Juniper Networks Session and Resource Control (SRC) and PTSP Overview
The Juniper Networks Session and Resource Control (SRC) environment provides a central administrative point for managing subscribers and their services. The SRC software runs on Juniper Networks C Series Controllers. The SRC software uses the Diameter protocol for communications between the local peer on a Juniper Networks routing platform and the remote SRC peer on a C Series Controller. The local peer is known as PTSP and is part of the AAA application. The remote SRC peer is the service activation engine (SAE); the SAE acts as the controlling agent in the SRC environment.
The SRC software enables the SAE to activate and deactivate subscriber services (described by SRC policies). The SAE installs or removes policies using a service rule policy template called __svc_rule__. This policy template indicates which policy is applied to a new subscriber session. Additional policies are bound to new sessions; they do not affect existing sessions. Note that policy name must be unique between PPR requests. You can use the same rule name within a single request, but you cannot use the same name again in a separate request.
Statistics collection that is aggregated on a service rule basis is also shared with the SAE using the Diameter protocol.
Diameter Messages Exchanged by PTSP and the SAE
The PTSP application is a Juniper Networks Diameter application registered with the IANA (http://www.iana.org) as Juniper JGx, with an ID of 16777273. PTSP and the SAE communicate by exchanging the Diameter messages described in Table 1.
Table 1: Diameter Messages Used by PTSP and the SAE
Diameter Message | Code | Description |
|---|---|---|
AA-Request (AAR) | 265 | Request from PTSP to the SAE at new subscriber login or during SAE-PTSP synchronization. The request can be one of three types: address-authorization, provisioning-request, or synchronization. |
AA-Answer (AAA) | 265 | Response from the SAE to the PTSP AA-Request message. |
Accounting-Request (ACR) | 271 | Request from the SAE to PTSP or from PTSP to the SAE for statistics. |
Accounting-Answer (ACA) | 271 | Response to the ACR message to provide statistics for each installed policy. |
Abort-Session-Request (ASR) | 274 | Request from the SAE to PTSP to log out a subscriber. |
Abort-Session-Answer (ASA) | 274 | Response from PTSP to the SAE ASR message. Includes success or failure notification for the logout request. |
Push-Profile-Request (PPR) | 288 | Request from the SAE to PTSP to activate or deactivate services for a subscriber. |
Push-Profile-Answer (PPA) | 288 | Response from PTSP to the SAE PPR message. Includes success or failure notification for the service activation or deactivation commands in the request. |
Session-Resource-Query (SRQ) | 277 | Request from PTSP to the SAE or from the SAE to PTSP to initiate synchronization between PTSP and the SAE. |
Session-Resource-Reply (SRR) | 277 | Response to the SRQ message to begin synchronization. |
Session-Termination-Request (STR) | 275 | Notification from PTSP to the SAE that a provisioned subscriber has logged out. |
Session-Termination-Answer (STA) | 275 | Response from the SAE to the PTSP STR message. Includes success or failure notification. |
Understanding Diameter AVPs for PTSP
Diameter conveys information by including various attribute-value pairs (AVPs) in Diameter messages. Table 2 lists the standard Diameter AVPs used in PTSP interactions.
Table 2: Standard Diameter AVPs for PTSP
Code Number | Diameter AVP | Description | Type |
|---|---|---|---|
263 | Session-Id | Specifies the subscriber session identifier. For a packet-triggered subscriber managed by AAA, the value is assigned by PTSP to uniquely identify the subscriber session. | UTF8String |
268 | Result-Code | Indicates whether a request completed successfully. Provides an error code if the request failed. The following classes are recognized by Diameter:
Unrecognized classes, which begin with numerals 6–9 or 0, are handled as permanent failures. PTSP supports the following values; all non-success values are treated as permanent failures:
| Unsigned32 |
277 | Auth-Session-State | Indicates whether AAA session state is maintained.
| Enumerated |
295 | Termination-Cause | Indicates the reason why a session was terminated on the access device.
| Enumerated |
Juniper Networks AVPs are used in addition to the standard Diameter AVPs. These AVPs have an enterprise number of 2636. Table 3 lists the Juniper Networks AVPs used in PTSP interactions.
Table 3: Juniper Networks Diameter AVPs
Code Number | Diameter AVP | Description | Type |
|---|---|---|---|
2020 | Juniper-Policy-Install | Specifies policies to be activated for the subscriber. Includes Juniper-Policy-Name and Juniper-Policy-Definition. | Grouped |
2021 | Juniper-Policy-Name | Defines the name of a policy decision. | OctetString |
2022 | Juniper-Policy-Definition | Defines a policy decision. Includes Juniper-Policy-Name, Juniper-Template-Name, and Juniper-Substitution. | Grouped |
2023 | Juniper-Template-Name | Profile name defined by the router. PTSP only supports the __svc_rule__ policy template. | UTF8String |
2024 | Juniper-Substitution | Defines the substitution attributes. Includes Juniper-Substitution-Name and Juniper-Substitution-Value. | OctetString |
2025 | Juniper-Substitution-Name | Defines the name of the variable to be replaced. | OctetString |
2026 | Juniper-Substitution-Value | Defines the value of the variable to be replaced. | OctetString |
2027 | Juniper-Policy-Remove | Specifies policies to be deactivated for the subscriber. Includes Juniper-Policy-Name. | Grouped |
2035 | Juniper-Policy-Failed | Specifies the name of the policy activation or deactivation that failed. | OctetString |
2038 | Juniper-Policy-Success | Specifies the name of the policy activation or deactivation that succeeded. | OctetString |
2046 | Juniper-Logical-System | Specifies the logical system. | UTF8String |
2047 | Juniper-Routing-Instance | Specifies the routing instance. | UTF8String |
2048 | Juniper-Jsrc-Partition | Specifies the logical system and routing instance for the subscriber or request. Includes Juniper-Logical-System and Juniper-Routing-Instance. | Grouped |
2050 | Juniper-Request-Type | Describes the type of request:
| Enumerated |
2051 | Juniper-Synchronization-Type | Describes the type of synchronization:
| Enumerated |
2052 | Juniper-Synchronization | Describes the state of synchronization:
| Enumerated |
2053 | Juniper-Acct-Record | Statistics data for each policy installed for this subscriber. Includes Juniper-Policy-Name. | Grouped |
Understanding PTSP-SAE Interactions
This topic describes the sequences of Diameter messages exchanged between PTSP and the SAE as they interact to perform the following tasks for subscriber access:
- Subscriber login
When a packet-triggered subscriber logs in, PTSP sends a Diameter AA-Request message to request service provisioning from the SAE that includes the Session-Id attribute for the new subscriber. If the AA-Request fails, then the subscriber is not considered logged in and the subscriber session is not managed by the SAE. Only the static PTSP rules apply to the subscriber.
The SAE returns a Diameter AA-Answer message with the Result-Code. The AA-Answer message can include the Juniper-Policy-Install AVP (AVP code 2020), which is used to specify a service to attach to the subscriber’s IP address.
PTSP can send an AA-Request message to the SAE to confirm activation. The SAE returns a AA-Answer message in acknowledgment. If the AA-Request message fails or the SAE does not respond with an AA-Answer message, the subscriber session is managed by the SAE.
- Service activation and deactivation
The SAE policies provision subscriber services. After a packet-triggered subscriber is logged in, the SAE can send a PPR message to PTSP to activate or deactivate services. A given PPR can include the Juniper-Policy-Install AVP (AVP code 2020) to activate a service or the Juniper-Policy-Remove AVP (AVP code 2027) to deactivate a service.
PTSP sends a PPA message to the SAE when it has completed the tasks requested in the PPR. The PPA indicates the success or failure of the actions requested in the PPR.
- Resynchronization
Either PTSP or the SAE initiates the resynchronization.
The SAE initiates resynchronization at startup or when a backup SAE takes over session control due to resource limits or conditions on the primary SAE. The SAE clears its database of all entries in preparation for the synchronization.
PTSP initiates resynchronization at startup, such as when AAA starts or restarts. PTSP uses the Juniper-Last-Origin-Host AVP (AVP code 2055) to keep track of the active SAE host in a multi-SAE environment. When an SAE in a multi-SAE environment becomes active, it must send an SRQ to PTSP as its first message. PTSP initiates a synchronization when it receives any other message type from an SAE that is different from the SAE indicated in the Juniper-Last-Origin-Host AVP.
Both entities initiate a resynchronization by sending an SRQ message. The recipient responds with an SRR message.
- Statistics collection and reporting per service rule
Statistics information can be sent from the router to the SAE or from the SAE to the router. Both the Diameter Accounting-Request and Accounting-Answer messages include the Juniper-Acct-Record AVP (AVP code 2053) which identifies the policy for which accounting information is requested.
- Subscriber logout
PTSP can determine when there is a logout request for a packet-triggered subscriber in two ways:
- The SAE terminates a subscriber session by sending an ASR message to PTSP.
- PTSP monitors a subscriber session and starts the logout process after 30 minutes of inactivity.
The subscriber logout triggers the final statistics aggregation for all policies and the removal of any policies installed by the SAE. PTSP sends an STR message that indicates the logout event to the SAE.
