Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     

    Related Documentation

     

    Packet-Triggered Subscribers Services Overview

    The packet-triggered subscribers and policy control (PTSP) feature allows the application of policies to dynamic subscribers that are controlled by a subscriber termination device. You can associate specific subscriber contexts based on IPv4 addresses and provide dynamic service activation and deactivation for these subscribers. Once the subscribers are present in the subscriber database on the router, PSTP can report the subscribers to the SAE using the PTSP application so that the SRC software can manage the subscribers and services.

    PTSP policies can be downloaded dynamically from the external policy manager (such as SRC) or configured statically on the router. The PTSP policies can be configured for each distinct IPv4 source address for a given interface on which the service is configured. Each distinct IPv4 address is considered a subscriber and all PTSP policies are applied on a per-subscriber basis. Dynamic policies, which are always specific to a subscriber, take precedence over static policies.

    You can set up PTSP policies to:

    • Manage traffic by configuring filtering, rate-limiting, and QoS enforcement in the rules.
    • Steer traffic by specifying the forwarding instance in the forward rule.
    • Collect accounting information by service rule or by application.

    When you configure PTSP policies, you must specify the type of statistics collection (count) and the IP address used to identify the packet-triggered subscriber (demux) in the service rule. All service rules attached to a given service set must have the same settings for these options.

    For the statistics collection type, terms and rules also cannot mix and match the following styles:

    • rule—Statistics are aggregated in one bucket for the service rule and Diameter is used to report the statistics.
    • application—Statistics are aggregated by application for a specific application, for a specific application group, or in one bucket. The statistics are reported in a flat file.

    Subscriber instantiation is triggered for ingress packets by the IP address. When source address is specified, the source IP address of the ingress packets is used to establish the subscriber context. When destination address is specified, the destination IP address of the ingress packets is used to establish the subscriber context. If the IP address does not correspond to a known subscriber, then a new subscriber context is created to log in the packet-triggered subscriber.

    The match conditions include local address, local port, remote address, and remote port. The following table describes how the demux value changes the IP address or port used for these terms.

    Match Conditions

    demux source-address

    demux destination-address

    Ingress Flows

    Egress Flows

    Ingress Flows

    Egress Flows

    local-address

    Source address

    Destination address

    Destination address

    Source address

    remote-address

    Destination address

    Source address

    Source address

    Destination address

    local-port

    Source port

    Destination port

    Destination port

    Source port

    remote-port

    Destination port

    Source port

    Source port

    Destination port

    Subscriber Identification Method for PTSP Partition

    The PSTP functionality uses RADIUS attributes, such as User-Name to identify subscribers in a RADIUS partition. If a service provider uses a different RADIUS attribute other than User-Name, the authentication of subscribers and establishment of client sessions fail. To enable service providers to use a subscriber-identification method that suits their network needs, you can add flexible configurations in the packet-triggered subscriber process.

    The PTSP configurable user-identification feature allows you to do the following:

    • Configure the subscriber identification method for PTSP partitions, based on the network topology and the service provider requirements.
    • Insert subscriber-specific tags for the subscriber’s HTTP traffic for which the reference to subscriber-specific tagging is provided using subscriber identification.

    The PTSP application generates the subscriber-identification parameter as a text-string by combining the RADIUS attribute value and the internal attribute value of the PTSP partition. The text-string is generated in the same order as the attributes that are configured in the PTSP partition.

    Note: Only RADIUS partitions support user-identification to configure the subscriber-identification method for PTSP partitions.

    PTSP Services on Aggregated and Redundant Services PICs

    The packet-triggered subscribers and policy control (PTSP) feature supports both Aggregated Multiservices (AMS) and Redundant Multiservices (RMS) PICs. RMS services interfaces support 1:1 redundancy between two logical PICs and in an active or standby model. AMS services interfaces support load sharing and N:1 redundancy between N logical PICs.

    Note: The PTSP services do not support load balancing on AMS.

    In 1:1 redundancy, if services PIC fails:

    • The subscriber is logged out, the traffic is switched to the redundant services PIC, and the subscriber receives a new session ID to log in with.
    • The subscriber's last configured accounting data is retrieved as the latest interim accounting record.

    In AMS, the PTSP subscriber's traffic is redistributed to other services PIC and the same subscriber may appear on different services PICs. The subscriber with no new data flow is logged out after idle timeout with the complete accounting data. The following example depicts the AMS scenario:

    ams0 {load-balancing-options {member-interface mams-4/0/0;member-interface mams-4/1/0;member-interface mams-5/0/0;member-failure-options {redistribute-all-traffic;}}unit 1 {family inet;}}

    The traffic on ms-4/0/0 is redistributed to ms-4/1/0 only after ms-5/0/0 has failed. In this example, there are two subscribers: s1 on ms-4/0/0 and s2 on ms-4/1/0. The two subscribers have the same source IP address. If there is no new traffic, s1 is eventually logged out after idle timeout.

    Note: PTSP does not support any type of hash key for traffic sharing among logical PICs configured with the same PTSP service set. For PTSP to work, all traffic for any given subscriber needs to reach the same logical PIC within an AMS container. For this to happen, the AMS hashing algorithm needs to align with the PTSP demux type, as follows:

    • If PTSP is configured for source-demux, then the AMS hashing algorithm must be based on the source-ip-address only.
    • If PTSP is configured for destination-demux, then the AMS hashing algorithm must be based on the destination-ip-address only.
    • No other type of AMS hashing algorithm is compatible with PTSP.

    Note: The packet level idle timeout for every packet is assigned from a given subscriber transiting the router. If the timeout limit sets in, the subscriber is logged out. The valid range for the subscriber packet idle timeout is 15 to 1440 minutes.

     

    Related Documentation

     

    Modified: 2016-06-06