Difference between revisions of "Charging interfaces of YateUCN"
(→OCS: Data charging using Diameter Gy/Ro) |
(→OCS: Enabling data session traffic redirect support on Diameter Gy/Ro) |
||
Line 123: | Line 123: | ||
[00101:internet] | [00101:internet] | ||
redir_dscp=0xfc | redir_dscp=0xfc | ||
+ | '''NOTE: All other AP parameters MUST be set. The section is not inheriting internet AP's parameters.'''<br> | ||
This will enable support for Final-Unit-Indication AVP with Final-Unit-Action indicating redirect.<br> | This will enable support for Final-Unit-Indication AVP with Final-Unit-Action indicating redirect.<br> | ||
On OCS request traffic is redirected using iptables.<br> | On OCS request traffic is redirected using iptables.<br> |
Latest revision as of 09:42, 8 March 2019
Contents
Pre-requisites for using Gy/Ro
Enable the module implementing Gy/Ro
Edit /etc/yate/ucn/js-custom.conf (create it if missing).
Add the following:
[scripts] ucn_diam_charging=ucn_diam_charging.jsc
Create Diameter connection to OCS
Edit /etc/yate/ucn/acct-custom.conf (create it if missing).
Add the diameter connection:
[ocs] enabled=yes protocol=diameter local_node=epc.mnc001.mcc001.3gppnetwork.org/ucn-ocs.epc.mnc001.mcc001.3gppnetwork.org remote_host=HOST_NAME_OF_PEER apps=4 extra_vendors=10415 transport=sctp address=IP_TO_CONNECT_TO default_priority=0 default_realm_priority=0 default_route=1
NOTES:
- Remember local_node value: you'll need to set it up when configuring charging in specific module (PGW/EAP/SCF PPS)
- See https://docs.yate.ro/wiki/Ydiameter#Outgoing_connections for more information about Diameter connection parameters
- If you connect to OCS through a DRA you'll need to:
- Build a connection from DRA to OCS or from OCS to DRA
- Route requests between UCN node(s) and OCS.
YateDRA routing description can be found at https://wiki.yatebts.com/index.php/YateDRA_Routing.
PGW: Enabling pre-defined PCC rules
PCC rules are used by PGW when returned in first session user.auth message in pcc_rules parameter (comma separated list).
PCRF enabled: Predefined PCC rules are installed on PCRF request only. There is no support for pre-defined PCC rules to be installed automatically (unknown by PCRF).
PCRF not enabled: Predefined PCC rules are installed from start.
PCC rule parameters are documented in yate-ucn/conf/policies.conf.sample
regexroute.conf example:
[extra] user.auth=10 [user.auth] ${component}PGW=if ${called}internet={ ${imsi}^00101=return true;pcc_rules=dns,http,everything-else }
${called} = APN name, condition to enable charging functions on a certain APN (any regular expression can be used. Ex: if ${called}^internet$={ )
policies.conf example:
- The DNS service is not charged
- HTTP/non HTTP traffic is charged separately
- low_qos will be used as a pre-defined PCC rule activated by PCRF when subscriber's balance depletes. Service is allowed at a very low speed
[dns] flow.1.filter=permit out udp from any 53 to any flow.2.filter=permit in udp from any to any 53 flow.3.filter=permit out tcp from any 53 to any flow.4.filter=permit in tcp from any to any 53 [http] ocs=true cdr_service_id=1001 cdr_rating_group=1001 flow.1.filter=permit out tcp from any 80 to any flow.2.filter=permit in tcp from any to any 80 flow.3.filter=permit out tcp from any 443 to any flow.4.filter=permit in tcp from any to any 443 [everything-else] ocs=true cdr_service_id=2000 cdr_rating_group=2000 flow.1.filter=permit out ip from any to any flow.2.filter=permit in ip from any to any [low_qos] flow.1.filter=permit out ip from any to any flow.2.filter=permit in ip from any to any kbps_ul=100 kbps_dl=200
PGW: Enabling PCRF/OCS
PCRF or OCS may be enabled from AP config.
There is no support for PCRF and OCS usage at the same time (for the same data session). This would require dynamic credit key management: add/remove credit key(s) as PCC rules are added or removed.
The Diameter OCS implementation expects all known keys to be given when session starts.
NOTES:
- In the following examples the AP named 'internet' is configured for specific PLMN prefix
- Any other AP setup parameters MUST be configured also: NO OTHER PARAMETER IS TAKEN FROM AN EXITING [internet] SECTION
PCRF: Enabling Diameter Gx
Example of config used during a-billing-company interconnect tests:
ap.conf
[00101:internet] pcrf=yes pcrf_diam_node=epc.mnc001.mcc001.3gppnetwork.org/ucn1.epc.mnc001.mcc001.3gppnetwork.org pcrf_diam_realm=a-billing-company.com ; If a-billing-company has issues with session level monitoring removal. Force replace when receiving a new one pcrf_monitoring_session_replace=yes
NOTE: All other AP parameters MUST be set. The section is not inheriting internet AP's parameters.
OCS: Data charging using Diameter Gy/Ro
Example of config used during a-billing-company interconnect tests:
ap.conf
[00101:internet] ocs=yes ocs_service_context=32251@3gpp.org ocs_diam_node=epc.mnc001.mcc001.3gppnetwork.org/ucn-ocs.epc.mnc001.mcc001.3gppnetwork.org ocs_diam_realm=a-billing-company.com session_ocs_key=session session_ocs_cdr_service_id=1 session_ocs_cdr_rating_group=1
NOTE: All other AP parameters MUST be set. The section is not inheriting internet AP's parameters.
OCS: Enabling data session traffic redirect support on Diameter Gy/Ro
You must set the redirect DSCP to enable data traffic redirect support.
[00101:internet] redir_dscp=0xfc
NOTE: All other AP parameters MUST be set. The section is not inheriting internet AP's parameters.
This will enable support for Final-Unit-Indication AVP with Final-Unit-Action indicating redirect.
On OCS request traffic is redirected using iptables.
See Configure traffic redirect for data session on how to setup and configure.
UCN SCF PPS: Voice charging using Diameter Ro
yateucn.conf example:
[scf_pps] camel_key=1 camel_int=30 authorize=yes charging=ocs authorize_cdrwrite_ocs=true authorize_diam_node=epc.mnc099.mcc460.3gppnetwork.org/ucn1.epc.mnc099.mcc460.3gppnetwork.org authorize_diam_realm=epc.mnc099.mcc460.3gppnetwork.org cdr_cdrwrite_ocs=true
UCN EAP: Data charging using Diameter Gy/Ro
Enable OCS in netinfo.
netinfo.conf example:
[00101] ocs=true
yradius.conf example:
[client 192.168.168.50] secret=test add:Acct-Session-Id=${billid} add:NAS-IP-Address=${nas_addr} add:NAS-Identifier=${nas_id} add:NAS-Port=${nas_port} ret-fail:Error-Cause=error [listener eap] addr=192.168.168.172 port=1812 rad_auth=true put:$wlan=route_type put:EAP-Message=rad_eap put:State=rad_state put:Message-Authenticator=rad_auth add-fail:EAP-Message=${orad_eap} add-fail:State=${orad_state} add-fail:Message-Authenticator=${rad_auth} add-fail:Reply-Message=${orad_text} add:EAP-Message=${orad_eap} add:Message-Authenticator=${rad_auth} add:MS-MPPE-Recv-Key=${orad_msk1} add:MS-MPPE-Send-Key=${orad_msk2} ;add:Session-Timeout=${expires} add:Acct-Interim-Interval=${interim} [listener cdr] addr=192.168.168.172 port=1813 rad_acct=true put:$wlan=route_type put:$WLAN=component put:NAS-Port-Type=nas_type put:NAS-Port=nas_port put:NAS-IP-Address=nas_addr put:NAS-Identifier=nas_id put:Connect-Info=conn_info put:Acct-Authentic=authenticator put:Acct-Input-Packets=inp_pkt put:Acct-Output-Packets=out_pkt put:Acct-Input-Octets=inp_oct put:Acct-Output-Octets=out_oct put:Acct-Input-Gigawords=inp_hi32 put:Acct-Output-Gigawords=out_hi32 cisco_format=true quintum_format=false
Diameter sessions
Diameter:
- transaction_ttl must be set in ydiameter.conf. This will enable incoming transaction tracking to detect retransmissions
Parameters handled in session start message:
- diam_node: Local node to use when sending the request
- diam_realm: Destination realm. If not set the Diameter module will try to select it from local node's realm
- diam_host: Destination host
- diam_proxy: Peer of local node to use
- diam_sess_params.session_flags: Session flags. See Ydiameter for description
NOTES:
- Destination-Realm AVP is required by Diameter. The module MUST be able to detect one. Session start will fail otherwise
Some setups may require to not put Destination-Host AVP in any session request.
The Diameter module will automatically put it from received answer's origin if not instructed to do otherwise:
diam_sess_params.session_flags=nodesthost
Diameter Gy/Ro AVPs
CCR
AVP | Code/Vendor | Notes |
---|---|---|
Service-Context-Id | 461 | |
Subscription-Id | 443 | May be repeated for Subscription-Id-Type END_USER_E164 and END_USER_IMSI |
Subscription-Id-Type | 450 | |
Subscription-Id-Data | 444 | |
User-Equipment-Info | 458 | |
User-Equipment-Info-Type | 459 | IMEISV |
User-Equipment-Info-Value | 460 | |
Multiple-Services-Credit-Control | 456 | |
Service-Identifier | 439 | |
Rating-Group | 432 | |
Requested-Service-Unit | 437 | |
CC-Time | 420 | |
CC-Total-Octets | 421 | Data charging only |
CC-Input-Octets | 412 | Data charging only |
CC-Output-Octets | 414 | Data charging only |
Used-Service-Unit | 446 | |
CC-Time | 420 | |
CC-Total-Octets | 421 | Data charging only |
CC-Input-Octets | 412 | Data charging only |
CC-Output-Octets | 414 | Data charging only |
Reporting-Reason | 872/10415 | |
Service-Information | 873/10415 | |
PS-Information | 874/10415 | Data charging only |
3GPP-RAT-Type | 21/10415 | ETSI TS 29.061 |
3GPP-SGSN-MCC-MNC | 18/10415 | ETSI TS 29.061 |
3GPP-User-Location-Info | 22/10415 | ETSI TS 29.061 |
IMS-Information | 876/10415 | Voice charging only |
Role-Of-Node | 829/10415 | ORIGINATING_ROLE or TERMINATING_ROLE |
Node-Functionality | 862/10415 | |
Calling-Party-Address | 831/10415 | |
Called-Party-Address | 832/10415 | |
Requested-Party-Address | 1251/10415 | |
VCS-Information | 3410/10415 | Voice charging only |
MSC-Address | 3417/10415 | |
ISUP-Location-Number | 3414/10415 | |
VLR-Number | 3420/10415 | |
3GPP-User-Location-Info | 22/10415 | Voice charging only. ETSI TS 29.061 |
CCA
AVP | Code/Vendor | Notes |
---|---|---|
Credit-Control-Failure-Handling | 427 | |
Multiple-Services-Credit-Control | 456 | |
Service-Identifier | 439 | |
Rating-Group | 432 | |
Granted-Service-Unit | 431 | |
CC-Time | 420 | |
CC-Total-Octets | 421 | Data charging only |
CC-Input-Octets | 412 | Data charging only |
CC-Output-Octets | 414 | Data charging only |
Validity-Time | 448 | |
Time-Quota-Threshold | 868/10415 | |
Volume-Quota-Threshold | 869/10415 | |
Final-Unit-Indication | 430 | Data charging only |
Final-Unit-Action | 449 | TERMINATE or REDIRECT |
Redirect-Server | 434 | |
Redirect-Address-Type | 433 | IPv4, IPv6 or URL |
Redirect-Server-Address | 435 |
RAR
AVP | Code/Vendor |
---|---|
Service-Identifier | 439 |
Rating-Group | 432 |