Cisco Cisco Packet Data Gateway (PDG) Guida Alla Risoluzione Dei Problemi
Ty Interface Support
Access Gateway Functionality for IMS Authorization ▀
Cisco ASR 5000 Series Enhanced Feature Configuration Guide ▄
OL-22982-01
Access Gateway Functionality for IMS Authorization
This section describes the functionality of AGW service for IMS authorization to an IMS subscriber session in its
networks.
networks.
The AGW contains and supports the Policy Enforcement Point (PEP)/PCEF function in Service Based Local Policy
architecture and the Traffic Plane Function (TPF)/PCEF in the Flow Based charging (FBC) architecture. The individual
requirements for each of these models are described in the following sections.
architecture and the Traffic Plane Function (TPF)/PCEF in the Flow Based charging (FBC) architecture. The individual
requirements for each of these models are described in the following sections.
Policy Enforcement Point in SBLP
The Policy Enforcement Point in SBLP controls the quality of service that is provided to a combined set of IP flows.
The basic PEP functionality for SBLP support is identified as:
The basic PEP functionality for SBLP support is identified as:
Support for ―Gate‖ Functionality
Support for Bearer Authorization
Charging Correlation
Support for 'gate' Functionality
The PEP implements ―gate‖ functionality which controls the flow of packets in the user plane based on the status of the
gate. The gate operations are controlled on the basis of policy. It controls the allow and discard of IP packets in ―open‖
or ―closed‖ state of the gate. A gate applies to unidirectional flow(s) and consists of packet classifier and the associated
gate status. The gate status is updated dynamically (to open/to close) based on policy decisions from PDF. When there
are changes to a packet flow associated with an application (e.g. a mobile user puts a session on hold, or introduces a
new media flow or terminates another), these changes are communicated to PEPs.
gate. The gate operations are controlled on the basis of policy. It controls the allow and discard of IP packets in ―open‖
or ―closed‖ state of the gate. A gate applies to unidirectional flow(s) and consists of packet classifier and the associated
gate status. The gate status is updated dynamically (to open/to close) based on policy decisions from PDF. When there
are changes to a packet flow associated with an application (e.g. a mobile user puts a session on hold, or introduces a
new media flow or terminates another), these changes are communicated to PEPs.
The gating of packet flows allows the operator the ability to control the use of the relevant IP resources, depending on
the application being offered. The operator uses this capability to control the destination and source of the bearer. This
gating function helps to prevent leakage of service and denial of service attacks in the network.
the application being offered. The operator uses this capability to control the destination and source of the bearer. This
gating function helps to prevent leakage of service and denial of service attacks in the network.
Support for Bearer Authorization
The system authorizes the use of bearer resources for the IMS media flow transport purpose. To achieve this, the system
performs query and/or get unsolicited policy decision messages from the PDF. The decision messages indicate the IP
flow(s) and the max value authorized for the resource which in this context is the QoS bandwidth used by the bearer.
performs query and/or get unsolicited policy decision messages from the PDF. The decision messages indicate the IP
flow(s) and the max value authorized for the resource which in this context is the QoS bandwidth used by the bearer.
The system also enforces this limit on the usage of the bearer for the transport of the IMS application media.