If you want to steer specific traffic, or otherwise regulate certain types of
traffic, you need to have developed enforcement policies.
To provision subscribers dynamically through a separate PCRF, you create listeners
that specify how to handle traffic for policy enforcement. Creating a listener provides
preliminary setup on the BIG-IP® system for application visibility,
intelligent steering, bandwidth management, reporting, and other features.
-
On the Main tab, click .
The Listeners screen opens.
-
Click Data Plane.
The Data Plane screen opens.
-
Click Add Group.
The New Virtual Group screen opens.
-
In the Name field, type a unique name for the listener.
-
In the Destination Address field, type the IP address of the
virtual server. For example, 10.0.0.1 or
10.0.0.0/24.
Note: When you use an IPv4 address without specifying a prefix, the BIG-IP® system automatically uses a /32
prefix.
Tip: You can use a catch-all virtual server (0.0.0.0)
to specify all traffic that is delivered to the BIG-IP® system.
Configure the source and destination setting, during forwarding mode only. In the relay
mode, the client does not have an IP address and the DHCP provides the client with an IP
address.
The system will create a virtual server using the address or network you
specify.
-
For the Service Port setting, type or select the service port
for the virtual server.
-
From the Protocol list, select the protocol of the traffic for
which to deploy enforcement policies (TCP,
UDP, or TCP and UDP).
The system will create a virtual server for each protocol specified.
-
To use network address translation, from the Source Address
Translation list, select Auto Map.
The system treats all of the self IP addresses as translation addresses.
-
For the VLANs and Tunnels setting, move the VLANs and tunnels
that you want to monitor from the Available list to the
Selected list.
-
For the VLANs and Tunnels setting, move the VLANs and tunnels
that you want to monitor for RADIUS traffic from the Available list
to the Selected list.
-
In the Policy Provisioning area, select enforcement policies to apply to the
traffic.
-
For Global Policy, move policies to apply to all subscribers
to High Precedence or Low Precedence.
Note: For URL categorization to take effect, you need to associate the
enforcement policy with a classification profile.
-
For Unknown Subscriber Policy, move policies to use if the
subscriber is unknown to Selected.
The system applies the global policy to all subscribers in parallel with the
subscriber policies, and must be configured with unknown subscriber policy.
High-precedence global policies override conflicting subscriber policies, and
low-precedence policies are overridden by conflicting subscriber policies.
When you create a listener, the Policy Enforcement Manager®
also creates virtual servers for each type of traffic (TCP, UDP, or both), and a virtual
server for the Gx interface. The system also creates a virtual server to handle HTTP
traffic. The system assigns the appropriate classification and policy enforcement
profiles to the virtual servers. If you are connecting to a RADIUS authentication
server, a virtual server for RADIUS is also added.