gtp
Syntax
gtp
{apn-control <apn-ctrl-name>}
{apn-control-group <apn-ctrl-grp-name>}
{
handover-default {
deny;
}
{ apn-control-group }
ip-group name {
address-book name {
address-set set-name;
}
}
profile (Security GTP) profile-name {
apn pattern-string {
imsi-prefix imsi-prefix-digits {
action (APN GTP) {
drop;
pass;
selection (ms|net|vrf);
}
}
}
drop (Security GTP) {
aa-create-pdp 0;
aa-delete-pdp 0;
bearer-resource 2;
change-notification 2;
config-transfer 2;
context 2;
create-bearer 2;
create-data-forwarding 2;
create-pdp (0 | 1 | all);
create-session 2;
create-tnl-forwarding 2;
cs-paging 2;
data-record (0 | 1 | all);
delete-bearer 2;
delete-command 2;
delete-data-forwarding 2;
delete-pdn 2;
delete-pdp (0 | 1 | all);
delete-session 2;
detach 2;
downlink-notification 2;
echo (0 | 1 | 2 | all);
error-indication (0 | 1 | all);
failure-report (0 | 1 | all);
fwd-access 2;
fwd-relocation (1 | 2 | all);
fwd-srns-context 1;
g-pdu (0 | 1 | all);
identification (0 | 1 | 2 | all);
mbms-session-start (1 | 2 | all);
mbms-session-stop (1 | 2 | all);
mbms-session-update (1 | 2 | all);
modify-bearer 2;
modify-command 2;
node-alive (0 | 1 | all);
note-ms-present (0 | 1 | all);
pdu-notification (0 | 1 | all);
ran-info (1 | 2 | all);
redirection (0 | 1 | all);
release-access 2;
relocation-cancel (1 | 2 | all);
resume 2;
send-route (0 | 1 | all);
sgsn-context (0 | 1 | all);
stop-paging 2;
supported-extension 1;
suspend 2;
trace-session 2;
update-bearer 2;
update-pdn 2;
update-pdp (0 | 1 | all);
ver-not-supported (0 | 1 | 2 | all);
}
end-user-address-validated;
gtp-in-gtp-denied;
handover-group group-name;
handover-on-roaming-intf;
log (Security GTP) {
forwarded (basic | detail);
gtp-u name;
prohibited (basic | detail);
rate-limited (basic | detail);
state-invalid (basic | detail);
max-message-length max-message-length;
min-message-length min-message-length;
ne-group group-name;
path-rate-limit {
message-type (create-req | delete-req | echo-req | other) {
alarm-threshold (Security GPRS) {
forward forward;
reverse reverse;
}
drop-threshold (Security GPRS) {
forward forward;
reverse reverse;
}
}
}
rate-limit (Security GTP) limit;
remove-ie {
version v1 {
number ie-number;
release (R6 | R7 | R8 | R9);
}
}
req-timeout second;
restart-path (all | create | echo);
timeout (Security GTP) hour;
u-tunnel-validated;
ue-group group-name;
}
traceoptions (Security GTP) {
file <filename> <files files> <match match> <size size> <(world-readable | no-world-readable)>;
flag name;
no-remote-trace;
trace-level {
(error | info | notice | verbose | warning);
}
}
}
Hierarchy Level
[edit security]
Description
Use the GTP commands to enable the GTP service, configure GTP objects, set traceoptions, remove GTP inspection object configurations, and obtain configuration information.
From Junos OS Release 20.4R1 onwards, the [edit security gprs]
hierarchy level is replaced by [edit security].
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release
10.0. The restart-path option added in Junos OS Release
11.4. New GPRS tunneling protocol (GTP) message types added in Junos
OS Release 11.4. Support for GTPv2 added in Junos OS Release 11.4.
Statement modified in Junos OS Release 15.1X49-D40. Support for handover-default and handover-group options added
in Junos OS Release 17.4R1.