You are on page 1of 10

CH A P T E R

10

Configuring Gx Support
CSG2 provides policy control via the Gx interface. Gx is a Third Generation Partnership Project (3GPP) Diameter application. In a Gx-enabled network, a Gx reference point is located between a Policy and Charging Rules Function (PCRF) and a Policy and Charging Enforcement Function (PCEF). The Gx reference point can be used for charging control and policy control by applying Attribute Value Pairs (AVPs) relevant to the application. The PCRF acts as a Diameter server and performs the following functions:

It uses the Gx interface to provision PCC rules to, and remove PCC rules from, the PCEF. It handles policy control decisions. It provides network control regarding the service data flow detection, gating, Quality of Service (QoS), and flow-based charging (except credit management) towards the PCEF. It receives session- and media-related information from Application Functions (AFs) and informs the AFs of traffic plane events. It uses the Gx interface to send traffic plane events to the PCRF. It enforces policy, handles flow-based charging, and controls QoS and the handling of user plane traffic. It provides service data flow detection and counting as well as online and offline charging interactions. It can report changes in the status of service data flows. Detect a packet that belongs to a service data flow. Identify the service to which the service data flow contributes. Provide applicable charging parameters and policy control for a service data flow.

The PCEF acts as a Diameter client and performs the following functions:

In a Gx-enabled network, the PCC rules are used to:


PCC rules are dynamically provisioned by the PCRF to the PCEF over the Gx interface. Dynamic PCC rules are dynamically generated in the PCRF. Dynamic PCC rules can be activated, modified, and deactivated at any time.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-1

Chapter 10

Configuring Gx Support

In a Gx-enabled network, the CSG2 acts as a PCEF, either as part of an eGGSN node, with a CSG2 and a GGSN as separate cards in a Cisco 7600 Series Router, or as a stand-alone Gi-node, with interoperability from external GGSNs.

In eGGSN mode, the CSG2 acts as a Gx interface endpoint while the GGSN manages PDP contexts. The CSG2 and the GGSN communicate with each other using the RADIUS protocol. The CSG2 provides basic Gx support with enhancements for per-user Layer 7 rules, policy preloading, and per-user service policies. The GGSN provides GTP, PDP AAA Authentication, and QoS RAN Signaling. To enable the CSG2 to parse user profile attributes in eGGSN mode, you must configure either the ip csg entries user profile radius pass command or the ip csg entries user profile radius remove command.

In Gi-node mode, the stand-alone CSG2 acts as a Gx interface endpoint. Gi-node mode supports all of the same functions as eGGSN mode, with the following exception:
PDP Context QoS Signaling is not supported.

The CSG2 supports both the eGGSN mode and the Gi-node mode in both RADIUS endpoint and RADIUS proxy modes. Figure 10-1 illustrates the placement of the CSG2 in a Gx-enabled network:
Figure 10-1 CSG2 in a Gx-Enabled Network

Application Function Proxy Call Session Control Function V

IP

AAA

Ri

Ri PCRF

Gi
275940

GPRS GGSN CS G2

The CSG2 provides the following Gx features:


Enabling Gx on the CSG2, page 10-3 Configuring a User Profile, page 10-3 Preloading Policies, page 10-4

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide

10-2

OL-19290-02

Chapter 10

Configuring Gx Support Enabling Gx on the CSG2

Support for Gx TCP Signature Reporting, page 10-5 Dynamic Provisioning of 3GPP Per-User DGRs, page 10-5 Dynamic Provisioning of Cisco Per-User DGRs, page 10-6 Roaming Support, page 10-7 Volume and Duration Triggers, page 10-8 Service Flow Detection Triggers, page 10-8 Billing Plan Assignment and Modification, page 10-8 PDP Context QoS Signaling, page 10-8 Secondary PDP Context Activation, page 10-9 PCRF-Specified Service-Level and User-Level QoS, page 10-9 PCRF Failure Handling, page 10-9 User Session Continuation After PCRF Timeout, page 10-9 Restrictions for Gx, page 10-10

Enabling Gx on the CSG2


To enable Gx support on the CSG2, enter the following command in global configuration mode: Command
csg2(config)# ip csg pcc gx

Purpose Enables Gx on the CSG2.

Configuring a User Profile


To enable Gx support for a CSG2 subscriber, define a user profile and associate that profile with the subscriber. The user profile:

Enables Gx for all associated subscribers. Defines the actions that the CSG2 is to take if a PCRF fails. Defines the Mobile Policy Control & Charging (MPCC) profile to be used by the CSG2 when sending per-user Credit Control Requests (CCRs) to the PCRF.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-3

Chapter 10 Preloading Policies

Configuring Gx Support

To define a user profile, enter the following commands beginning in global configuration mode: Command
Step 1 Step 2
csg2(config)# ip csg user profile profile-name csg2(config-csg-user-profile)# pcc gx

Purpose Defines a user profile to be associated with a CSG2 subscriber, and enters CSG2 user profile configuration mode. Enables Gx for subscribers associated with a CSG2 user profile. If a RADIUS Accounting Request contains a Cisco VSA that specifies the Gx behavior of the subscriber, the RADIUS-specified behavior overrides the Gx behavior specified by the pcc gx command.

Step 3

csg2(config-csg-user-profile)# pcrf failure [continue | terminate]

(Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF fails when the user session is activated.

continueCreate the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request. terminateDo not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. This is the default setting.

Step 4 Step 5

csg2(config-csg-user-profile)# pcrf profile mpcc-profile-name csg2(config-csg-user-profile)# pcrf timeout [continue | terminate]

(Optional) Defines an MPCC profile to be used by the CSG2 when sending per-user CCRs to the PCRF. (Optional) Defines the actions that the CSG2 is to take for a Policy Control & Charging (PCC) user if the Policy and Charging Rule Function (PCRF) times out.

To associate a user profile with a subscriber, enter the following command in global configuration mode: Command
csg2(config)# ip csg select profile-name {any | radius called-station-id csid-string}

Purpose Associates a CSG2 user profile with a subscriber.

The CSG2 determines that a user is a Gx user in one of the following ways:

The GGSN sends a RADIUS Accounting Start Request or a RADIUS Accounting Interim Request with Cisco VSAs that indicate that the user is a Gx user. The CSG2 compares the access point name (APN) name in attribute 30 (Called-Station-Id) of the RADIUS Accounting Start against a configured list of APN names to determine that the user is a Gx user.

Preloading Policies
The CSG2 can preload global contents, maps, policies, billing plans, and services, as necessary, from the PCRF. If configured to do so, the CSG2 preloads policies when it boots up. However, you can also dynamically load new and changed policies at any time, without rebooting the CSG2.

Note

The standby CSG2 must have replicated all preloaded policy information before requesting replicated User Table, session, and service information from the active CSG2.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide

10-4

OL-19290-02

Chapter 10

Configuring Gx Support Support for Gx TCP Signature Reporting

To preload policies for the CSG2 from the PCRF without rebooting, enter the following command in privileged EXEC mode: Command
csg2# csg start preload

Purpose Begins preloading policies for the CSG2 from the PCRF.

You can also configure a policy preloading retransmission delay and a retransmission number for the CSG2 to use when sending a Policy Preloading Request to the PCRF. To configure a delay and retry number, enter the following command in global configuration mode: Command
csg2(config)# ip csg preload request delay delay-in-seconds retries number-of-retries

Purpose Configures a policy preloading retransmission delay and a retransmission number for the CSG2 to use when sending a Policy Preloading Request to the PCRF. The delay is the number of seconds to wait for a policy preload response (CCA) before sending another policy preload request (CCR) to the PCRF. The number of retries is the number of times to retransmit the message.

Support for Gx TCP Signature Reporting


The CSG2 supports exporting the IP and TCP headers from a subscriber TCP SYN (or SYN-ACK) packet to a Policy and Charging Rule Function (PCRF) device via the Gx protocol. The PCRF selectively arms a Cisco per-user TCP Signature trigger to request the TCP signature information. The subscriber must be identified as a Gx user to allow this reporting to the PCRF. The PCRF can arm the TCP Signature trigger using a subscriber Credit Control Answer (CCA) or Resource Allocation Request (RAR) message. The CSG2 reports the TCP signature of the next TCP flow in a subscriber Credit Control Request-Update (CCR-Update) message. After the trigger is hit, it is cleared until it is armed again by the PCRF. There are no CSG2 commands required to enable this support.

Dynamic Provisioning of 3GPP Per-User DGRs


The CSG2 uses a 3GPP-compliant PCC architecture to dynamically download 3GPP per-user Dynamic Gx Rules (DGRs) for each subscriber PDP context. The CSG2 supports unsolicited provisioning of rules by the PCRF. The eGGSN, if present, establishes the PDP context only after downloading the PCC rules. The CSG2 includes a number of elements as AVPs in updates sent to the PCRF (such as SGSN Address, RAT, and so on). In addition, the CSG2 reports the time of the mobile (not of the gateway) in CCR and reauthorization answer (RAA) messages. The CSG2 can dynamically provision 3GPP per-user DGRs using both standard AVPs and Cisco AVPs. When provisioning with standard AVPs, the CSG2 uses the following procedure:

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-5

Chapter 10 Dynamic Provisioning of Cisco Per-User DGRs

Configuring Gx Support

Step 1 Step 2 Step 3

After identifying a user is a Gx user, the CSG2 sends a Diameter CCR to the PCRF. The PCRF responds with a CCA message with one or more Layer 4 DGRs formatted as standard Charging-Rule-Definition AVPs. The CSG2 associates the DGRs with the User Table entry, downloads the DGRs, and sends a RADIUS CoA Request to the GGSN when complete.

Note

If the CSG2 is a Gi-node, it does not send a RADIUS CoA to the GGSN. Instead, it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. If the PCRF fails, the CSG2 does not create the User Table entry for the PCC user, and it does not forward or acknowledge the RADIUS Accounting Start request.

When provisioning with Cisco AVPs, the CSG2 uses the following procedure:
Step 1 Step 2

After identifying a user is a Gx user, the CSG2 sends a Diameter CCR to the PCRF. The PCRF responds with a CCA message with one or more Layer 4 DGRs formatted as Cisco-Charging-Rule-Definition AVPs. (The use of Cisco-Charging-Rule-Definition AVPs enables features that are available with configured Gx contents.) The CSG2 associates the DGRs with the User Table entry, downloads the rules, and proxies (or ACKs) the RADIUS request when complete.

Step 3

Note

If the CSG2 is a Gi-node, it does not send a RADIUS CoA to the GGSN. Instead, it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. If the PCRF fails, the CSG2 does not create the User Table entry for the PCC user, and it does not forward or acknowledge the RADIUS Accounting Start request.

There are no CSG2 commands required to enable this support.

Dynamic Provisioning of Cisco Per-User DGRs


The CSG2 supports Layer 7 DGRs by referencing global contents, policies, and services that are either configured or dynamically downloaded. The CSG2 dynamically provisions Cisco per-user DGRs using Cisco AVPs. When provisioning with standard AVPs, the CSG2 uses the following procedure:
Step 1

After identifying a user is a Gx user, the CSG2 sends a Diameter CCR to the PCRF.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide

10-6

OL-19290-02

Chapter 10

Configuring Gx Support Roaming Support

Step 2

The PCRF responds with a CCA message with one or more Layer 7 DGRs formatted as Cisco-Charging-Rule-Definition AVPs. The CCA can also include one or more Layer 4 DGRs formatted as either standard Charging-Rule-Definition AVPs or Cisco-Charging-Rule-Definition AVPs. The CSG2 associates the DGRs with the User Table entry, downloads the rules, and proxies (or ACKs) the RADIUS request when complete.

Step 3

Note

If the CSG2 is a Gi-node, it does not send a RADIUS CoA to the GGSN. Instead, it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. If the PCRF fails, the CSG2 does not create the User Table entry for the PCC user, and it does not forward or acknowledge the RADIUS Accounting Start request.

There are no CSG2 commands required to enable this support.

Roaming Support
The CSG2 supports the use of armed event triggers to provide the following roaming features in a Gx-enabled network:

Dynamic blocking of subscriber traffic, of a service, or of a change in the service-level Qos when a subscriber roams. The PCRF might also indicate that the CSG2 is to continue forwarding traffic without blocking or modifying any QoS. Blocking the establishment of the PDP context, or of traffic for specific DGRs or services when a subscriber roams. Policy reauthorization. SGSN_CHANGE (0) RAT_CHANGE (2) PLMN_CHANGE (4) IP_CAN_CHANGE (7) QOS_CHANGE (1) TFT_CHANGE (3) LOSS_OF_BEARER (5) RECOVERY_OF_BEARER (6) QOS_CHANGE_EXCEEDING_AUTHORIZATION (11)

The CSG2 supports triggers for the following per-user 3GPP events:

The CSG2 supports triggers for the following per-PDP context 3GPP events:

There are no CSG2 commands required to enable this support.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-7

Chapter 10 Volume and Duration Triggers

Configuring Gx Support

Volume and Duration Triggers


The CSG2 can report excessive DGR volume usage and duration to the PCRF.

The PCRF specifies the maximum DGR volume usage in an armed volume trigger. When a subscriber passes traffic that matches a DGR, and the IP byte volume (uplink plus downlink) associated with the DGR equals or exceeds the trigger value, the CSG2 reports the usage for the DGR to the PCRF in a CCR and disables the trigger. The PCRF can re-arm the trigger in the CCA. The PCRF specifies the maximum DGR duration an armed time duration trigger. When a subscriber passes traffic that matches a DGR, the CSG2 notes the timestamp of the first packet. Each time the CSG2 processes another packet, it compares the timestamp to that of the first packet. If the difference between the two timestamps exceeds the duration trigger, the CSG2 reports the usage for the DGR to the PCRF in a CCR and disables the trigger. The PCRF can re-arm the trigger in the CCA.

There are no CSG2 commands required to enable this support.

Service Flow Detection Triggers


The CSG2 can notify the PCRF when it receives the first packet that matches a DGR. The PCRF requests the notification in an armed service flow detection trigger. When a subscriber passes traffic that matches a DGR, the CSG2 notifies the PCRF in a CCR, disables the trigger, and handles the traffic. The PCRF can re-arm the trigger in the CCA. There are no CSG2 commands required to enable this support.

Billing Plan Assignment and Modification


The PCRF can assign a new or changed billing plan to a CSG2 subscriber. The PCRF sends the billing plan assignment to the CSG2, and the CSG2 then associates the billing plan with a User Table entry. If there is already a RADIUS or quota server billing plan assigned to the subscriber, the PCRF billing plan overrides the existing billing plan. When the PCRF overrides an existing billing plan, the CSG2 immediately ends all existing user transactions and services for that subscriber. There are no CSG2 commands required to enable this support.

PDP Context QoS Signaling


The eGGSN can signal a QoS change for a PDP context by sending a PDP Update Request to the SGSN. If the SGSN rejects the QoS Update Procedure, the eGGSN increments a counter. This feature is supported only on in eGGSN mode, not in Gi-node mode. There are no CSG2 commands required to enable this support.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide

10-8

OL-19290-02

Chapter 10

Configuring Gx Support Secondary PDP Context Activation

Secondary PDP Context Activation


The GGSN can send a RADIUS Accounting Start Request to the CSG2, requesting a new Accounting-Session-Id for an existing subscriber. The CSG2 then sends a Diameter CCR to the PCRF, and the PCRF responds with a CCA message, provisioning zero, one, or more Layer 4 or Layer 7 DGRs formatted as either standard Charging-Rule-Definition AVPs or Cisco-Charging-Rule-Definition AVPs. There are no CSG2 commands required to enable this support.

PCRF-Specified Service-Level and User-Level QoS


The PCRF can specify QoS parameters for the CSG2 to apply to a specific service for a user, or to all traffic for a user. There are no CSG2 commands required to enable this support.

PCRF Failure Handling


The PCRF can fail to respond to the PCEF if all of the Diameter peers for the MPCC profile are down, too busy, unable to deliver, or looping. If that occurs, and if configured to do so, the CSG2 can take the following actions:

Apply the already provisioned per-user rules to the flows Report the failed PCRF in BMA CDRs and quota server messages Switch to a standby PCRF

To define PCRF failure handling for the CSG2, enter the following command in global configuration mode: Command
csg2(config-csg-user-profile)# pcrf failure [continue | terminate]

Purpose (Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF fails when the user session is activated.

continueCreate the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request. terminateDo not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. This is the default setting.

User Session Continuation After PCRF Timeout


If configured to do so, and if all of the Diameter peers for the MPCC profile are down, the CSG2 can take the following actions in the event that the PCRF times out:

The CSG2 applies the already provisioned per-user rules to the flows. The CSG2 reports the timed-out PCRF in BMA CDRs and quota server messages. The CSG2 switches to a standby PCRF.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-9

Chapter 10 Restrictions for Gx

Configuring Gx Support

To define PCRF timeout handling for the CSG2, enter the following command in global configuration mode: Command
csg2(config-csg-user-profile)# pcrf timeout [continue | terminate]

Purpose (Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF times out when the user session is activated.

continueCreate the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request. terminateDo not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. This is the default setting.

Restrictions for Gx
For Gx, the CSG2 imposes the following restrictions:

Gx is supported for only Internet Protocol version 4 (IPv4) packet data protocol (PDP) types. It is not supported for Internet Protocol version 6 (IPv6), Point-to-Point Protocol (PPP) PDP, or PPP regeneration (PPP-Regen) types. In a Gx charging rule, the flow descriptions in both the uplink and downlink directions must map to the same service. Mapping an existing flow or session to a new DGR is not supported. Provisioning of charging gateways (BMAs, quota servers, and so on) is not supported. Policy control for HTTP X-Forwarded-For data packets is not supported. Per-rule QoS enforcement is not supported. Instead, the PCRF can specify service-level QoS. If a global content update results in changed parameters, the CSG2 closes all open transactions and sessions associated with the content. Only one external preloading server can be active at any given time. If the CSG2 receives a flow before it receives per-user PCC rules from PCRF, the CSG2 matches the flow against existing CSG2 contents. Preloaded policy objects must not reference CLI-configured objects, and vice versa. For example, a preloaded billing plan must not reference a CLI-configured service. You cannot use preloading to modify a CLI-configured object, and you cannot use the CLI to modify a preloaded policy object.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide

10-10

OL-19290-02

You might also like