9. application-assurance commands

Description

This command configures the method for selecting the fields to be included in the exported cflowd template.

Default

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[collector-id] number

Synopsis

Cflowd direct export collector ID

Context

configure application-assurance group number cflowd direct-export collector number

Range

1 to 65535

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

address [ip-address] (ipv4-address-no-zone | ipv6-address-no-zone) port number

Synopsis

Enter the address list instance

Context

configure application-assurance group number cflowd direct-export collector number address (ipv4-address-no-zone | ipv6-address-no-zone) port number

Tree

address

Description

Commands in this context configure the cflowd direct export collector IP address.

In the current release, the system supports IPv4 addresses only for the cflowd direct export collector.

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)

Synopsis

IP address of the remote cflowd collector host

Context

configure application-assurance group number cflowd direct-export collector number address (ipv4-address-no-zone | ipv6-address-no-zone) port number

Description

This command configures the IP address of the remote cflowd collector host.

In the current release, the system supports IPv4 addresses only for the cflowd collector host.

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port number

Synopsis

Cflowd collector host port number

Context

configure application-assurance group number cflowd direct-export collector number address (ipv4-address-no-zone | ipv6-address-no-zone) port number

Description

This command configures the UDP port number used by the remote cflowd collector host.

In the MD-CLI, the default port is 4739.

Range

1 to 65535

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Context

configure application-assurance group number cflowd direct-export vlan-id number

Tree

vlan-id

Range

1 to 4094

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

export-override

Synopsis

Enter the export-override context

Context

configure application-assurance group number cflowd export-override

Tree

export-override

Description

Commands in this context configure the AA subtype used in the cflowd record export. The cflowd statistics exported to the cflowd collector look identical to AA for the type of system defined by the mode. The following cflowd export fields are affected:

The cflowd export observation point (field 138) mode is derived from the export-override category that is selected.
The cflowd export AA_Subscriber_Type (field 12) mode is modified as configured, using existing field types.
The cflowd interface name is used as the sub-ID field, optionally modified to use the configured export-override mode and prefix for global identifiers.

All AA cflowd record types are affected by export override. To change the export override or prefix, cflowd must first be disabled. When this command is set back to the default, the prefix will also be set back to its default.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mode keyword

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

AA cflowd export override mode

Context

configure application-assurance group number cflowd export-override mode keyword

Tree

mode

Description

This command specifies the type of system emulated for the cflowd export.

Options

mobile, ifname-obfuscate

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

prefix string

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

AA group cflowd export override prefix

Context

configure application-assurance group number cflowd export-override prefix string

Tree

prefix

Description

This command specifies the prefix-string associated with the export override. The prefix string specifies up to an 8 character string. If the 8 character prefix is "ABCDEFG_" for a particular node, the cflowd export override would generate IPv4 interface names such as ABCDEFG_255.255.255.255 or IPv6 as ABCDEFG_2001:DB8:EF01:2345::/64. By default, the prefix is left blank.

String Length

1 to 8

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

obfuscation

Synopsis

Enter the obfuscation context

Context

configure application-assurance group number cflowd obfuscation

Tree

obfuscation

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aes-128-encryption-key string

Synopsis

AES-128 encryption key

Context

configure application-assurance group number cflowd obfuscation aes-128-encryption-key string

Tree

aes-128-encryption-key

Description

This command specifies the AES-128 key used to encrypt export cflowd fields.

String Length

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aes-256-encryption-key string

Synopsis

AES-256 encryption key

Context

configure application-assurance group number cflowd obfuscation aes-256-encryption-key string

Tree

aes-256-encryption-key

Description

This command specifies the AES-256 key used to encrypt exported cflowd fields.

dynamic-fields

Description

Commands in this context configure dynamic fields to be included in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the dynamic fields

Context

configure application-assurance group number cflowd rtp-performance audio-template dynamic-fields admin-state keyword

Tree

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field [field-name] string

Synopsis

Add a list entry for field

Context

configure application-assurance group number cflowd rtp-performance audio-template dynamic-fields field string

Tree

Description

This command adds a list entry for fields to include in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Cflowd template dynamic field name

Context

configure application-assurance group number cflowd rtp-performance audio-template dynamic-fields field string

Description

This command specifies the name of the field to be included in the exported cflowd template.

Common to all templates are the following values: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | hostName |hostNameExtended| deviceId | deviceMfgId | deviceOsId |ipFamily | deviceOsVer1 | deviceOsVer2 | deviceOsVer3 |anlType | anlTopology | anlCongestionState | apn | chargeId |mnc | imsi | msisdn | sgw-sgsnAddr | pgw-ggsnAddr | bsid |ratType | regionId | cellId |timeZone | aaChargingGrp |flowAttr_video | flowAttr_abr_service | flowAttr_audio |flowAttr_encrypted | flowAttr_download |flowAttr_upload |flowAttr_realtime_communication | aaSubTetheringState | imei| ipTTL | imei roamingStatus | mcc | uli |chargingChar | plmnid| customerId

When AA is deployed in FWA SR, the following value applies: ApnExtended

For the rtp-voice template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpBurstCount|rtpAvgBurstLengthMs | rtpGapCount | rtpAvgGapLengthMs |MAPDV | RBurst | RGap | SSRC

For the rtp-video template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpRefClockRate | MOSAV | VSTQ | estimatedPSNR |GoPType | avgGoPLength | avgInterIFrameGap | imageWidth| imageHeight | frameRate |slicesPerIFrame | SSRC |videoInterlaced | IFrameReceived | IFrameImpaired |PFrameReceived | PFrameImpaired | BFrameReceived |BFrameImpaired | SIFrameReceived | SIFrameImpaired |SPFrameReceived | SPFrameImpaired |frameInterArrivalJitter| IFrameInterArrivalJitter | avgFrameArrivalDelay

For the rtp-audio template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | rtpBurstCount| rtpAvgBurstLengthPkts | rtpGapCount |rtpAvgGapLengthPkts | PPDVM | rtpNumAudioChannels |rtpRefClockRate |rtpPeakAudioBw | SSRC | hostName

For volume and comprehensive templates, the following values apply: tcpSessionEstDelay | tcpRetransmittedBytes |tcpRetransmittedPackets

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field-selection keyword

Synopsis

Field selection method

Context

configure application-assurance group number cflowd rtp-performance audio-template field-selection keyword

Tree

Description

This command configures the method for selecting the fields to be included in the exported cflowd template.

Default

legacy

Options

legacy, dynamic

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-rate number

Synopsis

Cflowd flow sampling rate

Context

field [field-name] string

Synopsis

Add a list entry for field

Context

configure application-assurance group number cflowd rtp-performance video-template dynamic-fields field string

Tree

Description

This command adds a list entry for the fields to include in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Cflowd template dynamic field name

Context

configure application-assurance group number cflowd rtp-performance video-template dynamic-fields field string

Description

This command specifies the name of the field to be included in the exported cflowd template.

Common to all templates are the following values: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | hostName |hostNameExtended| deviceId | deviceMfgId | deviceOsId |ipFamily | deviceOsVer1 | deviceOsVer2 | deviceOsVer3 |anlType | anlTopology | anlCongestionState | apn | chargeId |mnc | imsi | msisdn | sgw-sgsnAddr | pgw-ggsnAddr | bsid |ratType | regionId | cellId |timeZone | aaChargingGrp |flowAttr_video | flowAttr_abr_service | flowAttr_audio |flowAttr_encrypted | flowAttr_download |flowAttr_upload |flowAttr_realtime_communication | aaSubTetheringState | imei| ipTTL | imei roamingStatus | mcc | uli |chargingChar | plmnid| customerId

When AA is deployed in FWA SR, the following value applies: ApnExtended

For the rtp-voice template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpBurstCount|rtpAvgBurstLengthMs | rtpGapCount | rtpAvgGapLengthMs |MAPDV | RBurst | RGap | SSRC

For the rtp-video template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpRefClockRate | MOSAV | VSTQ | estimatedPSNR |GoPType | avgGoPLength | avgInterIFrameGap | imageWidth| imageHeight | frameRate |slicesPerIFrame | SSRC |videoInterlaced | IFrameReceived | IFrameImpaired |PFrameReceived | PFrameImpaired | BFrameReceived |BFrameImpaired | SIFrameReceived | SIFrameImpaired |SPFrameReceived | SPFrameImpaired |frameInterArrivalJitter| IFrameInterArrivalJitter | avgFrameArrivalDelay

For the rtp-audio template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | rtpBurstCount| rtpAvgBurstLengthPkts | rtpGapCount |rtpAvgGapLengthPkts | PPDVM | rtpNumAudioChannels |rtpRefClockRate |rtpPeakAudioBw | SSRC | hostName

For volume and comprehensive templates, the following values apply: tcpSessionEstDelay | tcpRetransmittedBytes |tcpRetransmittedPackets

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field-selection keyword

Synopsis

Field selection method

Context

configure application-assurance group number cflowd rtp-performance video-template field-selection keyword

Tree

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the dynamic fields

Context

configure application-assurance group number cflowd rtp-performance voice-template dynamic-fields admin-state keyword

Tree

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field [field-name] string

Synopsis

Add a list entry for field

Context

configure application-assurance group number cflowd rtp-performance voice-template dynamic-fields field string

Tree

Description

This command adds a cflowd record field to the list included in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Cflowd template dynamic field name

Context

configure application-assurance group number cflowd rtp-performance voice-template dynamic-fields field string

Description

This command specifies the name of the field to be included in the exported cflowd template.

Common to all templates are the following values: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | hostName |hostNameExtended| deviceId | deviceMfgId | deviceOsId |ipFamily | deviceOsVer1 | deviceOsVer2 | deviceOsVer3 |anlType | anlTopology | anlCongestionState | apn | chargeId |mnc | imsi | msisdn | sgw-sgsnAddr | pgw-ggsnAddr | bsid |ratType | regionId | cellId |timeZone | aaChargingGrp |flowAttr_video | flowAttr_abr_service | flowAttr_audio |flowAttr_encrypted | flowAttr_download |flowAttr_upload |flowAttr_realtime_communication | aaSubTetheringState | imei| ipTTL | imei roamingStatus | mcc | uli |chargingChar | plmnid| customerId

When AA is deployed in FWA SR, the following value applies: ApnExtended

For the rtp-voice template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpBurstCount|rtpAvgBurstLengthMs | rtpGapCount | rtpAvgGapLengthMs |MAPDV | RBurst | RGap | SSRC

For the rtp-video template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpRefClockRate | MOSAV | VSTQ | estimatedPSNR |GoPType | avgGoPLength | avgInterIFrameGap | imageWidth| imageHeight | frameRate |slicesPerIFrame | SSRC |videoInterlaced | IFrameReceived | IFrameImpaired |PFrameReceived | PFrameImpaired | BFrameReceived |BFrameImpaired | SIFrameReceived | SIFrameImpaired |SPFrameReceived | SPFrameImpaired |frameInterArrivalJitter| IFrameInterArrivalJitter | avgFrameArrivalDelay

For the rtp-audio template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | rtpBurstCount| rtpAvgBurstLengthPkts | rtpGapCount |rtpAvgGapLengthPkts | PPDVM | rtpNumAudioChannels |rtpRefClockRate |rtpPeakAudioBw | SSRC | hostName

For volume and comprehensive templates, the following values apply: tcpSessionEstDelay | tcpRetransmittedBytes |tcpRetransmittedPackets

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field-selection keyword

Synopsis

Field selection method

Context

configure application-assurance group number cflowd rtp-performance voice-template field-selection keyword

Tree

Description

This command configures the method for selecting the fields to be included in the exported cflowd template.

Default

legacy

Options

legacy, dynamic

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

tcp-performance

Synopsis

Enter the tcp-performance context

Context

configure application-assurance group number cflowd tcp-performance

Tree

tcp-performance

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-rate number

Synopsis

Cflowd flow sampling rate

Context

field [field-name] string

Synopsis

Add a list entry for field

Context

configure application-assurance group number cflowd tcp-performance template dynamic-fields field string

Tree

Description

This command adds a list entry for fields to include in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Cflowd template dynamic field name

Context

configure application-assurance group number cflowd tcp-performance template dynamic-fields field string

Description

This command specifies the name of the field to be included in the exported cflowd template.

Common to all templates are the following values: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | hostName |hostNameExtended| deviceId | deviceMfgId | deviceOsId |ipFamily | deviceOsVer1 | deviceOsVer2 | deviceOsVer3 |anlType | anlTopology | anlCongestionState | apn | chargeId |mnc | imsi | msisdn | sgw-sgsnAddr | pgw-ggsnAddr | bsid |ratType | regionId | cellId |timeZone | aaChargingGrp |flowAttr_video | flowAttr_abr_service | flowAttr_audio |flowAttr_encrypted | flowAttr_download |flowAttr_upload |flowAttr_realtime_communication | aaSubTetheringState | imei| ipTTL | imei roamingStatus | mcc | uli |chargingChar | plmnid| customerId

When AA is deployed in FWA SR, the following value applies: ApnExtended

For the rtp-voice template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpBurstCount|rtpAvgBurstLengthMs | rtpGapCount | rtpAvgGapLengthMs |MAPDV | RBurst | RGap | SSRC

For the rtp-video template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpRefClockRate | MOSAV | VSTQ | estimatedPSNR |GoPType | avgGoPLength | avgInterIFrameGap | imageWidth| imageHeight | frameRate |slicesPerIFrame | SSRC |videoInterlaced | IFrameReceived | IFrameImpaired |PFrameReceived | PFrameImpaired | BFrameReceived |BFrameImpaired | SIFrameReceived | SIFrameImpaired |SPFrameReceived | SPFrameImpaired |frameInterArrivalJitter| IFrameInterArrivalJitter | avgFrameArrivalDelay

For the rtp-audio template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | rtpBurstCount| rtpAvgBurstLengthPkts | rtpGapCount |rtpAvgGapLengthPkts | PPDVM | rtpNumAudioChannels |rtpRefClockRate |rtpPeakAudioBw | SSRC | hostName

For volume and comprehensive templates, the following values apply: tcpSessionEstDelay | tcpRetransmittedBytes |tcpRetransmittedPackets

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field-selection keyword

Synopsis

Field selection method

Context

configure application-assurance group number cflowd tcp-performance template field-selection keyword

Tree

Description

This command configures the method for selecting the fields to be included in the exported cflowd template.

Default

legacy

Options

legacy, dynamic

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

template-retransmit number

Synopsis

Template retransmit time

Context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the dynamic fields

Context

configure application-assurance group number cflowd volume template dynamic-fields admin-state keyword

Tree

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field [field-name] string

Synopsis

Add a list entry for field

Context

configure application-assurance group number cflowd volume template dynamic-fields field string

Tree

Description

This command adds a list entry for the fields to be included in the exported cflowd template.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Cflowd template dynamic field name

Context

configure application-assurance group number cflowd volume template dynamic-fields field string

Description

This command specifies the name of the field to be included in the exported cflowd template.

Common to all templates are the following values: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | hostName |hostNameExtended| deviceId | deviceMfgId | deviceOsId |ipFamily | deviceOsVer1 | deviceOsVer2 | deviceOsVer3 |anlType | anlTopology | anlCongestionState | apn | chargeId |mnc | imsi | msisdn | sgw-sgsnAddr | pgw-ggsnAddr | bsid |ratType | regionId | cellId |timeZone | aaChargingGrp |flowAttr_video | flowAttr_abr_service | flowAttr_audio |flowAttr_encrypted | flowAttr_download |flowAttr_upload |flowAttr_realtime_communication | aaSubTetheringState | imei| ipTTL | imei roamingStatus | mcc | uli |chargingChar | plmnid| customerId

When AA is deployed in FWA SR, the following value applies: ApnExtended

For the rtp-voice template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpBurstCount|rtpAvgBurstLengthMs | rtpGapCount | rtpAvgGapLengthMs |MAPDV | RBurst | RGap | SSRC

For the rtp-video template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp |rtpRefClockRate | MOSAV | VSTQ | estimatedPSNR |GoPType | avgGoPLength | avgInterIFrameGap | imageWidth| imageHeight | frameRate |slicesPerIFrame | SSRC |videoInterlaced | IFrameReceived | IFrameImpaired |PFrameReceived | PFrameImpaired | BFrameReceived |BFrameImpaired | SIFrameReceived | SIFrameImpaired |SPFrameReceived | SPFrameImpaired |frameInterArrivalJitter| IFrameInterArrivalJitter | avgFrameArrivalDelay

For the rtp-audio template only, the following values apply: flowStartSeconds | flowDurationMilliseconds |postIpPrecedence | aaProt | aaApp | aaAppGrp | rtpBurstCount| rtpAvgBurstLengthPkts | rtpGapCount |rtpAvgGapLengthPkts | PPDVM | rtpNumAudioChannels |rtpRefClockRate |rtpPeakAudioBw | SSRC | hostName

For volume and comprehensive templates, the following values apply: tcpSessionEstDelay | tcpRetransmittedBytes |tcpRetransmittedPackets

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field-selection keyword

Synopsis

Field selection method

Context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[domain-name] string

Synopsis

DNS IP cache domain name

Context

configure application-assurance group number dns-ip-cache string dns-match domain string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

expression string

Synopsis

AA DNS domain expression to match

Context

configure application-assurance group number dns-ip-cache string dns-match domain string expression string

Tree

expression

Description

This command specifies a domain name expression string used to define a pattern match. The domain expression uses the same syntax as the expressions used in configure application-assurance group partition policy app-filter entry app-filters configuration.

String Length

1 to 255

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

trusted-server-address [dns-server-address] (ipv4-address-no-zone | ipv6-address-no-zone)

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-cache

Synopsis

Enter the ip-cache context

Context

configure application-assurance group number dns-ip-cache string ip-cache

Tree

ip-cache

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

high-watermark number

Synopsis

High watermark value for the DNS IP cache

Context

configure application-assurance group number dns-ip-cache string ip-cache high-watermark number

Tree

high-watermark

Description

This command configures the high watermark value for the DNS IP cache. When the number of cached IP addresses exceeds the threshold, the system generates a trap.

Range

0 to 100

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark value for the DNS IP cache

Context

configure application-assurance group number dns-ip-cache string ip-cache low-watermark number

Tree

Description

This command configures the low watermark value for the DNS IP cache. When the number of cached IP addresses exceeds the high watermark threshold, the system generates a trap based on the high watermark. The trap clears after the number of cached IP addresses drops below the configured low watermark value.

Range

0 to 100

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

size number

Synopsis

Maximum number of IP addresses stored in the cache

Context

configure application-assurance group number dns-ip-cache string ip-cache size number

Tree

size

Range

10 to 64000

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Administrative state of the HTTP enrichment policy

Context

configure application-assurance group number http-enrich string admin-state keyword

Tree

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number http-enrich string description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

field [field-name] string

Synopsis

Enter the field list instance

Context

configure application-assurance group number http-enrich string field string

Tree

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[field-name] string

Synopsis

Field name to insert into the HTTP header

Context

configure application-assurance group number http-enrich string field string

Description

This command specifies the field type to insert into the HTTTP header. The command must be repeated for each field to be inserted. The same field cannot be inserted twice into the header under different header names.

Note: AA can insert two copies of the following fields in the same HTTP header (with a different header name):

imei-hyphenated, imei-hyphenated-2, imsi, imsi-2, static-string, static-string-2, user-location-raw, and user-location-raw2.

The following field types are supported in any deployment:

static-string - header name for the inserted string

static-string-2 - header name for the inserted string

subscriber-id - header name for the subscriber ID

subscriber-ip - header name for the subscriber IP address

The following field types are supported in Fixed Wireless Access (FWA) deployments only:

apn - complete APN string

apn-ni - APN Network Identifier (APN-NI) used by the UE

billing-type - UE charging type (charging characteristics)

dynamic-acr - dynamic Anonymous Customer Record (ACR)

static-acr - static ACR

imei-hyphenated - subscriber IMEI with format AABBBBBB-CCCCCC-EE

imei-hyphenated-2 - subscriber IMEI with format AABBBBBB-CCCCCC-EE

imei-sv - subscriber IMEI with format AABBBBBBCCCCCCEE

imsi - subscriber IMSI

imsi-2 - subscriber IMSI

msisdn - subscriber MSISDN

msisdn-without-cc - subscriber MSISDN without a country code

pgw-ggsn-address - PGW/GGSN address serving the UE

plmn-id - Public Land Mobile Network (PLMN) ID of the SGSN/MME

rat-type - Radio Access Technology (RAT) type

timestamp - timestamp inserted in UNIX time format; for example, 1531204313

user-location - UE LOCATION (ULI)

user-location-3gpp - ULI encoded as defined in 3GPP 29.061

user-location-raw - ULI in raw format:<ULI-TYPE1>[+<ULI-TYPE2>]=<ULI HEX>

Example: x-locinfo: TAI+ECGI=1300622c46130062014adf16

user-location-raw-2 - ULI in raw format:<ULI-TYPE1>[+<ULI-TYPE2>]=<ULI HEX>

Example: x-locinfo: TAI+ECGI=1300622c46130062014adf16

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

anti-spoof boolean

Synopsis

Enable anti-spoofing

Context

configure application-assurance group number http-enrich string field string anti-spoof boolean

Tree

anti-spoof

Description

When configured to true, this command enables the HTTP header enrichment anti-spoofing functionality.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

calling-line-id boolean

Synopsis

Enable calling line identification

Context

configure application-assurance group number http-enrich string field string calling-line-id boolean

Tree

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

type keyword

Synopsis

Encoding type

Context

configure application-assurance group number http-enrich string field string encode key type keyword

Tree

type

Description

This command configures the encoding/ encryption method.

Options

md5, rc4, rc4-md5-base64

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

value string

Synopsis

Secret key for encrypting the field

Units

octets

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-host string

Synopsis

HTTP host for the HTTP error redirect object

Context

configure application-assurance group number http-error-redirect string http-host string

Tree

http-host

Description

This command specifies the HTTP hostname of the landing server (Barefruit or Xerocole). It is used in the HTTP GET operation from the client (which is being redirected) to the redirect search landing server. The hostname must contain a valid IP address or HTTP hostname or URI for the HTTP GET from the client to the landing server.

String Length

1 to 255

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

participant-id string

Synopsis

Participant ID for the HTTP error redirect object

Context

configure application-assurance group number http-error-redirect string participant-id string

Tree

participant-id

Description

This command specifies a string assigned to the operator by Barefruit. It is used by Barefruit landing servers (applies to template # 1 only).

String Length

1 to 32

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

template number

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number http-notification string description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

interval (number | keyword)

Synopsis

Minimum HTTP response notification interval

Context

configure application-assurance group number http-notification string interval (number | keyword)

Tree

interval

Range

1 to 1440

Default

one-time

Units

minutes

Options

one-time

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

script-url string

Synopsis

Script URL inserted into the HTTP response

Context

configure application-assurance group number http-notification string script-url string

Tree

script-url

Description

This command configures the URL of the script used by the HTTP notification policy.

String Length

1 to 255

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

template number

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the AA HTTP redirect object

Context

configure application-assurance group number http-redirect string admin-state keyword

Tree

default-tunnel-endpoint-limit

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

captive-redirect

Synopsis

Enter the captive-redirect context

Context

configure application-assurance group number http-redirect string captive-redirect

Tree

captive-redirect

Description

Commands in this context configure the captive redirect capability for an HTTP redirect policy. HTTP redirect policies using captive redirect can be used in conjunction with a session-filter policy to terminate TCP flows in the ISA-AA card before reaching the Internet to redirect subscribers to the predefined redirect URL.

Non-HTTP TCP flows are TCP reset. Captive redirect uses the provisioned VLAN ID to send the HTTP response to subscribers; therefore, this VLAN ID must be properly assigned in the same VPN as the subscriber.

The operator can select the URL arguments to include in the redirect URL using either a specific template ID or by configuring the redirect URL using a supported macro substitution keyword.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

vlan-id number

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

redirect-url string

Synopsis

HTTP redirect URL

Context

configure application-assurance group number http-redirect string redirect-url string

Tree

redirect-url

Description

This command configures the HTTP redirect URL which is the URL (page) that the user is redirected to when an HTTP redirect takes effect.

The operator can select the URL arguments to include in the redirect URL, using either a specific template ID or by configuring any of the following macro substitution keywords:

$URL - The Request-URI in the HTTP GET Request received
$SUB - The subscriber ID
$IP - The IP address of the subscriber host
$RTRID - The router ID
$URLPRM - The HTTP URL parameter associated with the subscriber
$MAC - The UE MAC address
$SAP - The UE SAP
$CID - The circuit ID or interface ID of the subscriber
$RID - The remote ID of the subscriber
$CATID - The URL filter web-service rating category identifier
$CATNAME - The URL filter web-service rating category name

Only ESM and ESM-MAC sub types support $MAC, $SAP, $CID, and $RID macro substitution.

String Length

1 to 255

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

tcp-client-reset boolean

Synopsis

Enable TCP client reset

Context

configure application-assurance group number http-redirect string tcp-client-reset boolean

Tree

tcp-client-reset

Description

When set to true, this command enables an HTTP-redirect policy to initiate a TCP reset towards the client if the AA policy results in a redirect with packet drop but the HTTP redirect cannot be delivered. Scenarios for this include HTTP (TLS) sessions, blocking of non-HTTP TCP traffic, and blocking of existing flows after a policy re-evaluation of an existing subscriber.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

template number

Synopsis

Template ID for the HTTP redirect object

Context

configure application-assurance group number http-redirect string template number

Tree

template

Description

This command configures the template that defines which parameters are appended to the HTTP host redirect field in the redirect message. The HTTP redirect template provides HTTP 302 redirect containing only the URL specified in the redirect policy, with no other parameters.

Max. Range

0 to 4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Options

not-applicable

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rtt-threshold (number | keyword)

Synopsis

Round trip time congestion threshold

Context

configure application-assurance group number partition number aa-sub-congestion-detection rtt-threshold (number | keyword)

Tree

rtt-threshold

Description

This command configures the default round trip delay threshold used by the DEM gateway algorithm to determine subscriber congestion for NLB-DEM. This default value is used when the current RAT-Type is not known, or has no associated configured RTT threshold.

Range

1 to 500

Default

173

Units

milliseconds

Options

not-applicable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rtt-threshold-tolerance number

Synopsis

RTT threshold tolerance for congestion detection

Context

configure application-assurance group number partition number aa-sub-congestion-detection rtt-threshold-tolerance number

Tree

rtt-threshold-tolerance

Description

This command configures the round trip delay threshold tolerance used by the DEM gateway algorithm to determine subscriber-level congestion.

Range

0 to 100

Default

Units

percent

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aa-sub-remote boolean

Synopsis

Reverse subscriber traffic direction

Context

configure application-assurance group number partition number aa-sub-remote boolean

Tree

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[source-type] keyword

Synopsis

Options

not-applicable

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rtt-threshold (number | keyword)

Synopsis

Source round trip time congestion threshold

Context

configure application-assurance group number partition number access-network-location source keyword rtt-threshold (number | keyword)

Tree

rtt-threshold

Description

This command configures the default round trip delay threshold used by the DEM gateway algorithm to determine ANL congestion. This default value is used when either the ANL RAT-Type is not known or has no associated configured RTT threshold.

Range

1 to 500

Default

173

Units

milliseconds

Options

not-applicable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rtt-threshold-tolerance number

Synopsis

Source round trip time congestion threshold tolerance

Context

configure application-assurance group number partition number access-network-location source keyword rtt-threshold-tolerance number

Tree

rtt-threshold-tolerance

Description

This command configures the ANL round trip delay threshold tolerance used by the DEM gateway algorithm to determine ANL-level congestion.

Range

0 to 100

Default

Units

percent

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

source-level keyword

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

Access network location source level

Context

configure application-assurance group number partition number access-network-location source keyword source-level keyword

Tree

source-level

Default

cell

Options

cell, transport-network-link, mac-vlan

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aqp-initial-lookup boolean

Synopsis

Enable AQP initial lookup

Context

configure application-assurance group number partition number aqp-initial-lookup boolean

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

buffer-type keyword

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Event log buffer type

Context

configure application-assurance group number partition number event-log string buffer-type keyword

Tree

buffer-type

Default

linear

Options

linear, circular, syslog

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

max-entries number

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Maximum number of entries for the event log

Context

configure application-assurance group number partition number event-log string max-entries number

Tree

max-entries

Range

1 to 100000

Default

500

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

syslog

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Enter the syslog context

Context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

facility keyword

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

AA syslog facility

Context

configure application-assurance group number partition number event-log string syslog facility keyword

Tree

facility

Description

This command configures the syslog facility. The syslog facility is an information field associated with a syslog message. It is defined by the syslog protocol and provides an indication of which part of the system originated the message.

Default

local7

Options

kernel, user, mail, systemd, auth, syslogd, printer, netnews, uucp, cron, authpriv, ftp, ntp, logaudit, logalert, cron2, local0, local1, local2, local3, local4, local5, local6, local7

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port number

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Syslog host UDP port

Context

configure application-assurance group number partition number event-log string syslog port number

Tree

port

Description

This command specifies the UDP port used by application assurance for the syslog events.

Max. Range

0 to 65535

Default

514

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

severity keyword

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Syslog message severity level threshold

Context

configure application-assurance group number partition number event-log string syslog severity keyword

Tree

severity

Default

info

Options

emergency, alert, critical, error, warning, notice, info, debug

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

vlan-id number

Warning:

Modifying this element toggles the admin-state of the parent element automatically for the new value to take effect.

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gtp-tunnel-database

Synopsis

Enter the gtp-tunnel-database context

Context

configure application-assurance group number partition number gtp gtp-filter string gtp-tunnel-database

Tree

gtp-tunnel-database

Description

Commands in this context configure GTP advanced firewall functions, such as validating GTP tunnels, sequence numbers, and source IP addresses).

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-tunnel-endpoint-limit number

Synopsis

Default GTP tunnel endpoint limit

Context

configure application-assurance group number partition number gtp gtp-filter string gtp-tunnel-database default-tunnel-endpoint-limit number

Tree

Description

This command configures the maximum number of GTP endpoints requested in GTP-C messages by using, for example, the PDP Context Create message type.

The validate-gtp-tunnels command must be enabled before using this command.

Range

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

validate-gtp-tunnels boolean

Synopsis

Enable GTP tunnel validation

Context

configure application-assurance group number partition number gtp gtp-filter string gtp-tunnel-database validate-gtp-tunnels boolean

Tree

validate-gtp-tunnels

Description

When configured to true, this command configures GTP tunnel validation. This allows for the validation of TEIDs and is a prerequisite for sequence checking and UE IP address validation. This command is only applicable when AA GTP FW is deployed on S8/S5/Gp/Gn interfaces. The gtpc-inspection command in the configure application-assurance group partition gtp context must be configured to true before using this command.

When configured to false, the GTP tunnels cannot be validated.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

validate-sequence-number boolean

Synopsis

Enable GTP sequence number checking

Context

configure application-assurance group number partition number gtp gtp-filter string gtp-tunnel-database validate-sequence-number boolean

Tree

validate-sequence-number

Description

When configured to true, this command enables GTP sequence number checking. GTP packets that fail the sequence number check are discarded.

The validate-gtp-tunnels command in the configure application-assurance group partition gtp gtp-filter gtp-tunnel-database context must be configured to true before using this command.

When configured to false, the GTP packet sequence number cannot be checked.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

validate-source-ip-addr boolean

Synopsis

Validate source IP address in GTP frames

Context

configure application-assurance group number partition number gtp gtp-filter string gtp-tunnel-database validate-source-ip-addr boolean

Tree

validate-source-ip-addr

Description

When configured to true, this command enables checking for spoofed or invalid UE IP addresses. Upstream GTP packets that contain invalid UE IP addresses are discarded. When a packet is dropped due to source-ip-address “invalid source IP add”, the statistics counter is updated.

The validate-gtp-tunnels command in the configure application-assurance group partition gtp gtp-filter gtp-tunnel-database context must be configured to true before using this command.

When configured to false, the spoofed or invalid UE IP addresses cannot be checked.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

imsi-apn-filter

Synopsis

Enter the imsi-apn-filter context

Context

configure application-assurance group number partition number gtp gtp-filter string imsi-apn-filter

Tree

imsi-apn-filter

Description

Commands in this context configure IMSI and APN filtering.

The gtpc-inspection command in the configure application-assurance group partition gtp context must be configured to true before using this command.

This command is only applicable to the GTP packets that contain IMSI or APN information elements (IEs).

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-action keyword

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

IMSI APN filter entry action

Context

configure application-assurance group number partition number gtp gtp-filter string imsi-apn-filter entry number action keyword

Tree

Default

permit

Options

deny, permit

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

apn string

Synopsis

APN as GTP filter match criterion

Context

configure application-assurance group number partition number gtp gtp-filter string imsi-apn-filter entry number apn string

Tree

apn

Description

This command configures a matching condition for an APN configured as a GTP filter. If no APN is specified, the entry is not checked for the APN IE in GTP-C packets. The values for this command are:

string:The extracted APN must match string exactly.
^string: The extracted APN must start with string.
string$: The extracted APN must end with string.
WILDCARD_APN: Special string that indicates that the extracted APN must be “*” (that is, a length octet with value one, followed by the ASCII code for the asterisk)
EMPTY_APN: Special string that indicates that the extracted APN must be empty (that is, “”)
ANY_APN: Special string that indicates that the extracted APN IE must be present and can have any value in order for the filter entry to match

String Length

1 to 100

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

imsi-mcc-mnc-prefix string

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix-list reference

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

entry [entry-id] number

Synopsis

Enter the entry list instance

Context

configure application-assurance group number partition number gtp gtp-filter string message-type entry number

Tree

entry

Description

Commands in this context configure an entry for a specific GTPv1 message type value.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[entry-id] number

Synopsis

GTP filter entry ID

Context

configure application-assurance group number partition number gtp gtp-filter string message-type entry number

Description

This command specifies the index in the GTPv1 message value list that defines a custom message-type action.

Range

1 to 255

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

GTPv1 filter message entry action

Context

configure application-assurance group number partition number gtp gtp-filter string message-type entry number action keyword

Tree

Options

deny, permit

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

value (number | keyword)

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

GTPv1 filter message type value

Context

configure application-assurance group number partition number gtp gtp-filter string message-type entry number value (number | keyword)

Tree

value

Range

1 to 255

Options

echo-request, echo-response, version-not-supported, node-alive-request, node-alive-response, redirection-request, redirection-response, create-pdp-context-request, create-pdp-context-response, update-pdp-context-request, update-pdp-context-response, delete-pdp-context-request, delete-pdp-context-response, initiate-pdp-context-activation-request, initiate-pdp-context-activation-response, error-indication, pdu-notification-request, pdu-notification-response, pdu-notification-reject-request, pdu-notification-reject-response, supported-extension-headers-notification, send-routing-information-for-gprs-request, send-routing-information-for-gprs-response, failure-report-request, failure-report-response, note-ms-gprs-present-request, note-ms-gprs-present-response, identification-request, identification-response, sgsn-context-request, sgsn-context-response, sgsn-context-acknowledge, forward-relocation-request, forward-relocation-response, forward-relocation-complete, relocation-cancel-request, relocation-cancel-response, forward-srns-context, forward-relocation-complete-acknowledge, forward-srns-context-acknowledge, ran-information-relay, mbms-notification-request, mbms-notification-response, mbms-notification-reject-request, mbms-notification-reject-response, create-mbms-context-request, create-mbms-context-response, update-mbms-context-request, update-mbms-context-response, delete-mbms-context-request, delete-mbms-context-response, mbms-registration-request, mbms-registration-response, mbms-de-registration-request, mbms-de-registration-response, mbms-session-start-request, mbms-session-start-response, mbms-session-stop-request, mbms-session-stop-response, mbms-session-update-request, mbms-session-update-response, ms-info-change-notification-request, ms-info-change-notification-response, data-record-transfer-request, data-record-transfer-response, end-marker, g-pdu

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

message-type-gtp-v2

Synopsis

Enter the message-type-gtp-v2 context

Context

configure application-assurance group number partition number gtp gtp-filter string message-type-gtp-v2

Tree

message-type-gtp-v2

Description

Commands in this context configure the GTPv2 message-type filtering.

If message-type GTPv2 is not specified within a filter, all GTP message types are allowed, except for the messages that are dropped by GTP-C inspection because they violate the expected GTP protocol for the deployment interface (for example, roaming deployment).

The gtpc-inspection command in the configure application-assurance group partition gtp context must be configured to true before configuring GTPv2 message-type filtering.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-action keyword

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

GTPv2 filter message entry action

Context

configure application-assurance group number partition number gtp gtp-filter string message-type-gtp-v2 entry number action keyword

Tree

Description

This command specifies the action to take for packets that match this GTPv2 filter message entry.

Options

deny, permit

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

value (number | keyword)

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

GTPv2 filter message type value

Context

configure application-assurance group number partition number gtp gtp-filter string message-type-gtp-v2 entry number value (number | keyword)

Tree

value

Range

1 to 255

Options

echo-request, echo-response, version-not-supported-indication, create-session-request, create-session-response, modify-bearer-request, modify-bearer-response, delete-session-request, delete-session-response, change-notification-request, change-notification-response, remote-ue-report-notification, remote-ue-report-acknowledge, modify-bearer-command, modify-bearer-failure-indication, delete-bearer-command, delete-bearer-failure-indication, bearer-resource-command, bearer-resource-failure-indication, downlink-data-notification-failure-indication, trace-session-activation, trace-session-deactivation, stop-paging-indication, create-bearer-request, create-bearer-response, update-bearer-request, update-bearer-response, delete-bearer-request, delete-bearer-response, delete-pdn-connection-set-request, delete-pdn-connection-set-response, pgw-downlink-triggering-notification, pgw-downlink-triggering-acknowledge, identification-request, identification-response, context-request, context-response, context-acknowledge, forward-relocation-request, forward-relocation-response, forward-relocation-complete-notification, forward-relocation-complete-acknowledge, forward-access-context-notification, forward-access-context-acknowledge, relocation-cancel-request, relocation-cancel-response, configuration-transfer-tunnel, detach-notification, detach-acknowledge, cs-paging-indication, ran-information-relay, alert-mme-notification, alert-mme-acknowledge, ue-activity-notification, ue-activity-acknowledge, isr-status-indication, create-forwarding-tunnel-request, create-forwarding-tunnel-response, suspend-notification, suspend-acknowledge, resume-notification, resume-acknowledge, create-indirect-data-forwarding-tunnel-request, create-indirect-data-forwarding-tunnel-response, delete-indirect-data-forwarding-tunnel-request, delete-indirect-data-forwarding-tunnel-response, release-access-bearers-request, release-access-bearers-response, downlink-data-notification, downlink-data-notification-acknowledge, pgw-restart-notification, pgw-restart-notification-acknowledge, update-pdn-connection-set-request, update-pdn-connection-set-response, modify-access-bearers-request, modify-access-bearers-response, mbms-session-start-request, mbms-session-start-response, mbms-session-update-request, mbms-session-update-response, mbms-session-stop-request, mbms-session-stop-response

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gtpc-inspection boolean

Synopsis

Enable inspection of GTP-C packets

Context

configure application-assurance group number partition number gtp gtpc-inspection boolean

Tree

gtpc-inspection

Description

When configured to true, this command enables the inspection of GTP-C packets. This is relevant only when AA GTP FW is deployed on S8/S5/Gp/Gn interfaces. This command must be enabled before configuring related features, such as APN filtering, GTP tunnel validation, message-type-v2 filtering, sequence number validation, and SRC IP validation.

When configured to false, GTP-C packet inspection cannot be performed.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

log

Synopsis

Enter the log context

Context

configure application-assurance group number partition number gtp log

Tree

log

Description

Commands in this context configure the AA group partition GTP log.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

GTP log action

Context

configure application-assurance group number partition number gtp log action keyword

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-match-all-requests boolean

Synopsis

Enable HTTP matching for all requests for an expression

Context

configure application-assurance group number partition number http-match-all-requests boolean

Tree

http-match-all-requests

Description

When configured to true, this command enables HTTP matching for all requests for an HTTP expression.

When configured to false, this command restores the default and removes the matching request for this particular expression.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-x-online-host boolean

Synopsis

Enter the entry list instance

eq string

Synopsis

Exact match for application filter matching expression

Context

configure application-assurance group number partition number policy app-filter entry number expression number eq string

Tree

String Length

1 to 255

Notes

The following elements are part of a mandatory choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match for application filter matching expression

Context

configure application-assurance group number partition number policy app-filter entry number expression number neq string

Tree

String Length

1 to 255

Notes

The following elements are part of a mandatory choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

type keyword

Synopsis

Application filter matching expression type

Context

configure application-assurance group number partition number policy app-filter entry number expression number type keyword

Tree

type

Options

http-host, http-uri, http-referer, sip-ua, sip-uri, sip-mt, citrix-app, http-user-agent, h323-product-id, tls-cert-subj-org-name, tls-cert-subj-common-name, rtsp-host, rtsp-uri, rtsp-ua, rtmp-page-host, rtmp-page-uri, rtmp-swf-host, rtmp-swf-uri, rtmp-tc-host, rtmp-tc-uri, dns-domain-name

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-setup-direction keyword

Synopsis

Traffic flow direction for the application filter entry

Context

configure application-assurance group number partition number policy app-filter entry number flow-setup-direction keyword

Tree

flow-setup-direction

Default

both

Options

subscriber-to-network, network-to-subscriber, both

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-match-all-requests boolean

Synopsis

Enable HTTP matching for all requests

Context

configure application-assurance group number partition number policy app-filter entry number http-match-all-requests boolean

Tree

http-match-all-requests

Description

When configured to true, this command enables HTTP matching for all requests for an HTTP expression.

When configured to false, this command restores the default for this app-filter entry which matches the first request.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-port

Synopsis

Enter the http-port context

Context

configure application-assurance group number partition number policy app-filter entry number http-port

Tree

http-port

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-filter entry number http-port eq

Tree

Description

Commands in this context configure the exact value as the match criterion.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Port list name

Context

configure application-assurance group number partition number policy app-filter entry number http-port eq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list or port-number.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number

Context

configure application-assurance group number partition number policy app-filter entry number http-port eq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list or port-number.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq

Synopsis

Enter the neq context

Context

configure application-assurance group number partition number policy app-filter entry number http-port neq

Tree

Description

Commands in this context configure the non-match criterion used.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Port list name

Context

configure application-assurance group number partition number policy app-filter entry number http-port neq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list or port-number.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number

Context

configure application-assurance group number partition number policy app-filter entry number http-port neq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list or port-number.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-protocol

Synopsis

Enter the ip-protocol context

Context

configure application-assurance group number partition number policy app-filter entry number ip-protocol

Tree

ip-protocol

Description

Commands in this context configure the IP protocol to use in the application definition.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq (number | keyword)

Synopsis

Exact match criterion used for the IP protocol number

Context

configure application-assurance group number partition number policy app-filter entry number ip-protocol eq (number | keyword)

Tree

Range

0 to 255

Options

tcp-udp, icmp, igmp, ip, tcp, egp, igp, udp, rdp, ipv6, ipv6-route, ipv6-frag, idrp, rsvp, gre, ipv6-icmp, ipv6-no-nxt, ipv6-opts, iso-ip, eigrp, ospf-igp, ether-ip, encap, pnni, pim, vrrp, l2tp, stp, ptp, isis, crtp, crudp, sctp

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq (number | keyword)

Synopsis

Non-match criterion used for the IP protocol number

Context

configure application-assurance group number partition number policy app-filter entry number ip-protocol neq (number | keyword)

Tree

Range

0 to 255

Options

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

network-address

Synopsis

Enter the network-address context

Context

configure application-assurance group number partition number policy app-filter entry number network-address

Tree

network-address

Description

Commands in this context configure the network address to use for the application filter entry. The network address is the address on the network side of AA, independent of whether the subscriber is acting as a client or server and is not normally used in AA app-filters. The network address will match the destination IP address in a from-sub flow or the source IP address in a to-sub flow.

Notes

The following elements are part of a choice: network-address or server-address.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-filter entry number network-address eq

Tree

Description

Commands in this context specify an exact value as the match criterion for the network address.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix (ipv4-prefix | ipv6-prefix)

Synopsis

IP prefix

Context

configure application-assurance group number partition number policy app-filter entry number network-address eq ip-prefix (ipv4-prefix | ipv6-prefix)

Tree

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix-list reference

Synopsis

IP prefix list

Context

configure application-assurance group number partition number policy app-filter entry number network-address eq ip-prefix-list reference

Tree

Reference

configure application-assurance group number partition number ip-prefix-list string

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

protocol

Synopsis

Enter the protocol context

Context

configure application-assurance group number partition number policy app-filter entry number protocol

Tree

protocol

Description

Commands in this context configure the protocol signature in the application definition.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq (string | named-item)

Synopsis

Exact match criterion used for the AA protocol name

Context

configure application-assurance group number partition number policy app-filter entry number protocol eq (string | named-item)

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq (string | named-item)

Synopsis

Non-match criterion used for the AA protocol name

Context

configure application-assurance group number partition number policy app-filter entry number protocol neq (string | named-item)

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

server-address

Synopsis

Enter the server-address context

Context

configure application-assurance group number partition number policy app-filter entry number server-address

Tree

server-address

Description

Commands in this context configure the server address to use for the application filter entry. The server address is the address on the server end of a client-server session.

Notes

The following elements are part of a choice: network-address or server-address.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-filter entry number server-address eq

Tree

Description

Commands in this context configure the attributes of the IP address used for the exact match criterion for the application flow.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dns-ip-cache reference

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

masked-ip

Synopsis

Enter the masked-ip context

Context

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dns-ip-cache reference

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

masked-ip

Synopsis

Enter the masked-ip context

Context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq

Tree

Description

Commands in this context configure the exact value as the match criterion for the server TCP or UDP number in the app-filter.

Notes

The following elements are part of a choice: eq, gt, lt, or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

first-packet-policy keyword

Synopsis

First packet policy

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq first-packet-policy keyword

Tree

first-packet-policy

Description

This command configures the action to perform on the first packet.

Options

first-packet-trusted, first-packet-validate

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Port-list name used in application filter criteria

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end number

Synopsis

TCP/UDP ending port number

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq range end number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start number

Synopsis

TCP/UDP starting port number

Context

configure application-assurance group number partition number policy app-filter entry number server-port eq range start number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gt

Synopsis

Enter the gt context

Context

configure application-assurance group number partition number policy app-filter entry number server-port gt

Tree

Description

Commands in this context specify the greater than value as the match criterion for the server port number for the app-filter.

Notes

The following elements are part of a choice: eq, gt, lt, or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-filter entry number server-port gt port-number number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

lt

Synopsis

Enter the lt context

Context

configure application-assurance group number partition number policy app-filter entry number server-port lt

Tree

Description

Commands in this context specify the less than value as the match criterion for the server port number for the app-filter.

Notes

The following elements are part of a choice: eq, gt, lt, or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-filter entry number server-port lt port-number number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq

Synopsis

Enter the neq context

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq

Tree

Description

Commands in this context configure non-match criterion used for the server TCP or UDP number in the app-filter.

Notes

The following elements are part of a choice: eq, gt, lt, or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Port-list name used in application filter criteria

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end number

Synopsis

TCP/UDP ending port number

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq range end number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start number

Synopsis

TCP/UDP starting port number

Context

configure application-assurance group number partition number policy app-filter entry number server-port neq range start number

Tree

Range

0 | 1 to 65535

Tree

aa-sub-suppressible

Description

When configured to true, this command configures the ability to suppress Application Assurance for subscribers with this application profile.

This function is used in the context of an SRRP group interface. If an SRRP group interface is configured as configure service ies subscriber-interface group-interface suppress-aa-sub or configure service vprn subscriber-interface group-interface suppress-aa-sub, then subscribers with an application profile configured as suppressible are not diverted to Application Assurance.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

capacity-cost number

Synopsis

Application profile capacity cost

Context

configure application-assurance group number partition number policy app-profile string capacity-cost number

Tree

capacity-cost

Description

This command configures an application profile capacity cost.

Capacity cost based load balancing allows a cost to be assigned to diverted SAPs (with the application profile). This allows for load balancing SAPs between ISAs and acts as a threshold to notify the operator if capacity planning is exceeded.

Range

1 to 65535

configure application-assurance group number partition number policy app-service-options characteristic string value string

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number partition number policy app-profile string description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

divert boolean

Synopsis

Enable traffic redirection to AA ISAs or ESA VMs

Context

configure application-assurance group number partition number policy app-profile string divert boolean

Tree

divert

Description

When configured to true, this command enables the redirection of traffic to AA ISAs or ESA VMs for the system-wide forwarding classes diverted to Application Assurance (configure isa application-assurance-group divert-fc) for AA subscribers using this application profile.

When configured to false, this command stops the redirection of traffic to AA ISAs or ESA VMs for the AA subscribers using this application profile.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

app-qos-policy

Synopsis

Enter the app-qos-policy context

Context

configure application-assurance group number partition number policy app-qos-policy

Tree

app-qos-policy

Description

Commands in this context configure an application QoS policy.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

entry [entry-id] number

Synopsis

Enter the entry list instance

Context

configure application-assurance group number partition number policy app-qos-policy entry number

Tree

entry

Description

Description

Commands in this context assign an existing bandwidth policer as an action on flows matching this AQP entry.

The match criteria for the AQP entry must specify a unidirectional traffic direction before a policer action can be configured. If a policer is used in one direction in an AQP match entry, the same policer name cannot be used by another AQP entry that uses different traffic direction match criteria.

When multiple policers apply to a single flow, the final action on a packet is the worst case of all policer outcomes (for example, if one of the policers marks packet out of profile, the final marking will reflect that).

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

anl reference

Synopsis

Access network locator bandwidth policer

Context

configure application-assurance group number partition number policy app-qos-policy entry number action bandwidth-policer anl reference

Tree

anl

Description

This command creates an Application Assurance policy profile for a policer instance for each ANL that limits traffic bandwidth in the scope of that ANL. For ANL, only single-bucket bandwidth policers can be configured.

Reference

configure application-assurance group number policer anl-bandwidth-policer string

Notes

The following elements are part of a choice: anl, dual-bucket, or single-bucket.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dual-bucket reference

Synopsis

Dual bucket bandwidth limiting policer

Context

configure application-assurance group number partition number policy app-qos-policy entry number action bandwidth-policer dual-bucket reference

Tree

dual-bucket

Description

This command creates an Application Assurance policy profile for a dual bucket (PIR) bandwidth limiting policer.

Reference

configure application-assurance group number policer dual-bucket-bandwidth-policer string

Notes

The following elements are part of a choice: anl, dual-bucket, or single-bucket.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

single-bucket reference

Synopsis

Single bucket bandwidth limiting policer

Context

configure application-assurance group number partition number policy app-qos-policy entry number action bandwidth-policer single-bucket reference

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

event-log reference

Synopsis

Event log name

Context

configure application-assurance group number partition number policy app-qos-policy entry number action flow-count-limit-policer event-log reference

Tree

event-log

Reference

configure application-assurance group number partition number event-log string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

policer-name reference

Synopsis

Policer name

Context

configure application-assurance group number partition number policy app-qos-policy entry number action flow-count-limit-policer policer-name reference

Tree

policer-name

Description

This command specifies the name of the flow count limit policer for flows matching the AQP entry. The policer name is configured in the configure application-assurance group policer context.

Reference

configure application-assurance group number policer flow-count-limit-policer string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-setup-rate-policer

Synopsis

Enter the flow-setup-rate-policer context

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

fragment-drop

Synopsis

Enter the fragment-drop context

Context

configure application-assurance group number partition number policy app-qos-policy entry number action fragment-drop

Tree

fragment-drop

Description

Commands in this context specify the drop action options to apply to fragments.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

drop-scope keyword

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-error-redirect reference

Synopsis

flow-type keyword

Synopsis

Flow type for HTTP redirect of flows matching the entry

Context

configure application-assurance group number partition number policy app-qos-policy entry number action http-redirect flow-type keyword

Tree

flow-type

Description

This command assigns an existing HTTP redirect policy as an action on flows matching this AQP entry. The redirect only takes effect if the matching flows are HTTP and the condition specified is met.

The condition specified by dropped flows means the flow is dropped due to an AQP action, such as flow rate, count policers, or drop actions. The admitted flows condition allows the operator to redirect HTTP traffic to a web portal while allowing non-HTTP traffic matching the same AQP rule to be forwarded.

No HTTP redirect takes place if the HTTP redirect action and a drop/flow-police action are part of the default AQP policy. In this case, any flow drop actions take place before identification of the application/application-group.

Options

dropped-flows, admitted-flows

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

name reference

Synopsis

HTTP redirect policy name

Context

configure application-assurance group number partition number policy app-qos-policy entry number action http-redirect name reference

Tree

name

Description

This command specifies the name of an existing HTTP policy redirect.

Reference

configure application-assurance group number http-redirect string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mirror-source

Synopsis

Enter the mirror-source context

Context

configure application-assurance group number partition number policy app-qos-policy entry number action mirror-source

Tree

mirror-source

Description

Commands in this context configure an application-based policy mirroring service that uses the AQP entry of this AA ISA as a mirror source.

When configured, the AQP entry becomes a mirror source for IP packets seen by AA. The mirrored packet is an IP packet analyzed by AA and does not include encapsulations present on the incoming interfaces.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

all-inclusive boolean

Synopsis

Mirror flows matching the AQP subscriber default policy

Context

configure application-assurance group number partition number policy app-qos-policy entry number action mirror-source all-inclusive boolean

Tree

all-inclusive

Description

This command specifies that all packets during the identification phase that could match a given AQP rule are mirrored in addition to packets after an application identification completes that match the AQP rule. This ensures that all packets of a flow are mirrored at a cost of sending some unidentified packets, which after the application is identified no longer match this AQP entry.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mirror-service reference

Synopsis

Mirror source service ID for flows matching the entry

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

in-profile keyword

Synopsis

DSCP name to remark matching in-profile flows

Context

configure application-assurance group number partition number policy app-qos-policy entry number action remark dscp in-profile keyword

Tree

in-profile

Options

be, cp1, cp2, cp3, cp4, cp5, cp6, cp7, cs1, cp9, af11, cp11, af12, cp13, af13, cp15, cs2, cp17, af21, cp19, af22, cp21, af23, cp23, cs3, cp25, af31, cp27, af32, cp29, af33, cp31, cs4, cp33, af41, cp35, af42, cp37, af43, cp39, cs5, cp41, cp42, cp43, cp44, cp45, ef, cp47, nc1, cp49, cp50, cp51, cp52, cp53, cp54, cp55, nc2, cp57, cp58, cp59, cp60, cp61, cp62, cp63

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

out-profile keyword

Synopsis

DSCP name to remark matching out-of-profile flows

Context

configure application-assurance group number partition number policy app-qos-policy entry number action remark dscp out-profile keyword

Tree

out-profile

Options

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

fc keyword

Synopsis

FC remark action for flows matching this entry

Context

configure application-assurance group number partition number policy app-qos-policy entry number action remark fc keyword

Tree

Options

be, l2, af, l1, h2, ef, h1, nc

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

priority keyword

Synopsis

tcp-validate reference

Synopsis

TCP validation policy action for entry matching flows

Context

configure application-assurance group number partition number policy app-qos-policy entry number action tcp-validate reference

Tree

tcp-validate

Description

This command assigns an existing TCP validation policy as an action on flows matching this AQP entry.

TCP validation can only be called from AQP entries that:

have no matching conditions that relate to information extracted from the incoming IP packets; for example, no application or IP address.
allow the following match conditions: none, aa-sub, characteristic, traffic-direction (both only), traffic-direction cannot be unidirectional (from or to sub). It can either be set to both or left unspecified.

Tree

esm

Description

Commands in this context configure the ESM fields for the AA subscriber match entry.

Notes

The following elements are part of a choice: esm, esm-mac, sap, spoke-sdp, or transit.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion used for the ESM subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub esm eq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match criterion used for ESM subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub esm neq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

esm-mac

Synopsis

Enter the esm-mac context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub esm-mac

Tree

esm-mac

Description

Commands in this context configure the ESM MAC fields for the AA subscriber match entry.

Notes

The following elements are part of a choice: esm, esm-mac, sap, spoke-sdp, or transit.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion used for ESM MAC subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub esm-mac eq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match criterion used for AA subscriber ESM MAC

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub esm-mac neq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

sap

Synopsis

Enter the sap context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub sap

Tree

sap

Description

Commands in this context configure the SAP fields for the AA subscriber match entry.

Notes

The following elements are part of a choice: esm, esm-mac, sap, spoke-sdp, or transit.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion used for the SAP subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub sap eq string

Tree

String Length

1 to 45

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match criterion used for the SAP subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub sap neq string

Tree

String Length

1 to 45

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

spoke-sdp

Synopsis

Enter the spoke-sdp context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub spoke-sdp

Tree

spoke-sdp

Description

Commands in this context configure the spoke SDP fields for the AA subscriber match entry.

Notes

The following elements are part of a choice: esm, esm-mac, sap, spoke-sdp, or transit.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion used for a spoke SDP subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub spoke-sdp eq string

Tree

String Length

3 to 16

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match criterion used for a spoke SDP subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub spoke-sdp neq string

Tree

String Length

3 to 16

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

transit

Synopsis

Enter the transit context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub transit

Tree

transit

Description

Commands in this context configure the transit fields for the AA subscriber match entry.

Notes

The following elements are part of a choice: esm, esm-mac, sap, spoke-sdp, or transit.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion used for a transit AA subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub transit eq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq string

Synopsis

Non-match criterion used for a transit AA subscriber

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub transit neq string

Tree

String Length

1 to 32

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aa-sub-tethering keyword

Synopsis

Tethering detection status for flow match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match aa-sub-tethering keyword

Tree

aa-sub-tethering

Description

This command configures the match criteria for subscribers in a tethering state.

Default

not-applicable

Options

not-applicable, detected, not-detected

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

app-group

Synopsis

Enter the app-group context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match app-group

Tree

app-group

Description

Commands in this context add an application group to the match criteria used by this AQP entry.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq reference

Synopsis

Exact match criterion used for the application group

Context

configure application-assurance group number partition number policy app-qos-policy entry number match app-group eq reference

Tree

Reference

configure application-assurance group number partition number policy app-group string

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq reference

Synopsis

Non-match criterion used for the application group

Context

configure application-assurance group number partition number policy app-qos-policy entry number match app-group neq reference

Tree

Reference

configure application-assurance group number partition number policy app-group string

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

application

Synopsis

Enter the application context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match application

Tree

application

Description

Commands in this context add an application to match criteria used by this AQP entry.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq reference

Synopsis

Exact match criterion used for the application

Context

configure application-assurance group number partition number policy app-qos-policy entry number match application eq reference

Tree

Reference

configure application-assurance group number partition number policy application string

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq reference

Synopsis

eq reference

Synopsis

Match criterion used for AQP match characteristic

Context

configure application-assurance group number partition number policy app-qos-policy entry number match characteristic reference eq reference

Tree

Reference

configure application-assurance group number partition number policy app-service-options characteristic string value string

Notes

The following elements are part of a mandatory choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq reference

Synopsis

Non-match criterion used for AQP match characteristic

Context

configure application-assurance group number partition number policy app-qos-policy entry number match characteristic reference neq reference

Tree

Reference

configure application-assurance group number partition number policy app-service-options characteristic string value string

Notes

The following elements are part of a mandatory choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

charging-group

Synopsis

Enter the charging-group context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match charging-group

Tree

charging-group

Description

Commands in this context add a charging group to match criteria used by this AQP entry.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq reference

Synopsis

Match criterion used for the charging group

Context

configure application-assurance group number partition number policy app-qos-policy entry number match charging-group eq reference

Tree

Reference

configure application-assurance group number partition number policy charging-group string

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq reference

Synopsis

Non-match criterion used for the charging group

Synopsis

Non-match criterion used for the DSCP

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dscp neq keyword

Tree

Options

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dst-ip

Synopsis

Enter the dst-ip context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-ip

Tree

dst-ip

Description

Commands in this context configure a destination IP address to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-ip eq

Tree

Description

Commands in this context specify the exact match value as the match criterion. A successful match occurs when the flow matches the specified address or prefix.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix (ipv4-prefix | ipv6-prefix)

Synopsis

IP address prefix used for match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-ip eq ip-prefix (ipv4-prefix | ipv6-prefix)

Tree

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix-list reference

Synopsis

IP address prefix list used for match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-ip eq ip-prefix-list reference

Tree

Reference

configure application-assurance group number partition number ip-prefix-list string

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dst-port

Synopsis

Enter the dst-port context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port

Tree

dst-port

Description

Commands in this context configure a destination TCP/UDP port, a destination port list, or a destination range to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port eq

Tree

Description

Commands in this context specify the exact match criterion. A successful match occurs when the flow matches the specified port.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

IP port list used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port eq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port eq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port eq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

IP port list used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port neq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port neq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match dst-port neq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

abr_service
audio
download
encrypted
esni
real_time_communication
upload
video

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[flow-attribute-name] string

Synopsis

Flow attribute name used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match flow-attribute string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

confidence

Synopsis

Enter the confidence context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match flow-attribute string confidence

Tree

confidence

Description

Commands in this context configure the confidence level of the flow attribute for use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq number

Synopsis

Exact match criterion used for the flow-attribute confidence

Context

configure application-assurance group number partition number policy app-qos-policy entry number match flow-attribute string confidence eq number

Tree

Range

0 to 100

Notes

The following elements are part of a choice: eq, gte, or lt.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gte number

Synopsis

Greater than or equal to for confidence match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match flow-attribute string confidence gte number

Tree

gte

Range

0 to 100

Notes

The following elements are part of a choice: eq, gte, or lt.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

lt number

Synopsis

Less than value for confidence match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match flow-attribute string confidence lt number

Tree

Range

1 to 100

Notes

The following elements are part of a choice: eq, gte, or lt.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-protocol

Synopsis

Enter the ip-protocol context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match ip-protocol

Tree

ip-protocol

Description

Commands in this context configure the IP protocol to use in the application definition.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq (number | keyword)

Synopsis

Exact match criterion used for the IP protocol

Context

configure application-assurance group number partition number policy app-qos-policy entry number match ip-protocol eq (number | keyword)

Tree

Range

0 to 255

Options

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq (number | keyword)

Synopsis

Non-match criterion used for the IP protocol

Context

configure application-assurance group number partition number policy app-qos-policy entry number match ip-protocol neq (number | keyword)

Tree

Range

0 to 255

Options

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

src-ip

Synopsis

Enter the src-ip context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-ip

Tree

src-ip

Description

Commands in this context configure a source IP address to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-ip eq

Tree

Description

Commands in this context specify the exact match value as the match criterion. A successful match occurs when the flow matches the specified address or prefix.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix (ipv4-prefix | ipv6-prefix)

Synopsis

IP address prefix used for match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-ip eq ip-prefix (ipv4-prefix | ipv6-prefix)

Tree

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix-list reference

Synopsis

IP address prefix list used for match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-ip eq ip-prefix-list reference

Tree

Reference

configure application-assurance group number partition number ip-prefix-list string

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

neq

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

src-port

Synopsis

Enter the src-port context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port

Tree

src-port

Description

Commands in this context specify a source IP port, a source port list, or a source range to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq

Synopsis

Enter the eq context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port eq

Tree

Description

Commands in this context specify the exact match criterion. A successful match occurs when the flow matches the specified port.

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

IP port list used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port eq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port eq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port eq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

Notes

The following elements are part of a choice: eq or neq.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

IP port list used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port neq port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-number number

Synopsis

Server port number used as match criterion

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port neq port-number number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: port-list, port-number, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enter the range context

Context

configure application-assurance group number partition number policy app-qos-policy entry number match src-port neq range

Tree

Description

Commands in this context specify the match value as the match criterion based on the starting or ending port number.

Notes

value [value-name] string

Synopsis

Add a list entry for value

Context

configure application-assurance group number partition number policy app-service-options characteristic string value string

Tree

value

Description

Commands in this context configure a characteristic value.

This command assigns an export ID value to a charging group, an app application group, or an application to be used for accounting export identification in RADIUS accounting. This ID is encoded in the top 2 bytes of the RADIUS accounting VSA to identify which charging group the counter value represents.

Range

1 to 255

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

notify-start-stop keyword

Synopsis

Start and stop notification for the charging group

Context

configure application-assurance group number partition number policy charging-group string notify-start-stop keyword

Tree

notify-start-stop

Default

none

Options

none, flow, charging-group

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

custom-protocol [custom-protocol-id] string

Synopsis

Enter the custom-protocol list instance

Context

configure application-assurance group number partition number policy custom-protocol string

Tree

custom-protocol

Description

Commands in this context configure custom protocols.

Custom protocols allow the creation of TCP and UDP-based custom protocols that employ pattern-match at offset in the protocol signature definition.

Operator-configurable custom protocols are evaluated ahead of any Nokia-provided protocol signature in order of custom protocol ID within the context the protocol is defined. The lower ID is matched first in case of flow matching multiple custom protocols.

Custom protocols must be created before they can be used in an application definition but do not have to be enabled. To reference a custom protocol in an application definition, or any other CLI configuration one must use the protocol name that is a concatenation of “custom_” and, (for example, custom_01, custom_02 ... custom_10, and so on). This concatenation is also used when reporting custom protocol statistics.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[custom-protocol-id] string

Synopsis

Custom protocol ID for the AA policy custom protocol

Context

configure application-assurance group number partition number policy custom-protocol string

Description

This command configures the index into the protocol list that defines a custom protocol for Application Assurance.

String Length

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the custom protocol

Context

configure application-assurance group number partition number policy custom-protocol string admin-state keyword

Tree

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number partition number policy custom-protocol string description string

Tree

default-tethered-charging-group

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

expression [expr-index] number

Synopsis

Enter the expression list instance

Context

configure application-assurance group number partition number policy custom-protocol string expression number

Tree

expression

Description

Commands in this context configure an expression string value for pattern-based custom protocols match.

A flow matches a custom protocol if the specified string is found at an offset of a TCP/UDP of the first payload packet.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[expr-index] number

Synopsis

Expression substring index for custom protocol matching

Context

configure application-assurance group number partition number policy custom-protocol string expression number

Range

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

direction keyword

Synopsis

Flow direction for custom-protocol expression matching

Context

configure application-assurance group number partition number policy custom-protocol string expression number direction keyword

Tree

direction

Description

This command configures the protocol direction to match against for a custom protocol.

Options

client-to-server, server-to-client, any

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq string

Synopsis

Exact match criterion for custom protocol expression

Context

configure application-assurance group number partition number policy custom-protocol string expression number eq string

Tree

String Length

1 to 255

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

offset number

Synopsis

Offset in protocol flow to start custom-protocol match

Context

configure application-assurance group number partition number policy custom-protocol string expression number offset number

Tree

offset

Description

This command configures the offset into the protocol payload where the expr-string match criteria starts.

Range

0 to 127

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-protocol keyword

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

IP protocol number for custom-protocol match criterion

Context

configure application-assurance group number partition number policy custom-protocol string ip-protocol keyword

Tree

ip-protocol

Description

This command configures the IP protocol number of the TCP and UDP-based custom protocols.

Options

tcp, udp

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-charging-group reference

Synopsis

Default charging group

Context

configure application-assurance group number partition number policy default-charging-group reference

Tree

default-charging-group

Description

This command associates a charging group with any applications or application groups that do not have an explicitly assigned charging group for the Application Assurance policy.

Reference

configure application-assurance group number partition number policy charging-group string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-tethered-charging-group reference

Synopsis

Default charging group for tethered traffic

Context

configure application-assurance group number partition number policy default-tethered-charging-group reference

Tree

Description

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list [port-list-name] string

Synopsis

Enter the port-list list instance

Context

configure application-assurance group number partition number port-list string

Tree

Description

Tree

Options

deny, permit

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

value (number | keyword)

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

PPID entry value

Context

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

min number

Synopsis

Minimum PPID value

Context

configure application-assurance group number partition number sctp-filter string ppid-range min number

Tree

min

Description

This command configures the minimum SCTP Payload Protocol Identifier (PPID) to be permitted by the SCTP filter. The value must be less than or equal to the maximum PPID value.

Range

0 to 4294967295

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

session-filter [session-filter-name] string

Synopsis

deny

Synopsis

Deny sessions matching the criteria

Context

configure application-assurance group number partition number session-filter string entry number action deny

Tree

deny

Notes

This element is the default part of a choice.

The following elements are part of a choice: deny, http-redirect, permit, or tcp-optimizer.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

event-log reference

Synopsis

Event log name used to log the action

Context

configure application-assurance group number partition number session-filter string entry number action event-log reference

Tree

event-log

Reference

configure application-assurance group number partition number event-log string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-redirect reference

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix (ipv4-prefix | ipv6-prefix)

Synopsis

Destination IP address prefix as match criterion

Context

configure application-assurance group number partition number session-filter string entry number match dst-ip ip-prefix (ipv4-prefix | ipv6-prefix)

Tree

Notes

The following elements are part of a choice: dns-ip-cache, ip-prefix, or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip-prefix-list reference

Synopsis

IP address prefix list as match criterion

Context

configure application-assurance group number partition number session-filter string entry number match dst-ip ip-prefix-list reference

Tree

Reference

configure application-assurance group number partition number ip-prefix-list string

Notes

The following elements are part of a choice: dns-ip-cache, ip-prefix, or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dst-port

Synopsis

Enter the dst-port context

Context

configure application-assurance group number partition number session-filter string entry number match dst-port

Tree

dst-port

Description

Commands in this context specify a destination TCP/UDP port, a destination port list, or a destination range to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq number

Synopsis

Match criterion used for destination or source port

Context

configure application-assurance group number partition number session-filter string entry number match dst-port eq number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gt number

Synopsis

Greater than match criterion for the port number

Context

configure application-assurance group number partition number session-filter string entry number match dst-port gt number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

lt number

Synopsis

Less than match criterion for the port

Context

configure application-assurance group number partition number session-filter string entry number match dst-port lt number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Destination or source port list

Context

configure application-assurance group number partition number session-filter string entry number match dst-port port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enable the range context

Context

configure application-assurance group number partition number session-filter string entry number match dst-port range

Tree

Description

Commands in this context specify a destination IP port, a destination port list, or a destination range to use as match criteria.

Notes

configure application-assurance group number partition number ip-prefix-list string

Notes

The following elements are part of a choice: ip-prefix or ip-prefix-list.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

src-port

Synopsis

Enter the src-port context

Context

configure application-assurance group number partition number session-filter string entry number match src-port

Tree

src-port

Description

Commands in this context specify a source IP port, a source port list, or a source range to use as match criteria.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

eq number

Synopsis

Match criterion used for destination or source port

Context

configure application-assurance group number partition number session-filter string entry number match src-port eq number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

gt number

Synopsis

Greater than match criterion for the port number

Context

configure application-assurance group number partition number session-filter string entry number match src-port gt number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

lt number

Synopsis

Less than match criterion for the port

Context

configure application-assurance group number partition number session-filter string entry number match src-port lt number

Tree

Range

0 | 1 to 65535

Default

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port-list reference

Synopsis

Destination or source port list

Context

configure application-assurance group number partition number session-filter string entry number match src-port port-list reference

Tree

Reference

configure application-assurance group number partition number port-list string

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

range

Synopsis

Enable the range context

Context

configure application-assurance group number partition number session-filter string entry number match src-port range

Tree

Description

Commands in this context specify a destination IP port, a destination port list, or a destination range to use as match criteria.

Notes

The following elements are part of a choice: eq, gt, lt, port-list, or range.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end number

Synopsis

Upper bound of the port range as match criterion

Context

configure application-assurance group number partition number session-filter string entry number match src-port range end number

Tree

Range

0 | 1 to 65535

Default

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start number

Synopsis

Lower bound of the port range as match criterion

Context

configure application-assurance group number partition number session-filter string entry number match src-port range start number

Tree

Range

0 | 1 to 65535

Enter the aa-app-group context

Context

configure application-assurance group number partition number statistics aa-app-group

Tree

aa-app-group

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

accounting-policy reference

Synopsis

Accounting policy ID

Context

configure application-assurance group number partition number statistics aa-app-group accounting-policy reference

Tree

accounting-policy

Reference

configure log accounting-policy number

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

collect-stats boolean

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

collect-stats boolean

Synopsis

Collect statistics

Context

configure application-assurance group number partition number statistics aa-application collect-stats boolean

Tree

collect-stats

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

Enter the aa-protocol context

Context

configure application-assurance group number partition number statistics aa-protocol

Tree

aa-protocol

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

accounting-policy reference

Synopsis

Accounting policy ID

Context

configure application-assurance group number partition number statistics aa-protocol accounting-policy reference

Tree

accounting-policy

Reference

configure log accounting-policy number

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of protocol statistics

Context

configure application-assurance group number partition number statistics aa-protocol admin-state keyword

Tree

aggregate-stats-export-using

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

collect-stats boolean

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

aggregate-stats-export-using keyword

Synopsis

Method of statistics export to be used

Context

configure application-assurance group number partition number statistics aa-sub aggregate-stats-export-using keyword

Tree

Options

accounting-policy, radius-accounting-policy

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

app-group [app-group-name] reference

Synopsis

Enter the app-group list instance

Context

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

application [application-name] reference

Synopsis

Enter the application list instance

Context

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

charging-group [charging-group-name] reference

Synopsis

Enter the charging-group list instance

Context

configure application-assurance group number partition number statistics aa-sub charging-group reference

Tree

charging-group

Description

Commands in this context configure AA subscriber accounting statistics for the export of AA charging groups of an AA group/partition.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[charging-group-name] reference

Synopsis

Charging group name

Context

configure application-assurance group number partition number statistics aa-sub charging-group reference

Description

This command specifies the AA charging group to be included in the exported accounting records.

Reference

configure application-assurance group number partition number policy charging-group string

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

export-using keyword

Synopsis

Method used to export statistics

Context

configure application-assurance group number partition number statistics aa-sub charging-group reference export-using keyword

Tree

export-using

Options

accounting-policy, radius-accounting-policy

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

collect-stats boolean

Synopsis

Collect statistics

Context

configure application-assurance group number partition number statistics aa-sub collect-stats boolean

Tree

collect-stats

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

exclude-tcp-retrans boolean

Synopsis

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

radius-accounting-policy reference

Synopsis

RADIUS accounting policy name

Context

configure application-assurance group number partition number statistics aa-sub radius-accounting-policy reference

Tree

radius-accounting-policy

Reference

configure application-assurance radius-accounting-policy string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

usage-monitoring boolean

Synopsis

Collect usage monitoring statistics

Context

configure application-assurance group number partition number statistics aa-sub usage-monitoring boolean

Tree

usage-monitoring

Description

Tree

aa-sub

Description

Description

When configured to true, all dropped TCP packets are logged, including the following:

packets received after an RST and discarded
packets received before TCP session establishment (before SYN) and discarded

An event log must also be configured to enable logging of all dropped packets.

When configured to false, discards related to the described cases are not captured in any event log.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

event-log reference

Synopsis

Event log name

Context

configure application-assurance group number partition number tcp-validate string log event-log reference

Tree

event-log

Reference

configure application-assurance group number partition number event-log string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

strict boolean

Synopsis

Enable strict checking of TCP traffic

Context

configure application-assurance group number partition number tcp-validate string strict boolean

Tree

strict

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert criteria keyword direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert gtp-filter reference criteria keyword direction keyword low-watermark number

Tree

Range

0 to 4294967294

0 to 4294967295

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

direction keyword

Synopsis

Traffic direction for GTP filter entry TCA

Context

configure application-assurance group number partition number threshold-crossing-alert gtp-filter-entry reference entry-id number direction keyword

Options

from-sub, to-sub

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

high-watermark number

Synopsis

High watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert gtp-filter-entry reference entry-id number direction keyword high-watermark number

Tree

high-watermark

Range

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert gtp-filter-entry reference entry-id number direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert policer string direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert sctp-filter reference criteria keyword direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert sctp-filter-entry reference entry-id reference direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert session-filter reference criteria keyword direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert session-filter-entry reference entry-id reference direction keyword low-watermark number

Tree

Range

0 to 4294967294

1 to 4294967295

Default

4294967295

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

low-watermark number

Synopsis

Low watermark threshold

Context

configure application-assurance group number partition number threshold-crossing-alert tcp-validate reference direction keyword low-watermark number

Tree

Range

0 to 4294967294

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

diameter

Synopsis

Enter the diameter context

Context

configure application-assurance group number partition number transit-ip-policy number diameter

Tree

diameter

Description

Commands in this context configure dynamic Diameter-based management of transit AA subs for the transit IP policy. This is mutually exclusive to other types of management of transit subs for a given transit IP policy.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

authentication-policy reference

Synopsis

RADIUS authentication policy

Context

configure application-assurance group number partition number transit-ip-policy number radius authentication-policy reference

Tree

authentication-policy

Reference

configure subscriber-mgmt radius-authentication-policy string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

seen-ip-radius-acct-policy reference

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

app-profile reference

Synopsis

Application profile name

Context

configure application-assurance group number partition number transit-ip-policy number static-aa-sub string app-profile reference

Tree

app-profile

Reference

configure application-assurance group number partition number policy app-profile string

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

ip [address] (ipv4-unicast-address | ipv6-prefix)

Synopsis

Add a list entry for ip

Context

configure application-assurance group number partition number transit-ip-policy number static-aa-sub string ip (ipv4-unicast-address | ipv6-prefix)

Tree

Description

Commands in this context configure the IP address for a static transit aa-sub.

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[address] (ipv4-unicast-address | ipv6-prefix)

Synopsis

IP address for an AA static transit subscriber

Context

configure application-assurance group number partition number transit-ip-policy number static-aa-sub string ip (ipv4-unicast-address | ipv6-prefix)

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

sub-ident-policy reference

Synopsis

Subscriber identification policy

Context

configure application-assurance group number partition number transit-ip-policy number sub-ident-policy reference

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

inactivity-monitor boolean

Synopsis

Monitor inactivity on auto-created transit subscribers

Context

configure application-assurance group number partition number transit-ip-policy number transit-auto-create inactivity-monitor boolean

Tree

inactivity-monitor

Description

Application profile name

Context

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

policer

Synopsis

Enter the policer context

Context

configure application-assurance group number policer

Tree

policer

Description

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer anl-bandwidth-policer string description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

ANL bandwidth policer maximum burst size

Context

configure application-assurance group number policer anl-bandwidth-policer string mbs number

Tree

Description

This command configures the maximum burst size (MBS) for the policer. Nokia recommends configuring MBS larger than twice the MTU for the traffic handled by the policer to allow for some burstiness of the traffic. MBS is configurable for single-bucket, dual-bucket bandwidth, and flow setup rate policers only.

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rate-percentage number

Synopsis

Rate used by Access-Network-Location policers

Context

configure application-assurance group number policer anl-bandwidth-policer string rate-percentage number

Tree

rate-percentage

Description

This command configures the stage 1 congestion percentage used by Access-Network-Location (ANL) policers. Because ANL total bandwidth is dynamically measured and estimated by AA, this command allows the operator to configure the ratio of that measured bandwidth to be used by the ANL policer as the policer rate.

No limiting is performed if not specified.

Range

0 to 200

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

rate-percentage-stage-2 number

Synopsis

Rate used by Access-Network-Location policers

Context

configure application-assurance group number policer anl-bandwidth-policer string rate-percentage-stage-2 number

Tree

rate-percentage-stage-2

Description

Tree

adaptation-rule

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cir keyword

Synopsis

Committed information rate value for adaptation rule

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string adaptation-rule cir keyword

Tree

Description

This command configures the CIR for the dual-bucket-bandwidth-policer adaptation rule policer. Nokia recommends configuring CIR larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. The CIR is configurable for dual-bucket bandwidth policers only.

Default

closest

Options

max, min, closest

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir keyword

Synopsis

Peak information rate value for the adaptation rule

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string adaptation-rule pir keyword

Tree

Description

Default

closest

Options

max, min, closest

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cbs number

Synopsis

Committed burst size when in congested state

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string cbs number

Tree

cbs

Description

This command configures the committed burst size (CBS) for a policer. Nokia recommends that CBS is configured larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. CBS is configurable for dual-bucket bandwidth policers only.

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cir (number | keyword)

Synopsis

Committed information rate value for the policer

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string cir (number | keyword)

Tree

Description

This command configures the CIR for the dual-bucket-bandwidth-policer policer. Nokia recommends that the CIR is configured larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. The CIR is configurable for dual-bucket bandwidth policers only.

Range

0 to 100000000

Default

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

congestion-override

Synopsis

Enter the congestion-override context

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override

Tree

congestion-override

Description

Commands in this context configure the congestion bandwidth policer override rates.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cbs number

Synopsis

Committed burst size in a congested stage 2 state

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override cbs number

Tree

cbs

Description

This command configures the committed burst size for a policer. The configured CBS should be larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. CBS is configurable for dual-bucket bandwidth policers only.

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cir (number | keyword)

Synopsis

Committed information rate value for the policer override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override cir (number | keyword)

Tree

Description

This command configures the CIR for the dual-bucket bandwidth policer congestion override. Nokia recommends that the CIR is configured larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. The CIR is configurable for dual-bucket bandwidth policers only.

Range

0 to 100000000

Default

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Maximum burst size when in a congested state

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the congestion override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override pir (number | keyword)

Tree

congestion-override-stage-2

Range

1 to 100000000

Default

max

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

congestion-override-stage-2

Synopsis

Enter the congestion-override-stage-2 context

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override-stage-2

Tree

Description

This command enables the context to configure per-subscriber stage 2 congestion bandwidth policer override rates.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cbs number

Synopsis

Committed burst size in a congested stage 2 state

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override-stage-2 cbs number

Tree

cbs

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cir (number | keyword)

Synopsis

Committed information rate value for the policer override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override-stage-2 cir (number | keyword)

Tree

Description

Range

0 to 100000000

Default

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Maximum burst size when in a congested state

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override-stage-2 mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the congestion override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string congestion-override-stage-2 pir (number | keyword)

Tree

Range

1 to 100000000

Default

max

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Bandwidth policer maximum burst size

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the bandwidth policer

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string pir (number | keyword)

Tree

Range

1 to 100000000

Default

max

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time-of-day-override [tod-override-id] number

Synopsis

Enter the time-of-day-override list instance

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number

Tree

time-of-day-override

Description

Commands in this context configure the time of day override policy for a given policer. Rate/mbs/cbs/flow-rate/flow-count configured in each override-id will override the default policer values at the specified time of day configured in the override.

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[tod-override-id] number

Synopsis

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

cir (number | keyword)

Synopsis

Committed information rate for time of day override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number cir (number | keyword)

Tree

Description

This command configures the committed information rate (CIR) for the dual-bucket-bandwidth-policer policer time of day override. Nokia recommends that the CIR is configured larger than twice the maximum MTU for the traffic handled by the policer to allow for some burstiness of the traffic. The CIR is configurable for dual-bucket bandwidth policers only.

Range

0 to 100000000

Default

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Maximum burst size for the policer time of day override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number mbs number

Tree

Description

This command configures the maximum burst size (MBS) for the policer. Nokia recommends that MBS is configured larger than twice the MTU for the traffic handled by the policer to allow for some burstiness of the traffic. MBS is configurable for single-bucket, dual-bucket bandwidth, and flow setup rate policers only.

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the time of day override

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number pir (number | keyword)

Tree

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

all-days

Synopsis

Enable policer override on every day

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number time-range daily all-days

Tree

Notes

This element is the default part of a choice.

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end string

Synopsis

Daily end time

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number time-range daily end string

Tree

Description

This command configures the daily end time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

on keyword

Synopsis

Policer override on selected days

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number time-range daily on keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Max. Elements

Notes

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start string

Synopsis

Daily start time

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number time-range daily start string

Tree

Description

This command configures the daily start time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

weekly

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer dual-bucket-bandwidth-policer string time-of-day-override number time-range weekly start day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer flow-count-limit-policer string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

Action for packets violating configured policer rate

Context

configure application-assurance group number policer flow-count-limit-policer string action keyword

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

limit-gtp-flows boolean

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

Limit concurrent GTP flows

Context

configure application-assurance group number policer flow-count-limit-policer string limit-gtp-flows boolean

Tree

limit-gtp-flows

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

peak-flow-count (number | keyword)

Synopsis

Peak flow count limit

Context

configure application-assurance group number policer flow-count-limit-policer string peak-flow-count (number | keyword)

Tree

peak-flow-count

Range

0 to 100000000

Default

max

Units

flows per second

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time-of-day-override [tod-override-id] number

Synopsis

Enter the time-of-day-override list instance

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number

Tree

time-of-day-override

Description

Commands in this context configure the time of day override policy for a specific policer. Rate/mbs/cbs/flow-rate/flow-count configured in each override ID overrides the default policer values at the specified time of day configured in the override.

Max. Elements

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[tod-override-id] number

Synopsis

ID for time of day override

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number

Range

1 to 255

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time-range

Synopsis

Enter the time-range context

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range

Tree

time-range

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

daily

Synopsis

Enable the daily context

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range daily

Tree

daily

Description

Commands in this context configure the daily start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

all-days

Synopsis

Enable policer override on every day

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range daily all-days

Tree

Notes

This element is the default part of a choice.

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end string

Synopsis

Daily end time

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range daily end string

Tree

Description

This command configures the daily end time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

on keyword

Synopsis

Policer override on selected days

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range daily on keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Max. Elements

Notes

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start string

Synopsis

Daily start time

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range daily start string

Tree

Description

This command configures the daily start time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

weekly

Synopsis

Enable the weekly context

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range weekly

Tree

weekly

Description

Commands in this context configure the weekly start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end

Synopsis

Enable the end context

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range weekly end

Tree

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

day keyword

Synopsis

Weekly end day

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range weekly end day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer flow-count-limit-policer string time-of-day-override number time-range weekly start day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer flow-setup-rate-policer string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

Action for packets violating configured policer rate

Context

configure application-assurance group number policer flow-setup-rate-policer string action keyword

Tree

Description

This command configures the action to be performed by single-bucket bandwidth policers for non-conformant traffic.

Default

permit-deny

Options

permit-deny, priority-mark

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

adaptation-rule

Synopsis

Enter the adaptation-rule context

Context

configure application-assurance group number policer flow-setup-rate-policer string adaptation-rule

Tree

adaptation-rule

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

peak-flow-setup-rate keyword

Synopsis

Peak flow setup rate adaptation rule

Context

configure application-assurance group number policer flow-setup-rate-policer string adaptation-rule peak-flow-setup-rate keyword

Tree

peak-flow-setup-rate

Default

closest

Options

max, min, closest

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer flow-setup-rate-policer string description string

Tree

flow-setup-rate-burst-size

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-setup-rate-burst-size number

Synopsis

Maximum flow setup rate burst size

Context

configure application-assurance group number policer flow-setup-rate-policer string flow-setup-rate-burst-size number

Tree

Range

0 to 131071

Default

Units

flows

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

granularity keyword

Warning:

Modifying this element recreates the parent element automatically for the new value to take effect.

Synopsis

Policer granularity

Context

configure application-assurance group number policer flow-setup-rate-policer string granularity keyword

Tree

granularity

Options

system, subscriber

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

peak-flow-setup-rate (number | keyword)

Synopsis

Peak flow setup rate

Context

configure application-assurance group number policer flow-setup-rate-policer string peak-flow-setup-rate (number | keyword)

Tree

peak-flow-setup-rate

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number description string

Tree

flow-setup-rate-burst-size

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

flow-setup-rate-burst-size number

Synopsis

Maximum flow setup rate burst size

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number flow-setup-rate-burst-size number

Tree

Range

0 to 131071

Default

Units

flows

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

peak-flow-setup-rate (number | keyword)

Synopsis

Peak flow setup rate

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number peak-flow-setup-rate (number | keyword)

Tree

peak-flow-setup-rate

Range

1 to 100000000

Default

max

Units

flows per second

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time-range

Synopsis

Enter the time-range context

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range

Tree

time-range

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

daily

Synopsis

Enable the daily context

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range daily

Tree

daily

Description

Commands in this context configure the daily start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

all-days

Synopsis

Enable policer override on every day

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range daily all-days

Tree

Notes

This element is the default part of a choice.

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end string

Synopsis

Daily end time

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range daily end string

Tree

Description

This command configures the daily end time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

on keyword

Synopsis

Policer override on selected days

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range daily on keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Max. Elements

Notes

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start string

Synopsis

Daily start time

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range daily start string

Tree

Description

This command configures the daily start time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

weekly

Synopsis

Enable the weekly context

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range weekly

Tree

weekly

Description

Commands in this context configure the weekly start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end

Synopsis

Enable the end context

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range weekly end

Tree

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

day keyword

Synopsis

Weekly end day

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range weekly end day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer flow-setup-rate-policer string time-of-day-override number time-range weekly start day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

action keyword

Synopsis

Action for packets violating configured policer rate

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string action keyword

Tree

Description

This command configures the action to be performed by single-bucket bandwidth policers for non-conformant traffic.

Default

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Maximum burst size when in a congested state

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string congestion-override mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the congestion override

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string congestion-override pir (number | keyword)

Tree

congestion-override-stage-2

Range

1 to 100000000

Default

max

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

congestion-override-stage-2

Synopsis

Enter the congestion-override-stage-2 context

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string congestion-override-stage-2

Tree

Description

Commands in this context configure per-subscriber stage 2 congestion bandwidth policer override rates.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Maximum burst size when in a congested state

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string congestion-override-stage-2 mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the congestion override

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string congestion-override-stage-2 pir (number | keyword)

Tree

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Bandwidth policer maximum burst size

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for the bandwidth policer

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string pir (number | keyword)

Tree

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number description string

Tree

String Length

1 to 80

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

mbs number

Synopsis

Bandwidth policer maximum burst size for time of day override

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number mbs number

Tree

Description

Range

0 to 131071

Default

Units

kilobytes

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

pir (number | keyword)

Synopsis

Peak information rate value for time of day override

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number pir (number | keyword)

Tree

Range

1 to 100000000

Default

max

Units

kilobps

Options

max

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time-range

Synopsis

Enter the time-range context

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range

Tree

time-range

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

daily

Synopsis

Enable the daily context

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range daily

Tree

daily

Description

Commands in this context configure the daily start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

all-days

Synopsis

Enable policer override on every day

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range daily all-days

Tree

Notes

This element is the default part of a choice.

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end string

Synopsis

Daily end time

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range daily end string

Tree

Description

This command configures the daily end time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

on keyword

Synopsis

Policer override on selected days

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range daily on keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Max. Elements

Notes

The following elements are part of a choice: all-days or on.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

start string

Synopsis

Daily start time

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range daily start string

Tree

Description

This command configures the daily start time of the policer override.

The time format must be [hh:mm]. The hh value is 00 to 24. The mm value is 00, 15, 30, or 45. If hh is 24, mm must be 00.

String Length

3 to 5

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

weekly

Synopsis

Enable the weekly context

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range weekly

Tree

weekly

Description

Commands in this context configure the weekly start and end times for policer override.

Notes

The following elements are part of a choice: daily or weekly.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

end

Synopsis

Enable the end context

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range weekly end

Tree

Description

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

day keyword

Synopsis

Weekly end day

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range weekly end day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number policer single-bucket-bandwidth-policer string time-of-day-override number time-range weekly start day keyword

Tree

Options

sunday, monday, tuesday, wednesday, thursday, friday, saturday

Notes

This element is mandatory.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

time string

Context

configure application-assurance group number tcp-optimizer string

Description

This command configures the name of the TCP optimizer policy.

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

dack-timeout number

Synopsis

Delayed acknowledgment timeout for client and server

Context

configure application-assurance group number tcp-optimizer string dack-timeout number

Tree

dack-timeout

Description

This command configures a delay ACK (DACK) timeout for the TCP optimizer. By entering this command a default of 200 ms timeout is enabled for delayed acknowledgment. This value is not configurable.

Range

200

Units

milliseconds

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

description string

Synopsis

Text description

Context

configure application-assurance group number tcp-optimizer string description string

Tree

String Length

1 to 80

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

initial-cwnd number

Synopsis

Initial congestion window of the TCP optimizer

Context

configure application-assurance group number tcp-optimizer string initial-cwnd number

Tree

initial-cwnd

Description

This command configures the initial TCP congestion window (cwnd) used during the TCP Slow Start (SS) period.

Range

1 to 256

Default

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

initial-ss-threshold (number | keyword)

Synopsis

Initial TCP Slow Start threshold for client and server

Context

configure application-assurance group number tcp-optimizer string initial-ss-threshold (number | keyword)

Tree

initial-ss-threshold

Description

This command configures the initial Slow Start (SS) threshold for a specific TCP optimizer policy. Nokia recommends setting the threshold close to the access network Bandwidth Delay Product (BDP).

Range

0 to 1000000

Default

1000000

Units

kilobytes

Options

auto

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

network-rtt-threshold number

Synopsis

Network round trip time threshold

Context

configure application-assurance group number tcp-optimizer string network-rtt-threshold number

Tree

network-rtt-threshold

Description

This command configures the threshold of the Round Trip Time (RTT) delay of the network side (between AA and the content provider) above which TCP Optimization (TCPO) is performed. This enables the operator to disable optimization for content that is served from a location close to the TCP optimizer.

Range

1 to 100

Units

milliseconds

Introduced

22.2.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

tcp-stack keyword

Context

configure application-assurance group number url-filter string

String Length

1 to 32

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of the AA URL filter

Context

configure application-assurance group number url-filter string admin-state keyword

Tree

apply-function-specific-behaviour

Default

disable

Options

enable, disable

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

apply-function-specific-behaviour boolean

Synopsis

Use function-specific behavior for action or redirect

Context

configure application-assurance group number url-filter string apply-function-specific-behaviour boolean

Tree

Description

When configured to true, the function-specific configurations for URL list, ICAP, and web service (url-list, icap, and web-service) are used for default action (default-action) and HTTP redirect (http-redirect).

When configured to false, the configuration at the URL filter level (url-filter) is used for default action and HTTP redirect.

Default

false

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-action

Synopsis

Enter the default-action context

Context

configure application-assurance group number url-filter string default-action

Tree

default-action

Description

Commands in this context configure the default action to take effect when the URL filter cannot be used. This may occur in the following cases:

for the local URL list when the URL list is shut down or the file is not loaded due to an error.
in the case of ICAP or web filtering when all TCP connections are busy or down.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

allow

Synopsis

Allow all requests as the default URL filter action

Context

configure application-assurance group number url-filter string default-action allow

Tree

allow

Description

When configured, this command allows all requests as the default URL filter action when the URL filter cannot be used.

Notes

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-all

Synopsis

Block all requests as the default URL filter action

Context

configure application-assurance group number url-filter string default-action block-all

Tree

Description

When configured, this command blocks all requests as the default URL filter action when the URL filter cannot be used.

Notes

This element is the default part of a choice.

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-http-redirect reference

Synopsis

HTTP URL name for block and redirect request action

Context

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

icap

Synopsis

Enter the icap context

Context

configure application-assurance group number url-filter string icap

Tree

icap

Description

Commands in this context configure the URL filter ICAP policy fields.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

custom-x-header string

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-all

Synopsis

Block all requests as the default action

Context

configure application-assurance group number url-filter string icap default-action block-all

Tree

Description

When configured, this command blocks all traffic when the URL filter cannot be used.

Notes

This element is the default part of a choice.

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-http-redirect reference

Synopsis

HTTP URL for redirection when URL filter cannot be used

Context

configure application-assurance group number url-filter string icap default-action block-http-redirect reference

Tree

block-http-redirect

Description

This command blocks traffic and redirects the user to an information page, which can be different than the page the user is redirected to when the site they attempted to access was found in the URL filter; this page is configured using the configure application-assurance group url-filter http-redirect command.

Reference

configure application-assurance group number http-redirect string

Notes

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

http-redirect reference

Synopsis

HTTP redirect object used when ICAP blocks HTTP request

Context

configure application-assurance group number url-filter string icap http-redirect reference

Tree

http-redirect

Reference

configure application-assurance group number http-redirect string

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

server [ip-address] (ipv4-address-no-zone | ipv6-address-no-zone) port number

Synopsis

Enter the server list instance

Context

configure application-assurance group number url-filter string icap server (ipv4-address-no-zone | ipv6-address-no-zone) port number

Tree

server

Description

Commands in this context configure the IP address and server port of the ICAP server.

In the current release, the system supports IPv4 addresses only for the ICAP server.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

[ip-address] (ipv4-address-no-zone | ipv6-address-no-zone)

Synopsis

ICAP server IP address

Context

configure application-assurance group number url-filter string icap server (ipv4-address-no-zone | ipv6-address-no-zone) port number

Description

This command configures the ICAP server address.

In the current release, the system supports IPv4 addresses only for the ICAP server.

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

port number

Synopsis

ICAP server port

Context

configure application-assurance group number url-filter string icap server (ipv4-address-no-zone | ipv6-address-no-zone) port number

Range

1 to 65535

Notes

This element is part of a list key.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

admin-state keyword

Synopsis

Administrative state of this URL filter ICAP server

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

local-filtering

Synopsis

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

default-action

Synopsis

Enter the default-action context

Context

configure application-assurance group number url-filter string local-filtering deny-list reference default-action

Tree

default-action

Description

Commands in this context configure a default action for the URL filter. The default action takes effect when the URL filter cannot be used. This may happen in the case of a local URL list when the URL list is disabled or the file is not loaded due to an error.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

allow

Synopsis

Allow all requests as the default action

Context

configure application-assurance group number url-filter string local-filtering deny-list reference default-action allow

Tree

allow

Description

This command allows all traffic when the URL filter cannot be used.

Notes

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-all

Synopsis

Block all requests as the default action

Context

configure application-assurance group number url-filter string local-filtering deny-list reference default-action block-all

Tree

Description

This command blocks all traffic when the URL filter cannot be used.

Notes

This element is the default part of a choice.

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-http-redirect reference

Synopsis

HTTP URL for redirection when URL filter cannot be used

Context

configure application-assurance group number url-filter string local-filtering deny-list reference default-action block-http-redirect reference

Tree

block-http-redirect

Description

Context

configure application-assurance group number url-filter string web-service category-set number

Tree

category-set

Range

1 to 65535

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

classification-overrides

Synopsis

Enter the classification-overrides context

Context

configure application-assurance group number url-filter string web-service classification-overrides

Tree

classification-overrides

Description

Commands in this context create a classification override and allow the operator to manually set the category of a hostname.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

entry [entry-id] number

Synopsis

Notes

The following elements are part of a choice: allow, block-all, or block-http-redirect.

Introduced

21.10.R1

Platforms

7450 ESS, 7750 SR, 7750 SR-e, 7750 SR-s, VSR

block-all

Synopsis

Block all requests as the default action

Context

configure application-assurance group number url-filter string web-service default-action block-all

Tree