Version 11

SCE-PCRF Communication over Gx Protocol

1 2 3
3.1

Scope ........................................................................................................................................................ 1 References ................................................................................................................................................ 1 Definitions and abbreviations................................................................................................................... 2

Abbreviations ........................................................................................................................................................ 2

4
4.1 4.2 4.2.1 4.3 4.3.1 4.3.2 4.4 4.4.1 4.4.2

Gx reference point .................................................................................................................................... 2

Overview ............................................................................................................................................................... 2 SCE Rules ............................................................................................................................................................. 2 SCE Rule Definition........................................................................................................................................ 2 Functional elements .............................................................................................................................................. 2 PCRF ............................................................................................................................................................... 2 SCE .................................................................................................................................................................. 3 Operations over Gx reference point...................................................................................................................... 3 Request for policy/rule .................................................................................................................................... 3 Provisioning of PCC rules............................................................................................................................... 3

5
5.1 5.2 5.3 5.3.1 5.3.2 5.3.3 5.3.4 5.4 5.4.1 5.5 5.5.1 5.5.2 5.5.3 5.5.4 5.5.5 5.5.6 5.5.6

Gx protocol............................................................................................................................................... 4
Protocol support .................................................................................................................................................... 4 Initialization, maintenance and termination of connection and session .............................................................. 4 Vendor specific AVPs ........................................................................................................................................... 5 Cisco-SCA-BB-Package-Install ...................................................................................................................... 5 Cisco-SCA-BB-Real-time-monitor-Install AVP ............................................................................................ 5 Cisco-SCA-BB-Vlink-Upstream-Install AVP ................................................................................................ 6 Cisco-SCA-BB-Vlink-Downstream-Install AVP ........................................................................................... 6 Gx re-used AVPs................................................................................................................................................... 6 Radius VSA ........................................................................................................................................................... 6 Gx Messages ......................................................................................................................................................... 8 Gx Application ................................................................................................................................................ 8 CC-Request (CCR) Command ........................................................................................................................ 8 CC-Answer (CCA) Command ........................................................................................................................ 9 Re-Auth-Request (RAR) Command ............................................................................................................. 12 Re-Auth-Answer (RAA) Command ............................................................................................................. 14 Abort-Session-Request Command ................................................................................................................ 15 Abort-Session-Answer Command ................................................................................................................ 15

Appendix - Call Flows ........................................................................................................................... 17

Scope

This document is based on the 3GPPP TS 29.212 V7.2.0 document that describes the specification of the Gx reference. This document uses this base specification in order to define the interface between the Cisco SCE device and the PCRF device.

References
References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply.

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

Version 11

For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 3GPP TS 29.212: "Policy and Charging Control Over Gx Reference point". IETF RFC 4006: "Diameter Credit Control Application". IETF RFC 3588: "Diameter Base Protocol".

[1] [2] [3]

3
3.1
SCE PCRF

Definitions and abbreviations

Abbreviations
Cisco Service Control Engine Policy and Charging Rule Function

For the purpose of the present document, the following abbreviations apply:

4
4.1

Gx reference point
Overview

The Gx reference point is located between the (PCRF) and the Cisco Service Control Engine (SCE). The Gx reference point is used for provisioning Cisco SCE rules from the PCRF to the SCE.

4.2
4.2.1

SCE Rules
SCE Rule Definition

The purpose of the SCE rule is to identify subscriber related configuration, as follows: 1. package Id defines the policy that should be assigned to the subscriber. Specific rule in the policy are preprovisioned to the SCE over a separate interface. 2. monitor Activates real-time monitoring for the subscriber 3. upVlinkId defines the upstream virtual link of the subscriber. Virtual link is used to manage a group of subscribers sharing a resource. 4. downVlinkId defines the downstream virtual link of the subscriber. Virtual link is used to manage a group of subscribers sharing a resource. 5. Radius VSA Only in pull mode.

4.3
4.3.1

Functional elements
PCRF

The PCRF (Policy Control and Charging Rules Function) is a functional element that encompasses policy control decision. The PCRF shall provision SCE Rules to the SCE via the Gx reference point. The SCE Rule decision may be based on one or more of the following:

Version 11

Subscriber related Information obtained from the SCE via the Gx reference point, e.g. Subscriber-ID or IPaddress.

4.3.2

SCE

The Cisco SCE platform is a hardware accelerated, deep packet inspection device. In a service creation scenario, the SCE platform is deployed inline on the subscriber IP data path, providing deep packet inspection and application/protocol recognition along with the enforcement of the relevant policies, per subscriber, according to the customer business logic. The SCE should get the per subscriber policy via the Gx reference point.

4.4
4.4.1

Operations over Gx reference point

Request for policy/rule

The SCE shall indicate, via the Gx reference point, a request for SCE rule in the following instances. 1) Here we have two options: 1. When a new subscriber is added on the SCE (login operation), the SCE shall send a CC-Request with CCRequest-Type AVP set to the value "INITIAL_REQUEST". The SCE shall supply user identification and other attributes to allow the PCRF to identify the rules to be applied. The PCRF will return CCA with policy. The CCA may contain additional AVPs. The avps are kept and can be used by other interfaces such as Gy. 2. When the SCE identifies a subscriber IP that is not assigned to any existing subscriber, the Sce shall send a CC-Request with CC-Request Type AVP set to INITIAL_REQUEST. The SCE shall supply the used IP address (no subscriber-id). The PCRF will return CCA with subscriber id,IP and policy. The CCA may contain additional AVPs. The avps are kept and can be used by other interfaces such as Gy. 2) When a subscriber is removed from the SCE (logout operation/removal due to inactivity) The SCE shall send a CC-Request with CC-Request-Type AVP set to the value "TERMINATION". The SCE shall supply user identification and other attributes to allow the PCRF to identify the rules to be terminated.

4.4.2

Provisioning of PCC rules

The PCRF shall indicate, via the Gx reference point, SCE rules to be applied at the SCE. This may be using one of the following procedures: PULL procedure(Provisioning solicited by the SCE): In response to a request for SCE rules being made by the SCE, as described in the preceding section, the PCRF shall provision SCE rules in the CC-Answer. PUSH procedure(Unsolicited provisioning): The PCRF may decide to provision SCE rules without obtaining a request from the SCE, e.g. in response to information provided to the PCRF via the Rx reference point, or in response to an internal trigger within the PCRF. To provision PCC rules without a request from the SCE, the PCRF shall include these SCE rules in an RA-Request message. No CCR/CCA messages are triggered by this RA-Request.

For each request from the SCE or upon the unsolicited provision the PCRF must provision one or more of the following rules: policy rule, subscriber monitor, link upstream and vlink downstream The rules will be defined by new vendor specific AVPs. To modify an already installed SCE rule, the PCRF should send a RAR with the updated rules . If an SCE rule with the same rule name, as supplied in the already exists at the SCE, the new SCE rule shall update the currently installed rule. Any attribute in the existing SCE rule not included in the new SCE rule definition shall remain valid.

Version 11

If the provisioning of SCE rules fails, PCRF will be informed. It will be done by means of a new CCR command (if the installation/activation failed using a PULL mode) or in the RAA command. In case the provisioning fails on CCA, for example, illegal package id was handed in the CCA, the SCE close the Gx session and will retry to open it later. The CCR retries are done after 15 seconds,30 seconds, 60 seconds and then every 2 minutes. Rejecting or blocking a subscriber should be done by returning a blocking package id and not by returning error,, which will cause the subscriber to remain anonymous and run on the default package. When the failed provision was initiated by RAR, the SCE will return RAA with a corresponding ERROR message. Push logout using ASR. The PCRF may send ASR on session-id. If such session exists the subscriber will be logged out and the session will be closed. The SCE waits for the subscriber traffic to end before logout completes, although the Gx session is closed immediately, on the detection of new flow the SCE will try to open new Gx session. Of course, this is not a normal behaviour, as it expected the ASR will be sent only upon a real logout of the subscriber from the network.

5
5.1

Gx protocol
Protocol support

The Gx protocol in the present release is based on Gx protocol defined for Release 7 as specified in 3GPP TS 29.212 V7.2[2] The Gx application is defined as a vendor specific Diameter application, where the vendor is 3GPP and the ApplicationID for the Gx Application in the present release 16777238. The vendor identifier assigned by IANA to 3GPP (http://www.iana.org/assignments/enterprise-numbers) is 10415. NOTE: A route entry can have a different destination based on the application identification AVP of the message. Therefore, Diameter agents (relay, proxy, redirection, translation agents) must be configured appropriately to identify the 3GPP Gx application within the Auth-Application-Id AVP in order to create suitable routeing tables.

Editor's note: Following text may need to be added if IETF does not solve the Auth-Application AVP problem by the time this application is approved: Due to the definition of the commands used in Gx protocol, there is no possibility to skip the AuthApplication-Id AVP and use the Vendor-Specific-Application-Id AVP instead. Therefore the Gx application identification shall be included in the Auth-Application-Id AVP. With regard to the Diameter protocol defined over the Gx interface, the PCRF acts as a Diameter server, in the sense that it is the network element that handles SCE Rule requests for a particular realm. The SCE acts as the Diameter client, in the sense that is the network element requesting SCE rules in the transport plane network resources.

5.2

Initialization, maintenance and termination of connection and session

The initialization and maintenance of the connection between each PCRF and SCE pair is defined by the underlying protocol. Establishment and maintenance of connections between Diameter nodes is described in RFC 3588 [5]. After establishing the transport connection, the PCRF and the SCE shall advertise the support of the Gx specific Application by including the value of the application identifier in the Auth-Application-Id AVP and the value of the 3GPP (10415) in the Vendor-Id AVP of the Vendor-Specific-Application-Id AVP contained in the Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands. The Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands are specified in the Diameter Base Protocol (RFC 3588 [5]). The termination of the Diameter user session is specified in RFC 3588 [5] in clauses 8.4 and 8.5. The description of how to use of these termination procedures in the normal cases is embedded in the procedures description.

Version 11

Gx session is identified by a unique session id as define by RFC 3588[5] in clause 8.8.

5.3

Vendor specific AVPs

Table 5.3.1 describes the Vendor specific Diameter AVPs defined for the Gx reference point, their AVP Code values, types, possible flag values and whether or not the AVP may be encrypted. The Vendor-Id header of all AVPs defined in the present document shall be set to Cisco (9).

Table 5.3.1: Gx specific Diameter AVPs

AVP Flag rules (note 1) Attribute Name Cisco-SCA-BB-Package-Install Cisco-SCA-BB-Real-timemonitor-Install Cisco-SCA-BB-VlinkUpstream-Install Cisco-SCA-BB-VlinkDownstream-Install AVP Code 1000 1001 1002 1003 Clause defined 5.3.1 5.3.2 5.3.3. 5.3.4 Value Type (note 2) Uint32 Uint32 Uint32 Uint32 Must V V V V May P P P P Should not Must not M M M M May Encr Y Y Y Y Acc. type All All All All

NOTE 1: The AVP header bit denoted as 'M', indicates whether support of the AVP is required. The AVP header bit denoted as 'V', indicates whether the optional Vendor-ID field is present in the AVP header. For further details, see RFC 3588 [4].

NOTE 2: The value types are defined in RFC 3588 [4].

5.3.1

Cisco-SCA-BB-Package-Install

The Cisco-SCA-BB-Package-Install AVP (AVP code 1001) is of type Uint32, and it is used to activate SCE package as instructed from the PCRF to the SCE. Defines the policy that will be assigned to the subscriber. AVP can be used to either install or update package ID to a subscriber.

5.3.2

Cisco-SCA-BB-Real-time-monitor-Install AVP

The Cisco-SCA-BB-Real-time-monitor-Install (AVP code 1002) is of type Uint32, and it defines the SCE real time monitor rule sent by the PCRF to the SCE. Activates and deactivates real-time monitoring for the subscriber. Activate by sending a 1 and deactivate by sending a 0. Other values will fail and would be treated as error.

Version 11

5.3.3

Cisco-SCA-BB-Vlink-Upstream-Install AVP

Cisco-SCA-BB-Vlink-Downstream-In (AVP 1003) is of type Uint32, and it defines the Vlink Downstream rule sent by the PCRF to the SCE. defines the upstream virtual link which the subscriber is assigned to. Virtual link is used to manage a group of subscribers sharing a resource. AVP can be used to either install or update Vlink downstream to a subscriber.

5.3.4

Cisco-SCA-BB-Vlink-Downstream-Install AVP

Cisco-SCA-BB-Vlink-Downstream-In (AVP 1004) is of type Unsigned32, and it defines the Vlink Downstream rule sent by the PCRF to the SCE. defines the downstream virtual link which the subscriber is assigned to. Virtual link is used to manage a group of subscribers sharing a resource AVP can be used to either install or update Vlink upstream to a subscriber.

5.4

Gx re-used AVPs

Table 5.4 lists the Diameter AVPs re-used by the Gx reference point from existing Diameter Applications, reference to their respective specifications and short description of their usage within the Gx reference point. Other AVPs from existing Diameter Applications, except for the AVPs from Diameter base protocol, do not need to be supported. The AVPs from Diameter base protocol are not included in table 5.4, but they are re-used for the Gx reference point. Where 3GPP Radius VSAs are re-used, they shall be translated to Diameter AVPs as described in RFC 4005 [12] with the exception that the 'M' flag shall be set and the 'P' flag may be set. Table 5.4: Gx re-used Diameter AVPs
Attribute Name Reference Description The number of the request for mapping requests and answers The type of the request (initial, update, termination) The IPv4 address allocated for the user. The Subscriber Id as defined in the PCRF, USER_E164. Acc. type All All All All

CC-RequestIETF RFC 4006 [9] Number CC-Request-Type IETF RFC 4006 [9] Framed-IP-Address IETF RFC 4005 [12] Subscription-ID IETF RFC 4006

5.4.1

VSA

Table 5.4.1 list the VSA AVPs that can be returned over CCA and RAR messages. Message formats are specified in sections 5.5.3.1, 5.5.3.2 and 5.5.4. Table 5.4.1: Gx re-used Diameter AVPs
Attribute Name PSInforamtion Reference TS 32.299 Description Grouped Avp holding the above avps Acc. type All

Table 5.4.2: Supported VSA AVPs

Attribute Name 3GPP-Charging-Characteristics 3GPP-CG-Address CG-Address 3GPP-Charging-Id AVP Code 13 4 846 2 Vendor Id 10415 10415 10415 10415 TS 32.299 TS 29.061 Reference TS 29.061 Value Type UTF8String Address Address Unsigned32

Version 11

3GPP-GGSN-Address 3GPP-GGSN-MCC-MNC 3GPP-GPRS-QoS-Negotiated-Profile

7 9 5

10415 10415 10415 TS 29.061

Address UTF8String UTF8String

3GPP-IMEISV 3GPP-IMSI 3GPP-MS-TimeZone 3GPP-NSAPI 3GPP-PDP-Type 3GPP-RAT-Type 3GPP-Selection-Mode 3GPP-SGSN-Address 3GPP-SGSN-MCC-MNC 3GPP-User-Location-Info GGSN-Address SGSN-Address Acct-Multi-Session-ID Acct-Session-ID Acct-Session-Time Called-Station-ID Calling-Station-ID Class CUI Framed IP Address NAS-Identifier NAS-IP-Address NAS-Port-Type User-Name WiMax-Active-Time WiMax-BSID

20 1 23 10 3 21 12 6 18 22 847 1228 50 44 46 30 31 25 89 8 32 4 61 1 39 46

10415 10415 10415 10415 10415 10415 10415 10415 10415 10415 10415 10415 24757 24757 TS 29.061 TS 29.061 TS 32.299 TS 32.299 TS 29.061 TS 29.061 TS 29.061 TS 29.061

UTF8String UTF8String OctetString UTF8String Unsigned32 OctetString UTF8String Address UTF8String OctetString Address Address UTF8String UTF8String Unsigned32

IETF RFC 4005 IETF RFC 4005

OctetString OctetString OctetString UTF8String Address OctetString Address

IETF RFC 4005

Unsigned32 OctetString Unsigned32 UTF8String

Version 11

This initial set may be extended in the future.

5.5
5.5.1

Gx Messages
Gx Application

Gx Messages are carried within the Diameter Application(s) described in clause 5.1. Existing Diameter command codes from the Diameter base protocol RFC 3588 [5] and the Diameter Credit Control Application RFC 4006 [9] are used with the Gx specific AVPs specified in clause 5.3. The Diameter Credit Control Application AVPs and AVPs from other Diameter applications that are re-used are defined in clause 5.4. Due to the definition of these commands there is no possibility to skip the Auth-Application-Id AVP and use the Vendor-SpecificApplication-Id AVP instead. Therefore the Gx application identifier shall be included in the Auth-Application-Id AVP. In order to support both PULL and PUSH procedures, a diameter session needs to be established for each subscriber. NOTE: Some of the AVPs included in the messages formats below are in bold to highlight that these AVPs are used by this specific protocol and do not belong to the original message definition in the DCC Application RFC 4006 [9] or Diameter Base Protocol RFC 3588 [5].

5.5.2

CC-Request (CCR) Command

The CCR command, indicated by the Command-Code field set to 272 and the 'R' bit set in the Command Flags field, is sent by the SCE to the PCRF in order to request SCE rules for a subscriber. The CCR command is also sent by the SCE to the PCRF in order to indicate termination of the subscriber. Message Format:
<CC-Request> ::= < < { { { { { { [ [ [ Diameter Header: 272, REQ, PXY > Session-Id > Auth-Application-Id } Origin-Host } Origin-Realm } Destination-Realm } CC-Request-Type } CC-Request-Number } Destination-Host ] Framed-IP-Address ] Subscription-Id ]

Auth-Application-Id is set to the application ID of the Gx protocol. Origin-Host is set to the SCE host id (its ip). Origiin-Realm is set to SCE defined realm. Destination-Host and Destination-Realm defines the PCRF destination. The destination host is not mandatory; it depends on the SCE and PCRF configurations. CC-Request-Type is set to Initial on session creation (SCE login) and Termination on session termination (SCE logout). CC-Request-Number is a unique number within a session-id.

Framed-IP-Address and Subscription-Id will be sent depending on the use case. Use case 1: login mode. The CCR will include both parameters Framed-IP-Address is the IP address of the subscriber (Will not be sent on TERMINATE) Subscription-Id is set to the subscriber-ID used by the SCE.(For example IMSI/MSISDN) The subscription-Id will be introduced to the SCE by different api. Use case 2: Pull mode. CCR will include only Framed-IP-Address Avp. The Subscription-Id will be returned as part of the CCA. Framed-IP-Address is the IP address of the subscriber. In this mode the Gx interface is also used to introduce the subscribers to the SCE. Sample Message Login mode:
Version = 1

Version 11

Message Length = XXX Command Flags = REQ, PXY Command Code = Credit-Control-Request (272) Application Id = 16777238 AVPs Session-Id = 12321;16777216;12312312 Auth-Application-Id = 16777238 Origin-Host = 10.101.23.34 Origin-Realm = sce Destination-Realm = att.com Destination-Host = PCRF host CC-Request-Type = INITIAL_REQUEST (1) CC-Request-Number = 0 Framed-IP-Address = 10.10.1.10 Subscription-Id = Subscription-Id-Type = END_USER_E164 (0) Subscription-Id-Value = 1110123456

Sample Message Pull mode:

Version = 1 Message Length = XXX Command Flags = REQ, PXY Command Code = Credit-Control-Request (272) Application Id = 16777238 AVPs Session-Id = 12321;16777216;12312312 Auth-Application-Id = 16777238 Origin-Host = 10.101.23.34 Origin-Realm = sce Destination-Realm = att.com Destination-Host = PCRF host CC-Request-Type = INITIAL_REQUEST (1) CC-Request-Number = 0 Framed-IP-Address = 10.10.1.10

5.5.3

CC-Answer (CCA) Command

5.5.3.1 CCA Initial

The CCA command, indicated by the Command-Code field set to 272 and the 'R' bit cleared in the Command Flags field, is sent by the PCRF to the SCE in response to the CCR command. It is used to provision SCE rules and event triggers for the subscriber. Message Format:
<CC-Answer> ::= < < { { { { { [ Diameter Header: 272, PXY > Session-Id > Auth-Application-Id } Origin-Host } Origin-Realm } CC-Request-Type } CC-Request-Number } Subscription-Id ] [ Subscription-Id-Type ] [ Subscription-Id_Data ] Result-Code ] Experimental-Result ] Cisco-SCA-BB-Package-Install ] Cisco-SCA-BB-Real-time-monitor ] Cisco-SCA-BB-Vlink-Upstream-Install ] Cisco-SCA-BB-Vlink-Downstream-Install ] PS-Information ] [GGSN-Address] [SGSN-Address] [CG-Address]

[ [ [ [ [ [ [

Version 11

10
[3GPP-Charging-Id] [Called-Session-Id] [3GPP-GPRS-QoS-Negotiated-Profile] [3GPP-PDP-Type] [3GPP-SGSN-MCC-MNC] [3GPP-GGSN-MCC-MNC] [3GPP-Charging-Characteristics] [3GPP-RAT-Type] [3GPP-Selection-Mode] [3GPP-NSAPI] [3GPP-MS-Timezone] [3GPP-User-Location-Info] [Acct-Multi-Session-ID] [Acct-Session-ID] [Acct-Session-Time] [Calling-Station-ID] [Class] [CUI] [Framed-IP-Address] [NAS-Identifier] [NAS-IP-Address] [NAS-Port-Type] [User-Name] [3GPP-GGSN-Address] [3GPP-IMEISV] [3GPP-IMSI] [CG-Address] [3GPP-SGSN-Address] [WiMax-Active-Time] [WiMax-BSID]

Session-Id is set to the CCR Session-Id. Auth-Application-Id set to the same value as the CCR. Origin-Host set to the message generating host (PCRF which responded). Origin-Realm set to the PCRF realm CC-Request-Type and CC-Request-Number is set to the same type as in the CCR. Subscription-id contains the Subscriber-ID-Type and Subscriber-Id-Value used by the SCE. Cisco-SCA-BB-Package-Install set to the subscriber assigned package id Cisco-SCA-BB-Real-time-monitor set to real monitor activation value Cisco-SCA-BB-Vlink-Upstream-Install set to upstream vlink assigned id Cisco-SCA-BB-Vlink-Downstream-Install set to downstream vlink assigned id. For Login mode, only the Cisco-SCA-BB-Package-Install is mandatory. For Pull mode both Cisco-SCA-BB-PackageInstall and Subscription-Id Avps are mandatory. Additional attributes will be stored and can be used by other interfaces such Gy. Sample Message:
Version = 1 Message Length = XXX Command Flags = PXY Command Code = Credit-Control-Answer (272) Application Id = 16777238 AVPs Session-Id = 12321;16777216;12312312 Auth-Application-Id = 16777238 Origin-Host = PCRF host Origin-Realm = PCRF Realm CC-Request-Type = INITIAL_REQUEST (1) CC-Request-Number = 0 Subscription-Id = Subscription-Id-Type = END_USER_E164 (0) Subscription-Id-Value = 1110123456 Cisco-SCA-BB-Package-Install = 5 Cisco-SCA-BB-Real-time-monitor = 1

Error Handling:

Version 11

11

In case of a timeout event, or in the case of a CCA with an error code is returned the SCE will retry to open the session later. Session retries times are 15 seconds, 30 seconds, 60 seconds and then every 120 seconds. Rejection is not supported. In order to reject a subscriber, the PCRF should return CCA with success code and install s special package which is used for this purpose. If the user is not recognized by the PCRF server then it should return a CCA with fail code and wait for retry. Of course, it is also possible to return a success with blocking\rejecting\limiting package, and update it later, by using RAR, when the PCRF gets new information about the subscriber.

5.5.3.2 CCA Update\Terminate

The CCA command, indicated by the Command-Code field set to 272 and the 'R' bit cleared in the Command Flags field, is sent by the PCRF to the SCE in response to the CCR command. It is used to provision SCE rules and event triggers for the subscriber. Message Format:
<CC-Answer> ::= Diameter Header: 272, PXY > Session-Id > Auth-Application-Id } Origin-Host } Origin-Realm } CC-Request-Type } CC-Request-Number } Result-Code ] Experimental-Result ] Cisco-SCA-BB-Package-Install ] Cisco-SCA-BB-Real-time-monitor ] Cisco-SCA-BB-Vlink-Upstream-Install ] Cisco-SCA-BB-Vlink-Downstream-Install ] PS-Information ] [GGSN-Address] [SGSN-Address] [CG-Address] [3GPP-Charging-Id] [Called-Session-Id] [3GPP-GPRS-QoS-Negotiated-Profile] [3GPP-PDP-Type] [3GPP-SGSN-MCC-MNC] [3GPP-GGSN-MCC-MNC] [3GPP-Charging-Characteristics] [3GPP-RAT-Type] [3GPP-Selection-Mode] [3GPP-NSAPI] [3GPP-MS-Timezone] [3GPP-User-Location-Info] [Acct-Multi-Session-ID] [Acct-Session-ID] [Acct-Session-Time] [Calling-Station-ID] [Class] [CUI] [Framed-IP-Address] [NAS-Identifier] [NAS-IP-Address] [NAS-Port-Type] [User-Name] [3GPP-GGSN-Address] [3GPP-IMEISV] [3GPP-IMSI] [3GPP-CG-Address] [3GPP-SGSN-Address] [WiMax-Active-Time] [WiMax-BSID] < < { { { { { [ [ [ [ [ [ [

Session-Id is set to the CCR Session-Id. Auth-Application-Id set to the same value as the CCR. Origin-Host set to the message generating host (PCRF which responded). Origin-Realm set to the PCRF realm CC-Request-Type and CC-Request-Number is set to the same type as in the CCR. Subscription-id is set to the subscriber-ID used by the SCE. Cisco-SCA-BB-Package-Install set to the subscriber assigned package id

Version 11

12

Cisco-SCA-BB-Real-time-monitor set to real monitor activation value Cisco-SCA-BB-Vlink-Upstream-Install set to upstream vlink assigned id Cisco-SCA-BB-Vlink-Downstream-Install set to downstream vlink assigned id.
Radius VSA attriutes.

Sample Message:
Version = 1 Message Length = XXX Command Flags = PXY Command Code = Credit-Control-Answer (272) Application Id = 16777238 AVPs Session-Id = 12321;16777216;12312312 Auth-Application-Id = 16777238 Origin-Host = PCRF host Origin-Realm = PCRF Realm CC-Request-Type = UPDTAE_REQUEST (2) CC-Request-Number = 1 Subscription-Id = Subscription-Id-Type = END_USER_E164 (0) Subscription-Id-Value = 1110123456 Cisco-SCA-BB-Package-Install = 5 Cisco-SCA-BB-Real-time-monitor = 1

Error Handling: No error is supported. In case of a timeout or an error the SCE will just update the appropriate counter and close the session in case of a Terminate message.

5.5.4

Re-Auth-Request (RAR) Command

The RAR command, indicated by the Command-Code field set to 258 and the 'R' bit set in the Command Flags field, is sent by the PCRF to the SCE in order to provision SCE rules using the PUSH procedure initiate the provision of unsolicited SCE rules. It is used to provision SCE rules for the subscriber. Message Format:
<RA-Request> ::= < < { { { { { { [ [ [ [ [ Diameter Header: 258, REQ, PXY > Session-Id > Auth-Application-Id } Origin-Host } Origin-Realm } Destination-Realm } Destination-Host } Re-Auth-Request-Type } Cisco-SCA-BB-Package-Install ] Cisco-SCA-BB-Real-time-monitor ] Cisco-SCA-BB-Vlink-Upstream-Install ] Cisco-SCA-BB-Vlink-Downstream-Install ] PS-Information ] [GGSN-Address] [SGSN-Address] [CG-Address] [3GPP-Charging-Id] [Called-Session-Id] [3GPP-GPRS-QoS-Negotiated-Profile] [3GPP-PDP-Type] [3GPP-SGSN-MCC-MNC] [3GPP-GGSN-MCC-MNC] [3GPP-Charging-Characteristics] [3GPP-RAT-Type] [3GPP-Selection-Mode] [3GPP-NSAPI] [3GPP-MS-Timezone] [3GPP-User-Location-Info] [Acct-Multi-Session-ID] [Acct-Session-ID] [Acct-Session-Time]

Version 11
[Calling-Station-ID] [Class] [CUI] [Framed-IP-Address] [NAS-Identifier] [NAS-IP-Address] [NAS-Port-Type] [User-Name] [3GPP-GGSN-Address] [3GPP-IMEISV] [3GPP-IMSI] [3GPP-CG-Address] [3GPP-SGSN-Address] [WiMax-Active-Time] [WiMax-BSID]

13

Same behaviour as in CCA initial..

Version 11

14

Sample Message:
Version = 1 Message Length = XXX Command Flags = REQ, PXY Command Code = Re-Auth-Request (258) Application Id = 16777238 AVPs Session-Id = gx_sce.cisco.com;0;XXXXXX;10.10.1.10 Auth-Application-Id = 16777238 Origin-Host = PCRF Host Origin-Realm = PCRF Realm Destination-Realm = SCE Realm Destination-Host = SCE Host Re-Auth-Request-Type= AUTHORIZE_ONLY (0) Framed-IP-Address = 10.1.1.1 Cisco-SCA-BB-Package-Install = 5

5.5.5

Re-Auth-Answer (RAA) Command

The RAA command, indicated by the Command-Code field set to 258 and the 'R' bit cleared in the Command Flags field, is sent by the SCE to the PCRF in response to the RAR command. Message Format:
<RA-Answer> ::= < < { { [ [ Diameter Header: 258, PXY > Session-Id > Origin-Host } Origin-Realm } Result-Code ] Error-Message ]

Ssmple Message:
Version = 1 Message Length = XXX Command Flags = PXY Command Code = Re-Auth-Answer (258) Application Id = 16777238 AVPs Session-Id = gx_sce.cisco.com;0;XXXXXX;10.10.1.10 Auth-Application-Id = 16777238 Origin-Host = PCRF Host Origin-Realm = PCRF Realm Error-Code = DIAMETER_SUCCESS

Error Handling: DIAMETER_UNKNOWN_SESSION_ID will be returned if no such session id exits in the SCE db. DIAMETER_UNABLE_TO_COMPLY SCE will return the error code when RAR is received in the middle of initiating new session (CCR-I was sent). SCE can also return this error code when the update fails from unknown reason. DIAMETER_INVALID_AVP_VALUE SCE will return the code on non valid AVPs values, for example, package out of range. DIAMETER_MISSING_AVP SCE returns this error code when the RAR dont contains any valid configuration, no Cisco vendor specific and no Radius VSA.

Version 11

15

5.5.6

Abort-Session-Request Command

The Abort-Session-Request (ASR), indicated by the Command-Code set to 274 and the message flags R it set, may be sent by any server to the access device that is providing session service, to request that the session identified by the Session-Id be stopped. Message Format:
<ASR> ::= < Diameter Header: 274, PXY > < Session-Id > { Origin-Host } { Origin-Realm } { Destination-Realm } { Destination-Host } { Auth-Application-Id }

Origin-Host set to the message generating host (i.e. PCRF). Origin-Realm set to the PCRF realm Destination Host set to the SCE host handling the subscriber session Destination Realm set to the realm of the SCE host handling the subscriber session Auth-Application-Id is set to the application ID of the Gx protocol. Sample Message:
Version = 1 Message Length = XXX Command Flags = REQ, PXY Command Code = Abort-Session-Request (274) Application Id = 16777238 AVPs Session-Id = gx_sce.cisco.com;0;XXXXXX;10.10.1.10 Auth-Application-Id = 16777238 Origin-Host = PCRF Host Origin-Realm = PCRF Realm Destination-Realm = att.com Destination-Host = PCRF host Auth=Application-id = 16777238

5.5.6

Abort-Session-Answer Command

The Abort-Session-Answer (ASA), indicated by the Command-Code set to 274 and the message flags' 'R' bit clear, is sent in response to the ASR. The Result-Code AVP MUST be present, and indicates the disposition of the request. If the session identified by Session-Id in the ASR was successfully terminated, Result-Code is set to DIAMETER_SUCCESS. If the session is not currently active, Result-Code is set to DIAMETER_UNKNOWN_SESSION_ID. If the access device does not stop the session for any other reason, ResultCode is set to DIAMETER_UNABLE_TO_COMPLY. The SCE will try to comply only in pull mode. Message Format:
<ASA> ::= < Diameter Header: 274, PXY > < Session-Id > { Result-Code } { Origin-Host } { Origin-Realm } [ Error-Message]

Result-Code see above. Origin-Host is set to the SCE host id (its ip). Origiin-Realm is set to SCE defined realm. Error-Message will be set with error description in case the SCE unable to comply.

Version 11

16

Sample Message:
Version Message Length Command Flags Command Code Application Id AVPs Session-Id Result-Code Origin-Host Origin-Realm = = = = = 1 XXX PXY Abort-Session-Answer (274) 16777238 = = = = gx_sce.cisco.com;0;XXXXXX;10.10.1.10 DIAMETER_SUCCESS PCRF Host PCRF Realm

Error Handling: DIAMETER_UNKNOWN_SESSION_ID will be returned if no such session id exits in the SCE db. DIAMETER_UNABLE_TO_COMPLY SCE will return the error code when ASR is received in the middle of ending a session (CCR-T was sent). The error code is also returned when the SCE fails to logout the subscriber from unknown reason.

Version 11

17

2 Appendix - Call Flows

Flow I : Simple Login mode Scanario.

Version 11

18

Flow II: Simple Login Scenario with updates.

The SCE sends CCR on new subscriber login. While subscribers is logged in the PCRF may send RAR to update the subscriber parameters.

Version 11

19

Flow III: Pull mode by Ip.

In this use case the SCE have no subscriber Id for the ip mapping. The subscriber Id will be returned by the PCRF

End User Traffic of an unknown IP Traverses the SCE

SCE

PCRF

CCR (Initial, IP) CCA (Sub Id, Policy, Other Rules)

User Logout PCRF is updated via management IF ASR ASA