Configuring the NAS Groups (SRC CLI)

Tasks to configure the NAS groups are:

Configuring NAS Groups

Use the following configuration statements to configure the NAS groups:



shared network nas-group name { 
hosted-by [hosted-by...];
function (aaa); 
scope [scope...];
default-peer default-peer;
update-grace-period update-grace-period;
initial-ppr-delay initial-ppr-delay;
}

To configure the group of peers:

From configuration mode, access the configuration statements for the NAS group. user@host# edit shared network nas-group name
Specify the hosts that instantiate this peer group. If the peer group is a AAA peer group, the SAEs on the listed hosts will create device drivers for this peer group. [edit shared network nas-group name] user@host# set hosted-by [hosted-by...]
Specify the functional interface of the peer group. [edit shared network nas-group name] user@host# set function aaa
(Optional) Specify the service scopes available to subscribers connected to this NAS group. [edit shared network nas-group name] user@host# set scope [scope...]
(Optional) Specify the default peer.[edit shared network nas-group name] user@host# set default-peer default-peer
(Optional) Specify the grace period for interim updates.[edit shared network nas-group name] user@host# set update-grace-period update-grace-period
(Optional) Specify the delay for sending initial Push-Profile-Requests (PPRs) to install policies. [edit shared network nas-group name] user@host# set initial-ppr-delay initial-ppr-delay

Configuring Diameter Peers

Use the following configuration statements to configure the Diameter peers:



shared network nas-group name peer name { 
protocol [(tcp | sctp)...];
address [address...];
local-address local-address;
connect-timeout  connect-timeout;
watchdog-timeout watchdog-timeout;
state-machine-timeout  state-machine-timeout;
reconnect-timeout reconnect-timeout;
port port;
origin-host origin-host;
incoming-queue-limit incoming-queue-limit;
active-peer;
}

To configure the Diameter peer in the NAS group:

From configuration mode, access the configuration statements for the peer. user@host# edit shared network nas-group name peer name
The peer name must be unique in the NAS group.
Specify the protocol for the transport connection.[edit shared network nas-group name peer name] user@host# set protocol [(tcp | sctp)...]
Specify the addresses of the remote peer. [edit shared network nas-group name peer name] user@host# set address [address...]
(Optional) Specify the local address of the peer. [edit shared network nas-group name peer name] user@host# set local-address local-address
(Optional) Specify the maximum amount of time to respond to a connection request. [edit shared network nas-group name peer name] user@host# set connect-timeout connect-timeout
(Optional) Specify the watchdog timeout used for the connection to the remote peer. [edit shared network nas-group name peer name] user@host# set watchdog-timeout watchdog-timeout
(Optional) Specify the Diameter state machine timeout. [edit shared network nas-group name peer name] user@host# set state-machine-timeout state-machine-timeout
(Optional) Specify the time interval between connection attempts when the peer is in the disconnected state. [edit shared network nas-group name peer name] user@host# set reconnect-timeout reconnect-timeout
(Optional) Specify the port for the client. [edit shared network nas-group name peer name] user@host# set port port
(Optional) Specify the identifier for the endpoint that the peer presents during connection establishment. [edit shared network nas-group name peer name] user@host# set origin-host origin-host
(Optional) Specify the number of messages allowed on the incoming message queue for a peer. [edit shared network nas-group name peer name] user@host# set incoming-queue-limit incoming-queue-limit
(Optional) Specify whether the peer connection is in active mode and automatically starts communicating with the IMS AAA Server. [edit shared network nas-group name peer name] user@host# set active-peer

Classifying Interfaces

Use the following configuration statements to define interface classification scripts:



shared network nas-group name interface-classifier rule name {
script script; 
}



shared network nas-group name interface-classifier rule name {
target target; 
}



shared network nas-group name interface-classifier rule name condition name ...

A classification script can contain either a target and a condition or a script. If you do not define a script, the classifier must have both a target and a condition.

To define interface classification scripts:

From configuration mode, enter the interface classifier configuration for a NAS group. user@host# edit shared network nas-group name interface-classifier
Create a rule for the classifier. You can create multiple rules for the classifier. [edit shared network nas-group name interface-classifier] user@host# edit rule name
Configure either a target or a script for the rule. [edit shared network nas-group name interface-classifier rule name] user@host# set script script
OR
[edit shared network nas-group name interface-classifier rule name] user@host# set target target
If you configured a target for the rule, you must configure a match condition for the rule. You can create multiple conditions for the rule. See Interface Classification Conditions. [edit shared network nas-group name interface-classifier rule name] user@host# set condition name

Selecting Routes

Use the following configuration statements to configure the route for messages:



shared network nas-group name routes name term name {
precedence precedence; 
}



shared network nas-group name routes name {
transaction-variable (request-packet | user-name | realm);
dictionary-attribute (user-name | user-password | chap-password
| nas-ip-address | nas-port | service-type | framed-protocol | framed-ip-address
| framed-ip-netmask | framed-mtu | framed-compression | login-ip-host
| callback-number | state | vendor-specific | called-station-id |
calling-station-id | nas-identifier | login-lat-service | login-lat-node
| login-lat-group | chap-challenge | nas-port-type | port-limit |
login-lat-port); 
operator (equals | not_equal | present | not_present |
prefix | suffix | range); 
value value; 
low low; 
high high; 
}

To configure route selection for messages from the IMS AAA Server:

From configuration mode, access the configuration statements for route selection. user@host# edit shared network nas-group name routes name
(Optional) Specify the order by which the route is selected. The route that meets all the matching criteria and has the lowest precedence is selected first. Routes without the precedence defined are considered after those that have the precedence defined. The route with precedence of -1 is the default route. The default route is considered after all the other routes, and only one default route can be defined. [edit shared network nas-group name routes name] user@host# set precedence precedence
From configuration mode, access the configuration statements for route selection criteria. user@host# edit shared network nas-group name routes name term name
All the criteria must match for this route to be selected.
Specify the name of the transaction variable used as the matching criterion. [edit shared network nas-group name routes name term name] user@host# set transaction-variable (request-packet | user-name | realm)
(Optional) Specify the name of the dictionary attribute contained in the attribute store. Only applicable if the transaction variable is request-packet. [edit shared network nas-group name routes name term name] user@host# set dictionary-attribute (user-name | user-password | chap-password | nas-ip-address | nas-port | service-type | framed-protocol | framed-ip-address | framed-ip-netmask | framed-mtu | framed-compression | login-ip-host | callback-number | state | vendor-specific | called-station-id | calling-station-id | nas-identifier | login-lat-service | login-lat-node | login-lat-group | chap-challenge | nas-port-type | port-limit | login-lat-port)
Specify the operator for criterion matching. [edit shared network nas-group name routes name term name] user@host# set operator (equals | not_equal | present | not_present | prefix | suffix | range)
(Optional) Specify the value to be matched by the target. [edit shared network nas-group name routes name term name] user@host# set value value
(Optional) Specify the low end of the range criterion. [edit shared network nas-group name routes name term name] user@host# set low low
(Optional) Specify the high end of the range criterion. [edit shared network nas-group name routes name term name] user@host# set high high