Page 1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-26148-02...
Page 3: Table Of Contents
Configuring RADIUS Attribute Format Configuring AAA Attribute Format Function Making RADIUS Server Settings Configuring RADIUS Server Settings Configuring Automated Testing Setting IP DSCP for RADIUS Server Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 4 Enabling IPoE Subscribers on an Access Interface Establishing PPPoE Session Provisioning PPP PTA Session Creating PPPoE Profiles Creating a PPP Dynamic-Template Creating a Policy-Map to Run During PPPoE Session Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 5 Parameterized QoS Parameterized QoS Syntax Configuring Parameterized QoS Policy Through RADIUS Modifying Service Policy through CoA QoS Accounting Configuring QoS Accounting QoS Features Supported on BNG Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 6 HTTP Redirect Using PBR Identifying HTTP Destinations for Redirection Configuring Class Maps for HTTP Redirection Configuring Policy Map for HTTP Redirect Configuring Dynamic Template for Applying HTTPR Policy Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 7 Vendor-Specific Attributes for Account Operations RADIUS ADSL Attributes RADIUS ASCEND Attributes RADIUS Microsoft Attributes RADIUS Disconnect-Cause Attributes Action Handlers A P P E N D I X C Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 8 Contents Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x viii OL-26148-02...
Page 9: Obtaining Documentation And Submitting A Service Request
Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
Page 10 Preface Obtaining Documentation and Submitting a Service Request Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 11: Chapter
BNG is deployed by the service provider and is present at the first aggregation point in the network, such as the edge router. An edge router, like the Cisco ASR 9000 Series Router, needs to be configured to act as the BNG.
Page 12: Bng Architecture
BNG connects to the CPE through a multiplexer and Home Gateway (HG). The CPE represents the triple play service in telecommunications, namely, voice (phone), video (set top box), and data (PC). The individual Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 13 As the DHCP proxy, BNG itself maintains the address pool by acquiring it from DHCP server, and also manages the IP address lease. BNG communicates on Layer 2 with the client Home Gateway, and on Layer 3 with the DHCP server. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 14: Bng Role In Isp Network Models
As shown in the above figure, BNG is at the edge router, and its role is to connect to the core network through uplinks. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 15: Bng Configuration Process
• Establishing Subscriber Sessions—Configurations are done to set up one or more logical sessions, from the subscriber to the network, for accessing broadband services. Each session is uniquely tracked and managed. For details, see Establishing Subscriber Sessions, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 16: Hardware Requirements For Bng
These hardwares support BNG: • BNG is supported on Satellite Network Virtualization (nV) system. • BNG is supported on Cisco ASR 9000 Series Aggregation Services Routers only with RSP-440 route switch processors. The RSP 2 route switch processor does not support BNG.
Page 17: Bng Interoperability
• This topology is supported on nV Satellite, but not supported on BNG: ◦ Single Ethernet ports (non-bundle) on the CPE side of the Satellite node, connected to the ASR9K through non-bundle configuration (static-pinning). Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 18: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
• This topology is not supported on nV Satellite: ◦ Bundled Ethernet ports on the CPE side of the Satellite node, connected to the ASR9K through bundle Ethernet connections. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 19: Configuring Authentication, Authorization, And Accounting Functions
The RADIUS server runs the Remote Authentication Dial-In User Service (RADIUS) protocol. (For details about RADIUS protocol, refer to RFC Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 20: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
The RADIUS protocol runs on a distributed client-server system. The RADIUS client runs on BNG (Cisco ASR 9000 Series Router) that sends authentication requests to a central RADIUS server. The RADIUS server contains all user authentication and network service access information.
Page 21: Using Radius Server Group
6. load-balance method least-outstanding batch-size size ignore-preferred-server 7. server host_name acct-port accounting_port_number auth-port authentication_port_number 8. source-interface name value 9. vrf name 10. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 22: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
0 to 65535. Example: If no value is specified, then the default is 1645 for RP/0/RSP0/CPU0:router(config-sg-radius)# server 1.2.3.4 auth-port, and 1646 for acct-port. acct-port 455 auth-port 567 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 23: Specifying Method List
On BNG, you have to specify the method list and the server group that will be used for AAA services. For specifying method lists, see Configuring Method Lists for AAA, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 24: Configuring Method Lists For Aaa
... Step 5 Use the commit or end command. commit—Saves the configuration changes and remains within the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 25: Defining Aaa Attributes
CLI or RADIUS through configured "activate" actions on the Policy Rule Engine, or through CoA "activate-service" requests. Services can also be deactivated directly (removing all the involved features within Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 26: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
"@" as the username. Then, "text" is dropped from the input, and the new username is "abc.com". To apply username truncation function to a named-attribute format, see Configuring AAA Attribute Format Function, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 27: Creating Attributes Of Specific Format
An example of constructing the NAS-Port-ID from just the BNG port information, and with "0/0/0/0/0/0" appended at the end for circuit-ID, is: aaa attribute format NAS-PORT-ID-FORMAT2 format-string “eth %s/%s/%s:%s.%s 0/0/0/0/0/0” physical-slot physical-subslot physical-port outer-vlan-Id inner-vlan-id Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 28: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
Examples of constructing called-station-ID from mac-address, remote-ID, and circuit-ID are: aaa radius attribute called-station-id format CLDID-FORMAT aaa attribute format CLDID-FORMAT format-string “%s:%s” client-mac-address-raw circuit-id-tag Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 29: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
Whether value can be Whether value can be derived from configured on the associated interface interface configuration mode ASYNC SYNC ISDN ISDN_V120 ISDN_V110 VIRTUAL ISDN_PIAFS ETHERNET Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 30: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
Virtual-PPPoEoQinQ (assuming 2 vlan tags): interface-type 0: slot 0: adapter 17 (bundle-id): port Vlan-Ids: whatever the outer and inner vlan-ids received in the PADR were. 8: session-id Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 31: Configuring Radius Attribute List
5. vendor-type vendor-type-value 6. Use the commit or end command. DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 32: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
Configuring RADIUS Attribute List: An example configure radius-server attribute list list_! attribute B C attribute vendor-id vendor-type 10 vendor-type 30 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 33: Configuring Radius Attribute Format
• Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 34: Configuring Aaa Attribute Format Function
Step 3 username-strip prefix-delimiter prefix_delimiter Configures the function to strip the username preceding the prefix delimiter, which is @. Example: RP/0/RSP0/CPU0:router(config-id-format)# username-strip prefix-delimiter @ Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 35: Making Radius Server Settings
Allows RADIUS packets to be marked with a specific Differentiated Services Code Point (DSCP) value. For more making RADIUS server settings, see Configuring RADIUS Server Settings, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 36: Configuring Radius Server Settings
Specifies the radius server and its host name. auth-port authentication_port_number Configures the UDP port for RADIUS accounting and authentication requests. The accounting and Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 37: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
Configures the radius load-balancing options by radius-server load-balance method least-outstanding ignore-preferred-server batch-size size picking the server with the least outstanding transactions. This load-balancing method uses the Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 38: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
• Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 39: Cisco Asr 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide
\\Configuring Dead Criteria for RADIUS Server configure radius-server dead-criteria time 60 radius-server dead-criteria tries 60 \\Configuring Disallow Username configure radius-server disallow null-username \\Setting IP DSCP for RADIUS Server Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 40: Configuring Automated Testing
• Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 41: Setting Ip Dscp For Radius Server
Step 4 Use the commit or end command. commit—Saves the configuration changes and remains within the configuration session. end—Prompts user to take one of these actions: Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 42: Balancing Transaction Load On The Radius Server
Perform this task to activate the load balancing function for the global RADIUS server group. As an example, in this configuration the preferred server is set to be ignored. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 43 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 44: Configuring Load Balancing For A Named Radius Server Group
500 Step 4 Use the commit or end command. commit—Saves the configuration changes and remains within the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 45: Throttling Of Radius Records
• access-timeout NUMBER_OF-TIMEOUTS—Specifies the number of consecutive timeouts that must occur on the router, after which access-requests are dropped. The range of is from 0 to 10. The default is 3. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 46: Configuring Radius Throttling Globally
The threshold value denotes the number of outstanding accounting transactions after which throttling should be performed. The range is from 0 to 65535, and the preferred value is 100. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 47: Configuring Radius Throttling On A Server Group
2. aaa group server radius server_group_name 3. server hostname acct-port acct_port_value auth-port auth_port_value 4. throttle access threshold_value access-timeout value accounting threshold_value 5. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 48 Configuring RADIUS Throttling on a Server Group: An example configure aaa group server radius SG1 server 99.1.1.10 auth-port 1812 acct-port 1813 radius-server throttle access 10 access-timeout 5 accounting 10 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 49: Radius Change Of Authorization (Coa) Overview
A service update CoA should have a minimum of these attributes: • vsa cisco generic 1 string "subscriber:command=service-update" • vsa cisco generic 1 string "subscriber:service-name=<service name>" Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 50: Understanding Per-Vrf Aaa Function
Subsequently, the BNG redirects the original request, and sends it as a second request, to the correct RADIUS server that is associated with the designated VRF. Additional References These sections provide references related to implementing RADIUS. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 51 Registered Cisco.com users can log in from this page to access even more content. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 52 Configuring Authentication, Authorization, and Accounting Functions Additional References Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 53: Activating Control Policy
The policy-map also defines the actions that will be performed during these events. However, these actions are performed only when certain conditions Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 54: Creating Class-Map
The class-map is used to define traffic class. The traffic is classified based on match criteria defined in the class-map. The parameter for match criteria can be protocol, MAC address, input interface, access group, and so on. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 55: Configuring A Class-Map
Defines the match-criteria to be PPP protocol. More than one match statement can be applied per Note Example: class-map. RP/0/RSP0/CPU0:router(config-cmap)# match protocol Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 56: Creating Policy-Map
Like with a class-map, each policy-map is assigned a name for identification. The policy-map name is specified when activating the policy-map on the router interface. For creating a policy-map, see Configuring a Policy-Map, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 57: Control Policy Events
Instead of disconnecting the subscriber, the service provider can perform a re-authentication. The re-authentication is done through a new account-logon by enabling HTTP Redirect feature on the subscriber. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 58: Configuring A Policy-Map
Associates a class-map with the event. The class-map name has to be specified. Example: Instructs that the actions will be performed until a failure occurs. RP/0/RSP0/CPU0:router(config-pmap-e)# class type control subscriber CL1 do-until-failure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 59 • Cancel—Remains in the configuration mode, without committing the configuration changes. Configuring a Policy-Map: An example policy-map type control subscriber PL1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 60: Activating Policy-Map
Bundle-Ether100.10 Step 3 service-policy type control subscriber policy_name Applies a pre-defined policy-map named 'plmap1' to an access interface. Example: RP/0/RSP0/CPU0:router(config-if)# service-policy type control subscriber plmap1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 61: Defining Dynamic Templates
In the following sample configuration, the policy map downloads a service template from the AAA server. Radius Config: service1 Password="xxxxxx" Cisco-avpair = "ipv4:ipv4-unnumbered=Loopback400" Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 62: Additional References
MIBs Link To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 63 Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 64 Activating Control Policy Additional References Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 65: Establishing Subscriber Sessions
Access-List blocking everything but DHCP incoming on the access interface to limit remote subscribers for which we don't have an interface created from accessing network resources. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 66 Load-balancing is achieved by putting different subscribers on different links. There are two mechanisms to establish a subscriber session, namely, IPoE and PPPoE. These are discussed next in the next topics. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 67: Establishing Ipoe Session
For subscriber deployments, it is recommended that Dynamic ARP learning be disabled Note in the access-interface, using the arp learning disable command in the access-interface configuration mode. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 68: Enabling Ipv4 On An Access Interface
4. ipv4 unnumbered interface-type interface-instance 5. Use the commit or end command. DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 69 Enabling IPv4 on an Access Interface: Examples //Enabling IPv4 on an Access Interface configure interface Bundle-Ether100.10 arp learning disable ipv4 unnumbered loopback 5 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 70: Creating Dynamic Template For Ipv4 Subscriber Session
Example: RP/0/RSP0/CPU0:router(config-dynamic-template)# type ipsubscriber ipsub1 Step 4 timeout idle value IPv4 or IPv6 or Dual-stack Subscribers support idle timeout feature. Example: RP/0/RSP0/CPU0:router(config-dynamic-template-type)# timeout idle 600 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 71 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 72: Creating A Policy-Map To Run During Ipoe Session
RP/0/RSP0/CPU0:router(config)# policy-map type control subscriber IPoE_policy Step 3 event session-start match-first Defines an event (session start) for which actions will be performed. Example: RP/0/RSP0/CPU0:router(config-pmap)# event session-start match-first Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 73 IPoE_policy event session-start match-first class type control subscriber class-default do-until-failure 1 activate dynamic-template ipsub1 1 authorize aaa list default format RM_User password Cisco Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 74: Enabling Ipoe Subscribers On An Access Interface
(/) between values is required as part of the notation. ◦ The number range for a virtual interface instance varies depending on the interface type. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 75 If multiple initiators are used, use a policy or Note RP/0/RSP0/CPU0:router(config-subif-ipsub-ipv4-l2conn)# class map to prevent overlap of the IP addresses initiator unclassified-source for the different sources. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 76: Establishing Pppoe Session
• PPPoE Active Discovery Initiation (PADI)—The CPE broadcasts to initiate the process to discover BNG. • PPPoE Active Discovery Offer (PADO)—The BNG responds with an offer. • PPPoE Active Discovery Request (PADR)—The CPE requests to establish a connection. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 77: Provisioning Ppp Pta Session
The subscriber creation function must be explicitly enabled on BNG. Unless this function is enabled, the system will not attempt subscriber classification. As a result, the packets get forwarded based on the incoming interface mode. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 78: Creating Pppoe Profiles
• Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 79: Creating A Ppp Dynamic-Template
Link Control Protocol (LCP). Example: RP/0/RSP0/CPU0:router(config-dynamic-template-type)# ppp authentication chap Step 5 Use the commit or end command. commit—Saves the configuration changes and remains within the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 80: Creating A Policy-Map To Run During Pppoe Session
5. sequence_number activate dynamic-template dynamic-template_name 6. event session-activate match-all 7. class type control subscriber class_name do-until-failure 8. sequence_number authenticate aaa list default 9. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 81 Configures the class to which the subscriber is to be matched. When there is a match, executes all actions until a failure is do-until-failure encountered. Example: RP/0/RSP0/CPU0:router(config-pmap-e)# class type control subscriber PPP_class do-until-failure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 82: Applying The Pppoe Configurations To An Access Interface
SUMMARY STEPS 1. configure 2. interface type interface-path-id 3. service-policy type control subscriber policy_name 4. pppoe enable bba-group bbagroup_name 5. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 83 Applying the PPPoE Configurations to an Access Interface: An example configure interface Bundle-Ether100.10 service-policy type control subscriber PL1 pppoe enable bba-group bba_1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 84: Provisioning Ppp Lac Session
• Preventing creation of additional VPDN sessions. See, Configuring Softshut for VPDN, on page This is a sample user-profile for L2TP LAC: abc_xyz@domain.com Password="abc" Service-Type = Outbound-User, Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 85: Configuring The Vpdn Template
Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Step 2 Enters the VPDN template sub-mode. vpdn template Example: RP/0/RSP0/CPU0:router(config)# vpdn template Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 86 • Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 87: Configuring Maximum Simultaneous Vpdn Sessions
3. session-limit number_of_sessions 4. Use the commit or end command. DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 88: Activating Vpdn Logging
Perform this task to activate logging of VPDN event information. When VPDN event logging is enabled, VPDN event messages are logged as the events occur. Tunnel start and stop records are generated without any tunnel statistics. Note Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 89 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 90: Configuring Options To Apply On Calling Station Id
DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Step 2 vpdn Enters the VPDN sub-mode. Example: RP/0/RSP0/CPU0:router(config)# vpdn Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 91: Configuring L2Tp Session-Id Commands
Perform this task to configure L2TP session-id commands. SUMMARY STEPS 1. configure 2. vpdn 3. l2tp session-id space hierarchical 4. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 92: Configuring L2Tp Class Options
Configuring L2TP Session-ID Commands: An example configure vpdn l2tp session-id space hierarchical Configuring L2TP Class Options Perform this task to configure the various options for L2TP class. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 93 [check disable |hash { MD5 | SHA1 } | secret { 0 | 7 | LINE Messages the Digest configuration for L2TPv3 control connection. Example: RP/0/RSP0/CPU0:router(config-l2tp-class)# digest check disable Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 94 • Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 95: Configuring Softshut For Vpdn
DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Step 2 vpdn Enters the VPDN sub-mode. Example: RP/0/RSP0/CPU0:router(config)# vpdn Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 96: Making Dhcp Settings
Aggregation Services Router IP Addresses and Services Configuration Guide. For a complete list of DHCP commands supported on ASR9K router, refer to the DHCP Commands chapter in the Cisco ASR 9000 Series Aggregation Services Router IP Addresses and Services Command Reference.
Page 97: Enabling Dhcp Proxy
In this state the client interacts with BNG as if it is the DHCP server. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 98: Configuring Dhcp Ipv4 Profile Proxy Class
• Attaching proxy profile to an interface. See, Attaching a Proxy Profile to an Interface, on page 94 Configuring DHCP IPv4 Profile Proxy Class Perform this task to define DHCP. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 99 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 100: Configuring A Circuit-Id For An Interface
RP/0/RSP0/CPU0:router(config-dhcpv4)# interface Bundle-Ether 355 Step 4 proxy information option format-type circuit-id Configures the circuit-id for this interface. value Example: RP/0/RSP0/CPU0:router(config-dhcpv4)# proxy information option format-type circuit-id Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 101: Configuring A Remote-Id
4. relay information option remote-id value 5. Use the commit or end command. DETAILED STEPS Command or Action Purpose Step 1 Enters global configuration mode. configure Example: RP/0/RSP0/CPU0:router# configure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 102: Configuring The Client Lease Time
Configuring the Client Lease Time Perform this task to configure the client lease time. It defines the time period after which the client lease expires. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 103 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 104: Attaching A Proxy Profile To An Interface
• Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 105: Specifying Dhcp Lease Limit
Specifying the Lease Limit for an Interface, on page 98 Specifying the Lease Limit for a Circuit-ID Perform this task to specify the lease limit for each Circuit-ID. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 106 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 107: Specifying The Lease Limit For A Remote-Id
• Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 108: Specifying The Lease Limit For An Interface
Enters the IPv4 DHCP configuration mode. Example: RP/0/RSP0/CPU0:router(config)# dhcp ipv4 Step 3 profile profile-name proxy Creates a DHCP profile. Example: RP/0/RSP0/CPU0:router(config-dhcpv4)# profile profile1 proxy Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 109: Understanding Dhcp Option-82
In a DHCP processing, the gateway address specifies both the subnet on which a DHCP client resides, and the IP address that the server uses to communicate with the relay agent. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 110: Packet Handling On Subscriber Interfaces
BNG also supports receiving a ping request from both IPv4 subscribers. Excessive Punt Flow Trap feature should be disabled when sending a high rate of pings Note to, or from subscriber interfaces. • Option Handling Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 111: Additional References
• Fragmentation BNG does not support fragmentation of packets destined to the PPPoE or IP subscriber interfaces. In Cisco IOS XR, fragmentation is handled by linecard (LC) CPU or route processor Caution (RP) CPU. All packets requiring fragmentation are policed by local packet transport service (LPTS), to a maximum of 2500 packets per second (pps) for each network processing unit (NPU).
Page 112 Registered Cisco.com users can log in from this page to access even more content. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 113: Deploying The Quality Of Service (Qos)
One of the unique features of BNG is QoS accounting. This feature enables BNG to collect and report QoS encapsulation information to the RADIUS server. For details, see QoS Accounting, on page 119. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 114: Configuring Service-Policy And Applying Subscriber Settings Through Radius
2. policy-map type qos q_in 3. class class-default 4. service-policy q_child_in 5. policy-map type qos q_out 6. class class-default 7. service-policy q_child_out 8. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 115 • Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 116: Configuring Service-Policy And Applying Subscriber Settings Through Dynamic Template
6. class class-default 7. service-policy q_child_out 8. dynamic-template type ppp dynamic_config 9. service-policy input q_in 10. service-policy output q_out 11. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 117 Step 8 dynamic-template type ppp dynamic_config Configures dynamic-template of the type ppp and applies the configuration through dynamic-template. Example: RP/0/RSP0/CPU0:router(config)# dynamic-template type ppp dynamic_config Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 118: Parameterized Qos
Parameterized Quality of Service (PQoS) guarantees reliable performance of a network application by reserving for it the required network bandwidth. In this case, the prioritization is based on the type of data being carried by the packet. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 119: Parameterized Qos Syntax
Modifying Service Policy through CoA , on page 117. Parameterized QoS Syntax Parameterized QoS Syntax QoS Action Qualifiers Commands Parameter Shape QoS Action shape(<rate-in-kbps>) CLI Equivalent shape average <shape-rate> <kbps> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 120 4000, 4000,transmit, set-ipprec(< Example precedence>), drop) ) Police (Variant QoS Action Police (<conform-rate-in-kbps>) CLI Equivalent police rate <kbps> RADIUS qos-policy-in:add-class(sub,(class-default, voip), police(200000) ) Equivalent - Example Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 121 QoS Action set-ip-prec(<precedence>) Precedence CLI Equivalent set precedence <precedence> RADIUS qos-policy-out:add-class(sub,(class-default,voip), set-ip-prec(5)) Equivalent - Example Set CoS QoS Action set-cos(<cos-val>) CLI Equivalent set cos <cos-val> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 122 Set dscp <dscp-val> RADIUS qos-policy-out:add-class(sub,(class-default,voip), set-ip-dscp(46)) Equivalent - Example Queue Limit in QoS Action queue-limit(<qlimit-in-packets>) packets CLI Equivalent queue-limit <val> < packets> RADIUS qos-policy-out:add-class(sub,(class-default,voip),queue-limit(64)) Equivalent - Example Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 123 Equivalent - Example Priority Level QoS Action pri-level(<priority-level>) CLI Equivalent priority level <priority-level> RADIUS qos-policy-out:add-class(sub,(class-default, voip), pri_level(1)) Equivalent - Example Set discard class QoS Action set-dclass(<discard-class-val>) Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 124: Configuring Parameterized Qos Policy Through Radius
Perform this task to deploy parameterized QoS policy and apply subscriber settings through the RADIUS server. These steps are performed on the RADIUS server for each subscriber. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 125 Step 2 Cisco-AVPair+= "ip:qos-policy-in=add-class(sub, Configures the cisco-avpair class-map in input (class-default,voice_in), pri-level(1), police(256))" direction for the police action parameter. Example: Cisco-AVPair = "ip:qos-policy-in=add-class(sub, (class-default,voice_in), pri-level(1), police(256))" Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 126 Step 9 Cisco-AVPair+= "ip:qos-policy-out=add-class(sub, Configures the cisco-avpair class-map in output (class-default,data_out), bw-rpct(20))" direction for the bandwidth action parameter. Example: Cisco-AVPair = "ip:qos-policy-out=add-class(sub, (class-default,data_out), bw-rpct(20))" Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 127: Modifying Service Policy Through Coa
Cisco VSA corresponding to the steps in this task. SUMMARY STEPS 1. qos-policy-out remove-class(sub, (class-default, voip)) 2. qos-policy-out add-class(sub, (class-default, video), bw-rpct(50), pri-level(2)) 3. qos-policy-out add-class(sub, (class-default, data), shape(400),set-ip-prec(1)) Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 128 __sub_5e311c4f_child1 shape average 100000 kbps end-policy-map //Modifying Service Policy through CoA qos-policy-out=remove-class(sub, (class-default, voip)) qos-policy-out=add-class(sub, (class-default, video), bw-rpct(50), pri-level(2)) qos-policy-out=add-class(sub, (class-default, data), shape(400),set-ip-prec(1)) Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 129: Qos Accounting
Untagged Ethernet IPoA NULL (4) snap-rbe AAL5 Untagged Ethernet Ethernet over AAL5 LLC without FCS snap-dot1q-rbe AAL5 Single-Tagged Ethernet over AAL5 Ethernet LLC without FCS Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 130: Configuring Qos Accounting
[ppp|ip-subscriber|service]name Specifies the type of dynamic template that needs to be applied. Three type are: Example: • PPP RP/0/RSP0/CPU0:router(config-dynamic-template)# type ppp p1 • IP-subscriber Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 131: Qos Features Supported On Bng
Configuring QoS Accounting: An example configure dynamic-template type ppp p1 qos account AAL5 mux-1483routed service-policy input input_1 QoS Features Supported on BNG BNG supports these QoS features: Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 132 The classification of an incoming L2TP packet on the ingress core side interface is always based on the outer IP fields even if the packet arrives with an MPLS tag stack. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 133 COS value, then a PPP command is provided to impose the core-side header based on the set trusted-COS. Thus, this ensures the priority treatment of these control packets in the network. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 134 Flat – class-default only. 2 level, with parent class-default only and child any classification. Subscriber CLI/XML Dynamic-Template 2 level, with parent class-default only and child any classification. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 135: Configuring Policy On S-Vlan
Subscriber Child Level Any, with baseline Absolute and percent Policy restrictions Configuring Policy on S-VLAN Perform this task to apply a QoS policy on a S-VLAN. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 136 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 137: Additional References
Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 138 Deploying the Quality of Service (QoS) Additional References Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 139: Access Control List And Access Control List-Based Forwarding
VSAs from RADIUS. Deploying ABF (using ACL) involves these stages: • Defining an ACL, see Configuring Access-Control Lists, on page 130. • Applying the ACL to an access-interface, see Activating ACL, on page 131. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 140: Configuring Access-Control Lists
• Yes— Saves configuration changes and exits the configuration session. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 141: Activating Acl
Command or Action Purpose Step 1 Enters global configuration mode. configure Example: RP/0/RSP0/CPU0:router# configure Step 2 dynamic-template Enters the dynamic-template configuration mode. Example: RP/0/RSP0/CPU0:router(config)# dynamic-template Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 142: Support For Lawful Intercept
Intercept mandates vary greatly from country to country. Lawful Intercept compliance in the United States is specified by the Communications Assistance for Law Enforcement Act (CALEA). Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 143: Per-Session Lawful Intercept
Intercept. This Lawful Intercept implements IPv4, IPv6, and multicast traffic interception using the Cisco-defined MIBs. By default, the SNMP-based Lawful Intercept feature is enabled on the Cisco ASR 9000 Series Router, which allows you to configure the taps. For more information about disabling SNMP-based...
Page 144: Disabling Snmp-Based Lawful Intercept
• CISCO-TAP2-MIB—Used for lawful intercept processing. It contains SNMP management objects that control lawful intercepts on a Cisco ASR 9000 Series Router. The mediation device uses the MIB to configure and run lawful intercepts on targets sending traffic through the Cisco ASR 9000 Series Router.
Page 145: Configuring The Inband Management Plane Protection Feature
Note Ensure this task is performed, even if you have recently migrated to Cisco IOS XR Software from Cisco IOS, and you had MPP configured for a given protocol.
Page 146 • Passwords must be eight characters or longer to comply with SNMPv3 security minimums. • Minimum Lawful Intercept security level is auth; The noauth option will not work, as it indicates noAuthnoPriv security level. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 147 TapGroup v3 auth read TapView write TapView notify TapView snmp-server host 223.255.254.224 traps version 3 auth bgreen udp-port 2555 snmp-server mduser-id TapGroup v3 auth md5 mdpassword Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 148: Subscriber Session On Ambiguous Vlans
4. ipv4 | ipv6address source-ip-address destination-ip-address 5. service-policy type control subscriber policy_name 6. ipsubscriber ipv4 l2-connected 7. initiator dhcp 8. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 149 PL1 policy_name. Example: RP/0/RSP0/CPU0:router(config-if)# service-policy type control subscriber PL1 Step 6 ipsubscriber ipv4 l2-connected Enables l2-connected IPv4 IP subscriber. Example: RP/0/RSP0/CPU0:router(config-if)# ipsubscriber ipv4 l2-connected Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 150: Urpf
IPv4 subscribers and is enabled using a dynamic template. To define a dynamic template for enabling uRPF, see Creating Dynamic Template for IPv4 Subscriber Session, on page Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 151: Multicast Services
On BNG, the multicast services coexist with regular unicast services. The multicast feature on BNG is the same as the existing L3 multicast feature already supported on the Cisco ASR 9000 Series Routers. On BNG, multicast is enabled on the trunk interfaces, and the VLANs created over physical interfaces and bundles.
Page 152: Multicast Replication
PPPoE subscriber from bursty unicast traffic. The bandwidth profiles for multicast flows need to be configured on BNG. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 153: Configuring Minimum Unicast Bandwidth
Sets the guaranteed minimum bandwidth, in kbps, for a subscriber. Range is from 1 to 4294967295. Example: RP/0/RSP0/CPU0:router(config-dynamic-template-type)# qos output minimum-bandwidth 10 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 154: Configuring Multicast Hqos Correlation Mode Or Passive Mode
PPPoE interfaces. SUMMARY STEPS 1. configure 2. dynamic-template 3. type ppp dynamic-template name 4. multicast ipv4 <qos-correlation | passive> 5. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 155: Igmp To Unicast Qos Shaper Correlation
The Unicast QoS Shaper correlation feature configures the bandwidth profiles for the multicast flows and allows the IGMP messages to derive the multicast bandwidth usage for each subscriber. On the PPPoE Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 156: Configuring The Igmp To Hqos Correlation Feature In A Vrf
Configures the time before downloading a batch of interfaces to IGMP QoS shaper for subscriber unicast traffic. The download interval time ranges from 10 to 500 milliseconds. Example: RP/0/RSP0/CPU0:router(config-igmp)# unicast-qos-adjust download-interval 10 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 157: Configuring Route-Policy For Unicast Qos Shaper
10 unicast-qos-adjust holdoff 5 vrf vrf1 traffic profile routepolicy1 Configuring route-policy for Unicast QoS Shaper Perform this task to configure route-policy for unicast QoS shaper. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 158 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 159: Configuring Igmp Parameters For Subscriber Interfaces
2. dynamic-template 3. type ppp dynamic-template name 4. igmp explicit-tracking 5. igmp query-interval value 6. igmp query-max-response-time query-response-value 7. Use the commit or end command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 160 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 161: Igmp Accounting
Perform this task to configure the IGMP accounting. SUMMARY STEPS 1. configure 2. router igmp 3. accounting [ max-history ] days 4. Use the commit or end command. 5. show igmp interface Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 162 Step 5 (Optional) Displays IGMP interface information. show igmp interface Example: RP/0/RSP0/CPU0:router# show igmp interface Configuring IGMP Accounting: An example configure router igmp accounting max-history 45 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 163: Daps Support
Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Step 2 pool ipv4 ipv4-pool-name Configures IPv4 pool name. Example: RP/0/RSP0/CPU0:router(config)# pool ipv4 pool1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 164: Http Redirect Using Pbr
In such cases, the subscriber is allowed to access the network but restricted to what is known as an "open-garden". An open-garden is a collection of network resources that subscribers Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x...
Page 165: Identifying Http Destinations For Redirection
Identifying HTTP Destinations for Redirection Perform this task to define access lists that identify http destinations that require redirection or are part of an open garden: Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 166 • The optional log-input keyword provides the same function as the log keyword, except that the logging message also includes the input interface. Example: RP/0/RSP0/CPU0:router(config-ipv4-acl)# 10 permit Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 167 Identifying HTTP Destinations for Redirection: An example configure ipv4 access-list <redirect-acl> 10 permit tcp any any syn eq www 20 permit tcp any any ack eq www Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 168: Configuring Class Maps For Http Redirection
The redirect acl name provided in this step is the Note one configured in the configuration step mentioned RP/0/RSP0/CPU0:router(config-cmap)# match not in the prerequisites. access-group ipv4 open_garden_acl Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 169 [match-any | match-all] <open-garden-class> match [not] access-group ipv4 allow-acl end-class-map class-map type traffic [match-any | match-all] <http-redirect-class> match [not] access-group ipv4 redirect-acl end-class-map Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 170: Configuring Policy Map For Http Redirect
The open garden acl name provided in this step is the one configured in the configuration step RP/0/RSP0/CPU0:router(config-pmap)# class type mentioned in the prerequisites. traffic CL1 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 171 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 172: Configuring Dynamic Template For Applying Httpr Policy
Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RSP0/CPU0:router# configure Step 2 Creates a dynamic template of type "ipsubscriber". dynamic-template type ipsubscriber redirect_template_name Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 173: Configuring Web Logon
<http-redirect-policy> Configuring Web Logon Perform this task to configure Web Logon. As an example, a timer defines the maximum time permitted for authentication. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 174 IP_UNAUTH_COND Step 3 match timer name Configures a match criteria for the class along with timer details. Example: RP/0/RSP0/CPU0:router(config-cmap)# match timer AUTH_TIMER Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 175 Configures the class to which the subscriber is to be matched. When there is a match, execute all actions that follow, until a failure is encountered. Example: RP/0/RSP0/CPU0:router(config-pmap-e)# class type control subscriber class-default do-until-failure Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 176 • Yes— Saves configuration changes and exits the configuration session. • No—Exits the configuration session without committing the configuration changes. • Cancel—Remains in the configuration mode, without committing the configuration changes. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 177: Additional References
MIBs Link To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL: http://www.cisco.com/go/mibs Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 178 Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 179: Xml Support For Bng Features
Cisco IOS XR XML API Guide listed at http://www.cisco.com/en/US/products/ps9853/ products_programming_reference_guides_list.html. The Cisco XML API uses XML commands to configure the router. The following sections list the supported XML commands for the BNG features. • AAA XML Support, page 169 •...
Page 180 AAA.RADIUS.DynamicAuthorization.ClientTable.Client.ServerKey dynamic-author client <ip-address> vrf <vrf-name> server-key {0 | 7 | LINE} aaa server radius AAA.RADIUS.DynamicAuthorization.Ignore dynamic-author ignore {server key | session key } Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 181 AAA.ServerGroups.RADIUSServerGroupTable.RADIUSServerGroup.Accounting.Request radius <group-name> { accounting } { accept | request} <name> aaa group server AAA.ServerGroups.RADIUSServerGroupTable.RADIUSServerGroup.Accounting.Reply radius <group-name> { accounting } { reply | reject} <name> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 182: Dhcp Xml Support
It allows the management clients to perform client bindings based on Circuit-ID, Remote-ID, Mac-Address, user profile information, and DHCPv4 proxy statistics. The mapping between CLI and XML entries for the DHCP commands are as follows: Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 183 HelperAddressTable.HelperAddress helper-address [vrf <name>] DHCPv4.ProfileTable.Profile.Proxy.ClassTable.Class.Match.VRF <server-ip-addr> DHCPv4.ProfileTable.Profile.Proxy.ClassTable.Class.Match.Option [ giaddr <ip-addr> match vrf <name> match option [ 124 | 125 | 60 | 77 ] hex Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 184 <addr> location <locationSpecifier> show dhcp ipv4 DHCPv4.NodeTable.Node.Proxy.Binding.ClientTable[DHCPv4ProxyBriefFilter] proxy binding location <locationSpecifier> show dhcp ipv4 DHCPv4.NodeTable.Node.Proxy.Binding.ClientTable.Client proxy binding detail location <locationSpecifier> show dhcp ipv4 DHCPv4.NodeTable.Node.Proxy.Binding.Summary proxy binding Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 185: Control Policy Xml Support
<policy-name> sh sub sess all Subscriber.Session.NodeTable.Node.SessionTable loc <loc> sh sub sess all Subscriber.Session.NodeTable.Node.SessionTable(SubscriberDetailAllSessionFilter) detail loc <loc> sh sub sess all Subscriber.Session.NodeTable.Node.Summary summary loc <loc> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 186 <loc> sh sub sess Subscriber.Session.NodeTable.Node.SessionTable(SubscriberStateBriefFilter) {Naming filter state State} <state> loc <loc> sh sub sess Subscriber.Session.NodeTable.Node.SessionTable(SubscriberStateDetailFilter) {Naming filter state State} <state> detail loc <loc> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 187 Subscriber.Session.NodeTable.Node.SessionTable.Session{Naming SessionID} sub-label <0-ffffffff> loc <loc> sh sub man Subscriber.Manager.NodeTable.Node.Statistics.AAA.Accounting stat AAA accounting loc <loc> sh sub man Subscriber.Manager.NodeTable.Node.Statistics.AAA.AggregateAccounting stat AAA accounting total loc <loc> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 188: Daps Xml Support
VRF and pool name. The mapping between CLI and XML entries for the DAPS commands are as follows: Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 189 <vrf-name> PoolService.NodeTable.Node.VRFTable.VRF.IPv4 ipv4 show pool ipv4 name PoolService.NodeTable.Node.PoolTable.Pool.IPv4.Detail <poolname> show pool ipv4 name PoolService.NodeTable.Node.PoolTable.Pool.IPv4.Verbose <poolname> verbose show pool ipv4show pool PoolService.NodeTable.Node.VRFTable vrf all ipv4 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 190: Subscriber Database Xml Support
Subscriber.Database.NodeTable.Node.Session(SubscriberDatabaseSessionStateFilter){Naming session state <all| cfgapply Session-State} |cfgdone |cfggen |cfgunapply |destroying |error |fatgen |init |sync> show subscriber database Subscriber.Database.NodeTable.Node.Session.LabelTable.Label{Naming session subscriber-label <> SubscriberLabel} location <> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 191 Subscriber.Database.NodeTable.Node.Association[SubscriberTemplateType(Naming ipsubscriber brief location TemplateType] R/S/M association type Subscriber.Database.NodeTable.Node.Association[SubscriberTemplateType(Naming ipsubscriber brief TemplateType] association type Subscriber.Database.NodeTable.Node.Association[SubscriberTemplateType(Naming ipsubscriber location TemplateType] R/S/M association type Subscriber.Database.NodeTable.Node.Association[SubscriberTemplateType(Naming ipsubscriber TemplateType] Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 192 Subscriber.Database.NodeTable.Node.Association[SubscriberTemplateType(Naming user-profile TemplateType] association brief location Subscriber.Database.NodeTable.Node.Association.LabelTable.Label R/S/M association brief Subscriber.Database.NodeTable.Node.Association.LabelTable.Label association location R/S/M Subscriber.Database.NodeTable.Node.Association.LabelTable.Label association Subscriber.Database.NodeTable.Node.Association.LabelTable.Label session subscriber-label Subscriber.Database.NodeTable.Node.Session.LabelTable.Label <0x0-0xffffffff> location R/S/M Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 193 State] session state cfgunapply Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming State] session state cfgerror Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming location R/S/M State] session state cfgerror Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming State] session state error location Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming R/S/M State] Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 194 State] session state sync location Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming R/S/M State] session state sync Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming State] session state all location Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming R/S/M State] session state all Subscriber.Database.NodeTable.Node.Session[SubscriberSessionStateFilter(Naming State] Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 195: Radius Attributes
IETF attribute and encapsulate it behind attribute 26; thus, the newly created attribute is accepted if the user accepts attribute 26. Table 5: Supported RADIUS IETF Attributes Name Value Type Acct-Authentic integer Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 196 Framed-Route "string" login-ip-addr-host ipv4addr Multilink-Session-ID string Nas-Identifier string NAS-IP-Address ipv4addr NAS-Port integer Reply-Message binary Service-Type integer Tunnel-Assignment-Id string Tunnel-Packets-Lost integer X-Ascend-Client-Primary-DNS ipv4addr X-Ascend-Client-Secondary-DNS ipv4addr Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 197: Radius Vendor-Specific Attributes
"cisco-avpair." The value is a string of this format: protocol : attribute sep value * "Protocol" is a value of the Cisco "protocol" attribute for a particular type of authorization; protocols that can be used include IP, IPX, VPDN, VOIP, SHELL, RSVP, SIP, AIRNET, OUTBOUND. "Attribute" and "value"...
Page 198 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 199 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 200 Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 201: Vendor-Specific Attributes For Account Operations
Attainable-Data-Rate-Downstream integer Attainable-Data-Rate-Upstream integer Agent-Circuit-Id string IWF-Session boolean social Maximum-Interleaving-Delay-Downstream integer Maximum-Interleaving-Delay-Upstream integer Maximum-Data-Rate-Downstream integer Maximum-Data-Rate-Upstream integer Minimum-Data-Rate-Downstream integer Minimum-Data-Rate-Downstream-Low-Power integer Minimum-Data-Rate-Upstream integer Minimum-Data-Rate-Upstream-Low-Power integer Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 202: Radius Ascend Attributes
If the session is not authenticated, the attribute can cause stop records to be generated without first generating start records. lists the cause codes, values, and descriptions for the Disconnect-Cause (195) attribute. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 203 Disconnect due to exiting Telnet session. No-Remote-IP-Addr Could not switch to SLIP/PPP; the remote end has no IP address. Exit-Raw-TCP Disconnect due to exiting raw TCP. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 204 Tables-Full Disconnect due to full terminal server tables. Resources-Full Disconnect due to full internal resources. Invalid-IP-Address IP address is not valid for Telnet host. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 205 Disconnected by local hangup. Remote-Hangup Disconnected by remote end hangup. T1-Quiesced Disconnected because T1 line was quiesced. Call-Duration Disconnected because the maximum duration of the call was exceeded. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 206 Code is sent when there are active sessions in a tunnel and the tunnel goes down. This code is not sent when Note tunnel authentication fails. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 207 Code is sent when a call has been refused due to any of the soft shutdown restrictions previously mentioned. VPN-Call-Redirect VPN call redirect is enabled. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 208 RADIUS Attributes RADIUS Disconnect-Cause Attributes Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 209: Action Handlers
PRE action handler to complete the event processing. The configuration example is as follows: 1 authenticate aaa list <list-name> Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 210 There are two methods to stop an active timer: • Allow the timer to expire. • Stop the active running timer using the stop-timer action command. Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02...
Page 211 11, 14, 21, 23, 24 Authorization configuring aaa attribute format authorization-no-response configuring method lists for subscriber authentication configuring RADIUS Attribute formatting configuring RADIUS Attribute list Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02 IN-1...
Page 212 RADIUS Attribute formatting hqos correlation configuring RADIUS Attribute list http destinations with or without redirection configuring RADIUS server group Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x IN-2 OL-26148-02...
Page 213 142, 151 hqos correlation igmp accounting radius load balancing RADIUS 11, 13, 15, 185 attributes NAS-Port-ID method list Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x OL-26148-02 IN-3...
Page 214 147, 151 vendor-specific attributes server group service-policy input command service-policy type control subscriber command service-stop session-activate weighted queue limit session-limit command session-start Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release 4.2.x IN-4 OL-26148-02...

Cisco ASR 9000 Series Configuration Manual

CHAPTER 1 Broadband Network Gateway Overview

CHAPTER 2 Configuring Authentication, Authorization, and Accounting Functions

CHAPTER 3 Activating Control Policy

CHAPTER 4 Establishing Subscriber Sessions

CHAPTER 5 Deploying the Quality of Service (Qos)

CHAPTER 6 Configuring Subscriber Features

Appendix A

XML Support for BNG Features

Appendix B

RADIUS Attributes

Action Handlers

Quick Links

Related Manuals for Cisco ASR 9000 Series

Summary of Contents for Cisco ASR 9000 Series

Table of Contents