[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]


Basic IMS AAA Server Configuration Concepts

This section describes the basic configuration concepts of the IMS AAA Server that are common to both RADIUS and Diameter. Subsequent sections describe other configuration concepts that are specific to these protocols.

Network Elements

The IMS AAA Server is configured in terms of 3GPP IMS terminology. The IMS AAA Server Administrator allows you to directly describe the network in terms of the network elements and their functions.

Local Network Element

In the IMS AAA Server Administrator, the server is known as the Local Network Element.

Remote Network Elements

A Remote Network Element is a multi-addressable, logical network entity which may host any number of IMS functions. A Remote Network Element can be either RADIUS or Diameter-based.

Configuring the Local Network Element

The basic steps to configuring the IMS AAA Server include configuring the server identification and the RADIUS and/or Diameter ports.

Server Identification

Configuring the server identify includes the following:

Local Identity—specifies the server Origin-Host and Origin-Realm.

Local Addresses—specifies the IP addresses the server uses for Diameter Capabilities Exchange messages (CER/CEA messages).

Self Names—this field specifies realms that are considered to be local to this server, meaning that any requests sent for these realms will be treated as if there is no realm in the request. For more information see Configuring the Server Identification.

RADIUS and Diameter Message Transport

From the point of view of other network elements, the IMS AAA Server acts as a Diameter and RADIUS network element. Therefore, the local transport configuration includes settings for both RADIUS and Diameter transports.

RADIUS Message Transport Configuration

The RADIUS configuration includes configuring the transport of RADIUS authentication, accounting and dynamic authorization messages including the UDP port numbers and IP address format used for each message type. The IMS AAA Server can listen for RADIUS messages on any port number, and on multiple ports.

Diameter Message Transport Configuration

The Diameter configuration includes configuring the transport protocol (either TCP or SCTP), the port number, and the IP address format. The IMS AAA Server can listen for Diameter messages on any port number, and on multiple ports.

Figure 9 illustrates the RADIUS and Diameter message transport on the IMS AAA Server.


Figure 9: RADIUS and Diameter Message Transport Configuration on IMS AAA Server

Configuring a Remote Network Element

The basic steps for configuring a Remote Network Element include:

Creating and Naming the Remote Network Element

The basic steps to creating a Remote Network Element are selecting whether it is Diameter or RADIUS, configuring it with a unique name, and entering a description for it (optional).

Functions

In this document, function refers to an IMS function, which means any one of the identified IMS components, which communicates with other IMS functions exclusively using 3GPP reference points. Note that multiple functions can coexist in the same network element.

For example, you might configure a Remote Network Element and assign only a single function to it, such as HSS. On the other hand, you could create a single Remote Network Element and assign multiple functions to it such as the Downstream server and CDF functions.

The functions which may be assigned to the network element differ depending on whether the network element is RADIUS or Diameter. The IMS AAA Server supports the functions listed in Table 9.

Table 9: Functions Supported in the IMS AAA Server 
Function
Description
RADIUS
Diameter

WLAN

The WLAN Access Network function is a source of authentication, authorization and accounting for the WLAN Direct IP service provided by the WLAN infrastructure.

Downstream

This function is assigned to AAA servers to which the local server may forward (proxy) requests. For example, if the local server serves the visited network in a roaming scenario, the connection towards the home network is configured to serve this function.

HSS

The Home Subscriber Server is a Diameter-based subscriber and policy database supporting IMS R6 or later.

-

PDG

Packet Data Gateway is a source of AAA requests for the WLAN 3GPP (tunneled) IP Access service.

-

CDF

The Charging Data Function represents a downstream accounting server, capable of collating chargeable events for offline charging.

-

Upstream

This function is assigned to AAA proxy servers that send requests to this local server.

-

AAA Cluster Peer

This function is assigned to AAA servers that are operating in a cluster with the local server. The local server may forward requests to this AAA server, if the peer can process the request more efficiently.

-

WAG

This function acts as a routing policy enforcement similar to a layer 3 firewall. This is only used for WLAN 3GPP (tunneled) IP Access service.

-


Some functions require you to configure routing rules based on either the subscriber identity, known as the IMSI (International Mobile Subscriber Identity), or the realm name. These are called Implicit Routing rules. For more information see Request Routing and Request Routing Rules.

Managing Communication to Remote Network Elements

You must also configure the communication between the Local Network Element (the IMS AAA Server) and the Remote Network Element. This configuration differs depending on whether the Remote Network Element is RADIUS or Diameter.

The IMS AAA Server communicates with the Diameter Remote Network Elements over Diameter connections. You may configure multiple Diameter connections from the server to a Diameter Remote Network Element.

Because the Diameter protocol is peer-to-peer, a single, bidirectional Diameter connection carries both incoming and outgoing messages.

Since RADIUS is not a peer-to-peer protocol, configuring the communication to a RADIUS Remote Network Element is more complex, and consists of configuration of clients and targets. Clients send RADIUS messages towards the server and targets receive RADIUS messages from the server. You may configure multiple clients and targets.

Figure 10 summarizes these concepts.


Figure 10: Configuration Concept

Once the function and the communication have been configured, the IMS AAA Server internally configures the required parameters for the associated 3GPP reference points between the server and Remote Network Elements and functions, alleviating the network administrator from having to configure these parameters.

Round Robin and Primary/Backup

The Round Robin and Primary/Backup features are used to manage how the server sends messages over multiple paths to the Remote Network Element. When multiple paths are configured to a Remote Network Element, you need to configure the order of the paths. The order specifies the order in which the server uses the paths to send messages to the Remote Network Element.

NOTE: Throughout this section, the term "path" represents either a Diameter connection or the path to the RADIUS target.


When the IMS AAA Server has messages to send to a Remote Network Element, it first examines whether the Round Robin or Primary/Backup feature is selected. It then examines whether all paths to the Remote Network Element are operational. It then sends the messages accordingly (over whatever paths are operating). As such, these features inherently manage communication failures by adjusting what paths are used when one or more paths is not working.

Round Robin

When the IMS AAA Server is configured for Round Robin, it alternates the path it uses to send messages to the Remote Network Element.

Figure 11 illustrates how the Round Robin feature operates when all paths are working properly (top portion), and how it operates when one of the paths has failed (bottom portion).

With all three paths operating properly, if the server received three messages, the first message would be sent over path 1, the second message would be sent over path 2, and the third message would be sent over path 3. The next message received would be sent over path 1, and so on.

However, if the server received three messages and path 2 had failed, the first message would be sent over path 1, the second message would be sent over path 3, and the third message would be sent over path 1.


Figure 11: Round Robin

Primary/Backup

When the IMS AAA Server is configured for Primary/Backup, it sends all messages over the first path defined in the ordered list. If the first path fails, all messages are sent over the next path in the ordered list. When the first path becomes operational again, all messages are again sent over it.


[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]