Manual Chapter : Configuring Quota Management using Rating Groups

Applies To:

Show Versions Show Versions

BIG-IP PEM

  • 11.5.10, 11.5.9, 11.5.8, 11.5.7, 11.5.6, 11.5.5, 11.5.4, 11.5.3, 11.5.2, 11.5.1
Manual Chapter

Overview: Configuring quota management

You can use the Policy Enforcement Manager to provision prepaid charging per subscriber or application that communicates with the quota protocol endpoint (QPE), such as online charging system (OCS), over the 3GPP Gy interface. The Gy endpoint allows online credit control for service data flow-based charging. This type of policing is called quota management; this feature ensures that subscribers do not consume resources that are not authorized.

Task summary

About Gy support and rating groups

The Gy interface in 3GPP architecture facilitates communication between the online charging system (OCS) and the PCEF. In turn, this communication supports the advanced credit authorization and quota-specific reporting. Policy Enforcement Manager provides online credit control, through user configuration, for service data flow-based charging. The BIG-IP system logically links between Gx and Gy.

The subscriber traffic contains allocated quota that is based on applications, category, or a group of them and is measured in terms of volume, time, and events. You can create a rating group, which is the same as a quota bucket. A rating group is identified by a service-identifier AVP that gathers a set of services, which has the same costs and rating type. Once you create a rating group, you can assign it to multiple rules inside the policy. For all the traffic matching the rule, quota is consumed from this bucket to make sure there is no over-subscription of resources. For example, you can have a rating group assigned to managing video traffic of 500 MB. This rating group needs to be assigned to a rule that matches the video traffic, to ensure that there is no over-subscription of subscriber traffic.

Note: You need to assign a default rating group on your policy rule or assign a new one. The default rating group is for all traffic that does not belong to another rating group.

Creating a listener for quota management

You can create listeners that specify how to handle traffic for policy enforcement. Creating a listener does preliminary setup tasks on the BIG-IP system for application visibility, intelligent steering, bandwidth management, and reporting. You can also connect with an online charging system (OCS) over a Gy interface.
  1. On the Main tab, click Policy Enforcement > Listeners. The Listeners screen opens.
  2. Click Create. The New Listener screen opens.
  3. In the Name field, type a unique name for the listener.
  4. For the Destination setting, select Host or Network, and type the IP address or network and netmask to use.
    Tip: You can use a catch-all virtual server (0.0.0.0) to specify all traffic that is routed to the BIG-IP system.
    The system will create a virtual server using the address or network you specify.
  5. For the Service Port setting, type or select the service port for the virtual server.
  6. From the Protocol list, select the protocol of the traffic for which to deploy enforcement policies (TCP, UDP, or TCP and UDP). The system will create a virtual server for each protocol specified.
  7. To use network address translation, from the Source Address Translation list, select Auto Map. The system treats all of the self IP addresses as translation addresses.
  8. For the VLANs and Tunnels setting, move the VLANs and tunnels that you want to monitor from the Available list to the Selected list.
  9. For subscriber provisioning using RADIUS, ensure that Subscriber Identity Collection is set to RADIUS.
  10. For the VLANs and Tunnels setting, move the VLANs and tunnels that you want to monitor for RADIUS traffic from the Available list to the Selected list.
  11. In the Policy Provisioning area, select enforcement policies to apply to the traffic.
    1. For Global Policy, move policies to apply to all subscribers to High Precedence or Low Precedence.
      Note: For URL categorization to take effect, you need to associate the enforcement policy with a classification profile.
    2. For Unknown Subscriber Policy, move policies to use if the subscriber is unknown to Selected.
    The system applies the global policy to all subscribers in parallel with the subscriber policies, and must be configured with unknown subscriber policy. High-precedence global policies override conflicting subscriber policies, and low-precedence policies are overridden by conflicting subscriber policies.
  12. To connect to a PCRF, from the Diameter Endpoint list, select Enabled and select Gy from the Supported Apps options.
  13. In the Product Name field, type the product name which is used to communicate with the OCS.
  14. In the Origin Host field, type the fully qualified domain name of the OCS, for example, ocs.xnet.com.
  15. In the Origin Realm field, type the realm name or network in which the OCS resides, for example, xnet.com.
  16. In the Destination Host field, type the destination host name of the OCS, for example, ocsdest.net.com.
  17. In the Destination Realm field, type the realm name or network of the OCS, for example, net.com.
  18. For the Pool Member Configuration setting, add the OCS servers that are to be members of the Gy endpoint pool. Type the Member IP Address and Port number, then click Add.
  19. In the Message Retransmit Delay field, type the number of milliseconds to wait before retransmitting unanswered messages in case of failure from the BIG-IP system to the OCS over the Gy interface. The default value is 1500.
  20. In the Message Max Retransmit field, type the maximum number of times that messages can be retransmitted from the BIG-IP system to the OCS. The default value is 2.
  21. In the Fatal Grace Time field, type the time period in seconds that a diameter connection can remain disconnected before the system terminates all sessions associated with that diameter endpoint. The default value is 500.
  22. Click Finished. The Policy Enforcement Manager creates a listener, and displays the listener list.
When you create a listener, the Policy Enforcement Manager also creates virtual servers for each type of traffic (TCP, UDP, or both), and a virtual server for HTTP traffic. The system enables classification and assigns the appropriate policy enforcement profile to the virtual servers. The system also creates a virtual server for the Gy interface with a diameter endpoint profile.

Creating rating groups

You can assign a rule to a rating group and attach it to a policy. For example, if you want to allocate quota to all the videos a subscriber uses from multiple on-demand Internet streaming media, you can specify a quota bucket that covers all the quota consumption and ensures that the consumption does not exceed the specified time or volume.
  1. On the Main tab, click Policy Enforcement > Rating Groups. The Rating Groups List screen opens.
  2. Click Create. The New Rating Group screen opens.
  3. In the Name field, type a name for the rating group.
  4. In the Description field, type optional descriptive text for the rating group.
  5. In the Rating Group ID field, type an unique identifier (integer). This Rating Group ID is used by the quota managing endpoint, such as, Gy.
  6. In the Initial Quota setting, specify Volume in octets, the initial quota to receive and send from the OCS, and the total quota volume.
  7. In the Initial Quota setting, specify Time in seconds, the initial time for quota.
  8. In the Default Quota setting, specify Volume in octets, the default quota to receive and send from the OCS, and the total quota volume.
  9. In the Threshold field, type a default threshold level you want to use for a sending quota replenishment request. The default value is 0, which indicates that there is no threshold.
  10. In the Usage Time field, type the quota for how long the traffic can be used.
  11. In the Consumption Time field, type the maximum idle time that is accounted as quota usage. This is the default value of quota for time and specifies time units for charging as well.
  12. In the Validity Time field, type the duration for which the quota is used, if the online charging system (OCS) does not specify the validity time.
  13. In the Holding Time field, type the holding time (in seconds), for which the quota is valid without any usage, if the time is not specified by the OCS.
    Note: The default values for consumption time, validity time and holding time are used, when the OCS does not specify them.
  14. From the Breach Action list, select the appropriate action to be taken when default quota expires or OCS does not provide new quota or breach action.
    Breach Action Description
    Terminate The system stops traffic when quota is breached.
    Allow The system allows traffic to go through even when the quota is breached.
    Redirect The system redirects traffic to the forwarding endpoint, when quota is breached.
  15. From the Request on Install list, select Yes if the quota has to be requested from the Gy, when the policy is installed for a subscriber. Otherwise, select No for quota to be requested when one of the applications associated with the rating group is detected.