Applies DSCP marking for IP header carrying outgoing A11-signalling packets.

no

Disables the a11-signalling-packets ip-header-dscp option configuration.

Sets / Restores default value assigned for specified parameter a11-signalling-packets ip-header-dscp .

a Hexa decimal number between 0x0 and 0x3F.

Specifies the value for the 3gpp2-service option.

no

Disables the aaa 3gpp2-service option configuration.

Sets / Restores default value assigned for specified parameter aaa 3gpp2-service-option .

Service option number is integer and should be between 0 to 32767 .

no

Disables the aaa nas-ip-address option configuration.

Sets / Restores default value assigned for specified parameter aaa nas-ip-address by default this is disabled.

Specifies the IPv4 addresses to be used.

If access-flow traffic-validation is enabled for the service and the subscriber then the flows are checked against the filter rules. If the packets does not match the filter rules, and N violations occur in K seconds, the rp connection is downgraded to best-effort flow, if it is not already a best-effort flow.

no

Disable traffic validation for the service.

default

Traffic validation configuration for the service is set to the default value.

threshold { [ violations limit ] [ interval seconds ] }

violations limit : Sets the parameters that determine traffic access violations. This is determined by setting the maximum number of violations within a set time period. must be an integer from 1 through 100000 .

interval seconds Sets the time interval, in seconds. must be an integer from 1 through 100000 .

Configures access network parameters.

no

Disables the access-network .

accounting identifier

Configures accounting for the access-network. This value must be a string from 1 to 128 characters in length.

realm realm_name

Configures the realm for the access-network. realm_name must be a string from 1 to 128 characters in length.

Configures PDSN behavior for airlink related parameters.

airlink  bad-sequence-number  { accept  | deny  [use-deny-code  { poorly-formed-request  | unsupported-vendor-id }]}
[ no  | default  ] airlink bad-sequence-number 

no

Disables the deny of bad-sequence number and accept it.

default

It is the default behavior.

accept

Accepts the A11 RRQ messages that have an Airlink Sequence number less than or equal to a previously received sequence number.

It is the default behavior.

deny

Rejects the A11 RRQ messages that have an Airlink Sequence number less than or equal to a previously received sequence number.

It uses poorly-formed-request option by default to deny a request.

use-deny-code { poorly-formed-request | unsupported-vendor-id }

These are optional keywords that used with deny sub-command to deny the A11 RRQ messages that have either an unsupported vendor Id or A11 Requests with bad/poor formation.

unsupported-vendor-id denies request on the basis of vendor Id.

poorly-formed-request will deny the A11 request on the basis of request formation or structure. It is the default deny code for deny sub-command.

Allows proprietary modified versions of PPP type sessions to connect this PDSN service.

no

Disables the allowed alternate PPP feature.

default

Sets the specified parameter to default.

Enables/disables the inclusion of 3GPP2 Always On Indicators in messages to the PCF.

no

Disables the sending of 3GPP2 Always On Indication messages.

Associates a PDSN-service with a Quality of Service (QoS) policy.

no

Disables the configuration to associate PDSN-serivce with qos policy.

qci-qos-mapping string

qci-qos-mapping configures QCI to QoS mapping for this PDSN service.

string a string of size 1 to 63.

Configures authentication parameters for specific PDSN service.

default

Configures authentication parameters for specific PDSN service.

allow-noauth

Default: Disabled

This option configures the system to provide subscribers with network access even though they have not been authenticated. This command issued by itself would cause the system to not attempt to authenticate subscribers.

When the allow-noauth option is used in conjunction with commands specifying other authentication protocols and priorities to use, then if attempts to use those protocols fail, the system will treat the allow-noauth option as the lowest priority.

If no authentication is allowed, then NAI construct will be implemented in order to provide accounting records for the subscriber.

chap chap_priority

Default: 1

This option configures the system to attempt to use the Challenge Handshake Authentication Protocol (CHAP) to authenticate the subscriber.

A chap_priority must be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on.

chap_priority must be an integer from 1 through 1000. The lower the integer, the higher the preference. CHAP is enabled by default as the highest preference.

mschap mschap_priority

Default: Disabled

This option configures the system to attempt to use the Microsoft Challenge Handshake Authentication Protocol (MSCHAP) to authenticate the subscriber.

A mschap_priority must be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on.

mschap_priority must be an integer from 1 through 1000. The lower the integer, the higher the preference.

pap pap_priority

Default: 2

This option configures the system to attempt to use the Password Authentication Protocol (PAP) to authenticate the subscriber.

A pap_priority must be specified in conjunction with this option. Priorities specify which authentication protocol should be attempted first, second, third and so on.

pap_priority must be an integer from 1 through 1000. The lower the integer, the higher the preference. PAP is enabled by default as the second highest preference.

msid-auth

Default: Disabled

This option configures the system to attempt to authenticate the subscriber based on their Mobile Station Identity (MSID).

Sets the BCMCS (Broadcast Multicast Service) group username and password for RADIUS access.

custom

Customise the BCMCS configuration.

flow-id value

Set the BCMCS flow-id. This value must be a hex string between 0x1000 and 0xFFFFFFFF .

Making this entry opens a new mode: bcmcs-flow-id.

rohc-profile name : Configure ROHC parameters name, name should be string of size 1 to 63 .

grpusrname group_name

Sets the BCMCS group name for RADIUS access requests. This value must be a string from 1 to 127 characters in length.

encrypted grppasswd group_passwd

Set the BCMCS group password for RADIUS access requests. This value must be a string from 1 to 63 characters in length.

Password can be encrypted or clear.

ptt { destination-context dest_name | disconnect-dscp-label dscp_label | mtu transmission_unit | rohc-profile-name rohc_profile_name }

destination-context : Specify the intended destination context name. This value must be string of 1 to 79 characters in length.

disconnect-dscp-label : Configures the DSCP label to be present in the In Call Signalling packet based on which In Call Signalling and Media Flows will be disconnected. This value must be a Hexadecimal number between 0x0 and 0xFF .

mtu transmission_unit : Configures maximum transmission unit, This value must be ranging from 100 to 2000 . Default is 1500 .

rohc_profile_name rohc_profile_name : Profile name of the ROHC compressor and decompressor. This value should be a string of 1 to 63 .

 bcmcsgrpusername group_name 
 bcmcsgrppasswd group_password 

Binds the PDSN service to a logical IP interface serving as the R-P interface. Specifies the maximum number of subscribers that can access this service over the interface.

no

Removes a previously configured binding.

address

Specifies the IP address (address) of the interface configured as the R-P interface. address is specified in dotted decimal notation.

max-subscribers count

Default: 500000

Specifies the maximum number of subscribers that can access this service on this interface.

count can be configured to any integer value between 0 and 2500000 .

Important

The maximum number of subscribers supported is dependant on the license key and the number of active PACs/PSCs installed in the system. A fully loaded system with 13 active PACs/PSCs can support 2500000 total subscribers. Refer to the license key command for additional information.

Enables sending Data Available Indicator extension in R-P Registration Reply.

no

Default: Disabled

Disable the sending of the Data Available Indicator extension in R-P Registration Reply.

default

Sets / Restores default value assigned for specified parameter for data-available-indicator .

Enables the data-over-signaling marking feature for A10 packets.

default

Sets / Restores default value assigned for specified parameter for data-over signaling

no

Default: Enabled

Disable the data-over signaling feature for A10 packets.

no data-over-signaling 

Specifies the name of a subscriber profile configured within the same context as the PDSN service from which to base the handling of all other subscriber sessions handled by the PDSN service.

no

Enables/Disables the option default subscriber profile_name

profile_name

Specifies the name of the configured subscriber profile. profile_name can be between 1 and 127 alpha and/or number characters and is case sensitive.

Enables sending Direct LTE Indicator VSA in Access Request.

default

Sets / Restores default value assigned for specified parameter for data-over signaling

no

Default: Enabled

Disables sending Direct LTE Indicator VSA in Access Request.

no direct-lte-indicator 

Configures the PDSN behavior to terminate A10 session, when the PDSN receives the A11-RRQ (Type 4) before the session for the original MN is established completely.

no

Terminates the A10 session, when PDSN receives the A11-RRQ (Type 4) before the original session established completely.

default

Keeps the A10 session live in case of A11-RRQ (Type 4) is received before the original session is established completely.

Enables or disables PDSN support for enhanced PCF redirection.

no

Disables PDSN support for enhanced PCF redirection.

enhanced-pcf-redirection

Enables PDSN support for enhanced PCF redirection.

Enables or disables PPP payload fragmentation.

no

Disables the fragmentation of ppp data.

default

Default enables ppp data fragmentation.

Configures Generic Routing Encapsulation (GRE) parameters for the A10 protocol within the PDSN service.

no

Disables the specified functionality.

default

Restores the specified parameter to its default setting.

checksum

Default: disabled

Enables the introduction of the checksum field in outgoing GRE packets.

checksum-verify

Default: disabled

Enables verification of the GRE checksum (if present) in incoming GRE packets.

ip-header-dscp value { all-control-packets | setup-packets-only }

Default: Disabled

protocol-type { any | byte-stream | ppp }

Specifies the protocol used fro GRE encapsulation that is acceptable to

any : Specifies that the PDSN service will accept GRE packets encapsulated using any protocol.

byte-stream : Specifies that the PDSN service will accept GRE packets only encapsulated using byte stream. Using byte stream encapsulation, PPP packets are framed at different intervals and sent.

ppp : Specifies that the PDSN service will accept GRE packets only encapsulated using the Point-to-Point Protocol (PPP). Using PPP encapsulation, PPP packets are framed at regular intervals and sent.

reorder-timeout

Default: 100

Configures max number of milliseconds to wait before processing reordered out-of-sequence GRE packets. milliseconds must be an integer from 0 through 5000 .

segmentation

Default: disabled

Enables GRE Segmentation for the PDSN service.

sequence-mode { none | reorder }

Default: none

Configures handling of incoming out-of-sequence GRE packets.

none : Specifies that sequence numbers in packets are ignored and all arriving packets are processed in the order they arrive.

sequence-numbers

Enables insertion of GRE sequence numbers in data that is about to be transmitted over the A10 interface. Data coming into the system containing sequence numbers but that is out of sequence is not re-sequenced.

threegppp2-ext-headers qos-marking

When threegppp2-ext-headers qos-marking is enabled and the PCF negotiates capability in the A11 RRQ, the PDSN will include the qos optional data attribute in the GRE 3gpp2 extension header.

The no keyword, enables qos-marking in the gre header based on the tos value in the header.

Configures the PDSN to support the Mobility Event Identifier (MEI) during inter-PDSN handoffs. The presence of the Mobility Event Indicator (MEI) and Access Network Identifier (ANID) elements in a A11 handoff request represents an Inter-PDSN handoff.

no

Disables support for the MEI during inter-PDSN handoffs.

default

Sets / Restores default value assigned for inter-pdsn-handoff mobility-event-indicator . By default it is disabled.

Configures Inter-PDSN handoff related parameters.

no

Disables support for the MEI during inter-PDSN handoffs parameters.

default

Sets / Restores default value assigned for inter-pdsn-handoff mobility-event-indicator . By default it is disabled.

Enters PDSN Service ROHC Configuration Mode and allows you to configure ROHC parameters that the PDSN conveys to the PCF in the initial A11 RRP message before PPP authentication.

By default, ROHC is disabled for a PDSN service.

default

Sets all PDSN Service ROHC Configuration Mode values back to the defaults and disable ROHC for this PDSN service.

no

Disable IP header compression for this PDSN Service.

Configures the local User Datagram Protocol (UDP) port for the R-P interfaces' IP socket.

number

Default: 699

Specifies the UDP port number.

number can be any integer value between 1 and 65535 .

default

Designates UDP port, default value as 699 .

Sets the parameters for IP source validation. Source validation is useful if packet spoofing is suspected or for verifying packet routing and labeling within the network.

Source validation requires the source address of received packets to match the IP address assigned to the subscriber (either statically or dynamically) during the session.

no

Enables/Disables ip source-violation clear-on-valid-packet .

default

Configure default settings related to ip source-violation .

clear-on-valid-packet

Default: disabled

Configures the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed packet.

drop-limit num

Default: 10

Sets the number of allowed source violations within a detection period before forcing a call disconnect. If num is not specified, the value is set to the default.

num can be any integer value from 1 to 1000000 .

period secs

Default: 120

The length of time, in seconds, for a source violation detection period to last. drop-limit and reneg-limit counters are decremented each time this value is reached.

The counters are decremented in this manner: reneg-limit counter is reduced by one (1) each time the period value is reached until the counter is zero (0); drop-limit counter is halved each time the period value is reached until the counter is zero (0). If secs is not specified, the value is set to the default.

secs can be any integer value from 1 to 1000000 .

reneg-limit num

Default: 5

Sets the number of allowed source violations within a detection period before forcing a PPP renegotiation. If num is not specified, the value is set to the default.

num can be any integer value from 1 to 1000000 .

Specifies the time that an A10 connection can exist before its registration is considered expired.

no lifetime

Specifies that an A10 connection can exist for an infinite amount of time.

default lifetime

Sets / Restores default value assigned for lifetime as 1800.

time

Default: 1800

Specifies the time that an A10 connection can exist before its registration is considered expired.

time is measured in seconds and can be configured to any integer value between 1 and 65534 .

Configures the maximum number of times the PDSN service will attempt to communicate with a PCF before it marks it as unreachable.

default

Sets / Restores default value assigned for max-retransmissions as 5 .

count

Specifies the maximum number of times the PDSN service will attempt to communicate with a PCF before it marks it as unreachable.

count can be configured to any integer value between 1 and 1,000,000 .

For Mobile IP support, specifies the context in which the FA service(s) are configured.

no

Enables/Disables mobile-ip foreign-agent context

context_name

Specifies the name of the previously configured context that facilitates the FA service(s).

context_name must be between 1 and 79 alpha or numeric characters and is case sensitive.

fa-service name

This optional keyword allows you to link the PDSN service to a particular FA service in the specified context. name is the name of the FA service to link to. name is a string of size 1 to 63

Configures Mobile IPv6 parameters within specific PDSN service.

mobile-access-gateway

Configures Mobile Access Gateway (MAG) parameters within specific PDSN service.

context context_name

Designates name of the context in which the MAG service is configured. Must be followed by context name of MAG service.

context_name is a string of size 1 to 79.

mag-service name

Designates name of the MAG service in that context. Must be followed by MAG service name.

name is a string of size 1 to 63.

Configures checking the length of the A11 MSID in A11 Session Specific Extn and airlink records.

default

Specifies the default length of MSID (10 to 15 ) as per standard. By default msid is disabled.

min min_length

Specifies the minimum length for MSID.

min_length is any Integer value between 10 to 15 , but should be less than max_length specified with max . Default is 10 .

max max_length

Specifies the maximum length for MSID.

max_length is any Integer value between 10 to 15 , but should be more than min_length specified with min . Default is 15 .

Specifies a domain alias that will be used to represent the context which the PDSN service should use for AAA functionality.

domain alias

Alias represents the "domain" name that you would like to associate with the context in which AAA functionality is configured. alias can be between 1 and 79 alpha and/or numeric characters and is case-sensitive.

Enable or disable to send A11-RUPD to current PCF, when system receives the A11-RRQ(Type1) from new PCF during the session exists.

no

Disable to send A11-RUPD to current PCF, when system receives the A11-RRQ(Type1) from new PCF during the session exists.

default

Enable to send A11-RUPD to current PCF, when system receives the A11-RRQ(Type1) from new PCF during the session exists.

Enables the monitoring of all the PCFs that have sessions associated with it. The PDSN stops monitoring a PCF if it is determined to be down. Once a PCF is determined to be down, the PDSN tears down all sessions that correspond to the PCF and generates AAA Accounting Stop messages. All the PCFs that are connected to the PDSN service are monitored.

pcf-monitor

Entering the command with no keywords enables the PCF monitoring function with all parameters set to the defaults.

no

Disables the pcf monitoring function.

default

Sets / Restores default value assigned for pcf-monitor .

interval seconds

Default: 60 seconds

Sets the amount of time to wait between ping request messages.

seconds must be an integer in the range from 1 through 3600.

max-inactivity-time seconds

Default: 120 seconds

The maximum amount of time (seconds) with no A10 traffic from a PCF before the ICMP-ping mechanism is triggered.

seconds must be an integer from 1 through 3600.

num-retry num

Default: 5

Sets the number of times that the PDSN retries to ping the PCF. When num-retry for a given PCF has been exhausted with no response, sessions that correspond to the non-responsive PCF are terminated and Accounting Stop records for each terminated session are generated.

num must be an integer in the range from 0 through 100.

timeout seconds

Default: 3 seconds

The amount of time to wait for a response before retrying.

seconds must be in the range from 1 through 10.

Manages current session and PPP renegotiation on GRE-key change without any change in PCF/PANID/CANID. This command disables or enables the PPP renegotiation restart on receiving an RP registration request from the current PCF with GRE key (PCF session Id) change. With this command the PDSN aborts and restarts the call causing PPP renegotiation.

This is enabled by default.

no

Disables the pcf-session-id-change restart-ppp function.

With this option PDSN does not restart the PPP renegotiation on GRE key change from current PCF in an RP registration request, unless it indicates change in PCF/PANID/CANID.

default

Set the pcf-session-id-change function to the default state on enabled.

Configures a type0 traffic flow template (tft) to a type1 traffic flow template.

no

Disables pdsn type0-tft attempt-inner-match .

default

Sets / Restores default value assigned for pdsn type0-tft attempt-inner-match.

Configures settings for any PCF that has a connection with this PDSN.

ip_address | ip_address/mask

ip_address must be specified using the standard IPv4 dotted decimal notation or colon notation for IPv6.

ip_address/mask must be specified using the standard IPv4 dotted decimal notation or colon notation for IPv6, followed by the mask.

bcmcs_framing { hdlc-like | segment-based }

Enables sending PMIP Capability Indicator VSA in Access Request.

3gpp2

Use 3GPP2 defined VSA. Default is to use Custom1 VSA.

no

Enables/Disables sending PMIP Capability Indicator VSA in Access Request.

default

Sets / Restores default value assigned for PMIP Capability Indicator.

Configures PDSN service policies.

no

Enables/Disables the PDSN service policies.

default

Sets / Restores default value assigned for specified PDSN service policies.

policy msid-match msid_with_wildcards redirect address [ weight weight_num ] [ address2 [ weight weight_num ]... address16 [ weight weight_num ] ] [ weight weight_num ]

Specifies how a PDSN service should handle an incoming call that matches a list of wildcard MSIDs.

msid_with_wildcards: An MSID in which up to 16 digits have been replaced with the wildcard '$'. This defines the list of possible matches for incoming calls.

redirect : This option enables a redirect policy for overloading conditions. When a redirect policy is invoked, the PDSN service rejects new sessions with an A11 Registration Reply Code of 88H (unknown PDSN address) and provides the IP address of an alternate PDSN. This command can be issued multiple times.

address: The IP address of an alternate PDSN expressed in IP v4 dotted decimal notation. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values.

weight weight_num : When multiple addresses are specified, they are selected in a weighted round-robin scheme. Entries with higher weights are more likely to be chosen. If a weight is not specified the entry is automatically assigned a weight of 1. weight_num must be an integer from 1 through 10.

policy overload { redirect address [ weight weight_num ] [ address2 [ weight weight_num ] ... address16 [ weight weight_num ] ] | reject [ use-reject-code { admin-prohibited | insufficient-resources } ] }

Specifies how a PDSN service should handle an overload condition.

redirect : This option enables a redirect policy for overloading conditions. When a redirect policy is invoked, the PDSN service rejects new sessions with an A11 Registration Reply Code of 88H (unknown PDSN address) and provides the IP address of an alternate PDSN. This command can be issued multiple times.

address: The IP address of an alternate PDSN expressed in IP v4 dotted decimal notation. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values.

weight weight_num : When multiple addresses are specified, they are selected in a weighted round-robin scheme. Entries with higher weights are more likely to be chosen. If a weight is not specified the entry is automatically assigned a weight of 1. weight_num must be an integer from 1 through 10.

reject : This option will cause any overload traffic to be rejected. The PDSN will send an A11 Registration Reply Code of 82H (insufficient resources).

use-reject-code admin-prohibited : When this keyword is specified and traffic is rejected, the error code admin prohibited is returned instead of the error code insufficient resources. This is the default behavior.

use-reject-code insufficient-resources : When this keyword is specified and traffic is rejected, the error code insufficient resources is returned instead of the error code admin prohibited.

policy pcf-zone-match zone_number redirect address [ weight weight_num ] [ address2 [ weight weight_num ] ... address16 [ weight weight_num ] ] | restricted [ redirect address [ weight weight_num ] [ address2 [ weight weight_num ] ... address16 [ weight weight_num ] ]

Specifies how a PDSN service should handle an incoming call that matches a predefined zone number.

zone_number: An integer between 1 and 32 that defines the zone incoming calls must match for redirection.

redirect : This option enables a redirect policy for overloading conditions. When a redirect policy is invoked, the PDSN service rejects new sessions with an A11 Registration Reply Code of 88H (unknown PDSN address) and provides the IP address of an alternate PDSN. This command can be issued multiple times.

address : The IP address of an alternate PDSN expressed in IP v4 dotted decimal notation. Up to 16 IP addresses can be specified either in one command or by issuing the redirect command multiple times. If you try to add more than 16 IP addresses to the redirect policy the CLI issues an error message. If you specify an IP address and weight that already exists in the redirect policy the new values override the existing values.

weight weight_num : When multiple addresses are specified, they are selected in a weighted round-robin scheme. Entries with higher weights are more likely to be chosen. If a weight is not specified the entry is automatically assigned a weight of 1. weight_num must be an integer from 1 through 10.

restricted : This is an optional keyword which means the zone is restricted. Restricted zone is meaningful only if enhanced PCF redirection feature is enabled, otherwise the zone follows the default behavior.

policy rrq mei-from-current-pcf suppress-ppp-restart

rrq configures policy for PPP restart after getting mei in rrq.

mei-from-current-pcf mei is received in rrq from current pcf.

suppress-ppp-restart suppresses ppp restart when mei is received in rrq from current pcf

policy service-option enforce

service-option configures R-P service-option to use for specific PDSN service. Must be followed by valid service-option number, ranging from 0 to 1000.

enforce designates enforcement of R-P service-option number.

policy unknown-cvse enforce

unknown-cvse configures PDSN service unknown cvse policy.

enforce enforces unknown cvse policy where unknown CVSEs in RRQs will cause Deny

Sets PPP tunneling parameters for subscribers in the current PDSN service.

no

Enables/Disables the PPP tunneling parameters for subscribers in the current PDSN service.

default

Sets / Restores default value assigned for PPP tunneling parameters for subscribers in the current PDSN service.

tunnel-context context_name

The name of the context that has a LAC service configured to handle all tunnels from this PDSN service.

tunnel-type { l2tp |none }

l2tp : Force all subscriber sessions in this PDSN service to use L2TP tunneling.

none : Do not force L2TP tunneling. This is the default.

Important

If the context specified by the ppp tunnel-context context_name command does not have a LAC service configured and tunnel-type is set to l2tp or the call is rejected.

Important

If the PPP tunnel context has not been set or has been cleared with the no ppp tunnel-context command and tunnel-type is set to l2tp , the context where the current PDSN service resides is used. If that context does not have a LAC service configured the call is rejected.

Creates the customized QoS profile identifier to QoS mapping for IMS authorization support.

default

Configures the specified QoS profile ID for QoS mapping with default values in this PDSN service.

no

Removes the configured QoS profile ID mapping in this PDSN service.

profile-id id_num

Specifies the profile identifier for QoS parameters to be used as the customized profile ID or modifies the QoS parameters in a profile ID (id_num ) coming from RAN.

id_num must be an integer between 0 and 65535.

description desc

Specifies the user defined description for profile identifier.

desc must be an alpha and/or numeric string between 1 and 32 characters.

downlink-bw dl_bw

Default: 32

Specifies the downlink (towards the MN) data traffic bandwidth in kilo-bits per second for this QoS profile.

dl_bw must be an integer value between 0 and 100000.

drop-rate drop_percentage

Default: 0

Specifies the permitted packet drop rate in percentage for traffic flow to this QoS profile.

drop_percentage must be an integer value between 0 and 1000.

latency latency_duration

Default: 1000

Specifies the permitted latency duration in milli-seconds for this QoS profile.

latency_duration must be an integer value between 0 and 1000.

qos-class {class-A | class-B | class-C | class-D | class-E | class-F }

Default: Class-C

Specifies the type of QoS class associated with this QoS profile

class-A: Specifies the A type of QoS class.

class-B: Specifies the B type of QoS class.

class-C: Specifies the C type of QoS class.

class-D: Specifies the D type of QoS class.

class-E: Specifies the E type of QoS class.

class-F: Specifies the F type of QoS class.

uplink-bw ul_bw

Default: 32

Specifies the uplink (from the MN) data traffic bandwidth in kilo-bits per second for this QoS profile.

ul_bw must be an integer value between 0 and 100000.

+

More than one of the above keywords can be entered within a single command.

Sets QoS update parameters for policy mismatches or wait timeouts.

no

Enables/Disables the qos-update [ policy-mismatch | wait-timeout ].

default

Sets / Restores default value for qos-update [ policy-mismatch | wait-timeout ].

policy-mismatch

PDSN raises a TFT violation if there is a QoS policy mismatch.

wait-timeout seconds action { disconnect-session | downgrade-to-best-effort | drop-packets }

Sets the wait time for A11 RRQ for QoS changes. seconds must be an integer from 1 through 1000.

qos-update policy-mismatch  

   qos-update wait-timeout 60 actiondowngrade-to-best-effort 

This command enables or disables RADIUS accounting related configuration for dropped packets.

Important

This command is customer-specific. Contact your Cisco account representative for more information.

no

Enables the RADIUS accounting related configuration for dropped packets.

radius accounting dropped-pkts

Disables the RADIUS accounting related configuration for dropped packets. This is the default behavior.

Allows the PDSN to accept registration requests when a handoff disconnect is in progress. When the PDSN is tearing down a session and the MN moves over to a new PCF and initiates a new session, the PDSN by default does not accept the handoff until it tears down the old session.

no

Disable accepting of registration requests when a handoff disconnect is still in progress.

default

Default is disabled.

Sets / Restores default value assigned for registration-accept handoff session-disconnect-in-progress .

registration-accept handoffsession-disconnect-in-progress 

Configures the PDSN service to terminate an A11 session when a Registration ACK received from the PCF has an error status.

no

Disable terminating A11 sessions on a Registration ACK error from the PCF.

default

Sets / Restores default value assigned to registration-ack-deny terminate-session-on-error .

Configures parameters related to registration rejection.

default

Sets / Restores default value for registration-deny .

no

Disables the specified option.

handoff { closedrp-rp handoff-in-progress | connection-setup-record-absent [ use-deny-code { poorly-formed-request | reason-unspecified }

This command configures the handoff behavior.

closedrp-rp handoff-in-progress : Configures parameters related to denying handoffs from Closed-RP to RP systems. When enabled the PDSN rejects retransmitted handoff R-P requests when a handoff is already in progress from Closed RP to RP. The deny code used is 'Reason Unspecified'. The default is disabled meaning that the PDSN simply discards such requests.

connection-setup-record-absent [ use-deny-code { poorly-formed-request | reason-unspecified } ]: When enabled the PDSN denies or discards handoff R-P sessions that do not have an Airlink Connection Setup record in the A11 Registration Request. Default is disabled. Default PDSN behavior is to accept such requests.

[use-deny-code { poorly-formed-request | reason-unspecified }: Sets the specified Registration Deny Code when denying a handoff because of a missing connection setup record.

max-deny-reply-limit num

Default: 3

Configures max number of retries of erroneous registration request message from PCF for a session before PDSN terminates the session. num can be from 1 to 10.

mismatched-coa-source-address

Default: disabled

Denies RP requests which have a care-of-address field that is different from the request source address.

new-call { connection-setup-record-absent [ use-deny-code { poorly-formed-request | reason-unspecified } | reverse-tunnel-unavailable }

connection-setup-record-absent : Configures the PDSN to reject calls that do not have the airlink connection setup record in the RRQ.

use-deny-code { poorly-formed-request | reason-unspecified } When rejecting calls that do not have the airlink setup record, use the specified deny code.

reverse-tunnel-unavailable : Configures the PDSN to reject calls if the GRE key for a user collides with that of another user.

session-already-active

PDSN denies Registration requests for sessions that are already active with the error code "poorly formed request" .

session-already-closed

PDSN denies RP renew and dereg requests with error code 0x8E for absent R-P sessions.

session-already-dormant

PDSN denies Registration requests for sessions that are already dormant with the error code "poorly formed request" .

terminate-session-on-error

Default: Disabled.

Configures PDSN to terminate session if erroneous registration request message is received for the session.

use-zero-gre-key

Configures the PDSN to set the GRE key to zero (0) when denying a new R-P session.

Configures the PDSN service to discard any Registration Request message containing multiple information elements of the same type or a different GRE key for existing IMSI session.

default

Sets/Restores default value assigned for registration-discard .

no

Disables the discarding of Registration request messages containing multiple information elements or different GRE keys.

bad-extension

Default: Disabled

Configures the PDSN to discard Registration Request message containing multiple information elements of same type.

gre-key-change

Default: Disabled

Configures PDSN to discard Registration Request message containing different GRE key for existing IMSI session. Default is disable

handoff connection-setup-record-absent

Default: Disabled

When enabled, discards A11 Handoff requests that do not contain the Airlink Setup record.

Configures registration update related parameters for the PDSN.

no

If this option is used with the pdsn-code-nvse keyword, then pdsn-code-nvse configuration is disabled.

If this option is used with the wait-timeout keyword, a separate A11 timer is not used. The PDSN waits for the ppp retransmit-timeout and then sends the A11 Update. If a value is provided, then the "ppp retransmit-timeout" is ignored and a separate A11 timeout is started immediately upon sending the LCP Term-Ack. The A11 Update is then sent when the timer expires.

A value of 0 sends the A11 Update immediately after sending the LCP Term-Ack.

default

Sets/Restores default value assigned for registration-update { pdsn-code-nvse | wait-timeout }

pdsn-code-nvse

Adds the PDSN code NVSE in all A11 registration update messages.

secs

The number of seconds to wait. secs must be an integer in the range from 0 through 16.

wait-timeout

After the Mobile Node terminates a PPP session between the PDSN and the Mobile Node, the PDSN service waits for the specified time period to receive an A11 RRQ from the PCF before it sends out a Registration-Update to clear the Session from the PCF.

Configures the maximum allowable time for the PDSN service to wait for a response from the PCF before it:

Attempts to communicate with the PCF again (if the system is configured to retry the PCF)

OR

Marks the PCF as unreachable.

no

Enables/Disables the retransmission-timeout .

default

Sets / Restores default value assigned for retransmission-timeout .

Specifies the maximum allowable time for the PDSN service to wait for a response from the PCF before it a) attempts to communicate with the PCF again (if the system is configured to retry the PCF) or b) marks the PCF as unreachable.

time is measured in seconds and can be configured to any integer value between 1 and 1,000,000.

If the service option policy is enabled, this command specifies the service options supported by the PDSN service.

no

Enables/Disables the service-option number

default

Sets / Restores default value assigned for service-option .

Default: 7, 15, 22, 23, 24, 25, 33, 59, 67

Specifies a specific Service Option (SO) number that this PDSN service is allowed to support.

number can be configured to any integer value between 1 and 1000.

Specifies the maximum amount of time allowed for session setup.

default

Sets/Restores default value assigned for setup-timeout .

seconds

Default: 60 seconds

The maximum amount of time, in seconds, to allow for setup of a session. seconds must be an integer from 1 through 1000000

Enables or disables Simple-IP sessions from making a connection before authorization takes place.

no

When a session attempts PPP authentication, it is assumed that it is a Simple-IP session and it is disconnected before the user is authenticated (RADIUS or local authentication). Also, if allow-noauth is enabled and PPP authentication is not performed, after IPCP the session is disconnected if it is discovered that it is a Simple-IP session.

default

Reset this command to allow Simple-IP sessions to connect.

Configures the security parameter index (SPI) between the PDSN service and the PCF. This command also configures the redirection of call based on PCF zone.

remote-address { pcf_ip_address | ip_addr_mask_combo }

pcf_ip_address : Specifies the IP address of the PCF. pcf_ip_address is an IP address expressed in IP v4 dotted decimal notation.

ip_addr_mask_combo : Specifies the IP address of the PCF and specifies the IP address network mask bits. ip_addr_mask_combo must be specified using the form 'IP Address/Mask Bits' where the IP address must either be an IPv4 address expressed in dotted decimal notation or an IPv6 address expressed in colon notation and the mask bits are a numeric value which is the number of bits in the subnet mask.

spi-number number

Specifies the SPI (number) which indicates a security context between the PCF and the PDSN in accordance with IOS 4.1 and RFC 2002.

number can be configured to any integer value between 256 and 4294967295.

encrypted secret enc_secret | secret secret

Configures the shared-secret between the PDSN service and the PCF. The secret can be either encrypted or non-encrypted.

encrypted secret enc_secret : Specifies the encrypted shared key (enc_secret) between the PCF and the PDSN service. enc_secret must be between 1 and 254 alpha and/or numeric characters and is case sensitive.

secret secret : Specifies the shared key (secret) between the PCF and the PDSN services. secret must be between 1 and 127 alpha and/or numeric characters and is case sensitive.

The encrypted keyword is intended only for use by the chassis while saving configuration scripts. The system displays the encrypted keyword in the configuration file as a flag that the variable following the secret keyword is the encrypted version of the plain text secret key. Only the encrypted secret key is saved as part of the configuration file.

description string

This is a description for the SPI. string must be an alpha and or numeric string of from 1 through 31 characters.

hash-algorithm { md5 | rfc2002-md5 }

Default: md5

Specifies the hash-algorithm used between the PDSN service and the PCF.

md5 : Configures the hash-algorithm to implement MD5 per RFC 1321.

rfc2002-md5 : Configures the hash-algorithm to implement keyed-MD5 per RFC 2002.

replay-protection { nonce | timestamp }

Default: timestamp

Specifies the replay-protection scheme that should be implemented by the PDSN service.

nonce : Configures replay protection to be implemented using NONCE per RFC 2002.

timestamp : Configures replay protection to be implemented using timestamps per RFC 2002.

timestamp-tolerance tolerance

Default: 60

Specifies the allowable difference (tolerance) in timestamps that is acceptable. If the difference is exceeded, then the session will be rejected. If this is set to 0, then time stamp tolerance checking is disabled at the receiving end.

tolerance is measured in seconds and can be configured to any integer value between 0 and 65535.

zone zone_id

Specifies the different PCF zones to configure in PDSN service. Mapping of a zone-number to a set of PDSNs can be done per PDSN service basis.

zone_id must be an integer value between 1 and 32. A maximum of 32 PCF zones can be configured for a PDSN service.

Configures the TFT validation wait timeout value for QoS changes. The QoS update timer triggers automatic QoS updates based on dynamic policies.

no

Removes the wait-timeout timer.

default

Sets / Restores default value assigned for tft-validation wait-timeout .

Sets an alarm or alert for the PDSN service based on the number of packets that the PPP protocol processing layer internally discarded on transmit for any reason.

no

Deletes the alert or alarm.

high_thresh

Default: 0

The high threshold number of discarded PPP send packets that must be met or exceeded within the polling interval to generate an alert or alarm. It can be configured to any integer value between 0 and 100000 .

clear low_thresh

Default:0

The low threshold number of discarded PPP send packets that must be met or exceeded within the polling interval to clear an alert or alarm. It can be configured to any integer value between 0 and 100000 .

Important

This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.

Sets an alarm or alert based on the number of Discarded A11 Registration Acknowledgements for the PDSN service.

no

Deletes the alert or alarm.

high_thresh

Default: 0

The high threshold number of Discarded A11 Registration Acknowledgements that must be met or exceeded within the polling interval to generate an alert or alarm. It can be configured to any integer value between 0 and 100000.

clear low_thresh

Default:0

The low threshold number of Discarded A11 Registration Acknowledgements that must be met or exceeded within the polling interval to clear an alert or alarm. It can be configured to any integer value between 0 and 100000 .

Important

This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.

Sets an alarm or alert based on the number of A11 Registration Response failures for the PDSN service.

no

Deletes the alert or alarm.

high_thresh

Default: 0

The high threshold number of A11 Registration Response failures that must be met or exceeded within the polling interval to generate an alert or alarm. It can be configured to any integer value between 0 and 100000.

clear low_thresh

Default:0

The low threshold number of A11 Registration Response failures that must be met or exceeded within the polling interval to clear an alert or alarm. It can be configured to any integer value between 0 and 100000.

Important

This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.

Sets an alarm or alert based on the number of Discarded A11 Registration Requests for the PDSN service.

no

Deletes the alert or alarm.

high_thresh

Default: 0

The high threshold number of Discarded A11 Registration Requests that must be met or exceeded within the polling interval to generate an alert or alarm. It can be configured to any integer value between 0 and 100000.

clear low_thresh

Default:0

The low threshold number of Discarded A11 Registration Requests that must be met or exceeded within the polling interval to clear an alert or alarm. It can be configured to any integer value between 0 and 100000.

Important

This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.

Sets an alarm or alert based on the average number of calls setup per second for the context.

no

Deletes the alert or alarm.

high_thresh

Default: 0

The high threshold average number of calls setup per second must be met or exceeded within the polling interval to generate an alert or alarm. It can be configured to any integer value between 0 and 1000000 .

clear low_thresh

Default:0

The low threshold average number of calls setup per second that must be met or exceeded within the polling interval to clear an alert or alarm. It can be configured to any integer value between 0 and 1000000 .

Important

This value is ignored for the Alert model. In addition, if this value is not configured for the Alarm model, the system assumes it is identical to the high threshold.