Pre-requisites for using Gy/Ro
Enable the module implementing Gy/Ro
Edit /etc/yate/ucn/js-custom.conf (create it if missing).
Add the following:
[scripts]
ucn_diam_charging=ucn_diam_charging.jsc
Create Diameter connection to OCS
Edit /etc/yate/ucn/acct-custom.conf (create it if missing).
Add the diameter connection:
[ocs]
enabled=yes
protocol=diameter
local_node=epc.mnc001.mcc001.3gppnetwork.org/ucn-ocs.epc.mnc001.mcc001.3gppnetwork.org
remote_host=HOST_NAME_OF_PEER
apps=4
extra_vendors=10415
transport=sctp
address=IP_TO_CONNECT_TO
default_priority=0
default_realm_priority=0
default_route=1
NOTES:
- Remember local_node value: you'll need to set it up when configuring charging in specific module (PGW/EAP/SCF PPS)
- See YDiameter Yate documentation for more information about Diameter connection parameters
- If you connect to OCS through a DRA you'll need to:
- Build a connection from DRA to OCS or from OCS to DRA
- Route requests between UCN node(s) and OCS.
YateDRA routing description can be found at YateDRA Routing documentation.
YateUCN
Unified LTE/GSM+GPRS core network, including SGSN, GGSN, GMSC, MME, SGW, PGW
See the product here ››
PGW: Enabling pre-defined PCC rules
PCC rules are used by PGW when returned in first session user.auth message in pcc_rules parameter (comma separated list).
PCRF enabled: Predefined PCC rules are installed on PCRF request only. There is no support for pre-defined PCC rules to be installed automatically (unknown by PCRF).
PCRF not enabled: Predefined PCC rules are installed from start.
PCC rule parameters are documented in yate-ucn/conf/policies.conf.sample
regexroute.conf exampl
[extra]
user.auth=10
[user.auth]
${component}PGW=if ${called}internet={
${imsi}^00101=return true;pcc_rules=dns,http,everything-else
}
${called} = APN name, condition to enable charging functions on a certain APN (any regular expression can be used. Ex: if ${called}^internet$={ )
policies.conf example:
- The DNS service is not charged
- HTTP/non HTTP traffic is charged separately
- low_qos will be used as a pre-defined PCC rule activated by PCRF when subscriber's balance depletes. Service is allowed at a very low speed
[dns]
flow.1.filter=permit out udp from any 53 to any
flow.2.filter=permit in udp from any to any 53
flow.3.filter=permit out tcp from any 53 to any
flow.4.filter=permit in tcp from any to any 53
[http]
ocs=true
cdr_service_id=1001
cdr_rating_group=1001
flow.1.filter=permit out tcp from any 80 to any
flow.2.filter=permit in tcp from any to any 80
flow.3.filter=permit out tcp from any 443 to any
flow.4.filter=permit in tcp from any to any 443
[everything-else]
ocs=true
cdr_service_id=2000
cdr_rating_group=2000
flow.1.filter=permit out ip from any to any
flow.2.filter=permit in ip from any to any
[low_qos]
flow.1.filter=permit out ip from any to any
flow.2.filter=permit in ip from any to any
kbps_ul=100
kbps_dl=200
PGW: Enabling PCRF/OCS
Yate modules that implement Gx or Gy interfaces PCRF (Gx) or OCS (Gy) may be enabled from AP config
There is no support for PCRF and OCS usage at the same time (for the same data session). This would require dynamic credit key management: add/remove credit key(s) as PCC rules are added or removed. The Diameter OCS implementation expects all known keys to be given when session starts.
Enable the module implementing Gx interface of YateUCN
Edit /etc/yate/ucn/js-custom.conf (create it if missing).
Add the following:
[scripts]
; enable PCEF module of YateUCN that implements Gx interface
ucn_pcef_diam=ucn_pcef_diam.jsc
NOTES:
- In the following examples the AP named 'internet' is configured for specific PLMN prefix
- Any other AP setup parameters MUST be configured also: NO OTHER PARAMETER IS TAKEN FROM AN EXITING [internet] SECTION
PCRF: Enabling Diameter Gx
Example of config used during a-billing-company interconnect tests:
ap.conf
[00101:internet]
pcrf=yes
pcrf_diam_node=epc.mnc001.mcc001.3gppnetwork.org/ucn1.epc.mnc001.mcc001.3gppnetwork.org
pcrf_diam_realm=a-billing-company.com
; If a-billing-company has issues with session level monitoring removal. Force replace when receiving a new one
pcrf_monitoring_session_replace=yes
OCS: Data charging using Diameter Gy/Ro
Example of config used during a-billing-company interconnect tests:
ap.conf
[00101:internet]
ocs=yes
ocs_service_context=32251@3gpp.org
ocs_diam_node=epc.mnc001.mcc001.3gppnetwork.org/ucn-ocs.epc.mnc001.mcc001.3gppnetwork.org
ocs_diam_realm=a-billing-company.com
session_ocs_key=session
session_ocs_cdr_service_id=1
session_ocs_cdr_rating_group=1
OCS: Enabling data session traffic redirect support on Diameter Gy/Ro
You must set the redirect DSCP to enable data traffic redirect support.
[00101:internet]
redir_dscp=0xfc
This will enable support for Final-Unit-Indication AVP with Final-Unit-Action indicating redirect.
On OCS request traffic is redirected using iptables.
See Configure traffic redirect for data session on how to setup and configure.
UCN SCF PPS: Voice charging using Diameter Ro
yateucn.conf example:
[scf_pps]
camel_key=1
camel_int=30
authorize=yes
charging=ocs
authorize_cdrwrite_ocs=true
authorize_diam_node=epc.mnc099.mcc460.3gppnetwork.org/ucn1.epc.mnc099.mcc460.3gppnetwork.org
authorize_diam_realm=epc.mnc099.mcc460.3gppnetwork.org
cdr_cdrwrite_ocs=true
UCN EAP: Data charging using Diameter Gy/Ro
Enable OCS in netinfo.
netinfo.conf example:
[00101]
ocs=true
yradius.conf example:
[client 192.168.168.50]
secret=test
add:Acct-Session-Id=${billid}
add:NAS-IP-Address=${nas_addr}
add:NAS-Identifier=${nas_id}
add:NAS-Port=${nas_port}
ret-fail:Error-Cause=error
[listener eap]
addr=192.168.168.172
port=1812
rad_auth=true
put:$wlan=route_type
put:EAP-Message=rad_eap
put:State=rad_state
put:Message-Authenticator=rad_auth
add-fail:EAP-Message=${orad_eap}
add-fail:State=${orad_state}
add-fail:Message-Authenticator=${rad_auth}
add-fail:Reply-Message=${orad_text}
add:EAP-Message=${orad_eap}
add:Message-Authenticator=${rad_auth}
add:MS-MPPE-Recv-Key=${orad_msk1}
add:MS-MPPE-Send-Key=${orad_msk2}
;add:Session-Timeout=${expires}
add:Acct-Interim-Interval=${interim}
[listener cdr]
addr=192.168.168.172
port=1813
rad_acct=true
put:$wlan=route_type
put:$WLAN=component
put:NAS-Port-Type=nas_type
put:NAS-Port=nas_port
put:NAS-IP-Address=nas_addr
put:NAS-Identifier=nas_id
put:Connect-Info=conn_info
put:Acct-Authentic=authenticator
put:Acct-Input-Packets=inp_pkt
put:Acct-Output-Packets=out_pkt
put:Acct-Input-Octets=inp_oct
put:Acct-Output-Octets=out_oct
put:Acct-Input-Gigawords=inp_hi32
put:Acct-Output-Gigawords=out_hi32
cisco_format=true
quintum_format=false
Voice call charging using Diameter Gy/Ro
This section describes how to enable charging for voice calls passing through YateUCN.
Care must be taken when enabling charging for voice calls already using CAMEL subscription to PPS SCF.
Charging can be enabled when the call is executed by adding the following parameters to call.execute:
- ocs: true
- mo_charging: charge the calling party
- mt_charging: charge called party
Examples on enabling charging for IMS calls
javascript example:
function onCallExec(msg)
{
if (“p-cscf” == msg.role) {
msg.ocs = true;
msg.mo_charging = “”;
}
}
Message.install(onCallExec,”call.execute”,50);
regexroute example (rex-custom.conf):
[alter_call_execute]
${role}^p-cscf\|protected$=;ocs=true;mo_charging=
Diameter config may be done in yateucn.conf.
NOTE: This affects all Gy/Ro charging session in YateUCN, including data charging. This should not be an issue: a network has, usually, one OCS only
[charging]
initial_param_diam_node=epc.mnc001.mcc001.3gppnetwork.org/ucn-ocs.epc.mnc001.mcc001.3gppnetwork.org
initial_param_diam_realm=a-billing-company.com
initial_param_diam_sess_params.session_flags=nodesthost
Diameter sessions
Diameter:
- transaction_ttl must be set in ydiameter.conf. This will enable incoming transaction tracking to detect retransmissions
Parameters handled in session start message:
- diam_node: Local node to use when sending the request
- diam_realm: Destination realm. If not set the Diameter module will try to select it from local node's realm
- diam_host: Destination host
- diam_proxy: Peer of local node to use
- diam_sess_params.session_flags: Session flags. Please check YDiameter for a detailed description of this parameter
- NOTES: Destination-Realm AVP is required by Diameter. The module MUST be able to detect one. Session start will fail otherwise
Some setups may require to not put Destination-Host AVP in any session request.
The Diameter module will automatically put it from received answer’s origin if not instructed to do otherwise:
diam_sess_params.session_flags=nodesthost
HTTP API charging in YateUCN (PGW auth via JSON )
- Auth message parameters
Initial Authentication parameters :
- route_type: constant string "data"
- component: constant string "PGW"
- role: AP role if configured
- newcall: boolean true
- caller: Subscriber's MSISDN
- imsi: Subscriber's IMSI
- called: AP Name, may include operator suffix (like mnc001.mcc001.gprs)
- rat_type: RAT Type, numeric, GTP style(1=UTRAN, 2=GERAN, 6=E-UTRAN)
- nsapi: Bearer ID, one hexadecimal character
- imei, imeisv: UE IMEI(SV). Only one of them may be present
- plmn: PLMN ID, 5 or 6 digits string
- loc_info: Hex string. 3GPP-User-Location-Info according to TS 29.061 16.4.7.2
- ms_tzdst: Hex string. MS timezone, GTP MS timezone IE
- ms_tzone: Readable format of time zone and DST: ±HH:MM(+1/2)
PCO (Protocol Configuration Options) parameters (present if received from UE) :
Booleans, always true. UE request for specific data:
- authname, password: For PAP (Password Authentication Protocol) secondary authentication
- dns_ipv4: DNS Server IPv4 Address Request
- ip_nas: IP address allocation via NAS signalling
- ms_nrb: MS support of Network Requested Bearer Control
- dhcp_ipv4: IPv4 address allocation via DHCPv4
- ims_signal: IM CN Subsystem Signaling Flag (used to indicate the dedicated signalling PDP context for IMS signalling)
- pcscf_ipv4: P-CSCF IPv4
- pcscf_ipv6: P-CSCF IPv6
- pcscf_resel: P-CSCF Re-selection support
- msisdn_req: MSISDN Request
- mtu_ipv4: IPv4 MTU Request
- mtu_nonip: Non-IP data MTU request
Re-auth (Re-authentication request)
Same parameters as initial authentication are used (except for PCO – Protocol Configuration Options related)
- Changes :
- newcall: Boolean false
- New parameters :
- redirecting: true/false. Bearer traffic is currently redirected
- qci: Bearer QCI, numeric
- qos: GTP style QoS (hex string). Present if received from SGSN/SGW and GTPv1 is used
- pdp_type: GTP style PDP type, numeric (0=IPv4, 2=IPv6, 3=IPv4v6, 4=nonip)
- ipv4, ipv6, ipv6_prefix: UE IP address for IP PDP type(s)
- reservation: Total reservation (quota) received on auth
- consumed: Total consumed octets, regardless CDR restart configuration
- inp_pkt, out_pkt, inp_oct, out_oct: numeric. These values are adjusted on CDR restart. These parameters are present if reauth_put_data option is enabled in PGW (default: no)
Answer :
- Initial auth only, cannot change an active session:
- ipv4: UE IPv4 to use (allocate)
- ipv6: UE IPv6 to use (allocate)
- tunnel: Tunnel name to use for the session
- dns4: IPv4 address of DNS server
- dns4_alt: Additional IPv4 address of DNS server
- dns6: IPv6 of DNS server. 32 hex chars or string with IPv6 address
- dns6_multi: Extra IPv6 address(es) of DNS server. Hex string (length multiple of 32)
- Initial or Re-authentication requests:
- quota_octets: Reservation, allocated quota
-
pcef: Object with policy data
policy: Name of the policy to apply.
NOTE: Handled in initial auth only! Policy name MUST be configured in policies.conf.
Session is rejected if not found on policy.conf file or blocked parameter is enabled in policy section.
For more details about policy of YateUCN equipment, see Policy and Charging Rules used in Public Data Network Gateway of YateUCN
All other pcef parameters will be overridden by configured policy. - kbps_ul, kbps_dl: Numeric. UL/DL AMBR for the bearer
- redirect: true/false. Enable or disable redirect
- blocked: true. Reject or terminate the data session
- All parameters are handled in initial auth. Re-auth handles the following parameters: quota_octets, pcef.
JSON samples
- Initial authentication :
Request :
{
“route_type”: “data”,
“component”: “PGW”,
“newcall”: true,
“dns_ipv4”: true,
“mtu_ipv4”: true,
“msisdn_req”: true,
“ip_nas”: true,
“caller”: “882801022”,
“called”: “internet”,
“imsi”: “001010000000001”,
“rat_type”: 6,
“imeisv”: “0134070049232002”,
“nsapi”: “5”,
“plmn”: “00101”,
“loc_info”: “8200f110432100f11001234567”,
“ms_tzdst”: “8000”,
“ms_tzone”: “+02:00”
}
Answer :
NOTE : just a sample to see handled parameters
{
“quota_octets”: 2048,
“dns4”: “8.8.8.8”,
“dns4_alt”: “192.168.168.1”,
“ipv4”: “10.9.172.50”,
“tunnel”: “tun-pdn”,
“pcef”: {
“policy”: “sample”,
“kbps_ul”: 1000,
“kbps_dl”: 5000,
“redirect”: true,
“blocked”: false
}
}
- Re-authentication :
Request :
{
“route_type”: “data”,
“component”: “PGW”,
“newcall”: false,
“caller”: “882801022”,
“called”: “internet”,
“imsi”: “001010000000001”,
“plmn”: “00101”,
“nsapi”: “5”,
“qci”: 9,
“rat_type”: 6,
“loc_info”: “8200f110432100f11007654321”,
“ms_tzdst”: “2101”,
“ms_tzone”: “+03:00(+1)”,
“imeisv”: “0134070049232002”,
“ipv4”: “10.9.172.50”,
“pdp_type”: 0,
“redirecting”: false,
“reservation”: 4096,
“inp_pkt”: 21,
“out_pkt”: 18,
“inp_oct”: 1764,
“out_oct”: 1512,
“consumed”: 3276
}