You are on page 1of 10

CH A P T E R

10

Configuring Gx Support
CSG2 provides policy control via the Gx interface. Gx is a Third Generation Partnership Project (3GPP) Diameter application. In a Gx-enabled network, a Gx reference point is located between a Policy and Charging Rules Function (PCRF) and a Policy and Charging Enforcement Function (PCEF). The Gx reference point can be used for charging control and policy control by applying Attribute Value Pairs (AVPs) relevant to the application. The PCRF acts as a Diameter server and performs the following functions:
• • • •

It uses the Gx interface to provision PCC rules to, and remove PCC rules from, the PCEF. It handles policy control decisions. It provides network control regarding the service data flow detection, gating, Quality of Service (QoS), and flow-based charging (except credit management) towards the PCEF. It receives session- and media-related information from Application Functions (AFs) and informs the AFs of traffic plane events. It uses the Gx interface to send traffic plane events to the PCRF. It enforces policy, handles flow-based charging, and controls QoS and the handling of user plane traffic. It provides service data flow detection and counting as well as online and offline charging interactions. It can report changes in the status of service data flows. Detect a packet that belongs to a service data flow. Identify the service to which the service data flow contributes. Provide applicable charging parameters and policy control for a service data flow.

The PCEF acts as a Diameter client and performs the following functions:
• • • •

In a Gx-enabled network, the PCC rules are used to:
• • •

PCC rules are dynamically provisioned by the PCRF to the PCEF over the Gx interface. Dynamic PCC rules are dynamically generated in the PCRF. Dynamic PCC rules can be activated, modified, and deactivated at any time.

Cisco Content Services Gateway - 2nd Generation Release 3.5 Installation and Configuration Guide OL-19290-02

10-1

the CSG2 acts as a PCEF. with a CSG2 and a GGSN as separate cards in a Cisco 7600 Series Router.2nd Generation Release 3.5 Installation and Configuration Guide 10-2 OL-19290-02 . The CSG2 supports both the eGGSN mode and the Gi-node mode in both RADIUS endpoint and RADIUS proxy modes. with the following exception: – PDP Context QoS Signaling is not supported. • In eGGSN mode. or as a stand-alone Gi-node. and per-user service policies. policy preloading. PDP AAA Authentication. The CSG2 and the GGSN communicate with each other using the RADIUS protocol. page 10-3 Configuring a User Profile. The GGSN provides GTP. To enable the CSG2 to parse user profile attributes in eGGSN mode.Chapter 10 Configuring Gx Support In a Gx-enabled network. with interoperability from external GGSNs. you must configure either the ip csg entries user profile radius pass command or the ip csg entries user profile radius remove command. Figure 10-1 illustrates the placement of the CSG2 in a Gx-enabled network: Figure 10-1 CSG2 in a Gx-Enabled Network Application Function Proxy Call Session Control Function V IP AAA Ri Ri PCRF Gi 275940 GPRS GGSN CS G2 The CSG2 provides the following Gx features: • • • Enabling Gx on the CSG2. Gi-node mode supports all of the same functions as eGGSN mode. the stand-alone CSG2 acts as a Gx interface endpoint. page 10-3 Preloading Policies. and QoS RAN Signaling. the CSG2 acts as a Gx interface endpoint while the GGSN manages PDP contexts. either as part of an eGGSN node. The CSG2 provides basic Gx support with enhancements for per-user Layer 7 rules. • In Gi-node mode. page 10-4 Cisco Content Services Gateway .

enter the following command in global configuration mode: Command csg2(config)# ip csg pcc gx Purpose Enables Gx on the CSG2. page 10-10 Enabling Gx on the CSG2 To enable Gx support on the CSG2.Chapter 10 Configuring Gx Support Enabling Gx on the CSG2 • • • • • • • • • • • • • Support for Gx TCP Signature Reporting. page 10-5 Dynamic Provisioning of Cisco Per-User DGRs. page 10-8 Secondary PDP Context Activation. page 10-9 PCRF-Specified Service-Level and User-Level QoS. page 10-6 Roaming Support. The user profile: • • • Enables Gx for all associated subscribers. page 10-7 Volume and Duration Triggers. page 10-9 User Session Continuation After PCRF Timeout. define a user profile and associate that profile with the subscriber. Cisco Content Services Gateway .5 Installation and Configuration Guide OL-19290-02 10-3 . Defines the actions that the CSG2 is to take if a PCRF fails. Configuring a User Profile To enable Gx support for a CSG2 subscriber. page 10-8 Service Flow Detection Triggers. page 10-8 PDP Context QoS Signaling. page 10-8 Billing Plan Assignment and Modification.2nd Generation Release 3. page 10-9 Restrictions for Gx. Defines the Mobile Policy Control & Charging (MPCC) profile to be used by the CSG2 when sending per-user Credit Control Requests (CCRs) to the PCRF. page 10-9 PCRF Failure Handling. page 10-5 Dynamic Provisioning of 3GPP Per-User DGRs.

2nd Generation Release 3. the RADIUS-specified behavior overrides the Gx behavior specified by the pcc gx command. the CSG2 preloads policies when it boots up. enter the following command in global configuration mode: Command csg2(config)# ip csg select profile-name {any | radius called-station-id csid-string} Purpose Associates a CSG2 user profile with a subscriber. Step 3 csg2(config-csg-user-profile)# pcrf failure [continue | terminate] (Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF fails when the user session is activated. Cisco Content Services Gateway . Note The standby CSG2 must have replicated all preloaded policy information before requesting replicated User Table. and services. Step 4 Step 5 csg2(config-csg-user-profile)# pcrf profile mpcc-profile-name csg2(config-csg-user-profile)# pcrf timeout [continue | terminate] (Optional) Defines an MPCC profile to be used by the CSG2 when sending per-user CCRs to the PCRF.Chapter 10 Preloading Policies Configuring Gx Support To define a user profile. and enters CSG2 user profile configuration mode. from the PCRF. However. Preloading Policies The CSG2 can preload global contents. as necessary. billing plans. enter the following commands beginning in global configuration mode: Command Step 1 Step 2 csg2(config)# ip csg user profile profile-name csg2(config-csg-user-profile)# pcc gx Purpose Defines a user profile to be associated with a CSG2 subscriber. session. To associate a user profile with a subscriber. you can also dynamically load new and changed policies at any time.5 Installation and Configuration Guide 10-4 OL-19290-02 . policies. • • continue—Create the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request. If configured to do so. (Optional) Defines the actions that the CSG2 is to take for a Policy Control & Charging (PCC) user if the Policy and Charging Rule Function (PCRF) times out. Enables Gx for subscribers associated with a CSG2 user profile. terminate—Do not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. maps. If a RADIUS Accounting Request contains a Cisco VSA that specifies the Gx behavior of the subscriber. The CSG2 determines that a user is a Gx user in one of the following ways: • • The GGSN sends a RADIUS Accounting Start Request or a RADIUS Accounting Interim Request with Cisco VSAs that indicate that the user is a Gx user. The CSG2 compares the access point name (APN) name in attribute 30 (Called-Station-Id) of the RADIUS Accounting Start against a configured list of APN names to determine that the user is a Gx user. and service information from the active CSG2. This is the default setting. without rebooting the CSG2.

When provisioning with standard AVPs. the CSG2 reports the time of the mobile (not of the gateway) in CCR and reauthorization answer (RAA) messages. Support for Gx TCP Signature Reporting The CSG2 supports exporting the IP and TCP headers from a subscriber TCP SYN (or SYN-ACK) packet to a Policy and Charging Rule Function (PCRF) device via the Gx protocol.2nd Generation Release 3. Dynamic Provisioning of 3GPP Per-User DGRs The CSG2 uses a 3GPP-compliant PCC architecture to dynamically download 3GPP per-user Dynamic Gx Rules (DGRs) for each subscriber PDP context. and so on). The delay is the number of seconds to wait for a policy preload response (CCA) before sending another policy preload request (CCR) to the PCRF. After the trigger is hit. enter the following command in global configuration mode: Command csg2(config)# ip csg preload request delay delay-in-seconds retries number-of-retries Purpose Configures a policy preloading retransmission delay and a retransmission number for the CSG2 to use when sending a Policy Preloading Request to the PCRF.Chapter 10 Configuring Gx Support Support for Gx TCP Signature Reporting To preload policies for the CSG2 from the PCRF without rebooting. To configure a delay and retry number. The PCRF selectively arms a Cisco per-user TCP Signature trigger to request the TCP signature information. enter the following command in privileged EXEC mode: Command csg2# csg start preload Purpose Begins preloading policies for the CSG2 from the PCRF. You can also configure a policy preloading retransmission delay and a retransmission number for the CSG2 to use when sending a Policy Preloading Request to the PCRF. The eGGSN. The subscriber must be identified as a Gx user to allow this reporting to the PCRF. In addition. The CSG2 supports unsolicited provisioning of rules by the PCRF. establishes the PDP context only after downloading the PCC rules. The CSG2 reports the TCP signature of the next TCP flow in a subscriber Credit Control Request-Update (CCR-Update) message.5 Installation and Configuration Guide OL-19290-02 10-5 . it is cleared until it is armed again by the PCRF. the CSG2 uses the following procedure: Cisco Content Services Gateway . The number of retries is the number of times to retransmit the message. RAT. The CSG2 includes a number of elements as AVPs in updates sent to the PCRF (such as SGSN Address. There are no CSG2 commands required to enable this support. if present. The PCRF can arm the TCP Signature trigger using a subscriber Credit Control Answer (CCA) or Resource Allocation Request (RAR) message. The CSG2 can dynamically provision 3GPP per-user DGRs using both standard AVPs and Cisco AVPs.

the CSG2 uses the following procedure: Step 1 Step 2 After identifying a user is a Gx user. Instead. If the PCRF fails. Cisco Content Services Gateway . policies. When provisioning with Cisco AVPs. and proxies (or ACKs) the RADIUS request when complete. When provisioning with standard AVPs. If the PCRF fails. There are no CSG2 commands required to enable this support. the CSG2 does not create the User Table entry for the PCC user.) The CSG2 associates the DGRs with the User Table entry. it does not send a RADIUS CoA to the GGSN. The PCRF responds with a CCA message with one or more Layer 4 DGRs formatted as Cisco-Charging-Rule-Definition AVPs. it does not send a RADIUS CoA to the GGSN. and services that are either configured or dynamically downloaded. The CSG2 dynamically provisions Cisco per-user DGRs using Cisco AVPs. Note If the CSG2 is a Gi-node.5 Installation and Configuration Guide 10-6 OL-19290-02 . the CSG2 uses the following procedure: Step 1 After identifying a user is a Gx user.2nd Generation Release 3. and it does not forward or acknowledge the RADIUS Accounting Start request. downloads the DGRs. (The use of Cisco-Charging-Rule-Definition AVPs enables features that are available with configured Gx contents. the CSG2 sends a Diameter CCR to the PCRF. The PCRF responds with a CCA message with one or more Layer 4 DGRs formatted as standard Charging-Rule-Definition AVPs. downloads the rules. Instead. The CSG2 associates the DGRs with the User Table entry. the CSG2 does not create the User Table entry for the PCC user. and sends a RADIUS CoA Request to the GGSN when complete. Dynamic Provisioning of Cisco Per-User DGRs The CSG2 supports Layer 7 DGRs by referencing global contents. the CSG2 sends a Diameter CCR to the PCRF. and it does not forward or acknowledge the RADIUS Accounting Start request. it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. Step 3 Note If the CSG2 is a Gi-node. the CSG2 sends a Diameter CCR to the PCRF.Chapter 10 Dynamic Provisioning of Cisco Per-User DGRs Configuring Gx Support Step 1 Step 2 Step 3 After identifying a user is a Gx user.

SGSN_CHANGE (0) RAT_CHANGE (2) PLMN_CHANGE (4) IP_CAN_CHANGE (7) QOS_CHANGE (1) TFT_CHANGE (3) LOSS_OF_BEARER (5) RECOVERY_OF_BEARER (6) QOS_CHANGE_EXCEEDING_AUTHORIZATION (11) • • The CSG2 supports triggers for the following per-user 3GPP events: • • • • The CSG2 supports triggers for the following per-PDP context 3GPP events: • • • • • There are no CSG2 commands required to enable this support. The PCRF might also indicate that the CSG2 is to continue forwarding traffic without blocking or modifying any QoS.2nd Generation Release 3. There are no CSG2 commands required to enable this support. Cisco Content Services Gateway . Step 3 Note If the CSG2 is a Gi-node. Policy reauthorization. or of a change in the service-level Qos when a subscriber roams. The CSG2 associates the DGRs with the User Table entry. it does not send a RADIUS CoA to the GGSN.5 Installation and Configuration Guide OL-19290-02 10-7 . and it does not forward or acknowledge the RADIUS Accounting Start request. the CSG2 does not create the User Table entry for the PCC user. it delays the proxy or acknowledgement of the RADIUS Accounting Request until it has successfully downloaded the rules. The CCA can also include one or more Layer 4 DGRs formatted as either standard Charging-Rule-Definition AVPs or Cisco-Charging-Rule-Definition AVPs. Roaming Support The CSG2 supports the use of armed event triggers to provide the following roaming features in a Gx-enabled network: • Dynamic blocking of subscriber traffic. Blocking the establishment of the PDP context. If the PCRF fails. Instead. of a service.Chapter 10 Configuring Gx Support Roaming Support Step 2 The PCRF responds with a CCA message with one or more Layer 7 DGRs formatted as Cisco-Charging-Rule-Definition AVPs. and proxies (or ACKs) the RADIUS request when complete. downloads the rules. or of traffic for specific DGRs or services when a subscriber roams.

Service Flow Detection Triggers The CSG2 can notify the PCRF when it receives the first packet that matches a DGR. There are no CSG2 commands required to enable this support. The PCRF requests the notification in an armed service flow detection trigger. Each time the CSG2 processes another packet. the CSG2 notifies the PCRF in a CCR. • The PCRF specifies the maximum DGR volume usage in an armed volume trigger. and the CSG2 then associates the billing plan with a User Table entry. The PCRF can re-arm the trigger in the CCA. not in Gi-node mode. the CSG2 immediately ends all existing user transactions and services for that subscriber. There are no CSG2 commands required to enable this support. it compares the timestamp to that of the first packet. The PCRF can re-arm the trigger in the CCA. PDP Context QoS Signaling The eGGSN can signal a QoS change for a PDP context by sending a PDP Update Request to the SGSN. This feature is supported only on in eGGSN mode. the eGGSN increments a counter. If there is already a RADIUS or quota server billing plan assigned to the subscriber. the CSG2 reports the usage for the DGR to the PCRF in a CCR and disables the trigger. disables the trigger. the PCRF billing plan overrides the existing billing plan. When a subscriber passes traffic that matches a DGR. When a subscriber passes traffic that matches a DGR.2nd Generation Release 3. • There are no CSG2 commands required to enable this support.Chapter 10 Volume and Duration Triggers Configuring Gx Support Volume and Duration Triggers The CSG2 can report excessive DGR volume usage and duration to the PCRF. The PCRF specifies the maximum DGR duration an armed time duration trigger. Billing Plan Assignment and Modification The PCRF can assign a new or changed billing plan to a CSG2 subscriber. The PCRF can re-arm the trigger in the CCA. There are no CSG2 commands required to enable this support. When the PCRF overrides an existing billing plan. If the SGSN rejects the QoS Update Procedure. Cisco Content Services Gateway . and the IP byte volume (uplink plus downlink) associated with the DGR equals or exceeds the trigger value. the CSG2 reports the usage for the DGR to the PCRF in a CCR and disables the trigger. The PCRF sends the billing plan assignment to the CSG2.5 Installation and Configuration Guide 10-8 OL-19290-02 . If the difference between the two timestamps exceeds the duration trigger. When a subscriber passes traffic that matches a DGR. the CSG2 notes the timestamp of the first packet. and handles the traffic.

5 Installation and Configuration Guide OL-19290-02 10-9 . If that occurs. provisioning zero. one. This is the default setting. the CSG2 can take the following actions: • • • Apply the already provisioned per-user rules to the flows Report the failed PCRF in BMA CDRs and quota server messages Switch to a standby PCRF To define PCRF failure handling for the CSG2. Cisco Content Services Gateway . enter the following command in global configuration mode: Command csg2(config-csg-user-profile)# pcrf failure [continue | terminate] Purpose (Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF fails when the user session is activated. The CSG2 switches to a standby PCRF. There are no CSG2 commands required to enable this support. or more Layer 4 or Layer 7 DGRs formatted as either standard Charging-Rule-Definition AVPs or Cisco-Charging-Rule-Definition AVPs. terminate—Do not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. and if all of the Diameter peers for the MPCC profile are down. User Session Continuation After PCRF Timeout If configured to do so. • • continue—Create the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request. requesting a new Accounting-Session-Id for an existing subscriber. There are no CSG2 commands required to enable this support. and if configured to do so. too busy. or looping.Chapter 10 Configuring Gx Support Secondary PDP Context Activation Secondary PDP Context Activation The GGSN can send a RADIUS Accounting Start Request to the CSG2. the CSG2 can take the following actions in the event that the PCRF times out: • • • The CSG2 applies the already provisioned per-user rules to the flows. The CSG2 then sends a Diameter CCR to the PCRF. The CSG2 reports the timed-out PCRF in BMA CDRs and quota server messages. and the PCRF responds with a CCA message. or to all traffic for a user. unable to deliver. PCRF-Specified Service-Level and User-Level QoS The PCRF can specify QoS parameters for the CSG2 to apply to a specific service for a user. PCRF Failure Handling The PCRF can fail to respond to the PCEF if all of the Diameter peers for the MPCC profile are down.2nd Generation Release 3.

• • • • • • • • • • Cisco Content Services Gateway . Provisioning of charging gateways (BMAs. In a Gx charging rule. the CSG2 imposes the following restrictions: • Gx is supported for only Internet Protocol version 4 (IPv4) packet data protocol (PDP) types. the flow descriptions in both the uplink and downlink directions must map to the same service. This is the default setting. You cannot use preloading to modify a CLI-configured object. Only one external preloading server can be active at any given time. If a global content update results in changed parameters. Instead. and so on) is not supported. Restrictions for Gx For Gx. Point-to-Point Protocol (PPP) PDP. and vice versa. a preloaded billing plan must not reference a CLI-configured service.2nd Generation Release 3. Policy control for HTTP X-Forwarded-For data packets is not supported. Preloaded policy objects must not reference CLI-configured objects. or PPP regeneration (PPP-Regen) types. the CSG2 closes all open transactions and sessions associated with the content. Mapping an existing flow or session to a new DGR is not supported. For example.5 Installation and Configuration Guide 10-10 OL-19290-02 . the PCRF can specify service-level QoS. Per-rule QoS enforcement is not supported. It is not supported for Internet Protocol version 6 (IPv6). terminate—Do not create the CSG2 User Table entry for the PCC user and do not forward the RADIUS Accounting Start request. If the CSG2 receives a flow before it receives per-user PCC rules from PCRF. quota servers. the CSG2 matches the flow against existing CSG2 contents. and you cannot use the CLI to modify a preloaded policy object. enter the following command in global configuration mode: Command csg2(config-csg-user-profile)# pcrf timeout [continue | terminate] Purpose (Optional) Defines the actions that the CSG2 is to take for a PCC user if the PCRF times out when the user session is activated. • • continue—Create the CSG2 User Table entry for the PCC user and forward the RADIUS Accounting Start request.Chapter 10 Restrictions for Gx Configuring Gx Support To define PCRF timeout handling for the CSG2.