator
Exec > Global Configuration
locality locality_name Specify the locality name.
Must be a string.
Specify the priority of the locality configuration.
Must be an integer.
Use this command to configure the locality parameters.
Configures UDM profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
udm-profile udm_profile_name Specify the UDM profile name.
Must be a string.
Use this command to configure the UDM profile for an NF client.
Configures locality information.
Security Administrator, Administrator
Exec > Global Configuration
locality locality_name [ priority priority ] Specify the locality name.
Must be a string.
This keyword sets the priority for the locality configuration.
Must be an integer.
Use this command to configure the locality information.
Configures the UDM service type.
Security Administrator, Administrator
Exec > Global Configuration
type service_name_type Specify the UDM service name type.
Must be one of the following:
nudm-sdm
nudm-uecm
nudm-ueau
nudm-ee
nudm-pp
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the UDM service type.
Configures the AMF failure handling template name.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling name template_name Specify the AMF failure handling template name.
Must be a string.
Use this command to configure the failure handling template for AMF profile.
Configures the AMF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type amf_service_name_type Specify the AMF service name type.
Must be one of the following:
namf-comm
namf-evts
namf-mt
namf-loc
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure AMF service name type.
Configures the AMF message type.
Security Administrator, Administrator
Exec > Global Configuration
message type amf_message_type Specify the AMF message type.
Must be one of the following:
AmfCommEBIAssignment
AmfCommN1N2MessageTransfer
AmfCommSMStatusChangeNotify
Use this command to configure the AMF message type.
Configures the failure handling template name.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling template_name Specify the failure handling template name.
Must be a string.
Use this command to configure the failure handling template for AuSF profile.
Configures the AuSF service name type.
Security Administrator, Administrator
Exec > Global Configuration
service name type ausf_service_name_type Specify the AuSF service name type.
Must be one of the following:
nausf-auth
Use this command to configure the AuSF service name type.
Configures the AuSF message type.
Security Administrator, Administrator
Exec > Global Configuration
message type ausf_message_type Specify the AuSF message type.
Must be one of the following:
AusfAuthenticationReq
AusfAuthenticationCfm
Use this command to configure the AuSF message type.
Configures the failure handling template name.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling template_name Specify the CHF failure handling template name.
Must be a string.
Use this command to configure the failure handling template for CHF profile.
Configures the CHF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type chf_service_name_type Specify the CHF service name type.
Must be one of the following:
nchf-spendinglimitcontrol
nchf-convergedcharging
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the CHF service name type.
Specify the CHF message type.
Security Administrator, Administrator
Exec > Global Configuration
message type chf_message_type Specify the CHF message type.
Must be one of the following:
ChfConvergedchargingCreate
ChfConvergedchargingUpdate
ChfConvergedchargingDelete
Use this command to configure the CHF message type.
Configures the failure handling template name.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling template_name Specify the PCF failure handling template name.
Must be a string.
Use this command to configure the failure handling template for PCF profile.
Configures PCF service name type.
Security Administrator, Administrator
Exec > Global Configuration
type pcf_service_name_type Specify the PCF service name type.
Must be one of the following:
npcf-am-policy-control
npcf-smpolicycontrol
npcf-policyauthorization
npcf-bdtpolicycontrol
npcf-eventexposure
npcf-ue-policy-control
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the PCF service name type.
Configures the failure handling template name.
Security Administrator, Administrator
Exec > Global Configuration
failure-handling template_name Specify the UDM failure handling template name.
Must be a string.
Use this command to configure the failure handling template for UDM profile.
Configures UDM service name type.
Security Administrator, Administrator
Exec > Global Configuration
type udm_service_name_type [ responsetimeout response_timeout ] Specify the UDM service name type.
Must be one of the following:
nudm-sdm
nudm-uecm
nudm-ueau
nudm-ee
nudm-pp
Specify the response timeout period in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the UDM service name type.
Configures the NF client pair type parameter.
Security Administrator, Administrator
Exec > Global Configuration
nf-pair nf-type type nf_type Specify the NF client pair type.
Must be one of the following:
NRF
UDM
AMF
SMF
AUSF
NEF
PCF
SMSF
NSSF
UDR
LMF
GMLC
5G_EIR
SEPP
UPF
N3IWF
AF
UDSF
BSF
CHF
NWDAF
Specify the NRF discovery group name.
Must be a string.
Configures Nf client pair parameters. Use this command to configure the NF client pair type parameter.
Configures the NF client pair cache.
Security Administrator, Administrator
Exec > Global Configuration
Use this command to configure the NF client pair cache. Use this command to configure the NF client pair cache.
Configures the invalidation cache parameters.
Security Administrator, Administrator
Exec > Global Configuration
invalidation { false | true } Use this command to configure the invalidation cache parameters.
Configures the invalidation cache for "true" case.
Security Administrator, Administrator
Exec > Global Configuration
true true-value.
Specify the invalidation cache timeout period in milliseconds.
Must be an integer.
Default Value: 0.
Use this command to configure the true case parameters for invaldation cache.
Configures the capacity threshold.
Security Administrator, Administrator
Exec > Global Configuration
capacity-threshold { warn value_percentage | critical value_percentage } Specify the threshold warning percentage.
Must be an integer in the range of 1-100.
Specify the threshold critical percentage.
Must be an integer in the range of 1-100.
Use this command to configure the capacity threshold.
Configures the SLA failover time.
Security Administrator, Administrator
Exec > Global Configuration
failover sla time Specify the failover SLA value in milliseconds.
Must be an integer.
Default Value: 0.
Use this command to configure the SLA failover time.
Configures client locality parameter.
Security Administrator, Administrator
Exec > Global Configuration
locality { client locality_name | geo-server locality_name | preferred-server locality_name } Specify the Client locality information.
Must be a string.
Specify the preferred server locality information.
Must be a string.
Specify the Geo service locality information.
Must be a string.
Use this command to configure the client locality parameter.
Configures the reconnect interval.
Security Administrator, Administrator
Exec > Global Configuration
reconnect interval time Specify the reconnect interval in milliseconds.
Must be an integer.
Default Value: 0.
Use this command to configure the reconnect interval.
Configures the P-CSCF profile.
Security Administrator, Administrator
Exec > Global Configuration
pcscf profile_name Specify the P-CSCF profile name.
Must be a string.
Use this command to configure the P-CSCF profile.
Configures the P-CSCF server's FQDN.
Security Administrator, Administrator
Exec > Global Configuration
fqdn fqdn Specify the P-CSCF server's FQDN.
Must be a string.
Use this command to configure the P-CSCF server's FQDN.
Configures the P-CSCF server selection algorithm.
Security Administrator, Administrator
Exec > Global Configuration
pcscf-selection algorithm Specify the P-CSCF server selection algorithm.
Must be one of the following:
round-robin
Default Value: round-robin.
Use this command to configure the P-CSCF server selection method. NOTE: In this release, round-robin is the only supported algorithm for server selection.";
Configures the P-CSCF IPv4 server details in the P-CSCF profile.
Security Administrator, Administrator
Exec > Global Configuration
v4-list Use this command to configure the P-CSCF IPv4 server details in the P-CSCF profile.";
Configures the P-CSCF IPv4 server list entries.
Security Administrator, Administrator
Exec > Global Configuration
v4-list list-entry precedence precedence_number Specify the precedence number for P-CSCF IPv4 server configuration.
Must be an integer in the range of 1-64.
Use this command to configure the P-CSCF IPv4 server list entries.
Configures the IPv4 address of the primary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
primary ipv4 ipv4_address Specify the IPv4 address of the primary P-CSCF server in dotted-decimal notation.
Must be an IPv4 address.
Use this command to configure the IPv4 address of the primary P-CSCF server.
primary ipv4 30.22.21.44 Configures the IPv4 address of the secondary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
secondary ipv4 ipv4_address Specify the IPv4 address of the secondary P-CSCF server in dotted-decimal notation.
Must be an IPv4 address.
Use this to command configure the IPv4 address of the secondary P-CSCF server.
secondary ipv4 30.22.21.44 Configures the P-CSCF IPv4v6 server details.
Security Administrator, Administrator
Exec > Global Configuration
v4v6-list Use this command to configure the P-CSCF IPv4v6 server details in the P-CSCF profile.";
Configures the P-CSCF IPv4v6 server list entries.
Security Administrator, Administrator
Exec > Global Configuration
v4v6-list list-entry precedence precedence_number Specify the precedence of entries in the P-CSCF IPv4v6 server list.
Must be an integer in the range of 1-64.
Use this command to configure the P-CSCF IPv4v6 server list entries.
Configures the IPv4v6 address of the primary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
primary ipv4 ipv4_address ipv6 ipv6_address Specify the IPv4 address of the primary P-CSCF server in dotted-decimal notation.
Must be an IPv4 address.
Specify the IPv6 address of the primary P-CSCF server in colon-separated hexadecimal notation.
Must be an IPv6 address.
Use this command to configure the IPv4v6 address of the primary P-CSCF server.
primary ipv4 30.22.21.44 ipv6 123:345:456::6578 Configures the IPv4v6 address of the secondary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
secondary { [ ipv4 ipv4_address ] [ ipv6 ipv6_address ] } Specify the IPv4 address of the secondary P-CSCF server in dotted-decimal notation.
Must be an IPv4 address.
Specify the IPv6 address of the secondary P-CSCF server in colon-separated hexadecimal notation.
Must be an IPv6 address.
Use this command to configure the IPv4v6 address of the secondary P-CSCF server.
secondary ipv4 30.22.21.44 ipv6 123:345:456::6578 Configures the P-CSCF IPv6 server details.
Security Administrator, Administrator
Exec > Global Configuration
v6-list list-entry precedence precedence Use this command to configure the P-CSCF IPv6 server details in the P-CSCF profile.";
Configures the P-CSCF IPv6 server list entries.
Security Administrator, Administrator
Exec > Global Configuration
v6-list list-entry precedence precedence_number Specify the precedence of entries in the P-CSCF IPv6 server list.
Must be an integer in the range of 1-64.
Use this command to configure the P-CSCF IPv6 server list entries.
Configures the IPv6 address of the primary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
primary ipv6 ipv6_address Specify the IPv6 address of the primary P-CSCF server in colon-separated hexadecimal notation.
Must be an IPv6 address.
Use this command to configure the IPv6 address of the primary P-CSCF server.
primary ipv6 123:345:456::6578 Configures the IPv6 address of the secondary P-CSCF server.
Security Administrator, Administrator
Exec > Global Configuration
secondary ipv6 ipv6_address Specify the IPv6 address.
Must be an IPv6 address.
Use this command to configure the IPv6 address of the secondary P-CSCF server.
secondary ipv6 123:345:456::6578 Configures the PPD profile in the DNN profile configuration.
Security Administrator, Administrator
Exec > Global Configuration
ppd ppd_profile_name Specify the PPD profile name.
Must be a string.
Specify the range of 5G QoS Identifier (5QI) priority levels. To list multiple priority levels, use commas and hyphens as needed. For example, 5QI 3,10-15,65.
Must be an integer.
-Or-Must be a string.
Use this command to specify the PPD profile to be associated with the DNN profile.
ppd ppdtest Configures the Differentiated Services Code Point (DSCP) values.
Security Administrator, Administrator
Exec > Global Configuration
dscp-list dscp dscp_value ppi ppi_value Specify the DSCP value. To list the different priority levels, use comma and hyphen as needed. For example, 5QI 3,10-15,65.
Must be an integer in the range of 0-63.
Specify the Paging Policy Indicator value.
Must be an integer in the range of 0-7.
Use this command to configure the DSCP and Paging Policy Indicator values.
dscp 10 ppi 7 Configures a Quality of Service (QoS) profile.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
qos profile_name [ priority qos_priority | qi5 5qi_value ] Specify the QoS profile's name.
Must be a string.
Specify the 5G QoS Identifier (5QI) for authorized QoS parameters.
Must be an integer in the range of 0-255.
Specify the 5QI priority level for the QoS profile.
Must be an integer in the range of 1-127.
Use this command to create a QoS profile and configure the QoS parameters.
qos qos1 Configures the Aggregate Maximum Bit Rate (AMBR) for the uplink (subscriber-to-network) and the downlink (network-to-subscriber) traffic.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
ambr { ul uplink_ambr | dl downlink_ambr } Specify the AMBR uplink threshold.
Must be a string in the pattern [0-9]+.[0-9]+ (bps|Kbps|Mbps|Gbps|Tbps).
Specify the AMBR downlink threshold.
Must be a string in the pattern [0-9]+.[0-9]+ (bps|Kbps|Mbps|Gbps|Tbps).
Use this command to configure the AMBR threshold values for uplink and downlink traffic.
ambr ul 1024 dl 1024 Configures the Allocation and Retention Priority (ARP) for the service data.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
arp { preempt-cap preemption_capability | preempt-vuln preemption_vulnerability | priority-level priority_level } Specify the ARP for the service data.
Must be an integer in the range of 1-15.
Specify the preemption capability flag.
Must be one of the following:
NOT_PREEMPT: Bearer cannot be preempted
MAY_PREEMPT: Bearer may be preempted
Default Value: MAY_PREEMPT.
Specify the preemption vulnerability flag.
Must be one of the following:
NOT_PREEMPTABLE: Bearer cannot be preempted
PREEMPTABLE: Bearer may be preempted
Default Value: NOT_PREEMPTABLE.
This command sets the Allocation and Retention Priority (ARP) for the service data.
arp preempt-cap MAY_PREEMPT Configures the DSCP type.
Security Administrator, Administrator
Exec > Global Configuration
dscp-info Specify the DCSP type.
Must be one of the following:
uplink
downlink
Specify the DSCP value be applied to encaps header.
Specify to copy inner DSCP to outer.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Specify the DSCP value to be applied to user datagram.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Specify the DSCP value to be applied to encaps header.
Specify to copy inner DSCP to outer.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Use this command to configure the DSCP type.
Configures the DCSP value to be applied to user datagram.
Security Administrator, Administrator
Exec > Global Configuration
user-datagram ul-uD-dscp-marking dscp_marking Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Use this command to configure the DCSP value to be applied to user datagram.
Configures the DSCP type.
Security Administrator, Administrator
Exec > Global Configuration
dscp-info Specify the DCSP type.
Must be one of the following:
uplink
downlink
Specify the DSCP value be applied to encaps header.
Specify to copy inner DSCP to outer.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Specify the DSCP value to be applied to user datagram.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Specify the DSCP value to be applied to encaps header.
Specify to copy inner DSCP to outer.
Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Use this command to configure the DSCP type.
Configures the DCSP value to be applied to user datagram.
Security Administrator, Administrator
Exec > Global Configuration
user-datagram ul-uD-dscp-marking dscp_marking Specify the DSCP value to be applied to packets.
Must be a string in the pattern 0x[0-3][0-9a-fA-F].
Use this command to configure the DCSP value to be applied to user datagram.
Configures the maximum data burst volume.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
max data-burst burst_volume Specify the maximum data burst volume in bps.
Must be an integer in the range of 1-4095.
Use this command to configure the maximum data burst volume.
max data-burst 2048 Enables RADIUS client configuration.
Security Administrator, Administrator
radius { algorithm radius_algorithm | deadtime deadtime_duration | max_retries | timeout_duration } Specify the algorithm for RADIUS server selection.
Must be one of the following:
first-server
round-robin
Default Value: first-server.
Specify the RADIUS server deadtime duration - the time duration, in minutes, after a RADIUS server is marked as unreachable and before connection can be reattempted.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the maximum number of times the system will attempt retry with the RADIUS server.
Must be an integer in the range of 0-65535.
Default Value: 2.
Specify the time duration to elapse for a response from the RADIUS server before re-transmitting.
Must be an integer in the range of 1-65535.
Default Value: 2.
Use this command to enable RADIUS client configuration.
Configures RADIUS identification parameters.
Security Administrator, Administrator
attribute nas-identifier nas_id Specify the attribute name by which the system will be identified in Access-Request messages.
Must be a string.
Use this command to configure RADIUS identification parameters.
Configures the response timeout duration, in seconds, to wait for a response from the RADIUS server after which it is marked as unreachable/dead.
Security Administrator, Administrator
detect-dead-server response_timeout_duration Specify the response timeout duration, in seconds.
Must be an integer in the range of 0-65535.
Default Value: 0.
Use this command to configure the response timeout duration, in seconds, to wait for a response from the RADIUS server after which it is marked as unreachable/dead.
Configures RADIUS server parameters.
Security Administrator, Administrator
server secret secret_key [ ipv4_address | port port_number | priority priority_number ] Specify the IPv4 address of the RADIUS server.
Must be an IP address.
Specify the secret key for the RADIUS server.
Must be an aes-cfb-128-encrypted string.
Specify the port number of the RADIUS server.
Must be an integer in the range of 1-65535.
Specify the priority of the RADIUS server.
Must be an integer in the range of 1-100.
Use this command to configure RADIUS server parameters.
Configures the SMF network function profile configuration parameters.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
smf profile_name [ dnn-profile-list dnn_profile_list | locality locality | nf-services nf_services | node-id node_id ] Specify the SMF profile name.
Must be a string.
Specify the mode of operation.
Must be one of the following:
offline
Specify the SMF's node ID.
Must be a 6-digit string in the pattern [0-9a-fA-F].
Specify the locality for geo support.
Must be a string.
Specify the NF services.
Must be a string.
Specify the SMF+PGW-C FQDN.
Must be a string.
Specify the selection mode for subscription.
Must be one of the following:
verified
network-provided
ue-provided
Specify the Network Slice Selection Assistance Information (NSSAI).
Must be a string.
The SMF supports the PDU sessions with IPv4v6 type in addition to IPv4 and IPv6 PDU session types for UEs. When a UE requests establishment of PDU session with a specific session type, the SMF checks the UE request against the UE subscription information maintained as default and allowed listPDU session types in the UDM. The SMF performs UE authorization and allocates IP address when the requested PDN type is matching with the values in the UDM. The SMF communicates about the allocated IP address to all other network functions.
Must be one of the following:
none
Use this command to configure the SMF network function profile configuration parameters.
Configures the definition for public land mobile network identifier (PLMN ID) and the preferred radio access technology (RAT). This is one of PLMNs which is considered by the mobile as equivalent to the visited PLMN for cell reselection and network selection. When configured, the equivalent PLMN list will be sent to the UE in NAS ATTACH ACCEPT / TAU ACCEPT messages.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
plmn-id { [ mcc mobile_country_code ] [ mnc mobile_network_code ] } Specify the mobile country code (MCC) portion of the PLMN ID.
Must be a 3-digit integer.
Specify the mobile network code (MNC) portion of the PLMN ID.
Must be a 2- or 3-digit integer.
Use the command to identify a PLMN and assign it a priority to define the preferred PLMN to be used. This command can be entered multiple times to set priorities of usage.
Configures the session management network function services. The service names as specified in 3GPPTS 29.510 V15.2.0, Section 6.1.6.3.11.
Security Administrator, Administrator
Exec > Global Configuration > Profile Configuration
service service_name Specify the NF service name.
Must be a string.
Specify the service type.
Must be one of the following:
pdu-session
sm-event-exposure
Specify the schema name.
Must be a string.
Specify the service ID.
Must be a string.
Default Value: "1".
Specify the version.
Must be a string.
Specify the ICMPv6 profile name.
Must be a string.
Specify the compliance profile name.
Must be a string.
Specify the static weight relative to other NFs of the same type.
Must be an integer in the range of 0-65535.
Default Value: 10.
Specify the priority relative to other NFs of the same type.
Must be an integer in the range of 0-65535.
Default Value: 1.
Specify the access profile name.
Specify the subscriber policy name.
Must be a string.
Use this command to configure the N1, N2, and N11 interfaces in compliance with the 3GPP.
Configures the SMF HTTP REST endpoint parameters.
Security Administrator, Administrator
Exec > Global Configuration
http-endpoint base-url base_url Specify the SMF base URL that is exposed and accessible externally.
Must be a string.
Use this command to configure the SMF HTTP REST endpoint parameters.
Configures TAI Group profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
profile tai-group profile_name Specify the TAI group profile name.
Must be a string.
Use this command to configure the TAI Group profile parameters.
Configures the list of MCC, MNC, and possible TACs.
Security Administrator, Administrator
Exec > Global Configuration > TAI Group Profile Configuration
tais { mcc mobile_country_code | mnc mobile_network_code } Specify the Mobile Country Code (MCC). For example, 01, 001.
Must be a 3-digit integer.
Specify the Mobile Network Code (MNC). For example, 23, 456.
Must be a 2- or 3-digit integer.
Use this command to configure the list of MCC, MNC, and possible TACs.
You can configure a maximum of 16 elements with this command.
Configures the TAC Group parameters.
Security Administrator, Administrator
Exec > Global Configuration > TAI Group Profile Configuration
tac list tac_values Specify the list of TAC values.
Must be a 4-digit string in the pattern [0-9a-fA-F], or a 6-digit string in the pattern [0-9a-fA-F].
Use this command to configure the TAC Group parameters.
You can configure a maximum of 64 elements with this command.
Configures TAC ranges.
Security Administrator, Administrator
Exec > Global Configuration > TAI Group Profile Configuration
range start tac_range_start end tac_range_end Use this command to configure a TAC range.
You can configure a maximum of 16 elements with this command.
Configures the UPF group parameters.
Security Administrator, Administrator
Exec > Global Configuration
upf-group upf_group_name Specify the UPF group name.
Must be a string.
Use this command to configure the UPF group parameters.
Configures the UPF failure profile.
Security Administrator, Administrator
Exec > Global Configuration
failure failure_profile_name Specify the UPF failure profile name.
Must be a string.
Use this command to configure the UPF failure profile.
Enables PFCP path management.
Security Administrator, Administrator
Exec > Global Configuration
heartbeat [ interval heartbeat_interval | retransmission-timeout retransmission_timeout | max-retransmissions max_retransmissions ] Specify the heartbeat interval in seconds. To disable, set to 0.
Must be an integer.
Default Value: 60.
Specify the heartbeat retransmission timeout period in seconds.
Must be an integer in the range of 1-20.
Default Value: 5.
Specify the maximum number retries for PFCP heartbeat request.
Must be an integer in the range of 0-10.
Default Value: 3.
Use this command to enable PFCP path management.
Configures the Wireless Priority Service (WPS) profile parameters.
Security Administrator, Administrator
Exec > Global Configuration
wps wps_service_name Specify the WPS service name.
Must be a string.
Specify the range of ARP levels (separated by , or -).
Must be an integer.
-Or-Must be a string.
Specify the message priority for GTP-C and UP.
Must be one of the following:
pfcp
gtpc
Use this command to configure the WPS profile parameters.
You can configure a maximum of two elements with this command.
Configures the DSCP marking value for n3.
Security Administrator, Administrator
Exec > Global Configuration
dscp n3 dscp_marking_value Specify the UP DSCP marking value in the range 0 to 0x3F.
Must be an integer in the range of 0-63.
Use this command to confgiure the DSCP marking value for n3.
Configures PFCP retransmission.
Security Administrator, Administrator
Exec > Global Configuration
retransmission { timeout pfcp_retransmission_interval | max-retry max_retries } Specify the PFCP retransmission interval in seconds. To disable retransmission, configure to 0.
Must be an integer in the range of 0-10.
Default Value: 2.
Specify the maximum number of times PFCP request retry attempts. To disable retransmission, configure to 0.
Must be an integer in the range of 0-5.
Default Value: 3.
Use this command to configure PFCP retransmission.
Configures microservice name of the SMF deployment.
Security Administrator, Administrator
Exec > Global Configuration
component component_name Specify the microservice name of the SMF deployment.
Must be a string.
Use this command to configure the microservice name of the SMF deployment.
Configure pod parameters.
Security Administrator, Administrator
Exec > Global Configuration
pod pod_group_name [ repository path ] Specify the pod group name.
Must be a string in the pattern [a-zA-Z][a-zA-Z0-9-]*.
Specify to override Helm Repository.
Use this command to configure pod parameters.
Configures the SMF local parameters.
Security Administrator, Administrator
Exec > Global Configuration
local { coverage-build { false | true } | datastore-endpoint ep_config } Specifes the data store endpoint configuration.
Must be a string.
Default Value: "datastore-ep-session:8882".
Specify the coverage build setting.
Must be either "false" or "true".
Default Value: false.
Use this command to configure the SMF local etcd endpoint.
Configures the SMF local etcd endpoint.
Security Administrator, Administrator
Exec > Global Configuration
etcd endpoint { host host_name | port port_number } Specify the host name.
Must be a string.
Default Value: "etcd".
Specify the port number.
Must be an integer.
Default Value: 2379.
Use this command to configure the SMF local etcd endpoint.
Enables or disables and configures tracing.
Security Administrator, Administrator
Exec > Global Configuration
tracing { append-messages { false | true } | enable { false | true } | enable-trace-percent percentage } Specify to enable or disable tracing.
Must be either "false" or "true".
Specify the tracing percentage.
Must be an integer in the range of 0-100.
Default Value: 100.
Specify whether to append the messages or not.
Must be either "false" or "true".
Default Value: true.
Use this command to enable or disable and to configure tracing.
Configures the endpoint parameters.
Security Administrator, Administrator
Exec > Global Configuration
endpoint { host host_name | port port_number } Specify the host name.
Must be a string.
Default Value: "jaeger-collector".
Specify the port number.
Must be an integer.
Default Value: 9411.
Use this command to configure endpoint parameters.
Configures the GTP endpoint node label.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile gtp-ep node-label node_label Specify the GTP endpoint node label.
Must be a string.
Use this command to configure the GTP endpoint node label.
Configures the protocol node label.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile protocol node-label node_label Specify the node label.
Must be a string.
Use this command to configure the protocol node label.
Configures BFD application.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile rcm-bfd-ep bfd-monitor group group_id [ min-rx-int min_receive_interval | min-tx-int min_send_interval | multiplier multiplier_value | standby standby_upf ] Specify the group ID.
Must be an integer.
Specify the minimum send interval capability.
Must be an integer in the range of 50-10000.
Specify the minimum receive interval capability.
Must be an integer in the range of 50-10000.
Specify the multiplier value used to compute holddown.
Must be an integer in the range of 3-50.
Specify the standby UPFs for N:M redundancy group.
Must be an integer in the range of 0-10.
Use this command to configure BFD application.
Configures the endpoint address.
Security Administrator, Administrator
Exec > Global Configuration
endpoint endpoint_ip_address Specify the endpoint IP address.
Must be an IP address.
Use this command to configure the endpoint IP address.
Configures the RCM configuration endpoint parameters.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile rcm-config-ep { [ username user_name ] [ password password ] } Specify the RCM configuration endpoint user name.
Must be a string.
Specify the RCM configuration endpoint password.
Must be a string.
Use this command to configure the GTP endpoint node label.
Disables specific configmaps.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile rcm-config-ep disable-cm { apn | chargingAction | creditCtrl | global | gtpp | gtpuService | miscacs | packetFilter | rulebase | ruledef | sxService | upSvcs | upfCpg | upfIfc | urrList } Specify to disable APN configmaps.
Specify to disable GTPP group configmaps.
Specify to disable credit control configmaps.
Specify to disable packet filter configmaps.
Specify to disable URR ID configmaps.
Specify to disable ruledef configmaps.
Specify to disable rulebase configmaps.
Specify to disable global config under ACS.
Specify to disable global config outside ACS.
Specify to disable charging action configmaps.
Specify to disable UPF control plane group configmaps.
Specify to disable UPF service configmaps.
Specify to disable Sx service configmaps.
Specify to disable GTPU service configmaps.
Specify to disable UPF interface configmaps.
Use this command to disable specific configmaps.
Configures GRPC endpoint parameters.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile rcm-controller-ep endpoint grpc { name endpoint_name | port port_number | host host_name } Specify the GRPC endpoint name.
Must be a string.
Specify the port number.
Must be an integer.
Specify the host name.
Must be a string.
Use this command to configure TCP endpoint parameters.
Configures TCP endpoint parameters.
Security Administrator, Administrator
Exec > Global Configuration
k8 smf profile rcm-controller-ep endpoint tcp { name endpoint_name | port port_number | host host_name } Specify the TCP endpoint name.
Must be a string.
Specify the port number.
Must be an integer.
Specify the host name.
Must be a string.
Use this command to configure TCP endpoint parameters.
Enables or disables SMF tools.
Security Administrator, Administrator
smf-tools enable { false | true } Specify to enable or disable SMF tools.
Must be either "false" or "true".
Default Value: false.
Use this command to enable or disable SMF tools.
Configures the kubernetes node on which Lattice will be deployed.
Security Administrator, Administrator
Exec > Global Configuration
lfs [ sctp-k8-node-name name | sctp-ip-address ip_address | lattic-tar-url url | test-companion-tar-url url | ngap-spec-ver version | n1-spec-ver version | n7-spec-ver version | n10-spec-ver version | n11-spec-ver version | nrf-spec-ver version | chf-spec-ver version ] Specify the kubernetes node name on which Lattice will be deployed.
Must be a string.
Specify the external IP address for SCTP.
Must be an IP address.
Specify the Lattice TAR URL.
Must be a string.
Specify the test companion TAR URL.
Must be a string.
Specify the ngap interface specification version.
Must be a string.
Specify the N1 interface specification version.
Must be a string.
Specify the N7 interface specification version.
Must be a string.
Specify the N10 interface specification version.
Must be a string.
Specify the N11 interface specification version.
Must be a string.
Specify the NRF specification version.
Must be a string.
Specify the N40 interface specification version.
Must be a string.
Use this command to configure the kubernetes node on which Lattice will be deployed.
Displays subscriber data.
Security Administrator, Administrator
Exec
show subscriber supi [ psid pdu_session_id | supi_option ] Specify the PDU Session ID (PSID).
Must be an integer in the range of 1-15.
Specify the SUPI option.
Must be one of the following:
charging
full
policy
userplane
Use this command to view subscriber data.
Clears subscriber data.
Security Administrator, Administrator
Exec
clear subscriber supi [ psid pdu_session_id | ebi eps_bearer_id ] Specify the PDU Session ID (PSID).
Must be an integer in the range of 1-15.
Specify the EPS Bearer ID (EBI).
Must be a string.
Use this command to clear subscriber data.
Displays subscriber data.
Security Administrator, Administrator
Exec
policy policy_option Specify the policy option.
Must be one of the following:
flow
rules
Use this command to view subscriber data.
Configures Traffic Steering for SMF.
Security Administrator, Administrator
Exec
traffic service default-destination default_destination Specify the default smf-service group to receive traffic.
Must be a string in the pattern [a-zA-Z][a-zA-Z0-9-]*.
Use this command to configure Traffic Steering for SMF.
Configures traffic routing rule.
Security Administrator, Administrator
Exec
traffic service rule rule_name { [ destination destination_address ] [ hash-prefix hash_prefix ] } Specify the traffic routing rule name.
Must be a string.
Specify the route on 2-digit hash.
Must be a string.
Specify the smf-service group to receive traffic.
Must be a string in the pattern [a-zA-Z][a-zA-Z0-9-]*.
Use this command to configure traffic routing rule.
Feedback