Diameter User Guide

Oracle® Communications
Diameter Signaling Router

Diameter User's Guide
E73184 Revision 01
August 2016
Oracle Communications Diameter Signaling Router Diameter User's Guide
Copyright © 2011, 2016, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions
on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your
license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license,
transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse
engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is
prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free.
If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it
on behalf of the U.S. Government, then the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software,
any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users
are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and
agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation
of the programs, including any operating system, integrated software, any programs installed on the
hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the
programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications.
It is not developed or intended for use in any inherently dangerous applications, including applications
that may create a risk of personal injury. If you use this software or hardware in dangerous applications,
then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to
ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by
use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks
of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks
are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD,
Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced
Micro Devices. UNIX is a registered trademark of The Open Group.
This software or hardware and documentation may provide access to or information about content, products,
and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly
disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise
set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not
be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content,
products, or services, except as set forth in an applicable agreement between you and Oracle.
Table of Contents
Chapter 1: Introducing Diameter..............................................................19

Overview of Diameter Signaling Router Tasks...............................................................................20
Intended Scope and Audience...........................................................................................................20
Content Organization..........................................................................................................................20
Documentation Admonishments.......................................................................................................21
Related Publications............................................................................................................................22
Locate Product Documentation on the Oracle Help Center Site...................................................22
Customer Training...............................................................................................................................22
My Oracle Support (MOS)..................................................................................................................22
Emergency Response...........................................................................................................................23
Chapter 2: User Interface Introduction....................................................24

User Interface Organization...............................................................................................................25
User Interface Elements...........................................................................................................26
Main Menu Options.................................................................................................................27
Missing Main Menu options...............................................................................................................31
Common Graphical User Interface Widgets....................................................................................32
Supported Browsers.................................................................................................................32
System Login Page...................................................................................................................32
Main Menu Icons......................................................................................................................34
Work Area Displays.................................................................................................................35
Customizing the Splash Page Welcome Message...............................................................38
Column Headers (Sorting)......................................................................................................38
Page Controls............................................................................................................................38
Clear Field Control...................................................................................................................39
Optional Layout Element Toolbar.........................................................................................39
Filters..........................................................................................................................................40
Pause Updates..........................................................................................................................43
Max Records Per Page Controls.............................................................................................43
Chapter 3: Configuring Diameter.............................................................44

Understanding the Diameter Configuration Sequence..................................................................46
Diameter Capacity Summary.............................................................................................................47
E73184 Revision 01, August 2016 iii

Validating Diameter Connection Capacity......................................................................................48
Diameter Overload Indication Conveyance (DOIC).......................................................................51
Next Generation Network Priority Service (NGN-PS)...................................................................55
Connection Capacity Dashboard Functions.....................................................................................57
Using Application IDs to Identify Diameter Applications............................................................61
Diameter Application IDs elements......................................................................................62
Viewing Application IDs.........................................................................................................62
Adding an Application ID......................................................................................................63
Editing an Application ID.......................................................................................................63
Deleting an Application ID.....................................................................................................64
Diameter CEX Parameters..................................................................................................................65
Diameter CEX Parameters elements......................................................................................65
Viewing CEX Parameters........................................................................................................66
Adding CEX Parameters.........................................................................................................66
Editing CEX Parameters..........................................................................................................67
Deleting CEX Parameters........................................................................................................67
Diameter Command Codes................................................................................................................68
Diameter Command Codes elements...................................................................................69
Viewing Command Codes......................................................................................................69
Adding a Command Code......................................................................................................69
Editing a Command Code......................................................................................................70
Deleting a Command Code....................................................................................................71
Diameter Configuration Sets..............................................................................................................71
Diameter Connection Configuration Sets.............................................................................72
CEX Configuration Sets...........................................................................................................82
Capacity Configuration Sets...................................................................................................87
Egress Message Throttling Configuration Sets....................................................................92
Message Priority Configuration Sets.....................................................................................97
Message Copy Configuration Sets.......................................................................................101
Rate Limiting Configuration Sets........................................................................................104
Pending Transaction Limiting Configuration Sets............................................................109
Transaction Configuration Sets............................................................................................113
Traffic Throttle Point Configuration Sets...........................................................................117
Diameter Local Nodes.......................................................................................................................121
Diameter Local Node configuration elements...................................................................123
Viewing Local Nodes.............................................................................................................128
Adding a Local Node.............................................................................................................128
Editing a Local Node.............................................................................................................131
Deleting a Local Node...........................................................................................................132
Diameter Peer Nodes.........................................................................................................................133
Diameter Peer Node configuration elements.....................................................................134
E73184 Revision 01, August 2016 iv

Viewing Peer Nodes..............................................................................................................140
Adding a Peer Node..............................................................................................................140
Editing a Peer Node...............................................................................................................145
Deleting a Peer Node.............................................................................................................146
Diameter Peer Node Groups............................................................................................................147
Diameter Peer Node Groups configuration elements......................................................148
Viewing Peer Node Groups..................................................................................................149
Adding Peer Node Groups...................................................................................................149
Editing Peer Node Groups....................................................................................................150
Deleting Peer Node Groups..................................................................................................151
Connections.........................................................................................................................................151
IPFE Connections and Capacity Validation.......................................................................152
Diameter Connection configuration elements...................................................................154
Viewing Connections.............................................................................................................166
Adding a Connection.............................................................................................................166
Editing a Connection.............................................................................................................169
Deleting a Connection...........................................................................................................172
Diameter Route Groups....................................................................................................................172
Diameter Route Group configuration elements................................................................173
Viewing Route Groups..........................................................................................................175
Adding a Route Group..........................................................................................................175
Editing a Route Group...........................................................................................................176
Deleting a Route Group........................................................................................................177
Diameter Route Lists.........................................................................................................................178
Diameter Route List configuration elements.....................................................................179
Viewing Route Lists...............................................................................................................181
Adding a Route List...............................................................................................................181
Editing a Route List................................................................................................................181
Deleting a Route List.............................................................................................................182
Diameter Peer Route Tables.............................................................................................................183
Diameter Peer Route Tables elements.................................................................................184
Viewing Peer Route Tables...................................................................................................184
Adding a Peer Route Table...................................................................................................184
Deleting a Peer Route Table..................................................................................................185
Peer Routing Rules configuration........................................................................................185
Diameter Egress Throttle Groups....................................................................................................194
Diameter Egress Throttle Groups elements.......................................................................195
Viewing Egress Throttle Groups..........................................................................................196
Adding Egress Throttle Groups...........................................................................................197
Editing Egress Throttle Groups............................................................................................198
Deleting Egress Throttle Groups.........................................................................................199
E73184 Revision 01, August 2016 v

Diameter Reroute On Answer..........................................................................................................199
Diameter Reroute On Answer configuration elements....................................................200
Viewing Reroute On Answer...............................................................................................200
Adding a Reroute On Answer entry...................................................................................200
Deleting a Reroute On Answer............................................................................................201
Diameter Application Route Tables................................................................................................201
Diameter Application Route Tables elements...................................................................202
Viewing Application Route Tables......................................................................................202
Adding an Application Route Table...................................................................................203
Deleting an Application Route Table..................................................................................203
Application Routing Rules configuration...........................................................................204
Diameter Routing Option Sets.........................................................................................................212
Diameter Routing Option Sets elements.............................................................................213
Viewing Routing Option Sets...............................................................................................217
Adding a Routing Option Set...............................................................................................218
Editing a Routing Option Set...............................................................................................218
Deleting a Routing Option Set.............................................................................................219
Diameter Pending Answer Timers..................................................................................................219
Diameter Pending Answer Timers elements.....................................................................224
Viewing Pending Answer Timers........................................................................................224
Adding a Pending Answer Timer........................................................................................224
Editing a Pending Answer Timer........................................................................................225
Deleting a Pending Answer Timer......................................................................................225
Diameter Traffic Throttle Points......................................................................................................226
Diameter Traffic Throttle Point elements...........................................................................227
Viewing Traffic Throttle Points............................................................................................228
Adding Traffic Throttle Points.............................................................................................228
Editing Traffic Throttle Points..............................................................................................229
Deleting Traffic Throttle Points............................................................................................229
Diameter Traffic Throttle Groups....................................................................................................230
Diameter Traffic Throttle Groups elements.......................................................................231
Viewing Traffic Throttle Groups.........................................................................................231
Adding Traffic Throttle Groups...........................................................................................231
Editing Traffic Throttle Groups...........................................................................................232
Deleting Traffic Throttle Groups.........................................................................................233
Diameter AVP Removal Lists...........................................................................................................233
Diameter AVP Removal Lists elements..............................................................................234
Viewing AVP Removal Lists................................................................................................235
Adding AVP Removal Lists..................................................................................................235
Editing AVP Removal Lists..................................................................................................235
Deleting AVP Removal Lists................................................................................................236
E73184 Revision 01, August 2016 vi

Diameter System Options.................................................................................................................236
Diameter System Options elements....................................................................................237
Viewing System Options.......................................................................................................246
Editing System Options.........................................................................................................246
Diameter DNS Options.....................................................................................................................247
Diameter DNS Options elements.........................................................................................247
Viewing DNS Options...........................................................................................................248
Editing DNS Options.............................................................................................................248
Diameter Peer Discovery..................................................................................................................248
Realms......................................................................................................................................249
DNS Sets..................................................................................................................................254
Discovery Attributes..............................................................................................................258
Chapter 4: Diameter Maintenance..........................................................264

Diameter Maintenance Overview....................................................................................................265
Diameter Maintenance Route Lists..................................................................................................265
Diameter Route List maintenance elements.......................................................................265
Viewing Route List status.....................................................................................................266
Diameter Maintenance Route Groups.............................................................................................266
Diameter Route Group maintenance elements..................................................................267
Viewing Route Group status................................................................................................268
Diameter Maintenance Peer Nodes.................................................................................................268
Diameter Peer Node maintenance elements......................................................................268
Viewing Peer Node status.....................................................................................................270
Diameter Maintenance Connections...............................................................................................270
Diameter Connection maintenance elements....................................................................270
Viewing Connection status...................................................................................................273
Enabling Connections............................................................................................................273
Enabling All Connections.....................................................................................................274
Disabling Connections...........................................................................................................274
Disabling All Connections....................................................................................................275
Viewing statistics for an SCTP connection.........................................................................275
Starting Diagnosis on a Test Connection............................................................................276
Ending Diagnosis on a Test Connection.............................................................................277
Diameter Maintenance Egress Throttle Groups............................................................................277
Diameter Egress Throttle Groups maintenance elements................................................279
Viewing Egress Throttle Groups status..............................................................................282
Enabling Egress Throttle Groups Rate Limiting................................................................282
Disabling Egress Throttle Groups Rate Limiting..............................................................282
Enabling Egress Throttle Groups Pending Transaction Limiting...................................283
E73184 Revision 01, August 2016 vii

Disabling Egress Throttle Groups Pending Transaction Limiting..................................283
Diameter Maintenance Applications...............................................................................................284
Diameter Applications maintenance elements..................................................................284
Viewing Application status..................................................................................................285
Enabling Applications...........................................................................................................285
Disabling Applications..........................................................................................................286
Diameter Maintenance DA-MPs......................................................................................................286
Diameter DA-MPs maintenance elements.........................................................................286
Viewing DA-MP status..........................................................................................................288
Diameter Maintenance Peer Discovery...........................................................................................288
Diameter Peer Discovery maintenance elements..............................................................289
Viewing Peer Discovery status.............................................................................................290
Enabling Peer Discovery.......................................................................................................290
Disabling Peer Discovery......................................................................................................290
Refreshing Peer Discovery....................................................................................................291
Extending Peer Discovery.....................................................................................................291
Diameter Maintenance Traffic Throttle Points..............................................................................292
Diameter Traffic Throttle Points Maintenance elements..................................................293
Viewing Traffic Throttle Points status................................................................................294
Diameter Maintenance Traffic Throttle Groups............................................................................294
Diameter Traffic Throttle Groups elements.......................................................................294
Viewing Traffic Throttle Groups status..............................................................................295
Enabling Traffic Throttle Groups.........................................................................................295
Enabling All Traffic Throttle Groups..................................................................................295
Disabling Traffic Throttle Groups.......................................................................................296
Disabling All Traffic Throttle Groups.................................................................................297
Chapter 5: Diameter Reports...................................................................298

Overview.............................................................................................................................................299
Diameter Diagnostics Tool................................................................................................................299
Viewing, Printing, and Saving Diagnostics Tool Reports................................................300
Diameter MP Statistics (SCTP).........................................................................................................301
MP Statistics (SCTP) report elements..................................................................................301
Chapter 6: Troubleshooting with IDIH.................................................303
Chapter 7: Diameter AVP Dictionary....................................................304

AVP Flags............................................................................................................................................305
Base Dictionary...................................................................................................................................305
E73184 Revision 01, August 2016 viii

Diameter Base Dictionary elements.....................................................................................306
Viewing a Base Dictionary entry.........................................................................................307
Cloning AVP entries..............................................................................................................308
Custom Dictionary.............................................................................................................................308
Diameter Custom Dictionary elements...............................................................................309
Adding a new AVP Dictionary entry..................................................................................310
Changing an existing AVP Dictionary entry.....................................................................311
Deleting an AVP dictionary entry.......................................................................................311
All-AVP Dictionary............................................................................................................................312
Diameter All-AVP Dictionary elements.............................................................................313
Viewing an existing All-AVP Dictionary entry definition...............................................314
Vendors................................................................................................................................................315
Diameter Vendors elements.................................................................................................315
Viewing Vendors....................................................................................................................316
Adding a Vendor....................................................................................................................316
Editing a Vendor Name.........................................................................................................317
Deleting a Vendor..................................................................................................................317
Chapter 8: Mediation.................................................................................319
Chapter 9: Diameter Shared Traffic Throttle Groups.........................320

Diameter Shared Traffic Throttle Groups elements......................................................................321
Viewing Shared Traffic Throttle Groups........................................................................................321
Adding Shared Traffic Throttle Groups.........................................................................................321
Editing Shared Traffic Throttle Groups..........................................................................................321
Deleting Shared Traffic Throttle Groups........................................................................................322
Chapter 10: Diameter Topology Hiding................................................323

Diameter Topology Hiding...............................................................................................................324
Message Candidates for Topology Hiding and Restoral.................................................334
Topology Hiding Supported AVPs.....................................................................................338
Encryption...............................................................................................................................338
Diameter Topology Hiding Assumptions..........................................................................339
Topology Hiding Types........................................................................................................339
Trusted Networks Lists.....................................................................................................................361
Diameter Trusted Network Lists elements........................................................................362
Viewing Topology Hiding Trusted Network Lists...........................................................362
E73184 Revision 01, August 2016 ix

Adding a Trusted Network List...........................................................................................362
Editing a Trusted Network List...........................................................................................363
Deleting a Trusted Network List.........................................................................................364
Path Topology Hiding Configuration Sets.....................................................................................364
Diameter Topology Hiding Path Topology Hiding Configuration Set elements.........365
Viewing Path Topology Hiding Configuration Sets.........................................................366
Adding a Path Topology Hiding Configuration Set.........................................................367
Editing a Path Topology Hiding Configuration Set..........................................................367
Deleting a Path Topology Hiding Configuration Set........................................................368
S6a/S6d HSS Topology Hiding Configuration Sets.....................................................................368
Diameter S6a/S6d HSS Topology Hiding Configuration Set elements.........................370
Viewing S6a/S6d HSS Topology Hiding Configuration Sets.........................................372
Adding an S6a/S6d HSS Topology Hiding Configuration Set.......................................372
Editing an S6a/S6d HSS Topology Hiding Configuration Set........................................373
Deleting an S6a/S6d HSS Topology Hiding Configuration Set......................................374
MME/SGSN Topology Hiding Configuration Sets......................................................................374
Diameter MME/SGSN Topology Hiding Configuration Set elements.........................376
Viewing MME/SGSN Topology Hiding Configuration Sets..........................................378
Adding an MME/SGSN Topology Hiding Configuration Set........................................378
Editing an MME/SGSN Topology Hiding Configuration Set........................................379
Deleting an MME/SGSN Topology Hiding Configuration Set......................................379
S9 PCRF Topology Hiding Configuration Sets..............................................................................380
Diameter S9 PCRF Topology Hiding Configuration Set elements.................................381
Viewing S9 PCRF Topology Hiding Configuration Sets..................................................383
Adding an S9 PCRF Topology Hiding Configuration Set...............................................383
Editing an S9 PCRF Topology Hiding Configuration Set................................................384
Deleting an S9 PCRF Topology Hiding Configuration Set..............................................385
S9 AF/pCSCF Topology Hiding Configuration Sets....................................................................385
Diameter S9 AF/pCSCF Topology Hiding Configuration Set elements.......................387
Viewing S9 AF/pCSCF Topology Hiding Configuration Sets........................................389
Adding an S9 AF/pCSCF Topology Hiding Configuration Set.....................................389
Editing an S9 AF/pCSCF Topology Hiding Configuration Set......................................390
Deleting an S9 AF/pCSCF Topology Hiding Configuration Set....................................390
Protected Networks...........................................................................................................................391
Diameter Protected Network configuration elements......................................................392
Viewing Topology Hiding Protected Networks................................................................393
Adding a Protected Network...............................................................................................393
Editing a Protected Network................................................................................................394
Deleting a Protected Network..............................................................................................394
E73184 Revision 01, August 2016 x

Chapter 11: Diameter Egress Throttle List............................................396
Egress Throttle List overview...........................................................................................................397
Rate Limiting Configuration Sets on the NOAM..........................................................................398
Pending Transaction Limiting Configuration Sets on the NOAM.............................................398
Egress Throttle Lists on the NOAM................................................................................................400
Diameter Egress Throttle Lists elements............................................................................400
Viewing Egress Throttle Lists...............................................................................................401
Adding Egress Throttle Lists................................................................................................401
Editing Egress Throttle Lists.................................................................................................402
Deleting Egress Throttle Lists..............................................................................................402
Chapter 12: Diameter RADIUS...............................................................404

RADIUS overview..............................................................................................................................405
Chapter 13: Diameter Message Copy.....................................................406

Diameter Message Copy overview..................................................................................................407
Diameter Message Copy...................................................................................................................409
Chapter 14: Diameter Capacity and Congestion Controls.................416

Introduction........................................................................................................................................417
DA-MP Overload Control.................................................................................................................417
Per-Connection Ingress MPS Control.............................................................................................419
Remote Congestion Controls............................................................................................................424
User Configurable Message Priority...................................................................................427
Remote BUSY Congestion.....................................................................................................429
Egress Transport Congestion...............................................................................................431
Per Connection Egress Message Throttling........................................................................433
User Configurable Connection Pending Transaction Limiting.......................................436
Egress Throttle Groups......................................................................................................................437
Glossary.............................................................................................................................442
E73184 Revision 01, August 2016 xi

List of Figures
Figure 1: Oracle System Login.......................................................................................................................33
Figure 2: Paginated Table................................................................................................................................35
Figure 3: Scrollable Table................................................................................................................................36
Figure 4: Form Page.........................................................................................................................................36
Figure 5: Tabbed Pages....................................................................................................................................37
Figure 6: Tabbed Pages....................................................................................................................................37
Figure 7: Report Output..................................................................................................................................37
Figure 8: Sorting a Table by Column Header..............................................................................................38
Figure 9: Clear Field Control X.......................................................................................................................39
Figure 10: Optional Layout Element Toolbar...............................................................................................39
Figure 11: Automatic Error Notification.......................................................................................................40
Figure 12: Examples of Filter Styles...............................................................................................................41
Figure 13: Diameter Topology Hiding Boundary.....................................................................................325
Figure 14: Diameter Topology Hiding Trigger Points: Protected-to-Untrusted Transactions...........326
Figure 15: Diameter Topology Hiding Trigger Points: Untrusted-to-Protected Transactions...........326
Figure 16: TH Network Deployment in an Interworking Network.......................................................330
Figure 17: TH Network Deployment in an Interworking Network.......................................................335
Figure 18: Route-Record Hiding - Request Message................................................................................341
Figure 19: Route-Record Hiding - Answer Message.................................................................................342
Figure 20: Multi-DEA Route-Record Message Loop Detection...............................................................343
Figure 21: Unsupported Pseudo-Host Route-Record Loop Detection...................................................343
Figure 22: Proxy-Host Hiding......................................................................................................................344
E73184 Revision 01, August 2016 xii

Figure 23: Error-Reporting-Host AVP Hiding...........................................................................................345
Figure 24: S6a/S6d HSS TH Protected-HSS to Untrusted-MME/SGSN Diameter Transaction........347
Figure 25: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction.........................348
Figure 26: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction.........................348
Figure 27: MME/SGSN TH Protected-MME/SGSN to Untrusted HSS Transaction..........................351
Figure 28: MME/SGSN TH Untrusted-HSS to Protected MME/SGSN Transaction..........................352
Figure 29: Protected-vPCRF to Untrusted-hPCRF Transaction..............................................................354
Figure 30: Untrusted-hPCRF to Protected-vPCRF Diameter Transaction.............................................355
Figure 31: Protected-hPCRF to Untrusted-vPCRF Transaction..............................................................356
Figure 32: Untrusted-vPCRF to Protected-hPCRF Transaction..............................................................357
Figure 33: Protected vAF/pCSCF to Untrusted-hPCRF Transaction.....................................................359
Figure 34: Untrusted-hPCRF to Protected-vAF/pCSCF Transaction....................................................360
Figure 35: Diameter Message Copy Message Flow...................................................................................408
Figure 36: Per-Connection Message Coloring............................................................................................421
E73184 Revision 01, August 2016 xiii

List of Tables
Table 1: Admonishments................................................................................................................................21
Table 2: User Interface Elements....................................................................................................................26
Table 3: Main Menu Options..........................................................................................................................27
Table 4: Main Menu Icons...............................................................................................................................34
Table 5: Example Action Buttons...................................................................................................................38
Table 6: Submit Buttons...................................................................................................................................39
Table 7: Filter Control Elements.....................................................................................................................41
Table 8: Application IDs Elements.................................................................................................................62
Table 9: CEX Parameters elements................................................................................................................65
Table 10: Command Codes Elements............................................................................................................69
Table 11: Configuration Sets Elements..........................................................................................................74
Table 12: CEX Configuration Sets Elements.................................................................................................83
Table 13: Capacity Configuration Sets Elements.........................................................................................89
Table 14: Egress Message Throttling Configuration Set Elements...........................................................93
Table 15: Message Priority Configuration Set Elements............................................................................98
Table 16: Message Copy Configuration Set Elements..............................................................................102
Table 17: Rate Limiting Configuration Sets Elements..............................................................................106
Table 18: Pending Transaction Limiting Configuration Sets Elements..................................................110
Table 19: Transaction Configuration Sets Elements..................................................................................114
Table 20: Traffic Throttle Point Configuration Sets Elements.................................................................117
Table 21: Local Node Configuration Elements..........................................................................................123
Table 22: Peer Node Configuration Elements............................................................................................134
E73184 Revision 01, August 2016 xiv

Table 23: Peer Node Groups Configuration Elements..............................................................................148
Table 24: Connections Configuration Elements.........................................................................................154
Table 25: Route Groups Configuration Elements......................................................................................173
Table 26: Route Lists Configuration Elements...........................................................................................179
Table 27: Peer Route Tables Elements.........................................................................................................184
Table 28: Peer Routing Rules Configuration Elements.............................................................................187
Table 29: Peer Routing Rules Operators.....................................................................................................190
Table 30: Egress Throttle Groups Elements................................................................................................196
Table 31: Reroute On Answer Configuration Elements...........................................................................200
Table 32: Application Route Tables Elements............................................................................................202
Table 33: Application Routing Rules Configuration Elements...............................................................205
Table 34: Application Routing Rules Operators........................................................................................208
Table 35: Routing Option Sets Elements.....................................................................................................213
Table 36: Diameter Pending Answer Timer and Transaction Lifetime Selection.................................221
Table 37: Pending Answer Timers Elements..............................................................................................224
Table 38: Traffic Throttle Point Elements...................................................................................................227
Table 39: Traffic Throttle Groups Elements...............................................................................................231
Table 40: AVP Removal Lists Elements......................................................................................................234
Table 41: System Options Elements.............................................................................................................238
Table 42: DNS Options Elements.................................................................................................................247
Table 43: Realms Elements............................................................................................................................252
Table 44: DNS Sets Elements........................................................................................................................255
Table 45: Discovery Attributes Elements....................................................................................................258
Table 46: Route Lists Maintenance Elements.............................................................................................265
Table 47: Route Group Maintenance Elements..........................................................................................267
E73184 Revision 01, August 2016 xv

Table 48: Peer Nodes Maintenance Elements............................................................................................269
Table 49: Connections Maintenance Elements...........................................................................................270
Table 50: Connections SCTP Statistics Elements.......................................................................................276
Table 51: Egress Throttle Groups Control Scope States............................................................................278
Table 52: Egress Throttle Groups Admin States........................................................................................278
Table 53: ETG Operational Status................................................................................................................278
Table 54: ETG Operational Reason..............................................................................................................279
Table 55: Egress Throttle Groups Maintenance Elements........................................................................280
Table 56: Applications Maintenance Elements..........................................................................................285
Table 57: DA-MPs Maintenance Elements.................................................................................................287
Table 58: Peer Discovery Maintenance Elements......................................................................................289
Table 59: Traffic Throttle Points Maintenance Elements..........................................................................293
Table 60: Traffic Throttle Group Maintenance elements..........................................................................294
Table 61: MP Statistics (SCTP) Report Elements.......................................................................................301
Table 62: AVP Flags Definitions...................................................................................................................305
Table 63: Base Dictionary Elements.............................................................................................................306
Table 64: Custom Dictionary Elements.......................................................................................................309
Table 65: All-AVP Dictionary Elements......................................................................................................313
Table 66: Vendors elements..........................................................................................................................316
Table 67: Shared Traffic Throttle Groups elements...................................................................................321
Table 68: Topology Information Hiding and Restoral Procedures.........................................................327
Table 69: Example Protected Networks Configuration............................................................................330
Table 70: Example Trusted Network Lists Configuration.......................................................................330
Table 71: Network Trust Relationship Matrix...........................................................................................331
Table 72: Example Topology Hiding Status Settings................................................................................331
E73184 Revision 01, August 2016 xvi

Table 73: General Criteria for Determining Whether a Message is a TH Candidate...........................331
Table 74: Protected Network Configuration Example..............................................................................332
Table 75: Topology Hiding AVPs and Hiding Methods..........................................................................333
Table 76: Example Protected Networks Configuration............................................................................335
Table 77: Example Trusted Network Lists Configuration.......................................................................335
Table 78: Network Trust Relationship Matrix...........................................................................................336
Table 79: Example Topology Hiding Status Settings................................................................................336
Table 80: General Criteria for Determining Whether a Message is a TH Candidate...........................336
Table 81: Protected Network Configuration Example..............................................................................337
Table 82: Topology Hiding AVPs and Hiding Methods..........................................................................338
Table 83: Example of Configuration of MME/SGSN TH Hostnames for a Protected Network........349
Table 84: Trusted Network Lists elements.................................................................................................362
Table 85: Path Topology Hiding Configuration Sets Elements...............................................................365
Table 86: S6a/S6d HSS Topology Hiding Configuration Sets Elements...............................................370
Table 87: MME/SGSN Topology Hiding Configuration Sets Elements................................................376
Table 88: S9 PCRF Topology Hiding Configuration Sets Elements........................................................381
Table 89: S9 AF/pCSCF Topology Hiding Configuration Sets Elements..............................................387
Table 90: Protected Network Configuration Elements.............................................................................392
Table 91: Egress Throttle Lists Elements.....................................................................................................400
Table 92: Specific MsgCopyAnswer AVP Format.....................................................................................411
Table 93: Portion of the Answer Message Included as Data Value of the MsgCopyAnswer
AVP.............................................................................................................................................................411
Table 94: CLs, CPLs, and Message Treatment...........................................................................................425
Table 95: Mapping Congestion Levels to CPL Values..............................................................................426
Table 96: Remote BUSY and EMR Capacity Ranges.................................................................................426
E73184 Revision 01, August 2016 xvii

Table 97: Message Priority Treatment Methods........................................................................................429
Table 98: Mapping Congestion Levels to CPL Values..............................................................................431
Table 99: Congestion Levels Based on Thresholds....................................................................................435
Table 100: Message Priority and ETG Congestion Level..........................................................................438
Table 101: ETG Message Rate Congestion Levels Based on Threshold.................................................439
Table 102: ETG Pending Transaction Congestion Levels Based on Threshold.....................................440
E73184 Revision 01, August 2016 xviii

Chapter
1
Introducing Diameter
Topics: The Diameter document content provides

information about how to use the GUI to perform
• Overview of Diameter Signaling Router Diameter Signaling Router tasks.
Tasks.....20
The Diameter menu options allow you to:
• Intended Scope and Audience.....20
• Content Organization.....20 • Perform Diameter Signaling Router configuration
tasks
• Documentation Admonishments.....21
• View maintenance information for Diameter
• Related Publications.....22
components
• Locate Product Documentation on the Oracle Help
• Generate reports
Center Site.....22
• Perform IDIH troubleshooting
• Customer Training.....22
• Work with AVP dictionary components
• My Oracle Support (MOS).....22 • Access Mediation GUI pages
• Emergency Response.....23
E73184 Revision 01, August 2016 19

Diameter User's Guide Introducing Diameter
Overview of Diameter Signaling Router Tasks

This document provides information about how to use the GUI to perform diameter signaling router
tasks.
The document provides the following types of information:
• Procedures to configure Diameter components
• Maintenance information about Diameter components
• Procedures to generate reports for the Diagnostics Tool and MP Statistics
• High-level summary for Troubleshooting with IDIH
• AVP Dictionary information
• High-level summary for Mediation
See Integrated DIH User's Guide and Diameter Mediation User 's Guide for more information about those
applications.
Intended Scope and Audience

This content is intended for personnel who perform diameter signaling tasks.
This content contains procedures for performing tasks using the product GUI.
This content does not describe how to install or replace software or hardware.
The Diameter software component is shared by multiple applications in the product line. For this
reason, this content includes references to the shared applications, and describes GUI options that are
not visible or applicable to SDM. For example, applications (such as RBAR, FABR, CPA, and Policy
DRA) and IPFE are currently not used by SDM, so disregard any references to these applications.
Content Organization
This content is organized as follows:
• Introducing Diameter contains general information about the Diameter and Mediation help
documentation, the organization of this manual, and how to get technical assistance.
• User Interface Introduction describes the organization and usage of the user interface. In it you can
find information about how the interface options are organized, how to use widgets and buttons,
and how filtering and other page display options work.
• Configuring Diameter provides information about configuring Diameter resources.
• Diameter Maintenance provides information about how to view the status of Diameter resources,
and how to enable and disable connections and applications.
• Diameter Reports provides information about how to produce Diagnostic Tool reports and MP
Statistics (SCTP) reports.
• Troubleshooting with IDIH provides summary information about the Integrated Diameter Intelligence
(IDIH) feature. See Integrated DIH User's Guide for more information.

• Diameter AVP Dictionary provides information about Attribute-Value Pairs (AVPs) that are used
by the Diameter Routing Function in making decisions for routing messages to and from applications
and for the Diameter Message Copy feature.
• Mediation provides information about working with the Mediation feature.
• Diameter Shared Traffic Throttle Groups provides information about all Traffic Throttle Groups (TTGs)
defined as shared across the diameter routing network.
• Diameter Topology Hiding describes the components that can be configured for Diameter Topology
Hiding.
• Diameter Egress Throttle List describes the components can be configured for Egress Throttle List
from the NOAM.
• Diameter RADIUS provides information about working with the RADIUS feature.
• Diameter Message Copy describes the Diameter Message Copy feature, which is used to send a copy
of a message to a DAS.
• Diameter Capacity and Congestion Controls contains information about the various ways capacity
and congestion can be managed to preserve the availability and Quality of Service (QoS).
Documentation Admonishments
Admonishments are icons and text throughout this manual that alert the reader to assure personal
safety, to minimize possible service interruptions, and to warn of the potential for equipment damage.
Table 1: Admonishments
Icon Description
Danger:
(This icon and text indicate the possibility of
personal injury.)
Warning:
equipment damage.)
Caution:
service interruption.)
Topple:
personal injury and equipment damage.)

Related Publications
For information about additional publications that are related to this document, refer to the Related
Publications Reference document, which is published as a separate document on the Oracle Help Center
site. See Locate Product Documentation on the Oracle Help Center Site for more information.
Locate Product Documentation on the Oracle Help Center Site

Oracle Communications customer documentation is available on the web at the Oracle Help Center
(OHC) site, http://docs.oracle.com. You do not have to register to access these documents. Viewing these
files requires Adobe Acrobat Reader, which can be downloaded at http://www.adobe.com.
1. Access the Oracle Help Center site at http://docs.oracle.com.
2. Click Industries.
3. Under the Oracle Communications subheading, click the Oracle Communications
documentation link.
The Communications Documentation page appears. Most products covered by these documentation
sets will appear under the headings “Network Session Delivery and Control Infrastructure” or
“Platforms.”
4. Click on your Product and then the Release Number.
A list of the entire documentation set for the selected product and release appears.
5. To download a file to your location, right-click the PDF link, select Save target as (or similar
command based on your browser), and save to a local folder.
Customer Training
Oracle University offers training for service providers and enterprises. Visit our web site to view, and
register for, Oracle Communications training:
http://education.oracle.com/communication
To obtain contact phone numbers for countries or regions, visit the Oracle University Education web
site:
www.oracle.com/education/contacts
My Oracle Support (MOS)

MOS (https://support.oracle.com) is your initial point of contact for all product support and training
needs. A representative at Customer Access Support (CAS) can assist you with MOS registration.

Call the CAS main number at 1-800-223-1711 (toll-free in the US), or call the Oracle Support hotline
for your local country from the list at http://www.oracle.com/us/support/contact/index.html. When calling,
make the selections in the sequence shown below on the Support telephone menu:
1. Select 2 for New Service Request
2. Select 3 for Hardware, Networking and Solaris Operating System Support
3. Select one of the following options:
• For Technical issues such as creating a new Service Request (SR), Select 1
• For Non-technical issues such as registration or assistance with MOS, Select 2
You will be connected to a live agent who can assist you with MOS registration and opening a support
ticket.
MOS is available 24 hours a day, 7 days a week, 365 days a year.
Emergency Response
In the event of a critical service situation, emergency response is offered by the Customer Access
Support (CAS) main number at 1-800-223-1711 (toll-free in the US), or by calling the Oracle Support
hotline for your local country from the list at http://www.oracle.com/us/support/contact/index.html. The
emergency response provides immediate coverage, automatic escalation, and other features to ensure
that the critical situation is resolved as rapidly as possible.
A critical situation is defined as a problem with the installed equipment that severely affects service,
traffic, or maintenance capabilities, and requires immediate corrective action. Critical situations affect
service and/or system operation resulting in one or several of these situations:
• A total system failure that results in loss of all transaction processing capability
• Significant reduction in system capacity or traffic handling capability
• Loss of the system’s ability to perform automatic system reconfiguration
• Inability to restart a processor or the system
• Corruption of system databases that requires service affecting corrective actions
• Loss of access for maintenance or recovery operations
• Loss of the system ability to provide any required critical or major trouble notification
Any other problem severely affecting service, capacity/traffic, billing, and maintenance capabilities
may be defined as critical by prior discussion and agreement with Oracle.

Chapter
2
User Interface Introduction
Topics: This section describes the organization and usage

of the application's user interface. In it you can find
• User Interface Organization.....25 information about how the interface options are
• Missing Main Menu options.....31 organized, how to use widgets and buttons, and
• Common Graphical User Interface Widgets.....32 how filtering and other page display options work.

Diameter User's Guide User Interface Introduction
User Interface Organization

The user interface is the central point of user interaction within an application. It is a Web-based
graphical user interface (GUI) that enables remote user access over the network to an application and
its functions.
The core framework presents a common set of Main Menu options that serve various applications.
The common Main Menu options are:
• Administration
• Configuration
• Alarm and Events
• Security Log
• Status & Manage
• Measurements
• Help
• Legal Notices
• Logout
Applications, such as DSR, build upon this framework to present features and functions. For example,
the DSR Network OAM GUI may present the following Main Menu options in addition to the common
options:
• Communication Agent
• Diameter Common
• Diameter
• Policy and Charging
• MAP-Diameter IWF
• SBR
• RADIUS
The DSR System OAM GUI may present even more Main Menu options as listed below. The end result
is a flexible menu structure that changes according to the application needs and features activated.
• Transport Manager
• SS7/Sigtran
• RBAR
• FABR
• IPFE
• GLA
• Policy and Charging
• MAP-Diameter IWF
• SBR
• RADIUS
• Mediation
Note that the DSR System OAM Main Menu options differ from the Network OAM options. Some
Main Menu options are configurable from the DSR Network OAM server and view-only from the
System OAM server. This remains true for other applications.

User Interface Elements

Table 2: User Interface Elements describes elements of the user interface.
Table 2: User Interface Elements
Element Location Function

Identification Top bar across the Displays the company name, product name and version,
Banner web page and the alarm panel.
Session Banner Next bar across the The left side of the banner just above the Main Menu
top of the web page provides the following session information:
• The name of the machine to which the user is connected,
and whether the user is connected via the VIP or directly
to the machine.
• The HA state of the machine to which the user is
connected.
• The role of the machine to which the user is connected.
The right side of the banner:
• Shows the user name of the currently logged-in user.
• Provides a link to log out of the GUI.
Main Menu Left side of screen, A tree-structured menu of all operations that can be
under banners performed through the user interface. The plus character
(+) indicates a menu item contains subfolders.
• To display submenu items, click the plus character, the
folder, or anywhere on the same line.
• To select a menu item that does not have submenu
items, click on the menu item text or its associated
symbol.
Work Area Right side of panel Consists of three sections: Page Title Area, Page Control
under status Area (optional), and Page Area.
• Page Title Area: Occupies the top of the work area. It
displays the title of the current page being displayed,
date and time, and includes a link to context-sensitive
help.
• Page Control Area: Located below the Page Title Area,
this area shows controls for the Page Area (this area is
optional). When available as an option, filter controls
display in this area. The Page Control Area contains the
optional layout element toolbar, which displays different
elements depending on which GUI page is selected. For
more information, see Optional Layout Element Toolbar.
• Page Area: Occupies the bottom of the work area. This
area is used for all types of operations. It displays all
options, status, data, file, and query screens. Information

Element Location Function

or error messages are displayed in a message box at the
top of this section. A horizontal and/or vertical scroll
bar is provided when the displayed information exceeds
the page area of the screen. When a user first logs in,
this area displays the application user interface page.
The page displays a user-defined welcome message. To
customize the message, see Customizing the Login
Message.
Main Menu Options

Table 3: Main Menu Options describes all main menu user interface options.
Note: The menu options can differ according to the permissions assigned to a user's log-in account.
For example, the Administration menu options do not appear on the screen of a user who does not
have administrative privileges.
Note: Some menu items are configurable only on the Network OAM and view-only on the System
OAM; and some menu options are configurable only on the System OAM.
Note: Some features do not appear in the main menu until the features are activated.
Table 3: Main Menu Options
Menu Item Function

Administration The Administration menu allows the user to:
• General Options. Configure options such as password history and
expiration, login message, welcome message, and the number of failed
login attempts before an account is disabled
• Set up and manage user accounts
• Configure group permissions
• View session information
• Manage sign-on certificates
• Authorize IP addresses to access the user interface
• Configure SFTP user information
• View the software versions report
• Upgrade management including backup and reporting
• Authenticate LDAP servers
• Configure SNMP trapping services
• Configure an export server
• Configure DNS elements
Configuration On the NOAM, allows the user to configure:

• Network Elements
• Network Devices
• Network Routes

Menu Item Function

• Services
• Servers
• Server Groups
• Resource Domains
• Places
• Place Associations
• Interface and Port DSCP
Alarms and Events Allows the user to view:

• Active alarms and events
• Alarm and event history
• Trap log
Security Log Allows the user to view, export, and generate reports from security log
history.
Status & Manage Allows the user to monitor the individual and collective status of Network
Elements, Servers, HA functions, Databases, KPIs, system Processes, and
Tasks. The user can perform actions required for server maintenance,
database management, data, and ISO file management.
Measurements Allows the user to view and export measurement data.
Transport Manager On the SOAM, allows the user to configure adjacent nodes, configuration
(optional) sets, or transports. A maintenance option allows the user to perform enable,
disable, and block actions on the transport entries.
Communication Agent Allows the user to configure Remote Servers, Connection Groups, and
(optional) Routed Services. The user can perform actions to enable, disable, and block
connections. Also allows the user to monitor the status of Connections,
Routed Services, and HA Services.
SS7/Sigtran (optional) On the SOAM, allows the user to configure various users, groups, remote
signaling points, links, and other items associated with SS7/Sigtran; perform
maintenance and troubleshooting activities; and provides a command line
interface for bulk loading SS7 configuration data.
Diameter Common Allows the user to view or configure:
(optional)
• Dashboard, configure on the NOAM; view on both OAMs
• Network Identifiers on the SOAM - MCC Ranges
• Network Identifiers on the NOAM - MCCMNC and MCCMNC Mapping
• MPs (on the SOAM) - editable Profile parameters and Profile
Assignments
The DSR Bulk Import and Export functions are available on both OAMs
for the data configured on that OAM.
Diameter (optional) Allows the user to configure, modify, and monitor Diameter routing:
• On the NOAMP, Diameter Topology Hiding and Egress Throttle List
configuration

Menu Item Function

• On the SOAM, Diameter Configuration, Maintenance, Reports,
Troubleshooting with IDIH, AVP Dictionary, and Diameter Mediation
configuration
RBAR (Range-Based Allows the user to configure the following Range-Based Address Resolution
Address Resolution) (RBAR) settings:
(optional)
• Applications
• Exceptions
• Destinations
• Address Tables
• Addresses
• Address Resolutions
• System Options
This is accessible from the SOAM only.
FABR (Full Address Allows the user to configure the following Full Address Based Resolution
Based Resolution) (FABR) settings:
(optional)
• Applications
• Exceptions
• Default Destinations
• Address Resolutions
• System Options
This is accessible from the SOAM only.
Policy and Charging On the NOAMP, allows the user to perform configuration tasks, edit options,
(optional) and view elements for:
• General Options
• Access Point Names
• Policy DRA
• PCRF Pools
• PCRF Sub-Pool Selection Rules
• Network-Wide Options
• Online Charging DRA
• OCS Session State
• Realms
• Network-Wide Options
• Alarm Settings
• Congestion Options
Additionally on the NOAMP, users are allowed to perform maintenance
tasks, edit options, and view elements for:
• Maintenance
• SBR Database Status

Menu Item Function

• SBR Status
• SBR Database Reconfiguration Status
• Policy Database Query
On the SOAM, allows the user to perform configuration tasks, edit options,
and view elements for:
• General Options
• Access Point Names
• Policy DRA
• PCRFs
• Binding Key Priority
• PCRF Pools
• PCRF Pool to PRT Mapping
• PCRF Sub-Pool Selection Rules
• Policy Clients
• Suspect Binding Removal Rules
• Site Options
• Online Charging DRA
• OCSs
• CTFs
• OCS Session State
• Realms
• Error Codes
• Alarm Settings
• Congestion Options
Gateway Location On the SOAM, allows the user to perform configuration tasks, edit options,
Application (optional) and view elements for:
• Exceptions
• Options
GLA can deploy with Policy DRA (in the same DA-MP or a separate
DA-MP).
IPFE (optional) Allows the user to configure IP Front End (IPFE) options and IP List TSAs.
This is accessible from the SOAM server only.
MAP-Diameter On the SOAM, allows the user to perform configuration tasks, edit options,
Interworking (optional) and view elements for the DM-IWF DSR Application:
• DM-IWF Options
• Diameter Exception
On the NOAMP, allows the user to perform configuration tasks, edit options,
and view elements for the MD-IWF SS7 Application:

Menu Item Function

• MD-IWF Options
• Diameter Realm
• Diameter Identity GTA
• GTA Range to PC
• MAP Exception
• CCNDC Mapping
RADIUS (optional) Allows the user to perform configuration tasks, edit system options, and
view elements for:
• Network Options
• Message Authenticator Configuration Sets
• Shared Secret Configuration Sets
• Ingress Status Server Configuration Sets
• Message Conversion Configuration Sets
• NAS Node
SBR (optional) Allows the user to perform configuration tasks, edit system options, and
view elements for:
• SBR Databases
• SBR Database Resizing Plans
• SBR Data Migration Plans
Additionally, on the NOAMP, users are allowed to perform maintenance
tasks, edit options, and view elements for:
• Maintenance
• SBR Database Status
• SBR Status
• SBR Database Reconfiguration Status
Help Launches the Help system for the user interface

Legal Notices Product Disclaimers and Notices
Logout Allows the user to log out of the user interface
Missing Main Menu options

Permissions determine which Main Menu options are visible to users. Permissions are defined through
the Group Administration page. The default group, admin, is permitted access to all GUI options
and functionality. Additionally, members of the admin group set permissions for other users.
Main Menu options vary according to the group permissions assigned to a user's account. Depending
on your user permissions, some menu options may be missing from the Main Menu. For example,
Administration menu options do not appear on your screen if you do not have administrative

permissions. For more information about user permissions, see Group Administration in the OAM
section of the online help, or contact your system administrator.
Common Graphical User Interface Widgets

Common controls allow you to easily navigate through the system. The location of the controls remains
static for all pages that use the controls. For example, after you become familiar with the location of
the display filter, you no longer need to search for the control on subsequent pages because the location
is static.
Supported Browsers
This application supports the use of Microsoft® Internet Explorer 8.0, 9.0, or 10.0.
System Login Page

Access to the user interface begins at the System Login page. The System Login page allows users to
log in with a username and password and provides the option of changing the password upon login.
The System Login page also features a date and time stamp reflecting the time the page was last
refreshed. Additionally, a customizable login message appears just below the Log In button.
The user interface is accessed via HTTPS, a secure form of the HTTP protocol. When accessing a server
for the first time, HTTPS examines a web certificate to verify the identity of the server. The configuration
of the user interface uses a self-signed web certificate to verify the identity of the server. When the
server is first accessed, the supported browser warns the user that the server is using a self-signed
certificate. The browser requests confirmation that the server can be trusted. The user is required to
confirm the browser request to gain access.
Customizing the Login Message

Before logging in, the System Login page appears. You can create a login message that appears just
below the Log In button on the System Login page.

Figure 1: Oracle System Login
1. From the Main Menu, click Administration > General Options.

The General Options Administration page appears.
2. Locate LoginMessage in the Variable column.
3. Enter the login message text in the Value column.
4. Click OK or Apply to submit the information.
A status message appears at the top of the Configuration Administration page to inform you if the
operation was successful.
The next time you log in to the user interface, the login message text displays.
Accessing the DSR Graphical User Interface

In DSR, some configuration is done at the NOAM server, while some is done at the SOAM server.
Because of this, you need to access the DSR graphical user interface (GUI) from two servers. Certificate
Management (Single Sign-On) can be configured to simplify accessing the DSR GUI on the NOAM
and the SOAM.
For information on configuring Single Sign-On certificates, see OAM > Administration > Access
Control > Certificate Management in the DSR online help.

After the certificates have been configured, you can log into the DSR GUI on any NOAM or SOAM,
and then access the DSR GUI on other servers (NOAM or other SOAMs) without having to re-enter
your login credentials.
1. In the browser URL field, enter the fully qualified hostname of the NOAM server, for example
https://dsr-no.yourcompany.com.
When using Single Sign-On, you cannot use the IP address of the server.
2. When prompted by the browser, confirm that the server can be trusted.
The System Login page appears.
3. Enter the Username and Password for your account.
The DSR GUI for the NOAM appears.
4. To access the DSR GUI for the SOAM, open another browser window and enter the fully qualified
hostname of the SOAM.
The DSR GUI for the SOAM appears
You can toggle between the DSR GUI on the NOAM and the DSR GUI on the SOAM as you perform
configuration tasks.
Main Menu Icons

This table describes the icons used in the Main Menu.
Table 4: Main Menu Icons
Icon Name Description

Folder Contains a group of operations. If the folder is expanded by
clicking the plus (+) sign, all available operations and sub-folders
are displayed. Clicking the minus (-) collapses the folder.
Config File Contains operations in an Options page.
File with Contains operations in a Status View page.

Magnifying Glass
File Contains operations in a Data View page.
Multiple Files Contains operations in a File View page.
File with Question Contains operations in a Query page.

Mark

Icon Name Description

User Contains operations related to users.
Group Contains operations related to groups.
Help Launches the Online Help.
Logout Logs the user out of the user interface.
Work Area Displays

In the user interface, tables, forms, tabbed pages, and reports are the most common formats.
Note: Screen shots are provided for reference only and may not exactly match a specific application's
GUI.
Tables
Paginated tables describe the total number of records being displayed at the beginning and end of the
table. They provide optional pagination with First|Prev|Next|Last links at both the beginning and
end of this table type. Paginated tables also contain action links on the beginning and end of each row.
For more information on action links and other page controls, see Page Controls.
Figure 2: Paginated Table
Scrollable tables display all of the records on a single page. The scroll bar, located on the right side of
the table, allows you to view all records in the table. Scrollable tables also provide action buttons that
operate on selected rows. For more information on buttons and other page controls, see Page Controls.

Figure 3: Scrollable Table
Note: Multiple rows can be selected in a scrollable table. Add rows one at a time using CTRL-click.
Add a span of rows using SHIFT-click.
Forms
Forms are pages on which data can be entered. Forms are typically used for configuration. Forms
contain fields and may also contain a combination of pulldown lists, buttons, and links.
Figure 4: Form Page
Tabbed pages
Tabbed pages provide collections of data in selectable tabs. Click on a tab to see the relevant data on
that tab. Tabbed pages also group Retrieve, Add, Update, and Delete options on one page. Click on
the relevant tab for the task you want to perform and the appropriate fields populate on the page.
Retrieve is always the default for tabbed pages.

Figure 5: Tabbed Pages
Figure 6: Tabbed Pages
Reports
Reports provide a formatted display of information. Reports are generated from data tables by clicking
Report. Reports can be viewed directly on the user interface, or they can be printed. Reports can also
be saved to a text file.
Figure 7: Report Output

Customizing the Splash Page Welcome Message

When you first log in to the user interface, the splash page appears. Located in the center of the main
work area is a customizable welcome message. Use this procedure to create a message suitable for
your needs.
The General Options page appears.
2. Locate WelcomeMessage in the Variable column.

3. Enter the desired welcome message text in the Value column.
4. Click OK to save the change or Cancel to undo the change and return the field to the previously
saved value.
A status message appears at the top of the page to inform you if the operation was successful.
The next time you log in to the user interface, the new welcome message text is displayed.
Column Headers (Sorting)

You can sort a table by a column by clicking the column header. However, sorting is not necessarily
available on every column. Sorting does not affect filtering.
When you click the header of a column that the table can be sorted by, an indicator appears in the
column header showing the direction of the sort. See Figure 8: Sorting a Table by Column Header. Clicking
the column header again reverses the direction of the sort.
Figure 8: Sorting a Table by Column Header
Page Controls
User interface pages contain controls, such as buttons and links, that perform specified functions. The
functions are described by the text of the links and buttons.
Note: Disabled buttons are grayed out. Buttons that are irrelevant to the selection or current system
state, or which represent unauthorized actions as defined in Group Administration, are disabled. For
example, Delete is disabled for users without Global Data Delete permission. Buttons are also disabled
if, for example, multiple servers are selected for an action that can only be performed on a single server
at a time.
Table 5: Example Action Buttons contains examples of Action buttons.
Table 5: Example Action Buttons
Action Button Function

Insert Inserts data into a table.
Edit Edits data within a table.

Action Button Function

Delete Deletes data from table.
Change Changes the status of a managed object.
Some Action buttons take you to another page.

Submit buttons, described in Table 6: Submit Buttons, are used to submit information to the server. The
buttons are located in the page area and accompanied by a table in which you can enter information.
The Submit buttons, except for Cancel, are disabled until you enter some data or select a value for all
mandatory fields.
Table 6: Submit Buttons
Submit Button Function

OK Submits the information to the server, and if successful, returns to the View
page for that table.
Apply Submits the information to the server, and if successful, remains on the current
page so that you can enter additional data.
Cancel Returns to the View page for the table without submitting any information
to the server.
Clear Field Control

The clear field control allows you to clear the value from a pulldown list. The clear field control is
available only on some pulldown fields.
Click the X next to a pulldown list to clear the field.
Figure 9: Clear Field Control X
Optional Layout Element Toolbar

The optional layout element toolbar appears in the Page Control Area of the GUI.
Figure 10: Optional Layout Element Toolbar
The toolbar displays different elements depending on which GUI page is selected. The elements of
the toolbar that can appear include:
• Filter – Allows you to filter data in a table.
• Errors – Displays errors associated with the work area.
• Info – Displays information messages associated with the work area.
• Status – Displays short status updates associated with the main work area.

• Warning – Displays warnings associated with the work area.
Notifications
Some messages require immediate attention, such as errors and status items. When new errors occur,
the Errors element opens automatically with information about the error. Similarly, when new status
items are added, the Status element opens. If you close an automatically opened element, the element
stays closed until a new, unacknowledged item is added.
Figure 11: Automatic Error Notification
Note: Viewing and closing an error does not clear the Errors element. If you reopen the Errors element,
previously viewed errors are still in the list.
When new messages are added to Warning or Info, the styling of the element changes to indicate new
messages are available. The styling of the Task element changes when a task changes state (such as,
a task begins or ends).
Opening an Element in the Toolbar

Use this procedure to open an element in the optional layout element toolbar.
1. Click the text of the element or the triangle icon to open an element.
The selected element opens and overlays the work area.
2. Click X to close the element display.
Filters
Filters are part of the optional layout element toolbar and appear throughout the GUI in the Page
Control Area. For more information about optional layout element toolbar functionality, see Optional
Layout Element Toolbar.
Filters allow you to limit the data presented in a table and can specify multiple filter criteria. By default,
table rows appear unfiltered. Three types of filters are supported, however, not all filtering options
are available on every page. The types of filters supported include:
• Network Element – When enabled, the Network Element filter limits the data viewed to a single
Network Element.
Note: Once enabled, the Network Element filter affect all pages that list or display data relating
to the Network Element.
• Collection Interval – When enabled, the collection interval filter limits the data to entries collected
in a specified time range.

• Display Filter – The display filter limits the data viewed to data matching the specified criteria.
Once a field is selected, it cannot be selected again. All specified criteria must be met in order for a
row to be displayed.
The style or format of filters may vary depending on which GUI pages the filters are displayed.
Regardless of appearance, filters of the same type function the same.
Figure 12: Examples of Filter Styles
Filter Control Elements

This table describes filter control elements of the user interface.
Table 7: Filter Control Elements
Operator Description
= Displays an exact match.
!= Displays all records that do not match the specified filter parameter value.
> Displays all records with a parameter value that is greater than the specified value.
>= Displays all records with a parameter value that is greater than or equal to the specified
value.
< Displays all records with a parameter value that is less than the specified value.
<= Displays all records with a parameter value that is less than or equal to the specified
value.
Like Enables you to use an asterisk (*) as a wildcard as part of the filter parameter value.
Is Null Displays all records that have a value of Is Null in the specified field.
Note: Not all filterable fields support all operators. Only the supported operators are available for
you to select.
Filtering on the Network Element

The global Network Element filter is a special filter that is enabled on a per-user basis. The global
Network Element filter allows a user to limit the data viewed to a single Network Element. Once

enabled, the global Network Element filter affects all sub-screens that display data related to Network
Elements. This filtering option may not be available on all pages.
1. Click Filter in the optional layout element toolbar.
The filter tool appears.
2. Select a Network Element from the Network Element pulldown menu.
3. Click Go to filter on the selection, or click Reset to clear the selection.
Records are displayed according to the specified criteria.
Filtering on Collection Interval

The Collection Interval filter allows a user to limit the data viewed to a specified time interval. This
filtering option may not be available on all pages.
2. Enter a duration for the Collection Interval filter.
The duration must be a numeric value.
3. Select a unit of time from the pulldown menu.
The unit of time can be seconds, minutes, hours, or days.
4. Select Beginning or Ending from the pulldown menu.
Filtering Using the Display Filter

Use this procedure to perform a filtering operation. This procedure assumes you have a data table
displayed on your screen. This process is the same for all data tables. However, all filtering operations
are not available for all tables.
2. Select a field name from the Display Filter pulldown menu.
This selection specifies the field in the table that you want to filter on. The default is None, which
indicates that you want all available data displayed.
The selected field name displays in the Display Filter field.
3. Select an operator from the operation selector pulldown menu.

The selected operator appears in the field.
4. Enter a value in the value field.
This value specifies the data that you want to filter on. For example, if you specify Filter=Severity
with the equals (=) operator and a value of MINOR, the table would show only records where
Severity=MINOR.
5. For data tables that support compound filtering, click Add to add another filter condition. Then
repeat steps 2 through 4.

Multiple filter conditions are joined by an AND operator.

Pause Updates
Some pages refresh automatically. Updates to these pages can be paused by selecting the Pause updates
checkbox. Uncheck the Pause updates checkbox to resume automatic updates. The Pause updates
checkbox is available only on some pages.
Max Records Per Page Controls

Max Records Per Page is used to control the maximum number of records displayed in the page area.
If a page uses pagination, the value of Max Records Per Page is used. Use this procedure to change
the Max Records Per Page.
The General Options Administration page appears.
2. Change the value of the MaxRecordsPerPage variable.

Note: Maximum Records Per Page has a range of values from 10 to 100 records. The default value
is 20.
3. Click OK or Apply.
OK saves the change and returns to the previous page.
Apply saves the change and remains on the same page.
The maximum number of records displayed is changed.

Chapter
3
Configuring Diameter
Topics: The Diameter > Configuration GUI allows you to

manage diameter signaling routing configuration.
• Understanding the Diameter Configuration
Sequence.....46 You can perform different tasks on an Active
Network OAM (NOAM) and an Active System
• Diameter Capacity Summary.....47 OAM (SOAM).
• Validating Diameter Connection Capacity.....48
Note: All applications can co-exist on the same
• Diameter Overload Indication Conveyance
system, and all applications can run on the same
(DOIC).....51
Diameter agents. Application limitations can exist,
• Next Generation Network Priority Service and certain application combinations are not
(NGN-PS).....55 supported. See DSR Software Installation and
• Connection Capacity Dashboard Functions.....57 Configuration Procedure for more information.
• Using Application IDs to Identify Diameter The Diameter > Troubleshooting with DIH pages
Applications.....61 allow you to manage the Integrated Diameter
• Diameter CEX Parameters.....65 Intelligence (IDIH) feature.
• Diameter Command Codes.....68
The IDIH feature allows you to capture detailed
• Diameter Configuration Sets.....71 information about selected DIAMETER transactions,
• Diameter Local Nodes.....121 and transmit this information to IDIH for further
• Diameter Peer Nodes.....133 analysis. The integration of troubleshooting
• Diameter Peer Node Groups.....147 capabilities provides a way to troubleshoot issues
• Connections.....151 that might be identified with the Diameter traffic
that transits the diameter routing program. These
• Diameter Route Groups.....172 troubleshooting capabilities can supplement other
• Diameter Route Lists.....178 network monitoring functions provided by the OSS
• Diameter Peer Route Tables.....183 and network support centers to help to identify the
• Diameter Egress Throttle Groups.....194 cause of signaling issues associated with
• Diameter Reroute On Answer.....199 connections, peer signaling nodes, or individual
subscribers.
• Diameter Application Route Tables.....201
• Diameter Routing Option Sets.....212 Use IDIH Diameter > Troubleshooting with DIH
• Diameter Pending Answer Timers.....219 pages to perform IDIH configuration and
maintenance tasks. See Integrated DIH User's Guide.
• Diameter Traffic Throttle Points.....226
• Diameter Traffic Throttle Groups.....230 The Diameter > Mediation pages allow you to
• Diameter AVP Removal Lists.....233 manage the Mediation feature.
• Diameter System Options.....236 Diameter message mediation helps to solve
• Diameter DNS Options.....247 interoperability issues by using rules to manipulate
header parts and Attribute-Value Pairs (AVPs) in

Diameter User's Guide Configuring Diameter
• Diameter Peer Discovery.....248 an incoming routable message, when data in the

message matches some specified conditions at a
specified point of message processing. Tasks of the
if condition matches, then do some action type can
be solved in the most efficient way.
The Diameter Mediation feature extends the CAPM
(Computer-Aided Policy Making) framework to
allow for easy creation of Mediation rules for use
in 3G, LTE and IMS networks. Mediation Rule that
are applied to modify the message contents.
Templates are created to define the Conditions that
must be matched in a message and the Actions that
Use Diameter > Mediation pages to perform
Mediation configuration and maintenance tasks.
See Diameter Mediation User 's Guide.

Understanding the Diameter Configuration Sequence

Use the Diameter > Configuration GUI pages to manage Diameter configuration.
Some components must be configured before others can be configured.
Diameter configuration on the SOAM must occur in the following order, because some are dependent
on one another:
1. For DA-MPs, make any needed changes to configurable elements in the MP Profiles that will be
used for the DA-MPs in the system; and then assign MP Profiles to the DA-MPs. See the MP Profiles
information in Diameter Common User's Guide.
2. Configure Application Route Tables. See Diameter Application Route Tables.
Configure only the Table Names. The Application Routing Rules must be configured after
Application IDs and Command Codes are configured.
3. Configure Pending Answer Timers. See Diameter Pending Answer Timers.
4. Configure Peer Route Tables. See Diameter Peer Route Tables.
Configure only the Table Names. The Peer Routing Rules must be configured after Route Lists are
configured.
5. Configure Routing Option Sets. See Diameter Routing Option Sets.
6. Configure Application IDs. See Using Application IDs to Identify Diameter Applications.
7. Configure Command Codes. See Diameter Command Codes.
8. Configure MCC Ranges if either the Full Address Based Resolution (FABR) or Range Based Address
Resolution (RBAR) application is activated. See the MCC range information in Diameter Common
User's Guide.
9. Configure CEX Parameters. See Diameter CEX Parameters.
10. Configure CEX Configuration Sets. See Capacity Configuration Sets.
11. Configure Connection Configuration Sets. See Diameter Configuration Sets.
Modify the Default Connection Configuration Set or create new Connection Configuration Sets to
match the SCTP, Diameter, and TCP options that apply to your network.
12. Configure Local Nodes. See Diameter Local Nodes.
13. Configure Transaction Configuration Sets. See Transaction Configuration Sets.
14. Configure Peer Nodes. See Diameter Peer Nodes.
Enable Topology Hiding Status if Topology Hiding will be applicable to the Peer Node. See
Diameter Topology Hiding.
Note: Topology Hiding is available on the NOAM only.
15. Configure Capacity Configuration Sets for use with the Per-Connection Ingress MPS Control feature
and Validating Diameter Connection Capacity. See Capacity Configuration Sets.
16. Configure Egress Message Throttling Configuration Sets. See Egress Message Throttling Configuration
Sets.
17. Configure Message Priority Configuration Sets. See Message Priority Configuration Sets.
18. Configure Connections. IPFE Initiator DA-MP can be configured from this GUI page. See
Connections.

19. Configure Route Groups. See Diameter Route Groups.

20. Configure Route Lists. See Diameter Route Lists.
21. If Alternate Implicit Routing will be used, edit Peer Nodes and select a Route List for each Alternate
Implicit Routing element. See Diameter Peer Nodes.
22. Configure Message Copy Configuration Sets. See Message Copy Configuration Sets.
23. Configure Peer Routing Rules in each configured Peer Route Table. See Diameter Peer Route Tables.
24. Configure Egress Throttle Groups. See Diameter Egress Throttle Groups.
25. Configure TTPs.
26. Configure Reroute On Answer, if it will be used in the system. See Diameter Reroute On Answer.
27. Configure Application Routing Rules in each configured Application Route Table. See Diameter
Application Route Tables.
28. If necessary, change the default System Options (see Diameter System Options):
• Enable the Per Connection Egress Message Throttling feature if it is used.
• Enable the Message Copy Feature if it is used.
• Change any default values as needed.
29. If necessary, enter or change default DNS Options. See Diameter DNS Options.
30. Use the Diameter > Maintenance pages to enable configured components:
• On the Diameter > Maintenance > Connections page, enable configured Connections.
• On the Diameter > Maintenance > Egress Throttle Groups page, enable Egress Throttle Groups
Rate Limiting, Egress Throttle Groups Pending Transaction Limiting, or both, if used.
The Diameter Topology Hiding components are configured in the following order on the NOAM:
1. Trusted Network Lists, which are used in the Protected Networks configuration
2. One or more Configuration Sets, for each Topology Hiding Type that will be used:
• Path Topology Hiding Configuration Sets
• S6a/S6d Topology Hiding Configuration Sets
• MME/SGSN Topology Hiding Configuration Sets
• S9 PCRF Topology Hiding Configuration Sets
• S9 AF/pCSCF Topology Hiding Configuration Sets
3. Protected Networks, which use the Trusted Network Lists and Configuration Sets in their
configuration.
Diameter Capacity Summary

The Diameter > Configuration > Capacity Summary page displays information about maximum
allowed and currently configured Diameter Configuration components.
You can perform these tasks on an Active System OAM (SOAM).
The following information is displayed in each row of a read-only table:
Configuration Item The type of Diameter Configuration component
Max Allowed Entries The maximum number of entries for that component that can be
configured in Diameter.

Configured Entries The number of entries for that components that are currently
configured.
% Utilization The percentage of the maximum number of entries for that
component that are currently configured.
Use the Diameter > Configuration > Capacity Summary page when planning, configuring, and
maintaining the Diameter Configuration.
Validating Diameter Connection Capacity

The Connection Capacity Validation function validates and limits the configuration of Diameter
Connections, to better ensure that the configuration does not violate the Connection Count or Reserved
Ingress MPS capacity limitations of the DA-MP servers that handle Connections in real time.
Validation of the number of Connections and of Reserved Ingress MPS occurs in response to changes
to the configuration of Connections and Capacity Configuration Sets. Such changes reduce the available
Connection capacity and must be validated before they can be allowed. (Actions that increase
Connection capacity rather than reduce it do not require validation.)
Connection Capacity Validation has no direct impact on the operation of any given DA-MP at run
time or on IPFE servers. See Connections.
The following definitions apply in this document:
Target Set A collection of DA-MP servers, any one of which can be selected by
the IPFE server for the purposes of establishing a Floating (IPFE)
Diameter Connection.
Non-overlapping Target Set A Target Set each of whose DA-MPs does not appear in any other
configured Target Set.
Overlapping Target Sets If any single DA-MP appears in more than one Target Set, those Target
Sets overlap the DA-MP, sharing its capacity resources.
Connection Capacity Validation behaves according to the following general principles:

• The weighting of DA-MPs within a Target Set is assumed to be equal for the purposes of all
Connection configuration validations.
Any non-equal weighting of DA-MPs within a Target Set (achieved through IPFE server
configuration) is of no consequence to -Connection Capacity Validation at configuration time.
• Over-configuration of both Connection counts and Reserved Ingress MPS is possible in certain
circumstances. No alarms or other active notifications are generated.
• For a system having no IPFE Connections, no over-configuration can occur under any
circumstances.
• For a system having one or more Target Sets that do not overlap each other, no over-configuration
can occur (with the possible exception of upgrading an already over-configured system).
• For a system having two or more Target Sets that overlap each other in any way,
over-configuration can occur because the application does not prevent configuration changes
when overlapping Target Sets are involved.

• Diameter and Connection Capacity Validation prevent or do not prevent configuration changes
under the following conditions:
• Diameter will not prevent Connection configuration changes that involve the DA-MPs in
overlapping Target Sets. The complexities of overlapping Target Sets make it difficult to
determine over-configuration conditions when a diameter routing with overlapping Target Sets
is near or at capacity. If there are also non-overlapping Target Sets, prevention of changes
affecting non-overlapping Target Sets is still enforced.
• When only a single non-overlapping Target Set is involved, diameter routing will prevent
Connection configuration changes that cause the Target Set's capacity to be exceeded.
• When there are no Target Sets involved at all - meaning there are no IPFE Connections, only
Fixed Connections - diameter routing prevents Connection configuration changes that could
cause the individual DA-MP hosting the subject Fixed Connection to exceed its capacity.
• The IPFE Connection Reserved Ingress MPS Scaling value (percent) is applied to a DA-MPs total
Engineered Ingress MPS. The IPFE Connection Reserved Ingress MPS Scaling value is effectively
a scaling factor on the total Reserved Ingress MPS that can be configured for a DA-MP, encompassing
the contributions of both IPFE and Fixed Connections.
• When dealing with a non-overlapping Target Set, the configuration capacity of the constituent
DA-MPs can be thought of as pooled. Even though IPFE Connections are typically considered to
be evenly distributed across all the DA-MPs in the Target Set, within a non-overlapping Target Set
capacity from one DA-MP can be borrowed and loaned to another DA-MP, for the purposes of
validating capacity changes. (This has no effect on the actual distribution of IPFE Connections by
the IPFE server.)
This situation can occur if the number of Fixed Connections varies significantly among DA-MPs
in the non-overlapping Target Set. In that case, much of one DA-MP's capacity is taken up by Fixed
Connections, which means there is less room for IPFE Connections. But if another DA-MP in the
non-overlapping Target Set has fewer Fixed Connections, it has more room for IPFE Connections.
The capacity on the DA-MP with fewer Fixed Connections can be used for IPFE Connections. See
Interpreting Apparent DA-MP Over-Configuration with Non-overlapping Target Sets for a concrete
example of how this works.
IPFE Connection Reserved Ingress MPS Scaling

Because only the Client Diameter Connections are configured with non-zero Reserved Ingress MPS,
IPFE Connection Reserved Ingress MPS Scaling values (IPFE Scaling Factor) greater than 50%
introduce the potential for a DA-MP to accept sufficient IPFE Connections that could result in the total
ingress MPS processed by the DA-MP (including ingress MPS on non-IPFE Connections) exceeding
the DA-MP's Engineered Ingress MPS rating.
• If only IPFE Connections have non-zero Reserved Ingress MPS defined, and non-IPFE Connections
have a zero Reserved Ingress MPS, the configuration restriction of the IPFE Scaling Factor = 50%
will enable the system to behave optimally.
• If non-IPFE Connections have non-zero Reserved Ingress MPS defined, then the maximum Reserved
Ingress MPS available for all DA-MP Connections will be limited by scaled Engineered Reserved
Ingress MPS of the DA-MP.
Therefore, the IPFE Scaling Factor does in fact limit the total Connection Reserved Ingress MPS on a
DA-MP. The intended deployment is that all Fixed Connections will have a Reserved Ingress MPS
value of zero, so that the IPFE Scaling Factor value of 50% will affect only IPFE Connections.

Assumptions and Limitations

Connection Capacity Validation has the following assumptions and limitations:
• Configuration validation decisions never include run time or status information.
• The allocation of IPFE Connection configurations within a Target Set is always evenly distributed
across the DA-MPs in the Target Set.
• Even in valid configurations, it is possible that Connections cannot be established at run time due
to Ingress MPS variations.
• If Connections are running near capacity (say, above Reserved but below or at Maximum Ingress
MPS), a DA-MP may not be able to establish a Connection that is part of a properly-configured
system.
• Due to the even distribution mathematics, it is also possible for an IPFE Target Set to have
sufficient Reserved Ingress MPS capacity overall, but any given DA-MP does not have sufficient
capacity to establish a given IPFE Connection whose Reserved Ingress MPS is sufficiently high.
This becomes more likely as the total Connection Reserved Ingress MPS approaches the capacity
of the Target Set.
• Connection Capacity Validation does not take into account unequal weighting of DA-MPs within
an IPFE Target Set.
Weighting is primarily a Connection establishment factor. Weighting does not affect the Connection
capacity of any individual DA-MP, or the total capacity of a Target Set.
Over-Configuration Considerations
Connection Capacity Validation has the following over-configuration considerations:
• Over-configuration of both Connection counts and Reserved Ingress MPS is possible and explicitly
allowed when overlapping Target Sets are present.
• Running a release earlier than 5.0, and is already over-configured in some way, will remain
over-configured after upgrade to 5.0 or later.
• There are no alarms or other active notifications generated by the system to indicate Connection
count or Reserved Ingress MPS over-configurations.
• The Connection Capacity Dashboard page can be viewed to check the state of the current
Connection/DA-MP configuration. This is a passive notification.
• Over-configuration has no direct impact on the behavior of the DA-MP software when establishing
Connections. The Connection Capacity Validation feature is a configuration-only feature; the logic
used by the DA-MPs to determine if any given Connection establishment request can be honored
is unaffected by Connection Capacity Validation Updates.
The ability for a DA-MP to run traffic in excess of the scaled Engineered Ingress MPS value is
unaffected by Connection Capacity Validation Updates.
• Systems having an IPFE Scaling Factor of 50% prior to upgrade will retain the 50% value after
upgrade. In older systems, this IPFE Scaling Factor was not used in configuration validation. It is
possible for an older system to be over-configured immediately after upgrade, with no change in
configuration.
Look at the Diameter > Configuration > Connection Capacity Dashboard GUI page to check if
the Maximum Reserved Ingress MPS (for the capacity) and Connection Reserved Ingress MPS
columns (Fixed and IPFE) show any over-configuration.

Interpreting Apparent DA-MP Over-Configuration with Non-overlapping Target Sets

If a particular DA-MP appears to be over-configured, that does not necessarily mean it is actually
over-configured. The Connection Capacity Dashboard data must be interpreted within the context of
the established Target Set configuration.
For example, the Connection Capacity Dashboard tab shows the Connections tab of the Connection
Capacity Dashboard. And at first glance, it looks like Charger-MP3 is highly over-configured. It has
a capacity of 1000 Connections, and currently has 900 Fixed and 500 IPFE Connections allocated to it.
But a deeper analysis reveals that Charger-MP3 is part of just one non-overlapping Target Set, TS1.
The individual DA-MP capacities within a non-overlapping Target Set can be pooled. The total available
capacity of TS1 is (3 DA-MPs * 1000) = 3000 Connections. Given that there are 1500 Fixed Connections
configured across the three DA-MPs, there is still room for 1500 IPFE Connections in TS1.
Taken as a whole, the TS1 DA-MPs are not over-configured. Whenever all the Connections are actually
established, 500 will be established on Charger-MP2, 100 on Charger-MP3, and 900 on Charger-MP4.
The Connection Capacity Validation logic correctly determined that the DA-MPs within the
non-overlapping Target Set were able to accommodate all 1500 IPFE Connections configured for TS1,
given the fact that each DA-MP in the Target Set has some number of Fixed Connections consuming
capacity.
Diameter Overload Indication Conveyance (DOIC)

DOIC allows Diameter servers to send overload reports requesting that diameter clients reduce the
traffic that they are sending to the server. It also allows for Diameter Agents to act as a proxy for either
clients, by reducing traffic as requested by the servers, or as a proxy for the servers by requesting that
traffic be reduced by the clients. DOIC s main purpose is to act as a proxy for the clients on the routing
server and reduce traffic based on information from the servers.
DOIC is comprised of two routing capabilities:
• Static ETR Throttling
• Peer Node Reported Congestion
DOIC is comprised of two primary procedures using two Diameter Grouped AVPs:
Capability DSR as a DOIC Reacting Node advertises its supported DOIC capabilities
Announcement by inserting a OC-Supported-Features Grouped AVP in each forwarded
Procedure Request message sent to a DOIC Reporting Node. The DOIC Reporting
Node sends an OC-Supported-Features AVP in Answer responses indicating
which abatement algorithm it wants to support.
Overload Reporting The DOIC Reporting Node can request a reduction in traffic addressed to a
Procedure given application for that Reporting node by inserting one or more
Applications associated with a Node/FQDN by inserting a DOIC Overload
Report (OC-OLR) Grouped AVP in Answer responses to a Request containing
a OC-Supported-Features AVP.
Static ETR Throttling

Static ETR Throttling allows you to limit the rate of transactions (Request messages only) that are
forwarded to a particular Peer Node, which are addressed to a particular Diameter Application ID.

For each (Peer Node, Application ID) ordered pair that you want to throttle, define a Traffic Throttle
Point (TTP) and assign it a Maximum ETR value. All of the information required for Peer
Node/Application ETR throttling is stored in a Traffic Throttle Point (TTP). If a Peer Node supports
multiple Application IDs, you must create a separate TTP for each Application for which you want
to enable ETR throttling. When you enable the TTP for service, the routing application begins to
measure the rate of transactions that are routed to the Peer Node and Application ID (this includes
transactions such as priority override and NGN-PS that might be exempt from diversion). This is
referred to as the Offered Traffic Rate (OTR). Divertable OTRs are the transaction rates offered to a
TTP that are candidates for diversion. NGN-PS and priority override transaction are exempt from
TTP ETR throttling diversion. When the TTP OTR begins to exceed its user-defined Maximum ETR,
the routing application will alternate route the excess transactions using all of the existing routing
mechanisms.
Note: A TTP's OTR measurements include all transactions which are associated with an active TTP,
which includes both override priority and NGN-PS transactions that might be exempt from diversion.
Traffic diversion is prioritized based upon the Discard Policy assigned to the DA-MPs. Using the
Discard Policy and message priority and color OTRs measurements, the TTP Rate Shaper algorithm
determines whether a Request message associated with the TTP must be diverted/alternate routed.
TTP rate shaping is applied after a Peer Node or Connection is selected from a Route Group (or after
a Peer Node is selected by Implicit Routing).
Peer Node Reported Congestion

Routing supports the ability to modify the rate of transactions forwarded to a Peer Node based on the
OLRs it receives in Answer responses from the Peer Node. The information received in a OLR is stored
in a TTP and applied as modifications to the Target ETR. An OLR is enforced until it expires or is
cancelled by the Peer Node, at which time the routing application abates the requested traffic reduction
percentage to 0 (at a gradual rate determined by a user-configurable TTP attribute).
Traffic reduction percentages for a Peer Node and Application are used during routing in the following
ways:
• You can assign a Maximum Loss Percentage Threshold to a TTP. When this occurs, the routing
application will not select a Peer Node or Connection from a Route Group (or select a Peer Node
for Implicit Routing) if the TTP's Current Loss Percentage exceeds this threshold.
• When a traffic reduction request is received for a TTP, the routing application updates the TTP
Target ETR, which is used for ETR Throttling. ETR Throttling is applied after a Peer Node or
Connection is selected from a Route Group (or a Peer Node is selected by Implicit Routing).
• When a message is diverted using a TTP ETR Throttling, the transaction is marked as Diverted in
the transaction PTR. When a transaction is marked as Diverted, any subsequent Peer Nodes or
Connections are excluded from being a candidate for routing (or re-routing) the diverted transaction
if it has a TTP with a non-zero Current Loss Percentage.
• You can allow higher priority transactions to bypass routing constraints via the TTP Override
Message Priority Threshold attribute. This attribute is used in the following circumstances:
• After a transaction has been categorized as Diverted, a Request is allowed to be routed to a
congested TTP if its priority is great than or equal to the TTP's Override Message Priority
Threshold attribute.
• After a Peer Node or Connection is selected from a Route Group (or a Peer Node is selectedby
Implicit Routing), will bypass a TTP ETR Throttling if all of the following criteria are met:
• An active TTP exists for the selected Peer Node/Connection and the Application ID addressed
by the transaction

• You have assigned a value to the TTP's Override Message Priority Threshold attribute
• The Request message's priority is greater or equal to the TTP Override Message Priority
Threshold attribute
• The TTP's OTR is less than or equal to the TTP Maximum ETR
Note: A TTP's OTR measurements include all transactions which are associated with an
active TTP, which includes both override priority and NGN-PS transactions might be exempt
from diversion.
Traffic reduction requests from Peer Nodes within a Route Group can be aggregated and used for
making decisions about whether Route Groups within a Route List are viable candidates for routing
a transaction. Traffic reduction loss values for a group of Connection or Peer Nodes are aggregated
by the Traffic Throttle Group (TTG) to which you assign a set of TTPs. The local TTG traffic reduction
information is also distributed to other Nodes within the network to assist them in making decisions
about sending traffic they cannot handle to the affected Node.
When a TTG is created and enabled for service, the routing application begins to maintain an aggregated
Current Loss Percentage for the TTG based upon the Maximum ETR assigned to each TTP and the
Current Loss Percentage for each TTP. A TTG can be assigned to a Route Group within a Route List
along with a maximum loss threshold.
When you enable a TTG, the routing application will not select a Route Group from a Route List when
the following criteria are met:
• TTG is assigned to the Route Group within the Route List
• TTG admin state is Enabled
• TTG Current Loss Percentage exceeds the Maximum Loss Percentage Threshold value assigned to
the Route Group within the Route List
DOIC Capabilities Announcement (DCA)

The DOIC solution supports the ability for Diameter nodes to determine if other nodes in the path of
a request support the DOIC solution. The DOIC Capabilities Announcement (DCA) procedure allows
a DOIC Reacting Node to indicate which DOIC capabilities it supports to a DOIC Reporting Node
which, in turn, responds with which capabilities it wants to use.
The DCA procedure is invoked only when a Request message is being forwarded to a Peer Node for
which DOIC has been enabled for the application ID to which the message is addressed. The decision
for determining whether an OC-Supported-Features AVP should be appended occurs after the routing
application has selected a Connection for forwarding the Request. If the Peer Node associated with
the selected Connection has an active TTP associated with the Application ID in the Request message,
then:
• Append an OC-Supported-Features AVP to the forwarded Request message containing the list of
Abatement Algorithms assigned to the TTP by user configuration.
• Save the TTP in the PTR.
A TTP is considered active, if for a transaction being forwarded to a Connection, the following criteria
are met:
• TTP exists for the Peer Node to which the Request is to be forwarded and the Application-Id in
the Request header, AND
• TTP's Dynamic Throttling Admin State is set to Enabled
• TTP's Operational Status is NOT set to Inactive

Each time the routing server receives an Answer message that can be associated with a PTR, it checks
if a TTP has been stored in the PTR. If not, then the routing server will ignore any DOIC AVPs in the
message. If a TTP is stored in the PTR, then will search for DOIC AVPs in the Answer response if the
following criteria are met:
• TTP is still active (it may have changed between the time the Request was sent and the Answer
was received)
• Diameter Node which initiated the Answer (identified by the Origin-Host AVP) is the same node
associated with the TTP
If any of these validations fail, then the routing server will ignore any DOIC AVPs in the message.
DOIC Overload Reports (OLR)

A DOIC Reporting Node notifies a Reacting Node of a new or change to a previously reported traffic
overload condition by piggy-backing one or more OC-OLR AVPs in the Answer response to a DCA
procedure. If multiple OC-OLR are found, the routing application only processes the first two OC-OLR
found from the top of the Answer message and ignores the balance. It is possible in the DOIC
specification to receive two OLR in the same Answer message, the only restriction is that they must
have different values for the OC-Report-Type AVP.
OLR AVP Validation and Processing

The OC-OLR is a Grouped AVP. AVPs can be grouped and embedded in the OC-OLR, and they can
be validated via the routing application. Optionally, you can define the amount of time (in seconds)
that the OLR is enforced. You can also (optionally) define the percentage of the traffic reduction that
is requested.
If a validation failure occurs with any AVP within the OC-OLR, the entire OLR is discarded. If the
OLR is valid, it is handled based upon the type of request as follows:
• New overload report
• Update to an existing overload report
• Cancellation of an existing overload report
New OLR
The routing application considers an OLR to be a new request when the TTP Validity Duration stored
in the local TTP RT-DB is set to 0. The routing application could be in an overload recovery state for
the previously received OLR. When this occurs, the recovery procedure is abandoned by stopping the
DOIC Overload Recover timer. The new OLR is then processed.
Cancel an Existing OLR

A Peer Node can cancel an active overload state by setting the OC-Reduction-Percentage to 0 or by
setting the OC-Validity-Duration AVP to 0 seconds. Cancellation only applies if the routing application
is processing an OLR (TTP's Validity Duration greater than 0). A cancellation is ignored if overload
recovery is in progress (Operational Reason is Peer Overload Recovery). If a cancellation is received
while the TTP is in Peer Overload, the routing application processes the request.

Modify an Existing OLR

An upstream Peer Node can update an in-progress overload condition. An update request must contain
a Sequence Number larger than the previously one sent. The routing application treats an OLR as an
update to an existing overload condition if the validation criteria are met.
DOIC Information Sharing within a Node

Traffic reduction requests from an upstream Peer Node can be sent to any DA-MP. This information
must be shared with all DA-MPs within the Node so that it can be applied when routing transactions
to the congested entity. When a routing application instance on a DA-MP receives a DOIC OLR that
modifies a TTP, the updated TTP information is forwarded to all of its peer routing application instances
within the Node via a DOIC-OLR stack event.
Overload Recovery and Abatement

When an OLR received from a Peer Node expires or is cancelled, the routing application must restore
the traffic rate for the TTP to its maximum capacity. Rather than abruptly reducing the TTP's Current
Loss Percent to 0, the routing application reduces the Current Loss Percent based upon a user-defined
loss restoral rate defined by the TTP attribute Abatement Recovery Rate.
DOIC and NGN-PS Interaction

Next Generation Network Priority Service (NGN-PS) allows National Security/Emergency Preparedness
(NS/EP) users (service users) to make priority calls/sessions using the public networks. When the
NGN-PS feature is enabled on a DSR Node, DSR examines the content of ingress messages received
from Diameter Peer Nodes to determine if they qualify for priority treatment based upon a set of rules.
See Diameter System Options elements. If priority treatment is required, the message is assigned a priority
of 4 and becomes inviolable, which means that it becomes exempt from discard and bypasses all DSR
ingress and egress congestion throttling controls. The following exemptions are provided to inviolable
message from DOIC throttling constraints:
• Inviolable Request messages from a Route Group-TTG's Maximum Loss Percent Threshold constraint
are exempt.
• Inviolable Request messages from a Peer Node-TTP's Maximum Loss Percent Threshold constraint
are exempt.
• Any TTP ETR message throttling constraints for inviolable Request messages are bypassed.
Note: NGN-PS transactions are never diverted by ETR throttling; therefore, any existing diameter
routing layer routing rules associated with DOIC-diverted transactions do not apply.
Next Generation Network Priority Service (NGN-PS)

Next Generation Network Priority Service (NGN-PS) allows National Security/Emergency Preparedness
(NS/EP) users to make priority calls/sessions using public networks. When you enable the NGN-PS
feature on a DSR Node, ingress messages received from Diameter Peer Nodes are examined to determine
if they qualify for priority treatment based upon a set of rules. These rules, established by Standards
Development Organizations, have various groups working on what is broadly called Emergency
Telecommunications Services (ETS).

ETS is intended to be used by qualified and authorized users, for example, emergency service personnel,
only during times of emergency situations and network congestion. ETS access:
• Is limited to key personnel and those with leadership
• Is provided end-to-end priority treatment beyond that offered to the general public
• Can include priority call/session set-up, access to additional resources (alternate routing), and
exemption from restrictive network traffic management controls.
Note: If NGN-PS is disabled after being enabled, DSR will not disable NGN-PS, but an alarm alerts
the user that the runtime state and administrative state for NGN-PS are not in synch.
NGN-PS support is comprised of two major functions:
1. Identifying messages which require NGN-PS, which is based on subscription information stored
in databases that is downloaded to entities that perform priority marking of transactions by way
of AVPs.
• The following messages are candidates for NGN-PS treatment:
• Cx/Dx LIR & LIA
• Cx/Dx SAR & SAA
• Dh/Sh UDR & UDA
• Gx CCR-I & CCA-I
• Gx RAR & RAA
• Rx AAR & AAA
2. If a message qualifies for priority treatment, it is considered inviolable. An inviolable message

cannot be blocked, rejected, or discarded by any ingress or egress control functions due to internal
resource congestion or exhaustion.
Note: NGN-PS messages must receive priority treatment both at the Diameter Application signaling
layer and IP-layer.
The priority level for violable messages is defined as a number between zero and three, where zero
has the lowest and three has the highest violable message priority. for violable messages, and three
has the highest violable message priority. NGN-PS messages have a priority level of four.
Note: After a message becomes inviolable, its priority cannot be modified during the lifetime of that
message within a DSR node. After an ingress Request message is marked as inviolable, all messages
associated with that transaction are also marked as inviolable. Similarly, Answer messages associated
with inviolable transactions are made inviolable.
You can enable any of the following diameter interfaces for NGN-PS support:
• Gx, Rx, Cx/Dx and Dh/Sh
NGN-PS messages are identified by the contents of a particular AVP for well-known set of order pairs.
Most non-Gx NGN-PS messages can be identified by the presence of an AVP; Gx NGN-PS message
identification requires more complex rules based upon AVP content and user-provided configuration
data.
Identifying Messages for Priority Treatment

Congestion control procedures use message priorities and congestion levels to determine which
messages to shed/divert when congestion exists. Lowest priority messages are assigned a priority of
0, and the highest priority messages are assigned a value of 3. Because inviolable messages must be

provided a higher treatment versus violable message, the existing four priority values of 0 through 3
are reserved for violable messages, and message priority of 4 is reserved for inviolable messages.
A message is considered inviolable if:
• The message priority is greater or equal to the Minimum Inviolable Priority value. See Diameter
System Options elements. NGN-PS messages received from Diameter Peer Nodes are identified and
tagged as inviolable before DSR ingress congestion controls are applied.
• Answer priority is equal to the Maximum of Request Priority and Minimum Answer Priority
value. See Diameter System Options elements.
Identifying NGN-PS Messages

NGN-PS specifications identify a well-defined and limited number of messages that are candidates
for priority treatment. Inviolable messages are exempt from discard and bypass all ingress and egress
throttling controls. These messages typically represent a small portion of message traffic, and you can
configure this function to avoid abuse. For information about limiting the percentage of the maximum
engineered DA-MP ingress message rate, see Diameter System Options elements NGN-PS Maximum
Message Rate Percent.
When NGN-PS is disabled, a DSR Node does not search for ingress NGN-PS messages. When NGN-PS
is enabled, the DSR Node measures the ingress rate of NGN-PS which are marked as inviolable and,
if the NGN-PS Maximum Message Rate Percent value has not been reached, DSR is allowed to tag
NGN-PS messages received from Diameter Peer Nodes.
Identifying Non-Gx NGN-PS Messages

Sh/Dh and Cx/Dx messages are tagged based on the presence of Session-Priority AVP value in
Diameter messages. Rx messages are identified as NGN-PS if the MPS-Id AVP value in Diameter
message is the same as the Rx MPS-Identifier value in Diameter System Options elements.
Identifying Gx NGN-PS Messages

Gx NGN-PS messages are identified by both the content of AVPs, as well as user-configurable data.
The reserved NGN-PS priority levels are network-specific and user-configurable. See Gx NGN-PS
Identifier in Diameter System Options elements.
Priority treatment of Gx CCR-I and CCA-I messages is only required if Advance Priority is enabled
in the your network. If your network supports one of the two mutually exclusive advance priority
types, you can select which one to enable. See Gx Advance Priority Type in Diameter System Options
elements.
Connection Capacity Dashboard Functions

The functions of the Connection Capacity Validation feature are described in Validating Diameter
Connection Capacity. On the Diameter > Configuration > Connection Capacity Dashboard GUI page,
the current Connection configuration capacity information for configured Active DAMPs is displayed.
Each row on the page contains the information for one configured Active DAMP.

The Diameter > Configuration > Connection Capacity Dashboard page is view-only and has two
tabs.
The Connections tab contains information about the currently configured Connections for each DAMP
in the NE. Fixed and IPFE Connections are displayed, with IPFE (Floating) Connections grouped by
Target Set.
The Connection Reserved Ingress MPS tab contains the currently configured Reserved Ingress MPS
for each DAMP in the NE. The contribution of both Fixed and IPFE Connections is displayed, with
IPFE Connections grouped by Target Set.
If any configured DAMP does not have an assigned MP Profile, the associated row on each Dashboard
tab displays the MP Server Hostname in the first column, and all other fields in the row contain —.
Note: The Connection Capacity Dashboard does not use field coloring. Usage values at or in excess
of 100% are not flagged by cell coloring.
The following information is displayed for each configured Active DA-MP when the Connections tab
is selected:
MP Server Hostname of the DAMP server.
Hostname
Current The percentage of the total Connection capacity currently used, which is the sum
Connection Usage of Fixed and IPFE Connections allocated to the DAMP, divided by the total
(%) Connection Capacity value shown in the fourth column.
It is theoretically possible for this usage value to exceed 100%; diameter does not
prevent over-configuration in certain scenarios (typically involving overlapping
Target Sets, or a non-overlapping Target Set whose DAMPs have significantly
different numbers of Fixed Connections assigned). For a given DAMP, if the
number of Connections allocated to that DAMP exceeds the DAMP's Maximum
Connections count capacity (from the assigned MP Profile), the Current
Connection Usage (%) value will exceed 100%.
Current Reserved The percentage of scaled Engineered Ingress MPS capacity currently used.
Ingress MPS
This usage value is computed as the sum of Reserved Ingress MPS values for a
Usage (%)
DA-MP's Fixed and IPFE Connections, divided by the Maximum Reserved
Ingress MPS value shown in the fourth column of the Connection Reserved
Ingress MPS tab.
different numbers of Fixed Connections assigned).
Connection The DAMP's total Connection capacity.

Capacity
The value is Maximum Connections value in the MP Profile that has been assigned
to the DAMP, which is the maximum number of Diameter Connections that the
DAMP can have configured at any one time.
# Fixed The number of Fixed Connections currently configured for the DAMP.
Connections
For a given DAMP, the value displayed in the # Fixed Connections field should:
• Never exceed the Connection Capacity value.

• Always agree with the number of Fixed Connections displayed on the

Diameter > Configuration > Connections page, when filtering on IP Owner
equals the given DAMP
If a DAMP has one or more configured Fixed Connections, the value appears as
a hyperlink. The hyperlink opens the Diameter > Configuration > Connections
[Filtered] page, filtered to show only the Fixed Connections that are assigned to
the DAMP.
If the NE has Target Sets configured, the following information appears (one column for each Target
Set) up to a maximum of 32 Target Sets:
TSn: # IPFE A configured Target Set, where n is the Target Set number. The numbering of the
Connections Target Sets will be ascending, but might not be sequential.
The value displayed for a given DAMP and Target Set is the evenly-distributed
allocation of IPFE Connections to each DAMP in the Target Set. If the
evenly-distributed allocation value is zero, then the value 0 is displayed in the field.
The evenly-distributed allocation of IPFE Connections will be zero if there are more
DAMPs in the Target Set than IPFE Connections configured for the Target Set. In this
case, to make it clear that the DAMP is part of the Target Set, the value of zero is
displayed (instead of a blank field).
If a DAMP has no IPFE allocation for a defined Target set, the corresponding field is
blank.
The following information appears under the Connection Reserved Ingress MPS tab:
MP Server Hostname of the DAMP server.
Hostname
Current The percentage of the total Connection capacity currently used, which is the sum
Connection of Fixed and IPFE Connections allocated to the DAMP, divided by the total
Usage (%) Connection Capacity value shown in the fourth column on the Connections tab.
different numbers of Fixed Connections assigned). For a given DAMP, if the
number of Connections allocated to that DAMP exceeds the DA-MP's Maximum
Connections count capacity (from the assigned MP Profile), the Current Connection
Usage (%) value will exceed 100%.
Current The percentage of scaled Engineered Ingress MPS capacity currently used.
Reserved Ingress
This usage value is computed as the sum of Reserved Ingress MPS values for a
MPS Usage (%)
DAMP's Fixed and IPFE Connections, divided by the Maximum Reserved Ingress
MPS value shown in the fourth column of the Connection Reserved Ingress MPS
tab.
different numbers of Fixed Connections assigned).

If the total Connection Reserved Ingress MPS for Connections allocated to a given
DAMP exceeds the DAMP's scaled Engineered Ingress MPS, the Current Reserved
Ingress MPS Usage (%) will exceed 100%
Maximum The DAMP's Engineered Message Size Allowed value, scaled by the IPFE
Reserved Ingress Connection Reserved Ingress MPS Scaling value (from the Diameter >
MPS Configuration > System Options page.
The DAMP's Engineered Ingress MPS value comes from the MP Profile that has
been assigned to the DAMP.
The IPFE Connection Reserved Ingress MPS Scaling value, from the Diameter >
Configuration > System Options page, is the percent of DAMP Engineered
Message Size Allowed used by each DAMP when validating the Reserved Ingress
MPS for a newly received IPFE Connection. A newly received IPFE Connection
will be rejected if the total Connection Reserved Ingress MPS for Fixed and already
established IPFE Connections would exceed the DAMP's Engineered Ingress
MPS, scaled by this value.
Total Fixed The sum of the Maximum Reserved Ingress MPS values for all Fixed Connections
Connection configured to a DAMP.
Reserved Ingress
For a given DAMP, the value displayed in the Total Fixed Connection Reserved
MPS
Ingress MPS field should not exceed the Maximum Reserved Ingress MPS value.
Note: There is one exception – a system already configured with Fixed Connections
having some non-zero Total Fixed Connection Reserved Ingress MPS value. If
the IPFE Scaling Factor is decreased, thus decreasing the scaled Engineered Ingress
MPS on every DAMP in the system, it is possible the new lowered Maximum
Reserved Ingress MPS will be less than the already-configured Total Fixed
Connection Reserved Ingress MPS.
If a DAMP has no Fixed Connections assigned to it, the corresponding field shows
a value of zero
If a DAMP has one or more Fixed Connections, the value appears as a hyperlink.
The hyperlink opens the Diameter > Configuration > Connections [Filtered]
page, filtered to show only those Fixed Connections assigned to the DAMP.
If the NE has Target Sets configured, the following information appears following the tab columns
(one column for each Target Set) up to a maximum of 32 Target Sets:
TSn: # IPFE A configured Target Set, where n is the Target Set number. The numbering of the
Connections Target Sets will be ascending, but might not be sequential.
Reserved
Note: The IPFE GUI does not require Target Sets to be configured sequentially. For
Ingress MPS
example, you can define Target Sets 4, 11, 12, and 32. The Dashboard page always
shows only the configured Target Sets, from the smallest configured number to the
largest configured number.
The value displayed for a given DAMP and Target Set field is the evenly-distributed
allocation of IPFE Connections' Reserved Ingress MPS to each DAMP in the Target
Set. If the evenly-distributed allocation value is zero, then 0 is displayed in the field.
The evenly-distributed allocation of IPFE Connections is zero if all of the IPFE
Connections configured for the Target Set have Reserved Ingress MPS values of zero.

In this case, to make it clear that the DAMP is part of the Target Set, the value of zero
is displayed (instead of a blank field).
If a DAMP has no IPFE allocation for a defined Target set, the corresponding field is
blank.
If a DA-MP has one or more IPFE Connections allocated to it for a given Target Set,
the value is displayed as a hyperlink. When clicked, the Diameter > Configuration >
Connections [Filtered] page opens, filtered to show only those IPFE Connections
assigned to the Target Set. Because IPFE Connections are not configured to a particular
DAMP, this filtered display cannot show a DAMP allocation; it instead shows all
IPFE Connections in the Target Set.
DA-MP and Target Set Associations

The DAMPs that are included in a Target Set (TS) are easily identified because they always have a
number in the Dashboard cell that is the intersection of the DAMP and Target Set.
• If there are no IPFE Connections yet defined for a TS, each DAMP in the TS still shows a value of
zero on both the Connections and Connection Reserved Ingress MPS tabs.
• If there are fewer IPFE Connections defined for a TS than DAMPs assigned to the TS, the
evenly-distributed value shown on the Connections tab is zero. Each included DAMP shows a
value of zero for the Target Set.
• If all IPFE Connections in a Target Set have Maximum Reserved Ingress MPS values of zero, then
each DAMP included in the TS shows a value of zero on the Connection Reserved Ingress MPS
tab.
Overlapping Target Sets can be easily identified on the Dashboard by looking for DAMPs that have
a value for more than one Target Set.
• If a given DAMP shows no number for any Target Set, that DAMP is not included in any Target
Set; therefore, it cannot host IPFE Connections.
• If a given DAMP shows a number for just one Target Set, that DAMP is not overlapped in more
than one Target Set.
• If a given DAMP shows a number for more than one Target Set, then all Target Sets that include
the DAMP overlap.
Using Application IDs to Identify Diameter Applications

An Application ID, along with an Application Name, is used to uniquely identify a Diameter application.
The Internet Assigned Numbers Authority (IANA) lists standard and vendor-specific Application IDs
on the iana.org website. On the website:
• Select Protocol Assignments
• Scroll to locate the Authentication, Authorization, and Accounting (AAA) Parameters heading
• Select Application IDs
The Application ID fields are described in Diameter Application IDs elements.
On the Diameter > Configuration > Application IDs page, you can:

• Filter the list of Application IDs, to display only the desired Application IDs.
• Click Insert.
The Diameter > Configuration > Application IDs [Insert] page is displayed. You can add a new
Diameter Configuration Application ID and its values. See Adding an Application ID.
If the maximum number of Application IDs (1000) already exists in the system, the Diameter >
Configuration > Application IDs [Insert] page is not displayed, and an error message appears.
• Select an Application ID, and click Edit. The Diameter > Configuration > Application IDs [Edit]
page is displayed. You can edit the selected Application ID. See Editing an Application ID.
• Select an Application ID, and click Delete to delete the selected Application ID. See Deleting an
Application ID.
Diameter Application IDs elements

Table 8: Application IDs Elements describes the elements on the Application IDs View, Insert, and Edit
pages.
Note: Data Input Notes apply to the Insert and Edit pages only; the View page is read-only.
Table 8: Application IDs Elements
Element Description Data Input Notes

Application ID Identifies a specific Diameter Format:
Value Application ID value that is
• List of available Application IDs
placed in the Application ID AVP.
Default: -Select-
The Application ID field is
required, must be unique, and • Input text box; numeric, maximum 10
cannot be edited after it is created. digits
Range:
• 1-16777215 for Standard Application
IDs
• 16777216-4294967294 for
Vendor-specific Application IDs
• 4294967295 for Relay
Name Application ID Name value Format: Input text box; case-sensitive;

alphanumeric and underscore; cannot start
with a digit and must contain at least one
alpha
Range: 1 - 32 characters
Viewing Application IDs

Use this task to view all configured Application IDs.
Select Diameter > Configuration > Application IDs.

The Diameter > Configuration > Application IDs page is displayed with a list of configured
Application IDs. The fields are described in Diameter Application IDs elements.
Adding an Application ID
Use this task to configure a new Application ID.
The fields are described in Diameter Application IDs elements.
1. Select Diameter > Configuration > Application IDs.
The Diameter > Configuration > Application IDs page is displayed.
2. Click Insert.
The Diameter > Configuration > Application IDs [Insert] page is displayed.
If the maximum number of Application IDs (1000) is already configured in the system, the
Diameter > Configuration > Application Ids [Insert] page is not displayed, and an error message
appears.
3. Enter a unique Name for the Diameter Application.

4. Select an Application ID Value from the list or enter a unique value in the text box to identify a
specific Diameter Application.
Application ID is required
5. Click:
• OK to save the new Application ID and return to the Diameter > Configuration > Application
IDs page.
• Apply to save the new Application ID and remain on this page.
• Cancel to return to the Diameter > Configuration > Application IDs page without saving any
changes.
If you click OK or Apply and any of the following conditions exist, an error message appears:
• A field contains a value that is out of the allowed range
• The Application ID Value field is empty (not entered)
• Adding the new Application ID would exceed the maximum number of Application IDs (1000)
• Adding the new Application ID would exceed the maximum number of Peer Route
Table/Application ID combinations (20).
Editing an Application ID
Use this procedure to change the Name for a selected Application ID. (The Application ID Value field
cannot be changed.)
The fields are described in Diameter Application IDs elements.
When the Diameter > Configuration > Application IDs [Edit] page is displayed, the fields are
populated with the currently configured values.

2. Select the Application ID row to be edited.

3. Click Edit.
The Diameter > Configuration > Application IDs [Edit] page appears.
4. Change the Name for the selected Application ID.

5. Click:
• OK to save the changes and return to the Diameter > Configuration > Application IDs page.
• Apply to save the changes and remain on this page.
• Cancel to return to the Diameter > Configuration > Application IDs page without saving any
changes.
If you click OK or Apply and any of the following conditions exist, an error message appears:
• The selected Application ID no longer exists; it has been deleted by another user
• Any required field is empty (not entered)
Deleting an Application ID
Use the following procedure to delete an Application ID.
Note: You cannot delete an Application ID if it is associated with any of the following Configuration
components:
• CEX Configuration Sets
• Transaction Configuration Sets
• Peer Route Table Rules
• Application Route Table Rules
• Message Priority Configuration Sets
• Applications such as RBAR and FABR
2. Select the Application ID to be deleted.

3. Click Delete.
A window appears to confirm the delete.
4. Click:
• OK to delete the Application ID.
If the Application ID is associated with a CEX Configuration Set, the Application ID is not
deleted and an error message appears.
• Click Cancel to cancel the delete function and return to the Diameter > Configuration >
Application IDs page.
If you click OK and the selected Application ID no longer exists (it was deleted by another user),
an error message appears and the Application IDs view is refreshed.

Diameter CEX Parameters

Configure CEX Capabilities Exchange) Parameters to associate an application type and vendor ID
with a Diameter Application. If specified, the vendor ID will be placed in the Vendor ID AVP.
On the Diameter > Configuration > CEX Parameters page, you can perform the following actions:
• Filter the list of Application IDs, to display only the desired Application IDs.
• Sort the list entries in ascending or descending order by Application ID, Application ID Type, or
Vendor ID, by clicking the column heading. By default, the list is sorted by Application ID in
ascending ASCII order.
• Click an Application ID in the list to go the Application ID configuration page for that application.
• See Adding CEX Parameters to assign a new set of CEX Parameters to an Application ID.
• See Editing CEX Parameters to edit the CEX Parameters for the selected Application ID.
• See Deleting CEX Parameters to delete the CEX Parameters for the selected Application ID.
Diameter CEX Parameters elements

Table 9: CEX Parameters elements describes the fields on the CEX Parameters View, Insert, and Edit
pages. Data Input Notes apply only to the Insert and Edit pages; the View page is read-only.
Table 9: CEX Parameters elements
Field (* indicates
a required field) Description Data Input Notes
* Application ID Used to identify a specific Diameter Format: pulldown menu
Application.
Range: configured Application IDs
The Application ID value is placed in the
• 0-16777215 for Standard
Application ID AVP.
Application IDs
• 16777216-4294967294 for
Vendor-specific Application IDs
• 4294967295 for Relay
Application ID Type of Application ID. Format: radio buttons

Type
Range: Authentication, Accounting
Vendor-Specific If checked, the Vendor ID and the Format: check box

Application ID Application ID will be grouped in a
Range: checked, unchecked
Vendor-specific Application ID AVP.
Default: unchecked

Field (* indicates
a required field) Description Data Input Notes
Vendor ID A Vendor ID value for this Vendor-Specific Format: numeric; maximum 10 digits
Application ID.
Range: 1-4294967295
The Vendor ID is placed in the Vendor ID
AVP.
The Vendor-Specific Application ID check
box must be checked before a value can be
entered in this field.
Viewing CEX Parameters

Use this task to view CEX Parameters configured for Application IDs.
Select Diameter > Configuration > CEX Parameters. The Diameter > Configuration > CEX
Parameters page appears with a list of configured Application IDs. The fields are described in
Diameter CEX Parameters elements.
Adding CEX Parameters

Use this task to add CEX Parameters to an Application ID.
The fields are described in Diameter CEX Parameters elements.
1. Select Diameter > Configuration > CEX Parameters.
The Diameter > Configuration > CEX Parameters page appears.
2. Click Insert.
The Diameter > Configuration > CEX Parameters [Insert] page appears.
3. Select an Application ID from the pulldown menu.

4. Set the Application ID Type.
5. If appropriate, check the Vendor Specific Application ID check box.
6. If you checked Vendor Specific Application ID, specify the Vendor ID.
7. Click:
• OK to save the new CEX Parameters and return to the Diameter > Configuration > CEX
Parameters page.
• Apply to save the new CEX Parameters and remain on this page.
• Cancel to return to the Diameter > Configuration > CEX Parameters page without saving any
changes.
If OK or Apply is clicked and any of the following conditions exist, an error message appears:
• Any fields contain a value that is out of the allowed range
• The Application ID, Application ID Type, and Vendor ID combination is not unique

Editing CEX Parameters

Use this procedure to change the Application ID Type, Vendor-Specific ID, or Vendor ID for a selected
Application ID. (The Application ID field cannot be changed.)
The fields are described in Diameter CEX Parameters elements.
When the Diameter > Configuration > CEX Parameters [Edit] page opens, the fields are populated
with the current configured values.
Note: If a CEX parameter is being used by a connection (Enabled/disabled) it cannot be edited.
2. Select the Application ID row to be changed.

3. Click Edit.
The Diameter > Configuration > Application IDs [Edit] page appears.
4. Change the Application ID Type, Vendor-Specific ID, or Vendor ID for the selected Application
ID.
The Vendor ID must be unique.
5. Click:
• OK to save the changes and return to the Diameter > Configuration > CEX Parameters page.
• Cancel to return to the Diameter > Configuration > CEX Parameters page without saving any
changes.
• The selected Application ID no longer exists; it has been deleted by another user
• Any fields contain values that are out of range
• The Application ID, Application ID Type, and Vendor ID combination is not unique
Deleting CEX Parameters

Use the following procedure to delete CEX Parameters associated with an Application ID.
Note: CEX Parameters cannot be deleted if the Application ID is associated with a CEX Configuration
Set or being used in a connection.
2. Select the Application ID for which you want to delete CEX Parameters.
3. Click Delete.
A popup window appears to confirm the delete.
4. Click:

• OK to delete the CEX Parameters from the Application ID.

If the Application ID is associated with a CEX Configuration Set, the CEX Parameters are not
deleted and an error message appears.
• Click Cancel to cancel the delete function and return to the Diameter > Configuration > CEX
Parameters page.
If OK is clicked and the selected Application ID no longer exists (it was deleted by another user),
an error message is displayed and the CEX Parameters view is refreshed.
Diameter Command Codes

The Command Code is one of the parameters contained in a Diameter Message. In the Command
Codes configuration section, you can define the Command Code values that can be used in Peer
Routing Rules and Application Routing Rules.
An (Extended) Command Code is a command code extension that includes the following attributes:
• Command Code (parent Command Code)
• AVP Code
• AVP Data value
This broadens the definition of Diameter Command Codes to include an additional application-specific
single Diameter or 3GPP AVP content per Command Code. A format example might be 272.416.1 =
CCR/CCA-I.
Note: All (E)CCs are predefined and preloaded into the configuration.
(E)CCs are synonymous with CCs, as a GUI element and as a reference for other managed objects.
After (E)CCs are configured on the Command Codes page, they are listed as choices on the Inserting
Rule for Application Route Table, Inserting Rule for Peer Route Table, Transaction Configuration
Sets [Insert], and Message Priority Configuration Sets [Insert] pages.
Note: A parent CC or Base CC is a Command Code without AVP code and Data extensions. All (E)CCs
are extensions of any of the configured base command codes.
On the Diameter > Configuration > Command Codes page, you can perform the following actions:
• Filter the list of Command Codes, to display only the desired Command Codes.
• Sort the list entries in ascending or descending order by Command Code or Command Code Name
by clicking the column heading. By default, the list is sorted by Command Code in ascending
numerical order. When comparing two cell values in the Command Code column for sorting, the
Command Code part of the cell values are compared followed by AVP Code part of the cell values
followed by AVP Value part of the cell values. If the AVP Code and AVP Value part is missing for
a cell value, it is considered as zero for the comparison.
• Click Insert.
The Diameter > Configuration > Command Codes [Insert] page opens. You can add a new
Command Code. See Adding a Command Code. If the maximum number of Command Codes (1000)

already exists in the system, the Diameter > Configuration > Command Codes [Insert] page will
not open, and an error message is displayed.
• Select an Command Code in the list, and click Edit.

The Diameter > Configuration > Command Codes [Edit] page opens. You can edit the selected
Command Code. See Editing a Command Code.
• Select an Command Code in the list, and click Delete to remove the selected Command Code. See
Deleting a Command Code.
Note: Delete is disabled for (E)CCs.
Diameter Command Codes elements

Table 10: Command Codes Elements describes the fields on the Command Codes View, Insert, and Edit
Table 10: Command Codes Elements
Field (* indicates a
required field) Description Data Input Notes
* Name Command Code Name Format: case-sensitive; alphanumeric
and underscore (_); cannot start with
a digit and must contain at least one
alpha
* Command Code Identifies the command or extended Format: Pulldown menu or numeric
command code associated with the
Range: Select from predefined
message
Command Codes or enter a numeric
Note: Only preloaded, predefined value: 0-16777215
ECC values are displayed.
Default: none
Viewing Command Codes

Use this task to view all configured Command Codes.
Select Diameter > Configuration > Command Codes.
The Diameter > Configuration > Command Codes page appears with a list of configured Command
Codes. The fields are described in Diameter Command Codes elements.
Adding a Command Code

Use this task to configure a new Command Code.
The fields are described in Diameter Command Codes elements.

1. Select Diameter > Configuration > Command Codes.

The Diameter > Configuration > Command Codes page appears.
2. Click Insert.
The Diameter > Configuration > Command Codes [Insert] page appears.
If the maximum number of Command Codes (1000) has already been configured in the system,
the Diameter > Configuration > Command Codes [Insert] page will not open, and an error message
will appear.
3. Enter a unique Command Code Name for the Command Code.

4. Select a Command Code from the menu or enter a unique value to identify a specific Command
Code (Command Code is required.)
5. Click:
• OK to save the new Command Code and return to the Diameter > Configuration > Command
Codes page.
• Apply to save the new Command Code and remain on this page.
• Cancel to return to the Diameter > Configuration > Command Codes page without saving
any changes.
• Any fields contain a value that is out of the allowed range
• Adding the new Command Code would cause the maximum number of Command Codes
(1000) to be exceeded
Editing a Command Code

Use this procedure to change the Command Code Name for a selected Command Code. (The Command
Code field cannot be changed.)
The fields are described in Diameter Command Codes elements.
When the Diameter > Configuration > Command Codes [Edit] page opens, the fields are populated
with the current configured values.
2. Select the Command Code row to be changed.

3. Click Edit.
The Diameter > Configuration > Command Codes [Edit] page appears.
4. Change the Command Code Name for the selected Command Code.
The Name must be unique.
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Command Codes page.

• Cancel to return to the Diameter > Configuration > Command Codes page without saving
any changes.
• The selected Command Code no longer exists; it has been deleted by another user
• Any fields contain values that are out of range
Deleting a Command Code

Use the following procedure to delete a Command Code.
Note: (E)CCs cannot be deleted.
A Command Code cannot be deleted if it is associated with any of the following Configuration
components:
• Peer Routing Rule
• Application Routing Rule
• Message Priority Configuration Set
• A FABR or RBAR Address Resolution
• Transaction Configuration Sets
2. Select the Command Code to be deleted.

3. Click Delete.
4. Click:
• OK to delete the Command Code.
If the Command Code is used in a Peer Routing Rule or Application Routing Rule, the Command
Code is not deleted and an error message appears.
Command Codes page.
If OK is clicked and any of the following conditions exist, the selected Command Code no longer
exists (it was deleted by another user), an error message is displayed and the Command Codes is
refreshed.
Diameter Configuration Sets

Configuration Sets provide a mechanism for adjusting a connection to account for the network quality
of service and Peer Node requirements. You can create a Connection Configuration Set with specific

SCTP, Diameter, and TCP options and then assign it to a connection. The options are described in
Configuration Sets elements. Each connection references a single Connection Configuration Set.
The application has a default Connection Configuration Set called Default. The Default Connection
Configuration Set options can be modified, but the Default Connection Configuration Set cannot be
deleted. When you create a new Connection Configuration Set the values of the Default Connection
Configuration Set are automatically populated into the new Connection Configuration Set, allowing
you to easily create a new Connection Configuration Set that needs to have only a few options adjusted.
On the Connection Configuration Sets page, you can perform the following actions:
• Filter the list of Connection Configuration Sets to display only the desired Connection Configuration
Sets.
• Sort the list by column contents in ascending or descending order, by clicking the column heading.
The default order is by Connection Configuration Set Name in ascending ASCII order.
• Click a tab to display the options for the Connection Configuration Set on that tab. The Connection
Configuration Set Name remains on the left of the page when the page is scrolled to the right to
view all of the options.
• Click Insert.
The Connection Configuration Sets [Insert] page appears. You can add a new Connection
Configuration Set and its options. See Adding Configuration Sets.
If the maximum number of Connection Configuration Sets per Network Element (2000) already
exist in the system, the Connection Configuration Sets [Insert] page does not open, and an error
message displays.
• Select a Connection Configuration Set Name in the list, and click Edit.
The Connection Configuration Sets [Edit] page opens. You can edit the selected Connection
Configuration Set. See Editing Configuration Sets.
If at least one connection that uses the Connection Configuration Set is in the Enabled Admin state,
the Connection Configuration Sets [Edit] page will not open.
• Select a Connection Configuration Set Name in the list, and click Delete to remove the selected
Connection Configuration Set.
The Default Connection Configuration Set cannot be deleted. See Deleting Configuration Sets.
Note: You perform these tasks on the following Connection Configuration Sets tabs:
• SCTP Options
• Diameter Options
• TCP Options
• RADIUS Options
Diameter Connection Configuration Sets

Configuration Sets provide a mechanism for adjusting a connection to account for the network quality
of service and Peer Node requirements. You can create a Connection Configuration Set with specific
SCTP, Diameter, and TCP options and then assign it to a connection. The options are described in
Configuration Sets elements. Each connection references a single Connection Configuration Set.


The application has a default Connection Configuration Set called Default. The Default Connection
Configuration Set options can be modified, but the Default Connection Configuration Set cannot be
deleted. When you create a new Connection Configuration Set the values of the Default Connection
Configuration Set are automatically populated into the new Connection Configuration Set, allowing
you to easily create a new Connection Configuration Set that needs to have only a few options adjusted.
On the Connection Configuration Sets page, you can perform the following actions:
• Filter the list of Connection Configuration Sets to display only the desired Connection Configuration
Sets.
The default order is by Connection Configuration Set Name in ascending ASCII order.
• Click a tab to display the options for the Connection Configuration Set on that tab. The Connection
Configuration Set Name remains on the left of the page when the page is scrolled to the right to
view all of the options.
• Click Insert.
The Connection Configuration Sets [Insert] page appears. You can add a new Connection
Configuration Set and its options. See Adding Configuration Sets.
If the maximum number of Connection Configuration Sets per Network Element (2000) already
exist in the system, the Connection Configuration Sets [Insert] page does not open, and an error
message displays.
• Select a Connection Configuration Set Name in the list, and click Edit.
The Connection Configuration Sets [Edit] page opens. You can edit the selected Connection
Configuration Set. See Editing Configuration Sets.
If at least one connection that uses the Connection Configuration Set is in the "Enabled" Admin
state, the Connection Configuration Sets [Edit] page will not open.
• Select a Connection Configuration Set Name in the list, and click Delete to remove the selected
Connection Configuration Set.
The Default Connection Configuration Set cannot be deleted. See Deleting Configuration Sets.
Note: You perform these tasks on the following Connection Configuration Sets tabs:
• SCTP Options
• Diameter Options
• TCP Options
• RADIUS Options
Configuration Sets elements

Table 11: Configuration Sets Elements describes the fields on the Connection Configuration Sets View,
Edit, and Insert pages. Data Input Notes apply only to the Insert and Edit pages; the View page is
read-only.
Note: You must assign a Connection Configuration Set attribute to each RADIUS Connection. When
this attribute is assigned to a Local Node, it is ignored by RCL.

Table 11: Configuration Sets Elements
Field (* indicates
* Connection Unique Name of the Connection Configuration Format: case-sensitive
Configuration Set Name Set. string: alphanumeric
and underscore (_);
must contain at least
one alpha and cannot
start with a digit
SCTP Options
* Retransmit Initial Expected average network round-trip time in Format: numeric;
Timeout (ms) milliseconds. This is used to initialize the milliseconds
round-trip time value when an association is
Range: 10 - 5000
started but the round-trip time has not yet been
measured. The round-trip time is used by SCTP Default: 120
in calculating when to retransmit chunks.
* Retransmit Minimum Minimum amount of time to wait for an Format: numeric;
Timeout (ms) acknowledgment for a message sent. This value milliseconds
prevents the retransmit timeout from becoming
Range: 10 - 5000
too small in networks with a very short round-trip
time. Default: 120
* Retransmit Maximum Maximum amount of time to wait for an Format: numeric;

Timeout (ms) acknowledgment for a message sent. milliseconds
This value places an upper bound on the Range: 10 - 10000
exponential back-off algorithm used by SCTP for
Default: 120
retransmission timing. After this retransmit
interval is reached, retransmits will be sent at a
constant rate until an ACK is received or the
maximum attempts is reached.
* Retransmit Maximum Maximum amount of time to wait for an INIT to Format: numeric;
Timeout for INIT (ms) be acknowledged. milliseconds
This value overrides the Retransmit Maximum Range: 0, 10 - 10000
Timeout for INITs and is used to bound the initial
Default: 120
setup time.
A value of 0 indicates that the Retransmit
Maximum Timeout will be used for INITs as well.
* Number of Number of consecutive unsuccessful retransmits Format: numeric;

Retransmits Triggering that will cause a path of the SCTP association to number of retransmits
Path Failure be marked as failed.
Range: 1 - 10
This value indicates how many SCTP
Default: 3
retransmission attempts should be made to each

Field (* indicates
destination of an SCTP association before marking
the destination as failed.
This value must be less than the Number of
Retransmits Triggering Association Failure value.
* Number of Number of consecutive retransmits that will cause Format: numeric;

Retransmits Triggering an SCTP association to be marked as failed. This number of attempts
Association Failure value indicates how many SCTP retransmission
Range: 1 - 20
attempts should be made to all destinations for
an SCTP association before marking the Default: 5
association as failed.
This value should not be greater than the sum of
the retransmit attempts for all destinations within
the association.
* Number of Number of consecutive retransmits for INIT and Format: numeric;

Retransmits Triggering COOKIE-ECHO Chunks that will cause an SCTP number of attempts
Init Failure connection to be marked as failed. This value
Range: 1 - 20
indicates how many retransmission attempts
should be made to the primary SCTP address for Default: 8
INIT and COOKIE-ECHO Chunks before marking
the connection as failed.
* SACK Delay (ms) The number of milliseconds to delay after Format: numeric;
receiving a DATA Chunk and prior to sending a milliseconds
SACK.
Range: 0 - 200
A non-zero value for SACK Delay gives the
Default: 10
application time to bundle DATA Chunks in the
same SCTP datagram with the SACK, thereby
reducing the number of packets in the network.
Setting SACK Delay to zero disables this delay so
that SACKs are sent as quickly as possible.
* SCTP Heartbeat The number of milliseconds between sending Format: numeric;

Interval (ms) SCTP HEARTBEAT messages to a Peer. milliseconds
Heartbeat messages are sent only when no user Range: 0, 100 - 300000
data has been sent for the duration of the
Default: 500
Heartbeat Interval.
Setting the Heartbeat Interval to 0 disables
heartbeating (not recommended).
* Socket Send Buffer Socket send buffer size for outgoing SCTP Format: numeric;
Size (bytes) messages. number of bytes
The send buffer size must be greater than or equal Range: 8000 - 5000000
to the product of the bandwidth and the round
Default: 2000000
trip delay for the association.

Field (* indicates
* Socket Receive Buffer Socket receive buffer size for incoming SCTP Format: numeric;
Size (bytes) messages. number of bytes
The receive buffer size must be greater than or Range: 8000 - 5000000
equal to the product of the bandwidth and the
Default: 2000000
round trip delay for the association.
* Maximum Burst Specifies the maximum burst of packets that can Format: numeric
be emitted by this association.
Range: 1 - 4
Default: 4
* Max Number of Maximum number of inbound SCTP streams Format: numeric;

Inbound Streams supported locally by the SCTP connection. number of streams
Range: 1 -16
Default: 8
* Max Number of Maximum number of outbound SCTP streams Format: numeric;

Outbound Streams supported locally by the SCTP connection. number of streams
Range: 1 -16
Default: 8
Datagram Bundling If checked, datagram bundling is enabled for the Format: numeric
Enabled SCTP connection.
Range: checked (YES) or
unchecked (NO)
Default: checked
* Maximum Segment The Maximum Size to put in any outgoing SCTP Format: numeric field,
Size DATA chunk. If a message is larger than this size, setting this value to 0
it is fragmented by SCTP into the specified size. indicates that this is no
maximum is segment
size.
Range: 0, 64 - 1460 bytes
Default: 0
Fragmentation If checked, a message exceeding the size of the Format: check box
PMTU (Path Max Transmission Unit) is
fragmented and reassembled by the peer.
unchecked (NO)
Default: checked
Ordered Delivery If checked, Ordered delivery of the SCTP DATA Format: check box
Chunk is performed. Otherwise, unordered
delivery of the SCTP DATA Chunk is performed.
unchecked (NO)
Default: checked

Field (* indicates
Diameter Options
* Connect Timer (sec) Controls the frequency that transport connection Format: numeric;
attempts are done to a Peer where no active seconds
transport connection exists.
Range: 1 - 60
Applicable only for connections that are
Default: 30
configured to initiate a connection with a Peer
Node.
* Watchdog Timer Init Initial value of the application watchdog timer. Format: numeric;
Value (sec) seconds
Range: 1 - 30
Default: 30
* Capabilities Exchange Time to wait on a CER message from a Peer after Format: numeric;
Timer (sec) a connection is initiated by the Peer. Time to wait seconds
on a CEA response from a Peer after sending the
Range: 1 - 10
CER.
Default: 3
Note: For local nodes, CEAs are sent in response
to erroneous CERs.
* Disconnect Timer (sec) After sending a DPA message, time to wait for a Format: numeric;
Peer to disconnect transport. After sending a DPR seconds
message, time to wait for the Peer to send the
Range: 1 - 10
DPA.
Default: 3
If the timer expires, transport will be disconnected
by the application.
Proving Mode Proving mode for the Configuration Set. Format: radio buttons
Range: Suspect, Always,
Never
Default: Suspect
* Proving Timer (msec) The time to wait for a Peer to send a DWA Format: numeric;
message in response to a DWR message during milliseconds
connection proving.
Range: 50 - 30000
Default: 500
* Proving Times The number of consecutive DWR and DWA Format: numeric;
exchanges within Proving Timer time during number of exchanges
connection proving.
Range: 1 - 1000
Default: 3
* Pending Transactions The maximum number of Pending Requests Format: numeric

Per Connection waiting for Answers from the Peer on this

Field (* indicates
connection. If the maximum is reached, this Range: 1 - 20000
connection will not be selected for routing until
Default: 1000
the number of Pending Requests falls below this
value.
Note: Because the pending transaction limit is
located in the Connection Configuration Set, it
cannot be edited unless the connection is disabled.
CEX Host IP Validation If checked, Host-IP-Address AVP validation will Format: check box
Enabled be enabled during CEX message exchange.
Range: checked (YES),
unchecked (NO)
Default: checked
TCP Options
Nagle Enabled If checked, the Nagle algorithm is enabled for the Format: check box
TCP connection.
unchecked (NO)
Default: checked
* Socket Send Buffer Socket send buffer size for outgoing TCP Format: numeric; bytes
Size (bytes) messages. The send buffer size should be greater
Range: 8000 - 5000000
than or equal to the product of the bandwidth and
the round trip delay for the connection. Default: 2000000
* Socket Receive Buffer Socket receive buffer size for incoming TCP Format: numeric; bytes
Size (bytes) messages. The receive buffer size should be
Range: 8000 - 5000000
greater than or equal to the product of the
bandwidth and the round trip delay for the Default: 2000000
connection.
Maximum Segment Size If checked, TCP probes a connection that has been Format: check box
idle for the amount of time configurable by
Keep-Alive Idle Time parameter.
unchecked (NO)
Default: No
* Keep-Alive The number of seconds of idle time between Keep Format: numeric field
Alive Probes if Keep-Alive is enabled.
Range: 1 - 7200 seconds
Default: 1
* Keep-Alive Idle Time Specifies the number of seconds of idle time Format: numeric field
between Keep Alive Probes if Keep-Alive is
enabled.
Default: 1

Field (* indicates
* Keep-Alive Probe If Keep-Alive is enabled, sets the interval between Format: numeric field
Interval Keep Alive Probes in seconds. This value cannot
be changed after a connection is established.
Default: 1
* Keep-Alive Maximum If Keep-Alive is enabled, sets the maximum Format: numeric field
Count number of Keep Alive Probes TCP sends without
any response from the remote server, before TCP
gives up and aborts the connection. Default: 9
Radius Options
Pending Transactions The maximum number of Pending Requests Format: numeric
Per Connection waiting for Response from Peer on this
Range: 1 - 5000
connection. If maximum Pending Transactions is
reached, then this connection will not be selected Default: 1000
for routing until the Pending transactions are
below this value.
Prevent duplicate This option applies to RADIUS client connections Format: check box
transactions due to only and determines how to handle a Request that
Range: checked,
egress retransmissions is being retransmitted to the same peer as before,
unchecked
but the corresponding transaction record (that
contains the previously used source port, RADIUS Default: checked
ID and Request Authenticator) has expired. If this
option is selected, and if the corresponding
transaction record has expired, the routing
application will not forward the Request to the
same peer with a new RADIUS ID, source port,
and Request Authenticator. An alternate peer can
be selected for routing in this case. If this option
is not selected, and the corresponding transaction
record has expired, DSR shall select a new source
port, RADIUS ID and Request Authenticator,
create a new transaction record and forward the
Request to the peer.
Prevent duplicate This option applies to RADIUS server connections Format: check box
transactions due to only and determines how DSR shall processes
Range: checked,
ingress retransmissions duplicate requests received from a client. A
unchecked
request is considered duplicate if the client
retransmits a request with the same source IP Default: checked
address, source port number, RADIUS ID and
Request Authenticator. If this option is selected,
DSR shall create an ingress transaction record for
the request (with the request's source IP address,
port, RADIUS ID and Request Authenticator)
which shall be used to admit only the first Request
into DSR and prevent admitting of duplicate
requests, if received, till the transaction record is

Field (* indicates
present. If a Response has been sent previously
to the peer, it shall be saved in the transaction
record and shall be forwarded to the client in
response to duplicate requests. If this option is
not selected, DSR shall not maintain ingress
transaction records and shall admit all Requests
received from the client.
Cached response This option applies to server connections only. Format: numeric
Duration (ms) Applicable only if Prevent duplicate transactions
Range: 3000 - 100000
due to ingress retransmissions = Checked. This
value specifies the duration for which a cached Default: 5000
response shall be held in the ingress transaction
record This value should cover the potential of
loss of response and further retransmissions by
the client.
Viewing Configuration Sets

Use this task to view currently configured Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Connection Configuration Sets.
The Connection Configuration Sets page appears.
Adding Configuration Sets

Use this task to create new Configuration Sets.
When you add a new Connection Configuration Set all of the fields on each tab are initially populated
with the values from the Default Connection Configuration Set. For details about the fields in the
Connection Configuration Set, see Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Connection Configuration Sets.
2. Click Insert.
The Connection Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the Connection Configuration Set Name field.
4. Click the SCTP Options tab. Enter the SCTP values in the fields.
5. Click the Diameter Options tab. Enter the Diameter values in the fields.
6. Click the TCP Options tab. Enter the TCP values in the fields.
7. Click the RADIUS Options tab. Enter the RADIUS values in the fields.
8. Click:
• OK to save the data and return to the Connection Configuration Sets page.
• Apply to save the data and remain on this page.
• Cancel to return to the Connection Configuration Sets page without saving any changes.

• Any field is empty (no value was entered)

• The value in any field is not valid or is out of range
• The Connection Configuration Set Name is not unique; it already exists in the system
• The maximum number of Connection Configuration Sets per Network Element (2000) is already
configured
• Under the SCTP Options tab, the Retransmit Maximum Timeout is less than the Retransmit
Minimum Timeout
• Under the SCTP Options tab, the Number of Retransmits Triggering Path Failure is greater
than the Number of Retransmits Triggering Association Failure
Editing Configuration Sets

Use this task to edit existing Configuration Sets.
When the Connection Configuration Sets page opens, the fields are populated with the currently
configured values.
If the selected Connection Configuration Set is being used by a Local Node, any changes to the selected
Connection Configuration Set will not take effect for Peer-initiated connections until the next time the
Peer Node connects to the Local Node.
The Connection Configuration Set Name cannot be edited.
Note: You must disable all Connections that use a particular Connection Configuration Set before
you can edit it. See Disabling Connections.
Changes to the Connection Configuration Set take effect after the changes are saved and the Connections
that refer to the changed Connection Configuration Set are set to the Enabled Admin state.
2. Select the Connection Configuration Set you want to edit.
3. Click Edit.
The Connection Configuration Sets [Edit] page appears.
4. Update the relevant fields.
For information about each field, see Configuration Sets elements.
5. Click:
• OK to save the data and return to the Connection Configuration Sets page.
• Cancel to return to the Connection Configuration Sets page without saving any changes.
• The selected Connection Configuration Set no longer exists; it has been deleted by another user
• Under the SCTP Options tab, the Retransmit Maximum Timeout is less than the Retransmit
Minimum Timeout
• Under the SCTP Options tab, the Number of Retransmits Triggering Path Failure is greater
than the Number of Retransmits Triggering Association Failure

• At least one connection that is using this Connection Configuration Set is not in the Disabled
Admin State
Deleting Configuration Sets

Use this task to delete Configuration Sets.
A Connection Configuration Set cannot be deleted if it is being used by any connections or Local
Nodes. Before you perform this task, you must:
1. Disable any connections that use the Connection Configuration Set. See Disabling Connections.
2. Edit those connections to no longer use the Connection Configuration Set. See Editing a Connection.
3. Edit any Local Nodes that use the Connection Configuration Set to no longer do so. See Editing a
Local Node.
2. Select the Connection Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Connection Configuration Set.
• Cancel to cancel the delete function and return to the Connection Configuration Sets page.
If OK is clicked and the selected Connection Configuration Set is referenced by at least one
connection or Local Node, an error message appears and the Connection Configuration Set is not
deleted.
If OK is clicked and the selected Connection Configuration Set no longer exists (it was deleted by
another user), an error message is displayed and the Connection Configuration Sets view is refreshed.
CEX Configuration Sets

A CEX Configuration Set provides a mechanism for assigning up to 10 unique CEX Parameters and
up to 10 unique supported Vendor IDs to a Local Node or Connection. A default CEX Configuration
Set named Default is pre-populated with CEX Parameters for the RELAY Application ID (0xFFFFFFFF).
Each Local Node will refer to a single CEX Configuration Set. The CEX Configuration Set is mandatory
for Local Node. Each transport connection can optionally refer to a single CEX Configuration Set.
During CEX message exchange, the CEX Configuration Set in the transport connection is used if
configured. Otherwise, the CEX Configuration Set in the Local Node (associated with the transport
connection) is used. A Vendor ID can be sent in the Supported-Vendor-ID AVP of a CEX even though
the Vendor ID is not configured in the Selected Supported Vendor IDs for the CEX Configuration
Set.
The application has a default CEX Configuration Set called Default, which is always available. The
Default CEX Configuration Set options cannot be modified or deleted. When you create a new CEX
Configuration Set the values of the Default CEX Configuration Set are automatically populated into

the new CEX Configuration Set, allowing you to easily create a new CEX Configuration Set that needs
to have only a few options adjusted.
On the CEX Configuration Sets page, you can perform the following actions:
• Filter the list of CEX Configuration Sets to display only the desired CEX Configuration Sets.
• Sort the list in ascending or descending order, by clicking the CEX Configurations Set Name
column heading. The default order is by CEX Configuration Set Name in ascending ASCII order.
• In the CEX Parameters column,
• Click the + sign to the left of the number of Application IDs to expand the list of Application
IDs for a CEX Configuration Set.
• Click the - sign to left of the number of Application IDs to collapse the expanded list of
Application IDs for a CEX Configuration Set.
• Click a blue Application ID in an expanded list to open the Diameter > Configuration > CEX
Parameters [Filtered] page for the selected Application ID only.
• Click Insert.
The CEX Configuration Sets [Insert] page opens. You can add a new CEX Configuration Set and
its values. See Adding a CEX Configuration Set. If the maximum number of CEX Configuration Sets
(2000) already exists in the system, the CEX Configuration Sets [Insert] page will not open, and
an error message is displayed.
• Select a CEX Configuration Set Name in the list, and click Edit.
The CEX Configuration Sets [Edit] page opens. You can edit the selected CEX Configuration Set.
See Editing a CEX Configuration Set. The Default CEX Configuration Set cannot be edited.
• Select a CEX Configuration Set Name in the list, and click Delete to remove the selected CEX
Configuration Set.
The Default CEX Configuration Set cannot be deleted. See Deleting a CEX Configuration Set.
CEX Configuration Set elements

Table 12: CEX Configuration Sets Elements describes the fields on the CEX Configuration Sets View,
Edit, and Insert pages. Data Input Notes only apply to the Insert and Edit pages; the View page is
read-only.
Table 12: CEX Configuration Sets Elements
Field (* indicates a Description Data Input Notes

required field)
* CEX Configuration Unique Name of the CEX Configuration Set. Format: Case-sensitive string:
Set Name alphanumeric and underscore
A CEX Configuration Set named Default is
(_); must contain at least one
always available.
alpha and cannot begin with
a digit.

Field (* indicates a Description Data Input Notes

required field)
Dynamic Indicates whether or not the CEX Configuration Format: checkbox (read-only
Set was created dynamically (YES) or statically on the CEX Configuration Set
(NO). NO is assigned for all CEX Configuration [Edit] page)
Sets via Dynamic Peer Discovery.
Range: checked (the CEX
Configuration Set was created
as a result of Dynamic Peer
Discovery), unchecked
Default: unchecked
* CEX Parameters Available CEX Parameters Format: Scrollable list

All unique configured CEX Parameters, Range: All configured CEX
showing Application IDs with Application Parameters
Type, and with Vendor ID if the Application
ID is Vendor-Specific.
Selected CEX Parameters Maximum of 10 entries.

CEX Parameters that are selected from the Default: Relay
Available CEX Parameters list for this CEX
Configuration Set.
Must Include CEX Parameters One, some, or all of the entries

in the Selected CEX
CEX Parameters selected from the Selected CEX
Parameters list; maximum of
Parameters list that must be present in the CEx
10 entries
message exchanged from the Peer.
Supported Vendor Available Supported Vendor IDs Format: Scrollable list

IDs
All unique Vendor IDs that have been Range: All configured Vendor
configured in the CEX Parameters IDs
configuration.
Selected Supported Vendor IDs Maximum of 10 entries

Application IDs that are selected from the
Available Supported Vendor IDs list for this
CEX Configuration Set.
DSR Feature Status If checked, this Vendor specific AVP will be Format: checkbox
AVP sent in CER/CEA messages. It can convey the
Range: NA
status of various features like NGN-PS to Peer
DSR. Default: unchecked
Viewing CEX Configuration Sets

Use this task to view currently configured CEX Configuration Sets.
Select Diameter > Configuration > Configuration Sets > CEX Configuration Sets.

The CEX Configuration Sets page appears.
Adding a CEX Configuration Set

Use this task to create a new CEX Configuration Set.
1. Select Diameter > Configuration > Configuration Sets > CEX Configuration Sets.
2. Click Insert.
The CEX Configuration Sets [Insert] page appears.
3. Enter a unique name for the CEX Configuration Set in the CEX Configuration Set Name field.
4. Enter the information for the CEX Parameters in the fields.
• To add CEX Parameters to the Selected CEX Parameters list, select the entry in the Available
CEX Parameters list and click Add below the Available CEX Parameters list.
• To add CEX Parameters to the Must Include CEX Parameters list, select the entry in the Selected
CEX Parameters list and click Add above the Must Include CEX Parameters list.
• To remove CEX Parameters from the Selected CEX Parameters list, select the entry in the
Selected CEX Parameters list and click Remove below the Selected CEX Parameters list.
• To remove CEX Parameters from the Must Include CEX Parameters list, select the entry in the
Must Include CEX Parameters list and click Remove above the Must Include CEX Parameters
list.
5. Enter the information for the Supported Vendor IDs in the fields.
• To add a Vendor ID to the Selected Supported Vendor IDs list, select the entry in the Available
Supported Vendor IDs list and click Add below the Available Supported Vendor IDs list.
• To remove a Vendor ID from the Selected Supported Vendor IDs list, select the entry in the
Selected Supported Vendor IDs list and click Remove above the Selected Supported Vendor
IDs list.
6. Click:
• OK to save the new CEX Configuration Set and return to the CEX Configuration Sets page.
• Apply to save the new CEX Configuration Set and remain on this page.
• Cancel to return to the CEX Configuration Sets page without saving any changes.
• The Selected CEX Parameters list is empty (an item was not added)
• Any item that was selected to add to a list was deleted by another user during this Insert session
• The maximum number of configured CEX Configuration Sets (2000), Selected CEX Parameters
+ Must Include CEX Parameters for a CEX Configuration Set (10), or Supported Vendor IDs for
a CEX Configuration Set (10) was reached by another user's entries during this Insert session
Editing a CEX Configuration Set

Use this task to edit an existing CEX Configuration Set.
For information about each field, see CEX Configuration Set elements.
Note: You must disable connections that use a particular CEX Configuration Set before you can edit
the CEX Configuration Set. See Disabling Connections.

2. Select the CEX Configuration Set that you want to edit.
The Default CEX Configuration Set cannot be changed.
3. Click Edit.
The CEX Configuration Sets [Edit] page appears.
When the page opens, the fields are initially populated with the currently configured values.

If an entry is attempted that is not valid or is out of range, an error message appears.
The CEX Configuration Set Name cannot be changed.
• To add CEX Parameters to the Selected CEX Parameters list, select the entry in the Available
CEX Parameters list and click Add below the Available CEX Parameters list.
• To add CEX Parameters to the Must Include CEX Parameters list, select the entry in the Selected
CEX Parameters list and click Add above the Must Include CEX Parameters list.
• To remove CEX Parameters from the Selected CEX Parameters list, select the entry in the
Selected CEX Parameters list and click Remove below the Selected CEX Parameters list.
• To remove CEX Parameters from the Must Include CEX Parameters list, select the entry in the
Must Include CEX Parameters list and click Add above the Must Include CEX Parameters list.
• To add a Vendor ID to the Selected Supported Vendor IDs list, select the entry in the Available
Supported Vendor IDs list and click Add below the Available Supported Vendor IDs list.
• To remove a Vendor ID from the Selected Supported Vendor IDs list, select the entry in the
Selected Supported Vendor IDs list and click Remove above the Selected Supported Vendor
IDs list.
5. Click:
• OK to save the changes and return to the CEX Configuration Sets page.
• Cancel to return to the CEX Configuration Sets page without saving any changes.
• You attempt to edit an instance whose Dynamic attribute is YES.
• You attempt to delete an instance whose Dynamic attribute is YES. Only the Dynamic Peer
Discovery software is able to delete an instance whose Dynamic attribute is YES.
• You attempt to edit an attribute when it is in the read-only state.
• You attempt to edit a dynamic instance by changing its Dynamic attribute from NO to YES.
• You attempt to edit a static instance by changing its Dynamic attribute from NO to YES.
• The Selected CEX Parameters list is empty (no items were added)
• The selected CEX Configuration Set is being used by a connection or a Local Node
• The selected CEX Configuration Set was deleted by another user during this Edit session
• If you attempt to edit a CEX Configuration Set instance whose dynamic attribute is YES.

Deleting a CEX Configuration Set

Use this task to delete a CEX Configuration Set.
A CEX Configuration Set cannot be deleted if it is being used by any connections or Local Nodes.
Before you perform this task, you must:
1. Disable any connections that use the CEX Configuration Set. See Disabling Connections.
2. Edit those connections to no longer use the CEX Configuration Set. See Editing a Connection.
3. Edit any Local Nodes that use the CEX Configuration Set to no longer do so. See Editing a Local
Node.
The Default CEX Configuration Set can be edited, but cannot be deleted.
2. Select one CEX Configuration Set that you want to delete.
3. Click Delete
A popup window appears.
4. Click:
• OK to delete the selected CEX Configuration Set.
• Cancel to cancel the delete function and return to the CEX Configuration Sets page.
If OK is clicked and the selected CEX Configuration Set is referenced by at least one connection or
Local Node, an error message appears and the CEX Configuration Set is not deleted.
If OK is clicked and the selected CEX Configuration Set no longer exists (it was deleted by another
user), an error message is displayed and the CEX Configuration Sets view is refreshed.
Capacity Configuration Sets

Capacity Configuration Sets provide a mechanism for adjusting a connection to account for the network
quality of service and Peer Node requirements, and allow management of capacity data for Diameter
Peer connections. Capacity Configuration Set data consists of reserved Ingress MPS, maximum Ingress
MPS, Ingress MPS minor alarm threshold, and Ingress MPS major alarm threshold.
The Capacity Configuration Set called Default is always available. The Default Capacity Configuration
Set options can be modified, but the Default Capacity Configuration Set cannot be deleted. When you
create a new Capacity Configuration Set the values of the Default Capacity Configuration Set are
automatically populated into the new Capacity Configuration Set, allowing you to easily create a new
Capacity Configuration Set that needs to have only a few options adjusted.
Note: The Per Connection Ingress MPS Control feature must be purchased and enabled before Capacity
Configuration Sets can be configured.
On the Capacity Configuration Sets page, you can perform the following actions:
• Filter the list of Capacity Configuration Sets to display only the desired Capacity Configuration
Sets.
• Sort the Capacity Configuration Set entries by clicking the column headings. By default, the entries
are sorted by the Capacity Configuration Set column in ascending ASCII order.

• Click Insert.
The Capacity Configuration Sets [Insert] page opens. You can add a new Capacity Configuration
Sets and its values. See Adding a Capacity Configuration Set.
If the Per Connection Ingress MPS Control feature is not enabled, the Capacity Configuration Sets
[Insert] page does not open, and an error message is displayed.
If the maximum number of Capacity Configuration Sets (1000) already exists in the system, the
Capacity Configuration Sets [Insert] page does not open and an error message is displayed.
• Select the Name of a Capacity Configuration Set in the list, and click Edit.
The Capacity Configuration Sets [Edit] page opens. You can edit the selected Capacity
Configuration Set. See Editing a Capacity Configuration Set.
If the Default Capacity Configuration Set is selected and the Per Connection Ingress MPS Control
feature is not enabled, the Capacity Configuration Sets [Edit] page does not open and an error
message is displayed.
• Select the Name of a Capacity Configuration Set in the list, and click Delete to remove the selected
Capacity Configuration Set. See Deleting a Capacity Configuration Set. The Default Capacity
Configuration Set can be edited, but not deleted.
Connection Capacity Validation

The Connection Capacity Validation function is described in Validating Diameter Connection Capacity.
Validation of the Reserved Ingress MPS occurs in response to changes to the configuration of Capacity
Configuration Sets that increase the Reserved Ingress MPS value, including editing the value and
replacing the Configuration Set with one that has a higher value. Such changes reduce the available
Reserved Ingress MPS capacity and must be validated before they can be allowed. (Actions that increase
capacity rather than reduce it do not require validation.)
An error is displayed, stating the reason, when the validation determines that performing the
configuration action would cause over-configuration of Reserved Ingress MPS in a DA-MP or Target
Set, or that a configuration action cannot be performed for another reason such as no MP Profile
assigned to the subject DA-MP.
A warning is displayed when the validation cannot determine whether the configuration action would
cause over-configuration of Reserved Ingress MPS in a DA-MP or Target Set.
If an error and a warning could apply, the error is displayed.
The Diameter > Configuration > Connection Capacity Dashboard page displays the current
Connection Count and Reserved Ingress MPS data per DA-MP. The page functions and contents are
described in Connection Capacity Dashboard Functions.
Capacity Configuration Set elements

Table 13: Capacity Configuration Sets Elements describes the fields on the Capacity Configuration Sets
View, Edit, and Insert pages. Data Input Notes only apply to the Insert and Edit pages; the View page
is read-only.

Table 13: Capacity Configuration Sets Elements
Field (* indicates field

is required) Description Data Input Notes
* Capacity Name of the Capacity Configuration Set. The Format: String:
Configuration Set Name must be unique. case-sensitive;
alphanumeric and
underscore (_); must
contain at least one
alpha; cannot begin
with a digit.
* Reserved Ingress MPS Rate in messages per second for which resources Format: numeric
are explicitly reserved for Diameter connections
Range: 0, 10 - 5000
using this Capacity Configuration Set to process
Ingress messages per
ingress diameter signaling. These resources cannot
second
be used by any other connection, regardless of the
load offered to other connections. Default: 0
The sum of Reserved Ingress MPS for all
connections on an MP server cannot exceed the
maximum capacity of the MP server.
* Maximum Ingress Maximum Ingress messages per second that a Format: numeric
MPS Diameter connection using this Capacity
Range: 0, 10 - 10000
Configuration Set is allowed to process.
Ingress messages per
The Maximum Ingress MPS must be equal to or second
greater than the Reserved Ingress MPS.
Default: 0
Any difference between the Maximum Ingress
MPS and the Reserved Ingress MPS represents
MP server resources that are shared among
connections that have Maximum Ingress MPS
greater than Reserved Ingress MPS.
* Ingress MPS Minor Percentage of Maximum Ingress MPS at which a Format: numeric
Alarm Threshold minor alarm will be raised for connections that
Range: 10 - 99 percent
(Percent) use this Capacity Configuration Set.
Default: 50 percent
After an alarm is raised, it will not be cleared until
the average Ingress MPS falls 5% below this value.
The Ingress MPS Minor Alarm Threshold must
be less than the Ingress MPS Major Alarm
Threshold.
* Ingress Major Alarm Percentage of Maximum Ingress MPS at which a Format: numeric
Threshold (Percent) major alarm will be raised for connections that
Range: 11 - 100 percent
use this Capacity Configuration Set.
Default: 80 percent
After an alarm is raised, it will not be cleared until
the average Ingress MPS falls 5% below this value.

Field (* indicates field

is required) Description Data Input Notes
The Ingress MPS Major Alarm Threshold must be
grerater than the Ingress MPS Minor Alarm
Threshold.
* Reserved Ingress MPS Time (in ms) that a diameter Connection's ingress Format: numeric
Abatement Time message rate must remain less than or equal to
Range: 1000 - 5000 ms
Reserved Ingress MPS, after exceeding Reserved
Ingress MPS, in order to revert the ingress traffic Default: 2000 ms
color from Yellow to Green.
Viewing Capacity Configuration Sets

Use this task to view currently configured Capacity Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Capacity Configuration Sets.
The Capacity Configuration Sets page appears.
Adding a Capacity Configuration Set

Use this task to create a new Capacity Configuration Set. For information about the fields, see Capacity
Configuration Set elements.
1. Select Diameter > Configuration > Configuration Sets > Capacity Configuration Sets.
2. Click Insert.
The Capacity Configuration Sets [Insert] page appears.
3. Enter a unique name for the Capacity Configuration Set in the Name field.
4. Enter the Reserved Ingress MPS value in messages/second.
5. Enter the Maximum Ingress MPS value in messages/second.
6. Enter the Ingress MPS Minor Alarm Threshold as the percentage of the Maximum Ingress MPS
at which a Minor alarm will be raised for connections using this Capacity Configuration Set.
7. Enter the Ingress MPS Major Alarm Threshold as the percentage of the Maximum Ingress MPS
at which a Major alarm will be raised for connections using this Capacity Configuration Set.
8. Enter the Reserved Ingress MPS Abatement Time in milliseconds, if a value other than the default
value is needed.
9. Click:
• OK to save the changes and return to the Capacity Configuration Sets page.
• Any field value is missing (not entered)
• The Capacity Configuration Set is not unique (already exists in the system)
• The maximum number of Capacity Configuration Sets (1000) is already configured
• The Reserved Ingress MPS value is greater than the Maximum Ingress MPS value
• The Ingress MPS Minor Alarm Threshold value is greater than the Ingress MPS Major Alarm
Threshold value

Editing a Capacity Configuration Set

Use this task to edit an existing Capacity Configuration Set.
The changes take effect upon receipt of the next message. Ingress MPS alarms are re-evaluated for all
Connections that use the modified Capacity Configuration Set when the changes are replicated to the
MP servers.
All Connections that use a particular Capacity Configuration Set must be in the Disabled Admin State
before the Reserved Ingress MPS value can be changed. See Disabling Connections. (The Reserved
Ingress MPS field is the only field that requires the Connections to be Disabled before it can be
changed.) See Disabling Connections.
The Per Connection Ingress MPS Control feature must be enabled before the Default Capacity
Configuration Set can be edited.
The Capacity Configuration Set name cannot be changed.
The Diameter > Configuration > Configuration Sets > Capacity Configuration Sets page appears.
2. Select the Capacity Configuration Set to be edited.
3. Click Edit.
The Capacity Configuration Sets [Edit] page appears.
The Capacity Configuration Sets [Edit] page will be populated with the current values for the
selected Capacity Configuration Set.

The fields are described in Capacity Configuration Set elements.
5. Click:
• OK to save the changes and return to the Capacity Configuration Sets page.
• Cancel to return to the Capacity Configuration Sets page without saving any changes.
When OK or Apply is clicked, a popup window appears.
• Click OK to confirm that you want to change the Capacity Configuration Set values.
• Click Cancel to remain on the Capacity Configuration Sets [Edit] page with the changes
displayed but not saved.
If Apply is clicked on the Capacity Configuration Sets [Edit] page, OK is clicked on the confirmation
popup window, and all changes are valid, a Data Committed message appears.
If OK is clicked on the popup window and the Reserved Ingress MPS field was changed for a
Capacity Configuration Set that is referenced by any Connection that is in the Enabled Admin state,
an error message appears and the changes are not saved.
6. Enable any Connections that were Disabled before the Capacity Configuration Set was changed.
See Enabling Connections.
Deleting a Capacity Configuration Set

Use this task to delete a Capacity Configuration Set.

A Capacity Configuration Set cannot be deleted if it is being used by any Connections. Before you
perform this task, you must disable any Connections that use the Capacity Configuration Set and edit
each Connection to no longer use the Capacity Configuration Set. (See Disabling Connections and Editing
a Connection.)
The Default Capacity Configuration Set can be edited, but cannot be deleted.
2. Select the Capacity Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Capacity Configuration Set and return to the Capacity Configuration Sets
page.
• Cancel to cancel the delete function and return to the Capacity Configuration Sets page.
If OK is clicked and the selected Capacity Configuration Set is referenced by at least one Connection,
an error message appears and the Capacity Configuration Set is not deleted.
Egress Message Throttling Configuration Sets

Egress Message Throttling Configuration Sets provide a mechanism for managing egress message
traffic on a Diameter Connection. You can create an Egress Message Throttling Configuration Set with
a maximum allowable Egress Message Rate (EMR) and one to three pairs of EMR Threshold Throttles
and Abatement Throttles.
When the EMR on a connection exceeds a Threshold Throttle value, the EMR congestion level for the
connection is raised. When the Egress Message Rate on a connection falls below an Abatement
Threshold, the EMR congestion level is lowered. Specifying a Convergence time and Abatement time
allows you to control the transitions between EMR congestion levels. The EMR congestion level, along
with the Egress Transport congestion level and the Remote Busy congestion level is used to control
traffic on a connection.
The options are described in Egress Message Throttling Configuration Set elements. Each connection can
reference a single Egress Message Throttling Configuration Set.
On the Egress Message Throttling Configuration Sets page, you can perform the following actions:
• Filter the list of Egress Message Throttling Configuration Sets to display only the desired Egress
Message Throttling Configuration Sets.
The default order is by Egress Message Throttling Configuration Set Name in ascending ASCII
order.
• Click Insert.
The Egress Message Throttling Configuration Sets [Insert] page appears. You can add a new
Egress Message Throttling Configuration Set and its options. See Adding an Egress Message Throttling
Configuration Set.

If the maximum number of Egress Message Throttling Configuration Sets per Network Element
(50) already exist in the system, the Egress Message Throttling Configuration Sets [Insert] page
will not open, and an error message is displayed.
• Select an Egress Message Throttling Configuration Set Name in the list, and click Edit.
The Egress Message Throttling Configuration Sets [Edit] page opens. You can edit the selected
Egress Message Throttling Configuration Set. See Editing an Egress Message Throttling Configuration
Set.
If at least one connection is in the "Enabled" Admin state that uses the Egress Message Throttling
Configuration Set, the Egress Message Throttling Configuration Sets [Edit] page will not open.
• Select an Egress Message Throttling Configuration Set Name in the list, and click Delete to remove
the selected Egress Message Throttling Configuration Set.
Egress Message Throttling Configuration Set elements

Table 14: Egress Message Throttling Configuration Set Elements describes the fields on the Egress Message
Throttling Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only to the Insert
and Edit pages; the View page is read-only.
Table 14: Egress Message Throttling Configuration Set Elements
Field (* indicates
* Egress Message A name that uniquely identifies the Egress Format: Valid characters
Throttling Message Throttling Configuration Set. are alphanumeric and
Configuration Set underscore. Must contain
at least one alpha and
must not start with a digit
Range: A 32-character
string
Default: none
* Max Egress Message A maximum Egress Message Rate (EMR) on a Format: numeric
Rate connection being throttled
Note: The EMR is calculated every 100ms by
Default: none
subtracting the oldest traffic count from the
newest traffic count, and averaging the difference
over the elapsed time between them.
* Throttle Threshold Throttle Threshold Level 1. When Threshold Format: numeric

Level 1 (%) exceeds Level 1, Congestion Level is set to 1
Range: 2 - 100% of Max
EMR
Default: 100%
* Abatement Abatement Threshold Level 1. When Threshold Format: numeric

Threshold Level 1 (%) falls below Level 1, Congestion Level is set to 0.

Field (* indicates
EMR
Default: 80%
Throttle Threshold Throttle Threshold Level 2. When Threshold Format: numeric

Level 2 (%) exceeds Level 2, Congestion Level is set to 2.
EMR
Default: none
Abatement Threshold Abatement Threshold Level 2. When Threshold Format: numeric

Level 2 (%) falls below Level 2, the Congestion Level is set to
1.
EMR
Default: none
Throttle Threshold Throttle Threshold Level 3. When Threshold Format: numeric

Level 3 (%) exceeds Level 3, Congestion Level is set to 3.
Range: 6 -100% of Max
EMR
Default: none
Abatement Threshold Abatement Threshold Level 3. When Threshold Format: numeric

Level 3 (%) falls below Level 3, the Congestion Level is set to
Range: 5 -99% of Max
2.
EMR
Default: none
* Convergence Time The time it will take in milliseconds to converge Format: numeric
(msec) on a per second rate. If the convergence time is
Range (msec):
less than 1000 milliseconds, the rate is *
Convergence Time (msec) extrapolated. If the • 250
convergence time is greater • 250 than 1000 • 500
milliseconds, the rate is averaged. • 1000
The rate convergence time is the amount of time • 2000
it takes for the measured rate to converge on the • 4000
actual rate.
Default: 1000
For example, if the actual rate jumps from 0 MPS
to 1000 MPS and the Rate Convergence Time is 5
seconds, it takes that long for the measured rate
to converge on the actual rate, and the measured
rate will be reported as follows:
• T(0) = 0 MPS
• T(1) = 200 MPS
• T(2) = 400 MPS
• T(3) = 600 MPS
• T(4) = 800 MPS

Field (* indicates
• T(5) = 1000 MPS
* Abatement Time This value specifies the amount of time that a Format: numeric
(msec) throttled connection's Egress Request Rate must
Range: 200 - 10000 msec
remain below an abatement before allowing it to
abate to a lower CL. Default: 500 msec
For example, if the following is true:
• Max EMR = 1000 messages per second
• Abatement Threshold-3 = 80% * 100=> 800
messages per second)
• Abatement time = 500 milliseconds
• Current Congestion Level = CL3
Then all of the message rate calculations during
a contiguous 500 msec must be less than 800 MPS
in order for the congestion level to be reduced
from CL3 to CL2.
Viewing Egress Message Throttling Configuration Sets

Use this task to view currently configured Egress Message Throttling Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Egress Message Throttling Configuration
Sets.
The Egress Message Throttling Configuration Sets page appears.
Adding an Egress Message Throttling Configuration Set

Use this task to create a new Egress Message Throttling Configuration Set. For more information about
the fields, see Egress Message Throttling Configuration Set elements.
1. Select Diameter > Configuration > Configuration Sets > Egress Message Throttling Configuration
Sets.
2. Click Insert.
The Egress Message Throttling Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the Egress Message Throttling Configuration
Set Name field.
4. Enter the maximum Egress Message Rate in the Max EMR field.
5. Enter one to three Throttle Thresholds and Abatement Thresholds as a percentage of the maximum
Egress Message Rate.
6. Optionally, enter a Convergence Time and an Abatement Time.
7. Click:
• OK to save the data and return to the Egress Message Throttling Configuration Sets page.

• Cancel to return to the Egress Message Throttling Configuration Sets page without saving
any changes.
• Any required field is empty (no value was entered)
• The Egress Message Throttling Configuration Set Name is not unique; it already exists in the
system
• Throttle thresholds and abatement thresholds do not follow the rule: TT3 > AT3 > TT2 > AT2
> TT1 > AT1
• The maximum number of Egress Message Throttling Configuration Sets per Network Element
(50) is already configured
Editing an Egress Message Throttling Configuration Set

Use this task to edit an existing Egress Message Throttling Configuration Set.
When the Egress Message Throttling Configuration Sets page opens, the fields are populated with
the currently configured values.
The Egress Message Throttling Configuration Set Name cannot be edited.
Sets.
2. Select the Egress Message Throttling Configuration Set you want to edit.
3. Click Edit.
The Egress Message Throttling Configuration Sets [Edit] page appears.
For information about each field, see Egress Message Throttling Configuration Set elements.
5. Click:
• OK to save the data and return to the Egress Message Throttling Configuration Sets page.
• Cancel to return to the Egress Message Throttling Configuration Sets page without saving
any changes.
• The selected Egress Message Throttling Configuration Set no longer exists; it has been deleted
by another user
• Throttle thresholds and abatement thresholds do not follow the rule: TT3 > AT3 > TT2 > AT2
> TT1 > AT1
Deleting an Egress Message Throttling Configuration Set

Use this task to delete an Egress Message Throttling Configuration Set.

Note: An Egress Message Throttling Configuration Set cannot be deleted if it is being used by any
connections. Before you perform this task, you must disable and edit any connections that use the
Egress Message Throttling Configuration Set. (See Disabling Connections and Editing a Connection.)
Sets.
2. Select the Egress Message Throttling Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Egress Message Throttling Configuration Set.
• Cancel to cancel the delete function and return to the Egress Message Throttling Configuration
Sets page.
If OK is clicked and the selected Egress Message Throttling Configuration Set is referenced by at
least one connection, an error message appears and the Egress Message Throttling Configuration
Set is not deleted.
If OK is clicked and the selected Egress Message Throttling Configuration Set no longer exists (it
was deleted by another user), an error message is displayed and the Egress Message Throttling
Configuration Sets view is refreshed.
Message Priority Configuration Sets

A Message Priority Configuration Set provides a mechanism for controlling how message priority is
set for a request message arriving on a connection. A Message Priority Configuration Set contains one
or more Message Priority Rules.
A Message Priority Rule consists of combination of an Application ID and a Command Code, and a
priority. Incoming messages that match the Application ID and Command Code are assigned the
associated priority.
Message Priority Configuration Sets can be assigned to Connections or Peer Nodes.
The Message Priority Configuration Set fields are described in Message Priority Configuration Set elements.
On the Message Priority Configuration Sets page, you can perform the following actions:
• Filter the list of Message Priority Configuration Sets to display only the desired Message Priority
Configuration Sets.
The default order is by Message Priority Configuration Set Name in ascending ASCII order.
• Click the + in the Message Priority Rules field to display the Message Priority Rules associated
with a Message Priority Configuration Set.
• Click Insert.
The Message Priority Configuration Sets [Insert] page appears. You can add a new Message
Priority Configuration Set and its Message Priority Rules. See Adding a Message Priority Configuration
Set.

If the maximum number of Message Priority Configuration Sets per Network Element (20) already
exist in the system, the Message Priority Configuration Sets [Insert] page will not open, and an
error message is displayed.
• Select an Message Priority Configuration Set Name in the list, and click Edit.
The Message Priority Configuration Sets [Edit] page opens. You can edit the selected Message
Priority Configuration Set. See Editing a Message Priority Configuration Set.
If at least one connection that uses the Message Priority Configuration Set is in the Enabled Admin
state, the Message Priority Configuration Sets [Edit] page will not open.
• Select an Message Priority Configuration Set Name in the list, and click Delete to remove the
selected Message Priority Configuration Set. You cannot delete the Default Message Priority
Configuration Set.
Message Priority Configuration Set elements

Table 15: Message Priority Configuration Set Elements describes the fields on the Message Priority
Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only to the Insert and Edit
pages; the View page is read-only.
Table 15: Message Priority Configuration Set Elements
* Message Priority Unique name of the Message Priority Format: Case-sensitive
Configuration Set Configuration Set. string: alphanumeric and
Name underscore (_); must
contain at least one alpha
and cannot begin with a
digit.
* Message Priority The number of Message Priority Rules defined

Rules in the Message Priority Configuration Set
Application ID The Application ID used to filter incoming Format: scrollable list
Diameter messages
Range: configured
Application IDs. An
asterisk (*) matches any
Application ID.
Application Name The name of the application associated with the

Application ID
Command Code Value The Command Code used to filter incoming Format: scrollable list
Diameter messages.
Range: configured
An ECC is a Command Code that also takes into Command Codes. An
account the value of a specific AVP for that asterisk (*) matches any
Command Code.

Command Code that gives the "true" command
type (for example, CCR-I, CCR-U, and so on).
Note: This pulldown list of configured
Command Codes includes Extended
Command-Codes (ECC) immediately after their
parent Command-Code.
Command Code Name The name of the command associated with the
Command Code
Priority The message priority assigned to incoming Format: pull down list
messages that match the combination of
Range: 0-2
Application ID and Command Code.
Viewing Message Priority Configuration Sets

Use this task to view currently configured Message Priority Configuration Sets and their associated
Message Priority Rules.
1. Select Diameter > Configuration > Configuration Sets > Message Priority Configuration Sets.
The Message Priority Configuration Sets page appears.
2. Click the + in any Message Priority Rules field.
The Message Priority Rules associated with the Message Priority Configuration Set are displayed.
Adding a Message Priority Configuration Set

Use this task to create a new Message Priority Configuration Set. For more information about the
fields, see Message Priority Configuration Set elements.
2. Click Insert.
The Message Priority Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the Message Priority Configuration Set Name
field.
4. Select an Application ID, Command Code, and Message Priority for the Message Priority Rule.
5. Click Add to add more Message Priority Rules to the Message Priority Configuration Set.
You can add up to 50 rules per configuration set. Click the X beside the Message Priority field to
clear the values for a Message Priority Rule.
6. Click:
• OK to save the data and return to the Message Priority Configuration Sets page.
• Cancel to return to the Message Priority Configuration Sets page without saving any changes.
• Any required field is empty (no value was entered)


• The Message Priority Configuration Set Name is not unique; it already exists in the system
• A wildcard is used for Application ID, but a specific Command Code is specified.
• The maximum number of Message Priority Configuration Sets per Network Element (20) is
already configured
Editing a Message Priority Configuration Set

Use this task to edit an existing Message Priority Configuration Set.
When the Message Priority Configuration Sets page opens, the fields are populated with the currently
configured values.
The Message Priority Configuration Set Name cannot be edited.
2. Select the Message Priority Configuration Set you want to edit.
3. Click Edit.
The Message Priority Configuration Sets [Edit] page appears.
For information about each field, see Message Priority Configuration Set elements.
5. Click:
• OK to save the data and return to the Message Priority Configuration Sets page.
• Cancel to return to the Message Priority Configuration Sets page without saving any changes.
• The selected Message Priority Configuration Set no longer exists; it has been deleted by another
user
• A wildcard (*) is used for Application ID, but a specific Command Code is specified.
Deleting a Message Priority Configuration Set

Use this task to delete a Message Priority Configuration Set.
Note: The Default Message Priority Configuration Set cannot be deleted.
2. Select the Message Priority Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Message Priority Configuration Set.

• Cancel to cancel the delete function and return to the Message Priority Configuration Sets
page.
If OK is clicked and the selected Message Priority Configuration Set is referenced by at least one
connection, an error message appears and the Message Priority Configuration Set is not deleted.
If OK is clicked and the selected Message Priority Configuration Set no longer exists (it was deleted
by another user), an error message is displayed and the Message Priority Configuration Sets view
is refreshed.
Message Copy Configuration Sets

A Message Copy Configuration Set provides a mechanism for determining the messages to be copied
(Request or Answer), the Result-Code/Experimental Result-Code on which the Message Copy is
initiated, and number of retries to be made if the Message Copy attempt to DAS fails. The Message
Copy trigger point must specify a Message Copy Configuration Set when the message is marked for
copying.
The Message Copy Configuration Set fields are described in Message Copy Configuration Set elements.
On the Message Copy Configuration Sets page, you can perform the following actions:
• Filter the list of Message Copy Configuration Sets to display only the desired Message Copy
Configuration Sets.
The default order is by Message Copy Configuration Set Name in ascending ASCII order.
• Click Insert.
The Message Copy Configuration Sets [Insert] page appears. You can add a new Message Copy
Configuration Set. See Adding a Message Copy Configuration Set.
If the maximum number of Message Copy Configuration Sets (100) already exists in the system,
• Select a Message Copy Configuration Set Name in the list, and click Edit.
The Message Copy Configuration Sets [Edit] page opens. You can edit the selected Message Copy
Configuration Set. See Editing a Message Copy Configuration Set.
If no row is selected, or if more than one row is selected, Edit is disabled.
• Select a Message Copy Configuration Set Name in the list, and click Delete to remove the selected
Message Copy Configuration Set.
The Default Message Copy Configuration Set can be edited, but cannot be deleted. See Deleting a
Message Copy Configuration Set.
Message Copy Configuration Set elements

Table 16: Message Copy Configuration Set Elements describes the fields on the Message Copy Configuration
Sets View, Edit, and Insert pages. Data Input Notes apply only to the Insert and Edit pages; the View
page is read-only.

Table 16: Message Copy Configuration Set Elements
* Message Copy Unique name of the Message Copy Format: text box
Configuration Set Name Configuration Set.
Case-sensitive string:
alphanumeric and underscore
alpha and cannot begin with
a digit.
* Route List of the DAS Route List to be used for copying a Format: pulldown list
Node message to a DAS node.
Range: configured Route Lists.
Default: -Select-.
Message Copy Request Type of Request to be copied to the DAS. Format: radio buttons
Type
Range: Original Ingress
Request, Original Egress
Request
Default: Original Ingress
Request
Ingress Answer Included Indicates whether the Ingress Answer Format: radio buttons
received for the Diameter Message needs
Range: Yes, No
to be included in the copied message.
Default: No
Original Answer Result Result Code/Experimental Result code Format: radio buttons
Code For Message Copy that should match with incoming Answer
Range:
Result Code (whose Request has been
marked for Message Copy), to allow • 2xxx result-code/
copying a Request to DAS. experimental-result-code
• Any result/
experimental-result-code
Default: 2xxx result-code/
DAS Answer Result Code Result Code/Experimental Result Code Format: radio buttons
that should match with DAS Message
Range:
Copy Answer Result Code, to terminate
the Message Copy to DAS. • 2xxx result-code/
• Any result/
Default: 2xxx result-code/

* Max DAS Retransmission Max Retransmission Attempts for Format: text box; numeric
Attempts DAS-Request
Range: 0-4
A value of 0 indicates that there will not
Default: 0
be any re-transmissions after the first
copy attempt.
Viewing Message Copy Configuration Sets

Use this task to view currently configured Message Copy Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Message Copy Configuration Sets.
The Message Copy Configuration Sets page appears.
Adding a Message Copy Configuration Set

Use this task to create a new Message Copy Configuration Set.
The fields are described in Message Copy Configuration Set elements.
1. Select Diameter > Configuration > Configuration Sets > Message Copy Configuration Sets.
2. Click Insert.
The Message Copy Configuration Sets [Insert] page appears.
If the maximum numbers of Message Copy Configuration Sets (100) allowed in the system are
already configured, the Message Copy Configuration Sets [Insert] page will not open.
3. Enter a unique name for the Configuration Set in the Message Copy Configuration Set Name
field.
4. Select or enter the element values.
5. Click:
• OK to save the new Configuration Set and return to the Message Copy Configuration Sets
page.
• Apply to save the new Configuration Set and remain on this page.
• Cancel to return to the Message Copy Configuration Sets page without saving any changes.
• Any required field is empty (no value was entered).
• The value in any field is not valid or is out of range.
• The Message Copy Configuration Set Name is not unique; it already exists in the system.
Editing a Message Copy Configuration Set

Use this task to edit an existing Message Copy Configuration Set.

When the Message Copy Configuration Sets page opens, the fields are populated with the currently
configured values.
The Message Copy Configuration Set Name cannot be edited.
The fields are described in Message Copy Configuration Set elements.
2. Select the Message Copy Configuration Set you want to edit.
3. Click Edit.
The Message Copy Configuration Sets [Edit] page appears.
5. Click:
• OK to save the changes and return to the Message Copy Configuration Sets page.
• Cancel to return to the Message Copy Configuration Sets page without saving any changes.
• The selected Message Copy Configuration Set no longer exists; it has been deleted by another
user.
• Any field is empty (no value was entered) .
Deleting a Message Copy Configuration Set

Use this task to delete a Message Copy Configuration Set.
The Default Message Copy Configuration Set can be edited, but cannot be deleted.
2. Select the Message Copy Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Message Copy Configuration Set.
• Cancel to cancel the delete function and return to the Message Copy Configuration Sets page.
If OK is clicked and the selected Message Copy Configuration Set is referenced by any other
Diameter component or any diameter routing application, an error message appears and the
Message Copy Configuration Set is not deleted.
Rate Limiting Configuration Sets

Rate Limiting Configuration Sets provide the mechanism to enter data needed by Egress Throttle
Groups (on the SOAM GUI) and Egress Throttle Lists (on the NOAM GUI) to perform egress throttling
by egress message rate. For details about the NOAM functionality, see Rate Limiting Configuration Sets
on the NOAM.


An Egress Throttling Group is always associated with a Rate Limiting Configuration Set, which
provides the following data for performing Egress Message Rate Throttling:
• Maximum Message Rate
• Onset and Abatement Thresholds:
• Percentages of the maximums
• Used with Message Priority to determine which requests to throttle
• Convergence time, which allows you to control the sensitivity of request traffic bursts on an ETG.
• Abatement time
Rate Limiting can be enabled on the SOAM Main Menu: Diameter > Maintenance > Egress Throttle
Groups page.
For NOAM functionality, you must change the Egress Throttling Control Scope of the Egress Control
Group to ETL and enable Egress Message Rate Throttle on the Egress Throttle Group before Egress
Message Rate Throttling can be started on Egress Throttle Lists.
The Rate Limiting Configuration Set fields are described in Rate Limiting Configuration Sets elements.
On the Rate Limiting Configuration Sets page, you can perform the following actions:
• Filter the list of Rate Limiting Configuration Sets to display only the desired Rate Limiting
Configuration Sets.
The default order is by Rate Limiting Configuration Set Name in ascending ASCII order.
• Click Insert.
The Rate Limiting Configuration Sets [Insert] page appears. You can add a new Rate Limiting
Configuration Set. See Adding a Rate Limiting Configuration Set.
If the maximum number of Rate Limiting Configuration Sets already exists in the system, an error
• Select a Rate Limiting Configuration Set Name in the list, and click Edit.
The Rate Limiting Configuration Sets [Edit] page opens. You can edit the selected Rate Limiting
Configuration Set. See Editing a Rate Limiting Configuration Set.
• Select a Rate Limiting Configuration Set Name in the list, and click Delete to remove the selected
Rate Limiting Configuration Set.
The Default Rate Limiting Configuration Set can be edited, but cannot be deleted. See Deleting a
Rate Limiting Configuration Sets elements

Table 17: Rate Limiting Configuration Sets Elements describes the fields on the Rate Limiting Configuration
page is read-only.
Note: This GUI page is available from the SOAM and NOAM menu.

Table 17: Rate Limiting Configuration Sets Elements
Field (* indicates a required

field) Description Data Input Notes
Rate Limiting Configuration Set Unique name of the Rate Format: text box
Name Limiting Configuration Set.
alpha and cannot begin with a
digit.
Range: 1-32 characters
Default: NA
*Maximum Egress Request Rate The maximum allowed Egress Format: text box; numeric
Request Rate shared by
Range: 100-250000
associated members.
Default: 6000
*Onset Threshold Level 1 (%) When Egress Request Rate Format: text box; numeric
exceeds this percentage of
Range: 2-100
maximum Egress Request Rate,
the Congestion Level is set to 1. Default: 60
*Abatement Threshold Level 1 When Egress Request Rate falls Format: text box; numeric
(%) below this percentage of
Range: 1-100
the Congestion Level is set to 0. Default: 55
Onset Threshold Level 2 (%) When Egress Request Rate Format: text box; numeric
Range: 4-100
the Congestion Level is set to 2. Default: NA
Abatement Threshold Level 2 When Egress Request Rate falls Format: text box; numeric
Range: 3-100
Onset Threshold Level 3 (%) When Egress Request Rate Format: text box; numeric
Range: 5-100
Abatement Threshold Level 3 When Egress Request Rate falls Format: text box; numeric
Range: 5-100
*Convergence Time (msec) (%) The time it will take in Format: text box; pull down
milliseconds to converge on a
Range: 250, 500, 1000, 2000, 4000

Field (* indicates a required

field) Description Data Input Notes
per second rate. If the Default: 250
convergence time is less than
1000 milliseconds, the rate is
extrapolated. If the convergence
time is greater than 1000
milliseconds, the rate is
averaged.
*Abatement Time (msec) The amount of time in Format: text box; numeric
milliseconds that the Egress
Range: 50-10000
Request Rate must remain below
an abatement threshold before Default: 50
the Congestion Level is lowered.
Viewing Rate Limiting Configuration Sets

Use this task to view currently configured Rate Limiting Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Rate Limiting Configuration Sets on the
SOAM or Diameter > Configuration > Egress Throttle List > Rate Limiting Configuration Sets on
the NOAM.
Adding a Rate Limiting Configuration Set

Use this task to create a new Rate Limiting Configuration Set.
The fields are described inRate Limiting Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Rate Limiting Configuration Sets on
the SOAM or Diameter > Configuration -> Egress Throttle List > -Rate Limiting Configuration
Sets on the NOAM.
The Rate Limiting Configuration Sets page appears.
2. Click Insert.
The Rate Limiting Configuration Sets [Inset] page appears.
3. Enter a unique name for the Rate Limiting Configuration Set in the Rate Limiting Configuration
Set Name field.
5. Click:
• OK to save the new Rate Limiting Configuration Set and return to the Rate Limiting
Configuration Sets page.
• Apply to save the new Rate Limiting Configuration Set and remain on this page.
• Cancel to return to the Rate Limiting Configuration Sets page without saving any changes.


• The Rate Limiting Configuration Set Name is not unique; it already exists in the system.
Editing a Rate Limiting Configuration Set

Use this task to edit an existing Rate Limiting Configuration Set.
When the Rate Limiting Configuration Sets page opens, the fields are populated with the currently
configured values.
The Rate LimitingConfiguration Set Name cannot be edited.
The fields are described in Rate Limiting Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Rate Limiting Configuration Sets on
the SOAM or Diameter > Configuration > Egress Throttle List > -Rate Limiting Configuration
Sets on the NOAM.
2. Select the Rate Limiting Configuration Set you want to edit.
3. Click Edit.
The Rate Limiting Configuration Sets [Edit} page appears.
5. Click:
• OK to save the changes and return to the Rate Limiting Configuration Sets page.
• Cancel to return to the Rate Limiting Configuration Sets page without saving any changes.
• The selected Rate Limiting Configuration Set no longer exists; it has been deleted by another
user.
Deleting a Rate Limiting Configuration Set

Use this task to delete a Rate Limiting Configuration Set.
The Default Rate Limiting Configuration Set can be edited, but cannot be deleted.
1. Select Diameter > Configuration > Configuration Sets > Rate Limiting Configurations Sets on
the SOAM or Diameter > Configuration -> Egress Throttle List > -Rate Limiting Configuration
Sets on the NOAM.
2. Select the Rate Limiting Configuration Set you want to delete.
3. Click Delete.

4. Click:
• OK to delete the Rate Limiting Configuration Set.
• Cancel to cancel the delete function and return to the Rate Limiting Configuration Sets page.
If OK is clicked and the selected Rate Limiting Configuration Set is referenced by any other Diameter
component or any diameter routing application, an error message appears and the Rate Limiting
Configuration Set is not deleted.
Pending Transaction Limiting Configuration Sets

Pending Transaction Limiting Configuration Sets configuration provides the mechanism to enter
configuration data needed by Egress Throttle Groups to determine when to start throttling for pending
transactions. For details about the NOAM functionality, see Pending Transaction Limiting Configuration
Sets on the NOAM.
An ETG is always associated with a Pending Transaction Limiting Configuration Sets that provides
the following data for performing Egress Message Rate Throttling based on pending transactions:
• Maximum pending transactions
• Abatement time
You must enable Pending Transaction Limiting before Egress Pending Transaction Limiting can be
started on Egress Throttle Groups.
The Pending Transaction Limiting Configuration Sets fields are described in Pending Transaction
Limiting Configuration Sets elements.
On the Pending Transaction Limiting Configuration Sets page, you can perform the following actions:
• Filter the list of Pending Transaction Limiting Configuration Sets to display only the desired Pending
Transaction Limiting Configuration Sets.
The default order is by Pending Transaction Limiting Configuration Sets in ascending ASCII
order.
• Click Insert.
The Pending Transaction Limiting Configuration Sets [Insert] page appears. You can add a new
Pending Transaction Limiting Configuration Sets. See Adding a Pending Transaction Limiting
Configuration Set.
If the maximum number of Pending Transaction Limiting Configuration Sets already exists in the
system, an error message is displayed.
• Select a Pending Transaction Limiting Configuration Set Name in the list, and click Edit.
The Pending Transaction Limiting Configuration Sets [Edit] page opens. You can edit the selected
Pending Transaction Limiting Configuration Set. See Editing a Pending Transaction Limiting
Configuration Set.

• Select a Pending Transaction Limiting Configuration Set Name in the list, and click Delete to
remove the selected Pending Transaction Limiting Configuration Set.
The Default Pending Transaction Limiting Configuration Set can be edited, but cannot be deleted.
See Deleting a Pending Transaction Limiting Configuration Set.
Pending Transaction Limiting Configuration Sets elements

Table 18: Pending Transaction Limiting Configuration Sets Elements describes the fields on the Pending
Transaction Limiting Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only
to the Insert and Edit pages; the View page is read-only.
Table 18: Pending Transaction Limiting Configuration Sets Elements
Pending Transaction Unique name of the Pending Format: text box; alphanumeric and
Limiting Configuration Transaction Limiting Configuration underscore; must contain at least
Set Name Set. one alpha and must not start with
a digit.
Range: 1- 32 characters
Default: NA
*Maximum Egress The maximum allowed Egress Format: text box; numeric
Pending Transactions Pending Transactions for the Peers
Range: 100-1000000
and Connections within a group.
Default: NA
*Onset Threshold Level 1 When Egress Pending Transactions Format: text box; numeric
(%) exceeds this percentage of
Range: 2-100
maximum Egress Pending
Transactions, the Congestion Level Default: 60
is set to 1.
*Abatement Threshold When Egress Pending Transactions Format: text box; numeric
Level 1 (%) falls below this percentage of
Range: 1-100
Transactions, the Congestion Level Default: 55
is set to 0.
Onset Threshold Level 2 When Egress Pending Transactions Format: text box; numeric
Range: 4-100
Transactions, the Congestion Level Default: NA
is set to 2.
Abatement Threshold When Egress Pending Transactions Format: text box; numeric
Range: 3-100
is set to 1.

Onset Threshold Level 3 When Egress Pending Transactions Format: text box; numeric
Range: 6-100
is set to 3.
Abatement Threshold When Egress Pending Transactions Format: text box; numeric
Range: 5-100
is set to 2.
*Abatement Time (msec) The amount of time in milliseconds Format: text box; numeric
that Egress Pending Transactions
Range: 50-10000
must remain below an abatement
threshold before the Congestion Default: 50
Level is lowered.
Viewing Pending Transaction Limiting Configuration Sets

Use this task to view currently configured Pending Transaction Limiting Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Pending Transaction Limiting
Configuration Sets on the SOAM or Diameter > Configuration > Egress Throttle List > Pending
Transaction Limiting Configuration Sets on the NOAM.
The Pending Transaction Limiting Configuration Sets page appears.
Adding a Pending Transaction Limiting Configuration Set

Use this task to create a new Pending Transaction Limiting Configuration Sets.
The fields are described in Pending Transaction Limiting Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Pending Transaction Limiting
2. Click Insert.
3. Enter a unique name for the Pending Transaction Limiting Configuration Set in the Pending
Transaction Limiting Configuration Set Name field.
5. Click:
• OK to save the new Pending Transaction Limiting Configuration Sets and return to the Pending
Transaction Limiting Configuration Sets page.
• Apply to save the new Pending Transaction Limiting Configuration Set and remain on this
page.

• Cancel to return to the Pending Transaction Limiting Configuration Sets page without saving
any changes.
• The Pending Transaction Limiting Configuration Set Name is not unique; it already exists in
the system.
Editing a Pending Transaction Limiting Configuration Set

Use this task to edit an existing Pending Transaction Limiting Configuration Set.
When the Pending Transaction Limiting Configuration Sets page opens, the fields are populated
with the currently configured values.
The Pending Transaction Limiting Configuration Set Name cannot be edited.
The fields are described in Pending Transaction Limiting Configuration Sets elements.
2. Select the Pending Transaction Limiting Configuration Set you want to edit.
3. Click Edit.
5. Click:
• OK to save the changes and return to the Pending Transaction Limiting Configuration Sets
page.
• Cancel to return to the Pending Transaction Limiting Configuration Sets page without saving
any changes.
• The selected Pending Transaction Limiting Configuration Set no longer exists; it has been deleted
by another user.
Deleting a Pending Transaction Limiting Configuration Set

Use this task to delete a Pending Transaction Limiting Configuration Set.

The Rating Limit Configuration page appears.

2. Select the Pending Transaction Limiting Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Pending Transaction Limiting Configuration Set.
• Cancel to cancel the delete function and return to the Pending Transaction Limiting
If OK is clicked and the selected Pending Transaction Limiting Configuration Set is referenced by
any other Diameter component or any diameter routing application, an error message appears and
the Pending Transaction Limiting Configuration Set is not deleted.
Transaction Configuration Sets

A Transaction Configuration Set provides a mechanism to assign routing and transaction attributes
(ART, PRT, PAT, and ROS) to Diameter request message based on Application ID and (Extended)
Command Code.
Configuration of Transaction Configuration Sets (TCS) that contain one or more Transaction
Configuration Rules is supported. These Transaction Configuration Rules allow the assignment of
routing and transaction attributes, for example Routing Option Set (ROS), Pending Answer Timer
(PAT), Application Route Table (ART) and Peer Route Table (PRT) to Diameter messages based on
Application ID and (Extended) Command Code.
The Transaction Configuration Set fields are described in Transaction Configuration Sets elements.
On the Transaction Configuration Sets page, you can perform the following actions:
• Filter the list of Transaction Configuration Sets to display only the desired Transaction Configuration
Sets.
The default order is by Transaction Configuration Set Name in ascending ASCII order.
• Click Insert.
The Transaction Configuration Sets [Insert] page appears. You can add a new Transaction
Configuration Set. See Adding a Transaction Configuration Set.
If the maximum number of Transaction Configuration Sets already exists in the system, an error
• Select a Transaction Configuration Set Name in the list, and click Edit.
The Transaction Configuration Sets [Edit] page opens. You can edit the selected Transaction
Configuration Set. See Editing a Transaction Configuration Set.
If no row is selected, the Edit is disabled.
• Select a Transaction Configuration Set Name in list, and click Delete to remove the selected
Transaction Configuration Set.

The Default Transaction Configuration Set can be edited, but cannot be deleted. See Deleting a
Transaction Configuration Set.
Transaction Configuration Sets elements

Table 19: Transaction Configuration Sets Elements describes the fields on the Transaction Configuration
page is read-only.
Note: If Application ID with an optional Command Code is selected, one of the other four routing
attributes (ROS, PAT, ART, PRT) is mandatory.
Table 19: Transaction Configuration Sets Elements includes references to topics where you can define the
attributes associated with the selected Transaction Configuration Sets.
Table 19: Transaction Configuration Sets Elements
*Transaction Unique name of the Transaction Format: text box
Configuration Set Name Configuration Set.
Case-sensitive string: alphanumeric
and underscore (_); must contain at
least one alpha and cannot begin
with a digit.
Transaction Configuration The rules associated with the Format: Expandable or collapsible
Rules Transaction Configuration Set Name list of rules associated with the
selected Transaction Configuration
Set Name
Application ID The Application ID in the Diameter Format: Hyperlink to the listed
message. attribute
Note: See Using Application IDs to Range: NA
Identify Diameter Applications.
Default: NA
Command Code The Command code in the Diameter Format: Hyperlink to the listed
message. attribute
Note: See Diameter Command Codes. Range: NA
Default: NA
Routing Option Set The Routing Options Set associated Format: Hyperlink to the listed
with the Application ID and attribute
Command Code (if specified).
Range: NA
Note: See Diameter Routing Option
Default: NA
Sets.

Pending Answer Timer The Pending Answer Time Format: Hyperlink to the listed
associated with Application ID and attribute
Range: NA
Note: See Diameter Pending Answer
Default: NA
Timers.
Application Route Table The Application Route Table Format: Hyperlink to the listed
associated with Application ID and attribute
Range: NA
Note: See Diameter Application Route
Default: NA
Tables.
Peer Route Table The Peer Route Table associated Format: Hyperlink to the listed
with Application ID and Command attribute
Code (if specified).
Range: NA
Note: See Diameter Peer Route Tables.
Default: NA
Viewing Transaction Configuration Sets

Use this task to view currently configured Transaction Configuration Sets.
Select Diameter > Configuration > Configuration Sets > Transaction Configuration Sets.
The Transaction Configuration Sets page appears.
Adding a Transaction Configuration Set

Use this task to create a new Transaction Configuration Set.
The fields are described in Transaction Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > TransactionConfiguration Sets.
2. Click Insert.
The Transaction Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the Transaction Configuration Set Name field.
5. Click:
• OK to save the new Transaction Configuration Set and return to the Transaction Configuration
Sets page.
• Apply to save the new Transaction Configuration Set and remain on this page.
• Cancel to return to the Transaction Configuration Sets page without saving any changes.


• The Transaction Configuration Set Name is not unique; it already exists in the system.
• A wildcard is used for Application ID, but a specific Command Code is specified.
• The maximum number of Transaction Configuration Sets per Network Element (100) is already
configured.
Editing a Transaction Configuration Set

Use this task to edit an existing Transaction Configuration Set.
When the Transaction Configuration Sets page opens, the fields are populated with the currently
configured values.
The Transaction Configuration Set Name cannot be edited.
The fields are described in Transaction Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Transaction Configuration Sets.
2. Select the Transaction Configuration Set you want to edit.
3. Click Edit.
The Transaction Configuration Sets [Edit] page appears.
5. Click:
• OK to save the changes and return to the Transaction Configuration Sets page.
• Cancel to return to the Transaction Configuration Sets page without saving any changes.
• The selected Transaction Configuration Set no longer exists; it has been deleted by another user.
• Any field is empty (no value was entered).
Deleting a Transaction Configuration Set

Use this task to delete a Transaction Configuration Set.
The Default Transaction Configuration Set can be edited, but cannot be deleted.
1. Select Diameter > Configuration > Configuration Sets > Transaction Configuration Sets.
2. Select the Transaction Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Transaction Configuration Set.
• Cancel to cancel the delete function and return to the Transaction Configuration Sets page.

If OK is clicked and the selected Transaction Configuration Set is referenced by any peer node, an
error message appears and the Transaction Configuration Set is not deleted.
Traffic Throttle Point Configuration Sets

A TTP Configuration Set defines a set of configuration attributes for a TTP, and can be assigned to
one or more TTPs.
You can modify any of the TTP Configuration Sets attributes while the TTP is enabled for service
(Throttling Admin State is Enabled).
You can perform the following actions for Traffic Throttle Point Configuration Sets:
• Filter the list of Traffic Throttle Point Configuration Sets to display only the desired Traffic Throttle
Point Configuration Sets.
The default order is by Traffic Throttle Point Configuration Set Name in ascending ASCII order.
• Click Insert.
The Traffic Throttle Point Configuration Sets [Insert] page appears. You can add a new Traffic
Throttle Point Configuration Set. See Adding Traffic Throttle Point Configuration Sets.
If the maximum number of Traffic Throttle Point Configuration Sets already exists in the system,
• Select a Traffic Throttle Point Configuration Set Name in the list. Click Edit to display the Traffic
Throttle Point Configuration Sets [Edit] page and edit the selected Traffic Throttle Point
Configuration Set.
See Editing Traffic Throttle Point Configuration Sets.
If no Name is selected, Edit is disabled.
• Select a Traffic Throttle Point Configuration Set Name in the list, and click Delete to remove the
selected Traffic Throttle Point Configuration Set.
The default Traffic Throttle Point Configuration Set can be edited, but cannot be deleted. See Deleting
Traffic Throttle Point Configuration Sets.
Traffic Throttle Point Configuration Sets elements

Table 20: Traffic Throttle Point Configuration Sets Elements describes the fields on the Diameter >
Configuration Sets > Traffic Throttle Point Configuration Sets View, Insert, and Edit pages. Data
Input Notes apply only to the Insert and Edit pages; the View page is read-only.
Table 20: Traffic Throttle Point Configuration Sets Elements
* Name A name of the TTP Configuration Set. Format: text box

alphanumeric and underscore (_);
must contain at least one alpha
and cannot begin with a digit.
Default: NA
* Abatement Recovery Defines the rate of reduction in loss that Format: text box
Rate will be applied to a TTP when the loss
Range: 1- 100
time period has expired.
Default:5
Override Message This attribute is only accessed during Format: text box
Priority Threshold routing and changes to its value will not
Range: 1, 2
impact any pending transactions. When
a pending transaction is rerouted or Default: NA
when a new transaction is processed, the
new attribute value will be used.
When this parameter is set, messages
whose priority is greater than or equal
to this value are immune from diversion
if the TTP's OTR is below its Maximum
ETR attribute value.
Note: If the TTP's OTR is greater or
equal to the TTP's Maximum ETR, the
only transaction exempt from diversion
are NGN-PS transactions with priority=4
(and none of the TTP priority override
transactions are exempt from TTP
diversion). If the TTP's OTR is less than
the TTP's Maximum ETR and you have
enabled TTP priority override, then all
TTP priority override transactions are
also exempt from TTP diversion (as well
as NGN-PS transactions).
Default Reduction The default reduction percentage for a Format: text box
Percentage DOIC overload report if the value is not
Range: 0 - 100
specified.
Default: 0
* Default Validity The default validity duration for a DOIC Format: text box
Duration overload report if the value is not
specified.
Default: 30

* Rate Convergence The time (in ms) to converge on a per Format: pulldown list
Time second rate. If the rate convergence time
Range: [250, 500, 1000, 2000]
is less than 1000 ms, the rate is
extrapolated. If the rate convergence time Default: 250
is greater than 1000 ms, the rate is
averaged.
Viewing Traffic Throttle Point Configuration Sets

To view traffic throttle groups, select Diameter > Configuration > Configuration Sets > Traffic
Throttle Point Configuration Sets.
The Diameter > Configuration > Configuration Sets > Traffic Throttle Point Configuration Sets
page appears showing a list of configured traffic throttle point configuration sets. The fields are
described in Traffic Throttle Point Configuration Sets elements.
Adding Traffic Throttle Point Configuration Sets

Use this task to create a new Traffic Throttle Point Configuration Set.
The fields are described in Traffic Throttle Point Configuration Sets elements.
1. Select Diameter > Configuration > Configuration Sets > Traffic Throttle Point Configuration
Sets.
The Traffic Throttle Point Configuration Sets page appears.
2. Click Insert.
The Traffic Throttle Point Configuration Sets [Insert] page appears.
3. Enter a unique name for the TTP Configuration Set in the Name field.
5. Click:
• OK to save the new Traffic Throttle Point Configuration Set and return to the Traffic Throttle
Point Configuration Sets page.
• Apply to save the new Traffic Throttle Point Configuration Set and remain on this page.
• Cancel to return to the Traffic Throttle Point Configuration Sets page without saving any
changes.
• The maximum number of Traffic Throttle Point Configuration Sets has already been created.
• The Traffic Throttle Point Configuration Sets Name is not unique; it already exists in the
system.

Editing Traffic Throttle Point Configuration Sets

Use this task to edit an existing Traffic Throttle Point Configuration Set.
When the Traffic Throttle Point Configuration Sets page opens, the fields are populated with the
currently configured values.
The Traffic Throttle Point Configuration Set Name cannot be edited.
The fields are described in Traffic Throttle Point Configuration Sets elements.
Sets.
2. Select the Traffic Throttle Point Configuration Set you want to edit.
3. Click Edit.
The Traffic Throttle Point Configuration Sets [Edit] page appears.
5. Click:
• OK to save the changes and return to the Traffic Throttle Point Configuration Sets page.
• Cancel to return to the Traffic Throttle Point Configuration Setss page without saving any
changes.
• The selected Traffic Throttle Point Configuration Set no longer exists; it has been deleted by
another user.
Deleting Traffic Throttle Point Configuration Sets

Use this task to delete Traffic Throttle Point Configuration Sets.
The default Traffic Throttle Point Configuration Set can be edited, but cannot be deleted.
Sets.
2. Select the Traffic Throttle Point Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Traffic Throttle Point Configuration Set.
• Cancel to cancel the delete function and return to the Traffic Throttle Point Configuration Sets
page.
If OK is clicked and the selected Traffic Throttle Point Configuration Set is referenced by any traffic
throttle point, an error message appears and the Traffic Throttle Point Configuration Set is not
deleted.

• If you attempt to delete a TTP Configuration Set that is already in use.
• If you attempt to delete the default TTP Configuration Set.
Diameter Local Nodes

A Local Node is a local Diameter node that is specified with a realm and an FQDN. When used in
conjunction with RADIUS connections, it represents either a RADIUS client or a RADIUS server.
The Local Node identifies:
• Local Node Name
• Realm
• SCTP Listen Port Number
• TCP Listen Port Number
• DTLS/SCTP Listen Port
• TLS/TCP Listen Port
• Radius UDP Server Ports
• Enable Radius UDP Client Ports
• Radius Client UDP Port Range Start
• Radius Client UDP Port Range End
• Verification Mode
• Certificate Type
• Certificate Name
• Connection Configuration Set
• CEX Configuration Set
• A list of IP addresses available for establishing Diameter transport connections
After it is configured, a Local Node can be assigned to connections for use in Diameter routing. Select
one of the following connection transport configurations:
• SCTP
• DLTS over SCTP
• TCP
• TLS over TCP
For each connection you can select, TCP, SCTP, TLS/TCP or DTLS/SCTP as the security mechanism
used to establish that connection to the peer. DTLS is available only for SCTP connections and TLS is
available only for TCP connections.
Note: If you select TLS/DTLS, avoid using IPSec. Although IPsec is still supported, you must ensure
that a connection does not implement both IPSec and TLS/DTLS, as this would have significant
performance impacts.
TLS and DTLS are application layer security protocols that run over TCP and SCTP transport. TLS/DTLS
provides tighter encryption via handshake mechanisms, and supports up to 1000 certificates for a
node and across the network. TLS/DTLS requires pre-configured certificates/keys that are used during

the handshake procedure after transport level connection is established, but before diameter capabilities
are exchanged with the peers. The Local Node configuration uses imported certificates/keys and
verification mode. If the handshake fails, the connection is not allowed to be established depending
on the verification mode associated with the connection.
Note the following restrictions:
• If an attempt is made to edit a Connection and the specified Transport Protocol is DTLS, if the
DTLS feature is not activated on the SOAM being used to edit the Connection, an error code is
generated and the Connection information is not be updated in the configuration.
• Upon startup, the value of DtlsFeatureEnabled flag defined in DpiOption table is read, and
depending on its value, the application will or will not send AUTH Extensions in SCTP_INIT and
SCTP_INIT_ACK message while establishing SCTP or DTLS connections.
Note: Any edits to DtlsFeatureEnabled flag defined in DpiOption table after startup will not take
effect until the next diameter process restart.
• Client-side or server-side authentication for a TLS/DTLS connection is supported automatically
when this is required by peer server or peer client.
• When TLS/DTLS is selected for a diameter-initiated connection, the TLS/DTLS parameters defined
by the operator in the local node are applied. The application behavior is related to the local node
Verification Mode selection.
• When TLS/DTLS is selected for a connection and TLS/DTLS cannot be established either due to
a failed key exchange or because the peer does not support TLS/DTLS, the connection is not
allowed.
• TLS/DTLS connections initiated by a Diameter peer are responded to. If TLS/DTLS cannot be
established due to a failed key exchange, the connection is not allowed. A valid certificate and
matching key are required, but you can set the Verification Mode to None to override this behavior.
• You cannot change the security mechanism selected for a connection while the connection is active.
On the Diameter > Configuration > Local Nodes page, you can perform the following actions:
• Filter the list of Local Nodes to display only the desired Local Nodes.
• Sort the list by a column in ascending or descending order, by clicking the column heading (except
IP Addresses). The default order is by Local Node Name in ascending ASCII order.
• Click a field entry for a Local Node.
The Diameter > Configuration > {Item Type} [Filtered] page appears for the selected item.
• Click Insert.
The Diameter > Configuration > Local Nodes [Insert] page appears. You can add a new Local
Node.
The Diameter > Configuration > Local Nodes [Insert] page will not open if any of the following
conditions exist:
• The maximum number of Local Nodes (32) has already been configured.
• There is no Signaling VIP Address available in the signaling Network Element (NE) that can
be added to the Local Node.
• Select a Local Node in the list, and click Edit.
The Diameter > Configuration > Local Nodes [Edit] page appears. You can edit the selected Local
Node.
• Select a Local Node in the list, and click Delete. You can delete the selected Local Node.

Diameter Local Node configuration elements

Table 21: Local Node Configuration Elements describes the fields on the Local Nodes View, Insert, and
Edit pages. Data Input Notes only apply to the Insert and Edit pages; the View page is read-only.
Table 21: Local Node Configuration Elements
Field (* indicates
* Local Node Name Unique name of the Local Node. Format: string, case-sensitive;
alphanumeric and underscore (_);
cannot start with a digit and must
Default: NA
* Realm Realm of the Local Node; defines the Format: string consisting of a list
administrative domain with which the of labels separated by dots. A label
user maintains an account relationship. can contain letters, digits, dash (-),
and underscore (_). A label must
begin with a letter, digit, or
underscore, and must end with a
letter or digit. Underscore can be
used only as the first character.
Range: Realm - up to 255
characters; label - up to 63
characters
Default: NA
* FQDN Unique Fully Qualified Domain Name; Format: a case-insensitive string

specifies exact location in the tree consisting of a list of labels
hierarchy of the DNS. separated by dots. A label must
contain letters, digits, dash (-), and
underscore (_). A label must begin
with a letter or underscore, and
must end with a letter or digit.
Underscore can be used only as the
first character.
Range: FQDN - up to 255
characters
Default: NA
SCTP Listen Port SCTP listen port number for the Local Format: numeric
Node.
Range: 1024 - 49151
This SCTP Listen Port cannot be the same
Default: 3868
as a Local Initiate Port of a Connection.

Field (* indicates
Initiator port ranges are divided into
user-assigned and DCL-assigned
sub-ranges.
Note: DCL-assigned sub-ranges is
implemented via OAM, and is restricted
to connections only.
DCL (Diameter Transport Layer) is the
software layer of the stack which
implements diameter transport
connections.
TCP Listen Port TCP listen port number for the Local Format: numeric
Node.
Range: 1024 - 49151
This TCP Listen Port cannot be the same
Default: 3868
as a Local Initiate Port of a Connection.
Initiator port ranges are divided into
user-assigned and DCL-assigned
sub-ranges.
Note: DCL-assigned sub-ranges is
implemented via OAM, and is restricted
to connections only.
DCL (Diameter Transport Layer) is the
software layer of the stack which
implements diameter transport
connections.
DTLS/SCTP Listen The DTLS/SCTP listen port number for Format: numeric
Port the Local Node.
Range: 1024 - 49151
Datagram Transport Layer Security allows
Default: 5658
datagram based applications to
communicate in a way that is designed to
prevent eavesdropping, tampering, or
message forgery. The DTLS protocol is
based on the stream-oriented Transport
Layer Security (TLS) protocol.
TLS/TCP Listen Port The TLS/TCP listen port number for the Format: numeric
Local Node.
Range: 1024 - 49151
TLS (Transport Layer Security) is an
Default: 5658
application layer security protocol that
runs over TCP transport.
RADIUS UDP Server UDP Port numbers used by RADIUS Format: numeric
Ports clients when sending RADIUS messages
Range: 1024 - 49151
to the DSR. If no UDP port is specified

Field (* indicates
here, this Local Node will not receive Default: NA
requests from RADIUS clients.
Enable RADIUS UDP When checked, this Local Node can send Format: checkbox
Client Ports RADIUS request messages to a RADIUS
Range: NA
server using one of the UDP ports
specified in the RADIUS Client UDP Port Default: unchecked
Range.
RADIUS Client UDP The lowest UDP port number that can be Format: numeric
Port Range Start used to send RADIUS request messages
Range: 1024 - 49151
to a remote RADIUS server.
Default: 2000
Note: If this Local Node does not share
any IP address with any other Local Node,
this Local Node can use the default client
port range start of 2000. However, if this
Local Node shares any IP addresses with
one or more other Local Nodes, this Local
Node can only use the default port range
start of 2000 if none of the other Local
Nodes (that share an IP with this Local
Node) overlaps the port range specified
for this Local Node.
RADIUS Client UDP The highest UDP port number that can be Format: numeric
Port Range End used to send RADIUS request messages
Range: 1024 - 49151
to a remote RADIUS server.
Default: 2499
Note: If this Local Node does not share
any IP address with any other Local Node,
this Local Node can use the default client
port range end of 2499. However, if this
Local Node shares any IP addresses with
one or more other Local Nodes, this Local
Node can only use the default port range
end of 2499 if none of the other Local
Nodes (that share an IP with this Local
Node) overlaps the port range specified
for this Local Node.
Verification Mode: The Certificate Verification Mode for the Format: pulldown list
Local Node. If TLS/TCP or DTLS/SCTP
• Verify None Range: NA
Port is configured, this field sets the
• Verify Peer Verification Mode supported by the Local Default: Verify None
• Fail if No Peer Node.
Certificate
• Verify Client Available certificate types for
Once configuration.

Field (* indicates
Certificate Type Available certificate types for Format: pulldown list
configuration.
Range: NA
Note: Currently, available for TLS only.
Default: NA
Note: This field is required if TLS/TCP
or DTLS/SCTP Ports are being used.
Certificate Name A list of available X509 TLS Security Format: pulldown list
Certificates.
Range: NA
Note: This field is required if TLS/TCP
Default: NA
or DTLS/SCTP Ports are being used.
* Connection Connection Configuration Set for the Local Format: pulldown list
Configuration Set Node.
Range: configured Connection
Configuration Sets, Default
Connection Configuration Set
* CEX Configuration CEX Configuration Set associated with the Format: pulldown list
Set Local Node.
Range: configured CEX
The entries in the CEX Configuration Set Configuration Sets, Default CEX
field create links to the Diameter > Configuration Set.
Configuration > CEX Configuration Sets
[Filtered] page, which shows only the
selected entry.
The CEX Configuration Set field for the
Local Node is used if the CEX
Configuration Set is not associated with
the Connection.
* IP Addresses IP address, or addresses, available for Format: 128 pulldown lists

establishing Diameter transport
Range:
Connections to the Local Node. You must
assign at least one IP Address, and can • For a configuration that has
assign up to 128 IP addresses, to a Local Active/Standby DA-MPs:
Node. Up to 32 IP addresses can be IPFE available Virtual Signaling IP
Target Set Addresses. Addresses, including any
configured IPFE primary and
If fewer than four XSI interfaces are
secondary TSAs VIP
configured and SCTP transport is selected,
then the number of IP Addresses selected • For a configuration that has
must be the same as the number of XSI Multiple-Active DA-MPs: static
interfaces. IP addresses configured for
each DA-MP, including any
On the Local Nodes GUI pages, each IP configured IPFE primary (-p)
address has appended to it: and secondary (-s)TSAs
• For VIP addresses, the string VIP • Configured IPFE primary and
secondary TSAs

Field (* indicates
VIPs are present only in 1+1 Default: NA
Active/Standby configurations
• For static IP addresses, the MP Server
Hostname of the DA-MP that owns the
IP address
Static IP addresses are present only in
Multi-Active N+0 configurations
• For TSAs, the name of the Target Set
to which the IP address corresponds,
followed by -p or -s (for example,
TSA#-p for primary and TSA#-s for
secondary IP Addresses where # is the
Target Set number
TSAs can be present in either, but do
not have to be present at all.
If a TSA is selected and Initiator
Connection Support is enabled,
configuration of a listener to reside
within responder port range is
enforced. If a TSA is selected and
Initiator Connection Support is not
enabled and the provided port is out
of range (1024-65535):
• If existing local node [Edit], the
operation is allowed with a warning
• If new local node [Insert], the
operation is denied with an error
Note: See Adding a Connection for more
information.
If a combination of TSAs are selected
(one from a target set that has Initiator
Connection Support enabled, one that
does not), enforce configuration of the
listener to reside within responder port
range is enforced. An error message is
generated if the connection is
configured incorrectly.
In order for the IPFE to differentiate

between responder and initiator
connections, it checks the destination port
of the incoming packet. The IPFE will
process the incoming packet according to
rules associated with the range into which

Field (* indicates
the destination port falls. In order to
provide unambiguous destination ports,
diameter routing provides
non-overlapping port ranges. See
Interpreting Apparent DA-MP
Over-Configuration with Non-overlapping
Target Sets.
Viewing Local Nodes

Use this task to view currently configured Local Nodes.
Select Diameter > Configuration > Local Nodes.
The Diameter > Configuration > Local Nodes page appears.
Adding a Local Node

Use this task to create a new Local Node.
1. Select Diameter > Configuration > Local Nodes.
2. Click Insert.
The Diameter > Configuration > Local Nodes [Insert] page appears.
3. Enter a unique name for the Local Node in the Local Node Name field.
4. Enter the Realm for the Local Node in the field.
5. Enter an FQDN in the field.
6. Enter an SCTP Listen Port number in the field.
This is the port that will be used by connections that use this Local Node to listen for SCTP request
messages. The default 3868 is the well-known IANA port for Diameter traffic.
7. Enter a TCP Listen Port number in the field.
This is the port that will be used by connections that use this Local Node to listen for TCP request
messages. The default 3868 is the well-known IANA port for Diameter traffic.
8. Enter a DTLS/SCTP Listen Port number in the field.
This is the port that will be used by connections that use this Local Node to listen for DTLS/SCTP
request messages. The default 5658 is the well-known IANA port for Diameter traffic.
9. Enter a TLS/TCP Listen Port number in the field.
This is the port that will be used by connections that use this Local Node to listen for TLS/TCP
request messages. The default 5658 is the well-known IANA port for Diameter traffic.
10. Make selections for RADIUS UDP ports and ranges.
11. Select a Verification Mode from the pulldown.
This is establishes the Certificate Verification Mode. If either TLS/TCP or DTLA/SCTP Port is
configured, this sets the Verification Mode supported by the Local Node. The default Verify None.

12. Select a Certificate Type from the pulldown.

This is establishes the Certificate Types available for configuration. This is mandatory if either of
the TLS/TCP or DTLS/SCTP ports are being used.
13. Select a Certificate Name from the pulldown listof available X509 TLS Security Certificates.
This is mandatory if either of the TLS/TCP or DTLS/SCTP ports are being used.
14. Select a Connection Configuration Set from the pulldown list. If you have not added additional
Connection Configuration Sets, only the Default Connection Configuration Set will be available.
15. Select a CEX Configuration Set for the Local Node from the pulldown list.
If you have not added additional CEX Configuration Sets, only the Default CEX Configuration Set
will be available.
16. Select from 1 to 128 IP addresses from the IP Addresses pulldown lists. See Diameter Local Node
configuration elements for details about this element.
17. Click:
• OK to save the new Local Node and return to the Diameter > Configuration > Local Nodes
page.
• Apply to save the new Local Node and remain on this page.
• Cancel to return to the Diameter > Configuration > Local Nodes> page without saving any
changes.
For the RADIUS Client UDP Port Range End value, if this Local Node does not share any IP address
with any other Local Node, this Local Node can use the default client port range end of 2499.
However, if this Local Node shares any IP address(es) with one or more other Local Nodes, this
Local Node can only use the default port range end of 2499 if none of the other Local Nodes (that
share an IP with this Local Node) overlaps the port range specified for this Local Node. For the
RADIUS Client UDP Port Range Start value, if this Local Node does not share any IP address with
any other Local Node, this Local Node can use the default client port range start of 2000. However,
if this Local Node shares any IP address(es) with one or more other Local Nodes, this Local Node
can only use the default port range start of 2000 if none of the other Local Nodes (that share an IP
with this Local Node) overlaps the port range specified for this Local Node.
• The maximum numbers of RADIUS UDP Server Ports text boxes already exist.
• If Enable RADIUS UDP Client Ports field is set to YES then RADIUS UDP Client UDP Port
Range Start must be specified.
• If, during the insertion or updating of a Local Node, the list of supplied RADIUS UDP Server
Ports includes any port number more than once.
• If an attempt is made to add more than MaxServerPortsPerLocalNode RADIUS UDP Server
Ports.
• If, during the insertion or updating of a Local Node, the value for Enable RADIUS Client UDP
Ports is NO, but a RADIUS Client UDP Port Range Start or RADIUS Client UDP Port Range
End is supplied.
• If, during the insertion or updating of a Local Node, a value for RADIUS Client UDP Port
Range End is supplied but a value for RADIUS Client UDP Port Range Start is missing.
• If, during the insertion or updating of a Local Node, the value for RADIUS Client UDP Port
Range End is less than the value for RADIUS Client UDP Port Range Start.
• If, during the insertion or updating of a Local Node, any of the up to ten RADIUS UDP Server
Ports supplied falls within the range of the RADIUS Client UDP Port Range specified for the
Local Node.

• If, during the insertion or updating of a Local Node, the Local Node shares an IP address with
another Local Node, OAM detects an overlap between the two Local Nodes' RADIUS UDP
Server Port List.
another Local Node, OAM detects an overlap between the two Local Nodes' RADIUS Client
UDP Port Ranges.
another Local Node, OAM detects an overlap between the inserted/edited Local Node's RADIUS
UDP Server Port List and the other Local Node's RADIUS Client UDP Port Range.
another Local Node, OAM detects an overlap between the inserted/edited Local Node's RADIUS
Client UDP Port Range and the other Local Node's RADIUS UDP Server Port List.
• The maximum number of Local Nodes (32) per Network Element is already defined in the
system.
• Any required field is empty; no value was entered or selected.
• The entry in any field is not valid (wrong data type or out of the valid range).
• The selected pulldown list entry no longer exists (has been deleted by another user).
• The Local Node Name is not unique; it already exists in the system.
• The FQDN is already assigned to a different Local or Peer Node.
• The SCTP Listen Port and IP Address combination is already assigned to a different Local or
Peer Node.
• The TCP Listen Port and IP Address combination is already assigned to a different Local or
Peer Node.
• The SCTP Listen Port or the TCP Listen Port is already used as a Local Initiate Port of a
Connection.
• An invalid entry is set for DTLS/SCTP Listen Port.
• You are not allowed to configure Local Node if configured TCP Listen Port + Ip Address
combination conflicts with an existing TLS/TCP Listen Port + Ip Address combination or
configured TLS/TCP Listen Port + Ip Address combination conflicts with an existing TCP or
TLS/TCP Listen Port + Ip Address combination.
• You are not allowed to configure Local Node if configured SCTP Listen Port + Ip Address
combination conflicts with an existing DTLS/SCTP Listen Port + Ip Address combination or
configured DTLS/SCTP Listen Port + Ip Address combination conflicts with an existing SCTP
or DTLS/SCTP Listen Port + Ip Address combination.
• An invalid entry is set for Certificate Type.
• If TLS/TCP orDTLS/SCTP are configured, you cannot set an empty string for Certificate Type.
• You attempt to delete a Certificate from the active NOAM that is being referenced by a Local
Node.
• You attempt to configure Certificate Name with an invalid certificate name.
• You attempt to configure Certificate Name when replication from an active NOAM to the
SOAM is not functioning.
• You attempt to configure Certificate Name with Certificates that have not been audited.
• You cannot configure a Local Node if it conflicts with existing port configurations.
• If you attempt to configure a Local Node if it conflicts with existing port configurations.
• If you attempt to configure a blacklisted port.
• Any of the selected IP Addresses is duplicated

Editing a Local Node

Use this task to edit a Local Node.
When the Diameter > Configuration > Local Nodes [Edit] page opens, the fields are initially populated
with the current values for the selected Local Node.
Configuration considerations:
• The Local Node Name cannot be changed.
• The following fields cannot be edited if there is at least one associated Enabled connection:
• Realm
• FQDN
• SCTP Listen Port (and the Transport Protocol is SCTP)
• TCP Listen Port (and the Transport Protocol is TCP)
• RADIUS UDP Server Ports
• RADIUS UDP Client Ports
• Enable RADIUS UDP Port Range Start
• Enable RADIUS UDP Port Range End
• Verification Mode
• Certificate Type
• Certificate Name
• IP Address (cannot be removed if there is an Enabled connection, but a new IP Address can be
added)
2. Select the Local Node you want to edit, then click Edit.
The Diameter > Configuration > Local Nodes [Edit] page appears.
For more information about each field, see Diameter Local Node configuration elements.
The value for an entry in a pulldown list can be removed by selecting --Select— in the list, or
selecting the X at the end of the list box (if an X is available).
4. Click:
• OK to save the data and return to the Diameter > Configuration > Local Nodes page.
• Cancel to return to the Diameter > Configuration > Local Nodes page without saving any
changes.
• You are not allowed to edit Local Node if edited TCP Listen Port + Ip Address combination
conflicts with an existing TLS/TCP Listen Port + Ip Address combination or edited TLS/TCP

Listen Port + Ip Address combination conflicts with an existing TCP or TLS/TCP Listen Port +
Ip Address combination.
• You are not allowed to edit Local Node if edited SCTP Listen Port + Ip Address combination
conflicts with an existing DTLS/SCTP Listen Port + Ip Address combination or edited
DTLS/SCTP Listen Port + Ip Address combination conflicts with an existing SCTP or DTLS/SCTP
Listen Port + Ip Address combination.
• The selected Local Node no longer exists; it has been deleted by another user
• The selected IP Address or Connection Configuration Set has been deleted by another user
• Any required field is empty; no value was entered or selected
• The entry in any field is not valid (wrong data type or out of the valid range)
• The selected pulldown list entry no longer exists (has been deleted by another user)
• The edited FQDN is already assigned to a different Local or Peer Node
• The edited IP Address and SCTP Listen Port combination is already assigned to a different
Local Node or Peer Node
• The edited IP Address and TCP Listen Port combination is already assigned to a different Local
Node or Peer Node
• The selected SCTP Listen Port or TCP Listen Port is already used as a Local Initiate Port of a
connection
• The Local Node is supported via any front end, but the selected Local Node is referenced by at
least one administratively enabled Discovery Attributes instance.
Deleting a Local Node

Use this task to delete a Local Node.
Note: A Local Node cannot be deleted if it is being used by any connections. Before you perform this
task, disable and delete any connections that use the Local Node.
2. Select the Local Node you want to delete.
3. Click Delete.
A pop up window appears to confirm the delete.
4. Click:
• OK to delete the Local Node.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Local Nodes
page.
• The selected Local Node no longer exists (it was deleted by another user), an error message is
displayed and the Local Nodes view is refreshed.
• The Local Node is supported via any front end, but the selected Local Node is referenced by at
least one Discovery Attributes instance.

Diameter Peer Nodes

A Peer Node can represent either a Diameter Node or a RADIUS Node. When representing a Diameter
Node, a Peer Node is an external Diameter client, server, or agent with which the application establishes
direct transport connections. Qhwn representing a RADIUS Node, a Peer Node may be a single system
or a cluster of systems and might have one or more transport connections.
A Transaction ID is a unique end-to-end transaction ID created by DRL for each unique transaction
received from an ingress Peer Node. This value is created when Peer Node routing commences and
is stored in the Pending Transaction Record (PTR) for the lifetime of this end-to-end transaction. Its
value does not change when the Request message is rerouted. You can apply transaction configuration
sets that allow independent grouping of transaction configuration rules for varying use case needs.
If a Route List to route a Request message via a PRT search cannot be located and the message is not
addressed to a Peer Node (via the Destination-Host AVP), an attempt is made to perform Implicit
Realm Routing. Using the Destination-Realm AVP and Application-Id in the Request message, a
matching entry in the system-wide Realm Route Table is sought. This identifies a Route List to use
for routing the message. If a match is found, the Route List assigned to the (Realm, Application-Id) is
used for routing the message. If a match is not found, transaction routing is abandoned.
Diameter Request messages can only be forwarded to Peer Nodes that support the Application to
which the message is addressed (identified by the Application-ID field in the message). The List of
Common Application IDs is acquired for elements that contain that connection (for example, Peer
Nodes, Route Groups, and Route Lists). When a Connection is no longer a candidate for routing
Request messages, the List of Common Application IDs for each Route List, Route Group, and Peer
Node which contain this Connection are updated to reflect the potential loss of Application IDs
supported by that Connection.
Note: All applications can co-exist on the same system, and all applications can run on the same
Diameter agents. Application limitations can exist, and certain application combinations are not
supported. See DSR Software Installation and Configuration Procedure for more information.
After it is configured, a Peer Node can be:
• Assigned to connections for use in Diameter routing
• Assigned to Route Groups that manage the distribution of traffic to and among Peer Nodes
On the Diameter > Configuration > Peer Nodes page, you can perform the following actions:
• Filter the list of Peer Nodes, to display only the desired Peer Nodes.
• Sort the list by a column in ascending or descending order, by clicking the column heading (except
IP Addresses). The default order is by Peer Node Name in ascending ASCII order.
• Click an entry that is shown in blue in a column, to open the Diameter > Configuration >
<component> [Filtered] page and display that entry only.
• Click Insert.
The Diameter > Configuration > Peer Nodes [Insert] page appears. You can add a new Peer Node.
The Diameter > Configuration > Peer Nodes [Insert] will not open if the maximum number of
Peer Nodes per Network Element (16000) already exists in the system.
• Select a Peer Node in the list, and click Edit.

The Diameter > Configuration > Peer Notes [Edit] page appears. You can edit the selected Peer
Node.
• Select a Peer Node in the list, and click Delete. You can delete the selected Peer Node.
Redirect Notification Processing and Message Redirection

An egress Peer Node, acting as a Redirect Agent, can send an answer with a redirect notification. The
result code in the answer can indicate either diameter redirect or diameter realm redirect. Upon
receiving the redirect notification, the configuration dictates how to reroute the request (Redirected
Request). If redirect notification is enabled, the redirected request can be started from ART or PRT.
Redirect notifications are processed as follows:
• Redirect notifications with no Redirect-Host-Usage AVP are processed.
• Redirect notifications with Redirect-Host-Usage equal to do not cache are processed.
• Redirect notifications with Redirect-Host-Usage not equal to do not cache are forwarded to the
downstream peer.
The following original transaction attributes are carried with the redirected transaction:
• Copy of the original Request message received
• Connection ID associated with the ingress Request message
• Information about whether the transaction was initiated by a Peer Node or an application
• Routing information received from the application
• The number of times the Request message has been forwarded/rerouted and the Redirected Peer
List
• The Message Copy related flag, route list ID, or config set ID
• TTR Event
Diameter Peer Node configuration elements

Table 22: Peer Node Configuration Elements describes the fields on the Peer Nodes View, Insert, and Edit
Note: Any request for a list of Peer Nodes does not include any dynamically-created Peer Node
instances.
When you select Peer Node from a Peer Route Group, you can specify to pass over Peer Nodes that
have too high of a DOIC loss rate.
Table 22: Peer Node Configuration Elements
Field (* indicates
* Peer Node Name Unique name of the Peer Node. Format: string, case-sensitive;
(_); cannot start with a digit and

Field (* indicates
AAA Protocol Specifies the AAA protocol for this Peer Format: pulldown list
Node, which defines the Peer Node as
Range: Diameter or RADIUS
Diameter or RADIUS.
Default: NA
* Realm Realm of the Peer Node. Format: string consisting of a list

of labels separated by dots. A
label must contain letters, digits,
dash (-), and underscore (_). A
label must begin with a letter or
underscore, and must end with
a letter or digit. Underscore can
be used only as the first
character.
Range: up to 255 characters;
label - up to 63 characters
* FQDN Unique Fully Qualified Domain Name; Format: string consisting of a list
specifies exact location in the tree of labels separated by dots. A
hierarchy of the DNS. label must contain letters, digits,
dash (-), and underscore (_). A
label must begin with a letter or
underscore, and must end with
a letter or digit. Underscore can
be used only as the first
character.
Range: FQDN - up to 255
characters
SCTP Listen Port SCTP Listen Port Number for the Peer Format: numeric
Node.
Range: 1024 - 65535
The SCTP Enabled box must be checked
Default: 3868
before a value can be entered in this field.
TCP Listen Port TCP Listen Port Number for the Peer Format: numeric
Node.
Range: 1024 - 65535
The TCP Enabled box must be checked
Default: 3868
before a value can be entered in this field.
DTLS/SCTP Listen Port The DTLS/SCTP listen port number for Format: numeric
the Peer Node.
Range: 1024 - 65535
Datagram Transport Layer Security
Default: 5658
allows datagram based applications to
communicate in a way that is designed to
prevent eavesdropping, tampering, or
message forgery. The DTLS protocol is

Field (* indicates
based on the stream-oriented Transport
Layer Security (TLS) protocol.
TLS/TCP Listen Port The TLS/TCP listen port number for the Format: numeric
Peer Node.
Range: 1024 - 65535
TLS (Transport Layer Security) is an
Default: 5658
application layer security protocol that
run over TCP transport.
RADIUS UDP Server UDP ports that serve (server port) as a Format: numeric
Ports destination port for messages from
Range: 1024 - 49151
DA-MP to this Peer Node (representing
a RADIUS server). When the Peer Node Default: NA
is representing a RADIUS server, this
represents the UDP ports that can serve
as a destination port for requests
forwarded by DSR to the RADIUS server.
A RADIUS client connection associated
with the Peer Node must select one of
these ports as a destination port during
connection configuration to actually have
DSR forward requests to the RADIUS
server at the selected destination port.
IP Addresses IP address, or addresses, available for Format: numeric
establishing Diameter transport
Range: up to 128 valid IP
connections to the Peer Node.
Addresses
View - Each Peer Node entry displays a
+ sign and the number of IP Addresses
assigned to that Peer Node. Click the +
sign to display the IP Addresses; the +
sign changes to a - sign. Click the - sign
to display the number again.
[Insert] and [Edit] - The field contains an
Add button that can be clicked up to 127
times to create 128 text boxes for IP
Addresses. Each entry is numbered, to
indicate the number of IP Addresses that
have been added.
Dynamic Indicates whether or not the Peer Node Format: checkbox (read-only on
was created dynamically (YES) or the Peer Nodes [Edit] page)
statically (NO). NO is assigned for all Peer
Range: checked (the Peer Node
Node instances, except for those created
was created as a result of
via Dynamic Peer Discovery. If you
Dynamic Peer Discovery),
attempt to edit a Peer Node whose
unchecked
Dynamic attribute is Yes, several of the
Default: unchecked

Field (* indicates
GUI page attributes will be rendered
read-only.
Note: This element is not displayed on
the Peer Nodes [Insert] page.
Alternate Implicit Route Route List to use for routing messages to Format: pulldown list
this Peer Node if all Peer Routing Rules
Range: configured Route Lists
and implicit Peer Routes are unavailable.
Default: -Select-
Each entry in the Alternate Implicit
Route column on the View page is a link
to the Diameter > Configuration > Route
List [Filtered] page for the selected entry
only.
Replace Dest Realm If checked, the Destination Realm AVP of Format: check box
outgoing messages will be overwritten
with this Peer Node Realm.
Default: unchecked
Replace Dest Host If checked, the Destination Host AVP of Format: check box
outgoing messages will be overwritten
with this Peer Node FQDN.
Default: unchecked
Topology Hiding Status If Enabled, Diameter Topology Hiding Format: pulldown list
will be applicable to this Peer Node.
Range = Disabled, Enabled
See Diameter Topology Hiding.
Default = Disabled
* Minimum Connection The minimum number of connections that Format: numeric

Capacity must be available to this Peer in order for
Range: 1-64
it to be Available. Otherwise, the Peer is
Degraded if fewer than the minimum Default: 1
number of connections are Available, or
Unavailable if no connections are
Available.
* Maximum Alternate The maximum number of times that a Format: numeric
Routing Attempts Request can be rerouted to this Peer
Range: 1-4
before the next eligible Peer is selected.
Default: 4
Alternate Routing On Indicates whether to perform alternate Format: radio buttons

Connection Failure routing on alternate connections to the
Range: Same Peer, Different
same Peer before selecting the next
Peer
eligible Peer of a Peer Route Group, when
a connection failure occurs. Default: Different Peer

Field (* indicates
Answer Timeout routing on the same connection or on
alternate connections to the same Peer
Peer, Same Connection
before selecting the next eligible Peer of
a Peer Route Group, when an Answer Default: Different Peer
Timeout occurs.
Transaction A configuration managed object that Format: pulldown
Configuration Set allows independent grouping of
Range: Default, configured
transaction configuration rules for varying
Transaction Configuration Sets
use case needs.
Default: Not Selected
For example, an ingress Peer Node can
optionally use this configuration for
routing and transaction parameters
(ART/PRT/ROS/PAT) selection. Up to
100 of such containers are supported for
grouping transaction configuration rules.

Answer Result Code routing on alternate connections to the
same Peer before selecting the next
Peer
eligible Peer of a Peer Route Group, when
a reroute on Answer Result Code occurs. Default: Different Peer
For an Answer response received from a
DAS Peer, alternate routing on Answer
Result Code is determined by the
Diameter > ConfigurationMessage Copy
Configuration Set > Original Answer
Result Code for Message Copy
parameter.
Application Route Table The Application Route Table associated Format: pulldown list
with this Peer Node.
If Application Route Table is set to is Not Application Route Tables
Selected, search Default Transaction
Configuration Set and apply
longest/strongest match. Use ART
associated with best match, if any is
found.
Peer Route Table The Peer Route Table associated with the Format: pulldown list
Peer Node.
Range: Default, configured Peer
If Peer Route Table is set to Not Selected, Route Tables
search Default Transaction Configuration
Set and apply longest/strongest match.
Use PRT associated with best match, if
any is found.

Field (* indicates
Ingress Routing Option The Routing Option Set associated with Format: pulldown list
Set this ingress Peer Node.
If Ingress Routing Option Set is set to Not Routing Option Sets
Selected, search Default Transaction
longest/strongest match. Use ROS
found.
Egress Pending Answer The Pending Answer Timer associated Format: pulldown list
Timer with the egress Peer Node.
If Egress Pending Answer Timer is set to Pending Answer Timers
Not Selected, search Default Transaction
longest/strongest match. Use PAT
found.
Message Priority Setting Defines the source of Message Priority for Format: radio buttons
a request message arriving on a
Range: None, Read from
Connection associated with the Peer
Request Message, User
Node.
Configured
The Message Priority setting for the
Default: None
Connection takes precedence over the
Message Priority setting for the Peer
Node.
Possible settings are:
• None - use the Default Message
Priority Configuration Set
• Read from Request Message - read the
Message Priority from the ingress
Request
• User Configured - Apply the
user-configured Message Priority
Configuration Set
Message Priority The Message Priority Configuration set Format: pulldown list
Configuration Set used if User Configured is selected for the
Message Priority Setting
Message Priority Configuration
Sets
Default: -Select-
Peer Node Group Name A group of Peer Nodes that share Format: unique string,
common characteristics and attributes. case-sensitive; alphanumeric
and underscore (_); cannot start

Field (* indicates
This group is used by IPFE for Peer Node with a digit and must contain at
Group Aware connection distribution. least one alpha
AVP Removal List The AVP Removal List associated with See Diameter AVP Removal Lists.
this Peer Node
Traffic Throttle Point The number of TTPs. See Diameter Traffic Throttle
Points.
Viewing Peer Nodes

Use this task to view currently configured Peer Nodes.
Select Diameter > Configuration > Peer Nodes.
The Diameter > Configuration > Peer Nodes page appears.
Adding a Peer Node

Use this task to create a new Peer Node.
1. Select Diameter > Configuration > Peer Nodes.
2. Click Insert.
The Diameter > Configuration > Peer Nodes [Insert] page appears.
3. Enter a unique name for the Peer Node in the Peer Node Name field.
4. Make a selection for AAA Protocol.
5. Enter the Realm in the Realm field.
6. Enter a Fully Qualified Domain Name in the FQDN field.
7. Enter a port number in the SCTP Listen Port field.
This is the port that will be used by connections that use this Peer Node to listen for SCTP request
messages.
8. Enter a TCP Listen Port number in the field.
This is the port that will be used by connections that use this Peer Node to listen for TCP request
messages.
9. Enter a DTLS/SCTP Listen Port number in the field.
This is the port that will be used by connections that use this Peer Node to listen for DTLS/SCTP
request messages.
10. Enter a TLS/TCP Listen Port number in the field.
This is the port that will be used by connections that use this Peer Node to listen for TLS/TCP
request messages.
11. Enter a RADIUS UDP Server Port.
12. Enter IP addresses in the IP Addresses fields.

An IP address is optional if a Primary DNS Server IP Address is configured. See Diameter DNS
Options.
To add the first IP Address, enter the IP address in the text box.
To add another IP Address, click Add and enter the IP Address in the new text box. See Table 22:
Peer Node Configuration Elements for limitations on the number of IP addresses you can add.
13. Select a Route List from the Alternate Implicit Route pulldown list
This field is optional. This Route List will be used for routing if a message does not match any of
the configured Peer Routing Rules and implicit routes are exhausted.
14. To overwrite the Destination Realm of outgoing messages to the peer with the Peer Realm, click
the Replace Dest Realm check box (a check mark appears in the box).
15. To overwrite the Destination Host of outgoing messages to the peer with the Peer Node's FQDN,
click the Replace Dest Host check box (a check mark appears in the box).
16. In the Minimum Connection Capacity text box, enter the minimum number of Connections that
must be Available for the Peer to be Available.
17. In the Maximum Alternate Routing Attempts text box, enter the maximum number of times that
a Request can be rerouted to this Peer.
18. Select the Alternate Routing on Connection Failure radio button to indicate whether or not to
perform alternate routing to the same or a different Peer when a Connection failure occurs.
19. Select the Alternate Routing on Answer Timeout radio button to indicate whether or not to perform
alternate routing to the same or a different Peer, or the same Connection, when an Answer Timeout
occurs.
20. Select the Alternate Routing on Answer Result Code radio button to indicate whether or not to
perform alternate routing to the same or a different Peer when a Reroute on Answer Result Code
occurs.
21. Select a Message Priority Setting to indicate the source of message priority for request messages
arriving on Connections associated with the Peer Node.
22. If Message Priority Setting is set to User Configured, specify the Message Priority Configuration
Set that is used to determine message priority.
23. Select a Transaction Configuration Set from the pulldown.
This allows independent grouping of transaction configuration rules for varying use case needs.
24. Select the Application Route Table for this Peer Node. See Selecting Peer Node Application Route
Tables for selection criterion.
25. Select the Peer Route Table to specify which Peer Routing Rules are used when routing messages
from the Peer Node. See Selecting Peer Node Peer Route Tables for selection criterion.
26. Select the Ingress Routing Option Set to specify which options are used for this ingress Peer Node.
See Selecting Peer Node Ingress Routing Option Sets for selection criterion.
27. A Pending Transaction Timer limits the time that DRL will wait for an Answer response after
forwarding a Request message to an upstream Peer Node. When this time-limit is exceeded, DRL
will abandon invoke message rerouting. Select the Egress Pending Answer Timer to specify how
long diameter waits for a response from the Peer Node. When DRL selects a viable Connection for
forwarding a Request message to an upstream Peer Node, it determines which Pending Answer
Timer value to use based on the following precedence selection rules, highest to lowest priority.
See Selecting Peer Node Egress Pending Answer Timers for selection criterion.

Selecting Peer Node Application Route Tables

Use this task to select Peer Node Application Route Tables.
2. Select the Application Route Table for this Peer Node.
Select the Application Route Table as per the following precedence selection criterion, highest to
lowest priority.
• This only applies when the Request message was received from a routing application. The ART
is provided by the application via an Application-Data stack event parameter (if it exists).
• If the message is a Redirected Request, the ART provided by System Options > Redirect
Application Route Table is used if it exists. As described here, when the message is a Redirected
Request, the DRL selects the configured System Options > Redirect Application Route Table.
If it is not configured, no ART is searched (ART processing skipped).
• Otherwise:
• If Transaction Configuration Set is selected on the ingress Peer Node from which the Diameter
Request was received, use Transaction Configuration Set and apply longest/strongest match
search criteria for Diameter Request message parameters comparison and if a match is found,
the ART assigned to the Transaction Configuration Rule defined under this Transaction
Configuration Set is applied, if it exists.
• The ART assigned to the ingress Peer Node from which the Request message was received,
if it exists.
• Search Default TCS and apply longest/strongest match. Use ART associated with best match,
if any is found.
• Default ART.
Selecting Peer Node Peer Route Tables

Use this task to select Peer Node Peer Route Tables.
2. Select the Peer Route Table to specify which Peer Routing Rules are used when routing messages
from the Peer Node. Select the Peer Route Table as per the following precedence selection criterion
, highest to lowest priority.
• This only applies when the Request message was received from a routing application) The PRT
provided by the application, if it exists, via an Application-Data stack event parameter.
• Only applies when routing a Redirect Request. The System Options > Redirect Peer Route
Table, if it exists.
• If Transaction Configuration Set is selected on ingress Peer Node from which the Diameter
apply PRT assigned to the Transaction Configuration Rule defined under this Transaction
Configuration Set, if it exists.
• The PRT assigned to the ingress Peer Node from which the Request message was received, if
it exists.

• Search Default TCS and apply longest/strongest match. Use PRT associated with best match,
if any is found.
• Default PRT.
Selecting Peer Node Ingress Routing Option Sets

Use this task to select Peer Node Ingress Routing Option Sets.
2. Select the Ingress Routing Option Set to specify which options are used for this ingress Peer Node,
as per the following precedence selection criterion, highest to lowest priority.
apply ROS assigned to the Transaction Configuration Rule defined under this Transaction
• The ROS assigned to the ingress Peer Node from which the Request message was received, if
it exists.
• Search Default TCS and apply longest/strongest match. Use ROS associated with best match,
if any is found.
• Default ROS.
Selecting Peer Node Egress Pending Answer Timers

Use this task to select Peer Node Ingress Routing Option Sets.
2. Select the Egress Pending Answer Timer to specify how long Diameter waits for a response from
the Peer Node. When DRL selects a viable Connection for forwarding a Request message to an
upstream Peer Node, it determines which Pending Answer Timer value to use based on the following
precedence selection rules, highest to lowest priority. A Pending Transaction Timer limits the time
that DRL will wait for an Answer response after forwarding a Request message to an upstream
Peer Node. When this time-limit is exceeded, DRL abandons Invoke Message Rerouting.
apply PAT assigned to Transaction Configuration Rule defined under this Transaction
• The Pending Answer Timer assigned to the Routing Option Set for the Ingress Peer, if it exists.
• The Pending Answer Timer assigned to the egress Peer Node to which the Request message
will be forwarded, if it exists.
• Default Pending Answer Timer.
If Pending Answer Timer is set to Not Selected, the Egress Pending Answer Timer configured for
the Application ID contained in the message is used.

A Pending Answer Timer with a value > 10 seconds is considered a Long Timeout Pending Answer
Timer. Long Timeout Pending Answer Timers are intended for Diameter Applications that can
have long transaction times (for example: SLg). Because Requests assigned to Long Timeout Pending
Answer Timers might hold internal resources (for example, PTRs, PDUs) for extended periods,
this traffic uses a separate PTR Pool from standard Diameter traffic. It is expected that a very small
percentage (< 2%) of overall traffic would be assigned to Long Timeout Pending Answer Timers,
and users should configure the smallest timeout value acceptable based on the overall transaction
path.
• OK to save the changes and return to the Diameter > Configuration > Peer Nodes page.
• Cancel to return to the Diameter > Configuration > Peer Nodes page without saving any
changes.
• You are not allowed to configure Peer Node if configured TCP Listen Port + Ip Address
combination conflicts with an existing TLS/TCP Listen Port + Ip Address combination or
configured TLS/TCP Listen Port + Ip Address combination conflicts with an existing TCP or
TLS/TCP Listen Port + Ip Address combination.
• You are not allowed to configure Peer Node if configured SCTP Listen Port + Ip Address
combination conflicts with an existing DTLS/SCTP Listen Port + Ip Address combination or
configured DTLS/SCTP Listen Port + Ip Address combination conflicts with an existing SCTP
or DTLS/SCTP Listen Port + Ip Address combination.
• You are not allowed to configure Peer Node with same port value for TCP and TLS/TCP. Also
same port value shall not be allowed for DTLS/SCTP Port and SCTP port.
• The maximum number of Peer Nodes per Network Element (16000) is already defined in the
system
• The selected Alternate Implicit Route (Route List) no longer exists; it was deleted by another
user during this Insert session
• The Peer Node Name is not unique; it already exists in the system
• The FQDN is already assigned to a different Local or Peer Node
• You attempted to delete a Peer Node that is referenced by at least on connection.
• You attempted to configure a previously assigned IP address and SCTP Listen Port combination
(to a Peer or Local Node).
• The SCTP Listen Port and IP Addresses combination is already assigned to a different Local
or Peer Node
• You attempted to configure a previously assigned IP address and TCP Listen Port combination
(to a Peer or Local Node).
• The TCP Listen Port and IP Addresses combination is already assigned to a different Local or
Peer Node
• The SCTP Listen Port or the TCP Listen Port is already used as a Local Initiate Port of a
Connection
• Any of the selected IP Addresses is duplicated

Editing a Peer Node

Use this task to edit a Peer Node.
When the Diameter > Configuration > Peer Nodes [Edit] page opens, the fields are initially populated
with the current values for the selected Peer Node.
Configuration considerations:
• The Peer Node Name cannot be changed
• You cannot remove an IP Addresses entry that is in use by at least one connection. A new IP
Address can be added.
• The following fields cannot be edited if there is at least one Enabled connection:
• Realm
• Fully Qualified Domain Name
• SCTP Listen Port
• TCP Listen Port
• RADIUS UDP Server Ports
• RADIUS UDP Client Ports
• Enable RADIUS UDP Port Range Start
• Enable RADIUS UDP Port Range End
• AAA Protocol

2. Select the Peer Node you want to edit, then click Edit.
The Diameter > Configuration > Peer Nodes [Edit] page appears.

For more information about each field please see Diameter Peer Node configuration elements.
An entry in a pulldown list can be removed by selecting --Select— in the list, or selecting the X at
the end of the list box (if an X is available).
An IP Address can be removed by deleting the information in the text box or by clicking the X at
the end of the text box.
4. Click:
• OK to save the changes and return to the Diameter > Configuration > Peer Nodes page.
• Cancel to return to the Diameter > Configuration > Peer Nodes page without saving any
changes.
If you attempt to edit a Peer Node instance whose Dynamic attribute is YES, the following Peer
Nodes attributes are rendered read-only:
• Realm
• FQDN

• SCTP Listen Port

• TCP Listen Port
• IP Addresses
• Minimum Connection Capacity
• If you attempt to edit a Peer Node instance whose dynamic attribute is YES.
• You attempt to edit a dynamic Peer Node instance by changing its Dynamic attribute from NO
to YES.
• You attempt to edit a static Peer Node instance by changing its Dynamic attribute from NO to
YES.
• You are not allowed to configure Peer Node if configured TCP Listen Port + IP Address
combination conflicts with an existing TLS/TCP Listen Port + IP Address combination or
configured TLS/TCP Listen Port + IP Address combination conflicts with an existing TCP or
TLS/TCP Listen Port + IP Address combination.
• You are not allowed to edit Peer Node if configured SCTP Listen Port + IP Address combination
conflicts with an existing DTLS/SCTP Listen Port + IP Address combination or edited
DTLS/SCTP Listen Port + IP Address combination conflicts with an existing SCTP or DTLS/SCTP
Listen Port + IP Address combination.
• You are not allowed to configure Peer Node with same port value for TCP and TLS/TCP. Also
same port value shall not be allowed for DTLS/SCTP Port and SCTP port.
• The selected Peer Node no longer exists; it has been deleted by another user
• The selected IP Addresses entry has been deleted by another user
• The edited FQDN is already assigned to a different Local or Peer Node in the system
• Neither the SCTP Enabled check box nor the TCP Enabled check box is checked; at least one
of them must be checked
• The edited IP Addresses entry and SCTP Listen Port combination is already assigned to a
different Local Node or Peer Node
• The edited IP Addresses entry and TCP Listen Port combination is already assigned to a different
Local Node or Peer Node
• The selected SCTP Listen Port or TCP Listen Port is already used as a Local Initiate Port of a
connection
Deleting a Peer Node

Use this task to delete a Peer Node.
A Peer Node cannot be deleted if it is referenced by any of the following Diameter Configuration
Components:
• Route Groups
• Connections

• Egress Throttle Groups

Note: You cannot delete dynamically created Peer Nodes.
Before you perform this task, remove the Peer Node from any Route Groups or Egress Throttle Groups,
and disable and delete any transport Connections that use the Peer Node.
Note: The removal of Diameter Overload Indication Conveyance (DOIC) AVPs takes place at a peer
node level.
1. Select Diameter > Configuration > Peer Nodes
2. Select the Peer Node you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Peer Node.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Peer Nodes
page.
• The selected Peer Node no longer exists (it was deleted by another user), an error message is
displayed and the Peer Nodes view is refreshed.
• You attempt to delete a Peer Node instance whose Dynamic attribute is YES.
Note: A Peer Node instance whose Dynamic attribute is YES can only be deleted via the Dynamic
Peer Discover function.
Diameter Peer Node Groups

A Peer Node Group is a collection of peer nodes that cannot tolerate multiple failures within the
collection. The participating peer nodes are configured in a Peer Node Group container to indicate
that connections, which are initiated from peers in the group, are distributed across multiple DA-MPs
of an IPFE Target Set. In order for the IPFE to be aware of Peer IP addresses, Peer Nodes in a Peer
Node Group must be configured with one or more Peer IP addresses. Target sets can only be configured
to support IPFE Initiator Connection support when its DA-MPs listening ports are within the new
responder port range.
The Peer Node Group Aware Least Load function spreads the connections from peer nodes; thus,
reducing the negative impact if a single DA-MP fails. You can configure Peer Node Groups by using
the GUI or through the Bulk Import and Export function. See the Bulk Import and Export information
in Diameter Common User's Guide.
Note: Peer Nodes can belong to one Peer Node Group at a time.
On the Diameter > Configuration > Peer Node Groups page, you can perform the following actions:
• Filter the list of Peer Node Groups, to display only the desired Peer Node Groups.
• View the Peer Node Name associated with a Peer Node Group Name.

• Sort the list by a column in ascending or descending order, by clicking the column heading. The
default order is by Peer Node Group Name in ascending ASCII order.
• Click an entry that is shown in blue in a column, to open the Diameter > Configuration >
<Component> [Filtered] page and display that entry only.
• Click Insert.
The Diameter > Configuration > Peer Node Groups [Insert] page appears. You can add a new
Peer Node Group.
The Diameter > Configuration > Peer Node Groups [Insert] will not open if the maximum number
of Peer Node Groups per Network Element (16000) already exist in the system.
• Select a Peer Node Group in the list, and click Edit.
The Diameter > Configuration > Peer Node Groups [Edit] page appears. You can edit the selected
Peer Node Group.
• Select a Peer Node Group in the list, and click Delete. You can delete the selected Peer Node Group.
Diameter Peer Node Groups configuration elements

Table 23: Peer Node Groups Configuration Elements describes the fields on the Peer Node Groups View,
Insert, and Edit pages. Data Input Notes apply only to the Insert and Edit pages; the View page is
read-only.
Table 23: Peer Node Groups Configuration Elements
Field (* indicates
*Peer Node Group Unique name of the Peer Node Group. Format: string, case-sensitive;
Name alphanumeric and underscore (_);
This is a group of Peer Nodes that share
common characteristics and attributes.
This group is used by IPFE for Peer Node
Group Aware connection distribution. Range: 1 - 32 characters
View - Each Peer Node Group entry Default: none
displays a + sign and the number of Peer
Nodes assigned to that Peer Node Group.
Click the + sign to display the Peer Node
names; the + sign changes to a - sign.
Click the - sign to display the number
again.
Peer Node Name A list of Peer Nodes (identified by their Format: pulldown list that includes
IP addresses), used by the IPFE for Peer the names of all Peer Nodes hat
Node Group Aware connection have not been included in a
distribution. different Peer Node Group yet
Connections from IP addresses in this list Range: configured Peer Node
can be distributed across DA-MPs in a names
TSA to avoid having a single point of
Default: -Select-
failure.

Field (* indicates
Note: Peer Nodes that share an IP The list of Peer Node Names are
address must be in the same Peer Node hyperlinks. Click on a hyperlink to
Group. view more detail on the selected
Peer Node.
[Insert] and [Edit] - The field contains an
Add button that can be clicked to create Note: If the maximum number
text boxes for Peer Node names. Each (2500) of Peer Node Groups has
entry is numbered, to indicate the already been created, and error is
number of Peer Node names that have displayed.
been added.
Viewing Peer Node Groups

Use this task to view currently configured Peer Node Groups.
Select Diameter > Configuration > Peer Node Groups.
The Diameter > Configuration > Peer Node Groups page appears.
Adding Peer Node Groups

Use this task to create new Peer Node Groups.
1. Select Diameter > Configuration > Peer Node Groups.
2. Click Insert.
The Diameter > Configuration > Peer Node Groups [Insert] page appears.
3. Enter a unique name for the Peer Node Group Name in the Peer Node Group Name field.
4. Select a Peer Node Name from the Peer Node Name pulldown menu.
To add another Peer Node Name, click Add and select a Peer Node Name in the new text box.
• OK to save the changes and return to the Diameter > Configuration > Peer Node Groups page.
• Cancel to return to the Diameter > Configuration > Peer Node Groups page without saving
any changes.
The following conditions exist:
• You can only specify Peer Nodes whose Dynamic attribute is NO to be selected for inclusion
in a Peer Node Group.
• Peer Nodes created by the Dynamic Peer Discovery feature cannot be included by any Peer
Node Group instance.
• If you attempt to insert or update a Peer Node Group instance and the specified Peer Node
whose Dynamic attribute value is YES.
• Peer Route Groups are always statically configured; no statically configured instance can refer
to a dependent GUI element that was added to the configuration as a result of Dynamic Peer
Discovery.

• The maximum number of Peer Node Groups (2500) is already defined in the system
• The Peer Node Group Name is not unique; it already exists in the system
Editing Peer Node Groups

Use this task to edit a Peer Node Group.
When the Diameter > Configuration > Peer Node Groups [Edit] page opens, the fields are initially
populated with the current values for the selected Peer Node Group.
2. Select the Peer Node Group you want to edit, then click Edit.
The Diameter > Configuration > Peer Node Groups [Edit] page appears.
Note: The Peer Node Group Name field is read-only on this page.

For more information about each field, see Table 23: Peer Node Groups Configuration Elements.
4. Click:
• OK to save the changes and return to the Diameter > Configuration > Peer Node Groups page.
• Cancel to return to the Diameter > Configuration > Peer Node Groups page without saving
any changes.
• You can only specify Peer Nodes whose Dynamic attribute is NO to be selected for inclusion
in a Peer Node Group.
• Peer Nodes created by the Dynamic Peer Discovery feature cannot be included by any Peer
Node Group instance.
• Peer Route Groups are always statically configured; no statically configured instance can refer
to a dependent GUI element that was added to the configuration as a result of Dynamic Peer
Discovery.
• If you attempt to insert or update a Peer Node Group instance and the specified Peer Node
whose Dynamic attribute value is YES.
• If one of the IP addresses exists in a different Peer Node Group
• If the update will exceed the maximum number of Peer Nodes allowed
• If the Peer Node is duplicated in the list
• The selected Peer Node Group no longer exists; it has been deleted by another user

Deleting Peer Node Groups

Use this task to delete a Peer Node Group.
Note: Deleting a Peer Node Group removes the references to the Peer Node Group from the Peer
Node. It does not remove the Peer Nodes themselves.
Before you perform this task, remove all Peer Nodes from the group Edit.
2. Select the Peer Node Group you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Peer Node Group.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Peer Node
Groups page.
If OK is clicked and the selected Peer Node Group no longer exists (it was deleted by another user),
an error message is displayed and the Peer Node Groups view is refreshed.
Connections
A connection provides the reliable transport connectivity between Diameter nodes.
A connection:
• Can use the SCTP, TCP, TLS/TCP or DTLS/STCP protocol
• Can be configured to initiate or respond to a connection to the Peer Diameter Node
For a given Peer Node, one Connection can be configured for each local IP Address/Transport/Listen
Port combination. For example, if there is a Local Node that supports two IP Addresses then you can
configure two SCTP Connections for the Peer Node - one for each Local Node IP Address and Listen
Port.
On the Diameter > Configuration > Connections page, you can perform the following actions:
• Filter the list of Connections to display only the desired Connections.
default order is by Connection Name in ascending ASCII order.
• Click a field that is shown in blue for a Connection. The blue fields are links to the configuration
pages for those types of items.
The Diameter > Configuration > {Item Type} [Filtered] page appears for the selected type of item.
• Click Insert.
The Diameter > Configuration > Connections [Insert] page appears. You can add a new
Connection.

The Diameter > Configuration > Connections [Insert] does not open if any of the following
conditions exist:
• There is no Local Node in the signaling Network Element (NE) to which the Connection can be
assigned.
• There is no Peer Node in the signaling Network Element (NE) to which the Connection can be
assigned.
• Select a Disabled Connection, and click Edit.
The Diameter > Configuration > Connections [Edit] page appears. You can change the
configuration of the selected Connection.
If the selected Connection is not in the Disabled Admin State, the Diameter > Configuration >
Connections [Edit] page will not open.
Note: For information on disabling a Connection, see Disabling Connections.
• Select a Disabled Connection, and click Delete to delete the Connection.
See IPFE Connections and Capacity Validation for more information.
IPFE Connections and Capacity Validation

IPFE Connections
IPFE supports the following connection types:
• Initiator only - indicates that Local Node only initiates the connection to the Peer Nodes.
• Responder only - indicates that Local Node only responds to the connection initiated from the Peer
Node.
• Initiator & Responder - indicates that Local Node initiates the connection in addition to responding
to connections initiated from the Peer Node.
Note: Only IPFE Diameter connections are supported at this time.
Fixed connections are configured with a static DA-MP IP address, where the connections are established
through and bound to the DA-MP. For IPFE Initiator connections, the target set address is the source
address. This provides additional flexibility in assigning and using IP address efficiently in your
configuration. The default is Initiator & Responder, which provides additional flexibility. This allows
you to use any port within a configurable range on any DA-MP within a TSA to initiate connections.
IPFE connections are configured with a public TSA IP address and a static listening port, and IPFE
Initiator connections are configured with a static initiator DA-MP and a public TSA IP address and a
user-selected or automatically selected static initiator port. The IPFE Initiator port range division
depends on the connection type (fixed or IPFE) and the selection method (user-configured or
system-selected).
Note: When overall connection counts are calculated, RADIUS connections are treated like fixed
connections.
Port ranges for fixed (DA-MP) initiator connections are as follows:
Range for user-configured connections 16384-24575
Range for system-selected connections 24576-49151

Port ranges for IPFE initiator connections are 1024-49151. You cannot configure a port range outside
of this range; the GUI generates a message and corresponding explanation.
Port ranges for IPFE responder connections are 1024-49151.
Note: You cannot select a port value for IPFE responder, as diameter does not initiate these types of
connections.
Port ranges for IPFE initiator and responder connections are1024-49151 and are fully utilizable by
initiator and responder connections. The port range management (port broker) functionality manages
ports, which avoids conflicts across Initiator and Responder connections. Only one initiator and
responder connection per Diameter Peer Node is supported.
Note: Port Number flexibility combines the Responder and Initiator Port Ranges into one large port
range. It also eliminates per DA-MP port ranges and port ranges set aside for user input or DCL.
Connection Capacity Validation

Note: All message types contribute to the ingress MPS rate of the connection. However, only routable
request messages are subject to discard or reject actions.
Validation of the number of Connections and of Reserved Ingress MPS occurs in response to the
following changes to the configuration of Connections and Capacity Configuration Sets. Such changes
reduce the available Connection capacity and must be validated before they can be allowed. (Actions
that increase Connection capacity rather than reduce it do not require validation.)
• Adding a new Connection
• Editing or replacing an existing Connection's assigned Capacity Configuration Set (where Reserved
Ingress MPS value is specified)
• Removing an IPFE Initiator DA-MP from its parent Server Group
• Removing a DA-MP from an IPFE Target Set or adding a DA-MP to an IPFE Target Set
• Moving a Fixed Connection to a new DA-MP
• Moving IPFE Initiator Connection support to a new Target Set
• Converting a Fixed Connection to IPFE Initiator Connection support, or vice versa
• Assigning a different MP Profile to a configured DA-MP
An error is displayed, stating the reason, when the validation determines that performing the
configuration action would cause over-configuration of Connections or Reserved Ingress MPS in a
DA-MP or Target Set, or that a configuration action cannot be performed for another reason such as
no MP Profile assigned to the subject DA-MP.
A warning is displayed when the validation cannot determine whether the configuration action would
cause over-configuration of Connections or Reserved Ingress MPS in a DA-MP or Target Set.
If an error and a warning could apply, the error is displayed.
If a Responder Only connection is created without a Peer Node IP Address and Transport FQDN is
selected, Transport FQDN is required even though it is not applicable.
The Diameter > Configuration > Connection Capacity Dashboard page displays the current
Connection Count and Reserved Ingress MPS data per DA-MP. The page functions and contents are
described in Connection Capacity Dashboard Functions.

Diameter Connection configuration elements

Table 24: Connections Configuration Elements describes the fields on the Connections View, Edit, and
Insert pages. Data Input Notes only apply to the Insert and Edit pages; the View page is read-only.
Note: Any request for a list of Connections does not include any dynamically-created connection
instances.
When you select a Connection Route Groups, you can specify to pass over Connections that have too
high of a DOIC loss rate.
If an element is not applicable to RADIUS connections (AAA protocol is RADIUS), the element is
greyed out.
Note: If you attempt to add or edit RADIUS connections, you cannot set values for the following:
• Local Initiate Port
• Secondary Local IP Address
• IPFE Initiator DAMAP
• Secondary Peer IP Address
• Transport FQDN
• Transport Congestion Abatement Timeout
• Remote Busy Usage
• Message Priority Configuration Set
• Suppress Connection Unavailable Alam
• Supress Connection Attempts
• Test Mode
Table 24: Connections Configuration Elements
Field (* indicates
* Connection Name Name of the Connection. The name must be unique Format: alphanumeric
in the system. and underscore (_).
Cannot start with a digit
and must contain at
least one alpha (A-Z,
a-z). The name is
case-sensitive.
Transport Protocol Type of Transport Protocol used by this Connection. Format: radio buttons
The selected Transport Protocol must be supported Range: SCTP, TCP,
by both the associated Local Node and Peer Node. TLS/TCP, DTLS/SCTP,
UDP
If AAA Protocol is selected as RADIUS, only UDP is
offered. Default: SCTP
For Floating (IPFE) Connections, the Transport
Protocol selected for this Connection must be

Field (* indicates
included in the Supported Protocols for the IPFE
Target Set.
• TCP Connections are not allowed when the Target
Set is configured to be SCTP_ONLY
• SCTP Connections are not allowed when the target
set is configured to be TCP_ONLY
• When the Target Set is configured to be
TCP_AND_SCTP, then both TCP and SCTP
Connections are allowed.
Note: Do not enable IPSEC if the Connection is
configured with TLS/TCP or DTLS/SCTP protocol;
enabling both IPSEC and TLS/TCP or DTLS/SCTP
is not recommended as this would have significant
performance impact.
* AAA Protocol The AAA protocol for this Connection, which defines Format: pulldown list
the Connection as Diameter or RADIUS.
Range: Diameter,
RADIUS
Default: NA
* Local Node Local Node associated with the Connection. Format: pulldown list
The Local Node must use the same Transport Protocol Range: all configured
as the Peer Node. The entries in the Local Node field Local Nodes
are links to the Diameter > Configuration > Local
Default: --Select--
Nodes [Filtered] page, which shows only the selected
entry.
If two IP addresses are configured for the Local Node,
it is recommended that a Secondary IP Address be
configured for the Peer Node. The Peer’s Secondary
IP address is used as a fallback for the initiation of
the SCTP Connection establishment if the Peer’s
primary IP address is unreachable, as well as for the
validation of the IP addresses advertised by the peer
in the INIT/INIT_ACK SCTP chunk.
Note: It is recommended that separate Local Nodes
be used for uni-homed and multi-homed SCTP
Connections.
* Connection Mode The Connection can have one of the following Format: pulldown list
Connection Modes:
Range: Diameter:
• Initiator Only - indicates that the Local Node will Initiator Only,
initiate the Connection to the Peer Node.

Field (* indicates
Note: If a Initiator Only connection is created and Responder Only,
a TSA selected, check if IPFE Initiator Connection Initiator & Responder
support is enabled on the target set.
RADIUS: RADIUS
• If yes, allow IPFE Initiator Connection support. server, RADIUS client
You must select from the DA-MP's port range
Default: Initiator &
if you want to explicitly configure the initiator
Responder
port.
• If no, IPFE Initiator Connection support is not
allowed.
• Responder Only - indicates that the Local Node
will only respond to the Connection initiated from
the Peer Node. The Local Initiate Port field is not
available when the Responder Only is selected
here.
• Initiator & Responder - indicates that the Local
Node will initiate a Connection to the Peer Node
and respond to Connection initiations from the
Peer Node.
When configured with a TSA and as Initiator &
Responder, the DA-MP uses the TSA as the source
IP address for initiating connections and for all
subsequent signaling traffic over that connection.
• RADIUS Server - indicates that the DSR receives
incoming RADIUS requests from a Peer Node that
is a RADIUS client.
• RADIUS Client - indicates that the DSR sends
RADIUS requests to a Peer Node that is a RADIUS
Server.
The Connection Mode must be the same for all
Connections to the same Peer.
For UNI-HOMED Connections,
• If the Connection Mode is Initiator & Responder
and Peer Node Identification is set to IP Address
for any Connections to the Peer, then the following
combination must be unique for each Connection
to the Peer: Peer FQDN (from Peer Nodes
configuration), Peer Realm (from Peer Nodes
configuration), Transport Protocol, Local IP, Local
Listen Port (from Local Nodes configuration),
Must Include Application IDs in the CEX
Configuration Set.
and Peer Node Identification is Transport FQDN
or Peer Diameter Identity FQDN for at least one

Field (* indicates
Connection to the Peer, then the following
configuration), Transport Protocol, Local IP, Local
Listen Port (from Local Nodes configuration),
Must Include Application IDs in the CEX
Configuration Set.
• The Connection Local IP Address and Local
initiate Port combination cannot be the same as
the Local IP Address and Listen Port combination
of one of the Local Nodes or of another
Connection.
For MULTI-HOMED Connections,
and Peer Node Identification is set to IP Address
for any Connections to the Peer, then the following
configuration), Transport Protocol, Local IP Pair,
Local Listen Port (from Local Nodes
configuration), Must Include Application IDs in
the CEX Configuration Set.
and Peer Node Identification is Transport FQDN
or Peer Diameter Identity FQDN for any
Connections to the Peer, then the following
configuration), Transport Protocol, Local IP Pair,
Local Listen Port (from Local Nodes
configuration), Must Include Application IDs in
the CEX Configuration Set.
and Transport FQDN is NOT specified in any
Connections to the Peer, then the following
the Peer: Transport FQDN, Peer Realm, Transport
Protocol, Local IP Pair, Remote IP Pair, Local
Listen Port, Must Include Application IDs.
• The Connection Local IP Address pair and Local
Initiate Port combination cannot be the same as
the Local IP Address pair and Listen Port
combination of one of the Local Nodes or of
another Connection.

Field (* indicates
Dynamic Indicates whether or not the element was created Format: checkbox
dynamically (YES) or statically (NO). NO is assigned (read-only on the
for all element instances, except for those created via element [Edit] page)
Dynamic Peer Discovery.
Range: checked (the
element was created as
a result of Dynamic
Default: unchecked
Local Initiate Port The IP source port number to be used when the Format: numeric
Connection is an Initiator.
Range: 16384-24575
This field is not available and is set to Blank when (fixed initiator),
the Connection Mode is Responder Only. 24576-49151 (IPFE
Initiator)
Initiator port ranges are divided into automatically
assigned and DCL-assigned sub-ranges. Depending Default: Blank
on the type of initiator connection, fixed or IPFE, there
are two or more user/DCL sub-ranges.
See Interpreting Apparent DA-MP Over-Configuration
with Non-overlapping Target Sets for more information
about non-overlapping target sets.
DCL (Diameter Transport Layer) is the software layer
of the stack which implements diameter transport
connections.
Note: The user- configurable range is 6384-24575 (for
fixed initiator and based on the MP for IPFE Initiator).
However, it is recommended that the port not be
configured, and left for diameter to manage. If a port
is not provided when configuring a connection, the
DCL selects an ephemeral port from the initiator
connection range (24576-49151).
If the connection remains fixed, a warning is
generated if the configured port is out of range for
an Initiator Connection type. If you convert the fixed
initiator connection to an IPFE Initiator Connection,
you must select from the DA-MP's port range if you
want to explicitly configure the initiator port. See
Connection Capacity Dashboard Functions for more
information about fixed and IPFE Initiator
connections.
UDP Port For RADIUS Server connections, this is the UDP port Format: pulldown list
on which the DSR expects to receive incoming
Range: Local (RADIUS
RADIUS requests for this connection. For RADIUS
server connection s) or
Client connections, this is the UDP port at the
Peer Node (RADIUS

Field (* indicates
destination Peer Node which will receive the RADIUS client connections) UDP
request sent by the DSR. port numbers
Default: NA
IP Owner Identifies the DA-MP which owns this Connection Format: read-only
attribute. Each RCL instance will ignore Connection
Range: IP owner
attributes that are not exclusively assigned to its local
DA-MP. Default: --Select--
* Primary Local IP The IP address to be used as Primary Local Node Format: pulldown list
Address Address for this Connection.
Range: all configured IP
A Local Node must be selected before the pulldown addresses for the
list becomes available, containing the IP Addresses selected Local Node
corresponding to the selected Local Node.
Default: --Select--
When configuring Diameter TCP Connections, only
MP static IP addresses, Primary TSAs and Secondary
TSAs can be selected as the Primary Local IP Address.
If an IPFE Secondary Target Set Address (selected
from the Local Node's IP Address list) is assigned to
the Primary Local IP Address of a Diameter
Connection, then the Secondary Local IP Address
selection is disabled. In this case, a Uni-homed
Connection is configured, but using the Target Set's
Secondary IP address as the only Local IP Address
for the Connection.
Note: Uni-homed and multi-homes are applicable
only to SCT/Diameter connections; they are not
applicable to RADIUS/UDP connections.
When configuring RADIUS connections, only MP
static IP addresses can be selected as Primary Local
IP Address.
Each IP address in the pulldown list has an
identifying tag appended to it, as follows:
• In Active/Standby DA-MP NEs, a DA-MP VIP is
appended with (VIP).
• In Multiple-Active DA-MP NEs, a static IP address
owned by the DA-MP is appended with the Server
Hostname of the DA-MP, for example, (DA-MP1).
• IPFE Target Set Addresses are appended with the
Target Set Name, for example, (TSA1).
• For each IPFE Connection listed on the View
screen, the Primary Local IP Address field
displays (TSA#-p) or (TSA#-s) after the IP address,
where # is the Target Set number, -p is a Primary
TSA, and -s is a Secondary TSA.

Field (* indicates
Secondary Local IP The IP address to be used as the Secondary Local Format: pulldown list
Address Node Address for this Connection.
Range: all configured IP
A Local Node must be selected and the selected addresses for the
Connection Transport Protocol must be SCTP before selected Local Node
the list becomes available, containing the IP
Note: Primary TSAs,
Addresses of the selected Local Node.
labeled TSA#-p, are not
Note: SCTP can be selected as a protocol only for valid for selection.
Diameter connections.
Default: --Select--
IPFE Target Set Addresses are appended with the
If an IPFE Primary Target Set Address (selected from
the Local Node's IP Address list) is assigned to the
Primary Local IP Address of a Diameter Connection,
then the only valid selection for the Secondary Local
IP Address is the corresponding IPFE Secondary
Target Set Address (for example- if TSA1-p is
assigned to Primary Local IP Address of a diameter
Connection, then the only valid selection for the
Secondary Local IP Address will be TSA1-s.)
This address is used only for SCTP Multi-homing; it
must be different from the selected Primary Local IP
Address. An IPFE Primary TSA and a Secondary TSA
cannot be identical.
Each IP address in the pulldown list has an
identifying tag appended to it, as follows:
• In Active/Standby DA-MP NEs, a DA-MP VIP is
appended with (VIP).
• In Multiple-Active DA-MP NEs, a static IP address
owned by the DA-MP is appended with the Server
Hostname of the DA-MP, for example, (DA-MP1).
• IPFE Target Set Addresses are appended with the
• For each IPFE Connection listed on the View
screen, the Primary Local IP Address field
displays (TSA#-p) or (TSA#-s) after the IP address,
where # is the Target Set number.
• For each IPFE SCTP Multi-Homed Connection
listed on the View screen, the Secondary Local IP
Address field displays (TSA#-s) after the IP
address, where # is the Target Set number. and -s
is Secondary TSA.
Note: SCTP can be selected as a protocol only for
Diameter connections.

Field (* indicates
IPFE Initiator DAMP The IPFE Initiator DA-MP for this connection. Format: pulldown list
When the addition of a new IPFE Connection is being Range: available DA-MP
validated, OAM validates that the addition of the IP addresses configured
IPFE Connection does not cause, for each DA-MP in for the TSA selected for
the subject Target Set, the total number of Primary Local IP
Connections allocated to the DA-MP, to exceed the Address
DA-MP's total capacity. If the available capacity on
Default: --Select-- or
one or more DA-MPs in the subject Target Set is less
IPFE Initiator DA-MP
than zero and any DA-MP in the subject Target Set
is included in more than one Target Set, OAM allows
the IPFE Connection to be added, but also issues a
warning message.
If the validation fails and the subject Target Set does
not overlap any other Target Set, OAM computes the
available capacity for the entire subject Target Set (by
computing available capacity for each DA-MP and
summing them). If the Target Set available capacity
is less than zero, the validation fails and an error code
is generated.
* Peer Node Peer Node associated with the Connection. Format: pulldown list
The Peer Node must use the same IP protocol as the Range: all configured
Local Node. The entries in the Peer Node field are Peer Nodes
links to the Diameter > Configuration > Peer Nodes
Default: --Select--
[Filtered] page which shows only the selected entry.
Peer Node Specifies how the peer node's IP address(es) is Format: radio buttons
Identification derived when initiating a connection to the peer, and
Range: None, IP
whether the peer node's IP address(es) is validated
Address
when responding to a connection from the peer.
Default: IP Address
Transport FQDNs use the remote IP address(es)
configured for this Connection when initiating a
connection to the peer, and to validate the peer node's
IP address(es) when responding to a connection from
the peer.
Use the remote IP address(es) configured for this
Connection when initiating a connection to the peer
and to validate the peer node's IP address(es) when
responding to a connection from the peer.
If no IP Address has been selected and no Transport
FQDN has been specified, then the only accepted
choice is Peer Diameter identity FQDN.
Use None for this connection when responding to a
connection from the peer and do not validate the peer
node's IP address(es).

Field (* indicates
Use the DNS resolved FQDN address configured for
the Peer Node associated with this Connection when
initiating a connection to the peer, and do not validate
the peer node's IP address(es) when responding to a
connection from the peer.
The FQDN configured for the Connection takes
precedence over the Peer's Diameter Identity FQDN.
• If the Peer Node Identification is set to IP Address,
then the Transport FQDN field cannot be changed
and the Peer IP Address pulldown lists are
available.
• If the Peer Node Identification is set to Transport
FQDN, then the Peer IP Address pulldown lists
are not available and the Transport FQDN field
can be changed.
• If the Peer Node Identification is set to Peer
Diameter Identity FQDN, then both the Transport
FQDN field and the Peer IP Address pulldown
lists are not available.
Primary Peer IP The IP Address to be used as the Primary Peer Node Format: pulldown list
Address address for this Connection.
Range: available IP
A Peer Node must be selected before the pulldown addresses
list becomes available, containing the IP Addresses
Default: --Select--
of the selected Peer Node.
Secondary Peer IP The IP Address to be used as the Secondary Peer Format: pulldown list
Address Node address for this Connection.
Range: available IP
A Peer Node must be selected and the selected addresses
Connection Transport Protocol must be SCTP before
Default: --Select--
the pulldown list becomes available, containing the
IP Addresses of the selected Peer Node.
This address is used only for SCTP Multi-homing; it
must be different from the selected Primary Peer IP
Address.
Transport FQDN Fully Qualified Domain Name for this Connection. Format: case-insensitive
string consisting of a list
The Transport FQDN is used for DNS lookup when
of labels separated by
Peer Node Identification is set to Transport FQDN.
dots. A label can contain
If a Responder Only connection is created without a letters, digits, dash (-),
Peer Node IP Address and Transport FQDN is and underscore (_). A
selected, Transport FQDN is required even though label must begin with a
it is not applicable. In this case, an error code is letter, digit, or
generated (when using Transport FQDN with underscore, and must
Initiator connections. end with a letter or

Field (* indicates
digit. Underscore can be
used only as the first
character.
Range: FQDN - up to
255 characters; label - up
to 63 characters
* Connection Connection Configuration Set associated with the Format: pulldown list
Configuration Set Connection.
Range: all configured
The entries in the Connection Configuration Set field Connection
are links to the Connection Configuration Sets Configuration Sets,
(Filtered) page, which displays the attributes of only Default Connection
the selected entry. Configuration Set.
Default: --Select--
CEX Configuration CEX Configuration Set associated with the Format: pulldown list
Set Connection.
The entries in the CEX Configuration Set field are CEX Configuration Sets,
links to the CEX Configuration Sets (Filtered) page, "Default" CEX
which shows only the selected entry. Configuration Set.
Default: --Select--
* Capacity Capacity Configuration Set associated with the Format: pulldown list
Configuration Set Connection. The Capacity Configuration Set defines
reserved and maximum ingress message processing
Capacity Configuration
rates and alarms thresholds for this Connection.
Sets, "Default" Capacity
The entries in the Capacity Configuration Set field Configuration Set
are links to the Capacity Configuration Sets
Default: "Default"
(Filtered) page, which displays only the selected
Capacity Configuration
entry.
Set
The addition of any Connection having non-zero
Reserved Ingress MPS is subject to capacity validation
rules, which are discussed in the Connection Capacity
Validation content.
See the MP Profiles information in Diameter Common
User's Guide.
* Transport The amount of time spent at Egress Transport Format: numeric

Congestion Congestion Levels 3, 2, and 1 during Egress Transport
Abatement Timeout Congestion Abatement
Default: 5 seconds
* Remote Busy Defines which Request messages can be forwarded Format: pulldown list
Usage on this Connection after receiving a
Range: Disabled,
Enabled

Field (* indicates
DIAMETER_TOO_BUSY response from the Default: Disabled
Connection's Peer.
Disabled The Connection is not considered to be
BUSY after receiving a
DIAMETER_TOO_BUSY response. All
Request messages continue to be
forwarded to (or rerouted to) this
Connection.
Enabled The Connection is considered to be BUSY
after receiving a DIAMETER_TOO_BUSY
response. No Request messages are
forwarded to (or rerouted to) this
Connection until the Remote Busy
Abatement Timeout expires.
Remote Busy If Remote Busy Usage is set to Enabled or Host Format: numeric
Abatement Timeout Override, this defines the length of time in seconds
that the Connection will be considered BUSY from
the last time a DIAMETER_TOO_BUSY response was Default: 5 seconds
received.
Message Priority Defines the source of Message Priority for a Request Format: radio buttons
Setting message arriving on the Connection. Possible settings
Range: None, Read from
are:
Request Message, User
• None - use the Default Message Priority Configured
Configuration Set
Default: None
• Read from Request Message - read the message
priority from the ingress Request (--- appears in
the Message Priority Configuration Set column)
• User Configured - Apply the user-configured
Message Priority Configuration Set selected for
the Connection
Message Priority The Message Priority Configuration set used if Format: pulldown list
Configuration Set Message Priority Setting is User Configured
Message Priority
Configuration Sets
Default: None
Egress Message Egress Message Throttling Configuration Set Format: pulldown list
Throttling associated with the Connection. The Egress Message
Configuration Set Throttling Configuration Set defines the maximum
Egress Message
Egress Message Rate and thresholds used to set the
Throttling
congestion level for the Connection.
Configuration Sets
The entries in the Egress Message Throttling
Configuration Set field are links to the Egress

Field (* indicates
Message Throttling Configuration Sets (Filtered) Default: None (--- is
page, which displays only the selected entry. displayed in the
column)
Shared Secret The Shared Secret Configuration Set used for this Format: pulldown list
Configuration Set Connection.
(RADIUS only)
Shared Secret
Configuration Sets
Default: -Select-
Message The Message Authenticator Configuration Set used Format: pulldown list
Authenticator for this Connection.
Configuration Set
Message Authenticator
(RADIUS only)
Configuration Sets
Default: -Select-
Message Conversion The Message Conversion Configuration Set MO Format: list

Configuration Set assigned to this RADIUS Connection.
Range: NA
(RADIUS only)
Default: -Select-
Ingress Status-Server The Ingress Status-Server Configuration Set used for Format: pulldown list
Configuration Set this Connection.
(RADIUS only)
Ingress Status-Server
Configuration Sets
Default: -Select-
Suppress If checked, this suppresses the connection attempts Format: check box
Connection on the unavailable connections when a connection
Unavailable Alarm attribute is configured and turned ON for the
unchecked (NO)
connection object, then the connection unavailable
alarm on those connections is not raised. Default: unchecked
Suppress If checked, suppresses the connection attempts when Format: check box
Connection a diameter peer nodes status becomes available.
Attempts
This attribute is not applicable for responder only unchecked (NO)
connection modes. It is only applicable for initiator
Default: unchecked
only and initiator and responder connection modes.
With any configuration edit action that results in
connection mode to responder only mode, the
attribute value is returned to the default value.
Test Mode If checked, the Connection is in Test Mode. Format: check box
not checked (NO)

Field (* indicates
Default: not checked
Viewing Connections
Use this task to view currently configured connections.
Select Diameter > Configuration > Connections.
The Diameter > Configuration > Connections page appears.
Adding a Connection
Use this task to create a new Connection. The fields and configuration considerations are described
in Diameter Connection configuration elements.
1. Select Diameter > Configuration > Connections.
2. Click Insert.
The Diameter > Configuration > Connections [Insert] page appears.
The Diameter > Configuration > Connections [Insert] will not open if any of the following
conditions exist:
• There is no Local Node in the signaling Network Element (NE) to which the Connection can be
assigned.
• There is no Peer Node in the signaling Network Element (NE) to which the Connection can be
assigned.
3. Enter a unique name for the Connection in the Connection Name field.
4. Select a AAA Protocol.
5. Select the radio button for SCTP, TCP, TLS/TCP, DTLS/SCTP, or UDP in the Transport Protocol
field.
The Transport Protocol that you select for your Connection must match the protocol supported by
both the Local Node and the Peer Node for the Connection.
6. Select a Local Node for the Connection from the pulldown list.
The Local Node must use the same IP protocol as the Peer Node you select. If you do not see the
Local Node you want to use, you might need to create a new Local Node. See Adding a Local Node.
7. Select the Connection Mode for this Connection from the pulldown list. See Diameter Connection
configuration elements.
8. If you set up the Connection Mode for Initiator Only, you can optionally enter a Local Initiate Port
number in the field.
9. Select the Primary Local IP Address of this Connection from the pulldown list.
10. If the Transport Protocol is set to SCTP, select the Secondary Local IP Address of this Connection
from the pulldown list.
11. Select a IPFE Initiator DAMP from the pulldown list.

This step is only needed for IPFE Initiator connections.

12. Select a Peer Node for the Connection from the pulldown list.
Initiator port ranges are divided into user-assigned and DCL-assigned sub-ranges. Depending on
the type of initiator connection, fixed or IPFE, there are two or more user/DCL sub-ranges. The
Peer Node must use the same Transport Protocol as the Local Node that you selected. If you do
not see the Peer Node you want to use, you might need to create a new Peer Node. See Adding a
Peer Node.
DCL (Diameter Transport Layer) is the software layer of the stack which implements diameter
transport connections.
13. Select the radio button for the type of Peer Node Identification to be used for this Connection.
14. If needed, select the Primary Peer IP Address of this Connection from the Primary Peer IP Address
pulldown list.
15. If needed, select the Secondary Peer IP Address of this Connection from the Secondary Peer IP
Address pulldown list.
16. If needed, enter a Transport FQDN for this Connection.
17. Select a Connection Configuration Set for this Connection from the pulldown list.
18. If one is needed, select a CEX Configuration Set for this Connection from the pulldown list .
19. If the Per Connection Ingress MPS Control feature is active in the system, select a Capacity
Configuration Set for the Connection from the pulldown list.
20. Specify the Transport Congestion Abatement Timeout.
21. Select a Remote Busy Usage setting from the pulldown menu.
22. If you selected Enabled or Host Override for Remote Busy Usage, set the Remote Busy Abatement
Timeout value.
23. Identify the source of Message Priorities for incoming requests by selecting a Message Priority
Setting.
24. If you selected User Configured as the Message Priority Setting, select a Message Priority
Configuration Set from the pulldown menu.
25. Make selections from the Egress Message Throttling Configuration Set, Shared Configuration
Set, Message Authenticator Configuration Set, and Ingress Status-Server Configuration Set
pulldown menus.
26. If you want to suppress the Connection unavailable alarm, click the Suppress Connection
Unavailable Alarm check box (the box is checked).
27. If you want to suppress the Connection attempts to a standby Peer Node, click the Suppress
Connection Attempts check box (the box is checked).
28. If you want this Connection to be a test Connection, click the Test Mode check box (the box is
checked).
29. Click:
• OK to save the data and return to the Diameter > Configuration > Connections page.
Note: This assumes that all validation checks pass.
• Cancel to return to the Diameter > Configuration > Connections page without saving any
changes.

If OK or Apply is clicked, and any of the following conditions exists (which includes some of the
considerations in the Connection Capacity Validation section Validating Diameter Connection Capacity),
an error message or warning message appears:
• The maximum number of Connections per Network Element already exists in the system. The
maximum number is the lesser of:
• 12,000
• The sum of the Maximum Connections allowed for all DA-MPs. See the MP Profiles
information in Diameter Common User's Guide.
• The maximum number of Connections per Peer Node (64) already exists in the system
• The Connection Name is not unique; it already exists in the system
• A selected pulldown list entry no longer exists (has been deleted by another user)
• The selected Transport Protocol is not supported by the selected Local Node or Peer Node
• The Connection Mode is set to Initiator Only or Initiator & Responder, a Peer IP Address is
not selected, and a Primary DNS Server IP Address is not configured. See Diameter DNS Options.
• The Connection Mode is set to Initiator Only or Initiator & Responder, and the selected Local
IP Address (or pair for Multi-homing), Local Initiate Port, and Transport Protocol combination
is the same as the Local IP Address (or pair for Multi-homing), Listen Port, and Transport
Protocol combination of one of the Local Nodes
IP Address (or pair for Multi-homing), Local Initiate port, and Transport Protocol combination
is the same as the Local IP Address (or pair for Multi-homing) and Local Initiate port
combination of another Connection
• For Uni-homed and Multi-homed Connections with various Connection Mode and Peer Node
Identification combinations, the element combinations that must be unique are not unique (see
the Connection Mode element description in Diameter Connection configuration elements)
• The selected Primary and Secondary Local IP Addresses and the selected Primary and Secondary
Peer IP Addresses are not all of same type
• The Peer Node Identification is set to IP Address and no IP Address has been selected
• The Peer Node Identification is set to Transport FQDN and no Transport FQDN has been
specified
• Two IP addresses that are equal have been configured for either the Local IP Addresses or Peer
IP Addresses.
• The Connection that is being added is a non-IPFE Connection and uses a Capacity Configuration
Set with a non-zero Reserved Ingress MPS value and the addition of the new Connection would
cause the MP server that hosts the Connection to have Reserved Ingress MPS totaling more
than the MP server's Engineered Ingress MPS capacity. See the MP Profiles information in
Diameter Common User's Guide.
• The Connection that is being added is a non-IPFE Connection and its addition would exceed
the maximum number of Connections supported by the MP server that owns the specified Local
IP Address(es). See the MP Profiles information in Diameter Common User's Guide.
• The Connection Mode is set to Initiator & Responder or Responder Only, the Transport
Protocol is set to SCTP, the SCTP Listen Port matches the SCTP Listen Port of a Local Node
used in another Initiator & Responder or Responder Only Connection and the Local IP Address
conflicts with the Local IP Address of that other Connection.
• The maximum number of Test Connections (2) already exists in the system

If OK or Apply is clicked, and the following condition exists, the indicated Warning appears:
• Two IP Addresses have been configured for the Local Node and only one IP Address is
configured for the Peer Node.
It is recommended that a Secondary IP address also be configured for the Peer Node. The Peer's
Secondary IP address is used as a fallback for the initiation of the SCTP Connection establishment
if the Peer's Primary IP address is unreachable, and for the validation of the IP addresses
advertised by the Peer in the INIT/INIT_ACK SCTP chunk.
30. Use the Enabling Connections procedure to enable the new Connection.
• Only Peer Nodes whose Dynamic attribute is NO can be selected for assignment to a Connection.
• Peer Nodes created by the Dynamic Peer Discovery feature cannot be assigned to any
statically-created Connection.
• CEX Configuration Sets created by the Dynamic Peer Discovery feature cannot be assigned to
any statically-created connection.
Editing a Connection
Use this task to edit an existing Connection.
Note: A Connection must be in the Disabled Admin State before it can be changed. See Disabling
Connections. If the Connection is not in the Disabled Admin State, the Diameter > Configuration >
Connections [Edit] page opens in read-only mode and a warning dialog box opens.
1. Verify that the Connection to be edited is in the Disabled Admin State.
a) Select Diameter > Maintenance > Connections
b) If the Admin State is Disabled for the Connection to be edited, continue with Step 2.
c) If the Admin State is Enabled for the Connection to be edited, use the Disabling Connections
procedure to disable the Connection. Then continue with Step 2.
3. Select the Connection you want to edit.
4. Click Edit.
The Diameter > Configuration > Connections [Edit] page appears. The page is populated with
the current values for the selected Connection.
The Diameter > Configuration > Connections [Edit] page will not open if any of the following
conditions exist:
• The selected Connection no longer exists (was deleted by another user).
• The Connection is not in the Disabled Admin state.

For more information about each field see Diameter Connection configuration elements. The Connection
Name cannot be edited.
Note: A Test Connection can be changed to a normal Connection by unchecking the Test Mode
check box. However, a normal Connection cannot be changed to a Test Connection.

Selecting the X at the end of a field clears the field, so that a different value can be entered or
selected.
6. Click:
• OK to save the changes and return to the Diameter > Configuration > Connections page. The
Connection remains in the Disabled Admin state.
• Apply to save the changes and stay on this page. The Connection remains in the Disabled Admin
state.
• Cancel to return to the Diameter > Configuration > Connections page without saving the
changes.
• Any request for a list of Connections does not include any dynamically-created Connection
instances.
• Dynamic Peer Discovery can insert a Connection instance whose Dynamic attribute is YES only.
• Dynamic Peer Discovery software can delete a Connection instance whose Dynamic attribute
is YES only.
• If you attempt to edit a Connection whose Dynamic attribute is NO, the Edit page only allows
Peer Nodes and CEX Configuration Sets whose own Dynamic attribute is NO to be assigned
to the Connection.
• If you attempt to edit a Connection whose Dynamic attribute is YES, the Edit page only allows
CEX Configuration Sets whose own Dynamic attribute is NO to be assigned to the Connection.
a Connection whose Dynamic attribute is YES or NO to be assigned to the Connection.
• If you attempt to edit a Connection whose Dynamic attribute is YES, the selection options for
Connection Mode do not include Responder Only.
If OK or Apply is clicked, and a Connection Capacity Validation issue (see Validating Diameter
Connection Capacity) or any of the following conditions exists, an error message or warning message
appears:
• If you attempt is made to update a Connection instance whose Dynamic attribute is YES, and
the value for the Connection Mode attribute is Responder Only.
• If you attempt to update a Connection instance whose Dynamic attribute is NO, if the assigned
CEX Configuration Set has a value of YES for its own Dynamic attribute.
• If you attempt to update a Connection instance whose Dynamic attribute is NO, if the assigned
Peer Node has a value of YES for its own Dynamic attribute.
• If you attempt to add a Connection instance and the Dynamic attribute is YES.
• If you attempt to edit a static Connection instance by changing its Dynamic attribute from NO
to YES or vice versa.
• If you attempt to edit an instance whose Dynamic attribute is YES, the following attributes are
rendered read-only:
• Transport Protocol
• Peer Node
• Peer Node Identification
• Primary Peer IP Address
• Any required field is empty; no value was entered or selected.
• The entry in any field in not valid (wrong data type or out of the valid range).
• The edited Connection no longer exists in the system (it was deleted by another user)

• The edited Connection is not in the Disabled Admin state.

• A selected pulldown list entry no longer exists (has been deleted by another user).
• The selected Transport Protocol is not supported by the selected Local Node or Peer Node.
• The selected Local IP Address + Local Initiate Port combination is the same as the Local IP
Address and Local Node Listen Port combination of one of the Local Nodes.
• The selected Local IP Address + Local Initiate Port combination is the same as the Local Initiate
Port combination of another Connection
• The Connection Mode is set to Initiator Only or Initiator & Responder, a Peer IP Address is
not selected, and a Primary DNS Server IP Address is not configured. See Diameter DNS Options.
is the same the Local IP Address (or pair for Multi-homing), Listen Port, and Transport Protocol
combination of one of the Local Nodes.
is the same the Local IP Address (or pair for Multi-homing) and Local Initiate port combination
of another Connection
• All Local Node and Peer Node IP addresses are not of the same type
• The Peer Node Identification is set to IP Address and no IP Address has been selected
• The Peer Node Identification is set to Transport FQDN and no Transport FQDN has been
specified
• Two IP addresses that are equal have been configured for either the Local or Peer IP Addresses.
• The configured Primary and Secondary TSAs are identical for an IPFE SCTP Multi-homed
Connection association.
• The Connection that is being changed is a non-IPFE Connection and uses a Capacity
Configuration Set with a non-zero Reserved Ingress MPS value and the change to the Connection
would cause the MP server that hosts the Connection to have Reserved Ingress MPS totaling
more than the MP server's licensed Ingress MPS capacity. (See the Engineered Ingress MPS on
the Diameter > Configuration > MP Profiles page for the licensed capacity of the MP server.)
• For Uni-homed and Multi-homed Connections with various Connection Mode and Peer Node
Identification combinations, the element combinations that must be unique are not unique (see
the Connection Mode element description in Diameter Connection configuration elements).
• The Connection Mode is set to Initiator & Responder or Responder Only, the Transport
Protocol is set to SCTP, the SCTP Listen Port matches the SCTP Listen Port of a Local Node
used in another Initiator & Responder or Responder Only Connection and the Local IP Address
conflicts with the Local IP Address of that other Connection
• Test Mode is changed from unchecked to checked, but the maximum number of Test Connections
already exists in the system.
7. Use the Enabling Connections procedure to enable the edited Connection.

• You attempt to edit an instance whose Dynamic attribute is YES.
• You attempt to delete an instance whose Dynamic attribute is YES. Only the Dynamic Peer
Discovery software is able to delete an instance whose Dynamic attribute is YES.
• You attempt to edit a dynamic instance by changing its Dynamic attribute from NO to YES.
• You attempt to edit a static instance by changing its Dynamic attribute from NO to YES.
• The Selected CEX Parameters list is empty (no items were added)

• The selected CEX Configuration Set is being used by a connection or a Local Node
• The selected CEX Configuration Set was deleted by another user during this Edit session
• If you attempt to edit a CEX Configuration Set instance whose dynamic attribute is YES.
Deleting a Connection
Use this task to delete an existing Connection.
Note: You must disable a Connection before you can delete it. See Disabling Connections.
2. Select the Connection you want to delete.
3. Click Delete.
4. Perform one of the following actions:
• Click OK to delete the Connection.
Connections page.
If OK is clicked and any of the following conditions exist, an error message appears and the
Connection is not deleted:
• The selected Connection is referenced by at least one Route Group
• The selected Connection is referenced by at least one Egress Throttle Group
• The selected Connection is not in the Disabled Admin State
If OK is clicked and the selected Connection no longer exists (it was deleted by another user), an
error message is displayed and the Connections view is refreshed.
Diameter Route Groups

A Route Group is a user-configured set of Peer Nodes or Connections used to determine the distribution
of traffic to each Peer Node in the same Route Group. Traffic is distributed among available Peer
Nodes or Connections based on the configured capacity assignment of each available Peer Node or
Connection.
Note: Connection Route Groups is not supported for RADIUS connections, but can be configured
with all RADIUS or all Diameter Peer Nodes.
For example, if Peer Node A has a configured capacity of 100 and Peer Node B has a configured
capacity of 150, then 40% of the messages sent to the Route Group will be forwarded to Peer Node A
and 60% of the messages will be forwarded to Peer Node B.
Each Route Group can be assigned a maximum of 512 Connections. Route Groups are assigned to
Route Lists.

Note: Route Groups created via Dynamic Peer Discovery cannot be assigned to any statically-created
Route List.
On the Diameter > Configuration > Route Groups page, you can perform the following actions:
• Filter the list of Route Groups to display only the desired Route Groups.
• Sort the list by the Route Group Name column in ascending or descending order, by clicking the
column heading. The default order is ascending ASCII order.
• Click an entry that is shown in blue for a Peer Node/Connection.
The Diameter > Configuration > Peer Nodes [Filtered] page appears for the selected Peer Node.
• Click Insert.
The Diameter > Configuration > Route Groups [Insert] page appears. You can add a new Route
Group.
The Diameter > Configuration > Route Groups [Insert] will not open if the maximum number
of Route Groups (6000) already exists in the system.
• Select a Route Group in the list, and click Edit.
The Diameter > Configuration > Route Groups [Edit] page appears. You can edit the selected
Route Group.
If the selected Route Group has been deleted by another user, the Diameter > Configuration >
Route Groups [Edit] page does not open.
• Select a Route Group in the list, and click Delete. You can delete the selected Route Group.
Diameter Route Group configuration elements

Table 25: Route Groups Configuration Elements describes the fields on the Route Groups View, Insert,
and Edit pages. Data Input Notes only apply to the Insert and Edit pages; the View page is read-only.
Note: Any request for a list of Route Groups does not include any dynamically-created route group
instances.
When you select a Peer Node from a Peer Route Group or Connections from a Connection Route
Group, you can specify to pass over Connections that have too high of a DOIC loss rate.
Table 25: Route Groups Configuration Elements
Field (* indicates
* Route Group Name Unique name of the Route Group. Format: case-sensitive;
alphanumeric and
underscore
Range: 1 - 32 characters;
cannot start with a digit
and must contain at
least one alpha

Field (* indicates
Dynamic (View) Indicates whether or not the Route Group was Format: text
created dynamically (YES) or statically (NO).
Range: YES, NO
Default: NA
Type A Route Group can be configured with either Peer Format: radio buttons
Nodes (Peer Route Group) or Connections
Range: Peer Route
(Connections Route Group) that have the same
Group, Connection
priority within a Route List.
Route Group
Default: Peer Route
Group
Peer Node/Connection List of Peer Nodes or Connections configured for Each entry displays a +
(View) the Route Group. sign and the number of
Peer Nodes or
Each listed Peer Node or Connection entry is a
Connections assigned to
link to the Diameter > Configuration > {Entry
that Route Group. Click
Type} [Filtered] page for that entry only.
the + sign to display the
Peer Nodes or
Connections; the + sign
changes to a - sign.
Click the - sign to
display the number
again.
* Peer Node, One entry defined for a Route Group. Up to 512 entries can be
Connection, and configured for a
Provisioned Capacity Connection Route
Group.
Click Add to insert
another entry for the
Route Group.
Peer Node A Peer Node associated with the Route Group. Format: pulldown list
Each Route Group can be assigned up to 512 Peer
The Peer Node field is Range: 1- 160
Nodes.
part of the Peer Node, configured Peer Nodes
Connection, and The Peer Node field is available when the Peer
Capacity fields that are Route Group radio button is selected in the Type
combined on the [Insert] field.
and [Edit] pages.
The Peer Node field is required.
Connection A connection associated with the Route Group. Format: pulldown list
Each Route Group can be assigned up to 512
The Connection field is Range: 1-512 configured
connections.
part of the Peer Node, Connections for the
selected Peer Node

Field (* indicates
Connection, and The Connection field is available when the
Capacity fields that are Connection Route Group radio button is selected
combined on the [Insert] in the Type field and a Peer Node is selected.
and [Edit] pages.
The Connection field is required for Connection
Route Groups.
Provisioned Capacity View page: Provisioned capacity for a Route Format: numeric
Group, which is the sum total of configured
The Provisioned Range: 1 - 65535
capacity of peer nodes or connections within a
Capacity field is
Route Group.
combined with the Peer
Node and Connection [Insert] and [Edit] pages: Provisioned capacity of
fields on the [Insert] and a Peer Node or Connection within a Route Group.
[Edit] pages. The Provisioned Capacity field is required.
Traffic is distributed to available Peer
Nodes/Connections in a Route Group
proportional to the configured capacity for the
Peer Node/Connection. A Peer
Nodes/Connection with a higher capacity will be
assigned more traffic.
Viewing Route Groups

Use this task to view currently configured Route Groups.
Select Diameter > Configuration > Route Groups.
The Diameter > Configuration > Route Groups page appears.
Adding a Route Group

Use this task to create a new Route Group.
1. Select Diameter > Configuration > Route Groups.
2. Click Insert.
The Diameter > Configuration > Route Groups [Insert] page appears.
3. Enter a unique name for the Route Group in the Route Group Name field.
4. Select the Type radio button for the entries included in the Route Group (Peer Nodes or
Connections).
5. Select the Peer Node, or Peer Node and Connection, and enter the Provisioned Capacity field for
this Route Group entry.
a) Select a Peer Node from the Peer Node pulldown list.
b) If the Connection Route Group radio button is selected for the Type field, select a Connection
that is assigned to the selected Peer Node from the Connection pulldown list.
c) Enter the Provisioned Capacity for the selected Peer Node or Connection.


• If you want to add another Peer Node, Connection, and Provisioned Capacity entry to the Route
Group, click Add and repeat Step 5 for this next entry. Up to 512 entries can be provisioned for
Connection Route Groups.
• If you do not want to add another entry, continue with Step 7.
7. Click:
• OK to save the changes and return to the Diameter > Configuration > Route Groups page.
• Cancel to return to the Diameter > Configuration > Route Groups page without saving any
changes.
• The entry in any field in not valid (wrong data type or out of the valid range)
• The Route Group Name is not unique; it already exists in the system
• The selected Peer Node is a duplicate within the Route Group
• The selected Connection is a duplicate within the Route Group for the same Peer Node
• The maximum number of Route Groups (6000) already exists in the system
• You can only assign Peer Nodes whose Dynamic attribute is NO to a Route Group of either
type (Peer Node or Connection). Peer Nodes created via Dynamic Peer Discovery cannot be
assigned to any statically-created Route Group.
• Peer Nodes created by the Dynamic Peer Discovery cannot be assigned to any statically-created
Route Group.
• You can only allow Connections whose Dynamic attribute is NO to a Route Group of type
Connection Route Group.
• Connections created by the Dynamic Peer Discovery feature may not be assigned to any
statically-created Connection Route Group.
Editing a Route Group

Use this task to make changes to a Route Group.
When the Diameter > Configuration > Route Groups [Edit] page opens, the fields are initially
populated with the current values for the selected Route Group. The Route Group Name cannot be
changed.
Note: When editing a Route Group, you can add only allow Peer Nodes whose Dynamic attribute is
NO be selected for assignment to a Route Group of either type (Peer Node or Connection).
2. Select the Route Group you want to edit.
3. Click Edit
The Diameter > Configuration > Route Groups [Edit] page appears.

To delete a Peer Node or a Connection from the Route Group, clear the Peer Node and Provisioned
Capacity field values either by selecting --Select-- in the Peer Node pulldown list or by clicking the
X at the end of the Provisioned Capacity box for the Peer Node.
The Type field can be changed only if the Route Group is not assigned to any Route List.
When the Type field is changed, the Peer Node, Connection, and Provisioned Capacity entries
are reset to one entry with empty values. The Connection pulldown list is not available when Peer
Route Group is selected for the Type field.

For more information about each field, see Diameter Route Group configuration elements.
5. Click:
• OK to save the data and exit this page.
• Apply to save the data and stay on this page.
• Cancel to return to the Diameter > Configuration > Route Groups page without saving any
changes.
• When editing a Route Group, you can only add Connections whose Dynamic attribute is NO
be selected for assignment to a Connection Route Group.
• Connections created via Dynamic Peer Discovery cannot be assigned to any statically-created
Connection Route Group.
• A value of NO is assigned for the Dynamic attribute for all Route Group instances being inserted
with the exception of instances added via Dynamic Peer Discovery.
• Dynamic Peer Discovery can only delete a Route Group instance whose Dynamic attribute is
YES.
• If you attempt to add or edit a Route Group instance whose Dynamic attribute is YES.
• If you attempt to insert or edit a static Route Group or Connection Route Group of either type
(Peer or Connection), and one or more of the Peer Nodes supplied in the desired configuration
has a Dynamic attribute a value of YES.
• If you attempt to edit a static Route Group instance by changing its Dynamic attribute from NO
to YES or vice-versa.
• If you attempt to delete a Route Group instance whose Dynamic attribute is YES.
• The selected Peer Node is a duplicate within the Route Group
• The selected Connection is a duplicate within the Route Group for the same Peer Node
Deleting a Route Group

Use this task to delete a Route Group.
Note: A Route Group cannot be deleted if it is included in any Route Lists.


2. Select the Route Group you want to delete.
3. Click Delete.
• Click OK to delete the Route Group.
• Click Cancel to return to the Diameter > Configuration > Route Groups page without deleting
the Route Group
If OK is clicked and the selected Route Group is referenced by at least one Route List, an error
message appears and the Route Group is not deleted.
If OK is clicked and the selected Route Group no longer exists (it was deleted by another user), an
error message is displayed and the Route Groups view is refreshed.
Diameter Route Lists

A Route List is a user-configured set of Route Groups used to determine the distribution of traffic
between each Route Group within the Route List. Each Route List can include up to three Route
Groups.
You can perform route lists tasks on an Active System OAM (SOAM).
Traffic distribution to a Route Group is based on its available capacity and assigned priority within
the Route List. A Route Group with a priority of 1 has the highest priority and a Route Group with a
priority of 3 has the lowest priority.
Only one Route Group in a Route List is designated as the active Route Group for routing messages
for that Route List. The other Route Groups in the Route List function as standby Route Groups. The
active Route Group in each Route List is determined based on the Route Group's priority and its
capacity relative to the configured minimum capacity of the Route List.
When the Operational Status of Peer Nodes assigned to the active Route Group changes, or the
configuration of either the Route List or Route Groups in the Route List changes, then the designated
active Route Group for the Route List may change.
Route Lists are assigned to Peer Routing Rules. When a Diameter message matches a Peer Routing
Rule, the Route List assigned to the Peer Routing Rule will direct the Diameter message to a Peer Node
in the active Route Group.
Route Lists are assigned to Peer Nodes when Alternate Implicit Routing will be used.
Route Lists are assigned to Message Copy Configuration Sets, to be used for copying a message to a
DAS node.
On the Diameter > Configuration > Route Lists page, you can perform the following actions:
• Filter the list of Route Lists to display only the desired Route Lists.
• Sort the list by the Route List Name column or the Minimum Route Group Availability Weight
column in ascending or descending order, by clicking the column heading. The default order is by
Route List Name in ascending ASCII order. The expanded rows of Route Groups are sorted by
Priority.

• Click an entry that is shown in blue for a Route Group (in the expanded list).
The Diameter > Configuration > Route Groups [Filtered] page appears for the selected Route
Group.
• Click Insert.
The Diameter > Configuration > Route Groups [Insert] page appears. You can add a new Route
List.
The Diameter > Configuration > Route Groups [Insert] page will not open if
• The maximum number of Route Lists (2000) already exists in the system
• There is no available Route Group
• Select a Route List in the list, and click Edit.
The Diameter > Configuration > Route Lists [Edit] page appears. You can edit the selected Route
List.
If the selected Route List has been deleted by another user, the Diameter > Configuration > Route
Lists [Edit] page does not open.
• Select a Route List in the list, and click Delete. You can delete the selected Route List.
Diameter Route List configuration elements

Table 26: Route Lists Configuration Elements describes the fields on the Route Lists View, Insert, and
Edit pages. Data Input Notes only apply to the Insert and Edit pages; the View page is read-only.
Note: Any request for a list of Routes does not include any dynamically-created Route instances.
When you select Route Groups from a Route List, you can specify to pass over Route Groups that
have too high of a DOIC loss rate.
Table 26: Route Lists Configuration Elements
Field (* indicates
* Route List Name Unique name for the Route List Format: case-sensitive;
alphanumeric and
underscore (_); cannot
start with a digit and
must contain at least
one alpha
Dynamic Indicates whether or not the element was created Format: checkbox
dynamically (YES) or statically (NO). NO is (read-only on the
assigned for all element instances, except for those Element [Edit] page)
created via Dynamic Peer Discovery.
Range: checked (the
element was created as

Field (* indicates
a result of Dynamic
Default: unchecked
* Minimum Route The minimum Route Group availability weight Format: numeric
Group Availability for this Route List.
Range: 1 - 1024000
Weight
The minimum weight is used to determine a Route
Group's availability status within a Route List.
* Route Group Route Groups associated with the Route List. Format: pulldown list
Up to three Route Groups can be associated with Range: available Route
a single Route List. Groups
On the View page, each entry displays a + sign
and the number of Route Groups assigned to that
Route List. Click the + sign to display the Route
Groups; the + sign changes to a - sign. Click the -
sign to display the number again.
The Route Group entries in the expanded list are
links to the Diameter > Configuration > Route
Groups [Filtered]> page for the selected Route
Group.
* Priority The priority of the Route Group within the Route Format: numeric
List.
Range: 1, 2, or 3
Priority is set from 1 (highest priority) to 3 (lowest
priority).
* Route Group Route Groups associated with this Route List. Format: pulldown list
Range: 1 - 3 entries
Default: NA
Site Name Site Name whose TTG is to be selected to associate Format: pulldown list
with the Route Group.
Range: Local Site Only
Default: NA
Traffic Throttle Group Traffic Throttle Group configured in the Site Format: pulldown list
selected (all local TTGs if local site is selected and
Range: NA
TTG marked as shared if remote site is selected).
Default: NA
Maximum Loss Percent Maximum Loss Percent Threshold for the Format: pulldown list
Threshold combination of Route List, Route Group and
Range: 0 - 100
Traffic Threshold Group
Default: NA

Viewing Route Lists

Use this task to view currently configured Route Lists.
Select Diameter > Configuration > Route Lists.
The Diameter > Configuration > Route Lists page appears.
Adding a Route List

Use this task to create a new Route List. The fields are described in Diameter Route List configuration
elements.
Note: You must have at least one Route Group configured before you can create a Route List.
1. Select Diameter > Configuration > Route Lists.
2. Click Insert.
The Diameter > Configuration > Route Lists [Insert] page appears.
3. Enter a unique name for the Route List in the Route List Name field.
4. Enter the Minimum Route Group Availability Weight in the field.
5. Enable or disable routing across alternate Route Groups in Route List by setting Route Across
Route Groups.
6. Select one to three Route Groups from the Route Group pulldown lists. For each Route Group you
specify, select a Site Name, Traffic Throttle Group, and Maximum Loss Percent Threshold.
The Site Name list includes the local SOAM (assuming that at least one TTG has been configured).
Note: Traffic Throttle Group is disabled until a Site Name is selected.
7. Click:
• OK to save the data and return to the Diameter > Configuration > Route Lists page .
• Cancel to return to the Diameter > Configuration > Route Lists page without saving any
changes.
• The Route List Name is not unique; it already exists in the system
• A selected Route Group is a duplicate within the Route List
• A Route Group Priority is not unique within the Route List
• The maximum number of Route Lists (2000) already exists in the system
Editing a Route List

Use this task to make changes to existing Route Lists.
The Route List Name cannot be changed.

Note: If Dynamic (read-only checkbox) is checked, it means that the route list was created as a result
of Dynamic Peer Discovery.
2. Select the Route List you want to edit.
3. Click Edit.
The Diameter > Configuration > Route Lists [Edit] page appears.
The page is initially populated with the current configured values for the selected Route List.

For more information about each field see Diameter Route List configuration elements.
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Route Lists page.
• Cancel to return to the Diameter > Configuration > Route Lists page without saving any
changes.
• If you attempt to edit a Route List instance whose Dynamic attribute is YES, a warning message
is displayed, butthe edit operation is allowed to proceed. Editing a dynamic routeis allowed
but changes are lost to this Route List if the Realm to which the Route List is associated is
dynamically re-discovered in the future.
• If you attempt to delete a Route List instance whose Dynamic attribute is YES.
• If you attempt to insert or edit a static Route List, one or more of the Route Groups supplied in
the desired configuration has for its own Dynamic attribute a value of YES.
• If youattempt to change one or more read-only attributes.
Note: When editing a Route List instance whose Dynamic attribute is YES, all Route List
attributes are treated as read-only except for Route Across Route Groups.
• If you attempt to edit a static Route List instance by changing its Dynamic attribute from NO
to YES or vice-versa.
• If youattempt to add a Route List instance and the Dynamic attribute is YES. A Route List
instanceDynamic attribute must be YES to be inserted using Dynamic Peer Discovery.
• The selected Route List no longer exists (has been deleted by another user)
• A selected Route Group no longer exists (has been deleted by another user)
• A selected Route Group is a duplicate within the Route List
• A Route Group Priority is not unique within the Route List
Deleting a Route List

Use this task to delete a Route List.
Note: A Route List cannot be deleted if any of the following conditions are true:

• The Route List is referenced by any Peer Node as the Alternate Implicit Route
• The Route List is referenced by any Peer Routing Rule
• The Route List is set as the Route List for DAS Node in any Message Copy Configuration Set
2. Select the Route List you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Route List.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Route Lists
page.
If OK is clicked and the selected Route List no longer exists (it was deleted by another user), an
error message is displayed and the Route Lists view is refreshed.
Diameter Peer Route Tables

A Peer Route Table is a set of prioritized Peer Routing Rules that DRL searches with the content of a
Request message received from Diameter Nodes and applications to determine how to route the
message to a Peer Node.
Users can assign Peer Route Table (PRT) to Diameter messages based on Application ID and (Extended)
Command Codes by configuring Transaction Configuration Rule (TCR) with Application ID plus
(E)CC as a key in Transaction Configuration Sets.
On the Diameter > Configuration > Peer Route Tables page, you can perform the following actions:
• Filter the list of Peer Route Tables to display only the desired Peer Route Tables.
default order is by Peer Route Table Name in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Peer Route Tables [Insert] page appears. You can add a new
Peer Route Table.
The Diameter > Configuration > Peer Route Tables [Insert] page will not open if
• The maximum number of Peer Route Tables (100) already exists in the system.
• Select a Peer Route Table in the list, and click View/Edit Rules.
The Viewing Rules for Peer Route Table page appears. Select a Rule Name to work with.
If the selected Peer Route Table has been deleted by another user, the Viewing Rules for Peer
Route Table page does not open.
• Select a Peer Route Table in the list, and click Delete. You can delete the selected Peer Route Table.

Diameter Peer Route Tables elements

Table 27: Peer Route Tables Elements describes the fields on the Peer Route Tables View and Insert pages.
Data Input Notes apply only to the Insert page; the View page is read-only.
Table 27: Peer Route Tables Elements
Field (* indicates
* Peer Route Table Unique name of the Peer Route Table. Format: case-sensitive;
Name alphanumeric and
underscore
and must contain at
least one alpha
Number of Rules The number of Peer Routing Rules in the Peer

Route Table.
Viewing Peer Route Tables

Use this task to view currently configured Peer Route Tables.
Select Diameter > Configuration > Peer Route Tables.
The Diameter > Configuration > Peer Route Tables page appears.
Adding a Peer Route Table

Use this task to create a new Peer Route Table. The fields are described in Diameter Peer Route Tables
elements.
1. Select Diameter > Configuration > Peer Route Tables.
2. Click Insert.
The Diameter > Configuration > Peer Route Tables [Insert] page appears.
3. Enter a unique name for the Peer Route Table in the Peer Route Table Name field.
4. Click:
• OK to save the data and go to the Viewing Rules for Peer Route Table page .
• Cancel to return to the Diameter > Configuration > Peer Route Tables page without saving
any changes.
• The Peer Route Table Name is not unique; it already exists in the system

• The maximum number of Peer Route Tables (100) already exists in the system
After a Peer Route Table is added, Peer Routing Rules can be defined for it. See Peer Routing Rules
configuration. For information about required component configuration order, see Understanding the
Diameter Configuration Sequence.
Deleting a Peer Route Table

Use this task to delete a Peer Route Table.
Note: An Application Route Table cannot be deleted if any of the following conditions are true:
• The Peer Route Table is referenced by any Peer Node
• The Peer Route Table is referenced by any Transaction Configuration Set
• The selected default Peer Route Table is the Default Peer Route Table
• The Peer Route Table is referenced by the DM-IWF Options configuration
• If OK is clicked and the selected Application Route Table is currently referenced by any Transaction
Configuration Set, the request is rejected and an error message is displayed.
2. Select the Peer Route Table you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Peer Route Table.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Peer Route
Tables page.
If OK is clicked and the selected Peer Route Table no longer exists (it was deleted by another user),
If OK is clicked and the selected Peer Route Table is currently referenced by the DM-IWF Options
configuration, the request is rejected and an error message is displayed.
Peer Routing Rules configuration

Peer Routing Rules are prioritized lists of user-configured routing rules that define where to route a
message to upstream Peer Nodes. Routing is based on message content matching a Peer Routing Rule's
conditions. Peer Routing Rules are contained in Peer Route Tables.
Note: When a Redirected Request is processed, if redirect PRT instance is not configured, the PRT
instance used to Process the redirected Request is selected similar to an ingress request.
There are six Peer Routing Rule parameters:
• Destination-Realm
• Destination-Host
• Application-ID
• Command-Code
• Origin-Realm

• Origin-Host
When a Diameter message matches the conditions of a Peer Routing Rule then the action specified for
the rule will occur. If you choose to route the Diameter message to a Peer Node, the message is sent
to a Peer Node in the selected Route List based on the Route Group priority and Peer Node configured
capacity settings. If you choose to Send an Answer, then the message is not routed and the specified
Diameter Answer Code is returned to the sender.
Peer Routing Rules are assigned a priority in relation to other Peer Routing Rules. A message will be
handled based on the highest priority routing rule that it matches. The lower the number a Peer Routing
Rule is assigned the higher priority it will have. (1 is the highest priority and 99 is the lowest priority.)
If a message does not match any of the Peer Routing Rules and the Destination-Host parameter contains
a Fully Qualified Domain Name (FQDN) matching a Peer Node, then the message will be directly
routed to that Peer Node if it has an available Connection.
If there is not an available Connection or all routing attempts (per Peer Node configuration) to the
implicit route are exhausted, the message will be routed using the alternate implicit route configured
for the Peer Node.
A Message Copy Configuration Set can be assigned to a Peer Routing Rule, to provide information
for sending a copy of the message to a DAS.
On the Viewing Rules for Peer Route Table: {Peer Route Table Name} page, you can perform the
following actions:
• Filter the list of Rule Names, to display only the desired Rules.
• Sort the list entries in ascending or descending order by column (except Conditions), by clicking
the column heading.
By default, the list is sorted by Priority in ascending ASCII order. The lowest Priority value indicates
the highest priority. For Rules with the same Priority, the Rule Name is used for sorting.
• Select a blue Route List entry, to open the Diameter > Configuration > Route Lists [Filtered] page
for the selected entry.
• Click Insert.
The Inserting Rule for Peer Route Table: {Peer Route Table Name} page opens. You can add a
new Peer Routing Rule and its values. See Adding a Peer Routing Rule.
If the maximum number of Peer Routing Rules (1000) already exists for the Peer Route Table, the
Inserting Rule for Peer Route Table: {Peer Route Table Name} page will not open, and an error
• Select the Rule Name of a Peer Routing Rule in the list, and click Edit.
The Editing Rule for Peer Route Table: {Peer Route Table Name} page opens. You can edit the
selected Peer Routing Rule. See Editing a Peer Routing Rule.
If the selected Peer Routing Rule has been deleted by another user, the Editing Rule for Peer Route
Table: {Peer Route Table Name} page will not open.
• Select the Rule Name of a Peer Routing Rule in the list, and click Delete to remove the selected
Peer Routing Rule. See Deleting a Peer Route Rule.

Peer Routing Rule configuration elements

Table 28: Peer Routing Rules Configuration Elements describes the fields on the Peer Routing Rules View,
Insert, and Edit pages. Data Input Notes only apply to the Insert and Edit pages; the View page is
read-only.
Table 28: Peer Routing Rules Configuration Elements
Field (* indicates
* Rule Name Unique name of the Peer Routing Rule. Format: case-sensitive;
(_); cannot start with a digit and
* Priority Priority of the Rule in relation to other Rules. Format: text box; numeric
The priority is set from 1 (highest priority) to Range: 1 - 99
99 (lowest priority).
* Conditions In order for a Diameter message to be matched

by a Rule, the message must match each
specified part of a condition.
Each condition has three parts:
• Parameter
• Operator
• Value
Parameter: Format: Operator and Value for

each Parameter
• Application-ID
• Command-Code
• Origin-Realm
• Origin-Host
Operator Format: Pulldown list

Sets the relationship between the parameter Range: See Peer Routing Rule
and the value. For example, if the operator is operators for a description of
set to Equals then the Diameter message operators available for each
parameter must match the set value. parameter.
Value Format: text box or pulldown list

The value in the Diameter message the Peer Range:
Routing Rule uses to determine a match. A
• Application-ID: available
Value is required if the Operator is Equals,
configured Application IDs
Starts With, or Ends With.

Field (* indicates
• Command-Code: available
configured Command Codes
• Destination-Realm and
Origin-Realm: Realm is a
case-insensitive string
consisting of a list of labels
separated by dots. A label
may contain letters, digits,
dashes (-), and underscore
(_). A label must begin with
a letter or underscore and
must end with a letter or
digit. An underscore can be
character. A label can be at
most 63 characters long and
a realm can be at most 255
characters long. You can
specify a substring or a
complete string of a valid
Realm.
• Destination-Host and
Origin-Host: FQDN is a
case-insensitive string
separated by dots. A label
may contain letters, digits,
dashes (-), and underscore
(_). A label must begin with
a letter or underscore and
digit. An underscore can be
character. A label can be at
most 63 characters long and
a realm can be at most 255
characters long. You can
specify a substring or a
complete string of a valid
FQDN.
• Command-Code: pulldown
list of configured Command
Codes, including Extended
Command-Code (ECC)
immediately after their
parent Command-Code
Note: An ECC is a
Command Code that also

Field (* indicates
takes into account the value
of a specific AVP for that
Command Code that gives
the true command type (for
example, CCR-I, CCR-U, and
so on).
Action The action that will happen if the Diameter Format: selection box
message matches the conditions set in the Peer
Range: Route to Peer, Send
Routing Rule:
Answer, Abandon With No
• Route to Peer: routes a message to a Peer Answer
Node using the Route List associated with
Default: Route to Peer
this Rule.
• Send Answer: send and answer response
that contains the Diameter answer
result-code, vendor ID, and error message
associated with this Rule.
• Abandon With No Answer: abandon
message routing without sending an
Answer response to external peer.
Note: The Answer is sent to any
applications that requested an Answer
receive.
Route List Route List associated with this Rule. Format: pulldown list
A Route List is required if the Action is set to Range: configured Route Lists
Route to Peer.
Default: -Select-
The Route List entries on the View page are
links to the Diameter > Configuration > Route
Lists [Filtered] page for the selected entry.
Note: You can only specify Route Lists whose
Dynamic attribute is NO to be selected for
inclusion in a Peer Route Rule. Also, you
cannot include Route Lists created by the
Dynamic Peer Discovery feature cannot be
included by any Peer Route Rule instance.
Message Priority The priority to assign to the message. The Format: pulldown list
message priority is assigned only when Action
Range: No Change, 0, 1, 2. 0 is
is set to Route to Peer.
lowest priority
Default: No Change
Message Copy Message Copy Configuration Set (MCCS) used Format: pulldown list
Configuration Set for copying the messages to the DAS. A valid

Field (* indicates
MCCS will mark the messages matched by this Range: Default; configured
Peer Route Rule for copy to the DAS. Message Copy Configuration
Sets
Default: -Select-
Answer The answer code associated with this Rule. Format: radio button for
Result-Code Value pulldown list; radio button for
A Diameter answer code is required if the
text box
Action is set to Send Answer.
Range:
• pulldown list: available
Diameter answer codes
• text box: 1000 - 5999
Default: 3002
UNABLE_TO_DELIVER
Vendor ID The Vendor ID to place in the Vendor ID AVP Format: text box; numeric
of the answer message.
Range: 0 - 4294967295
Answer Error Value returned in the Error-Message AVP of Format: text box; alphanumeric,
Message the answer message. underscore (_), period (.)
Default: Null string
* Peer Route Table The Peer Route Table to which the Peer View-only
Routing Rule belongs
Peer Routing Rule operators

Table 29: Peer Routing Rules Operators describes the condition operators available for each parameter
in a Peer Routing Rule.
You can configure a maximum number of rules (as defined in DpiCapacityConstraints table,
MaxPrtRulesWithContainsPerPrt, MaxCondWithContainsPerPrr, and MaxCharPrtCondWithContains)
with the Contains operator per PRT-Name. See Diameter Capacity Summary.
Note: For runtime performance and resources efficiencies, only one condition with Contains operator
in a rule is allowed.
Table 29: Peer Routing Rules Operators
Parameter Operator Meaning

Destination-Realm Equals content must equal the value specified
Not Equal content must not equal the value specified
Starts With content must start with the value specified


Ends With content must end with the value specified
Contains content must contain the value specified
Always True content is not evaluated and the parameter's condition
is always true
Destination-Host Equals content must equal the value specified
Present and Not Equal Destination-Host must be present and value must not
equal the value specified
Present Destination-Host must be present
Absent Destination-Host must be absent
is always true
Application-ID Equals content must equal the value specified
is always true
Command-Code Equals content must equal the value specified
is always true
Origin-Real Equals content must equal the value specified
is always true
Origin-Host Equals content must equal the value specified


is always true
Viewing Peer Routing Rules

Use this task to view Peer Routing Rules currently configured in a particular Peer Route Table.
2. Select the Peer Route Table for which you want to view Peer Routing Rules and click View/Edit
Rules.
The Viewing Rules for Peer Route Table: {Peer Route Table Name} page appears.
Adding a Peer Routing Rule

Use this task to create a new Peer Routing Rule in a Peer Route Table.
2. Select the Peer Route Table to which you want to add a Peer Routing Rule and click View/Insert
Rules.
The Viewing Rules for Peer Route Table: {Peer Route Table Name} appears.
3. Click Insert.
The Inserting Rule for Peer Route Table: {Peer Route Table Name} page appears.
4. Enter a unique name for the Rule in the Name field.
5. Set a Priority for this Rule in relation to other Rules, by entering a number between 1 and 99 in the
Priority field.
6. Set the Peer Routing Rule Conditions:
a) Locate the Parameter you want to set.
b) Select the relevant operator from the Operator pulldown list. See Peer Routing Rule operators for
a description of operators available for each parameter.
c) Enter the appropriate value for the parameter in the corresponding Value field.
d) Repeat this step for each parameter. For any parameter that does not need to be evaluated, set
the Operator to Always True.
7. Select the Action you want to occur when a Diameter message matches the parameter conditions.
• Route to Peer: route the message to a Peer Node using the Route List associated with this Rule.
• Send Answer: abandon message routing and send an Answer response containing the Answer
Result-Code Value associated with this Rule.
8. If you selected Route to Peer as the Action, select the Route List to associate with this Rule from
the pulldown list.
9. If you selected Route to Peer as the Action, select the Message Priority to assign to the message.
10. If Diameter Message Copy will be used, select the Message Copy Configuration Set to use when
this Rule is selected for PRT-triggered Message Copy.

11. If you selected Send Answer as the Action, select the desired Answer Result-Code Value selection
box:
• Select the pulldown list radio button to use an existing Answer Result-Code; then select an
Answer Result-Code in the list.
• Select the text box radio button, and enter your own Answer Result-Code value.
12. If you selected Send Answer as the Action, enter the desired Vendor ID AVP in the Vendor ID
field.
13. If you selected Send Answer as the Action, enter the desired Error-Message AVP in the Answer
Error Message field.
14. Click:
• OK to save the changes and return to the Viewing Rules for Peer Route Table: {Peer Route
Table Name} page.
• Cancel to return to the Viewing Rules for Peer Route Table: {Peer Route Table Name} page
without saving any changes.
• If you attempt to insert or update a Peer Route Rule instance and the specified Route List whose
Dynamic attribute value is YES.
• Any required field is empty (no entry was made)
• Any field is not valid or is out of range
• The Rule Name is not unique; it already exists in the system
• The selected Route List no longer exists (has been deleted by another user)
• The Rule is similar to an already existing Rule (the same attributes except for Rule Name and
Priority)
• The maximum number of Peer Routing Rules are already configured for the Peer Route Table.
Editing a Peer Routing Rule

Use this task to edit a Peer Routing Rule in a Peer Route Table.
The Rule Name cannot be changed.
2. Select the Peer Route Table which contains the Peer Routing Rule you want to edit and click
View/Edit Rules.
3. Select the Peer Routing Rule you want to edit, then click Edit.
The Editing Rule for Peer Route Table: {Peer Route Table Name}page appears.
For more information about each field see Peer Routing Rule configuration elements and Peer Routing
Rule operators.
5. Click:
• OK to save the data and return to Viewing Rules for Peer Route Table: {Peer Route Table
Name} page.


• Cancel to return to the Viewing Rules for Peer Route Table: {Peer Route Table Name} page
without saving any changes.
The following condition exists:
• Peer Route Rules are always statically configured; no statically configured instance can refer to
a dependent GUI element that was added to the configuration as a result of Dynamic Peer
Discovery.
• If you attempt to insert or update a Peer Route Rule instance and the specified Route List whose
Dynamic attribute value is YES.
• The selected Peer Routing Rule no longer exists (was deleted by another user)
• The selected Route List no longer exists (was deleted by another user)
Priority)
Deleting a Peer Route Rule

Use this task to delete a Peer Routing Rule from a Peer Route Table.
2. Select the Peer Route Table which contains the Peer Routing Rule you want to delete and click
View/Edit Rules.
3. Select the Peer Routing Rule you want to delete.
4. Click Delete.
5. Click:
• OK to delete the Peer Routing Rule.
• Cancel to cancel the delete function and return to the Viewing Rules for Peer Route Table:
{Peer Route Table Name} page.
If OK is clicked and the selected Peer Routing Rule no longer exists (it was deleted by another
user), an error message is displayed and the Peer Routing Rules view is refreshed.
Diameter Egress Throttle Groups

Egress Throttle Groups are used to monitor egress Request rate and pending transactions for multiple
Peers and Connections across multiple DA-MPs. If a Peer is assigned to the Egress Throttle Group,
then all Diameter Connections to that peer are implicitly part of the Egress Throttle Group.

Egress Throttle Group functions are described in detail in Egress Throttle Groups. Egress Throttle Groups
control the following functions.
An Egress Throttle Group can be standalone, or it can be associated with an Egress Throttle List that
spans multiple signaling routers. An Egress Throttle Group can be associated with only one Egress
Throttle List. See Diameter Egress Throttle List.
• Egress Throttle Group Rate Limiting controls the total egress Request traffic that is routed to a
configured group of Peers or Connections.
• Egress Throttle Group Pending Transaction Limiting controls the number of pending transactions
that are allowed for a configured group of Peers or Connections.
• The Egress Throttle Group Rate Limiting and Egress Throttle Group Pending Transaction Limiting
provide egress throttling capability that enables:
• A group of Peers and Connections to be associated with an Egress Throttle Group
• The maximum egress Request rate of Egress Throttle Groups to be set
• The maximum pending transaction limit of Egress Throttle Groups to be set
• The Egress Throttling Control Scope.
On the Diameter > Configuration > Egress Throttle Groups page, the following actions can be
performed:
• Filter the list of Egress Throttle Groups to display only the desired Egress Throttle Groups.
• Sort the list by a column in ascending or descending order, by clicking the column heading.
The default order is by Egress Throttle Groups Name in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Egress Throttle Groups [Insert] page opens. You can add new
Egress Throttle Groups.
The Diameter > Configuration > Egress Throttle Groups [Insert] page will not open if the
maximum number of Egress Throttle Groups (128 per NE) already exists in the system.
• Select an Egress Throttle Group in the list, and click Edit.
The Diameter > Configuration > Egress Throttle Groups [Edit] page opens. You can edit the
selected Egress Throttle Group.
If the selected Egress Throttle Group has been deleted by another user, the Diameter >
Configuration > Egress Throttle Groups [Edit] page will not open.
• Select an Egress Throttle Group in the list, and click Delete to delete the selected Egress Throttle
Group.
Diameter Egress Throttle Groups elements

Table 30: Egress Throttle Groups Elements describes the fields on the Diameter > Configuration > Egress
Throttle Groups page.

Table 30: Egress Throttle Groups Elements
*Egress Throttle A name that uniquely identifies the Egress Format: text box;
Group Name Throttle Group. alphanumeric and
underscore; must contain at
least one alpha and must not
start with a digit.
Default: NA
Rate Limiting Available Rate Limiting configuration sets for Format: Pulldown list
configuration set this ETG.
Range: NA
Default: NA
Pending Transaction Available Pending Transaction Limiting Format: Pulldown list

Limiting configuration sets for this ETG.
Range: NA
Configuration Set
Default: NA
Egress Throttling The control scope used to determine if the ETG's Format: two radio buttons;
Control Scope aggregated data or the ETL's aggregated data one must be checked.
is used for routing decisions.
Range: ETL or ETG
Note: The Egress Throttling Control Scope can
Default: ETG checked
be set to ETL only when the ETG has been
added to an Egress Throttle List through the
NOAM GUI. See Diameter Egress Throttle List.
Peer Node Peers associated with this Egress Throttle Format: Pulldown list
Group.
Range: 0 - 128
Note: Click Add to add Peer Nodes.
Default: NA
Connection Connection associated with this Egress Throttle Format: Pulldown list
Group.
Range: 0 - 128
Note: Click Add to add Connections.
Default: NA
Viewing Egress Throttle Groups

Use this task to view Egress Throttle Groups.
Egress Throttle Groups fields are described in Diameter Egress Throttle Groups elements.
Select Diameter > Configuration > Egress Throttle Groups.
The Diameter > Configuration > Egress Throttle Groups page appears.

Adding Egress Throttle Groups

Use this task to create new Egress Throttle Groups.
1. Select Diameter > Configuration > Egress Throttle Groups.
2. Click Insert.
The Diameter > Configuration > Egress Throttle Groups [Insert] page appears.
3. Enter a unique name for the Egress Throttle Group in the Egress Throttle Group Name field.
4. Select a Rate Limiting configuration set.
5. Select a Pending Transaction Limiting Configuration Set.
6. Select a Egress Throttling Control Scope option.
7. Select a Peer Node to associate with this ETG.
8. Select a Connection to associate with this ETG.
9. Click:
• OK to save the changes and return to the Diameter > Configuration > Egress Throttle Groups
page.
• Cancel to return to the Diameter > Configuration > Egress Throttle Groups page without
saving any changes.
• You can only insert Peer Nodes or Connections whose Dynamic attribute is NO for inclusion
in an Egress Throttle Group.
• Peer Nodes or Connections created by the Dynamic Peer Discovery feature cannot be included
by any Egress Throttle Group instance.
• The maximum number of Egress Throttle Groups have already been created.
• There is no Peer Node or Connection in the signaling network element corresponding to the
Egress Throttle Group to be added.
• Any required fields are left empty.
• An Egress Throttle Group is configured with the greater than the maximum total number of
Peers and Connections.
• An Egress Throttle Group is configured with duplicate Peers or Connections.
• An Egress Throttle Group is configured with a Peer already configured as a member in any
Egress Throttle Group. (Explicit association of Peer with another Egress Throttle Group)
• An Egress Throttle Group is configured with a Peer which is associated with a Connection
configured as a member in any Egress Throttle Group. (Implicit association of Peer with another
Egress Throttle Group)
• An Egress Throttle Group is configured with a Connection already configured as a member in
any Egress Throttle Group. (Explicit association of Connection with another Egress Throttle
Group)

• An Egress Throttle Group is configured with a Connection which is associated with a Peer
configured as a member in any Egress Throttle Group. (Implicit association of Connection with
another Egress Throttle Group)
• An Egress Throttle Group is configured with a Connection and a Peer associated with each
other.
Editing Egress Throttle Groups

Use this task to edit Egress Throttle Groups.
When the Diameter > Configuration > Egress Throttle Groups [Edit] page opens, the columns are
initially populated with the current configuration of the selected Egress Throttle Group.
The existing Egress Throttle Groups Name cannot be changed.
Changes can be made to an Egress Throttle Group configuration irrespective of the Operational Status
of the associated Peer Connections.
Use this GUI page to change configuration sets and set the Egress Throttling Control Scope.
1. Select Diameter > Configuration > Egress Throttle Groups.
2. Select the Egress Throttle Groups to be edited, then click Edit.
The Diameter > Configuration > Egress Throttle Groups [Edit] page appears.

An entry in a pulldown list can be removed by selecting the entry in the list, and then clicking the
X to the right of the pulldown list.
4. Click:
• OK to save the changes and return to the Diameter > Configuration > Egress Throttle Groups
page.
• Cancel to return to the Diameter > Configuration > Egress Throttle Groups page without
saving any changes.
• You can only edit Peer Nodes or Connections whose Dynamic attribute is NO for inclusion in
an Egress Throttle Group.
• Peer Nodes or Connections created by the Dynamic Peer Discovery feature cannot be included
by any Egress Throttle Group instance.
• An attempt is made to remove the Rate Limiting Egress Throttling by removing the check from
the corresponding Egress Throttlings check box for an Egress Throttle Group for which the
Rate Limiting Admin State is set to Enabled.
• An attempt is made to remove Pending Transaction Egress Throttling by removing the check
from the corresponding Egress Throttlings check box for an Egress Throttle Group for which
the Pending Transaction Limiting Admin State is set to Enabled.

Deleting Egress Throttle Groups

Use this task to delete Egress Throttle Groups.
An Egress Throttle Group cannot be deleted if either its corresponding Rate Limiting Admin State or
Pending Transaction Limiting Admin State is not in the Disabled admin state. Before you perform
this task, ensure that the Rate Limiting Admin State or Pending Transaction Limiting Admin State for
the Egress Throttle Group is in the Disabled admin state.
1. Select Diameter > Configuration > Egress Throttle Groups
2. Select the Egress Throttle Group to be deleted.
3. Click Delete.
4. Click:
• OK to delete the Egress Throttle Group.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Egress
Throttle Groups page.
If OK is clicked and the following condition exists, an error message appears:
• The Egress Throttle Group Rate Limiting Admin State for the Egress Throttle Group to be deleted
is not in the Disabled admin state.
• The Egress Throttle Group Pending Transaction Limiting Admin State for the Egress Throttle
Group to be deleted is not in the Disabled admin state.
• The Egress Throttle Group is configured in an Egress Throttle List. The Egress Throttle Group
must be removed from the Egress Throttle List in the NOAM GUI before it can be deleted.
Diameter Reroute On Answer

Using Reroute On Answer, you can configure rerouting scenarios based on the Application ID and
Result-Code AVP values in Answer messages. If these values match the configured order pair of
Application ID and Result-Code AVP value, the message is rerouted to another available Peer Node
from the Route Group selected during the routing process.
If there are no additional available Peer Nodes in the selected Route Group, or the maximum number
of transmits has been met, then reroute is not attempted and the Answer is sent back to the originator.
On the Diameter > Configuration > Reroute on Answer page, you can perform the following actions:
• Filter the list to display only the desired entries.
• Sort the list by column in ascending or descending order, by clicking the column heading. The
default order is by Answer Result Code-AVP Value in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Reroute on Answer [Insert] page appears. You can add a new
entry.

The Diameter > Configuration > Reroute on Answer [Insert] will not open if the maximum
number of Reroute on Answer entries (1000) already exists in the system.
• Select a Reroute on Answer entry, and click Delete to delete the selected entry.
Diameter Reroute On Answer configuration elements

Table 31: Reroute On Answer Configuration Elements describes the fields on the Reroute On Answer View
and Insert pages. Data Input Notes apply only to the Insert page; the View page is read-only.
Table 31: Reroute On Answer Configuration Elements
Field (* indicates
* Answer Result-Code Value in the result-code AVP of the Answer Format: numeric
AVP Value message.
Range: 0 - 4294967295
Application ID Application ID in the Answer message that Format: radio buttons,

identifies a Diameter Application. It is commonly text box, and pulldown
used for screening and routing messages between list
Diameter nodes.
Range:
The Internet Assigned Numbers Authority lists
• first radio button:
standard and vendor-specific Application IDs on
ALL
their iana.org website. On the website:
• second radio button:
• Select Protocol Assignments pulldown list with
• Scroll to locate the Authentication, available
Authorization, and Accounting (AAA) Application IDs
Parameters heading
Default: ALL
• Select Application IDs under the heading
Viewing Reroute On Answer

Use this task to view Reroute On Answer.
Select Diameter > Configuration > Reroute On Answer.
The Diameter > Configuration > Reroute on Answer page appears.
Adding a Reroute On Answer entry

Use this task to create a new Reroute On Answer entry.
The fields are described in Diameter Reroute On Answer configuration elements.
1. Select Diameter > Configuration > Reroute On Answer.
2. Click Insert.
The Diameter > Configuration > Reroute on Answer [Insert] page appears.

3. Enter the desired Result-Code AVP in the Answer Result-Code AVP Value field.
4. Perform one of the following actions for Application ID:
• Select ALL to apply the Reroute On Answer entry to all Application IDs.
• Select the second radio button, and select the appropriate Application ID from the pulldown
list.
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Reroute on Answer
page.
• Cancel to return to the Diameter > Configuration > Reroute on Answer page without saving
any changes.
• A field is empty; a value was not entered
• A value is not valid
• The Answer Result-Code AVP Value and Application ID combination is not unique; it already
exists in the system
• Adding the new Reroute on Answer entry would cause the maximum number of Reroute on
Answer entries (1000) to be exceeded
Deleting a Reroute On Answer

Use this task to delete a Reroute On Answer entry.
1. Select Diameter > Configuration > Reroute On Answer.
2. Select the Answer Result-Code AVP Value for the Reroute On Answer you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Reroute on Answer entry.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Reroute on
Answer page.
If OK is clicked and the selected entry no longer exists (it was deleted by another user), an error
message is displayed and the Reroute on Answer page is refreshed.
Diameter Application Route Tables

An Application Route Table contains one or more Application Routing Rules that can be used for
routing Request messages to diameter applications.

Users can assign Application Route Table (ART) to Diameter messages based on Application ID and
(Extended) Command Codes by configuring Transaction Configuration Rule (TCR) with Application
ID plus (E)CC as a key in Transaction Configuration Sets.
On the Diameter > Configuration > Application Route Tables page, you can perform the following
actions:
• Filter the list of Application Route Tables to display only the desired Application Route Tables.
• Sort the list in ascending or descending order by clicking a column heading. The default order is
by Application Route Table Name in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Application Route Tables [Insert] page appears. You can add
a new Application Route Table.
The Diameter > Configuration > Application Route Tables [Insert] page will not open if the
maximum number of Application Route Tables (100) already exists in the system.
• Select an Application Route Table in the list, and click Delete. You can delete the selected
Application Route Table.
• Select an Application Route Table in the list, and click View/Edit Rules.
The Diameter > Configuration > Application Route Tables [View/Edit Rules] page appears. You
can edit the selected Application Route Table Rules.
If the selected Application Route Table has been deleted by another user, the Diameter >
Configuration > Application Route Tables [View/Edit Rules] page will not open.
Diameter Application Route Tables elements

Table 32: Application Route Tables Elements describes the fields on the Application Route Tables View
and Insert pages. Data Input Notes apply only to the Insert page; the View page is read-only.
Table 32: Application Route Tables Elements
Field (* indicates
* Application Route Unique name of the Format: text box; alphanumeric and
Table Name Application Route Table. underscore (_); cannot start with a digit and
Number of Rules The number of rules associated Format: numeric

with this Application Route
Range: NA
Table.
Viewing Application Route Tables

Use this task to view currently configured Application Route Tables. The fields are described in
Diameter Application Route Tables elements

Select Diameter > Configuration > Application Route Tables.

The Diameter > Configuration > Application Route Tables page appears.
Adding an Application Route Table

Use this task to create a new Application Route Table. The fields are described in Diameter Application
Route Tables elements.
1. Select Diameter > Configuration > Application Route Tables.
2. Click Insert.
The Diameter > Configuration > Application Route Tables [Insert] page appears.
3. Enter a unique name for the Application Route Table in the Application Route Table Name field.
4. Click:
• OK to save the new Application Route Table and go to the Diameter > Configuration >
Application Route Tables page .
• Apply to save the new Application Route Table and remain on this page.
• Cancel to return to the Diameter > Configuration > Application Route Tables page without
saving any changes.
• The Application Route Table Name is not unique; it already exists in the system
• Adding this Application Route Table would cause the maximum number of Application Route
Tables (100) allowed in the system to be exceeded
• Adding this Application Route Table would cause the maximum number of Application Routing
Rules (1000) allowed in the system to be exceeded
After an Application Route Table is added, Application Routing Rules can be defined for it. See
Application Routing Rules configuration.
Deleting an Application Route Table

Use this task to delete an Application Route Table.
Note: An Application Route Table cannot be deleted if any of the following conditions are true:
• The Peer Route Table is referenced by any Peer Node
• The Peer Route Table is referenced by any Transaction Configuration Set
• The selected default Peer Route Table is the Default Peer Route Table
• The Peer Route Table is referenced by the DM-IWF Options configuration
• If OK is clicked and the selected Application Route Table is currently referenced by any Transaction
Configuration Set, the request is rejected and an error message is displayed.
2. Select the Application Route Table you want to delete.

3. Click Delete.
4. Click:
• OK to delete the Application Route Table.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Application
Route Tables page.
If OK is clicked and the selected Application Route Table no longer exists (it was deleted by
another user), an error message is displayed.
If OK is clicked and the selected Application Route Table is currently referenced by the DM-IWF
Options configuration, the request is rejected and an error message is displayed.
Application Routing Rules configuration

An Application Routing Rule defines message routing to a diameter application based on message
content matching the Application Routing Rule's conditions.
If the redirect ART instance is not configured, redirect processing skips ART evaluation for the
redirected request, and it goes directly to PRT evaluation. If the redirect ART is configured, redirect
processing searches for that ART and performs ART evaluation of the redirect request.
There are six Application Routing Rule parameters:
• Application-ID
• Command-Code
• Origin-Realm
• Origin-Host
When a Diameter message matches the conditions of an Application Routing Rule then message is
routed to the diameter application specified in the rule.
Application Routing Rules are assigned a priority in relation to other Application Routing Rules. A
message will be handled based on the highest priority routing rule that it matches. The lower the
number an Application Routing Rule is assigned the higher priority it will have. (1 is highest priority
and 99 is lowest priority.)
One or more diameter applications must be activated before Application Routing Rules can be
configured.
On the Viewing Rules for Application Route Table: {Application Route Table Name} page, you can
perform the following actions:
• Filter the list of Rule Names, to display only the desired Rules.
• Sort the list entries in ascending or descending order by Rule Name, Priority, or Application Name,
by clicking the column heading.
By default, the list is sorted by Priority in ascending ASCII order. The lowest Priority value indicates
the highest priority. For Rules with the same Priority, the Rule Name is used for sorting.
• Click Insert.

The Inserting Rule for Application Route Table: {Application Route Table Name} page opens.
You can add a new Application Routing Rule and its values. See Adding an Application Routing Rule.
If the maximum number of Application Routing Rules (1000) already exists in the system, the
Inserting Rule for Application Route Table: {Application Route Table Name} page will not open,
and an error message is displayed.
• Select the Rule Name of an Application Routing Rule in the list, and click Edit.
The Editing Rule for Application Route Table: {Application Route Table Name} page opens. You
can edit the selected Application Routing Rule. See Editing an Application Routing Rule.
• Select the Rule Name of an Application Routing Rule in the list, and click Delete to remove the
selected Application Routing Rule. See Deleting an Application Routing Rule
Application Routing Rule configuration elements

Table 33: Application Routing Rules Configuration Elements describes the fields on the Application Routing
Rules View, Insert, and Edit pages. Data Input Notes apply only to the Insert and Edit pages; the View
page is read-only.
Table 33: Application Routing Rules Configuration Elements
Field (* indicates
* Rule Name Name of the Application Routing Rule. Format: text box; case-sensitive;
The Name must be unique. alphanumeric and underscore (_);
contain at least one alpha (A-Z, a-z)
* Application Application Route Table associated with View Only

Route Table this Rule.
* Priority Priority of the Rule in relation to other Format: text box; numeric
Rules.
Range: 1 - 99
The lower the Priority number, the higher
a Priority a Application Routing Rule will
have. That is, the Application Routing
Rule with a Priority set to 1 has first
priority, the Application Routing Rule
with a Priority set to 2 has second
priority, and so on.
* Conditions Conditions associated with this Rule.

Each condition has three parts:
• Parameter
• Operator
• Value

Field (* indicates
Parameter: Format: Operator and Value for each
Parameter
• Application-ID
• Command-Code
• Origin-Realm
• Origin-Host
Operator Format: Pulldown list

Sets the relationship between the Range: See Application Routing Rule
Parameter and the Value. For example, operators for a description of operators
if the Operator is set to Equals then the available for each parameter.
Diameter message Parameter must match
Default: -Select-
the set Value.
Value Format: text box or pulldown list

The value in the Diameter message that • Destination-Realm and
the Application Routing Rule uses to Origin-Realm: text box;
determine a match. case-insensitive string consisting
of a list of labels separated by dots,
The Value field is required when the
where a label may contain letters,
Operator is Equals, Starts With, and Ends
digits, dashes (-) and underscore
With.
(_). A label must start with a letter,
The Value field is disabled for the digit or underscore and must end
Operators Present, Absent, and Always with a letter or digit. Underscores
True. may be used only as the first
character. A label can be at most
63 characters long and a Realm can
be at most 255 characters long.
• Destination-Host and Origin-Host
(FQDN): text box; case-insensitive
string consisting of a list of labels
separated by dots, where a label
may contain letters, digits, dashes
(-) and underscore (_). A label
must start with a letter, digit or
underscore and must end with a
letter or digit. Underscores may be
used only as the first character. A
label can be at most 63 characters
long and a FQDN can be at most
255 characters long.
• Application-ID: pulldown list of
configured Application IDs
• Command-Code: pulldown list of
configured Command Codes,

Field (* indicates
including Extended
Command-Code (ECC)
immediately after their parent
Command-Code
Note: An ECC is a Command
Code that also takes into account
the value of a specific AVP for that
Command Code that gives the true
command type (for example,
CCR-I, CCR-U, and so on).
Range: One or more Parameters with

Operator and Value for each
Parameter
Default for Application-ID and
Command Code: -Select-
Action The action that will happen if the Format: selection box
Diameter message matches the conditions
Range: Route to Application, Forward
set in the Application Routing Rule:
to Egress Routing, Send Answer, and
• Route to Application: routes a Abandon With No Answer
message to an Application associated
Default: Route to Application
with this Rule.
• Forward To Egress Routing: forward
the message to PRT to route to Peer
• Send Answer: send and answer
response containing the required
Result-Code and optional Vendor ID
and Answer Error Message associated
with the application routing rule
• Abandon With No Answer: abandon
message routing without sending an
Answer response to external peer.
Answer The value to be placed in the Result-Code Format: selection box radio button for
Result-Code Value AVP of the Answer message. pulldown list; radio button for text
box
A Diameter answer code is required if
the Action is set to Send Answer. Range: 1000 - 5999
Default: none
Vendor ID The value to be placed in the Vendor ID Format: text box; digits only
AVP
Range: 0 - 4294967295
Default: none

Field (* indicates
Answer Error String to be placed in the Error-Message Format: text box; case-sensitive;
Message AVP of the Answer message alphanumeric and underscore (_);
contain at least one alpha (A-Z, a-z)
Range: 0 - 64
Default: null, no Error-Message AVP
in Answer message
* Application Application Name associated with this Format: pulldown list

Name Rule.
Range: All activated Applications
Default: -Select-
Gx-Prime If this Rule matches a Request, Policy Check box

DRA treats the Request's Diameter
Application as Gx-Prime.
Application Routing Rule operators

Table 34: Application Routing Rules Operators describes the Conditions operators available for each
parameter in a Application Routing Rule.
Table 34: Application Routing Rules Operators

Destination-Realm Equals content must equal the value specified
Always True content is not evaluated and the parameter's condition is
always true
Destination-Host Equals content must equal the value specified
Present and Not Equal Destination-Host must be present and value must not
equal the value specified
Present Destination-Host must be present
Absent Destination-Host must be absent


always true
Application-ID Equals content must equal the value specified
always true
Command-Code Equals content must equal the value specified
always true
Origin-Realm Equals content must equal the value specified
always true
Origin-Host Equals content must equal the value specified
always true
Viewing Application Routing Rules

The use of Application Routing Rules is described in Application Routing Rules configuration.
The fields are described in Application Routing Rule configuration elements.
To view currently configured Application Routing Rules in a selected Application Route Table,
The Diameter > Configuration > Application Route Tables page appears with a list of configured
2. Select an Application Route Table Name in the list.
3. Click View/Edit Rules.

The Viewing Rules for Application Route Table: {Application Route Table Name} page opens,
with a list of the Rules that are currently configured in the selected Application Route Table.
Adding an Application Routing Rule

Use this procedure to create a new Application Routing Rule in a selected Application Route Table.
The fields are described in Application Routing Rule configuration elements.

The Viewing Rules for Application Route Table: {Application Route Table Name} page appears.
4. Click Insert.
The Inserting Rule for Application Route Table: {Application Route Table Name} page appears.
If the maximum number of Application Routing Rules (1000) already exists in the system, the
Diameter > Configuration > Application Routing Rules [Insert] page will not open.
5. Enter a unique name for the Rule in the Rule Name field.
6. Set a Priority for this Rule in relation to other Rules, by entering a number between 1 and 99 in the
Priority field.
7. Set the Application Routing Rule Conditions:
a) Locate the Parameter you want to set.
b) Select the relevant operator from the Operator pulldown list.
See Application Routing Rule operators for a description of operators available for each Parameter.
c) Enter the appropriate value for the Parameter in the corresponding Value field.
The Value text box is disabled for some Operators that do not require a value.
d) Repeat this step for each Parameter. For any Parameter that does not need to be evaluated, set
the Operator to Always True.
8. From the pulldown list, select the Application Name associated with this Rule.
9. Click:
• OK to save the Rule and return to the Diameter > Configuration > Application Routing Rules
page.
• Apply to save the Rule and remain on this page.
• Cancel to return to the Viewing Rules for Application Route Table: {Application Route Table
Name} page without saving any changes.
• The Rule Name is not unique
Priority)

• Adding the Application Routing Rule would cause the maximum number of Application Routing
Rules (1000) allowed in the system to be exceeded
For Application Route Tables that are associated with Application IDs, a warning appears for an
attempt to add an Application Routing Rule with an Application-ID that does not match the
Application ID with which the Application Route Table is associated.
Editing an Application Routing Rule

Use this task to edit an Application Routing Rule in a selected Application Route Table.
Note: The Rule Name field cannot be edited.

The Viewing Rules for Application Route Table: {Application Route Table Name} page appears.
4. Select a Rule to edit.

5. Click Edit.
The Editing Rule for Application Route Table: {Application Route Table Name} page appears.
For more information about each field see Application Routing Rule configuration elements and
Application Routing Rule operators.
7. Click:
• OK to save the changes and return to the Viewing Rules for Application Route Table:
{Application Route Table Name} page.
• Cancel to return to the Viewing Rules for Application Route Table: {Application Route Table
Name} page without saving any changes.
• The selected Application Routing Rule no longer exists; it has been deleted by another user
Priority)
Deleting an Application Routing Rule

Use this task to delete an Application Routing Rule from a selected Application Route Table.
The Diameter > Configuration > Application Route Tables page appears with a list of configured


The Viewing Rules for Application Route Table: {Application Route Table Name} page opens,
with a list of the Rules that are currently configured in the selected Application Route Table.
4. Select the Application Routing Rule you want to delete, then click Delete.
• Click OK to delete the Application Routing Rule.
• Click Cancel to cancel the delete function and return to the Viewing Rules for Application
Route Table: {Application Route Table Name} page.
If OK is clicked and the selected Application Routing Rule no longer exists (it was deleted by
another user), an error message is displayed and the Application Routing Rules view is refreshed.
Diameter Routing Option Sets

A Routing Option Set is a collection of Routing Options that are used when a Request message is
received. This functionality controls the number of times an application forwards the request message
and the processing error delivery situations.
A Routing Option Set can be associated with the Peer Node that the Request is received from, or with
the Diameter Application ID contained in the Request message header. If Routing Option Sets are
associated with both the Peer Node and the Application ID, the one associated with the Peer Node
takes precedence. If neither the Peer Node nor the Application ID have an associated Routing Option
Set, then the Default Routing Option Set is used.
Users can assign Routing Option Set (ROS) to Diameter messages based on Application ID and
Select the Routing Option Set as per the precedence selection criterion as described in here, highest
to lowest priority.
• If Transaction Configuration Set is selected on ingress Peer Node from which the Diameter Request
was received, use Transaction Configuration Set and apply longest/strongest match search criteria
for Diameter Request message parameters comparison and if a match is found, apply ROS assigned
to the Transaction Configuration Rule defined under this Transaction Configuration Set, if it exists.
• The ROS assigned to the ingress Peer Node from which the Request message was received, if it
exists.
• Search Default TCS and apply longest/strongest match. Use ROS associated with best match, if
any is found.
• Default ROS.
On the Diameter > Configuration > Route Option Sets page, you can perform the following actions:
• Filter the list of Routing Option Sets to display only the desired Routing Option Sets.
default order is by Routing Option Set Name in ascending ASCII order.

• Click Insert.
The Diameter > Configuration > Route Option Sets [Insert] page appears. You can add a new
Routing Option Set.
The Diameter > Configuration > Route Option Sets [Insert] page will not open if the maximum
number of Routing Option Sets (20) already exists in the system
• Select a Routing Option Set in the list, and click Edit.
The Diameter > Configuration > Route Option Sets [Edit] page appears. You can edit the selected
Routing Option Set.
If the selected Routing Option Set has been deleted by another user, the Diameter > Configuration >
Route Option Sets [Edit] page will not open.
• Select a Routing Options Set in the list, and click Delete. You can delete the selected Routing Option
Set. The Default Routing Option Set cannot be deleted.
Diameter Routing Option Sets elements

Table 35: Routing Option Sets Elements describes the fields on the Routing Option Sets View, Insert, and
Edit pages. Data Input Notes apply only to the Insert and Edit pages; the View page is read-only.
Table 35: Routing Option Sets Elements
Field (* indicates
* Routing Options Set Unique name of the Routing Option Set. Format: text box;
Name case-sensitive;
alphanumeric and
underscore
and must contain at
least one alpha
* Maximum Per Maximum number of times an application is Format: text box;

Message Forwarding allowed to forward a Request message. numeric
Allowed
Range: 1 - 5
Default: 1
Transaction Lifetime The total time diameter allows to forward a Format: text box;
Request, including initial and all subsequent numeric
routing attempts.
Range: 100 - 540000 ms
Default: 1000 ms
Pending Answer Timer Pending Answer Timer of this Routing Option Format: pulldown list
Set

Field (* indicates
If the Pending Answer Timer value is Not Range: Default,
Selected, the egress Peer Node's associated configured Pending
Pending Answer Timer, if it is defined, will be Answer Timers
used when processing transactions.
Default: Not Selected.
A Pending Answer Timer cannot be assigned to
the Default Routing Option Set.
* Resource Exhausted Action taken when a Request cannot be processed Format: pulldown list
Action due to an internal resource being exhausted
Range: Abandon with
no Answer; Send
Answer
Default: Abandon with
no Answer
Resource Exhausted Value to be placed in the Result-Code AVP of the Format: radio button for
Result-Code Answer message. An Answer Result-Code value pulldown list, radio
is required if Resource Exhausted Action is Send button for text box
Answer.
Range: 1000 - 5999
Select the code from the
pulldown list or enter
the code in the text box.
Default: NA
Resource Exhausted String to be placed in the Error-Message AVP of Format: text box;
Answer Error-Message the Answer message for Resource Exhaustion alphanumeric
Default: Null string, no
Error-Message AVP in
Answer message
Resource Exhausted Resource Exhausted Vendor-ID Value. When Format: text box;
Vendor-ID specified, the Answer generated will be an numeric
Experimental-Result-Code grouped AVP with the
Range: 1 - 4294967295
specified Vendor-ID value placed in the
Vendor-ID AVP. Default: NA
* No Peer Response Action taken when the routing of a Request is Format: pulldown list
Action abandoned due to an Answer timeout or
Range: Abandon with
Transaction Lifetime timeout.
no Answer; Send
Answer
Default: Send Answer

Field (* indicates
No Peer Response Value to be placed in the Result-Code AVP of the Format: radio button for
Result-Code Answer message. pulldown list, radio
button for text box
This Result-Code value is required if the No Peer
Response Action is Send Answer. Range: 1000 - 5999
Default: NA
No Peer Response String to be placed in the Error-Message AVP of Format: text box;
Error-Message the Answer message for No Peer Response alphanumeric
Answer message
No Peer Response No Peer Response Vendor-ID value. When Format: numeric

Vendor-ID specified, the Answer generated will be an
Range: 1 - 4294967295
specified Vendor-ID value placed in the Default: NA
Vendor-ID AVP.
* Connection Failure Action taken when the routing of a Request is Format: pulldown list
Action abandoned when the last egress connection
Range: Abandon with
selection fails
no Answer; Send
Answer
Connection Failure Value to be placed in the Result-Code AVP of the Format: radio button for
Result-Code Answer message. An Answer Result-Code value pulldown list, radio
is required if the action is Send Answer. button for text box
Range: 1000 - 5999
Default: NA
Connection Failure String to be placed in the Error-Message AVP of Format: text box;
Answer Error-Message the Answer message for Connection Failure. alphanumeric
Answer message

Field (* indicates
Connection Failure Vendor ID value returned in an Answer message Format: text box;
Vendor-ID when a message is not successfully routed due to numeric
connection failure. When specified, the Answer
Range: 1 - 4294967295
generated will be an Experimental-Result-Code
grouped AVP with the specified Vendor-ID value Default: NA
placed in the Vendor-ID AVP.
* Connection Action taken when the routing of a Request is Format: pulldown list
Congestion Action abandoned because the last connection evaluated
Range: Abandon with
is congested
no Answer; Send
Answer
Connection Congestion Value to be placed in the Result-Code AVP of the Format: radio button for
Result-Code Answer message when a message is not pulldown list, radio
successfully routed due to Connection congestion. button for text box
This is required if the action is Send Answer. Range: 1000 - 5999
Default: NA
Connection Congestion String to be placed in the Error-Message AVP of Format: alphanumeric

Answer Error-Message the Answer message for Connection congestion
Answer message
Connection Congestion Vendor ID value returned in an Answer message Format: numeric

Vendor-ID when a message is not successfully routed due to
Range: 1 - 4294967295
Connection congestion. When specified, the
Answer generated will be an Default: NA
specified Vendor-ID value placed in the
Vendor-ID AVP.
Peer Node Reported Action when routing of a Request is abandoned Format: pulldown list
Congestion Action and the route evaluated is congested.
Range: Send Answer,
Abandon with No
Answer
Peer Node Reported Value to be placed in the Result-Code AVP of the Format: pulldown list
Congestion Result-Code Answer message. Answer Result-Code Value is
Range: 1000 - 5999
required if action is Send Answer.

Field (* indicates
Default: NA
Peer Node Reported String to be placed in the Error-Message AVP of Format: numeric
Congestion Answer the Answer message for Peer Node Reported
Error-Message Congestion
Default: null string, no
Answer message
Peer Node Reported Peer Node Reported Congestion Vendor-ID Value. Format: numeric
Congestion Vendor-ID When specified, Answer generated will be
Range: 1 - 4294967295
Experimental-Result-Code grouped AVP with
Vendor-ID value specified placed in Vendor-ID Default: NA
AVP.
* Destination-Realm Not Action when routing of a Request is abandoned Format: pulldown list
Served Action due to Destination-Realm Implicit Routing failure
Range: Send Answer,
to find a (Realm/Application-Id) match in the
Abandon with no
Realm Route Table for routing the transaction.
Answer
Destination-Realm Not Value to be placed in the Result-Code AVP of the Format: radio button for
Served Result-Code Answer message. Answer Result-Code Value is pulldown list, radio
required if action is Send Answer. button for text box
Range: 1000 - 5999
Default: 3003
REALM_NOT_SERVED
Destination-Realm Not String to be placed in the Error-Message AVP of Format: numeric

Served Error-Message the Answer message for Destination-Realm Not
Served.
Default: null string, no
additional text is added
to the Error-Message
AVP in the Answer
message
* Destination-Realm Not Destination-Realm Not Served Vendor-ID Value. Format: numeric

Served Vendor-ID When specified, Answer generated will be
Range: 1 - 4294967295
Experimental-Result-Code grouped AVP with
Vendor-ID value specified placed in Vendor-ID Default: NA
AVP.
Viewing Routing Option Sets

Use this task to view currently configured Routing Option Sets.

Select Diameter > Configuration > Routing Option Sets.

The Diameter > Configuration > Route Option Sets page appears.
Adding a Routing Option Set

Use this task to create a new Routing Option Set. The fields are described in Diameter Routing Option
Sets elements.
1. Select Diameter > Configuration > Routing Option Sets.
The Diameter > Configuration > Routing Option Sets page appears.
2. Click Insert.
The Diameter > Configuration > Routing Option Sets [Insert] page appears.
3. Enter a unique name for the Routing Option Set in the Routing Option Set Name field.
4. Enter or select the values for the Routing Option Set elements.
Required elements are marked with a red asterisk (*).
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Routing Option Sets
page.
• Cancel to return to the Diameter > Configuration > Routing Option Sets page without saving
any changes.
• The Routing Option Set Name is not unique; it already exists in the system
• The maximum number of Routing Option Sets (20) already exists in the system
• The Pending Answer Timer value is greater than the Routing Option Set Transaction Lifetime
value.
Editing a Routing Option Set

Use this task to make changes to existing Routing Option Sets.
The Routing Option Set Name cannot be changed.
2. Select the Routing Option Set you want to edit.
3. Click Edit.
The Diameter > Configuration > Routing Option Sets [Edit] page appears.
The page is initially populated with the current configured values for the selected Routing Option
Set.

The fields are described in Diameter Routing Option Sets elements.

5. Click:
• OK to save the changes and return to the Diameter > Configuration > Routing Option Sets
page.
• Cancel to return to the Diameter > Configuration > Routing Option Sets page without saving
any changes.
• The selected Routing Option Set no longer exists (has been deleted by another user)
• The Pending Answer Timer value is greater than the Routing Option Set Transaction Lifetime
value.
• A Pending Answer Timer is assigned to the Routing Option Set when the Routing Option Set
has been assigned to an Application ID.
Deleting a Routing Option Set

Use this task to delete a Routing Option Set.
Note: A Routing Option Set cannot be deleted if any of the following conditions are true:
• The Routing Option Set is referenced by any Peer Node
• The Routing Option Set is referenced by any Transaction Configuration Set
• The Routing Option Set is the Default Routing Option Set
2. Select the Routing Option Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Routing Option Set.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Routing
Option Sets page.
If OK is clicked and the selected Routing Option Set no longer exists (it was deleted by another
user), an error message is displayed and the Routing Option Sets view is refreshed.
Diameter Pending Answer Timers

A Pending Answer Timer sets the amount of time Diameter waits for an Answer after sending a
Request to a Peer Node.

In many cases, the Pending Answer Timer used by diameter is based on Diameter client response time
requirements. Different Diameter clients for a single Application-ID and (Extended) Command Code
can have differing response time requirements. The diameter Pending Answer Timer can be controlled
based on Ingress Peer Node.
Users can assign a Pending Answer Timer (PAT) to Diameter messages based on Application ID and
A Pending Answer Timer can be associated with:
• The Peer Node from which the request was received through Routing Option Set.
• The Peer Node that the Request is sent to
• The Transaction Configuration Set
Select the Pending Answer Timer using the following precedence selection criterion, highest to lowest
priority:
• If Transaction Configuration Set is selected on ingress Peer Node from which the Diameter Request
was received, use Transaction Configuration Set and apply longest/strongest match search criteria
for Diameter Request message parameters comparison and if a match is found, apply PAT assigned
to Transaction Configuration Rule defined under this Transaction Configuration Set, if it exists.
• The Pending Answer Timer assigned to the Routing Option Set for the Ingress Peer, if it exists.
• The Pending Answer Timer assigned to the egress Peer Node to which the Request message will
be forwarded, if it exists.
• Search Default TCS and apply longest/strongest match. Use PAT associated with best match, if
any is found.
• Default Pending Answer Timer.
The Diameter Routing Option Set provides an optional Pending Answer Timer element. If a configured
Pending Answer Timer is specified in a Routing Option Set:
• Routing Option Set Maximum per Message Forwarding Allowed must be > 1.
• Routing Option Set Transaction Lifetime must be greater than or equal to the value of the Pending
Answer Timer specified for the Routing Option Set.
The Routing Option Set Transaction Lifetime value controls the total time that Diameter will attempt
to process a transaction, including re-routing attempts. Although the Routing Option Set can be
associated with an Ingress Peer Node, Diameter evaluates the Routing Option Set Transaction Lifetime
for expiration only at re-routing attempts, which means:
• Routing Option Set Maximum per Message Forwarding Allowed must be > 1
• Routing Option Set Transaction Lifetime must be greater than or equal to the value of the Pending
Answer Timer specified for the Routing Option Set
The Routing Option Set Transaction Lifetime value controls the total time that Diameter will attempt
to process a transaction, including re-routing attempts. Although the Routing Option Set can be
associated with an Ingress Peer Node, Diameter evaluates the Routing Option Set Transaction Lifetime
for expiration only at re-routing attempts, which means:
• Transaction Lifetime is not applicable or configurable if the Routing Option Set has re-routing
disabled (Maximum per Message Forwarding Allowed value is set to 1)
• Transaction Lifetime may be extended by as much as 1 Pending Answer Timer interval in some
cases.

A Routing Option Set referenced by a Transaction Configuration Set Rule in Transaction Configuration
Set cannot have a Pending Answer Timer configured, because each Transaction Configuration Rule
always has an associated Pending Answer Timer.
Diameter selection of the Pending Answer Timer and Transaction Lifetime values to be used when
routing Requests upstream will operate as indicated in Table 36: Diameter Pending Answer Timer and
Transaction Lifetime Selection.
Table 36: Diameter Pending Answer Timer and Transaction Lifetime Selection
Transaction
Configuration
Set entry exists Default
for Appl-ID and Transaction
(Extended) Configuration
Command Code Set entry exists
in Request Egress for Appl-ID
being processed Pending Answer Pending and (Extended)
and is Timer specified Answer Timer Command
associated with in Ingress Peer specified in Code in
Ingress Peer Node Routing Egress Peer Request being Resultant Pending Answer
Node Option Set? Node? processed? Timer value used
Yes Yes Yes Yes Pending Answer Timer from
Transaction Configuration
Set for Request's Appl-ID
and (E)CC after applying
longest/strongest search
criteria.
Yes No Yes No Pending Answer Timer from
criteria.
Yes Yes No No Pending Answer Timer from
criteria.
Yes Yes Yes No Pending Answer Timer from
criteria.
Yes Yes No Yes Pending Answer Timer from

Transaction
Configuration
criteria.
Yes No Yes No Pending Answer Timer from
criteria.
Yes No No Yes Pending Answer Timer from
criteria.
Yes No Yes Yes Pending Answer Timer from
criteria.
No Yes Yes No Pending Answer Timer in
Ingress Peer Node Routing
Option Set.
No Yes No Yes Pending Answer Timer in
Option Set.
No Yes No No Pending Answer Timer in
Option Set.
No Yes Yes Yes Pending Answer Timer in
Option Set.

Transaction
Configuration
No No Yes Yes Egress Pending Answer
Timer in Egress Peer Node.
No No Yes No Egress Pending Answer
Timer in Egress Peer Node.
No No No Yes Pending Answer Timer from
Default Transaction
Configuration Set for
Request's Appl-ID and (E)CC
after applying
criteria if match occur
otherwise System Default
Pending Answer Timer.
No No No No System Default Pending
Answer Timer.
The Diameter > Configuration > Pending Answer Timers

On the Diameter > Configuration > Pending Answer Timers page, you can perform the following
actions:
• Filter the list of Pending Answer Timers to display only the desired Pending Answer Timers.
default order is by Pending Answer Timer Name in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Pending Answer Timers [Insert] page appears. You can add a
new Pending Answer Timer.
The Diameter > Configuration > Pending Answer Timers [Insert] page will not open if
• The maximum number of Pending Answer Timers (16) already exists in the system.
• Select a Pending Answer Timer in the list, and click Edit.
The Diameter > Configuration > Pending Answer Timers [Edit] page appears. You can edit the
selected Pending Answer Timer.
If the selected Pending Answer Timer has been deleted by another user, the Diameter >
Configuration > Pending Answer Timers [Edit] page will not open.

• Select a Pending Answer Timer in the list, and click Delete. You can delete the selected Pending
Answer Timer. You cannot delete the Default Pending Answer Timer.
Diameter Pending Answer Timers elements

Table 37: Pending Answer Timers Elements describes the fields on the Pending Answer Timers View,
read-only.
Table 37: Pending Answer Timers Elements
Field (* indicates
* Pending Answer Unique name of the Pending Format: case-sensitive; alphanumeric and
Timer Name Answer Timer. underscore
Range: 1 - 32 characters; cannot start with
a digit and must contain at least one alpha
* Pending Answer The amount of time diameter Format: numeric

Timer Value waits for an Answer from a
Range: 100 - 180000 ms
upstream peer after
forwarding a request. Default: 1000 ms
Viewing Pending Answer Timers

Use this task to view currently configured Pending Answer Timers Sets.
Select Diameter > Configuration > Pending Answer Timers.
The Diameter > Configuration > Pending Answer Timers page appears.
Adding a Pending Answer Timer

Use this task to create a new Pending Answer Timer. The fields are described in Diameter Pending
Answer Timers elements.
1. Select Diameter > Configuration > Pending Answer Timers.
2. Click Insert.
The Diameter > Configuration > Pending Answer Timers [Insert] page appears.
3. Enter a unique name for the Pending Answer Timer in the Pending Answer Timer Name field.
4. Set the Pending Answer Timer Value.
5. Click:
• OK to save the data and return to the Diameter > Configuration > Pending Answer Timers
page .

• Cancel to return to the Diameter > Configuration > Pending Answer Timers page without
saving any changes.
• The Pending Answer Timer Name is not unique; it already exists in the system
• Adding the Pending Answer Timer would cause the maximum number of Pending Answer
Timers (16) allowed in the system to be exceeded
Editing a Pending Answer Timer

Use this task to make changes to existing Pending Answer Timers.
The Pending Answer Timer Name cannot be changed.
2. Select the Pending Answer Timer you want to edit.
3. Click Edit.
The Diameter > Configuration > Pending Answer Timers [Edit] page appears.
The page is initially populated with the current configured values for the selected Pending Answer
Timer.

For more information about each field see Diameter Pending Answer Timers elements.
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Pending Answer Timers
page.
• Cancel to return to the Diameter > Configuration > Pending Answer Timers page without
saving any changes.
• The selected Pending Answer Timer no longer exists (has been deleted by another user)
• For a Pending Answer Timer that is assigned to a Routing Option Set, the Pending Answer
Timer value is greater than the Transaction Lifetime value in the Routing Option Set.
Deleting a Pending Answer Timer

Use this task to delete a Pending Answer Timer.

Note: A Pending Answer Timer cannot be deleted if it is referenced by either a Peer Node or a Routing
Option Set is referenced by Protected Networks. It also cannot be deleted if it is associated with any
Routing Option Set.
2. Select the Pending Answer Timer you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Pending Answer Timer.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Pending
Answer Timers page.
If OK is clicked and the selected Pending Answer Timer no longer exists (it was deleted by another
user), an error message is displayed and the Pending Answer Timers view is refreshed.
Diameter Traffic Throttle Points

A Traffic Throttle Point (TTP) is the logical entity that contains the information that is required to
perform (Peer Node, Application ID) ETR throttling. It contains user-defined configuration attributes
and dynamic throttling information received from upstream Peer Nodes via DOIC.
The RT-DB TTP table contains:
• User-defined TTP attributes
• DOIC throttling information received by way of DOIC AVPs
• Target ETR
• Diverted OTR
When the routing application selects a Peer Node or Connection from a Route Group (or selects a Peer
Node for implicit Routing), it checks if a TTP exists for the selected Peer Node/Connection and
Application ID in the Request message. If an active TTP exists, ETR throttling can be applied.
When routing a Request message, which has an associated Active TTP with DOIC enabled, upstream
Peer Nodes are notified that the node supports DOIC and provides a list of DOIC Abatement
Algorithms. When an OC-Supported-Features AVP is sent in a Request message, it saves the TTP
which triggered sending the DCA in the PTR. When an Answer response is received from a Peer Node
and a non-NULL TTP is saved in the PTR, the application checks for DOIC AVPs that might contain
a new overload report (OLR) or contain changes to an existing overload report being processed.
Otherwise, the application does not check for DOIC AVPs in Answer responses. Any valid requests
from the upstream Peer Node to reduce traffic are stored in the TTP and immediately applied.
A TTP is required to manage the DSR Diameter Overload Indication Conveyance (DOIC) relationship
between the routing application and the reacting nodes. TTPs:
• Control HostID/AppID pair scope
• Manage configuration parameters
• Track rate information
• Track their administrative, operational and a throttling status

Information collected at the TTP level for DOIC throttling can be used to improve routing decisions.
You can perform the following actions for Traffic Throttle Points:
• Filter the list of Traffic Throttle Points to display only the desired Traffic Throttle Points.
The default order is by Traffic Throttle Points Name in ascending ASCII order.
• Click Insert.
The Traffic Throttle Points [Insert] page appears. You can add a new Traffic Throttle Point. See
Adding Traffic Throttle Points.
If the maximum number of Traffic Throttle Points already exists in the system, an error message
is displayed.
• Select a Traffic Throttle Point Name in the list. Click Edit to display the Traffic Throttle Points
[Edit] page and edit the selected Traffic Throttle Point.
See Editing Traffic Throttle Points.
• Select a Traffic Throttle Point Name in the list, and click Delete to remove the selected Traffic
Throttle Point.
See Deleting Traffic Throttle Points.
Diameter Traffic Throttle Point elements

Table 38: Traffic Throttle Point Elements describes the fields on the Diameter > Traffic Throttle Points >
View, Insert, and Edit pages. Data Input Notes apply only to the Insert and Edit pages; the View page
is read-only.
Table 38: Traffic Throttle Point Elements
* Name The name of the Traffic Throttle Point. Format: case-sensitive;
Range: 1 - 32 characters; cannot
start with a digit and must
Default: NA
* Peer Node The Egress Peer associated with this Format: pulldown list
Diameter Application ID and Traffic
Throttle Point.
Default: NA

* Application Id The Diameter Application ID associated Format: pulldown list
with this Traffic Throttle Point.
Default: NA
TTP Configuration Set The Traffic Throttle Point Configuration Format: pulldown list
Set that is associated with this Traffic
Throttle Point.
Default: NA
* Max Loss Percent The rate loss threshold where if the Format: text box
Threshold current percent loss is greater than or
Range: 1 - 100
equal to this value, requests should not
route to this Traffic Throttle Point and Default: 100%
should be diverted or discarded instead.
Alternate Implicit Optional Route List to use for routing Format: pulldown list
Route messages to this Peer when implicit
Range: 1 - 100
routing is invoked and the primary route
to the Peer is unavailable. Default: 100%
* Max ETR The maximum allowed Egress Format: text box

Transaction Rate for this TTP.
Range: 100 - 250000
Default: 6000
Viewing Traffic Throttle Points

To view all traffic throttle points, select Diameter > Configuration > Traffic Throttle Points.
The Diameter > Configuration > Traffic Throttle Points page shows a list of configured traffic throttle
points. The fields are described in Diameter Traffic Throttle Point elements.
Adding Traffic Throttle Points

Use this task to create a new Traffic Throttle Point.
The fields are described in Diameter Traffic Throttle Point elements.
1. Select Diameter > Configuration > Traffic Throttle Points.
The Traffic Throttle Points page appears.
2. Click Insert.
The Traffic Throttle Points [Insert] page appears.
3. Enter a unique name for the Traffic Throttle Point in the Name field.


5. Click:
• OK to save the new Traffic Throttle Point and return to the Traffic Throttle Points page.
• Apply to save the new Traffic Throttle Point and remain on this page.
• Cancel to return to the Traffic Throttle Points page without saving any changes.
• The Name is not unique; it already exists in the system.
Editing Traffic Throttle Points

Use this task to edit an existing Traffic Throttle Point.
When the Traffic Throttle Pointts page opens, the fields are populated with the currently configured
values.
The Traffic Throttle Point Name cannot be edited.
The fields are described in Diameter Traffic Throttle Point elements.
2. Select the Traffic Throttle Point you want to edit.
3. Click Edit.
The Traffic Throttle Points [Edit] page appears.
5. Click:
• OK to save the changes and return to the Traffic Throttle Points page.
• Cancel to return to the Traffic Throttle Points page without saving any changes.
• The selected Traffic Throttle Point no longer exists; it has been deleted by another user.
Deleting Traffic Throttle Points

Use this task to delete Traffic Throttle Points.
The default Traffic Throttle Point can be edited, but cannot be deleted.
2. Select the Traffic Throttle Point you want to delete.
3. Click Delete.


4. Click:
• OK to delete the Traffic Throttle Point.
• Cancel to cancel the delete function and return to the Traffic Throttle Points page.
If Apply or OKis clicked and any of the following conditions exist, an error message appears:
• If you attempt to delete a TTP which is already being used in TTG.
Diameter Traffic Throttle Groups

A Traffic Throttle Group (TTG) is a set of TTPs that share a common Application ID. A TTG is used
for diverting transactions away from congested Route Groups (RGs). When a TTG is created and
enabled for service, traffic loss is aggregated for the TTPs assigned to the TTG. Transactions are diverted
away from congested RGs within a RL by assigning the TTG to a RG within a RL and assigning it a
Maximum Loss Percentage Threshold. When the routing application selects a RG from a RL that is
assigned an active TTG, it determines whether the TTG's Current Traffic Loss exceeds the RG's
Maximum Loss Percentage Threshold. If the threshold is exceeded, that RG is bypassed for routing
that transaction.
To make routing decisions at the Route List level it is necessary to aggregate some of the individual
TTP-level data into data that represents the entire Route Group. This summary data is a Traffic
Throttling Group (TTG). Only one parameter is summarized in the TTG:
• The calculated Loss % of the TTG. This is the weighted (by Max ETR) average of the % loss in the
available TTPs.
The routing application can use the congestion information in the TTGs to skip Route Groups in the
Route List that do not meet threshold criteria for their congestion status. A typical use for skipping
congested Route Groups is to prevent a routing application that cannot handle traffic due to congestion
from sending that traffic to a mate routing application that is already equally overloaded.
Note: Only TTGs that are configured locally can be administratively enabled or disabled by an SOAM.
A Shared TTG owned by another site must be disabled at the owning site.
You can perform the following actions for Traffic Throttle Groups:
• Filter the list of Traffic Throttle Groups to display only the desired Traffic Throttle Groups.
The default order is by Traffic Throttle Groups Name in ascending ASCII order.
• Click Insert.
The Traffic Throttle Groups [Insert] page appears. You can add a new Traffic Throttle Group. See
Adding Traffic Throttle Groups.
If the maximum number of Traffic Throttle Groups already exists in the system, an error message
is displayed.
• Select a Traffic Throttle Group Name in the list. Click Edit to display the Traffic Throttle Groups
[Edit] page and edit the selected Traffic Throttle Group.

See Editing Traffic Throttle Groups.

• Select a Traffic Throttle Group Name in the list, and click Delete to remove the selected Traffic
Throttle Group.
Diameter Traffic Throttle Groups elements

Table 39: Traffic Throttle Groups Elements describes the fields on the Diameter > Traffic Throttle Groups >
is read-only.
Table 39: Traffic Throttle Groups Elements
* Name A name of the Traffic Throttle Format: text box
Group
1 - 32 characters; cannot start with a digit
and must contain at least one alpha
Default: NA
* TTP TTPs associated with this TTG Format: pulldown list

Range: NA
Default: NA
* Application ID The Diameter Application ID Format: pulldown list

associated with this Traffic Throttle
Range: 1 - 32 characters; cannot start with
Group
a digit and must contain at least one alpha
Default: NA
Viewing Traffic Throttle Groups

To view traffic throttle groups, select Diameter > Configuration > Traffic Throttle Groups.
The Diameter > Configuration > Traffic Throttle Groups page appears showing a list of configured
traffic throttle groups. The fields are described in Diameter Traffic Throttle Groups elements.
Note: Shared Traffic Throttle Groups are shown here as well.
Adding Traffic Throttle Groups

Use this task to create a new Traffic Throttle Group.
The fields are described in Diameter Traffic Throttle Groups elements.
Note: When you select an Application Id to the Traffic Throttle Group, you are only allowed to select
the TTP whose application ID matches the application ID that of Traffic Throttle Group.

1. Select Diameter > Configuration > Traffic Throttle Groups.

The Traffic Throttle Groups page appears.
2. Click Insert.
The Traffic Throttle Groups [Insert] page appears.
3. Enter a unique name in the Name field.
5. Click:
• OK to save the new Traffic Throttle Group and return to the Traffic Throttle Groups page.
• Apply to save the new Traffic Throttle Group and remain on this page.
• Cancel to return to the Traffic Throttle Group page without saving any changes.
• The Name is not unique; it already exists in the system.
• The maximum number of TTGs has already been configured.
Editing Traffic Throttle Groups

Use this task to edit an existing Traffic Throttle Group.
When the Traffic Throttle Groups page opens, the fields are populated with the currently configured
values.
The Traffic Throttle Point Groups Name cannot be edited.
The fields are described in Diameter Traffic Throttle Groups elements.
2. Select the Traffic Throttle Point Group to edit.
3. Click Edit.
The Traffic Throttle Groups [Edit] page appears.
5. Click:
• OK to save the changes and return to the Traffic Throttle Groups page.
• Cancel to return to the Traffic Throttle Groups page without saving any changes.
• The selected Traffic Throttle Group no longer exists; it has been deleted by another user.
• If you attempt to update a TTG and mark it as shared, but the NOAM is not accessible.
• If you attempt to mark the shared TTG to non-shared when it is already being used by a Route
List configured on another DSR within this network.

Deleting Traffic Throttle Groups

Use this task to delete Traffic Throttle Groups.
2. Select the Traffic Throttle Group you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Traffic Throttle Group.
• Cancel to cancel the delete function and return to the Traffic Throttle Groups page.
• If you attempt to delete a TTG which is already being used in local Route List.
• If you attempt to delete a shared TTG when it is already being used by a Route List configured
on another DSR within this network.
• If you attempt to delete a shared TTG when the NOAM is not available.
Diameter AVP Removal Lists

The AVP Removal function allows you to specify which AVPs to remove. You can also exclude AVPs
on a specific Peer by specifying which AVPs and in what type of message (request or answer).
You can perform the following actions for AVP Removal Lists:
• Filter the list of AVP Removal Lists to display only the desired AVP Removal Lists.
The default order is by AVP Removal Lists in ascending ASCII order.
• Click Insert.
The AVP Removal Lists [Insert] page appears. You can add a new AVP Removal List. See Adding
AVP Removal Lists.
If the maximum number of AVP Removal Lists already exists in the system, an error message is
displayed.
• Select a AVP Removal List Name in the list. Click Edit to display the AVP Removal Lists [Edit]
page and edit the selected AVP Removal List.
See Editing AVP Removal Lists.
• Select a AVP Removal List Name in the list, and click Delete to remove the selected AVP Removal
List.
The default AVP Removal List can be edited, but cannot be deleted. See Deleting AVP Removal Lists.

Diameter AVP Removal Lists elements

Table 40: AVP Removal Lists Elements describes the fields on the Diameter > AVP Removal Lists >
is read-only.
Table 40: AVP Removal Lists Elements
* Name A name of the AVP Removal List Format: text box
Default: NA
* Direction Defines whether the AVP removal occurs Format: pulldown list
when the message is received from the
Range: Ingress Only, Egress Only,
peer node or whether the AVP removal
Egress & Ingress
occurs when the message, or both, is sent
to the peer node Default: Ingress Only
* Message Type Defines the type of message that AVP Format: pulldown list
removal will be applied to
Range: Request Only, Answer
Only, Answer & Request
Default: Request Only
AVP Removal List A list of one or more AVPs to be Format: multiple fields
removed from messages
Range: A list of one or more
AVPs to be removed from
requests.
Default: NA
AVP Code The 32-bit AVP Code, combined with the Format: text box
Vendor-ID field, identifies the attribute
Range: 32-bit Unsigned Integer
uniquely
Default: NA
AVP Name User-defined name associated with the Format: text box
AVP Code
Setting a value on this field is
option; informational only.
Vendor ID Vendors are allowed to add AVPs to the Format: text box
Diameter specification. Vendor-specific
Range: 32-bit Unsigned Integer
AVPs contains a Vendor-ID field
Default: 0

Vendor Name User-defined name associated with the Format: text box
Vendor-ID value
Setting a value on this field is
option; informational only.
Viewing AVP Removal Lists

To view all AVP Removal Lists, select Diameter > AVP Removal Lists.
The Diameter > AVP Removal Lists page appears showing a list of configured AVP Removal Lists.
The fields are described in Diameter AVP Removal Lists elements.
Adding AVP Removal Lists

Use this task to create a new AVP Removal List.
The fields are described in Diameter AVP Removal Lists elements.
1. Select Diameter > Configuration > AVP Removal Lists.
The AVP Removal Lists page appears.
2. Click Insert.
The AVP Removal Lists [Insert] page appears.
3. Enter a unique name in the Name field.
5. Click:
• OK to save the new AVP Removal List and return to the AVP Removal Lists page.
• Apply to save the new AVP Removal List and remain on this page.
• Cancel to return to the AVP Removal Lists page without saving any changes.
• The AVP Removal Lists Name is not unique; it already exists in the system.
Editing AVP Removal Lists

Use this task to edit an existing AVP Removal List.
When the AVP Removal Lists page opens, the fields are populated with the currently configured
values.
The AVP Removal List Name cannot be edited.
The fields are described in Diameter AVP Removal Lists elements


2. Select the AVP Removal List you want to edit.
3. Click Edit.
The AVP Removal Lists [Edit] page appears.
5. Click:
• OK to save the changes and return to the AVP Removal Lists page.
• Cancel to return to the AVP Removal Lists page without saving any changes.
• The selected AVP Removal List no longer exists; it has been deleted by another user.
Deleting AVP Removal Lists

Use this task to delete AVP Removal Lists.
2. Select the AVP Removal List you want to delete.
3. Click Delete.
4. Click:
• OK to delete the AVP Removal List.
• Cancel to cancel the delete function and return to the AVP Removal Lists page.
If OK is clicked and the selected AVP Removal List is referenced by any peer node, an error message
appears and the AVP Removal Lists is not deleted.
Diameter System Options

Diameter System Options can be viewed and set on the Diameter > Configuration > System Options
page.
Note: See Next Generation Network Priority Service (NGN-PS) for an overview of NGN-PS.
The following System Options are described in Diameter System Options elements:
• General Options
• The engineered message size allowed
• IPFE Connection Reserved Ingress MPS Scaling - % of DA-MP Engineered Ingress MPS used
by each DA-MP when validating the Reserved Ingress MPS for a newly received IPFE connection.

• The Redirect Answer Processing Enabled (or disabled)

• The Redirect Application Route Table
• The Redirect Peer Route Table
• The Encode FQDN in Lower Case behavior
• Alarm Threshold Options
• Available Alarm Budget
• Aggregation alarm thresholds for Fixed Connections, Floating (IPFE) Connections, Peer Nodes,
and Route Lists.
• Message Copy Options
• Message Copy Feature – Enabled, Disabled
• MP Congestion Level, at or above which Message Copy functions are disabled
Note: Options specific to Message Copy are configured in Message Copy Configuration Sets.
• Radius (Remote Authentication Dial In User Service) Connection Layer (RCL) UDP Options
• Client and server socket settings
• Maximum RADIUS UDP Sockets per DAMP
• Socket retry timer
• Priority Options
• Peer Discovery Options
• Realm expiration alarm times
• Priority Service Options
• NGN-PS Admin state
• Message priority for various message types
• AVP value identification
To open the Diameter > Configuration > System Options page, select Diameter > Configuration >
System Options.
On the Diameter > Configuration > System Options page, you can:
• Modify current System Options values, and click Apply to save the changes.
• Click Cancel to remove and not save any changes you have made.
• Click the General Options, Alarm Threshold Options, or Message Copy Options tab to access
those options.
• Work with Radius UDP Options.
• Work with Priority Options.
If Apply is clicked and the following condition exists, an error message is displayed:
• Any field has no value entered or has an entry that is not valid
Diameter System Options elements

Table 41: System Options Elements describes the fields on the System Options page.

Table 41: System Options Elements
Field Description Data Input Notes

General Options
Engineered Message Engineered message size of a Diameter message Format: numeric
Size Allowed (in bytes) allowed by the application.
Range: NA
This field is Read-Only; it cannot be changed.
Default: 8192
IPFE Connection Percentage of DA-MP Engineered Ingress MPS Format: numeric

Reserved Ingress MPS used by each DA-MP when validating the percentage
Scaling Reserved Ingress MPS for a newly received IPFE
Range: 30-100
connection. A newly received IPFE connection
will be rejected if the total Connection Reserved Default: 50%
Ingress MPS for Fixed and already established
IPFE connections would exceed the DA-MP's
Engineered Ingress MPS, scaled by this value.
This field is View-Only; it cannot be
user-configured.
Redirect Answer If checked, Redirect Notification Response Format: checkbox

Processing Enabled processing is enabled. If unchecked, Redirect
Range: Checked
Notification Response processing is disabled. If
(Enabled), Not checked
disabled, redirect notification responses are
(Disabled)
passed through to the downstream peer.
Default: NA
• Redirect notifications with
Redirect-Host-Usage equal to do not cache
are processed.
• Redirect notifications with no
Redirect-Host-Usage AVP are processed.
Redirect-Host-Usage not equal to do not cache
are forwarded to the downstream peer.
Redirect Application Application Route Table instance used to process Format: pull down list
Route Table a Redirected Request.
Range: NA
Note: If not configured, ART processing is
Default: NA
skipped, and if configured, the ART is searched
with the content of the Redirect Request message,
similar to an ingress request.
Redirect Peer Route Peer Route Table instance used to process a Format: pull down list
Table Redirected Request.
Range: NA
Note: If not configured, the PRT selection
Default: NA
process is identical to the ingress request.


Encode FQDN In Lower Determines whether or not FQDNs should be Format: radio button
Case encoded as configured or in all lower-case.
Range: Yes, No
Default: Yes
Alarm Threshold Options

Available Alarm Budget The number of alarms available Format: numeric
Range: 0-3000
Default: 3000 if no alarm
thresholds have been set
Fixed Connection Major Major threshold for aggregated Fixed Connection Format: numeric
Aggregation Alarm alarms per DA-MP. The Available Alarm Budget
Range: 1 to Available
Threshold is decremented by this value multiplied by the
Alarm Budget
number of configured DA-MPs.
Default: 100
Fixed Connection Critical threshold for aggregated Fixed Format: numeric

Critical Aggregation Connection alarms per DA-MP. This value is not
Alarm Threshold counted against the Available Alarm Budget.
Alarm Budget
Default: 200
IPFE Connection Major Major threshold for aggregated IPFE Connection Format: numeric
Aggregation Alarm alarms per NE. The Available Alarm Budget is
Threshold decrement by this value.
Alarm Budget
Default: 100
IPFE Connection Critical threshold for aggregated IPFE Format: numeric

Critical Aggregation Connection alarms per NE. This value is not
Alarm Budget
Default: 100
Peer Node Failure Critical threshold for aggregated Peer Node Format: numeric
Critical Aggregation Failure alarms per NE. The Available Alarm
Alarm Threshold Budgets decremented by this value
Alarm Budget
Default: 600
Route List Failure Critical threshold for aggregated Route List Format: numeric
Alarm Threshold Budget is decremented by this value
Alarm Budget
Default: 600
Message Copy Options


Message Copy Feature Enables the Message Copy Feature system wide Format: radio button
if this option is enabled.
Range: Enabled. Disabled
Default: Disabled
MP Congestion Level The MP congestion at or above which the Format: radio button
Message Copy function is disabled.
Range: CL1, CL2
Default: CL1
Radius UDP Options

Client Socket Send The socket send buffer size for outgoing UDP Format: numeric
Buffer Size messages sent to RADIUS servers
Range: 8000 - 5000000
bytes
Default: 126000
Client Socket Receive The socket receive buffer size for incoming UDP Format: numeric
Buffer Size messages received from RADIUS servers.
Range: 8000 - 5000000
bytes
Default: 126000
Server Socket Send The socket send buffer size for outgoing UDP Format: numeric
Buffer Size messages sent to RADIUS clients.
Range: 8000 - 5000000
bytes
Default: 1000000
Server Socket Receive The socket receive buffer size for incoming UDP Format: numeric
Buffer Size messages received from RADIUS clients.
Range: 8000 - 5000000
bytes
Default: 1000000
Maximum Open Maximum number of UDP Sockets that can be Format: numeric
RADIUS UDP Sockets opened on a DA-MP for sending messages to
Range: NA
per DA-MP RADIUS Connections.
Default: 2000
Server socket retry timer The time internal used to retry opening a UDP Format: numeric
socket which could not be opened.
Range: NA
Default: 10000 ms
Peer Discovery Options

Realm Expiration Minor Time, in hours before the expiration of a Format: numeric
Alarm Set Time dynamically-discovered Realm, at which a minor
Range: 0 - 168 hours
alarm is raised to indicate that the Realm
expiration is approaching. A value of zero means Default: 6


no minor alarm will be raised to alert of the
pending Realm expiration.
Realm Expiration Major Time, in hours before the expiration of a Format: numeric
Alarm Set Time dynamically-discovered Realm, at which a major
no major alarm will be raised to alert of the
General Options
Engineered Message Engineered message size of a Diameter message Format: numeric
Size Allowed (in bytes) allowed by the application.
Range: NA
This field is Read-Only; it cannot be changed.
Default: 8192
IPFE Connection Percentage of DA-MP Engineered Ingress MPS Format: numeric

Reserved Ingress MPS used by each DA-MP when validating the percentage
Scaling Reserved Ingress MPS for a newly received IPFE
Range: 30-100
connection. A newly received IPFE connection
will be rejected if the total Connection Reserved Default: 50%
Ingress MPS for Fixed and already established
IPFE connections would exceed the DA-MP's
Engineered Ingress MPS, scaled by this value.
This field is View-Only; it cannot be
user-configured.
Redirect Answer If checked, Redirect Notification Response Format: checkbox

Processing Enabled processing is enabled. If unchecked, Redirect
Range: Checked
Notification Response processing is disabled. If
(Enabled), Not checked
disabled, redirect notification responses are
(Disabled)
passed through to the downstream peer.
Default: NA
Redirect-Host-Usage equal to do not cache
are processed.
• Redirect notifications with no
Redirect-Host-Usage AVP are processed.
Redirect-Host-Usage not equal to do not cache
are forwarded to the downstream peer.
Redirect Application Application Route Table instance used to process Format: pull down list
Route Table a Redirected Request.
Range: NA
Note: If not configured, ART processing is
Default: NA
skipped, and if configured, the ART is searched
with the content of the Redirect Request message,
similar to an ingress request.


Redirect Peer Route Peer Route Table instance used to process a Format: pull down list
Table Redirected Request.
Range: NA
Note: If not configured, the PRT selection
Default: NA
process is identical to the ingress request.
Encode FQDN In Lower Determines whether or not FQDNs should be Format: radio button
Case encoded as configured or in all lower-case.
Range: Yes, No
Default: Yes
Alarm Threshold Options

Available Alarm Budget The number of alarms available Format: numeric
Range: 0-3000
Default: 3000 if no alarm
thresholds have been set
Fixed Connection Major Major threshold for aggregated Fixed Connection Format: numeric
Aggregation Alarm alarms per DA-MP. The Available Alarm Budget
Threshold is decremented by this value multiplied by the
Alarm Budget
number of configured DA-MPs.
Default: 100
Fixed Connection Critical threshold for aggregated Fixed Format: numeric

Critical Aggregation Connection alarms per DA-MP. This value is not
Alarm Budget
Default: 200
IPFE Connection Major Major threshold for aggregated IPFE Connection Format: numeric
Aggregation Alarm alarms per NE. The Available Alarm Budget is
Threshold decrement by this value.
Alarm Budget
Default: 100
IPFE Connection Critical threshold for aggregated IPFE Format: numeric

Critical Aggregation Connection alarms per NE. This value is not
Alarm Budget
Default: 100
Peer Node Failure Critical threshold for aggregated Peer Node Format: numeric
Alarm Threshold Budgets decremented by this value
Alarm Budget
Default: 600
Route List Failure Critical threshold for aggregated Route List Format: numeric
Alarm Threshold Budget is decremented by this value


Alarm Budget
Default: 600
Message Copy Options

Message Copy Feature Enables the Message Copy Feature system wide Format: radio button
if this option is enabled.
Default: Disabled
MP Congestion Level The MP congestion at or above which the Format: radio button
Message Copy function is disabled.
Range: CL1, CL2
Default: CL1
Radius UDP Options

Client Socket Send The socket send buffer size for outgoing UDP Format: numeric
Buffer Size messages sent to RADIUS servers
Range: 8000 - 5000000
bytes
Default: 126000
Client Socket Receive The socket receive buffer size for incoming UDP Format: numeric
Buffer Size messages received from RADIUS servers.
Range: 8000 - 5000000
bytes
Default: 126000
Server Socket Send The socket send buffer size for outgoing UDP Format: numeric
Buffer Size messages sent to RADIUS clients.
Range: 8000 - 5000000
bytes
Default: 1000000
Server Socket Receive The socket receive buffer size for incoming UDP Format: numeric
Buffer Size messages received from RADIUS clients.
Range: 8000 - 5000000
bytes
Default: 1000000
Maximum Open Maximum number of UDP Sockets that can be Format: numeric
RADIUS UDP Sockets opened on a DA-MP for sending messages to
Range: NA
per DA-MP RADIUS Connections.
Default: 2000
Server socket retry timer The time internal used to retry opening a UDP Format: numeric
socket which could not be opened.
Range: NA
Default: 10000 ms


Peer Discovery Options
Realm Expiration Minor Time, in hours before the expiration of a Format: numeric
Alarm Set Time dynamically-discovered Realm, at which a minor
no minor alarm will be raised to alert of the
Realm Expiration Major Time, in hours before the expiration of a Format: numeric
Alarm Set Time dynamically-discovered Realm, at which a major
no major alarm will be raised to alert of the
Priority Service Options
NGN-PS Admin State Defines whether the NGN-PS is enabled or not. Format: radio button
When set to Disabled, DSR does not provide
NGN-PS treatment to any messages.
Default: Disabled
Minimum Answer Defines the minimum priority assigned to ingress Format: pulldown list
Priority Answer messages. The priority is assigned based
Range: P1 - P4
on the maximum value for this attribute and the
priority of the original Request message. Default: P3
Note: This attribute is not user-configurable.
Minimum Inviolable Defines the minimum priority considered to be Format: pulldown list
Priority inviolable from a message priority treatment
Range: P3, P4
perspective.
Default: P3
A message with a priority greater than or equal
to this attribute value is not subject to congestion
controls.
Note: This attribute is not user-configurable.
Each DA-MP sets this value at start-up based
upon the setting of the NGN-PS Admin State
attribute value as follows:
• NGN-PS Admin State = Enabled: 4
• NGN-PS Admin State = Disabled: 3
NGN-PS Maximum Defines the maximum ingress NGN-PS message Format: textbox
Message Rate Percent that is supported (a percentage of the DA-MP
Range: 1 - 15%
message rate). NGN-PS traffic in excess of this
rate, is not considered to be inviolable. Default: 3%
NGN-PS Gx


NGN-PS Gx Admin Defines whether the NGN-PS is enabled or not Format: radio button
State for Gx messages. When set to Disabled, DSR
does not provide NGN-PS treatment to Gx
messages. Default: Disabled
Note: This attribute is superseded by the
NGN-PS Admin State attribute. If NGN-PS
Admin State is set to Disabled, no Gx messages
are provided NGN-PS treatment regardless of
the setting of this attribute.
NGN-PS Gx ARP Sets the priority level contained in Gx Messages Format: text box
in ARP AVP that can be treated as NGN-PS
Range: 1-5
messages.
Default: NA
Note: You can configure a maximum of 5
priority levels.
NGN-PS Gx Advance Determines the Access Network priority Format: radio button
Priority Type provided to an NGN-PS Subscribed UE. This
Range: None, Advance
affects the tagging of Gx CCR messages for
Priority SPR, and
NGN-PS treatment.
Advance Priority HSS
Default: NA
NGN-PS Rx
NGN-PS Rx Admin Defines whether the NGN-PS feature is enabled Format: radio button
State or not for Rx messages. When this attribute is set
to Disabled, DSR does not provide NGN-PS
treatment to Rx messages. Default: Disabled
Admin State is set to Disabled, no Rx messages
are provided NGN-PS treatment regardless of
the setting of this attribute.
NGN-PS Rx MPS AVP A Rx AAR message is considered a NGN-PS Format: text box
Value message candidate if it contains a MPS-Identifier
Range: NA
AVP whose value is identical to this string.
Default: NA
NGN-PS Cx/Dx
NGN-PS Cx/Dx Admin Defines whether the NGN-PS feature is enabled Format: radio button
State or not for Cx/Dx messages. When this attribute
is set to Disabled, DSR does not provide
NGN-PS treatment to Cx/Dx messages. Default: Disabled
Admin State is set to Disabled, no Cx/Dx


messages are provided NGN-PS treatment
regardless of the setting of this attribute.
NGN-PS Dh/Sh
NGN-PS Dh/Sh Admin Defines whether the NGN-PS feature is enabled Format: radio button
State or not for Dh/Sh messages. When this attribute
is set to Disabled, DSR does not provide
NGN-PS treatment to Dh/Sh messages. Default: Disabled
Admin State is set to Disabled, no Dh/Sh
messages are provided NGN-PS treatment
regardless of the setting of this attribute.
Viewing System Options

To view all systems options, select Diameter > Configuration > System Options.
The Diameter > Configuration > System Options page appears showing a list of configured system
options. The fields are described in Diameter System Options elements.
Editing System Options

Use this task to edit an existing System Options.
When the System Options page opens, the fields are populated with the currently configured values.
You cannot edit greyed out fields cannot be edited on the System Options tabs.
The fields are described in Diameter System Options elements.
1. Select Diameter > Configuration > System Options.
The System Options page appears.
2. Select the System Options tab you want to edit.
4. Click:
changes.
If Apply is clicked and any of the following conditions exist, an error message appears:
• If you attempt to update the System Options, and no Realm Expiration Minor Alarm Set Time
or Realm Expiration Major Alarm Set Time value is supplied.
• If you update the System Options and the Realm Expiration Minor Alarm Set Time and Major
Alarm Set Time are both non-zero, and the Major Alarm Set Time value is greater than the
Minor Alarm Set Time value.

Note: You can suppress the Realm Expiration alarm by supplying a value of zero. So, if the
Minor value greater than the Major value only applies if both values are non-zero.
another user.
Diameter DNS Options

The DNS Options page allows you to set the length of time the application waits for queries from the
Domain Name System (DNS) server. You can also provide an IP address for the primary and secondary
DNS server.
To open the Diameter > Configuration > DNS Options page, select Diameter > Configuration >
DNS Options.
The DNS Options fields are described in Diameter DNS Options elements.
On the Diameter > Configuration > DNS Options page, you can set the DNS Options values and
click:
• Apply to save the changes
• Cancel to remove and not save any changes
• The DNS Query Duration Timer field has no value
• The DNS Query Duration Timer value is not valid
• The Primary or Secondary DNS Server IP Address field value is not valid
• The Secondary DNS Server IP Address field has a value, but the Primary DNS Server IP Address
field is blank
• The Primary DNS Server IP Address field is blank and there is at least one Initiator Connection
without a Peer IP Address
Diameter DNS Options elements

Table 42: DNS Options Elements describes the fields on the Diameter > Configuration > DNS Options
page.
Table 42: DNS Options Elements
Field (* indicates
Primary DNS Server IP IP address of the primary DNS server. Format: valid IP address
Address

Field (* indicates
Secondary DNS Server IP address of the secondary DNS server. Format: valid IP address
IP Address
* DNS Query Duration The amount of time the application waits for Format: numeric
Timer queries to the DNS servers (in seconds).
Range: 1 - 4
Default: 2
Viewing DNS Options

To view all systems options, select Diameter > Configuration > DNS Options.
The Diameter > Configuration > DNS Options page appears showing a list of configured system
options. The fields are described in Diameter DNS Options elements.
Editing DNS Options

Use this task to edit an existing DNS Options.
The fields are described in Diameter DNS Options elements.
1. Select Diameter > Configuration > DNS Options.
The DNS Options page appears.
3. Click:
changes.
another user.
Diameter Peer Discovery

Peer Discovery (also know as Dynamic Peer Discovery [DPD]) allows an application to discover remote
hosts within user-defined Realms and configures all required GUI elements for successful routing of
diameter traffic between the signalling router and those remote hosts. This configuration is dynamic,
and no user input is required at the time the routing GUI elements are created.
In general, Peer Discovery configuration order is as follows:

• Peer Node
• CEXCfgSet
• Connection
• Route Group
• Route List
Note: This order is not guaranteed; in some configurations, variations associated with a particular
Application ID could alter this order.
For a Diameter router to route messages properly, target entity information is required. This includes
the network entity IP address, the transport protocol and ports that it uses to communicate, and what
Diameter application it supports. This information about a remote host is managed by the Peer Node
configuration. See Diameter Peer Nodes.
After a Peer Node is defined, one or more IP connections must be defined so that packets can be routed
between the diameter router and the Peer Node. Connections identify the parameters that define an
IP connection, and the CEX Configuration Set defines the Diameter Application IDs that the diameter
router is authorized to send and receive over the connection. When the diameter signalling router and
a diameter peer initially establish an IP connection between themselves, they negotiate the diameter
services that can be carried on that IP connection. That negotiation involves the exchange of supported
Diameter Application IDs.
For load balancing and redundancy purposes, multiple Peer Nodes that share certain characteristics
can be grouped together into Route Groups. The diameter router uses the routing algorithms of the
configured Route Groups and Route Lists when determining on which Connection to send a particular
Diameter message.
Peer Discovery allows you to work with:
• Realms (see Realms)
• DNS Sets (see DNS Sets)
• Discovery Attributes (see Discovery Attributes)
Realms
The Diameter > Configuration > Peer Discovery > Realms page displays the Realms GUI page.
See Realms Overview for more information.
On the Diameter > Configuration > Peer Discovery > Realms page, you can perform the following
actions:
• Filter the list of Realms to display only the desired Realms.
• Sort the list by a column, in ascending or descending order, by clicking the column heading. The
default order is by Realm Name in ascending ASCII order.
• Click Insert.
The Realms [Insert] page appears. You can add a new Realm. See Adding Realms.
If the maximum number of Realms already exists in the system, an error message is displayed.
• Select a Realm Name in the list, and click Edit to display the Realms[Edit] page and edit the selected
Realm. See Editing Realms.
• Select a Realm Name and click Delete to remove the selected Realm Name. See Deleting Realms.

Realms Overview
A realm is an internet domain whose Fully-Qualified Domain Names (FQDNs) typically all share a
domain designation. For example, example.com could be a Realm name, and the addressable hosts
in the Realm would have names like host1.example.com, host2.subdomain1.example.com, and so on.
In the diameter signaling space, an operator creates a realm name, then assigns FQDNs to all of the
computers that will transact diameter traffic. The number of computers in the Diameter Realm depends
on the number and type of diameter services the operator intends to support, as well as the expected
volume of diameter traffic. Typically, load-sharing and redundancy are major factors governing the
internal organization of a Diameter Realm.
The dynamic discovery of remote hosts is always undertaken within a single realm. Many realms can
be discovered dynamically, but the discovery of one realm is a process independent of that for all
other realms that are to be discovered.
Configuring Routing Information

Diameter signaling routers establish connections to Diameter Peers and route Diameter traffic to those
Peers only after all of the necessary routing configuration changes are manually entered into the DSR.
Specific configuration changes are user-initiated, either through the GUI or by importing configuration
changes by way of Bulk Import/Export (BIE).These configuration changes are static changes because,
once entered, they remain in place until you take action to modify or delete them.
DPD implies dynamic configuration changes. Instead of user-specified routing configuration changes,
the diameter signaling router learns about remote hosts and dynamically makes the necessary routing
configuration changes. The information discovered about remote hosts residing in any Diameter Realm
has a defined lifetime, a Time To Live (TTL). Therefore, realm-specific routing configuration made
dynamically to a diameter signaling router also has a defined lifetime, and under certain circumstances,
this dynamic routing configuration is automatically destroyed, and the Realm can be re-discovered;
all of this occurs without user interaction. Dynamic describes these diameter signaling router-initiated
routing configuration changes that are created and destroyed over time.
You should understand the difference between static and dynamic configuration with respect to DPD.
• Static configuration is necessary to set up and execute DPD
• Dynamic configuration results from a Diameter Realm having been successfully discovered
DPD setup and execution requires static configuration. The name of the Realm to be discovered, the
DNS server(s) that are used to get information about that Realm, and the necessary additional discovery
attributes are all statically configured by a user, to establish the input parameters governing the
discovery of a particular Diameter Realm. Assuming the discovery algorithm is successful, at least
one Peer Node and the Connection(s), CEX Configuration Set(s), Route Group(s), and Route List(s)
required to properly route Diameter traffic to the Peer Node(s) are dynamically added to the routing
configuration.
Creating Discoverable Realms

Any Diameter Realm that is to be discovered must first be made discoverable by a DNS administrator
who has knowledge of the hosts within the Realm and the services they provide. The Realm's DNS
administrator must set up a DNS zone file that contains all of the information about the Realm that
the administrator wants to make public. The DNS zone file resides on any of the Realm's DNS servers
that are expected to be queried about Realm services.

The routing application discovers the Realm by sending questions (DNS requests) to the Realm's DNS
server or servers. Depending on the answers, the routing application dynamically updates the
configuration. These answers are in the form of DNS Resource Records (RRs).
DPD relies on three DNS Resource Record types to obtain the information needed to dynamically
configure a Realm. The three types are, in the hierarchical order in which they are requested:
• Name Authority Pointer (NAPTR) Record - is a general-purpose DNS record that has uses beyond
Diameter
• Service Locator (SRV) Record - is another general-purpose DNS record that is used well beyond
Diameter signaling
• Address (A or AAAA) Record - is a DNS containing an IP address that can be used to reach the
host
Diameter Application IDs

Diameter Application IDs play a major role in the discovery of remote hosts. Diameter messages
contain information specific to a particular telecommunications signaling function, and these are
identified by Application ID. Nodes within a Diameter network are often set up to address certain
signaling functions, but not others. So the Diameter Application ID(s) that are supported by a remote
host are an important characteristic of that remote host. When configuring a Realm for discovery, you
can specify up to ten Application IDs.
Supported Protocols
Realm discovery depends on information from remote hosts within the Realm. The routing application
must discover what protocols can be used while communication with the host. Also important is the
list of locally-supported protocols, which are protocols that are supported by the routing application,
and thus could use when communicating with a remote host.
The full set of transport protocols that can be used when establishing Diameter connections is:
• TCP
• SCTP
• TLS
• DTLS
DNS Discovery
Realm discovery has two phases:
• DNS information for the Realm is retrieved and processed
• A NAPTR record is selected
• A single Diameter S-NAPTR record is selected for attempted resolution
• If a Realm's DNS information does not include any NAPTR records, the DSR may still be able
to learn something useful about the realm through the direct SRV query fallback mechanism.
• The routing application adds the needed configuration objects, based on the prioritized list of
remote hosts, to enable proper routing of Diameter traffic to the remote hosts in the Realm. This
only occurs after the routing application concludes that sufficient DNS information exists to route
Diameter traffic to at least one remote host within the Realm. Converting discovered DNS
information into a routing configuration can be a complex undertaking, and it depends entirely
on the discovered remote hosts, how many IP addresses each host exposes, the protocol(s) each

host supports, and the Application ID(s) each host supports. See Discovery Attributes, Diameter Route
Lists, and Diameter Route Groups.
Realm Expiration
DNS is designed such that every piece of DNS information has a defined lifetime. After this time
duration passes, the information is considered expired. In many cases, a particular piece of DNS
information might not change at all over very long periods of time, but in some cases, the information
can change, and users of that information are responsible for retrieving and acting on the updated
values.
There are potentially dozens of individual DNS resource records that are processed when discovering
a Realm, and each of those RRs has its own TTL value. The routing application distills those TTLs
down to a single Realm Expiration date/time, by taking the nearest-term TTL value from all of the
DNS RRs it processes during the Realm's discovery. From the routing application perspective, a Realm
expires after enough time passes that the first relevant DNS record expires. After one piece of
information becomes old, the entire Realm's discovered data is considered old. You can set or suppress
the pending expiration alarms.
DPD implements a couple of user-configurable pending expiration alarms, in order to notify users
that a Realm is approaching is expiration. The user configures each of these two alarms. The Realm
Expiration Minor Alarm Set Time, in hours, indicates how many hours before Realm expiration a
minor alarm should be raised. This value can be as large as 168 hours (one week) prior to Realm
expiration. The Realm Expiration Major Alarm Set Time, also in hours, indicates how many hours
before Realm expiration a major alarm should be raised. This value can be as large as 167 hours, and
must always be at least one hour shorter than the Minor Alarm Set Time, if the Minor Alarm Set Time
exists.
Peer Discovery Realms elements

Table 43: Realms Elements describes fields on the Realms page.
If a Realm name is configured and listed on the view screen, this does not mean that it will be subject
to Diameter peer discovery. Configured Realms displayed on this screen are candidates for DPD, and
the names shown on this screen become available on the Discovery Attributes page.
Table 43: Realms Elements

Realm Name Name of the Realm Format: Text box; case-insensitive string consisting of
a list of labels separated by dots, where a label may
contain letters, digits, dashes (-) and underscore (_). A
label must start with a letter, digit or underscore and
must end with a letter or digit. Underscores can be used
only as the first character. A label can be at most 63
characters long and a Realm can be at most 255
characters long.
Range: A valid realm.
Default: NA
Description A description of the realm Format: Text box; description of the realm.


Range: A valid string up to 255 characters.
Default: NA
Viewing Realms
Use this task to view a Peer Discovery Realm.
To view all Realms, select Diameter > Configuration > Peer Discovery > Realms.
The Diameter > Configuration > Peer Discovery > Realms page appears showing a list of configured
Realms. The fields are described in Peer Discovery Realms elements.
Adding Realms
Use this task to create a new Peer Discovery Realm.
The fields are described in Peer Discovery Realms elements.
1. Select Diameter > Configuration > Peer Discovery > Realms.
The Realms page appears.
2. Click Insert.
The Realms [Insert] page appears.
3. Enter a unique name in the Realm Name field.
5. Click:
• OK to save the new Realm Name and return to the Realms page.
• Apply to save the new Realm name and remain on this page.
• Cancel to return to the Realms page without saving any changes.
• The Realm Name is not unique; it already exists in the system.
Editing Realms
Use this task to edit an existing Peer Discovery Realm.
When the Realms page opens, the fields are populated with the currently configured values.
The Realm Name cannot be edited.
The fields are described in Peer Discovery Realms elements.
2. Select the Realm Name to edit.
3. Click Edit.

The Realms [Edit] page appears.

5. Click:
• OK to save the changes and return to the Realms page.
• Cancel to return to the Realms page without saving any changes.
• The selected Realm Name no longer exists; it has been deleted by another user.
Deleting Realms
Use this task to delete Peer Discovery Realms.
2. Select the Realm Name you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Realm Name.
• Cancel to cancel the delete function and return to the Realms page.
DNS Sets
The Diameter > Configuration > Peer Discovery > DNS Sets page displays the DNS Sets GUI page.
On the Diameter > Configuration > Peer Discovery > DNS Sets page, you can perform the following
actions:
• Filter the list of DNS Sets to display only the desired DNS Sets.
default order is by DNS Sets Name in ascending ASCII order.
• Click Insert.
The DNS Sets [Insert] page appears. You can add a new DNS Sets. See Adding DNS Sets.
If the maximum number of DNS Sets already exists in the system, an error message is displayed.
• Select a DNS Sets Name in the list, and click Edit to display the DNS Sets[Edit] page and edit the
selected Realm. See Editing DNS Sets.
• Select a DNS Sets Name and click Delete to remove the selected DNS Sets Name. See Deleting
DNS Sets.

Peer Discovery DNS Sets elements

Table 44: DNS Sets Elements describes fields on the DNS Sets View, Insert, Edit pages. Data Input Notes
apply only to the Insert and Edit pages; the View page is read-only.
This DNS Sets page shows all DNS Sets configured for potential Dynamic Peer Discovery.
Note: Although a DNS set is listed on the DNS Sets GUI page, this does not mean that it will be used
for DPD. Configured DNS sets displayed on this page are candidates for DPD; the DNS sets listed
here become available on the Discovery Attributes page. See Discovery Attributes.
Table 44: DNS Sets Elements

DNS Set Name Name of the DNS Set. Format: text box; case sensitive;
Range: 1 - 32 characters, cannot start
with a digit and must contain at least
one alpha
Default: NA
Primary DNS IP address of the primary DNS server. Format: valid IP address
Server IP
Range: 39 characters (The longest IPv6
Address
address that can be formed is 8 octets
of 4 characters (=32) plus seven colon
delimiters (=7), for a total of 39
characters.
Secondary DNS IP address of the secondary DNS server. Format: valid IP address
Server IP
Range: 39 characters (The longest IPv6
Address
address that can be formed is 8 octets
of 4 characters (=32) plus seven colon
delimiters (=7), for a total of 39
characters.
DNS Query Specifies how long the application waits for Format: numeric value
Timeout (sec) a response from the DNS server.
Default: 2
Number of Specifies how many times the application Format: numeric value
Retries retires if the DNA query times out.
Default: 2
Viewing DNS Sets

To view all DNS Sets, select Diameter > Configuration > Peer Discovery > DNS Sets.

The Diameter > Configuration > Peer Discovery > DNS Sets page appears showing a list of configured
DNS Sets. The fields are described in Peer Discovery DNS Sets elements.
If Edit is clicked and the selected DNS Set is not associated with one or more Discovery Attributes
instances, the DNS Sets [Edit] page is displayed.
If Edit is clicked and the selected DNS Set is associated with one or more administratively enabled
Discovery Attributes instances, an error code is displayed.
Adding DNS Sets

Use this task to create a new DNS Set.
The fields are described in Peer Discovery DNS Sets elements.
1. Select Diameter > Configuration > Peer Discovery > DNS Sets.
The DNS Sets page appears.
2. Click Insert.
The DNS Sets [Insert] page appears.
3. Enter a unique name in the DNS Set Name field.
5. Click:
• OK to save the new DNS Set name and return to the DNS Sets page.
• Apply to save the new DNS Set name and remain on this page.
• Cancel to return to the DNS Sets page without saving any changes.
• Any validation checks fail.
• The DNS Set Name is not unique; it already exists in the system.
• The maximum number of DNS Sets already exists in the system.
• The secondary IP address duplicates the primary IP address.
• The pair of IP addresses (primary/secondary) duplicates the pair already defined for another
DNS Set.
Note: Exchanging the primary and secondary IP addresses does not constitute a unique DNS
set.
Editing DNS Sets

Use this task to edit existing DNS Sets.
When the DNS Sets page opens, the fields are populated with the currently configured values.
The DNS Set Name cannot be edited.

The fields are described in Peer Discovery DNS Sets elements.

2. Select the DNS Set Name to edit.
3. Click Edit.
The DNS Sets [Edit] page appears.
5. Click:
• OK to save the changes and return to the DNS Sets page.
• Cancel to return to the DNS Sets page without saving any changes.
• The selected DNS Set Name no longer exists; it has been deleted by another user.
• The selected DNS Set Name is referenced by one or more administratively enabled Discovery
Attributes.
Note: You can edit an administratively disabled Discovery Attribute, because changing the
DNS Set attributes has no impact on active Realm discovery.
• The DNS Set Name is not unique; it already exists in the system.
• The maximum number of DNS Sets already exists in the system.
• The secondary IP address duplicates the primary IP address.
• The pair of IP addresses (primary/secondary) duplicates the pair already defined for another
DNS Set.
Note: Exchanging the primary and secondary IP addresses does not constitute a unique DNS
set.
Deleting DNS Sets

Use this task to delete DNS Sets.
The default DNS Set Name can be edited, but cannot be deleted.
2. Select the DNS Set you want to delete.
3. Click Delete.
Note: Deletion is only possible if all validation checks pass. If validation fails, an error code is
displayed.
4. Click:
• OK to delete the DNS Set.

• Cancel to cancel the delete function and return to the DNS Sets page.
If OK or Apply is clicked and the following condition exists, an error message appears:
• The selected DNS Set is referenced by one or more Discovery Attributes, the DNS Set is not
deleted.
Discovery Attributes
The Diameter > Configuration > Peer Discovery > Discovery Attributes page displays the Discovery
Attributes GUI page.
On the Diameter > Configuration > Peer Discovery > Discovery Attributes page, you can perform
the following actions:
• Filter the list of Discovery Attributes.
Note: You can filter up to four columns simultaneously by using the compound filter widget.
• Sort by a column, in ascending or descending order, by clicking the column heading.
• Click Insert.
The Discovery Attributes > [Insert] page appears. You can add a new Discovery Attribute.
If the maximum number of Discovery Attributes already exists in the system, an error message is
displayed.
• Select an attribute in the list, and click Edit to display the Discovery Attributes[Edit] page and
edit the selected attribute. See Editing Discovery Attributes.
• Select an attribute and click Delete to remove the selected item. See Deleting Discovery Attributes.
Peer Discovery Attributes elements

Table 45: Discovery Attributes Elements describes fields on the Discovery Attributes View, Insert, Edit
This Discovery Attributes page shows all Discovery Attributes configured for peer discovery.
Table 45: Discovery Attributes Elements

Realm Name Name of the Realm where Diameter Peers Format: pulldown list
are to be discovered.
Range: NA
Default: NA
DNS Set DNS server set used for Peer Discovery. Format: pulldown list
Default: -Select-
Local Node Local Node used to connect to all Peers Format: pulldown list
discovered within the Realm.
Range: NA


Default: Initiator & Responder
Connection Specifies the connection mode used for Peer Format: pulldown list
Mode discovery.
Range:
• Initiator Only indicates that all
connections to discovered Peers are
Initiator Only; the application
attempts to initiate connection to
these Peers.
• Initiator & Responder indicates that
all connections to discovered Peers
are of the type Initiator &
Responder; the application
attempts to initiate connection to
the discovered Peers as well as
listen for connection attempts from
these Peers.
Default: Initiator & Responder
Local Protocol If checked, this indicates that the local Format: checkbox
Preference protocol preferences specified for each
Override Application ID take precedence over the
protocol preferences discovered for each Default: Unchecked
Peer in the Realm.
Applications List of applications used for peer discovery.
CEX CEX parameters to be CEX Format: pulldown list
Parameters searched. You can specify up Parameters Range: Configured CEX
to ten parameters. . parameters
If no Vendor IDs are Default: -Select-
associated with the selected
CEX parameter, Additional
Supported Vendor IDs is
empty.
Note: Because each Realm can
have one to ten CEX
parameters, you must use the
plus (+) symbol to expand the
list. Sorting by any of the fields
associated with the CEX
parameter is not supported on
the view page.


Additional Vendor IDs, in addition to Additional Format: Selection list
Supported the one specified in the Supported Range: Vendor IDs
Vendor IDs CEX parameter list, which Vendor IDs configured for the
can be paired with the Application ID
Application ID.
Default: NA
Protocol If zero, the associated protocol Protocol Format: pulldown lists

Preferences is not used for connections to Preferences for TCP, SCTP, TLS, and
a discovered Peer. Values 1 - DTLS)
4 indicate the hierarchical Range: 0 - 4
local protocol preferences (1
Default: -Select-
is most preferred, 4 is least
preferred).
You can assign the same value
to more than one protocol.
Note: This selection is not
required if the Local Protocol
Preference Override checkbox
is unchecked on the view
page.
Max Num The maximum number of Max Num Format: numeric

Peers peers within the Realm that Peers Range: 1 - 3
are created for the selection
Default: 2
Application ID.
Max Num The maximum number of Max Num Format: numeric

Connections peers within the Realm that Connections Range: 1 - 64
are created spanning
Default: 2
discovered Peers that
support the associated
Application ID.
Local IP Specifies the local IP address to be used as Format: pulldown list

Address the Local Node address for all dynamic
Range:
connections made to Peers in this Realm.
Default:
Note: SCTP multi-homed connections to
discovered Peers are not supported.
IPFE Initiator Specifies the DA-MP that initiates the Format: pulldown list
DAMP dynamic connections.
Range:
Note: This is mandatory if the Local IP
Default:
Address is a Target Set address; otherwise
it is not applicable.


Connection Specifies the configuration set to be used Format: pulldown list
Configuration when dynamic connections are made to
Range: NA
Set Peers in this Realm.
Default: Default
Capacity Specifies the capacity configuration set to Format: pulldown list

Configuration be used by all dynamic connections made
Range: NA
Set to Peers in this Realm.
Default: Default
Realm Prefix Specifies the Realm prefix to be used as the Format: text box; case sensitive;
first portion of the name of all configuration alphanumeric and underscore
objects that are dynamically created by the
Range: 1 - 12 characters, cannot start
application as a function of Realm
with a digit and must contain at least
discovery.
one alpha
Range: NA
Default: Default
Viewing Discovery Attributes

To view all Discovery Attributes instances configured for potential Diameter Peer Discovery, select
Diameter > Configuration > Peer Discovery > Discovery Attributes.
Note: A Discovery Attributes instance refers to the complete set of parameters needed to configure
peer discovery for a single Realm.
The Diameter > Configuration > Peer Discovery > Discovery Attributes page appears showing a
list of configured Discovery Attributes.
You can select only a single Discovery Attributes instance at one time.
Each of the following fields is a hyperlink that displays the page associated with that item:
• DNS Set name
• Local Node name
• Capacity Configuration Set
Note: If all configured Realms have already been associated with Discovery Attributes instances
(which means that the maximum possible number of Discovery Attributes instances already exist),
Insert is not active. Edit and Delete are enabled only if the Discover Attribute instance is currently
administratively disabled.
Adding Discovery Attributes

Use this task to create new Discovery Attributes.
The fields are described in Peer Discovery Attributes elements.
1. Select Diameter > Configuration > Peer Discovery > Discovery Attributes.
The Discovery Attributes page appears.

2. Click Insert.
The Discovery Attributes [Insert] page appears.
3. Specify a unique name in the Realm Name field.
5. Click:
• OK to save the new Discovery Attributes and return to the Discovery Attributes page.
• Apply to save the new Discovery Attributes and remain on this page.
• Cancel to return to the Discovery Attributes page without saving any changes.
• The Connection Mode for a Realm being discovered is Initiator & Responder, and the Local
Node assigned to the Discovery Attributes instance does not have a Listen Port assigned to at
least one protocol.
Note: In order for any dynamically-created Connection to act in the role of Responder, a Listen
Port must be assigned for one or more protocols. If the Realm's Connection Mode is Initiator,
then Listen Ports do not have to be supplied.
• The Local Protocol Preference Override value is Yes, and the preference value for all protocols
associated with any configured Application Id is zero or is missing.
• Any required information is not unique; it already exists in the system.
• The maximum number of any of the discovery attributes already exists in the system.
Editing Discovery Attributes

Use this task to edit existing Discovery Attributes.
When the Discovery Attributes page opens, the fields are populated with the currently configured
values.
The Realm Name cannot be edited.
2. Select a row to edit.
3. Click Edit.
The Discovery Attributes [Edit] page appears.
5. Click:
• OK to save the changes and return to the Discovery Attributes page.

• Cancel to return to the Discovery Attributes page without saving any changes.
• The selected element no longer exists; it has been deleted by another user.
• The selected element is referenced by one or more administratively enabled Discovery Attributes.
Note: You can edit an administratively disabled Discovery Attribute, because changing the
DNS Set attributes has no impact on active Realm discovery.
• The Realm Name is not unique; it already exists in the system.
• The Connection Mode for a Realm being discovered is Initiator & Responder, and the Local
Node assigned to the Discovery Attributes instance does not have a Listen Port assigned to at
least one protocol.
Note: In order for any dynamically-created Connection to act in the role of Responder, a Listen
Port must be assigned for one or more protocols. If the Realm's Connection Mode is Initiator,
then Listen Ports do not have to be supplied.
• The Local Protocol Preference Override value is Yes, and the preference value for all protocols
associated with any configured Application Id is zero or is missing.
• The maximum number of a selected element already exists in the system.
Deleting Discovery Attributes

Use this task to delete Discovery Attributes.
2. Select the row you want to delete.
3. Click Delete.
Note: Deletion is only possible if all validation checks pass. If validation fails, an error code is
displayed.
4. Click:
• OK to delete the selected row.
• Cancel to cancel the delete function and return to the Discovery Attributes page.
• The selected Discovery Set instance is administratively enabled or the discovery state is Extend
or Rediscover.

Chapter
4
Diameter Maintenance
Topics: The Diameter > Maintenance pages display status

information for Route Lists, Route Groups, Peer
• Diameter Maintenance Overview.....265 Nodes, Connections, Egress Throttle Groups,
• Diameter Maintenance Route Lists.....265 diameter applications, and Diameter Agent Message
• Diameter Maintenance Route Groups.....266 Processors (DA-MPs).
• Diameter Maintenance Peer Nodes.....268 On the Diameter > Maintenance > Connections
• Diameter Maintenance Connections.....270 page you can enable and disable Connections.
• Diameter Maintenance Egress Throttle
Groups.....277
• Diameter Maintenance Applications.....284
• Diameter Maintenance DA-MPs.....286
• Diameter Maintenance Peer Discovery.....288
• Diameter Maintenance Traffic Throttle Points.292
• Diameter Maintenance Traffic Throttle
Groups.....294

Diameter User's Guide Diameter Maintenance
Diameter Maintenance Overview

The Diameter > Maintenance pages allow you to view the following information and perform the
following actions:
• On the Diameter > Maintenance pages you can view status information for Route Lists, Route
Groups, Peer Nodes, Connections, Egress Throttle Groups, diameter applications, and Diameter
Agent Message Processors (DA-MPs).
• On the Diameter > Maintenance > Connections page you can enable and disable Connections.
• On the Diameter > Maintenance > Applications page you can enable and disable diameter
applications.
Diameter Maintenance Route Lists

The Diameter > Maintenance > Route Lists page displays the Minimum Availability Weight and
Route Group assignments for configured Route Lists. You can also view the Priority, Active/Standby
assignments, Provisioned Capacity, Current Capacity, and the Status of Route Groups assigned to a
Route List.
This information can be used to determine if changes need to be made to the Peer Routing Rules Route
List assignments to better facilitate Diameter message routing. Additionally, this information is useful
for troubleshooting alarms.
On the Diameter > Maintenance > Route Lists page, you can perform the following actions:
• Filter the list of Route Lists to display only the desired Route Lists.
default order is by Route List Name in ascending ASCII order.
• Prevent the page from automatically refreshing by clicking the Pause updates check box.
Diameter Route List maintenance elements

Table 46: Route Lists Maintenance Elements describes fields on the Route Lists maintenance page.
Table 46: Route Lists Maintenance Elements
Field Description
Route List Name Name of the Route List.
Minimum Route Group Minimum Route Group availability weight for this Route List.
Availability Weight
Route Group Route Groups assigned to the Route List.

Field Description
MP Server Hostname Hostname of the Message Processor Server from which status is reported.
• For a Multiple Active DA-MP configuration, the MP Leader always
reports the Route List status
• For an Active/Standby DA-MP configuration, the Active DA-MP
reports the Route List status
Dynamic Indicates whether or not the element was created dynamically (YES) or
statically (NO). NO is assigned for all element instances, except for those
Priority Priority of each Route Group in the Route List.
Provisioned Capacity Capacity assignment for each Route Group in the Route List.
Current Capacity Current capacity available for each Route Group in the Route List.
Active/Standby A Route Group can be:
• Active: this is the Route Group that Diameter messages are actively
being routed to
• Standby: messages are not currently being routed to this Route Group,
unless the Active Route Group is unavailable and Route Across Route
Groups is enabled on the Route List
• Unk: information on this Route Group is not present in the database
Status Route List or Route Group status can be:

• Available: the available capacity of the Route Group is greater than
the Minimum Route Group Availability Weight
• Degraded: the available capacity of the Route Group is greater than
zero, but less than the Minimum Route Group Availability Weight
• Unavailable: the Route Group available capacity is zero
• Unk: status information is not available in the database
Time of Last Update Time stamp that shows the last time the status information was updated.
Viewing Route List status

Use this task to view the current status of configured Route Lists.
Select Diameter > Maintenance > Route Lists.
The Diameter > Maintenance > Route Lists page appears.
Diameter Maintenance Route Groups

The Diameter > Maintenance > Route Groups page allows you to view the Provisioned Capacity
and Available Capacity for Route Groups and to view information about Peer Nodes or Connections
assigned to a Route Group.


This information can be used to determine if changes need to be made to the Peer Node or Connection
assignments in a Route Group in order to better facilitate Diameter message routing. Additionally,
this information is useful for troubleshooting alarms.
On the Diameter > Maintenance > Route Groups page, you can perform the following actions:
• Filter the list of Route Groups to display only the desired Route Groups.
• Sort the list by Route Group Name, in ascending or descending order, by clicking the column
heading. The default order is ascending ASCII order.
• Click the + in any entry in the Peer Node/Connection field to view information about the Peer
Nodes or Connections in a Route Group.
• With an entry in the Peer Node/Connection field expanded, click the Peer Node or Connection
Name to go to the maintenance page for the Peer Node or Connection.
Diameter Route Group maintenance elements

Table 47: Route Group Maintenance Elements describes fields on the Diameter > Maintenance Route
Groups page.
Table 47: Route Group Maintenance Elements
Field Description
Route Group Name Name of the Route Group.
Peer Number and names of Peer Nodes or Connections in the Route Group.
Node/Connection
MP Server Hostname of MP server from which status is reported.
Hostname
• For a Multiple Active DA-MP configuration, the MP Leader always reports
the Route Group status
• For an Active/Standby DA-MP configuration, the Active DA-MP reports
the Route Group status
Dynamic Indicates whether or not the element was created dynamically (YES) or statically
(NO). NO is assigned for all element instances, except for those created via
Dynamic Peer Discovery.
Provisioned • For a Peer Route Group, the sum total of the Provisioned Capacity of all the
Capacity Peer Nodes in the Route Group.
• For a Connection Route Group, the sum total of the Provisioned Capacity
of all the Connections in the Route Group.
Provisioned Percent The percentage of capacity assigned to each Peer Node/Connection compared
to all Peer Nodes/Connections in the Route Group.
Available Capacity • For a Peer Route Group, the sum total of the Available Capacity of all the
Peer Nodes in the Route Group.
• For a Connection Route Group, the sum total of Available Capacity of all
the Connections in the Route Group.

Field Description
Available Percent The percentage of capacity the Peer Node/Connection currently has compared
to the total Available Capacity of all Peer Nodes/Connections in the Route
Group.
Peer Peer Node/Connection Status can be:
Node/Connection
• Available: the Available Capacity is greater than the minimum capacity
Status
• Degraded: the Available Capacity is greater than zero, but less than the
Provisioned Capacity
• Unavailable: the Available Capacity is zero
• Unk: status information is not available in the database
Time of Last Time stamp that shows the last time the status information was updated.
Update
Viewing Route Group status

Use this task to view the status of configured Route Groups.
Select Diameter > Maintenance > Route Groups.
The Diameter > Maintenance > Route Groups page appears.
Diameter Maintenance Peer Nodes

The Diameter > Maintenance > Peer Nodes page provides the operational status of Peer Node
connections, including a reason for the status.
On the Diameter > Maintenance > Peer Nodes page, you can perform the following actions:
• Filter the list of Peer Nodes to display only the desired Peer Nodes.
• Sort the list by a column, in ascending or descending order, by clicking the column heading (except
MP Server Hostname and Connection). The default order is by Peer Node Name in ascending
ASCII order.
• Click the + in any entry in the Connection field to view information about the Connections associated
with the Peer Node.
• With an entry in the Connection field expanded, click the Connection Name to go to the maintenance
page for the Connection.
Diameter Peer Node maintenance elements

Table 48: Peer Nodes Maintenance Elements describes fields on the Peer Nodes maintenance page.

Table 48: Peer Nodes Maintenance Elements
Field Description
Peer Node Name Name of the Peer Node.
MP Server Hostname Hostname of MP server from which status is reported.
For the Peer Node status:
• For a Multiple Active DA-MP configuration, the MP Leader always
reports the Peer Node status
• For an Active/Standby DA-MP configuration, the Active DA-MP reports
the Peer Node status
For Connection status (when the Connection field is expanded):
• Fixed (non-IPFE) Connections are always reported by the DA-MP that
hosts the Fixed Connection
• Owned IPFE Connections are always reported by the DA-MP that hosts
the established IPFE Connection
• Unowned IPFE Connections (ones that have been configured, but are
currently not assigned to a DA-MP by IPFE) are reported by the MP
Leader
Operational Status Peer Node Operational Status can be:
• Available: at least one Peer Node connection is available for routing
• Degraded: the Peer Node connection is not unavailable but it is not
operating as expected. The Operational Reason field provides additional
information on this status.
• Unavailable: all connections for a Peer Node are unavailable. The
Operational Reason field provides additional information on this status.
Operational Reason Reason for the Peer Node Operational Status. Information is also available
for each connection.
Connection Number and names of connections associated with the Peer Node.
Time of Last Update Time stamp that shows the last time the status information was updated.
Peer Node Group A group of Peer Nodes that share common characteristics and attributes.
Name This group is used by IPFE for Peer Node Group Aware connection
distribution.
Transaction Unique name of the Transaction Configuration Set.
Configuration Set
Name

Viewing Peer Node status

Use this task to view the current status of configured Peer Nodes.
Select Diameter > Maintenance > Peer Nodes.
The Diameter > Maintenance > Peer Nodes page appears.
Diameter Maintenance Connections

The Diameter > Maintenance > Connections page allows you to view information about existing
connections, including the operational status of each connection.
On the Diameter > Maintenance > Connections page, you can perform the following actions:
• Filter the list of Connections to display only the desired Connections.
default order is by Connection Name in ascending ASCII order.
• Click a Local Node to go the configuration page for the Local Node.
• Click a Peer Node to go to the maintenance page or the Peer Node.
• Click a Message Priority or Egress Message Throttling Configuration Set to go to the configuration
page for the Configuration Set.
• Enable connections.
• Disable connections.
• View statistics for an SCTP connection.
• Run diagnostics on a test connection.
For information about diagnostics reports, see Viewing, Printing, and Saving Diagnostics Tool Reports.
Diameter Connection maintenance elements

Table 49: Connections Maintenance Elements describes fields on the Connections maintenance page.
Table 49: Connections Maintenance Elements
Field Description
Connection Name Name of the Connection
MP Server Hostname Hostname of the MP server from which status is reported:
• Fixed (non-IPFE) Connections are always reported by the DA-MP that
hosts the Fixed Connection
• Established IPFE Connections are always reported by the DA-MP that
hosts the established IPFE Connection

Field Description
• Non-Established IPFE Connections (ones that have been configured, but
are currently not assigned to a DA-MP by IPFE) are reported by the MP
Leader
Admin State A Connection's administrative state can be:
• Enabled: the Connection is Enabled
• Disabled: the Connection is Disabled
• Unk: unknown; the state of the Connection is not available in the database
Connection Type Indicates the connection type (Diameter or (RADIUS).

Connection Mode Specifies the connection mode used for Peer discovery.
The Connection can have one of the following Connection Modes:
Initiator Only Indicates that all connections to discovered Peers are
Initiator Only; the application attempts to initiate
connection to these Peers.
Initiator & Indicates that all connections to discovered Peers are

Responder of the type Initiator & Responder; the application
attempts to initiate connection to the discovered Peers
as well as listen for connection attempts from these
Peers.
RADIUS Server Indicates that RCL can only receive RADIUS Request
messages and send RADIUS Response messages of the
Connection.
RADIUS Client Indicates that RCL can only send RADIUS Request
messages and receives RADIUS Response messages of
the Connection.
Operational Status A Connection's administrative state can be:

• Available: the Connection is available for routing
• Degraded: the Connection is not unavailable but it is not operating as
expected. The Operational Reason field provides additional information
on this status.
• Unavailable: the Connection is unavailable. The Operational Reason field
provides additional information on this status.
CPL The Connection Priority Level is the maximum of the following values:
• Operational Status (0=available; 3=degraded; 99=unavailable)
• Remote Busy Congestion Level (0-3)
• Egress Transport Congestion Level (0-4)
• Egress Message Rate Congestion Level (0-3)

Field Description
Operational Reason Reason for the Operational Status. The following reasons can occur:
• Disabled
• Connecting
• Listening
• Abnormal
• Disconnecting
• Proving
• Watchdog
• Remote Busy Congestion
• Egress Transport Congestion
• Egress Message Rate Congestion
• Normal
• Peer with reduced IP set
Local Node Local Node associated with the Connection

Local Port Specifies the local port used for Peer discovery.
IPFE Initiator DAMP The IPFE Initiator DA-MP for this connection.
Peer Node Peer Node associated with the Connection
Remote IP Addresses The IP address(es) of the Peer Node associated with the Connection
Remote Port The Listen Port of the Peer Node associated with the Connection
Local Initiate Port The Local Initiate Port associated with the Connection
Ingress Msgs Per A 30-second running average of the Ingress messages processed by the
Second Connection
Common Application A comma-separated list of Application IDs received in a Diameter CEA
IDs message, or a list of Application Names. The first 10 Application IDs received
in the CEA are listed.
Note: For local nodes, CEAs are sent in response to erroneous CERs.
Transport Congestion The amount of time spent at Egress Transport Congestion Levels 3, 2, and
Abatement Timeout 1 during Egress Transport Congestion Abatement
Remote Busy Usage Indicates which Request messages can be forwarded on this Connection
after receiving a DIAMETER_TOO_BUSY response from the Connection's
Peer.
Disabled The Connection is not considered to be BUSY after receiving
a DIAMETER_TOO_BUSY response. All Request messages
continue to be forwarded to (or rerouted to) this Connection.
Enabled The Connection is considered to be BUSY after receiving a
DIAMETER_TOO_BUSY response. No Request messages are
forwarded to (or rerouted to) this Connection until the
Remote Busy Abatement Timeout expires.

Field Description
Host The Connection is considered to be BUSY after receiving a
Override DIAMETER_TOO_BUSY response. Only Request messages
whose Destination-Host AVP value is the same as the
Connection's Peer FQDN can be forwarded to (or rerouted
to) this Connection until the Remote Busy Abatement
Timeout expires.
Remote Busy If Remote Busy Usage is Enabled or Host Override, this is the time period
Abatement Timeout in seconds that the Connection will be considered BUSY from the last time
a DIAMETER_TOO_BUSY response was received.
Message Priority Indicates the source of Message Priority for a Request message arriving on
Setting the Connection. Possible settings are:
• None - use the Default Message Priority Configuration Set
• Read from Request Message - read the Message Priority from the ingress
Request
• User Configured - Apply the user configured Message Priority
Configuration Set
Message Priority The Message Priority Configuration Set associated with the Connection
Configuration Set
Egress Message The Egress Message Throttling Configuration Set associated with the
Throttling Connection
Configuration Set
Egress Msgs Per The most recent Egress Message Rate on the Connection
Second
Test Mode Indicates if this is a Test Connection
PDUs to Diagnose For a test Connection currently undergoing diagnosis, this shows the number
of PDUs yet to be diagnosed.
Time of Last Update Time stamp that shows the last time the status information was updated
Viewing Connection status

Use this task to view the current status of configured connections.
Select Diameter > Maintenance > Connections.
The Diameter > Maintenance > Connections page appears.
Enabling Connections
Use the following steps to enable one or more connections.
1. Select Diameter > Maintenance > Connections.
2. Select 1 - 20 connections to enable.

To select multiple connections, press the CTRL key when selecting each connection. To select
multiple contiguous connections, click the first connection you want, then press the SHIFT key and
select the last connection you want. All the connections between are also selected.
3. Click Enable.
A confirmation box appears.
4. Click OK.
The selected connections are enabled.
If any of the selected connections no longer exist (they have been deleted by another user), an error
message is displayed, but any selected connections that do exist are enabled.
Enabling All Connections

Use the following steps to enable all connections that are displayed as result of the application of a
filter. If a filter is applied, then all connections that meet the filter requirements and that are currently
disabled will be enabled. If no filter is applied, then all currently disabled connections will be enabled.
2. Optionally, click Filter and add up to four filters to limit the number of connections displayed.
Click Go to apply the filter.
3. Click Enable All.
4. Click OK.
The connections are enabled.
message is displayed, but any selected connections that do exist are enabled.
Disabling Connections
Use the following steps to disable one or more connections.
2. Select 1 - 20 connections to disable.
To select multiple connections, press the CTRL key when selecting each connection. To select
multiple contiguous connections, click the first connection you want, then press the SHIFT key and
select the last connection you want. All the connections between are also selected.
3. Click Disable.
4. Click OK.
The selected connections are disabled.
message is displayed, but any selected connections that do exist are disabled.

Disabling All Connections

Use the following steps to disable all connections that are displayed as result of the application of a
enabled will be disabled. If no filter is applied, then all currently enabled connections will be disabled.
2. Optionally, click Filter and add up to four filters to limit the number of connections displayed.
Click Go to apply the filter.
3. Click Disable All.
4. Click OK.
The connections are disabled.
message is displayed, but any selected connections that do exist are disabled.
Viewing statistics for an SCTP connection

Use the following steps to view statistics for an SCTP connection.
2. Select an SCTP connection that has an Operational Status of Available or Degraded.
3. Click SCTP STATISTICS.
The Diameter > Maintenance > Connections > SCTP Statistics page appears.
Connections SCTP Statistics

The Diameter > Maintenance > Connections > SCTP Statistics page allows you to view statistics
about paths within an SCTP connection.
Each line on the Diameter > Maintenance > Connections > SCTP Statistics page represents a path
within an SCTP connection.
On the Diameter > Maintenance > Connections > SCTP Statistics page, you can do the following
actions:
• Filter the list of paths to display only the desired paths.
• Get information about the SCTP connection by clicking Info.
• Sort the list by IP Address, in ascending or descending order, by clicking the column heading. The
default order is ascending ASCII order.
• Refresh the statistics by clicking Update.
Diameter Connections SCTP Statistics elements
Table 50: Connections SCTP Statistics Elements describes fields on the Diameter > Maintenance >
Connections > SCTP Statistics page.

Table 50: Connections SCTP Statistics Elements
Field Description
Duplicate TSNs Received A duplicate TSNs received counter on a per SCTP connection basis.
Gap Acknowledgement Block An acknowledgment blocks received counter on a per SCTP
Received connection basis.
Retransmit Data Chunks Sent A retransmit data chunks sent counter on a per SCTP connection
basis.
Total Data Chunks Sent A total data chunks sent counter on a per SCTP connection basis.
IP Address The Peer Remote IP Address associated with the path
State Indicates whether the path is active or inactive
Congestion Window (cwnd) The maximum amount of data, in bytes, that can be sent before an
acknowledgment must be received
Smoothened Round Trip Time The round-trip time, in milliseconds, associated with the path,
(srtt) (ms) adjusted to remove sample-to-sample fluctuations
Retr. Timeout (rto) (ms) Retransmission timeout; the amount of time, in milliseconds, to
wait for an acknowledgment before declaring a transmission error
Path MTU (pmtu) Maximum transmission unit; the maximum data unit size, in bytes,
that can be sent on the path without fragmentation
Starting Diagnosis on a Test Connection

Use the following steps to start diagnosis on a test connection.
Note: This task is used primarily in lab environments to validate mediation rules, such as checking
and debugging ART, PRT, and mediation flows for request messages.
In practice, a test request message is put on a test connection, and the user observes DSR processing
in response to this message. The resulting report can be viewed on the GUI for analysis. The following
rules apply to this task:
• Reroute is not supported
• Error Answers are not generated
• If an Answer is received, it is discarded; it is not routed to the originator
2. Select a single connection with the following conditions:
• Admin State is Enabled
• Test Mode is YES.
• PDUs to Diagnose is 0
3. Click Diagnose Start.

4. Click OK.

The selected test connection is under diagnosis. The PDUs to Diagnose value is set to the maximum
diagnose PDU count.
If the selected connection no longer exists (it was deleted by another user), an error message is
displayed and the Diameter > Maintenance > Connections page is refreshed.
Ending Diagnosis on a Test Connection

Use the following steps to end diagnosis on a test connection.
2. Select a single connection with the following conditions:
• Admin State is Enabled
• Test Mode is YES.
• PDUs to Diagnose is greater than 0.
3. Click Diagnose End.

4. Click OK.
Diagnosis on the selected test connection is stopped. The PDUs to Diagnose value is set to 0.
If the selected connection no longer exists (it was deleted by another user), an error message is
displayed and the Diameter > Maintenance > Connections page is refreshed.
Diameter Maintenance Egress Throttle Groups

Egress Throttle Groups are used to perform 2 functions: Rate Limiting and Pending Transaction
Limiting. Each of the functions is independent of the other and can be optionally configured and
controlled separately.
Due to Egress Throttle Lists functionality, there is an additional maintenance parameter for Egress
Throttle Groups, Control Scope. If the Egress Throttle Group does not belong to an Egress Throttle
List, its Control Scope is ETG, which means that egress throttling is controlled by the ETG's
configuration data. If the Egress Throttle Group is associated with an Egress Throttle List, its control
scope can either be ETL, which means that egress throttling is controlled by the configuration data for
the ETL that contains the ETG, or ETG, where egress throttling is controlled by the configuration data
for the ETG. Under normal conditions the expected control scope for an ETG contained in an ETL
would be ETL. A control scope of ETG for an ETG contained by an ETL can be used for maintenance
transitions, such as when the ETG is being added or removed from the ETL.
Each function has an individual Control Scope State, as shown in Table 51: Egress Throttle Groups Control
Scope States.

Table 51: Egress Throttle Groups Control Scope States
Admin State Description

ETL Egress throttling for Rate Limiting and Pending Transaction Limiting is being
controlled by the ETL's configuration data.
ETG Egress throttling for Rate Limiting and Pending Transaction Limiting is being
controlled by the ETG's configuration data.
Each function has an individual Administration State (Enable/Disable) and Operational Status, as
shown in Table 52: Egress Throttle Groups Admin States.
Table 52: Egress Throttle Groups Admin States
Admin State Description

Enable ETG status monitoring is enabled for the function.
Disable ETG status monitoring is disabled for the function. All monitoring is stopped
in this state and alarms are cleared.
The Egress Throttle Group maintenance status is displayed on the Diameter > Maintenance > Egress
Throttle Groups GUI page. Egress Throttle Groups use the Leader sourcing method for reporting of
maintenance status. The Leader sourcing method is used because each DA-MP will have identical
status data; only the DA-MP Leader will report the maintenance status to the GUI. Table 53: ETG
Operational Status shows the ETG operational status.
Table 53: ETG Operational Status
ETG Operational
Status Description
Available ETG monitoring is active and Request throttling is not occurring for this ETG.
Degraded ETG monitoring is active and Request throttling is occurring for this ETG.
Some Requests may be getting throttled based on their Priority
Inactive ETG monitoring is inactive and Request Throttling is not occurring for this ETG.
The Operational Reason indicates why this ETG is Inactive.
When Operational Reason is Disabled the ETG is Inactive due to maintenance
actions.
When the Operational Reason is SMS Service Degraded or No DA-MP Leader
the ETG is Inactive due to a fault condition.
If either Rate Limiting or Pending Transaction Limiting Operational Status is Degraded, then the
Diameter Routing Function will throttle the Request messages according to highest severity. For
example, if Rate Limiting Operational Status is Congestion Level 1 and Pending Transaction Limiting
Operational Status is Congestion Level 2 , then the Diameter Routing Function will throttle Request
messages according to Congestion Level 2 (all Request messages with Priority 0 or 1 will be throttled).
As shown in Table 54: ETG Operational Reason.

Table 54: ETG Operational Reason
ETG Operational Description

Reason
Disabled ETG is Disabled due to maintenance actions.
Normal No Requests are getting throttled for this ETG for the function.
Congestion Level 1 Request throttling is happening for Requests with Priority 0.
Congestion Level 2 Request throttling is happening for Requests with Priority 0 and 1.
Congestion Level 3 Request throttling is happening for Requests with Priority 0, 1, and 1.
SMS Service ETG monitoring is Inactive due to "Degraded" status reported to the Diameter
Degraded Routing Function.
No DA-MP Leader ETG Monitoring is Inactive due to HA reporting No DA-MP Leader condition
to the Diameter Routing Function.
The Diameter > Maintenance > Egress Throttle Groups page provides the Operational Status of the
Egress Throttle Groups Rate Limiting and Pending Transactions Limiting functions, including an
Operational Reason for the status.
Egress Throttle Groups maintenance fields are described in Diameter Egress Throttle Groups maintenance
elements
If the column data is not present in the database, the columns for the Egress Throttle Group Name are
displayed as Unk.
On the Diameter > Maintenance > Egress Throttle Groups page, you can perform the following
actions:
• Filter the list of Egress Throttle Groups to display only the Egress Throttle Groups.
default order is by Egress Throttle Groups in ascending ASCII order.
• Select one or more (up to 20) Egress Throttle Groups records at a time.
• Enable Rate Limiting for up to 20 selected Egress Throttle Groups.
• Disable Rate Limiting for up to 20 selected Egress Throttle Groups.
• Enable Pending Transaction Limiting for up to 20 selected Egress Throttle Groups.
• Disable Pending Transactions Limiting for up to 20 selected Egress Throttle Groups.
• Prevent the page from automatically refreshing every 10 seconds, by clicking the Pause updates
check box.
Diameter Egress Throttle Groups maintenance elements

Table 55: Egress Throttle Groups Maintenance Elements describes fields on the Egress Throttle Groups
maintenance page.

Table 55: Egress Throttle Groups Maintenance Elements
Field Description
Egress Throttle Group Name Name of the Egress Throttle Group.
Egress Throttle List Name Name of optional Egress Throttle List that includes this Egress
Throttle Group.
Egress Throttle Control Scope Type of Egress Throttle Control Scope, either ETL for NOAM
managed egress throttling or ETG for SOAM managed egress
throttling
Rate Limiting Admin State Rate Limiting Admin State can be Enabled or Disabled.
Rate Limiting Operational Status Rate Limiting Operational Status can be:
• Available: at least one Egress Throttle Groups peer or connection
is available.
• Degraded: the Egress Throttle Groups peer or connection is not
unavailable but it is not operating as expected. The Rate Limiting
Operational Reason field provides additional information on
this status.
• Inactive: all connections for an Egress Throttle Group are
unavailable. The Rate Limiting Operational Reason field
provides additional information on this status.
• Unk: data is not available in the database.
Rate Limiting Operational Rate Limiting Operational Reason as corresponding to the Rate
Reason Limiting Operational Status:
• Available - Normal
• Degraded - Congestion Level 1, Congestion Level 2, Congestion
Level 3
• Inactive - SMS Service Degraded, No DA-MP Leader, Disabled
• Unk - Unk
The cell background color associated with value of Pending
Transaction Limiting Operational Reason is as follows:
• Disabled - normal/no special coloring
• Normal - normal/no special coloring
• SMS Service Degraded - red
• No DA-MP Leader - red
• Unk - red
• Congestion Level 1 - yellow
ETG Egress Request Rate The egress request rate to the Peers and Connections that are
members of the Egress Throttle Group.
ETL Egress Request Rate The egress request rate to the Peers and Connections that are
members of the ETL's component ETGs.

Field Description
Pending Transaction Limiting Pending Transaction Limiting Admin State can be Enabled or
Admin State Disabled.
Pending Transaction Limiting Pending Transaction Limiting Operational Status can be:
Operational Status
• Available: at least one Egress Throttle Groups peer or connection
is available.
• Degraded: the Egress Throttle Groups peer or connection is not
unavailable but it is not operating as expected. The Pending
Transaction Limiting Operational Reason field provides
additional information on this status.
• Inactive: all connections for an Egress Throttle Group are
unavailable. The Pending Transaction Limiting Operational
Reason field provides additional information on this status.
• Unk: data is not available in the database.
Pending Transaction Limiting Pending Transaction Limiting Reason as corresponding to the

Operational Reason Pending Transaction Limiting Operational Status:
• Available - Normal
• Degraded - Congestion Level 1, Congestion Level 2, Congestion
Level 3
• Inactive - SMS Service Degraded, No DA-MP Leader, Disabled
• Unk - Unk
The cell background color associated with value of Pending
Transaction Limiting Operational Reason is as follows:
• Disabled - normal/no special coloring
• Normal - normal/no special coloring
• SMS Service Degraded - red
• No DA-MP Leader - red
• Unk - red
Number of ETG Pending The combined number of ETG Pending Transactions for the Peers
Transactions and Connections of an ETG.
Number of ETL Pending The combined number of Pending Transactions for the Peers and
Transactions Connections of the ETL's ETGs.
Number of Active SMS The number of active SMS connections between the signaling
Connections/Number of routers with ETGs in the ETL/The number of required SMS
Required SDS Connections connections between diameter signaling routers with ETGs in the
ETL.
Time of Last Update Displayed as yyyy-month name-date hr:min:sec UTC.

Viewing Egress Throttle Groups status

Use this task to view the current status of configured Egress Throttle Groups.
Select Diameter > Maintenance > Egress Throttle Groups .
The Diameter > Maintenance > Egress Throttle Groups page appears.
Enabling Egress Throttle Groups Rate Limiting

Use the following procedure to Enable Egress Throttle Groups Rate Limiting.
The Egress Throttle Groups Rate Limiting Admin State of Egress Throttle Groups can be updated
irrespective of the Operational Status of the associated Peer Node Connections.
1. Select Diameter > Maintenance > Egress Throttle Groups.
2. Select at least 1, but no more than 20 Egress Throttle Groups to Disable.
To select multiple Egress Throttle Groups, press and hold the CTRL key when selecting each Egress
Throttle Group. To select multiple contiguous Egress Throttle Groups, click the first Egress Throttle
Group to be selected, then press the SHIFT key and select the last Egress Throttle Group to be
selected. All Egress Throttle Groups between are also selected.
3. Click Enable Rate Limiting.
a) A confirmation box appears if between 1 and 20 Egress Throttle Group Names are selected.
Click OK in the confirmation box to Enable the selected Egress Throttle Group Names.
Click Cancel in the confirmation box to cancel the Enable action. The Admin State of the selected
Egress Throttle Groups remains unchanged.
If OK is clicked and any of the following conditions exist, an error message appears:
• Any of the selected Egress Throttle Groups do not exist in the database.
• Any of the selected Egress Throttle Groups do not have Egress Throttle Groups Rate Limiting
configured.
b) An Alert Box is displayed if more than 20 Egress Throttle Group Names are selected.
Disabling Egress Throttle Groups Rate Limiting

Use the following steps to Disable Egress Throttle Groups Rate Limiting.
The Egress Throttle Groups Rate Limiting Admin State of Egress Throttle Groups can be updated
irrespective of the Operational Status of the associated Peer Node Connections.
3. Click Disable Rate Limiting.

a) A confirmation box appears if between 1 and 20 Egress Throttle Groups are selected.
Click OK in the confirmation box to Disable the selected Egress Throttle Groups.
Click Cancel in the confirmation box to cancel the Disable action. The Admin State of the selected
• Any of the selected Egress Throttle Groups do not have the Egress Throttling Groups Rate
Limiting configured.
b) An Alert Box is displayed if more than 20 Egress Throttle Groups are selected.
Enabling Egress Throttle Groups Pending Transaction Limiting

Use the following steps to Enable Egress Throttle Groups Pending Transaction Limiting.
The Egress Throttle Groups Pending Transaction Limiting Admin State of Egress Throttle Groups can
be updated irrespective of the Operational Status of the associated Peer Node Connections.
3. Click Enable Pending Transaction Limiting.
a) A confirmation box appears if between 1 and 20 Egress Throttle Group Names are selected.
Click OK in the confirmation box to Enable the selected Egress Throttle Group Names.
Click Cancel in the confirmation box to cancel the Enable action. The Admin State of the selected
• Any of the selected Egress Throttle Groups do not have Egress Throttling Groups Pending
Transaction Limiting configured.
Disabling Egress Throttle Groups Pending Transaction Limiting

Use the following steps to Disable Egress Throttle Groups Pending Transaction Limiting.
The Egress Throttle Groups Pending Transaction Limiting Admin State of Egress Throttle Groups can
be updated irrespective of the Operational Status of the associated Peer Node Connections.

3. Click Disable Pending Transaction Limiting.
a) A confirmation box appears if between 1 and 20 Egress Throttle Groups are selected.
Click OK in the confirmation box to Disable the selected Egress Throttle Groups.
Click Cancel in the confirmation box to cancel the Disable action. The Admin State of the selected
• Any of the selected Egress Throttle Groups do not have the Egress Throttling Pending
Transaction Limiting configured.
Diameter Maintenance Applications

The Diameter > Maintenance > Applications page allows you to view state and congestion information
about existing diameter applications and can enable and disable diameter applications.
Note: All applications can co-exist on the same system, and all applications can run on the same
Diameter agents. Application limitations can exist, and certain application combinations are not
supported. See DSR Software Installation and Configuration Procedure for more information.
If the MAP-Diameter InterWorking Function (IWF) is activated, you can view and configure items in
the Map Internetworking folder. After activation, all selectable MAP-Diameter IWF related menu
items are present on the SOAM and NOAM GUI, which allows full MAP-Diameter IWF configuration
and provisioning. By default, MAP Interworking is not activated.
On the Diameter > Maintenance > Applications page, you can perform the following actions:
• Filter the list of Applications to display only the desired Applications.
• Sort the list by column, in ascending or descending order, by clicking the column heading. The
default order is by Application Name in ascending ASCII order.
• Change the Admin State of a selected application to Enabled or Disabled on a selected MP server.
See Enabling Applications and Disabling Applications.
• Enable and disable the DM-IWF and MD-IWF applications.
See MAP-Diameter Interworking Function User's Guide for additional information.
Diameter Applications maintenance elements

Table 56: Applications Maintenance Elements describes fields on the Applications maintenance page.

Table 56: Applications Maintenance Elements
Field Description
Application Name Name of the application
MP Server Hostname Hostname of the Message Processorserver from which status is reported
Admin State Admin State of the application (Enabled, Disabled). The Admin State persists
over application restart and server reboot.
Operational Status Operational Status of the application (Unavailable, Available, or Degraded)
Operational Reason Operational Reason that is filled in by the application and extracted from
the database
Congestion Level Congestion Level of the application (Normal, CL1, CL2, CL3)
Time of Last Update Time stamp that shows when the application changed to the status shown
in Operational State
If the run-time data for Operational Status, Operational Reason, Congestion Level, and Time of Last
Status change is not present in the database, the data is displayed as Unknown.
Viewing Application status

Use this task to view the current status of configured applications.
Select Diameter > Maintenance > Applications.
The Diameter > Maintenance > Applications page appears.
Enabling Applications
Use this task to enable one or more applications.
Applications are enabled only on the MP server shown in the rows you select.
1. Select Diameter > Maintenance > Applications.
2. Select one or more applications to enable.
To select multiple applications, press the CTRL key when selecting each application. To select
multiple contiguous applications, click the first application you want, then press the SHIFT key
and select the last application you want. All the applications between are also selected.
3. Click Enable.
4. Click
• OK to enable the selected applications and bring the applications to the Available Operational
State.
• Cancel to return to the Diameter > Maintenance > Applications page without enabling the
applications.
If OK is clicked and an application no longer exists in the system (it was deleted by another user),
an error message is displayed and the Diameter > Maintenance > Applications page is refreshed.

Disabling Applications
Use this task to disable one or more applications.
Applications are disabled only on the MP servers shown in the rows you select.
1. Select Diameter > Maintenance > Applications.
2. Select one or more applications to disable.
To select multiple applications, press the CTRL key when selecting each application. To select
multiple contiguous applications, click the first application you want, then press the SHIFT key
and select the last application you want. All the applications between are also selected.
3. Click Disable.
4. Click
• OK to disable the selected applications and bring the applications to the Unavailable Operational
State.
• Cancel to return to the Diameter > Maintenance > Applications page without disabling the
applications.
If OK is clicked and an application no longer exists in the system (it was deleted by another user),
an error message is displayed and the Diameter > Maintenance > Applications page is refreshed.
Diameter Maintenance DA-MPs

The Diameter > Maintenance > DA-MPs page allows you to view state and congestion information
about Diameter Agent Message Processors.
On the Diameter > Maintenance > DA-MPs page, you can perform the following actions:
• Click the Peer DA-MP Status tab to view peer status information for the DA-MPs.
• Click the DA-MP Connectivity tab to view information about connections on the DA-MPs.
• Click the tab for an individual DA-MP to see DA-MP and connection status from the point-of-view
of that DA-MP.
If there are more tabs than fit on one page, click the left and right arrow buttons to scroll through
the tabs, or click the down arrow button to select a specific tab from a menu.
For detailed information about the fields displayed on the Diameter > Maintenance > DA-MPs page,
see Diameter DA-MPs maintenance elements.
For information about MP profiles, see Diameter Common User's Guide.
Diameter DA-MPs maintenance elements

Table 57: DA-MPs Maintenance Elements describes fields on the DA-MPs maintenance page.

Table 57: DA-MPs Maintenance Elements
Field Description
Peer DA-MP Status Tab
MP ID The numeric identifier of the reporting DA-MP server
MP Server Hostname The hostname of the reporting DA-MP server
# Peer MPs Available The number of peer DA-MPs whose status is available
# Peer MPs Degraded The number of peer DA-MPs whose status is degraded
# Peer MPs Unavailable The number of peer DA-MPs whose status is unavailable
MP Leader Indicates whether a DA-MP reports itself as MP Leader. The MP Leader
provides status information to the OAM for Route Lists, Route Groups,
and Peer Nodes, which are resources whose scope is beyond a single
DA-MP.
Note: If a configured DA-MP is not alive, the above fields will display Unk
DA-MP Connectivity Tab

MP ID The numeric identifier of the reporting DA-MP server
MP Server Hostname The hostname of the reporting DA-MP server
# Fixed Connections The number of configured Connections whose Primary IP Address is one
Configured (Max) of the fixed IP addresses assigned to the DA-MP. (Max) is the maximum
number of connections the DA-MP can have configured at one time.
# Fixed Connections The number of Connections whose operation status is available and whose
Established Primary IP Address is one of the fixed IP addresses assigned to the DA-MP.
# IPFE Connections The number of IPFE Connections owned by the DA-MP whose operation
Established status is available.
# Total Connections The total of Fixed and IPFE Connections established.
Established (Max)
Current Total The sum of the Maximum Ingress MPS settings for all fixed and IPFE
Connection Max Ingress connections currently established on the DA-MP.
MPS
Current Total The sum of the Reserved Ingress MPS settings for all fixed and IPFE
Connection Reserved connections currently established on the DA-MP. (Max) is the Engineered
Ingress MPS (Max) Ingress Message Rate value from the MP Profile associated with the DA-MP,
scaled by the value of the IPFE Connection Reserved Ingress MPS Scaling
system option.
Note: If a configured DA-MP is not alive, the above fields will display Unk
<MP Server Hostname> Tabs

The <MP Server Hostname> tabs show the status of each DA-MP peer as reported by the DA-MP
whose hostname appears on the tab.

Field Description
MP ID The numeric identifier of the peer DA-MP
MP Server Hostname The hostname of the peer DA-MP server
Status Peer DA-MP status. Possible settings are:
• Available - CPL=0
• Degraded - CPL=1,2,3
• Unavailable - CPL = 99
CPL Connection Priority Level (0,1, 2, 3, 99) of the configured peer DA-MP. This
overall value takes into account the following status:
• Operational Status of the ComAgent connection between the reporting
DA-MP and the peer DA-MP
• Congestion level of the peer DA-MP
• Status of the process running on the peer DA-MP
CPL Reason Reason for CPL setting. Possible settings are:

• Available - There is no MP-level impairment on the peer DA-MP
• MP Congestion - Indicates peer DA-MP is in congestion (CL1, CL2, or
CL3)
• Inter-MP Connection Unavailable - The ComAgent connection between
the reporting DA-MP and the peer DA-MP has an Operation Status of
Unavailable.
• Process Not Running - The process is not running on the peer DA-MP.
Viewing DA-MP status

Use this task to view the current status of configured Diameter Agent Message Processors.
Select Diameter > Maintenance > DA-MPs.
The Diameter > Maintenance > DA-MPs page appears.
Diameter Maintenance Peer Discovery

Peer Discovery (also know as Dynamic Peer Discovery [DPD]) allows an application to discover remote
hosts within user-defined Realms and configures all required GUI elements for successful routing of
diameter traffic between the signalling router and those remote hosts. This configuration is dynamic,
and no user input is required at the time the routing configuration elements are created.
The Diameter > Maintenance > Peer Discovery page allows you to view Peer Discovery information.
On the Diameter > Maintenance > Peer Discovery page, you can perform the following actions:
• Filter the list of Realm Names to display only the desired names.

• Sort the list by column, in ascending or descending order, by clicking the column heading. The
default order is by Realm Name in ascending ASCII order.
• Enable and disable Peer Discovery.
• Refresh and Extend Peer Discovery.
• Refresh the GUI page.
Diameter Peer Discovery maintenance elements

Table 58: Peer Discovery Maintenance Elements describes fields on the Peer Discovery maintenance page.
Table 58: Peer Discovery Maintenance Elements
Field Description
Realm Name Name of the Realm assigned to the Discovery Attribute instance.
Note: Any given Realm can only be configured for a single Mode (Initiator
Only or Initiator & Responder), so each configured Realm name should
appear just once in the list on the Peer Discovery Maintenance screen.
Mode The connection mode used for each Discovery Attribute instance.
Expires The date and time (in the locally-configured time zone) at which the Realm
discovery expires, for any Realm whose Operational Status is Discovered
or Expired; or the string "---" for any Realm whose Operational Status is
anything other than Discovered or Expired.
Admin State The current administrative state for each configured Discovery Attributes
instance.
Operational Status The current operational status for each configured Discovery Attributes
instance.
Operational Reason The current operational reason string for each configured Discovery
Attributes instance
Configured Peers The current number of Peer Nodes that are part of the DSR configuration
due to the dynamic peer discovery for the Realm.
Configured Connections The current number of Connections that are part of the DSR configuration
due to the dynamic peer discovery for the Realm.
Application Id The number of Application IDs, from the Discovery Attributes instance
configuration, for which at least one Peer Node has been successfully
identified.
Route List Displays a ~ in the field corresponding to the parent Realm row.
Note: For every Application ID for which at least one Peer Node is
configured, a single Route List will be listed. But the same Route List can
be associated with more than one Application ID, if the same set of Peer
Nodes supports multiple Application IDs.

Viewing Peer Discovery status

Use this task to view the current status of each Discovery Attributes instance.
Select Diameter > Maintenance > Peer Discovery.
The Diameter > Maintenance > Peer Discovery page appears.
Enabling Peer Discovery

Use this task to enable one or more Peer Discovery instances.
1. Select Diameter > Maintenance > Peer Discovery.
2. Select an instance to enable.
To select multiple instances, press the CTRL key when selecting each instance. To select multiple
contiguous instances, click the first instance you want, then press the SHIFT key and select the last
instance you want. All the instances between are also selected.
3. Click Enable.
4. Click
• OK to enable the selected instances.
• Cancel to return to the Diameter > Maintenance > Peer Discovery page without enabling the
applications.
If OK is clicked and an instance no longer exists in the system (it was deleted by another user), an
error message is displayed and the Diameter > Maintenance > Peer Discovery page is refreshed.
Disabling Peer Discovery

Use this task to disable one or more Peer Discovery instances.
2. Select a Peer Discovery instance to disable.
3. Click Disable.
4. Click
• OK to disable the selected instances.
• Cancel to return to the Diameter > Maintenance > Peer Discovery page without disabling the
applications.

Refreshing Peer Discovery

Use this task to refresh Peer Discovery instances.
2. Select a Peer Discovery instance to refresh.
3. Click Refresh.
4. Click
• OK to refresh (begin a new discovery sequence) the selected instances.
Note: After the software begins the new discovery sequence, the Admin State will transition
from Rediscover to Enabled. You might or might not not see the Rediscover state on the
DiameterMaintenancePeer Discovery page, depending on how long the transition takes and
where it occurs within the screen refresh cycle.
• Cancel to return to the Diameter > Maintenance > Peer Discovery page without refreshing
the Peer Discovery instances.
Extending Peer Discovery

Use this task to extend Peer Discovery instances.
2. Select a Peer Discovery instance to extend.
3. Click Extend.
4. Click
• OK to extend a new discovery sequence for the selected instances (associated with an expired
Realm). This adds one week to the Realm's expiration time.
• Cancel to return to the Diameter > Maintenance > Peer Discovery page without extending
the Peer Discovery instances.
Note: Configured Discovery Attributes instances cannot be edited unless they are administratively
disabled.

Diameter Maintenance Traffic Throttle Points

A TTP has two administrative states that let you enable/disable TTP throttling. The Throttling Admin
State is used to disable all throttling (both static and dynamic). When enabled, it automatically enables
Static ETR throttling and might or might not perform Dynamic ETR throttling/DOIC as that is
determined by the TTP's Dynamic Throttling Admin State.
Note: The TTP's Dynamic Throttling Admin State is not used to determine the TTP's Operational
Status value.
The Diameter > Maintenance > Traffic Throttle Points page allows you to view information about
and change the administrative state of TTP.
You can perform the following actions for Traffic Throttle Points:
• Filter the list of Traffic Throttle Points (individually or multiples).
The default order is by TTP in ascending ASCII order.
• Select a Traffic Throttle Point Name in the list.
You cannot change the TTP maintenance screen to change the Dynamic Throttling state to Disabled
to Enabled when Throttling state is Disabled.
You can change the TTP maintenance screen to change the Dynamic Throttling state from Enabled to
Disabled when Throttling state is Enabled.
TTP Throttling Admin State

When you change a TTP's Throttling Admin State is to Enabled:
• The routing instance starts sharing OTR data associated with the TTP with other DA-MP's within
the DSR Node.
• If the TTP's Dynamic Throttling Admin State is set to Enabled and the TTP's Peer Node Operational
Status is Available, the routing application starts sending a DCA to the Peer Node in all Request
messages associated with this TTP and processes DOIC AVPs received from the Peer Node.
• TTP's Operational Status/Reason are updated.
When you change a TTP's Throttling Admin State to Disabled:
• Stop any Maximum ETR Throttling associated with this TTP.
• Ignore the TTP's Maximum Loss Percent Threshold during routing decisions.
• Stop sharing OTR data associated with the TTP with other DA-MP's within the DSR Node.
• Abandon all dynamic throttling (functional equivalent to TTP's Dynamic Throttling State being
set to Disabled.
• The Current Loss Percent for all TTG's associated with this TTP will be recalulated.
• TTP's Operational Status/Reason are updated.

TTP Dynamic Throttling Admin State

The routing application ignores any changes to the TTP's Dynamic Throttling Admin State when the
TTP's Throttling Admin State is set to Disabled. When a TTP's Throttling Admin State is set to Enabled,
the routing application process changes to the TTP's Dynamic Throttling Admin State as follows:
• TTP's Dynamic Throttling Admin State changed from Disabled to Enabled.
• TTP's Dynamic Throttling Admin State changed from Enabled to Disabled.
Diameter Traffic Throttle Points Maintenance elements

Table 59: Traffic Throttle Points Maintenance Elements describes the fields on the Traffic Throttle Points
maintenance page.
Table 59: Traffic Throttle Points Maintenance Elements
Field Description
Name A name of the Traffic Throttle Point.
Throttling Admin State The static throttling administrative state.
Dynamic Throttling Admin State The dynamic throttling administrative state from the associated
Peer Node.
Operational Status Operational status for TTP ETR throttling.
Operational Reason Operational reason for each TTP. This provides additional
information for each Operational Status regarding the condition
is preventing the Operational Status from being available.
Abatement Algorithm Abatement algorithm that is currently being applied as a result
of receiving an OLR associated with the TTP (TTP's Operational
Reason = Peer Overload).
Current Loss Percentage (%) Loss rate (Reduction Percentage) currently being applied to the
traffic routed to a TTP based upon an OLR received from a DOIC
node. This value will be non-zero during TTP Overload
Recovery.
This field is updated when a new OLR is processed, when a
modify OLR changes this value and each time the DOIC
Overload Recovery timer expires.
Validity Duration DOIC Validity Duration value (in seconds) if an OLR is received
from a DOIC node.
Offered Transactions per Second The rate of transactions which are being routed to the TTP before
diversion is applied.
Max Egress Transactions per The maximum number of egress transactions allowed per second.
Second Allowed
Percent of Actions Diverted (%) The percentage of transactions which are being routed to the
TTP which are being diverted or abandoned.

Field Description
Target Egress Transactions per The target number of egress transactions which are allowed per
Second Allowed second.
Time until Loss=0 (sec) The time of day when the Current Loss Percent will be restored
to 0%.
Time of Last Update Time of most recent update.
Viewing Traffic Throttle Points status

Use this task to view the current status of configured Traffic Throttle Points.
Select Diameter > Maintenance > Traffic Throttle Points.
The Diameter > Maintenance > Traffic Throttle Points page appears.
Diameter Maintenance Traffic Throttle Groups

The Diameter > Maintenance > Traffic Throttle Groups page allows you to view information about
and change the administrative state of TTG.
You can perform the following actions for Traffic Throttle Groups:
• Filter the list of Traffic Throttle Groups (individually or multiples).
The default order is by TTG in ascending ASCII order.
• Select a Traffic Throttle Group Name in the list.
Diameter Traffic Throttle Groups elements

Table 60: Traffic Throttle Group Maintenance elements describes the fields on the Traffic Throttle Groups
maintenance page.
Table 60: Traffic Throttle Group Maintenance elements
Field Description
Name The internal identifier for the TTG attribute that this TTG Status
record is associated with.
Administrative Status The administrative status of the Traffic Throttle Group.
Note: This column displays a tilde character (~) for rows associated
with Remote TTGs.
Site Name Name of the site to which this TTG is owned and controlled.
Current Loss Percentage A weighted value for the TTPs assigned to the TTG.

Field Description
This field is updated when a new OLR is processed by a TTP
assigned to the TTG, and each time an OLR expires for a TTP
assigned to the TTG.
Note: This calculation is only made for TTGs assigned to the local
DSR Node. This value is shared with other DSR Nodes.
Time of Last Update Time of most recent update.
Viewing Traffic Throttle Groups status

Use this task to view the current status of configured Traffic Throttle Groups.
Select Diameter > Maintenance > Traffic Throttle Groups.
The Diameter > Maintenance > Traffic Throttle Groups page appears.
Enabling Traffic Throttle Groups

Use the following steps to enable one or more TTGs.
Note: When a TTG's Administrative State is Disabled, the TTG's Current Loss Percent value is ignored
when making routing decisions.
1. Select Diameter > Maintenance > Traffic Throttle Groups. The Administrative State defines
whether the TTG is active and can be applied to routing.
2. Select one or more TTGs to enable.
If you select one or more rows in the TTG maintenance screen that are associated with remote
TTGs, Enable and Disable are greyed out (disabled).
To select multiple TTGs, press the CTRL key when selecting each TTG. To select multiple contiguous
TTGs, click the first connection you want, then press the SHIFT key and select the last TTG you
want. All the TTGs between are also selected.
3. Click Enable. Enable is greyed out for TTGs associated with remote TTGs. You must deselect all
shared TTGs in order to enable the locally configured TTGs.
4. Click OK.
The selected (eligible) TTGs are enabled.
If any of the selected TTGs no longer exist (they have been deleted by another user), an error
message is displayed, but any selected TTGs that do exist are enabled.
If you attempt to delete a TTG where the Administrative State is Enabled, an error message is
displayed.
Enabling All Traffic Throttle Groups

Use the following steps to enable TTGs that are displayed as result of the application of a filter. The
list includes TTGs configured at the local SOAM, as well as Shared TTGs configured at other SOAM

server groups that are referred to by one or more Route Lists configured at the local SOAM. If a filter
is applied, then all TTGs that meet the filter requirements and that are currently disabled will be
enabled. If no filter is applied, then all currently disabled TTGs will be enabled.
To enable and disable individual and multiple TTGs, shared TTGs must be included.
Note: Shared TTGs cannot be enabled or disabled on another DSR (the GUI page buttons are inactive
for prohibited actions).
If you select one or more rows that are associated with remote TTGs, Enable and Disable are greyed
out. Enable and Disable are active only when the selected row or rows are associated with
locally-defined TTGs.
Note: Enable All and DisableAll are active regardless of the selected row state. If you select Enable
All or DisableAll, a window prompts you to enable or disable all locally configured TTGs, and a
message indicates that TTGs configured at other sites will not be enabled or disabled.
2. Optionally, click Filter and add up to four filters to limit the number of TTGs displayed. Click Go
to apply the filter.
3. Click Enable All.
A confirmation box appears to prompt you to enable or disable all locally configured TTGs, and a
note is displayed to indicate that TTGs configured at other sites will not be enabled/disabled.
4. Click OK.
The TTGs are enabled.
message is displayed, but any selected TTGs that do exist are enabled.
If the user chooses "enable all" or "disable all", a popup will prompt the user to
Disabling Traffic Throttle Groups

Use the following steps to disable one or more TTGs.
2. Select one or more TTGs to disable.
If you select one or more rows in the TTG maintenance screen that are associated with remote
TTGs, Enable and Disable are greyed out (disabled).
To select multiple connections, press the CTRL key when selecting each TTG. To select multiple
contiguous TTGs, click the first TTG you want, then press the SHIFT key and select the last TTG
you want. All the TTGs between are also selected.

3. Click Disable. Disable is greyed out for TTGs associated with remote TTGs. You must deselect all
shared TTGs in order to enable the locally configured TTGs.
4. Click OK.
The selected (eligible) TTGs are disabled.
message is displayed, but any selected TTGs that do exist are disabled.
Disabling All Traffic Throttle Groups

Use the following steps to disable all connections that are displayed as result of the application of a
enabled will be disabled. If no filter is applied, then all currently enabled connections will be disabled.
To enable and disable individual and multiple TTGs, shared TTGs must be included.
Note: Shared TTGs cannot be enabled or disabled on another DSR (the GUI page buttons are inactive
for prohibited actions).
If you select one or more rows that are associated with remote TTGs, Enable and Disable are greyed
out. Enable and Disable are active only when the selected row or rows are associated with
locally-defined TTGs.
Note: Enable All and DisableAll are active regardless of the selected row state. If you select Enable
All or DisableAll, a window prompts you to enable or disable all locally configured TTGs, and a
message indicates that TTGs configured at other sites will not be enabled or disabled.
1. Select Diameter > Maintenance > Trafffic Throttle Groups. The Administrative State defines
The Diameter > Maintenance > Trafffic Throttle Groups page appears.
2. Optionally, click Filter and add up to four filters to limit the number of TTGs displayed. Click Go
to apply the filter.
3. Click Disable All.
A confirmation box appears to prompt you to enable or disable all locally configured TTGs, and a
note is displayed to indicate that TTGs configured at other sites will not be enabled/disabled.
4. Click OK.
The TTGs are disabled.
message is displayed, but any selected TTGs that do exist are disabled.

Chapter
5
Diameter Reports
Topics: You can perform these tasks on an Active System

OAM (SOAM).
• Overview.....299
The Diameter Reports pages provide access to the
• Diameter Diagnostics Tool.....299
following reports:
• Diameter MP Statistics (SCTP).....301
• Diagnostics Tool reports
• MP Statistics (SCTP) reports

Diameter User's Guide Diameter Reports
Overview
The Diameter Reports GUI pages provide access to the following reports:
• Diagnostics Tool reports
The Diagnostics Tool provides the capability to test Mediation Rule Templates that are in Test or
Active state before they are subjected to live traffic in the network. A test message is injected into
the system on a connection that is in Test Mode (see Diameter Maintenance Connections). At various
tracepoints, the Diagnostics Tool logs the Rules that are applied, actions taken, and other diagnostic
information on a test message that is injected into the system. The Diagnostics Tool Reports can be
used to view the logged information for each test.
• MP Statistics (SCTP) reports
The MP Statistics (SCTP) Reports page displays the Message Processor (MP) SCTP statistics per
MP, for all MPs or for a selected set of MPs. Each row shows the statistics for one MP.
Diameter Diagnostics Tool

The Diagnostics Tool provides the capability to test Mediation Rule Templates that are in Test or
Active state before they are subjected to live traffic in the network.
The Rule Templates are tested for a message that is injected into a connection that is set to Test Mode.
A connection can be set to Test Mode only when it is created; an existing non-test connection cannot
be changed into a test connection. A maximum of two test connections can exist in the system at one
time.
All incoming messages on a test connection are marked as TestMode messages. When Diagnose Start
is clicked on the Diameter > Maintenance > Connections page, TestMode messages are sent on a test
connection that is selected, in Test Mode, and not Disabled.
At various trace points, the Diagnostics Tool logs the Rules that are applied, actions taken, and other
diagnostic information on a test message that is injected into the system. Reports are provided that
are based on the logs. Logging begins when Diagnose Start is clicked. The test can be stopped by
clicking Diagnose Stop on the Maintenance Connection page.
Use this task to generate Diagnostics Tool reports from the test logs.
1. Select Diameter > Reports > Diagnostics Tool.
The Diameter > Reports > Diagnostics Tool page appears.
2. Select zero records, or select one or more connection records under one or more connection names
in the Connection list.
• If zero records are selected, the report will include all available Diagnostics Tool data.
• If one or more records are selected, the report will include data for the selected test runs.
3. Click Report.
The Diameter > Reports > Diagnostics Tool [Report] page appears and displays the generated
report. You can save and print the report.

Viewing, Printing, and Saving Diagnostics Tool Reports

Use this task to view, print, and save reports that are generated from Diagnostics Tool test logs.
When Report is clicked on the Diameter > Reports > Diagnostics Tool page, a report is generated
for all available or the selected test records.
The report has two parts:
• Title Block
The Title Block contains the following information:
• <Application Name> Diagnostics Tool Report
• Report Generated: <time and date in UTC>
• From: <active/standby><server Role> on host <Hostname>
• Report Version: <application version>
• User: userid of the GUI user who generated the report>
• Section Block
One or more Section Blocks follow the Title Block. Each Section Block corresponds to one test run
on one connection.
Each section in a Section Block corresponds to reports for a test run. A section displays the following
header information:
• Report for <connection name>
• Test run begun: <timestamp when the test run was started>
Each message that was diagnosed in a test run is identified by a PDU ID. The log entries
corresponding to the message are reported in ascending order of the timestamp.
Each subsection has the following line as a header:PDU ID <pduId>. The heading is followed by
the zero or more lines of log entries corresponding to the PDU, in the following format:
<timestamp> <tracepoint name> : <log text>.
For example:
Report for Connection1

Test Run begun: Tue May 24 19:51:39 2011 UTC
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PDU ID 4
2011-May-16 10:46:10 UTC Tracepoint0 :Message Received
2011-May-16 10:49:51 UTC Tracepoint1 :Message Sent to DRL
................................................................................
PDU ID 5
2011-May-18 04:18:25 UTC Tracepoint0 : Message Received
................................................................................
1. To print the report, click Print.

A dialog box opens, allowing you to choose the printer to be used for printing the report.
2. To save the report, click Save.
A dialog box opens, allowing you to choose the location in which to save the report.

Diameter MP Statistics (SCTP)

The Diameter > Reports > MP Statistics (SCTP) page displays the Message Processor (MP) SCTP
statistics per MP, for all MPs or for a selected set of MPs. Each row shows the statistics for one MP.
The statistics are updated on the page each time Update is clicked. The counts are not refreshed
automatically.
The MP Statistics (SCTP) Report is described in MP Statistics (SCTP) report elements.
Use this task to update and view MP Statistics (SCTP) reports.
1. Select Diameter > Reports > MP Statistics (SCTP).
The Diameter > Reports > MP Statistics (SCTP) page appears.
2. Select the Scope of the report from the Scope pulldown list.
• To be able to select individual MPs, choose Server.
• To select all MPs in a Network Element, choose NE.
3. In the box on the right, list the MPs to be included in the report.
• To add a specific MP to the list on the right, so that its statistics will be shown in the report,
select the MP in the box on the left, and click Add.
Repeat this action for each specific MP that is to be listed in the report.
• To add all of the available MPs to the list on the right, click AddAll.
• To remove a specific MP from the report, select the MP in the box on the right, and click Remove.
The selected MP moves to the box on the left.
• To remove all of the listed MPs from the box on the right (to prepare to create a new list), click
RemoveAll. All of the MPs from the box on the right move to the box on the left.
4. When the list in the box on the right contains the MPs for the report, click Go.
The selected MPs and their statistics are listed in the columns of the report.
5. Click Update to display the current statistics for the listed MPs.
MP Statistics (SCTP) report elements

Table 61: MP Statistics (SCTP) Report Elements describes the fields for selecting MPs and the contents
of the columns on the Diameter > Reports > MP Statistics (SCTP) page.
Table 61: MP Statistics (SCTP) Report Elements

MP Selection
Scope Select Network Element or Server. All of the Format: pulldown list
selected MPs have the same Scope.
Range: NE, Server


Statistics for Left list is all available MPs or NEs, depending Format: List of all
on the selected Scope. MPs/NEs; list of
selected MPs/NEs
Right box is all MPs or NEs selected for the report.
Report Columns
Field Description
MP Hostname of the MP server from which status is reported
Current Established Current number of SCTP associations established
Established (Local Number of locally-initiated SCTP associations established
Initiated)
Established (Peer Number of peer-initiated SCTP associations established
Initiated)
Packets Rcvd Number of IP packets received. Each IP packet contains one or more SCTP
chunks.
Packets Sent Number of IP packets sent. Each IP packet contains one or more SCTP
chunks.
DATA chunks Rcvd Number of SCTP DATA Chunks received not including duplicates
(excluding Duplicates)
DATA chunk Sent Number of SCTP DATA Chunks sent not including duplicates
(excluding Duplicates)
Fast Retransmits Number of SCTP DATA Chunks retransmitted due to fast transmit rule
Retransmits Number of SCTP DATA Chunks retransmitted due to acknowledgment
timeout
CTRL chunk Sent Number of SCTP Control Chunks sent. A control chunk is one of: INIT,
INIT ACK, COOKIE ECHO, COOKIE ACK, SACK
CTRL chunks Rcvd Number of SCTP Control Chunks received. A control chunk is one of: INIT,
INIT ACK, COOKIE ECHO, COOKIE ACK, SACK
Fragmented User Number of SCTP User messages fragmented because message length
Messages exceeds path MTU
Reassembled User Number of SCTP User messages reassembled due to fragmentation
Messages
Aborted Number of ABORT messages received
Shutdown Number of SHUTDOWN messages received
Out of Blue Chunks Number of Out of the Blue messages received from an unknown peer
Rcvd
Checksum Error Number of SCTP Checksum Errors detected

Chapter
6
Troubleshooting with IDIH
The Diameter > Troubleshooting with DIH pages

allow you to manage the Integrated Diameter
Intelligence (IDIH) feature.
The IDIH feature allows you to capture detailed
information about selected DIAMETER transactions,
and transmit this information to IDIH for further
analysis. The integration of troubleshooting
capabilities provides a way to troubleshoot issues
that might be identified with the Diameter traffic
that transits the diameter routing program. These
troubleshooting capabilities can supplement other
network monitoring functions provided by the OSS
and network support centers to help to identify the
cause of signaling issues associated with
connections, peer signaling nodes, or individual
subscribers.
Use IDIH Diameter > Troubleshooting with DIH
pages to perform IDIH configuration and
maintenance tasks. See Integrated DIH User's Guide.

Chapter
7
Diameter AVP Dictionary
Topics: The AVP Dictionary function provides the ability

to work with Attribute-Value Pairs (AVPs) that are
• AVP Flags.....305 used by the Diameter Routing Function in making
• Base Dictionary.....305 decisions for routing messages to and from
• Custom Dictionary.....308 applications and for the Diameter Message Copy
• All-AVP Dictionary.....312 feature.
• Vendors.....315 You can perform these tasks on an Active System
OAM (SOAM).

Diameter User's Guide Diameter AVP Dictionary
AVP Flags
Table 62: AVP Flags Definitions describes the AVP flags on the AVP GUI pages.
Table 62: AVP Flags Definitions
Field Description Data Notes

Flags Setting indicator for AVP Flags: V, M, P, r3, r4, r5, r6, r7 Format: 3 buttons for
each flag
Flags V, M, and P are supported; r3, r4, r5, r6 and r7 are
reserved for future use. Range: Must, Must Not,
May be set for each flag
• V - Vendor-Specific; indicates whether the optional
Vendor-ID field is present in the AVP header. When
set, the AVP Code belongs to the specific vendor code
address space.
• M - Mandatory; indicates whether support of the AVP
is required. If an AVP with the M bit set is received by
a Diameter client, server, proxy, or translation agent
and either the AVP or its value is unrecognized, the
message MUST be rejected. Diameter Relay and Redirect
Agents MUST NOT reject messages with unrecognized
AVPs. AVPs with the M bit cleared are informational
only. A receiver of a message with an AVP that is not
supported, or whose value is not supported, can simply
ignore the AVP.
• P - Indicates the need for encryption for end-to-end
security. Diameter base protocol specifies which AVPs
must be protected by end-to-end security measures
(encryption) if the message is to pass through a Diameter
agent. If a message includes any of those AVPs, the
message must not be sent unless there is end-to-end
security between the originator and the recipient of the
message.
Base Dictionary
The Diameter > AVP Dictionary > Base Dictionary page allows you to view or clone the AVPs that
are familiar to the system (defined in the Base Diameter Standard and in Diameter Applications, such
as Diameter Credit Control Application and S6a interface). The cloning function allows you to edit
the base AVP and puts the modified AVP in Custom Dictionary. The AVPs in Custom Dictionary shall
supersede Base Dictionary AVPs.
The AVP Attribute Name, AVP Code, AVP Flag settings, Vendor ID, Data Type, and Protocol are
included in the AVP definition.
If the Data Type is Enumerated, the name of the Enumerated Type is also included.

If the Data Type is Grouped, the list of Grouped AVPs appears in the dictionary. A grouped AVP's
Data field is specified as a sequence of AVPs. Each of those AVPs can, in turn have the Data field
specified as a sequence of AVPs. This pattern of embedding AVPs inside AVPs can occur multiple
times.
Proprietary and additional standard AVP definitions can be added in the Custom Dictionary. See
Custom Dictionary.
Note: Custom Dictionary entries are not displayed on the Base Dictionary View page.
The AVP definitions in the Base Dictionary can be changed (overwritten) only by specifying them in
the Custom Dictionary with a different definition. The AVP Code, Vendor ID, and Attribute Name
must remain the same in the changed definition.
Note: AVP depth refers to the position of an AVP inside the Diameter message. All AVPs following
the header of the Diameter message are called Base AVPs, and the Base AVP position is counted as 1.
An AVP embedded immediately inside the Base AVP has a depth of 2. An AVP embedded immediately
inside an AVP with a depth of 2 has a depth of 3 and so on. See Diameter Mediation User's Guide.
AVP names that are defined in the dictionary can be used in creating Rule Templates and in provisioning
Rule Sets.
On the Diameter > AVP Dictionary > Base Dictionary page, you can perform the following actions:
• Filter the list to display only the desired entries. The Flags cannot be filtered.
• Sort the list entries in ascending or descending order in a column, by clicking the column heading.
The default order is by Attribute Name in alphabetical order. The Flags cannot be sorted.
• Select an AVP definition in the list, and click Clone AVP. The Diameter > AVP Dictionary >
Custom Dictionary [Insert] page appears. The detailed definition for the selected AVP is displayed.
Update the fields as needed. Click OK or Apply to save the custom AVP definition.
• Select an AVP definition in the list, and click View.
The Diameter > AVP Dictionary > Base Dictionary [View] page appears. The detailed definition
for the selected AVP is displayed. The fields are described in Diameter Base Dictionary elements.
Diameter Base Dictionary elements

Table 63: Base Dictionary Elements describes the fields on the AVP Dictionary > Base Dictionary
(view-only) page.
Table 63: Base Dictionary Elements

* Attribute Name Name of the AVP; the unique combination of Format: alphanumeric,
AVP Code - Vendor ID. underscore (_), and dash
(-).
* AVP Code AVP Code Format: numeric

Range: 0-4294967295


Flags Setting indicator for AVP Flags: V, M, P, r3, r4, Format: 3 buttons for
r5, r6, r7 each flag
Note: Flags V, M, and P are supported; r3, r4, r5, Range: Must, Must Not,
r6 and r7 are reserved for future use. May be set for each flag
See AVP Flags for flag definitions.
* Vendor-ID Vendor-ID Format: pulldown list

Vendors
* Data Type AVP data format Format: pulldown list

If the Data Type is Enumerated, the name of the Range: all available AVP
Enumerated Type is indicated in the dictionary. data formats
If the Data Type is Grouped, the list of grouped
AVPs is included in the dictionary.
Include AVP in the Include an AVP into the Grouped AVP Format: pulldown list,
group Add AVP and Delete
This field is active when the selected Data Type
AVP buttons
is Grouped.
Range: all available
AVPs from the Base
Dictionary and the
Custom Dictionary. If a
Base Dictionary entry
has been overwritten in
the Custom Dictionary,
only the Custom
Dictionary entry
appears in the list.
Protocol Protocol standard where the AVP is defined. Format: string

Range: up to 64
characters
Viewing a Base Dictionary entry

Use the following task to view a selected Base Dictionary AVP entry.
On the Diameter > AVP Dictionary > Base Dictionary page:
1. Select an AVP entry in the list.
2. Click View.
The Diameter > AVP Dictionary > Base Dictionary [View] page displays the attributes that are
configured for the selected AVP dictionary entry.
3. Click Cancel to return to the Diameter > AVP Dictionary > Base Dictionary page.

Cloning AVP entries

Use the following task to clone AVP entries.
The cloning function allows you to edit the base AVP and puts the modified AVP in Custom Dictionary.
The AVPs in Custom Dictionary supersede Base Dictionary AVPs.
Note: Templates or rules might already use an existing version of the AVP. If you clone an AVP that
is referred from a template or rule, you can only add a new sub-AVP to the grouped AVP; no other
changes are allowed. If the AVP is not used by any template or rule, you can make other modifications.
The cloning function is available from the following pages:
• Diameter > AVP Dictionary > Base Dictionary
• Diameter > AVP Dictionary > Custom Dictionary
• Diameter > AVP Dictionary > All-AVP Dictionary
To clone an existing AVP from the Diameter > AVP Dictionary > Base Dictionary, Diameter > AVP
Dictionary > Custom Dictionary, or Diameter > AVP Dictionary > All-AVP Dictionary page:
1. Select an AVP entry from the list.
2. Click Clone AVP.
The Diameter > AVP Dictionary > Custom Dictionary [Insert] page displays the attributes that
are configured for the selected AVP dictionary entry.
3. Make changes to the AVP elements and click OK to implement the changes and return to the
previous page, or click Apply to implement the changes and remain on the current page.
The cloned AVP is inserted into the AVP Dictionary list.
Custom Dictionary
The Diameter > AVP Dictionary > Custom Dictionary page displays all proprietary AVPs defined
by the operator in the system. Base Dictionary AVPs are not displayed in the Custom Dictionary list.
AVP names that are defined in the dictionary can be used in creating Rule Templates and in provisioning
Rule Sets.
The Attribute Name, AVP Code, AVP Flag settings, Vendor ID, Data Type, and Protocol must be
specified in the AVP definition.
If the Data Type is Enumerated, the name of the Enumerated Type is also included.
If the Data Type is Grouped, the list of Grouped AVPs appears in the dictionary.
The values for AVP definitions are described in Diameter Custom Dictionary elements.
The Diameter > AVP Dictionary > Custom Dictionary page allows the operator to:
• Add new proprietary AVPs and additional standard AVPs familiar to the system
• Overwrite AVP definitions in the Base Dictionary, by specifying them in the Custom Dictionary
with a different definition. The AVP Code, Vendor ID, and Attribute Name must remain the same
in the changed definition.

If the Attribute Name of an AVP appears in both the Base and Custom Dictionaries, the Custom
Dictionary definition is used when the AVP is selected in Rule Template Actions and Conditions.
• Clone AVPs.
On the Diameter > AVP Dictionary > Custom Dictionary page, you can perform the following actions:
• Filter the list to display only the desired entries. All column headings are supported in the filters
except the Flags.
• Sort the list entries in ascending or descending order in a column (except for Flags), by clicking the
column heading. By default, the AVPs are sorted by Attribute Name in alphabetical order.
• Click Insert.
The Diameter > AVP Dictionary > Custom Dictionary [Insert] page opens. You can add a new
AVP and its values.
If the maximum number of AVPs (1024) already exist in the system, the Diameter > AVP
Dictionary > Custom Dictionary [Insert] page will not open, and an error message is displayed.
• Select an AVP definition in the list, and click Edit.
The Diameter > AVP Dictionary > Custom Dictionary [Edit] page appears. The detailed definition
for the selected AVP is displayed. You can change the AVP definition except for the AVP Code,
Vendor ID, and Attribute Name.
• Select an AVP definition in the list, and click Delete to remove the selected AVP definition from
the dictionary.
• Select an AVP definition in the list, and click Clone AVP to clone the selected AVP definition.
Diameter Custom Dictionary elements

Table 64: Custom Dictionary Elements describes the fields on the Diameter > AVP Dictionary > Custom
Dictionary view, [Insert], and [Edit] pages.
Table 64: Custom Dictionary Elements

Attribute Name Name of the AVP; the unique combination of AVP Format: alphanumeric,
Code - Vendor Id. underscore (_), and dash
(-).
The field is required.
AVP Code AVP Code Format: numeric

The field is required. Range: 0-4294967295
Flags AVP Flags V, M, P, r3, r4, r5, r6, r7 Format: 3 buttons for each
flag
When the operator tries to modify the AVP flags
in the message, setting and clearing of the flag Range: Must, Must Not,
depends on the value defined in the dictionary. May for each flag
If the flag has a value Must be set or Must Not be
set, modifying of the flag is restricted accordingly.


If the flag has a value of May be set, the operator
can change the flag without any limitations.
Note: Flags V, M and P are supported; r3, r4, r5,
r6 and r7 are reserved for future use.
Vendor-ID Vendor-ID Format: pulldown list

The field is required. Range: all configured
Vendors
Data Type AVP Data Format Format: pulldown list

The field is required. Range: all available AVP
data formats
Include AVP in the Include an AVP into the Grouped AVP Format: pulldown list,
group (insert and edit Add AVP and Delete AVP
pages only) buttons
is Grouped.
Range: all available AVPs
To include another AVP in the Grouped AVP,
from the Base Dictionary
click Add AVP. A new row for AVP selection
and the Custom
appears.
Dictionary. If a Base
To remove an AVP from the Grouped AVP, click Dictionary entry has been
Delete AVP. overwritten in the Custom
Dictionary, only the
Custom Dictionary entry
appears in the list.

The field is required. Range: up to 64 characters
Adding a new AVP Dictionary entry

Use the following task to add a new AVP Dictionary entry to the Custom Dictionary or overwrite a
Base Dictionary AVP.
The attributes are described in Diameter Custom Dictionary elements.
1. Select Diameter > AVP Dictionary > Custom Dictionary.
The Diameter > AVP Dictionary > Custom Dictionary page appears.
The Diameter > AVP Dictionary > Custom Dictionary page will not open if the maximum number
of AVPs (1024) have already been created in the dictionary.
2. Click Insert.
The Diameter > AVP Dictionary > Custom Dictionary [Insert] page opens.
3. Enter the attribute values for the new AVP, or customize a Base Dictionary AVP by changing fields
except the Attribute Name, AVP Code, and Vendor-ID.

4. Click:
• OK to save the changes and return to the Diameter > AVP Dictionary > Custom Dictionary
page.
• Apply to save the changes and remain on the Diameter > AVP Dictionary > Custom Dictionary
[Insert] page.
• Cancel to return to the Diameter > AVP Dictionary > Custom Dictionary page without saving
any changes.
If OK or Apply is clicked and if a Base Dictionary entry is overwritten and the original entry is
used by any Rule Templates, the original entry is used until the application is restarted.
Changing an existing AVP Dictionary entry

Use the following task to change an existing Custom Dictionary AVP entry.
Note: Base Dictionary entries cannot be edited directly. To change a Base Dictionary entry, use the
Adding a new AVP Dictionary entry procedure to enter a new AVP in the Custom Dictionary that has
the same Attribute Name, AVP Code, and Protocol as the Base Dictionary entry that you want to
change. Enter different values for the attributes that you want to change.
The fields are described in Diameter Custom Dictionary elements.
2. In the list, select the entry to be changed, and click Edit.
The Diameter > AVP Dictionary > Custom Dictionary [Edit] page appears.
3. Change the available attributes as needed .
The Attribute Name, AVP Code, and Protocol cannot be changed.
4. Click:
• OK to save the changes and return to the Diameter > AVP Dictionary > Custom Dictionary
page.
• Apply to save the changes and remain on the Diameter > AVP Dictionary > Custom Dictionary
[Edit] page.
Cancel to return to the Diameter > AVP Dictionary > Custom Dictionary page without saving
any changes.
If the old version of the AVP is referred to by any Rule Template, the application must be restarted
to begin use of the changed AVP. The old version will be used until the restart is done.
Deleting an AVP dictionary entry

Use the following procedure to delete an AVP entry from the Custom Dictionary.
Note: The removal of Diameter Overload Indication Conveyance (DOIC) AVPs takes place at a peer
node level.

2. Select the Attribute Name of the AVP entry to be deleted.

3. Click Delete.
4. Click:
• OK to delete the AVP and return to the Diameter > AVP Dictionary > Custom Dictionary
page.
• Cancel to return to theDiameter > AVP Dictionary > Custom Dictionary page without deleting
the AVP.
When OK is clicked and any configured Rule Template or Rule Set refers to the AVP that is being
deleted, the AVP is not deleted and an error message appears.
Cloning AVP entries

2. Click Clone AVP.
All-AVP Dictionary
The Diameter > AVP Dictionary > All-AVP Dictionary page allows the operator to view all AVP
entries that are in the Base and Custom Dictionaries. The Base Dictionary entries are black and the

Custom Dictionary entries are blue. (The term AVP Dictionary refers to the combined contents of the
Base and Custom Dictionaries.)
Note: If a Base Dictionary AVP has been overwritten in the Custom Dictionary, only the Custom
Dictionary entry is shown in the All-AVP Dictionary list.
The list and the entries cannot be changed from this page.
Proprietary and additional standard AVP definitions can be added in the Custom Dictionary. See
Custom Dictionary.
The AVP definitions in the Base Dictionary can be changed (overwritten) by specifying them in the
Custom Dictionary with a different definition. The code, Vendor ID, and attribute name must remain
the same in the changed definition. See Base Dictionary and Custom Dictionary.
On the Diameter > AVP Dictionary > All-AVP Dictionary page, you can perform the following
actions:
• Filter the list to display only the desired entries.
• Sort the list entries in ascending or descending order in a column, by clicking the column heading
(except the flag headings).
• Select an AVP definition in the list, and click View.
The Diameter > AVP Dictionary > All-AVP Dictionary [View] page appears. The detailed
definition for the selected AVP is displayed (the definition cannot be changed on this page). The
definition elements are described in Diameter All-AVP Dictionary elements.
• Clone AVPs.
Diameter All-AVP Dictionary elements

Table 65: All-AVP Dictionary Elements describes the fields on the Diameter > AVP Dictionary > All-AVP
Dictionary and [View] pages.
Table 65: All-AVP Dictionary Elements

Attribute Name Name of the AVP; the unique combination of Format: alphanumeric,
AVP Code - Vendor Id. underscore (_), and dash
(-).
Dictionary Indicates where the AVP resides. Range: Base or custom

AVP Code AVP Code Format: numeric
Range: 0-4294967295
Flags AVP Flags V, M, P, r3, r4, r5, r6, r7 Format: 3 buttons for each
flag
Note: Flags V, M, and P are supported; r3, r4,
r5, r6 and r7 are reserved for future use. Range: Must, Must Not,
May for each flag


Vendor-ID Vendor-ID Format: pulldown list
Vendors
Include AVP in the Include an AVP into the Grouped AVP Format: pulldown list, Add
group (view page AVP and Delete AVP
only) buttons
is Grouped.
Range: all available AVPs
from the Base Dictionary
and the Custom Dictionary.
If a Base Dictionary entry
has been overwritten in the
Custom Dictionary, only
the Custom Dictionary
entry appears in the list.

Range: up to 64 characters
Viewing an existing All-AVP Dictionary entry definition

Use the following task to view a selected All-AVP Dictionary AVP entry definition. (The definition
cannot be changed on this page.)
1. Select Diameter > AVP Dictionary > All-AVP Dictionary.
The Diameter > AVP Dictionary > All-AVP Dictionary page appears.
2. Select an AVP entry in the list and click View.
The Diameter > AVP Dictionary > All-AVP Dictionary [View] page displays the attributes that
3. Click Cancel to return to the Diameter > AVP Dictionary > All-AVP Dictionary page.
Cloning AVP entries


2. Click Clone AVP.
Vendors
The Diameter > AVP Dictionary > Vendors page lists the Names and IDs of all Vendors made known
to the system.
Vendors are used in defining new Vendor-specific AVPs in the Custom Dictionary. See Custom
Dictionary.
On the Diameter > AVP Dictionary > Vendors page, you can perform the following actions:
• Filter the list of Vendors to display only the desired Vendors.
• Sort the displayed Vendors by ascending or descending Vendor ID or Vendor Name, by clicking
the column heading.
• Click Insert.
The Diameter > AVP Dictionary > Vendors [Insert] page opens. You can add a new Vendor. See
Adding a Vendor.
If the maximum number of Vendors (128) already exist in the system, the Diameter > AVP
Dictionary > Vendors [Insert] page will not open, and an error message is displayed.
• Select a Vendor row in the list, and click Edit.
The Diameter > AVP Dictionary > Vendors [Edit] page opens. You can edit the Vendor Name
for the selected Vendor. See Editing a Vendor Name.
The Diameter > AVP Dictionary > Vendors [Edit] page will not open if the selected Vendor is
used in any of the AVP definitions in the dictionary.
• Select a Vendor row in the list, and click Delete to remove the selected Vendor. See Deleting a
Vendor.
A Vendor cannot be deleted if it is used in any AVP definitions in the AVP Dictionary.
Diameter Vendors elements

Table 66: Vendors elements describes the fields on the Diameter > AVP Dictionary > Vendors View,
read-only.

Table 66: Vendors elements
Element Description Data Input Notes

Vendor-ID A number that identifies the Vendor. The Format: 32-bit integer
number must be unique within the Custom
Range: 1-4294967295
Dictionary.
The field is required.
Vendor Name Name of a Vendor that implements a Format: Character string

Vendor-Specific Diameter AVP.
A unique name is required in this field.
Viewing Vendors
The use of Mediation Vendors is described in Vendors.
To view all configured Vendors, select Diameter > AVP Dictionary > Vendors.
The Diameter > AVP Dictionary > Vendors page appears with a list of configured Vendors. The
fields are described in Diameter Vendors elements.
Adding a Vendor
The following procedure can be used to configure a new Vendor.
The fields are described in Diameter Vendors elements.
1. Select Diameter > AVP Dictionary > Vendors.
The Diameter > AVP Dictionary > Vendors page appears.
2. Click Insert.
The Diameter > AVP Dictionary > Vendors [Insert] page appears.
If the maximum number of Vendors (128) has already been configured in the system, the Diameter >
AVP Dictionary > Vendors [Insert] page will not open, and an error message will appear.
3. Enter a unique Vendor Name for the Vendor that is being added.
4. Enter a Vendor ID for the Vendor.
5. Click:
• OK to save the changes and return to the Diameter > AVP Dictionary > Vendors page.
• Apply to save the changes and remain on the Diameter > AVP Dictionary > Vendors [Insert]
page.
• Cancel to return to the Diameter > AVP Dictionary > Vendors [Insert] page without saving
any changes.
• The Vendor Name or Vendor ID contains any characters that are not valid or are out of the
allowed range

• The Vendor Name or Vendor ID is empty (not entered)

• The Vendor Name is not unique
Editing a Vendor Name

Use this procedure to change a Vendor Name.
The Vendor ID cannot be changed.
The Vendor Name cannot be changed if the Vendor is used in any of the AVP definitions in the
dictionary.
The fields are described in Diameter Vendors elements.
2. Select the Vendor Name to be changed.
3. Click Edit.
The Diameter > AVP Dictionary > Vendors [Edit] page appears.
4. Change the Vendor Name of the selected Vendor.
5. Click:
• OK to save the changes and return to the Diameter > AVP Dictionary > Vendors page
• Apply to save the changes and remain on the Diameter > AVP Dictionary > Vendors [Edit]
page.
• Cancel to return to the Diameter > AVP Dictionary > Vendors page without saving any
changes.
• The Vendor Name is not unique
• The Vendor Name contains characters that are not valid
Deleting a Vendor
Use the following procedure to delete a Vendor.
A Vendor cannot be deleted if the Vendor is used in any AVP definitions in the dictionary.
2. Select the row that contains the Vendor to be deleted.

3. Click Delete.
4. Click:
• OK to delete the Vendor.

• Cancel to cancel the delete function and return to the Diameter > AVP Dictionary > Vendors
page.
If the Vendor is used in any AVP definitions in the dictionary, the Vendor is not deleted and an
error message appears.

Chapter
8
Mediation
The Diameter > Mediation pages allow you to

manage the Mediation feature.
Diameter message mediation helps to solve
interoperability issues by using rules to manipulate
header parts and Attribute-Value Pairs (AVPs) in
an incoming routable message, when data in the
message matches some specified conditions at a
specified point of message processing. Tasks of the
if condition matches, then do some action type can
be solved in the most efficient way.
The Diameter Mediation feature extends the CAPM
(Computer-Aided Policy Making) framework to
allow for easy creation of Mediation rules for use
in 3G, LTE and IMS networks. Mediation Rule that
Templates are created to define the Conditions that
must be matched in a message and the Actions that
Use Diameter > Mediation pages to perform
Mediation configuration and maintenance tasks.
See Diameter Mediation User 's Guide.

Chapter
9
Diameter Shared Traffic Throttle Groups
Topics: Note: Shared Traffic Throttle Groups configuration

components must be viewed from the NOAM.
• Diameter Shared Traffic Throttle Groups
elements.....321 The Shared Traffic Throttle Groups GUI page shows
all TTGs defined as shared across the diameter
• Viewing Shared Traffic Throttle Groups.....321 routing network. TTGs can be shared between DSR
• Adding Shared Traffic Throttle Groups.....321 Nodes in the same network managed by a NOAM.
• Editing Shared Traffic Throttle Groups.....321 Thus, each TTG is uniquely identified by its DSR
• Deleting Shared Traffic Throttle Groups.....322 Node.
The following components can be viewed for Shared
Traffic Throttle Groups:
• Shared Traffic Throttle Group Name
• Site Name

Diameter User's Guide Diameter Shared Traffic Throttle Groups
Diameter Shared Traffic Throttle Groups elements

Table 67: Shared Traffic Throttle Groups elements describes the fields on the Diameter > Configuration >
Shared Traffic Throttle Groups page.
Any TTG configured at the local SOAM, and marked as shared is listed on the NOAM and available
for assignment to a Route List, Route Group, TTG association at any SOAM in the diameter routing
network.
This view-only GUI page is refreshed automatically.
Note: You control the View attribute for Shared Traffic Throttle Groups on the NOAM.
Table 67: Shared Traffic Throttle Groups elements
Field (* indicates a required field) Description

* Shared Traffic Throttle Group A name that uniquely identifies the Shared Traffic Throttle
Name Group.
Site Name A name that uniquely identifies the Shared Traffic Throttle
Groups site.
Viewing Shared Traffic Throttle Groups

To view all shared traffic throttle groups from the NOAM, select Diameter > Configuration > Shared
Traffic Throttle Groups.
The Diameter > Configuration > Shared Traffic Throttle Groups page appears with a list of configured
traffic throttle groups. The fields are described in Diameter Shared Traffic Throttle Groups elements.
Adding Shared Traffic Throttle Groups

To add (designate) a shared traffic throttle group on the SOAM, select Diameter > Configuration >
The Diameter > Configuration > Traffic Throttle Groups page appears. Use this page to work with
shared throttle groups. The fields are described in Adding Traffic Throttle Groups.
Editing Shared Traffic Throttle Groups

To edit a shared traffic throttle groups on the SOAM, select Diameter > Configuration > Traffic
Throttle Groups.

Diameter User's Guide Diameter Shared Traffic Throttle Groups
The Diameter > Configuration > Traffic Throttle Groups page appears. Use this page to work with
shared throttle groups. The fields are described in Editing Traffic Throttle Groups.
Deleting Shared Traffic Throttle Groups

To delete a shared traffic throttle group on the SOAM, select Diameter > Configuration > Traffic
Throttle Groups.
The Diameter > Configuration > Traffic Throttle Groups page appears with a list of configured
traffic throttle groups. Use this page to delete shared throttle groups. The fields are described in Deleting

Chapter
10
Diameter Topology Hiding
Topics: The following components can be configured for

Diameter Topology Hiding:
• Diameter Topology Hiding.....324
• Trusted Network Lists
• Trusted Networks Lists.....361
• Path Topology Hiding Configuration Sets
• Path Topology Hiding Configuration Sets.....364
• S6a/S6d HSS Topology Hiding Configuration
• S6a/S6d HSS Topology Hiding Configuration Sets
Sets.....368 • MME/SGSN Topology Hiding Configuration
• MME/SGSN Topology Hiding Configuration Sets
Sets.....374 • S9 PCRF Topology Hiding Configuration Sets
• S9 PCRF Topology Hiding Configuration • S9 AF/pCSCF Topology Hiding Configuration
Sets.....380 Sets
• S9 AF/pCSCF Topology Hiding Configuration • Protected Networks
Sets.....385
You can perform these tasks on an Active Network
• Protected Networks.....391 OAM&P (NOAM).

Diameter User's Guide Diameter Topology Hiding

Diameter messages contain sensitive information such as addresses of entities from a Diameter Network
or the number of such entities. Therefore, an operator may choose to hide this information in order
to minimize the risk of attacks and to be able to perform changes to the internal network at will.
Topology Hiding (TH) is based upon the relationships between Diameter Networks. A Diameter
Network is identified by a Realm. The Diameter Network from which a message was initiated is
defined in its Origin-Realm AVP. The intended Diameter Network destination of the message is
defined in its Destination-Realm AVP. Both of these AVPs are mandatory parameters in all Diameter
messages.
For the purpose of discussing network relationships, a network can be defined as one of the following
types:
• Protected Network - A network whose topology information must be protected when messages
are exchanged with Untrusted Networks. A network trustor non-trust relationship is always viewed
from the perspective of a Protected Network. For example, if Networks N1 and N2 are Protected
Networks, it's acceptable for Network N1 to trust Network N2 while Network N2 does not trust
Network N1. If this asymmetric relationship exists, then the topology information of N1 will not
be protected from N2 but the topology information of N2 will be protected from N1.
• Trusted Network - A network that a particular Protected Network trusts; no information from that
Protected Network will be hidden or modified when forwarded to a Trusted Network.
• Untrusted Network - A network that a particular Protected Network does not trust; topology-related
information from that Protected Network will be hidden or modified when forwarded to an
Untrusted Network.
Topology Hiding involves hiding topology-related information in messages sent from a Protected
Network to an Untrusted Network, as well as restoring the topology-related information in messages
from an Untrusted Network. The restoral process can occur during the same Diameter transaction or
can occur on subsequent unrelated Diameter transactions. The following Topology Hiding techniques
are supported:
• Topology information hiding
• Host identity hiding – Hiding the identity of any host (embedded in a Diameter message) that
is a member of a Protected Network when a message is originated by any Diameter node in a
Protected Network to any Diameter node that is a member of a network that is Untrusted by
that Protected Network. Techniques for address hiding include encryption and replacing an
Actual Hostname with a Pseudo Hostname.
• Number of Hosts hiding – A method that prevents the Untrusted Network from deducing how
many hosts are members of a Protected Network based upon the content of messages that the
Untrusted Network receives from the Protected Network. Techniques for Number of Hosts
hiding include replacing Protected Network host names with a single Pseudo Hostname for
the Protected Network, and replacing Protected Network host names with randomly generated
Pseudo Hostnames. The second technique is used when a message sent from the Untrusted
Network to the Protected Network contains one or more Pseudo Hostnames that must be
mapped back to the Actual Hostnames for purposes such as message routing. Mapping of
Pseudo-to-Actual Hostnames may occur during a transaction Request/Answer message exchange
or may need subsequent Untrusted Network initiated transactions to the Protected Network.

• Topology information restoral - When an Actual Hostname is replaced by a Pseudo Hostname, it

is many times necessary to replace the Pseudo Hostname with the Actual Hostname in the following
cases:
• When an Answer message response for a Diameter transaction is returned from the Untrusted
Network, a Diameter node that is receiving the Answer response associated with a Diameter
transaction for which Topology Hiding occurred is expecting to see the Actual Hostname, not
a Pseudo Hostname, in the Answer message.
• When a new Diameter transaction is initiated from the Untrusted Network to the Protected
Network, an Untrusted Network node may actually save the Pseudo Hostname received in a
transaction for use in subsequent transactions to the Protected Network. This can occur, for
example, for Untrusted-HSS to Protected-MME/SGSN transactions whereby the Untrusted-HSS
saves the MME/SGSN's host name when it initiates subsequent Diameter transactions (such as
CLR) to that MME/SGSN.
The need to replace a Pseudo Hostname with an Actual Hostname in subsequent Untrusted-to-Protected
Network transactions is required for routing purposes, and is required when the destination host in
the Protected Network requires that messages sent to it contain its Actual Hostname.
Diameter Edge Agent (DEA) Topology Hiding procedures are always invoked on the interface closest
to an Untrusted Network, as illustrated in Figure 13: Diameter Topology Hiding Boundary.
Figure 13: Diameter Topology Hiding Boundary
Topology Hiding Trigger Points

Diameter Topology Hiding is performed at well-known locations within the Diameter Routing Function
software, on both Protected-to-Untrusted Diameter transactions and Untrusted-to-Protected Diameter
transactions. These well-known locations are referred to as Topology Hiding (TH) Trigger Points. Two
types of TH Trigger Points are defined:
• Information hiding Trigger Point: A TH Trigger Point that, when invoked, attempts to hide any
topology related-information within a Diameter message that is being sent to an Untrusted Network.
This type of TH Trigger Point is identified by the TH suffix in the Trigger Point name.
• Information restoral Trigger Point: A TH Trigger Point that, when invoked, attempts to restore any
topology hidden information within a Diameter message received from an Untrusted Network to
its original or actual value. This type of TH Trigger Point is identified by the TR suffix (Topology
Restoral) in the Trigger Point name.
For Protected-to-Untrusted Network Diameter transactions, any topology-sensitive information in
the Protected-to-Untrusted Network Request message is hidden just prior to forwarding the Request
message to a Peer Node that serves as a gateway to the Untrusted Network. (The adjacent Peer Node
may be a member of a Untrusted Network or may be connected directly or indirectly to Diameter
nodes that are members of an Untrusted Network from the Protected Network's perspective.)

For the purposes of Diameter Routing Function transaction processing, the Trigger Point for evaluating
whether topology-related information should be hidden is called Request Topology Hiding (RTH).
When the Diameter Edge Agent (DEA) receives an Answer message associated with a
Protected-to-Untrusted Diameter transaction, it must consider whether the Answer message contains
any hidden topology-related information that must be restored to its original value. This Trigger Point
is called Answer Topology Restoral (ATR).
The high level logical locations of the RTH and ATR TH Trigger Points for Protected-to-Untrusted
Network Diameter transactions are shown in Figure 14: Diameter Topology Hiding Trigger Points:
Protected-to-Untrusted Transactions.
Figure 14: Diameter Topology Hiding Trigger Points: Protected-to-Untrusted Transactions
For Untrusted-to-Protected Network Diameter transactions, any topology-hidden information

embedded in the Untrusted-to-Protected Network Request message may be a candidate for topology
information restoral. The Trigger Point for evaluating whether topology-related information in a
Request message should be restored is called Request Topology Restoral (RTR).
When the DEA forwards an Answer message to an Untrusted Network, it must consider whether the
Answer message contains any topology-sensitive information about the Protected Network. This
Trigger Point is called Answer Topology Hiding (ATH).
The high level logical locations of the RTR and ATH TH Trigger Points for Untrusted-to-Protected
Diameter transactions are shown in Figure 15: Diameter Topology Hiding Trigger Points:
Untrusted-to-Protected Transactions.
Figure 15: Diameter Topology Hiding Trigger Points: Untrusted-to-Protected Transactions
All Diameter Topology Hiding Trigger Points are adjacent to the existing Diameter Mediation Trigger
Points. The following Topology Hiding-Mediation relationship rules apply:
• Information hiding Trigger Points - immediately prior to Mediation
• Information restoral Trigger Points: immediately after Mediation
The Diameter Routing Function has the ability to edit messages just prior to forwarding them to Peer
Nodes. Any Diameter Routing Function message editing must be performed prior to any TH treatment.
For example, an application, when forwarding a Request message to the Diameter Routing Function,
can ask the Diameter Routing Function to replace the Origin-Realm and Origin-Host AVP values with
the Realm and FQDN values assigned to the Local Node associated with the egress Diameter Connection
just prior to forwarding the message to the Diameter Transport Function. This
Origin-Realm/Origin-Host AVP replacement function must be performed before the TH Trigger Point.
Table 68: Topology Information Hiding and Restoral Procedures summaries the topology information hiding
and restoral procedures that are supported at each TH Trigger Point.

Table 68: Topology Information Hiding and Restoral Procedures
Trigger TH Type AVP Information Hiding/Restoral Procedure

RTH Path Route-Record All AVPs containing Protected Network host
names are replaced with a single AVP containing
a Pseudo Hostname assigned to the Protected
Network.
Proxy-Host Each AVP containing Protected Network host
names is replaced with a unique AVP Pseudo
Hostname.
HSS Origin-Host Replaced the AVP value with the single HSS
Pseudo Hostname assigned to the Protected
Network
Session-Id Host portion replaced by the single HSS Pseudo
Hostname assigned to the Protected Network.
MME/SGSN Origin-Host Replaced by one of the Pseudo Hostnames
assigned to the MME/SGSN.
Session-Id Host portion of this AVP value replaced by one
of the Pseudo Hostnames assigned to the
MME/SGSN
PCRF Origin-Host Replace the AVP value with one of the
pseudo-host names assigned to the actual PCRF
in S9 PCRF TH Configuration Set for S9 messages
and for Rx messages if S9 AF/pCSCF TH
Configuration Set is not assigned to the Protected
network.
Session-Id Replace the host portion of this AVP with one of
the pseudo-host names assigned to the actual
AF/pCSCF in S9 PCRF TH Configuration Set for
S9 messages and for Rx messages if S9 AF/pCSCF
TH Configuration Set is not assigned to the
Protected network.
AF/pCSCF Origin-Host Replace the AVP value with one of the
pseudo-host names assigned to the actual
AF/pCSCF in S9 AF/pCSCF ThH Configuration
Set for Rx messages.
Session-Id Replace the host portion of this AVP with one of
the pseudo-host names assigned to the actual
AF/pCSCF in S9 AF/pCSCF Th Configuration
Set for Rx messages.
RTR Path Route-Record Message loop detection and rejection if a
Route-Record AVP contains a pseudo-name that
is assigned to the Protected Network that initiated
the message.


Note: Message Loop Detection is done at a Loop
Detect point just prior to RTR.
HSS None; HSS Pseudo N/A

Hostname to Actual
Hostname restoral is
performed by a HSS
Address Resolution
application like FABR
or RBAR.
MME/SGSN Destination-Host Replace the MME/SGSN Pseudo Hostname with
the MME/SGSN's Actual Hostname.
PCRF Destination-Host Replace the PCRF pseudo-host name with the
PCRF's actual-host name.
Session-Id Replace the host portion of this AVP with actual
PCRF host name.
AF/pCSCF Destination-Host Replace the AF/pCSCF pseudo-host name with
the AF/pCSCF actual-host name.
Session-Id Replace the host portion of this AVP with actual
AF/pCSCF host name.
ATH Path Route-Record All AVPs containing Protected Network host
names are replaced with a single AVP containing
a Pseudo Hostname assigned to the Protected
Network.
Error-Reporting-Host For each AVP containing a Protected Network
host name, encrypt the value using the encryption
key assigned to the Protected Network.
HSS Origin-Host Replace the HSS host name with the single HSS
Pseudo Hostname assigned to the Protected
Network.
MME/SGSN Origin-Host Replace the MME/SGSN host name with one of
the MME/SGSN's Pseudo Hostnames based on
content of the User-Name AVP (containing an
IMSI).
PCRF Origin-Host Replace the AVP value with one of the
pseudo-host names assigned to the actual PCRF
in S9 PCRF TH Configuration Set for S9 messages
and for Rx messages if S9 AF/p CSCF TH
Configuration Set is not assigned to the Protected
network.
Session-Id Replace the hostname received in the Request
Session-ID AVP which is saved in the PTR.


AF/pCSCF Origin-Host Replace the AVP value with one of the
pseudo-host names assigned to the actual
AF/pCSCF in S9 AF/pCSCF TH Configuration
Set for Rx Messages.
Session-Id Replace the hostname received in the Request
Session-ID AVP which is saved in the PTR.
ATR Path Proxy-Host Each AVP instance that was hidden in the
forwarded in the Request message must be
restored to its original value that is stored in the
PTR
HSS Session-Id Restore the HSS's host name received in the
Request Session-Id AVP that is stored in the PTR.
MME/SGSN Session-Id Restore the HSS's host name received in the
Request Session-Id AVP that is stored in the PTR.
PCRF Session-Id Restore the PCRF's host name received in the
Request Session-Id AVP which is stored in the
PTR.
AF/pCSCF Session-Id Restore the AF/pCSCF's host name received in
the Request Session-Id AVP which is stored in
the PTR.
Message Candidates for Topology Hiding and Restoral

Topology Hiding and Restoral Trigger Points are located at the DEA's boundary to an Untrusted
Network. Thus, to even consider whether a message is a potential candidate for Topology Hiding and
Restoral, the Diameter Routing Function must know the following information at those TH Trigger
Points:
• Is the message that was just received (or about to be sent) a potential Topology Hiding and Restoral
candidate?
• If the message is a potential candidate, is this a message between a Protected Network and an
Untrusted Network?
To facilitate potential candidates, the Peer Node configuration element called Topology Hiding Status
must be set to Enabled on any Peer Node that is associated with at least one Untrusted Network.
The trust/untrust relationship is always from the perspective of the Protected Network. The use of
the following Diameter Configuration Topology Hiding components and the Peer Node component
is illustrated in the example in Figure 16: TH Network Deployment in an Interworking Network:
• Protected Networks: Defines, for each Protected Network, the Protected Realm Name and an
optional reference to a Trusted Network List. The assumption is that all networks are Untrusted
to a Protected Network unless they appear in a Trusted Network List that is assigned to that
Protected Network. In essence, the Trusted Network List is a white list; any Network Realm Name
that is not in that list is an Untrusted Network. If a Protected Network is not assigned a Trusted
Network List, then it is assumed that all networks (except itself) are Untrusted.
• Trusted Network List: A list of Trusted Network Realm Names. A Trusted Network List can be
assigned to any Protected Network.

Figure 16: TH Network Deployment in an Interworking Network
For the sake of discussion, assume that all of the networks are Protected Networks and the Protected
Networks and Trusted Network Lists shown in Table 69: Example Protected Networks Configuration and
Table 70: Example Trusted Network Lists Configuration are configured:
Table 69: Example Protected Networks Configuration
Protected Network Name Protected Network Realm Name Trusted Network List Name
N1 n1.com Trusted Networks-1
Table 70: Example Trusted Network Lists Configuration
Protected Network Name Network Realm List

Trusted Networks-1 n3.com
n4.com

n2.com
n3.com
Based on the example Protected Networks and Trusted Network Lists, the trust relationship matrix
among the four networks in this example configuration is shown in Table 71: Network Trust Relationship
Matrix.

Table 71: Network Trust Relationship Matrix
Relationship with Peer Network

Protected Network N1 N2 N3 N4
N1 Trusted Not Trusted Trusted Not Trusted
N2 N2 Not Trusted Trusted Trusted
N3 Not Trusted Trusted Trusted Not Trusted
N4 Trusted Trusted Trusted Trusted
Is this network Untrusted by at Yes Yes No Yes
least one other network?
Based on the Network Trust Relationship Matrix, the Peer Node element settings for the network
shown in Table 72: Example Topology Hiding Status Settings would be used:
Table 72: Example Topology Hiding Status Settings
Peer Node Topology Hiding Status Element Setting

Peer Node-1 Enabled
Peer Node-2 Enabled
Peer Node-3 Disabled
Peer Node-4 Enabled
With the information in Table 72: Example Topology Hiding Status Settings, the TH type-independent
criteria for determining whether a message is a potential candidate for Topology Hiding/Restoral are
defined in Table 73: General Criteria for Determining Whether a Message is a TH Candidate.
Table 73: General Criteria for Determining Whether a Message is a TH Candidate
TH
Trigger Message Message Path General Topology Hiding/Restoral Candidate Criteria
RTH Request Protected-to-Untrusted Egress Peer Node Topology Hiding Status is Enabled, AND
Origin-Realm is a Protected Network X, AND
Destination-Realm is an Untrusted Network to Protected
Network X
RTR Request Untrusted-to-Protected Ingress Peer Node Topology Hiding Status is Enabled, AND
Destination-Realm is a Protected Network X, AND
Origin-Realm is an Untrusted Network to Protected Network
X
ATH Answer Protected-to-Untrusted Egress Peer Node Topology Hiding Status is Enabled, AND

TH
Realm of the Diameter Node that originated the transaction
is an Untrusted Network to Protected Network X
TH Trigger point ATH occurs after the Diameter Routing
Function deallocates the PTR for the transaction. Therefore,
the Origin-Realm value that was received in the Request
message must be stored in the Application-Data stack event
just prior to deallocating the PTR in order for the Diameter
Routing Function to make an evaluation at ATH of whether
the Answer response is being sent to an Untrusted Network.
ATR Answer Untrusted-to-Protected PTR contains one or more indications that topology
information restoral is required
For Untrusted-to-Protected Answer messages, any information
that was hidden in the egress Request is a candidate for
restoral regardless of which Network sends the Answer
message response. Topology information restoral at ATR is
always performed regardless of the egress Peer Node's
Topology Hiding Status if Topology Hiding was performed
on the egress Request message for this Diameter transaction.
If the TH Trigger Point criteria defined in Table 73: General Criteria for Determining Whether a Message
is a TH Candidate are met, then the Diameter Routing Function must determine which TH types are
enabled for the associated Protected Network. Each TH type might have additional criteria that must
be met in order to determine whether topology-related information hiding or restoral is required.
The Protected Networks configuration component defines which TH types are enabled for the Protected
Network. If a Configuration Set for the TH type is assigned to the Protected Network, then that TH
type is enabled for that Protected Network and the rules for that TH type are applied. The Path,
S6a/S6d HSS, MME/SGSN, S0 PCRF, and S9 AF/pCSCF TH types are supported. An example Protected
Network component for the use case network defined in this section could look like the configuration
in Table 74: Protected Network Configuration Example:
Table 74: Protected Network Configuration Example
Protected
Protected Network Trusted S9
Network Realm Network S6a/S6d MME/SGSN AF/pCSCF
Name Name List Name Path TH HSS TH TH S9 PCRF TH TH
N1 n1.com Trusted Path S6a/S6d MME/SGSN NULL NULL
Networks-1 Config HSS Config
Set-1 Config Set-1
Set-1
N2 n2.com Trusted Path S6a/S6d MME/SGSN NULL NULL
Networks-2 Config HSS Config
Set-2 Config Set-1
Set-1

Protected
Protected Network Trusted S9
Network Realm Network S6a/S6d MME/SGSN AF/pCSCF
Name Name List Name Path TH HSS TH TH S9 PCRF TH TH
N3 n3.com Trusted Path NULL NULL S9 PCRF S9
Networks-3 Config Config Set-1 AF/pCSCF
Set-3 onfig Set-1
N4 n4.com Trusted Path NULL NULL S9 PCRF S9
Networks-4 Config Config Set-2 AF/pCSCF
Set-4 onfig Set-2
In the example, if a message associated with Protected Network N3 is a candidate for topology
hiding/restoral, then the Diameter Routing Function will invoke only the Path Topology Hiding
Configuration Set rules for that message.
The TH type-specific Hiding/Restoral rules are defined in Topology Hiding Types.
Supported AVPs
Table 75: Topology Hiding AVPs and Hiding Methods shows the AVPs that are supported by Topology
Hiding. The following information hiding methods are supported:
• Pseudo Hostname Replacement: Actual Hostnames are replaced with Pseudo Hostnames.
• Encryption: AVP value is encrypted
Table 75: Topology Hiding AVPs and Hiding Methods
Information Hiding Method

Pseudo-Host Name
Diameter Applications AVP Name Replacement Encryption
S6a, S6d, S9, Rx Session-Id X
S6a, S6d, S9, Rx Origin-Host X
Any Route-Record X
Any Proxy-Host X
Any Error-Reporting-Host X
Encryption
Any encryption required by Topology Hiding uses Advanced Encryption Standard (AES), which is
a specification for the encryption of electronic data established by the U.S. National Institute of
Standards and Technology (NIST) in 2001. AES has been adopted by the U.S. government and is now
used worldwide. It supersedes the Data Encryption Standard (DES) that was published in 1977.
AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits (with 256
being the hardest to crack), and encrypts and decrypts data in blocks of 128 bits (16 bytes). Unlike
public-key ciphers that use a pair of keys, symmetric-key ciphers use the same key to encrypt and
decrypt data. Encrypted data returned by block ciphers have the same number of bits that the input
data had. Iterative ciphers use a loop structure that repeatedly performs permutations and substitutions

of the input data. All three key lengths are sufficient to protect classified information up to the SECRET
level.
AES must be used in conjunction with a FIPS (Federal Information Processing Standard) approved or
NIST recommended mode of operation. The mode specifies how data will be encrypted
(cryptographically protected) and decrypted (returned to original form). Diameter Topology Hiding
supports AES-Cipher BlockChaining (CBC) mode and a 128-bit key size.
Note: If assistance is needed in troubleshooting encrypted Error-Reporting-Host AVPs, it is
recommended that you contact your My Oracle Support (MOS). You will need the Encryption Key that
is configured in the Diameter > Configuration > Topology > Path Topology Configuration Set GUI
page.
Assumptions
Diameter Topology Hiding has the following assumptions:
• In order to detect message looping for Request messages containing a Route-Record Pseudo
Hostname, all Diameter Edge Agents in the service provider's network must have the same Topology
Hiding configuration.
• A message loop for Request messages containing a Route-Record Pseudo Hostname may not be
detected for messages returned to any Diameter Edge Agent from any network that is trusted by
the Protected Network that initiated the Diameter transaction.
Message Candidates for Topology Hiding and Restoral

Topology Hiding and Restoral Trigger Points are located at the DEA's boundary to an Untrusted
Network. Thus, to even consider whether a message is a potential candidate for Topology Hiding and
Restoral, the Diameter Routing Function must know the following information at those TH Trigger
Points:
• Is the message that was just received (or about to be sent) a potential Topology Hiding and Restoral
candidate?
• If the message is a potential candidate, is this a message between a Protected Network and an
Untrusted Network?
To facilitate potential candidates, the Peer Node configuration element called Topology Hiding Status
must be set to Enabled on any Peer Node that is associated with at least one Untrusted Network.
The trust/untrust relationship is always from the perspective of the Protected Network. The use of
the following Diameter Configuration Topology Hiding components and the Peer Node component
is illustrated in the example in Figure 17: TH Network Deployment in an Interworking Network:
• Protected Networks: Defines, for each Protected Network, the Protected Realm Name and an
optional reference to a Trusted Network List. The assumption is that all networks are Untrusted
to a Protected Network unless they appear in a Trusted Network List that is assigned to that
Protected Network. In essence, the Trusted Network List is a white list; any Network Realm Name
that is not in that list is an Untrusted Network. If a Protected Network is not assigned a Trusted
Network List, then it is assumed that all networks (except itself) are Untrusted.
• Trusted Network List: A list of Trusted Network Realm Names. A Trusted Network List can be
assigned to any Protected Network.

Figure 17: TH Network Deployment in an Interworking Network
For the sake of discussion, assume that all of the networks are Protected Networks and the Protected
Networks and Trusted Network Lists shown in Table 76: Example Protected Networks Configuration and
Table 77: Example Trusted Network Lists Configuration are configured:
Table 76: Example Protected Networks Configuration
Protected Network Name Protected Network Realm Name Trusted Network List Name
Table 77: Example Trusted Network Lists Configuration
Protected Network Name Network Realm List

n4.com

n2.com
n3.com
Based on the example Protected Networks and Trusted Network Lists, the trust relationship matrix
among the four networks in this example configuration is shown in Table 78: Network Trust Relationship
Matrix.

Table 78: Network Trust Relationship Matrix
Relationship with Peer Network

Protected Network N1 N2 N3 N4
N1 Trusted Not Trusted Trusted Not Trusted
N2 N2 Not Trusted Trusted Trusted
N3 Not Trusted Trusted Trusted Not Trusted
N4 Trusted Trusted Trusted Trusted
Is this network Untrusted by at Yes Yes No Yes
least one other network?
Based on the Network Trust Relationship Matrix, the Peer Node element settings for the network
shown in Table 79: Example Topology Hiding Status Settings would be used:
Table 79: Example Topology Hiding Status Settings
Peer Node Topology Hiding Status Element Setting

Peer Node-1 Enabled
Peer Node-2 Enabled
Peer Node-3 Disabled
Peer Node-4 Enabled
With the information in Table 72: Example Topology Hiding Status Settings, the TH type-independent
criteria for determining whether a message is a potential candidate for Topology Hiding/Restoral are
defined in Table 80: General Criteria for Determining Whether a Message is a TH Candidate.
Table 80: General Criteria for Determining Whether a Message is a TH Candidate
TH
RTH Request Protected-to-Untrusted Egress Peer Node Topology Hiding Status is Enabled, AND
Destination-Realm is an Untrusted Network to Protected
Network X
RTR Request Untrusted-to-Protected Ingress Peer Node Topology Hiding Status is Enabled,
AND
Destination-Realm is a Protected Network X, AND
Origin-Realm is an Untrusted Network to Protected
Network X
ATH Answer Protected-to-Untrusted Egress Peer Node Topology Hiding Status is Enabled, AND

TH
Realm of the Diameter Node that originated the transaction
is an Untrusted Network to Protected Network X
TH Trigger point ATH occurs after the Diameter Routing
Function deallocates the PTR for the transaction. Therefore,
the Origin-Realm value that was received in the Request
message must be stored in the Application-Data stack event
just prior to deallocating the PTR in order for the Diameter
Routing Function to make an evaluation at ATH of whether
the Answer response is being sent to an Untrusted
Network.
ATR Answer Untrusted-to-Protected PTR contains one or more indications that topology
information restoral is required
For Untrusted-to-Protected Answer messages, any
information that was hidden in the egress Request is a
candidate for restoral regardless of which "Network" sends
the Answer message response. Topology information
restoral at ATR is always performed regardless of the
egress Peer Node's Topology Hiding Status if Topology
Hiding was performed on the egress Request message for
this Diameter transaction.
If the TH Trigger Point criteria defined in Table 80: General Criteria for Determining Whether a Message
is a TH Candidate are met, then the Diameter Routing Function must determine which TH types are
enabled for the associated Protected Network. Each TH type might have additional criteria that must
be met in order to determine whether topology-related information hiding or restoral is required.
The Protected Networks configuration component defines which TH types are enabled for the Protected
Network. If a Configuration Set for the TH type is assigned to the Protected Network, then that TH
type is enabled for that Protected Network and the rules for that TH type are applied. The Path,
S6a/S6d HSS, MME/SGSN, S0 PCRF, and S9 AF/pCSCF TH types are supported. An example Protected
Network component for the use case network defined in this section could look like the configuration
in Table 81: Protected Network Configuration Example:
Table 81: Protected Network Configuration Example
Protected
Protected Network Trusted
Network Realm Network S6a/S6d MME/ S9 PCRF S9 AF/
Name Name List Name Path TH HSS TH SGSN TH TH pCSCF TH
N1 n1.com Trusted Path S6a/S6d MME/ NULL NULL
Networks-1 Config HSS SGSN
Set-1 Config Config
Set-1 Set-1

Protected
Protected Network Trusted
Network Realm Network S6a/S6d MME/ S9 PCRF S9 AF/
Name Name List Name Path TH HSS TH SGSN TH TH pCSCF TH
N2 n2.com Trusted Path S6a/S6d MME/ NULL NULL
Networks-2 Config HSS SGSN
Set-2 Config Config
Set-1 Set-1
N3 n3.com Trusted Path NULL NULL S9 PCRF S9 AF/
Networks-3 Config Config pCSCF
Set-3 Set-1 onfig Set-1
N4 n4.com Trusted Path NULL NULL S9 PCRF S9 AF/
Networks-4 Config Config pCSCF
Set-4 Set-2 onfig Set-2
In the example, if a message associated with Protected Network N3 is a candidate for topology
hiding/restoral, then the Diameter Routing Function will invoke only the Path Topology Hiding
Configuration Set rules for that message.
The TH type-specific Hiding/Restoral rules are defined in Topology Hiding Types.
Topology Hiding Supported AVPs

Table 82: Topology Hiding AVPs and Hiding Methods shows the AVPs that are supported by Topology
Hiding. The following information hiding methods are supported:
• Pseudo Hostname Replacement: Actual Hostnames are replaced with Pseudo Hostnames.
• Encryption: AVP value is encrypted
Table 82: Topology Hiding AVPs and Hiding Methods
Information Hiding Method

Pseudo-Host Name
Diameter Applications AVP Name Replacement Encryption
S6a, S6d, S9, Rx Session-Id X
S6a, S6d, S9, Rx Origin-Host X
Any Route-Record X
Any Proxy-Host X
Any Error-Reporting-Host X
Encryption
Any encryption required by Topology Hiding uses Advanced Encryption Standard (AES), which is
a specification for the encryption of electronic data established by the U.S. National Institute of

Standards and Technology (NIST) in 2001. AES has been adopted by the U.S. government and is now
used worldwide. It supersedes the Data Encryption Standard (DES) that was published in 1977.
AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits (with 256
being the hardest to crack), and encrypts and decrypts data in blocks of 128 bits (16 bytes). Unlike
public-key ciphers that use a pair of keys, symmetric-key ciphers use the same key to encrypt and
decrypt data. Encrypted data returned by block ciphers have the same number of bits that the input
data had. Iterative ciphers use a loop structure that repeatedly performs permutations and substitutions
of the input data. All three key lengths are sufficient to protect classified information up to the SECRET
level.
AES must be used in conjunction with a FIPS (Federal Information Processing Standard) approved or
NIST recommended mode of operation. The mode specifies how data will be encrypted
(cryptographically protected) and decrypted (returned to original form). Diameter Topology Hiding
supports AES-Cipher BlockChaining (CBC) mode and a 128-bit key size.
Note: If assistance is needed in troubleshooting encrypted Error-Reporting-Host AVPs, it is
recommended that you contact your My Oracle Support (MOS). You will need the Encryption Key that
is configured in the Diameter > Configuration > Topology > Path Topology Configuration Set GUI
page.
Diameter Topology Hiding Assumptions

Diameter Topology Hiding has the following assumptions:
• In order to detect message looping for Request messages containing a Route-Record Pseudo
Hostname, all Diameter Edge Agents in the service provider's network must have the same Topology
Hiding configuration.
• A message loop for Request messages containing a Route-Record Pseudo Hostname may not be
detected for messages returned to any Diameter Edge Agent from any network that is trusted by
the Protected Network that initiated the Diameter transaction.
Topology Hiding Types

Topology Hiding can be a Diameter application-specific or Diameter application-independent
procedure.
• Topology Hiding is Diameter application-specific if the rules apply only to a Diameter
application-specific message set (such as S6a).
• Topology Hiding is Diameter application-independent if the rules apply to any Diameter message
(any Command Code).
The information to be hidden can be controlled based upon the following Topology Hiding types:
• S6a/S6d Topology Hiding
S6a/S6d Topology Hiding is applied only to the S6a/S6d Command Codes defined in 3GPP TS
29.272, Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related
interfaces based on Diameter protocol, and requires knowing which S6a/S6d messages are
HSS-initiated versus MME/SGSN-initiated.
• S6a/S6d HSS Topology HidingHSS

S6a/S6d HSS Topology Hiding is concerned with hiding the identity(s) of a Protected Network's
HSS when it exchanges messages with Untrusted Networks. An HSS's Hostname is embedded
in the Origin-Host and Session-Id AVPs sent in Request messages and in the Origin-Host AVP
sent in Answer messages.
S6a/S6d HSS Topology Hiding determines which entity (HSS or MME/SGSN) initiated a
message, based on the Command Code in the message.
S6a/S6d HSS Topology Hiding can be enabled for each Protected Network, by assigning an
S6a/S6d HSS Topology Hiding Configuration Set to the configured Protected Network.
• MME/SGSN Topology Hiding
MME/SGSN Topology Hiding is concerned with hiding the identity of a Protected Home
Network's MME/SGSNs, as well as the number of MME/SGSNs in the network, when it
exchanges messages with Untrusted Networks. A MME/SGSN's identity is embedded in the
Origin-Host and Session-Id AVPs sent in Request messages and in the Origin-Host AVP sent
in Answer messages.
MME/SGSN Topology Hiding determines which entity (HSS or MME/SGSN) initiated an
S6a/S6d message, based on the Command Code in the message.
MME/SGSN Topology Hiding can be enabled for each Protected Network, by assigning an
MME/SGSN Topology Hiding Configuration Set to the configured Protected Network.
• S9 PCRF Topology Hiding

S9 PCRF Topology Hiding is concerned with hiding the host names of PCRF's in a Protected
Network, as well as the number of PCRFs from Untrusted Networks.
Note: S9 PCRF topology hiding is only applied to the S9 and Rx command codes.
• S9 AF/pCSCF Topology Hiding
S9 AF/pCSCF Topology Hiding is only applied to the Rx command codes when Visited Access
Roaming Architecture is used and AF/pCSCF is communicating to H-PCRF in Proxy Mode. It
allows the operator to hide the host names of AF/pCSCF's in a Protected Network as well as the
number of AF/pCSCF's from Untrusted Networks.
• Path Topology Hiding
Path Topology Hiding is Diameter application-independent, and can be applied to any Diameter
Command Code.
Path Topology Hiding is concerned with hiding a Protected Network's Hostnames and the number
of hosts in the following AVPs:
• Route-Record AVP: Sent in Request messages. More than one Route-Record AVP can exist in
a Request message.
• Proxy-Host AVP: An AVP embedded in the grouped Proxy-Info AVP that is sent in Request
and Answer messages. More than one Proxy-Host AVP can exist in a message.
• Error-Reporting-Host AVP: Sent in Answer messages. More than one Error-Reporting-Host
AVP can exist in an Answer message.
Path Topology Hiding can be enabled for each Protected Network, by assigning a Path Topology
Hiding Configuration Set to the configured Protected Network.

Path Topology Hiding

Path Topology Hiding is concerned with hiding the identities of a Protected Network's hiding a
Protected Network's Hostnames and the number of hosts in the following AVPs:
• Route-Record AVP: Sent in Request messages. More than one Route-Record AVP may exist in a
Request message.
• Proxy-Host AVP: An AVP embedded in the Grouped Proxy-Info AVP that is sent in Request and
Answer messages. More than one Proxy-Host AVP may exist in a message.
• Error-Reporting-Host AVP: Sent in Answer messages. More than one Error-Reporting-Host AVP
could exist in an Answer message.
Path Topology Hiding can be enabled for each Protected Network, by assigning a Path TH Configuration
Set to the configured Protected Network.
Route-Record AVP Hostname Hiding - Request Messages

Route-Records AVPs are appended to Request messages to assist in message loop detection. When
Diameter node N relays a Request message received from Diameter node –1 to Diameter node N+1,
Diameter node N appends a Route-Record AVP to the Request message containing the Hostname of
Diameter node –1. For Request messages that are forwarded from a Protected Network N1 to an
Untrusted Network, there could be Protected Network N1 Hostnames embedded in one or more of
the Route-Record AVPs.
Route-Record AVP Hostname hiding is performed only on Request messages that meet the following
criteria:
• Message is a candidate for Topology Hiding as defined by topology Trigger Point RTH in Table 73:
General Criteria for Determining Whether a Message is a TH Candidate
• Path Topology Hiding is enabled for the Protected Network (a Path TH Configuration Set is assigned
to the configured Protected Network)
• At least one of the Route-Record AVPs contains a Protected Network Hostname.
An example of Route-Record AVP Hostname hiding for a Request message routed from a Protected
Network to an Untrusted Network is shown in Figure 18: Route-Record Hiding - Request Message.
Figure 18: Route-Record Hiding - Request Message
The Path Topology Hiding Configuration Set assigned to the Protected Network has the following
elements that are used for Route-Record Topology Hiding:
• Hostname Suffixes - A list of Protected Network Hostname Suffixes that are used to specify which
Hostnames to hide when messages are forwarded to Untrusted Networks. Any Route-Record AVPs
containing a Hostname not matching an entry in this Hostname Suffixes list will not be hidden.
• Route-Record Pseudo Hostname - The Pseudo Hostname to be used when replacing all of the
Route-Record AVPs that contain a Hostname that meets the Route-Record AVP hiding criteria.
Route-Record AVP Hostname hiding is performed by replacing all of the Route-Record AVPs that
meet the Route-Record AVP hiding criteria with a single Route-Record AVP that contains a single

configured Pseudo Hostname. Route-Record AVP Hostname hiding occurs after the Diameter Routing
Function appends any Route-Record AVPs to the Request message.
Route-Record AVP Hostname Hiding - Answer Messages

Diameter Relay and Proxy Agents are required to append a Route-Record AVP into any forwarded
Request message. There are no Relay Agent or Proxy Agent requirements to perform this function for
Answer messages. However, in certain Diameter specifications (such as S6a/S6d and RFC 4006), the
Route-Record AVP is specified as an optional AVP in certain Answer messages (including CCA and
most of the S6a/S6d Answer messages). Thus, it is probable that Answer messages initiated by a
Protected Network node and forwarded to an Untrusted Network by a DEA can contain one or more
Route-Record AVPs with Protected Network Hostnames. Therefore, Route-Record AVP Hostname
hiding will be applied to Answer messages using the same procedure that is used for Request messages.
Route-Record AVP Hostname hiding is performed only on Answer messages that meet the following
criteria:
• Message is a candidate for Topology Hiding as defined by topology Trigger Point ATH in Table
73: General Criteria for Determining Whether a Message is a TH Candidate
• Path Topology Hiding is enabled for the Protected Network (a Path Topology Hiding Configuration
Set is assigned to the configured Protected Network)
• At least one of the Route-Record AVPs contains a Protected Network Hostname
An example of Route-Record AVP Host Name hiding for an Answer message initiated by a Protected
Network to an Untrusted Network is shown in Figure 19: Route-Record Hiding - Answer Message.
Figure 19: Route-Record Hiding - Answer Message
Route-Record AVP Hiding and Inter-Network Message Loop Detection

The technique of replacing one or more Route-Record AVPs with a single Route-Record AVP containing
a Pseudo Hostname must not defeat the fundamental purpose of the Route-Record AVP - message
loop detection. Because Route-Record Topology Hiding is considered a DEA function and is applied
only to Request messages leaving a network, inter-network ingress message loop detection is needed
at the inter-network boundary. For example, a Request message can egress the network from DEA-1
but loop back to the network through DEA-2 as shown in Figure 20: Multi-DEA Route-Record Message
Loop Detection. If an inter-network message loop is not detected by a DEA, the loop will not be detected
within the Protected Network because a DEA replaced the Route-Records for the internal nodes with
a single Route-Record AVP containing a Pseudo Hostname.
Topology Hiding configuration components must be managed from the NOAM so that an identical
copy of all Topology Hiding configured components will be distributed to all DEAs controlled by the
NOAM. This allows inter-network ingress message loop detection to be supported by any DEA.
Inter-network ingress message loop detection is supported at the RTR Trigger Point. A typical message
loop path between two DEAs with Path Topology Hiding enabled is illustrated in Figure 20: Multi-DEA
Route-Record Message Loop Detection.

Figure 20: Multi-DEA Route-Record Message Loop Detection
It is possible but highly unlikely (as in an invalid inter-network relationship) that a Request message
that leaves the Protected Network addressed to an Untrusted Network will loop back to the Protected
Network through a Trusted Network, as shown in Figure 21: Unsupported Pseudo-Host Route-Record
Loop Detection. This type of message loop detection is NOT supported.
Figure 21: Unsupported Pseudo-Host Route-Record Loop Detection
Inter-network ingress message loop detection occurs when all of the following criteria are met:
• Message is a candidate for Topology Hiding as defined by TH Trigger Point RTR in Table 73: General
Criteria for Determining Whether a Message is a TH Candidate
Set is assigned to the configured Protected Network)
• A Route-Record AVP contains the Protected Network's Pseudo Hostname used for Route-Record
AVP Host Name hiding
Proxy-Host AVP Hiding and Restoral

The grouped Proxy-Info AVP allows stateless agents to add local state to a Diameter Request message,
with the guarantee that the same state will be present in the Answer message response. The embedded
Proxy-Host AVP identifies the Diameter node that appended the Proxy-Info AVP to the Request
message. A Protected Network Hostname in any Proxy-Host AVP must be hidden when the AVP is
forwarded to an Untrusted Network. More than one Proxy-Host AVP instance can exist in a Request
message. Every instance that contains a Protected Network Hostname must be hidden with a unique
Pseudo Hostname.

elements that are used for Proxy-Host AVP Hiding:
Hostnames to hide when messages are forwarded to Untrusted Networks. Any Proxy-Host AVPs
with a Hostname not matching an entry in this Hostname Suffixes list will not be hidden.
• Proxy-Host Pseudo Hostname Suffix - In order to hide the number of Proxy Agents in the Protected
Network, a random Proxy-Host pseudo-host name of the format <prefix><suffix> will be used,
where the prefix is a random 3-digit value created each time Proxy-Host name substitution is
performed and suffix is a fixed-length string defined by this configured element. All of the
Proxy-Host pseudo-host names inserted into any Request message must be unique.
Proxy-Host AVP Hiding is performed only on Request messages that meet the following criteria:
• Message is a candidate for Topology Hiding as defined by TH Trigger Point RTH in Table 73: General
Criteria for Determining Whether a Message is a TH Candidate
• At least one of the Proxy-Host AVPs contains a Protected Network's Hostname
Set is assigned to the Protected Network)
An example of Proxy-Host AVP Hiding for a Request message initiated by a Protected Network to an
Untrusted Network is shown in Figure 22: Proxy-Host Hiding.
Figure 22: Proxy-Host Hiding
Because the Proxy-Info AVP is used by stateless agents to store local transaction state information into
a Request message and retrieve that information from the Answer response, it is important that the
DEA restore the original Proxy-Host AVP values (received in the original Request message) when it
forwards the Answer response message. Thus, any Proxy-Host AVP value that is replaced at TH
Trigger Point RTH must be saved in its respective Diameter Routing Function PTR.
Proxy-Host AVP Restoral is performed only on Answer messages that meet the following criterion:
• At TH Trigger Point ATR, the Restore Proxy-Host AVPs flag in the PTR associated with the Answer
message is set to Enabled.
When the criterion is met, Proxy-Host AVP Restoral will be performed. The Diameter Routing Function
will replace every Proxy-Host AVP value that matches a Proxy-Host Pseudo Hostname (stored in the
PTR) with the original Hostname (also stored in the PTR).

Error Reporting Host AVP Hiding

The Error-Reporting-Host AVP contains the identity of the Diameter node that set the Result-Code
AVP to a value other than 2001 (Success), only if the host setting the Result-Code is different from the
one encoded in the Origin-Host AVP.
From a Topology Hiding perspective, the Hostname in this AVP must be hidden if it contains a
Protected Network Hostname and is being sent to an Untrusted Network.
The content of this AVP will be hidden using encryption. Troubleshooters in the Protected Network
must have the ability to decrypt the value. Topology Hiding uses Advanced Encryption Standard
(AES), which is described in Encryption.
Although unlikely, more than one Error-Reporting-Host AVP could exist in an Answer message; each
Error-Reporting-Host AVP containing a Protected Network's Hostname must be encrypted.
Error-Reporting-Host AVP Hiding is performed only on Answer messages that meet the following
criteria:
• Message is a candidate for Topology Hiding as defined by topology Trigger Point ATH in Table
• At least one of the Error-Reporting-Host AVPs contains a Protected Network's Hostname
Set is assigned to the Protected Network)
An example of Error-Reporting-Host AVP Hiding for an Answer message received from a Protected
Network that is being forwarded to an Untrusted Network is shown in Figure 23: Error-Reporting-Host
AVP Hiding.
Figure 23: Error-Reporting-Host AVP Hiding
elements that are used for Error-Reporting-Host Topology Hiding:
host names to hide when messages are forwarded to Untrusted Networks. Any Error-Reporting-Host
AVPs with a Hostname not matching an entry in this Hostname Suffixes list will not be hidden.
• Error-Reporting-Host Encryption Key - User-configured encryption key that must be used for
encrypting the Error-Reporting-Host AVP value. A user-configured encryption key allows the
Error-Reporting-Host AVP value to be decrypted in troubleshooting, if required.
S6a/S6d HSS Topology Hiding

S6a/S6d HSS Topology Hiding is concerned with hiding the identities of a Protected Network's HSS
when it exchanges messages with Untrusted Networks. An HSS's host name is embedded in the
Origin-Host and Session-Id AVPs sent in Request messages and the Origin-Host AVP sent in Answer
messages. This capability is associated with the Diameter S6a/S6d application message set defined in
3GPP TS 29.272, Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related
interfaces based on Diameter protocol.

S6a/S6d HSS Topology Hiding determines which entity (HSS or MME/SGSN) initiated a message
based on the Command Code in the message.
HSS identities are hidden by replacing the Hostname portion of the Origin-Host and Session-Id AVPs
(Session-Id format: <host name><implementation portion>) with an operator-defined HSS Pseudo
Hostname that is assigned to the Protected Network in the S6a/S6d HSS Topology Hiding Configuration
Set.
Protected-HSS to Untrusted-MME/SGSN Transactions

For Protected-HSS to Untrusted-MME/SGSN Diameter transactions, S6a/S6d HSS Topology Hiding
is concerned with the following topology information hiding and restoral issues:
• The AVPs containing an HSS's Actual Hostname in Request messages must be hidden with the
single HSS Pseudo Hostname assigned to the Protected Network at TH Trigger Point RTH.
• The MME/SGSN will send an Answer response to the transaction with the Session-Id received in
the Request (which also contains an HSS Pseudo Hostname). Because the Session-Id value returned
in the Answer must match the value sent in the Request, the HSS Pseudo Hostnames in the Answer
message Session-Id AVP must be restored with the HSS Hostname or Hostnames sent in the Request
message.
The Session-Id AVP values are restored at TH Trigger Point ATR, from the Hostname portion of
the Session-Id AVP value that is saved in the Pending Transaction Record (PTR).
The Hostname restoral procedure is not required for Answers initiated by internal nodes (Diameter
Routing Function and applications) as these Answer responses are based upon the original Request
message content and thus do not contain Pseudo Hostnames.
If a single S6a/S6d pseudo-hostname per S6a/S6d HSS TH Configuration Set is used, then that
pseudo-hostname is used for hiding actual S6a/S6d host name. If multiple pseudo-names per actual
host-name are used, then contents of User-Name AVP are used to select pseudo-host. In S6a/S6d,
subscriber's IMSI is carried in the User-Name AVP. The content of the User-Name AVP content may
be one of the following forms:
• IMSI
• IMSI@realm
It is not necessary to extract the IMSI portion from the User-Name AVP value. The User-Name AVP
value content will be the same in all transactions associated with subscriber. Therefore, the algorithm
for mapping actual S6a/S6d HSS host name to one of the pseudo-names assigned to the S6a/S6d HSS
will be as follows:
• Pseudo-Host Name Selected = Function (User-Name AVP Content) MODULO (Number of
Pseudo-Host Names assigned to this S6a/S6d HSS Host Name)
An example of a Protected-HSS to Untrusted-MME/SGSN Diameter transaction is shown in Figure
24: S6a/S6d HSS TH Protected-HSS to Untrusted-MME/SGSN Diameter Transaction.

Figure 24: S6a/S6d HSS TH Protected-HSS to Untrusted-MME/SGSN Diameter Transaction
For Protected-HSS to Untrusted-MME/SGSN transactions, S6a/S6d HSS topology information hiding

is required only on Request messages that meet the following criteria:
• Message was a candidate for Topology Hiding as defined by TH Trigger Point RTH in Table 73:
• S6a/S6d HSS Topology Hiding is enabled for the Protected Network (an S6a/S6d HSS Topology
Hiding Configuration Set is assigned to the Protected Network)
• The Request message is a member of the S6a/S6d message set and was initiated by an HSS as
determined from the Command Code in the message
For Protected-HSS to Untrusted-MME/SGSN transactions, S6a/S6d HSS topology information hiding
is performed only on Answer messages that meet the following criterion:
• At TH Trigger Point ATR, the S6a/S6d HSS TH ATR flag in the PTR associated with the Answer
When the above criterion is met, Session-Id AVP restoral will be performed using the HSS's Actual
Hostname stored in the PTR.
Untrusted-MME/SGSN to Protected-HSS Transactions

For Untrusted-MME/SGSN to Protected-HSS Diameter transactions, S6a/S6d HSS TH is concerned
with the following topology information hiding and restoral issue:
• The Destination-Host AVP contains an S6a/S6d HSS pseudo-host name. If a single pseudo-name
is assigned in S6a/S6d HSS TH Configuration Set, then no restoral of the Destination-Host is done
by TH (instead the operator can deploy host Resolution Application such as RBAR/FABR) . If a
single pseudo-name is not assigned per S6a/S6d HSS Configuration Set and instead a unique
pseudo-name is assigned per actual S6a/S6d HSS name, then the pseudo-host name must be
replaced with the S6a/S6d HSS actual-host name at TH trigger point RTR.
An Untrusted-MME/SGSN to Protected-HSS Request message may not contain an S6a/S6d HSS
pseudo-host name. If the Destination-Host AVP value does not match an entry in the TH
Pseudo-Host Name, then no host name conversion is required and the Request message will be
routed as normal. The Destination-Host name conversion is performed to prevent the following
problems:
• Certain S6a/S6d HSS's will not accept messages that do not contain its actual host name
• Diameter outing problems associated with pseudo-host names. For example, DRL Implicit
Routing currently only works with actual host names (for example, the FQDN assigned to the
Peer Node and used for the Capabilities Exchange procedure [CER/CEA])

• The S6a/S6d HSS-initiated Answer response will contain an actual S6a/S6d HSS host name in the
Origin-Host AVP. This must be hidden with the S6a/S6d HSS pseudo-host name assigned to the
Protected Network at TH trigger point ATH.
For Untrusted-MME/SGSN to Protected-HSS transactions, S6a/S6d HSS topology information hiding
is required only on Answer messages that meet the following criteria:
• Message was a candidate for Topology Hiding as defined by topology Trigger Point ATH in Table
• S6a/S6d HSS Topology Hiding is enabled for the Protected Network (an S6a/S6d HSS Topology
• The Answer message is a member of the S6a/S6d message set and was initiated by an HSS as
determined from the Command Code in the message
Restoral of a Protected-HSS's actual-host name in the Untrusted-MME/SGSN to Protected-HSS Request
message is not performed by topology hiding if a single pseudo-name is used in S6a/S6d HSS TH
Configuration Set assigned to a protected network. Instead, this replacement function is required of
a HSS Address Resolution application such as FABR or RBAR applications.
HSS
An example of an Untrusted-MME/SGSN to Protected-HSS Diameter transaction is shown in Figure
25: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction and when pseudo-name per
S6a/S6d HSS host name in S6a/S6d HSS TH Configuration Set.
Figure 25: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction
Figure 26: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction
Restoral of a Protected-HSS's actual-host name in the Untrusted-MME/SGSN to Protected-HSS Request

message is performed by topology hiding if a unique pseudo-name is assigned per S6a/S6d HSS host
name in S6a/S6d HSS TH Configuration Set.
For Untrusted-HSS to Protected-MME/SGSN transactions, S6a/S6d HSS topology hiding is only
invoked on Request messages which meet the following criteria:
• Message was a candidate for topology hiding as defined by topology trigger point RTR

• S6a/S6d HSS TH is enabled for the Protected Network (S6a/S6d HSS TH Configuration Set is
assigned to the Protected Network)
• The Request message is a member of the S6a/S6d message set and was initiated by an MME/SGSN
• The Destination-Host AVP contains an S6a/S6d HSS pseudo-host name that is assigned to the
Protected Network as determined from the internal S6a/S6d HSS TH Pseudo-Host Name
MME/SGSN Topology Hiding

MME/SGSN Topology Hiding is concerned with hiding the identity of a Protected Home Network's
MME/SGSNs and the number of MME/SGSNs in the network, when it exchanges messages with
Untrusted Networks. A MME/SGSN's identity is embedded in the Origin-Host and Session-ID AVPs
sent in Request messages and in the Origin-Host AVP sent in Answer messages. MME/SGSN Topology
Hiding is associated with the Diameter S6a/S6d application message set defined in 3GPP TS 29.272,
Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based
on Diameter protocol.
MME/SGSN Topology Hiding determines which entity (HSS or MME/SGSN) initiated an S6a/S6d
message based on the Command Code in the message.
MME/SGSN identities are hidden by replacing the Actual Hostname portion of the Origin-Host and
Session-ID AVPs (Session-ID format: <host name><implementation portion>) with an MME/SGSN
Pseudo Hostname. The Origin-Host and Session-ID AVPs can have different MME/SGSN Hostnames.
A unique Pseudo Hostname must be created for each MME/SGSN in a Protected Network. When the
MME/SGSN initiates a transaction to the HSS, the HSS saves the MME/SGSN's identity for use in
subsequent HSS-to-MME/SGSN transactions. This MME/SGSN Pseudo Hostname must not only be
unique, but the DEA must be able to convert the MME/SGSN's Pseudo Hostname to an Actual
MME/SGSN Hostname for these subsequent HSS-to-MME/SGSN transactions.
In order to hide the number of MME/SGSNs in a network, each MME/SGSN will be assigned either
a random or fixed number of Pseudo Hostnames. A maximum number is defined by the Count in the
Pseudo Hostname Generation attribute of the MME/SGSN Topology Hiding Configuration Set. The
Randomize Count creates a random number of Pseudo Hostnames, between 1 and the Count value,
that are associated with an Actual Hostname. This procedure of creating randomized MME/SGSN
Pseudo Hostnames and assigning them to an Actual Pseudo Hostname is performed by the GUI, then
used by the Diameter Routing Function. The created MME/SGSN TH Hostnames allow the Diameter
Routing Function to map a Protected-MME/SGSN Actual Hostname to a set of MME/SGSN Pseudo
Hostnames, and to map a MME/SGSN Pseudo Hostname received from an Untrusted-HSS to a
Protected-MME/SGSN Actual Hostname.
Table 83: Example of Configuration of MME/SGSN TH Hostnames for a Protected Network shows an example
of MME/SGSN TH Host Names configuration for a Protected Network with a maximum of 3 randomly
created Pseudo Hostnames.
Table 83: Example of Configuration of MME/SGSN TH Hostnames for a Protected Network
MME/SGSN TH Configuration Set MME/SGSN Pseudo

Name MME/SGSN Actual Hostname Hostnames
Protected Network-1 MME/SGSN mme1.westregion.example.com mme042.example.com
Config
mme821.example.com

Config

MME/SGSN TH Configuration Set MME/SGSN Pseudo

Name MME/SGSN Actual Hostname Hostnames
Config
mme773.example.com
mme092.example.com
Protected Network-1 MME/SGSN mme1.eastregion.example.com mme922.example.com

Config
mme729.example.com

Config
mme002.example.com
mme655.example.com

Config
Config
mme249.example.com
mme447.example.com
Protected Network-1 MME/SGSN mme1.texasregion.example.com mme776.example.com

Config
mme077.example.com

Config
mme622.example.com
mme861.example.com

Config
Protected-MME/SGSN to Untrusted-HSS Transactions

For Protected-MME/SGSN to Untrusted-HSS Diameter transactions, MME/SGSN Topology Hiding
is concerned with the following topology information hiding and restoral issues:
• The AVPs containing an MME/SGSN's Actual Hostname in Request messages must be hidden
with one of the Pseudo Hostnames assigned to the MME/SGSN at TH Trigger Point RTH.
• The HSS saves the subscriber's location using the Origin-Host AVP contents containing a Pseudo
Hostname. In subsequent HSS-to-MME/SGSN transactions, the MME/SGSN will be addressed
by one of its Pseudo Hostnames, requiring a Pseudo-to-Actual Hostname restoral.
• All MME/SGSN-to-HSS transactions associated with a particular subscriber must use the same
MME/SGSN Pseudo Hostname. Otherwise, the HSS will think that the subscriber has moved to
another MME/SGSN and unnecessarily change the subscriber's location. For S6a/S6d transactions,
the subscriber associated with the transaction is identified by an IMSI, which for the S6a/S6d
message set is embedded in the User-Name AVP, a mandatory AVP in all MME/SGSN-to-HSS
Request messages.

Note: Although the Origin-Host and Session-ID AVPs both have MME/SGSN Actual Hostnames,
the names could be different. Because the HSS associates the MME/SGSN's location based on the
Origin-Host AVP content, it is the MME/SGSN Actual Hostname in the Origin-Host AVP that
must be used for selecting a MME/SGSN Pseudo Hostname. This MME/SGSN Pseudo Hostname
can be used to replace both of the Hostname fields in the forwarded Request message.
• The HSS sends an Answer response to the transaction with the Session-ID received in the Request
and containing an MME/SGSN Pseudo Hostname. Because the Session-ID value returned in the
Answer must match the value in the Request, the MME/SGSN Pseudo Hostname in the Session-ID
AVP must be replaced with its corresponding value received in the Request message. The value
is restored at TH Trigger Point ATR, with the Hostname portion of the Session-ID AVP value that
is stored in the PTR.
This Hostname restoral procedure is not required for Answers initiated by diameter internal nodes
(the Diameter Routing Function and applications) as these Answer responses are based upon the
original Request message content.
An example of a Protected-MME/SGSN to Untrusted-HSS Diameter transaction is shown in Figure

27: MME/SGSN TH Protected-MME/SGSN to Untrusted HSS Transaction.
Figure 27: MME/SGSN TH Protected-MME/SGSN to Untrusted HSS Transaction
In S6a/S6d, the subscriber's IMSI is carried in the User-Name AVP. The content of the User-Name
AVP content can be one of the following forms:
• IMSI
• IMSI@realm
It is not necessary to extract the IMSI portion from the User-Name AVP value. The User-Name AVP
value content will be the same in all transactions associated with subscriber.
For Protected-MME/SGSN to Untrusted-HSS transactions, S6a/S6d HSS Topology Hiding is required
only on Request messages that meet the following criteria:
• Message was a candidate for Topology Hiding as defined by topology Trigger Point RTH in Table
• MME/SGSN Topology Hiding is enabled for the Protected Network (an MME/SGSN TH
Configuration Set is assigned to the Protected Network)
as determined from the Command Code in the message
• The Origin-Host and/or Session-ID AVPs in the Request contain an MME/SGSN Actual Hostname
assigned to the Protected Network in its MME/SGSN Topology Hiding Configuration Set.
For Protected-MME/SGSN to Untrusted-HSS transactions, MME/SGSN topology information restoral
is performed only on Answer messages that meet the following criterion:

• At TH Trigger Point ATR, the MME/SGSN TH ATR flag in the PTR associated with the Answer
Untrusted-HSS to Protected-MME/SGSN Transactions

When an Untrusted-HSS initiates a transaction to a Protected-MME/SGSN, it is typically addressed
to one of the MME/SGSN's Pseudo Hostnames that the HSS saved in a previous MME/SGSN-to-HSS
transaction for which MME/SGSN Topology Hiding was applied. For Untrusted-HSS to
Protected-MME/SGSN Diameter transactions, MME/SGSN Topology Hiding is concerned with the
following topology information hiding and restoral issues:
• The Destination-Host AVP contains a MME/SGSN Pseudo Hostname that must be replaced with
the MME/SGSN's Actual Hostname at TH Trigger Point RTR. Pseudo-to-Actual Hostname mapping
is performed using the list of created MME/SGSN TH Hostnames described in MME/SGSN Topology
Hiding. It is acceptable that an Untrusted-HSS to Protected-MME/SGSN Request message does
not contain a MME/SGSN Pseudo Hostname. If the Destination-Host AVP value does not match
an entry in the MME/SGSN TH Host Names list, then no Hostname conversion is required and
the Request message will be routed normally. Destination-Hostname conversion is performed to
prevent the following problems:
• Certain MME/SGSNs will not accept messages that do not contain its Actual Hostname.
• Diameter routing problems associated with Pseudo Hostnames. For example, Diameter Implicit
Routing works only with Actual Hostnames (such as the FQDN assigned to the Peer Node and
used for the Capabilities Exchange procedure [CER/CEA]).
• An Origin-Host AVP containing an MME/SGSN's Actual Hostname in the Answer response from
the Protected-MME/SGSN must be hidden with one of the Pseudo Hostnames assigned to that
MME/SGSN. This is done at TH Trigger Point ATH.
An example of an Untrusted-HSS to Protected-MME/SGSN Diameter transaction is shown in Figure
28: MME/SGSN TH Untrusted-HSS to Protected MME/SGSN Transaction.
Figure 28: MME/SGSN TH Untrusted-HSS to Protected MME/SGSN Transaction
For Untrusted-HSS to Protected-MME/SGSN transactions, S6a/S6d HSS Topology Hiding is invoked

only on Request messages that meet the following criteria:
• Message was a candidate for topology Hiding as defined by TH Trigger Point RTR in Table 73:
• MME/SGSN Topology Hiding is enabled for the Protected Network (an MME/SGSN Topology
• The Destination-Host AVP contains a MME/SGSN Pseudo Hostname that is assigned to the
Protected Network as determined from the list of created MME/SGSN TH Host Names described
in MME/SGSN Topology Hiding.

For Untrusted-HSS to Protected-MME/SGSN transactions, S6a/S6d HSS Topology Hiding is invoked

only on Answer messages at TH Trigger Point ATH that meet the following criteria:
• Message was a candidate for Topology Hiding as defined by topology Trigger Point ATH in Table
• MME/SGSN Topology Hiding is enabled for the Protected Network (an MME/SGSN Topology
• The Answer message is a member of the S6a/S6d message set and was initiated by an MME/SGSN
• The Origin-Host AVP contains an MME/SGSN Actual Hostname that is assigned to the Protected
Network in its MME/SGSN Topology Hiding Configuration Set.
S9 PCRF Topology Hiding

S9 PCRF Topology Hiding is concerned with hiding the identities of a Protected Network's PCRFs,
as well as the number of PCRFs in the network, when it exchanges messages with Untrusted Networks.
A PCRF's identity is embedded in the Origin-Host and Session-ID AVPs sent in Request messages
and the Origin-Host AVP sent in Answer messages. This capability (and S9 AF/pCSCF Topology
Hiding) is associated with the Diameter S9 and Rx application message set.
S9 PCRF topology hiding is concerned with all S9 messages and Rx messages when AF/pCSCF is
deployed in client/server mode. If the PCRF is deployed in client/server mode for Rx messages, then
S9 AF/pCSCF TH Configuration Set should not be enable for the protected network.
Note: All S9 messages initiated by hPCRF or vPCRF will have S9 PCRF Topology Hiding applied (if
enabled). If S9 AF/pCSCF TH is not enabled, then all Rx messages initiated by hPCRF or vPCRF will
have S9 PCRF Topology Hiding applied (if enabled). If S9 AF/pCSCF TH is enabled (i.e., if vPCRF is
proxying AF/pCSCF messages to hPCRF), then only AAA/STA/RAR and ASR Rx messages will
have PCRF TH applied.
PCRF identities are hidden by replacing the actual host name portion of the Origin-Host and Session-ID
AVPs with a PCRF pseudo-host name. The Origin-Hose and Session-ID AVPs may have different
PCRF host names. A unique pseudo- name must be created for each PCRF in a Protected Network.
When the vPCRF initiates a transaction to the hPCRF, the hPCRF saves the vPCRF's identity for use
in subsequent hPCRF-to-vPCRF transactions. This vPCRF pseudo-host name must not only be unique,
but the DEA must be able to convert the vPCRF's pseudo-name to an actual vPCRF host name for
these subsequent hPCRF to vPCRF transactions.
In order to hide the number of PCRFs in a network, each PCRF will be assigned either a random or
fixed number of pseudo-host names (the maximum is defined by an S9 PCRF TH Configuration Set
attribute called Maximum Pseudo-Host Names per PCRF). The GUI will create the randomized PCRF
pseudo-host names and assign them to actual pseudo-host names to be used by DRL. The TH Host
Names will allow DRL to map a Protected-PCRF actual-host name to a set of PCRF pseudo-host names
as well as map a PCRF pseudo-host named received from an Untrusted Network to a Protected-PCRF
actual-host name.
Protected-vPCRF to Untrusted-hPCRF Transactions

When vPCRF is in a Protected Network, S9 Diameter sessions are initiated by vPCRF in a Protected
Network on behalf of an inbound roamer to request PCC or QoS rules to the hPCRF.
When AF/pCSCF and PCRF are in a Protected Network and AF/pCSCF uses vPCRF in client/server
mode to communicate Rx messages initiated by vAF/pCSCF to hPCRF in an Untrusted network, then
S9 PCRF TH is used to hide PCRF host names to an Untrusted Network.

For Protected-vPCRF to Untrusted-hPCRF S9 Diameter transactions, S9 PCRF TH is concerned with

the following topology information hiding and restoral issues:
• The AVPs containing a PCRF's actual-host name in Request messages must be hidden with one of
the pseudo-host names assigned to the PCRF at TH trigger point RTH
• The Untrusted network's PCRF (hPCRF in this case) will save the subscriber's location using the
Origin-Host AVP contents containing a pseudo-host name. This has the following impact:
• In subsequent hPCRF-vPCRF transactions(e.g RAR/ASR), the vPCRF may be addressed by one
of its pseudo-host names requiring a pseudo-to-actual name restoral
• All vPCRF-to-hPCRF transactions associated with a particular session must use the same vPCRF
pseudo-host name. The Session is identified by Session-ID AVP, a mandatory AVP in all S9/Rx
messages.
Note: Although the Origin-Host and Session-ID AVPs both have actual PCRF host names, they
may be different. Because S9/Rx is a session based application , actual PCRF host names must
be restored in subsequent hPCRF-vPCRF transactions. Hence both Origin-Host and Session-ID
AVPs must be selected from Actual Host Names in S9 PCRF TH.
• The hPCRF will send an Answer response to the transaction with the Session-ID received in the
Request (also containing a PCRF pseudo-host name). Because the Session-ID value returned in the
Answer must match the Request, the PCRF pseudo-host name in the Session-ID AVP must be
replaced with its corresponding value received in the Request message. This value is restored at
TH trigger point ATR. This will require saving the host name portion of the Session-ID AVP value
in the PTR. This host name restoral procedure is not required for Answers initiated by internal
nodes as these Answer responses are based upon the original Request message content
An example of a Protected-vPCRF to Untrusted-hPCRF Diameter transaction is shown in Figure 29:
Protected-vPCRF to Untrusted-hPCRF Transaction.
Figure 29: Protected-vPCRF to Untrusted-hPCRF Transaction
To ensure all S9/Rx messages for the same session are modified using the same pseudo-name, the
Session-ID AVP can be used as a key to select a Pseudo Host Name for an Actual Host Name.
Untrusted-hPCRF to Protected-vPCRF Transactions

For Protected-vPCRF to Untrusted-hPCRF S9/Rx transactions, PCRF topology hiding is only required
on Request messages which meet the following criteria:
• The message was a candidate for topology hiding as defined by topology trigger point RTH and
• S9 PCRF TH is enabled for the Protected network (S9 PCRF TH Configuration Set is assigned to
the Protected Network) and

• The Request message is a member of the S9 message and was initiated by a PCRF or
• The Request message is a member of the Rx message set and was initiated by a PCRF and S9
AF/pCSCF TH is not enabled and
• The Origin-Host and/or Session-ID AVPs in the Request contain an actual PCRF host name assigned
to the Protected Network via the S9 PCRF Configuration Set.
For Protected-vPCRF to Untrusted-hPCRF transactions, PCRF topology information restoral is only
performed on Answer messages which meet the following criteria:
• At topology trigger point ATR, the PCRF TH ATR flag in the PTR associated with the Answer
When an Untrusted-hPCRF initiates a transaction to a Protected-vPCRF, it will most likely be addressed
to one of the vPCRF pseduo-host names that the hPCRF saved in a previous vPCRF-to-hPCRF
transaction for which S9 PCRF TH was applied. For Untrusted-hPCRF to Protected-vPCRF Diameter
transactions (RAR, ASR, and so on), S9 PCRF TG is concerned with the following topology information
hiding and restoral issues:
• The Destination-Host AVP contains a vPCRF pseudo-host name. This pseudo-host name must be
replaced with the vPCRF's actual-host name at TH trigger point RTR. Pseudo-to-actual host name
mapping is performed using the internal TH Host Names. It's perfectly acceptable that an
Untrusted-hPCRF to Protected-vPCRF Request message does not contain a PCRF pseudo-host
name. If the Destination-Host AVP value does not match an entry in the TH Pseudo-Host Name,
then no host name conversion is required and the Request message will be routed as normal.
Destination-Host name conversion is performed to prevent the following problems:
• Certain vPCRFs will not accept messages that do not contain its actual host name
• Diameter routing problems associated with pseudo-host names. For example, DRL Implicit
Peer Node and used for the Capabilities Exchange procedure [CER/CEA]).
• The host portion of Session-ID AVP containing a PCRF pseudo-host name must be replaced back
with vPCRF's actual host name at TH trigger point RTR. Pseudo-to-actual host name mapping is
performed using the internal TH Host Names.
• An Origin-Host AVP containing a vPCRF's actual-host name in the Answer response from the
Protected-vPCRF must be hidden with one of the pseudo-host names assigned to that PCRF. This
procedure is done at TH trigger point ATH.
• Session-ID AVP containing a vPCRF's actual-host name in the Answer response from the
Protected-vPCRF must be hidden with one of the pseudo-host names assigned to that PCRF. This
is done at TH trigger point ATH.
An example of an Untrusted-hPCRF to Protected-vPCRF Diameter transaction is shown in Figure 30:
Untrusted-hPCRF to Protected-vPCRF Diameter Transaction.
Figure 30: Untrusted-hPCRF to Protected-vPCRF Diameter Transaction

For Untrusted-hPCRF to Protected-vPCRF transactions, S9 PCRF TH is only invoked on Request

messages at topology trigger point RTR which meet the following criteria:
• The message was a candidate for topology hiding as defined by topology trigger point RTR and
• S9 PCRF TH is enabled for the Protected Network (S9 PCRF TH Configuration Set is assigned to
• The Request message is a member of the S9 message set and was initiated by a PCRF or
• The Request message is a member of Rx message set and was initiated by a PCRF and S9 AF/pCSCF
TH is not enabled and
• The Destination-Host AVP or host portion of Session-ID AVP contains a PCRF pseudo-host name
that is assigned to the Protected Network as determined from the internal Pseudo-Host Name
For Untrusted-hPCRF to Protected-vPCRF transactions, S9 PCRF HSS topology hiding is only invoked
on Answer messages at topology trigger point ATH which meet the following criteria:
• Message was a candidate for topology hiding as defined by topology trigger point ATH
the Protected Network)
• The Answer message is a member of the S9 message set and was initiated by a PCRF or
• The Answer message is a member of Rx message set and was initiated by a PCRF and S9 AF/pCSCF
• The Origin-Host AVP or host portion of Session-ID AVP contains an actual PCRF host name that
is assigned to the Protected Network via the S9 PCRF TH Configuration Set
Protected-hPCRF to Untrusted-vPCRF Transactions

When an hPCRF is in Protected Network, S9 Diameter sessions are initiated by a vPCRF in an Untrusted
Network on behalf of an outbound roamer to request PCC or QoS rules to the hPCRF. hPCRF can
send RAR in the session initiated by vPCRF.
When AF/pCSCF and PCRF is in an Untrusted network and AF/pCSCF uses vPCRF in client/server
mode to communicate Rx messages initiated by vAF/pCSCF to hPCRF in a Protected Network, then
S9 PCRF TH is used to hide PCRF host names from an Untrusted Network. hPCRF can send RAR or
ASR messages in the session intiated vPCRF.
For Protected-hPCRF to Untrusted-vPCRF S9 Diameter transactions, S9 PCRF TH is concerned with
the following topology information hiding and restoral issues:
• S9 Sessions are initiated from untrusted network using CCR and Rx Sessions are initiated from
untrusted network using AAR. Hence the host portion of Session-ID AVP will contain the host of
untrusted network which does not need to be hidden.
• The Origin-Host AVP containing an PCRF's actual-host name in Request messages must be hidden
with one of the pseudo-host names assigned to the PCRF at TH trigger point RTH.
An example of a Protected-hPCRF to Untrusted-vPCRF Diameter transaction is shown in Figure 31:
Protected-hPCRF to Untrusted-vPCRF Transaction.
Figure 31: Protected-hPCRF to Untrusted-vPCRF Transaction

To ensure all S9/Rx messages for same session are modified using same pseudo-name , Session-ID
AVP can be used as key to select a Pseudo Host Name for an Actual Host Name.
For Protected-hPCRF to Untrusted-vPCRF S9/Rx transactions, PCRF topology hiding is only required
on Request messages which meet the following criteria:
• The Request message is a member of the S9/Rx message set and was initiated by a PCRF and
• The Origin-Host AVP in the Request contain an actual PCRF host name assigned to the Protected
Network via the S9 PCRF TH Configuration Set
Untrusted-vPCRF to Protected-hPCRF Transactions

When an Untrusted-vPCRF initiates a transaction to a Protected-hPCRF, it will most likely be addressed
to one of the hPCRF pseudo-host names that the vPCRF saved in a previous hPCRF-to-vPCRF
transaction for which PCRF TH was applied. For Untrusted-vPCRF to Protected-hPCRF Diameter
transactions (CCR, AAR/STR, and so on), PCRF TH is concerned with the following topology
information hiding and restoral issues:
• The Destination-Host AVP contains a PCRF pseudo-host name. This pseudo-host name must be
replaced with the hPCRF's actual-host name at TH trigger point RTR. Pseudo-to-actual host name
mapping is performed using the internal TH Host Names table. It's perfectly acceptable that an
Untrusted-vPCRF to Protected-hPCRF Request message does not contain a PCRF pseudo-host
name. If the Destination-Host AVP value does not match an Pseudo-Host Name entry in the TH
Host Names, then no host name conversion is required and the Request message will be routed as
normal. Destination-Host name conversion is performed to prevent the following problems:
• Certain hPCRFs will not accept messages that do not contain its actual host name
Routing currently only works with actual host names (i.e., the FQDN assigned to the Peer Node
and used for the Capabilities Exchange procedure (CER/CEA))
• An Origin-Host AVP containing an vPCRF's actual-host name in the Answer response from the
Protected-hPCRF must be hidden with one of the pseudo-host names assigned to that PCRF . This
is done at TH trigger point ATH.
An example of an Untrusted-vPCRF to Protected-hPCRF Diameter transaction is shown in Figure 32:
Untrusted-vPCRF to Protected-hPCRF Transaction.
Figure 32: Untrusted-vPCRF to Protected-hPCRF Transaction
For Untrusted-vPCRF to Protected-hPCRF transactions, S9 PCRF HSS topology hiding is only invoked
on Request messages at topology trigger point RTR which meet the following criteria:
• Message was a candidate for topology hiding as defined by topology trigger point RTR and

• The Request message is a member of the S9 message set and was initiated by a PCRF as determined
and
• The Request message is a member of Rx message set and was initiated by a PCRF and S9 AF/pCSCF
• The Destination-Host AVP contains a PCRF pseudo-host name that is assigned to the Protected
Network as determined from the internal Pseudo-Host Name
For Untrusted-vPCRF to Protected-hPCRF transactions, S9 PCRF HSS topology hiding is only invoked
on Answer messages at topology trigger point ATH which meet the following criteria:
the Protected Network)
• The Answer message is a member of the S9 message set and was initiated by a PCRF
• The Origin-Host AVP contains an actual PCRF host name that is assigned to the Protected Network
via the S9 PCRF TH Configuration Set
S9 AF/pCSCF Topology Hiding

S9 AF/pCSCF Topology Hiding is concerned with hiding the identities of a Protected Network's
AF/pCSCFs, as well as the number of AF/pCSCFs in the network, when it exchanges messages with
Untrusted Networks. An AF/pCSCF identity is embedded in the Origins-Host and Session-ID AVPs
sent in Request messages and the Origin-Host AVP sent in Answer messages. This capability is
associated with the Diameter Rx application message set.
S9 AF/pCSCF topology hiding is concerned with Rx messages when AF/pCSCF is deployed in proxy
mode. If PCRF is deployed in client/server mode for Rx messages, then S9 AF/pCSCF TH Configuration
Set should be enabled for the protected network. If S9 AF/pCSCF TH is enabled (for example, if vPCRF
is proxying AF/pCSCF messages to hPCRF), then only AAR/STR and RAA/ASA will have S9 PCRF
TH applied.
AF/pCSCF identities are hidden by replacing the actual host name portion of the Origin-Host and
Session-ID AVPs with AF/pCSCF pseudo-host name. The Origin-Host and Session-ID AVPs may
have different AF/pCSCF host names. A unique pseudo name must be created for each AF/pCSCF
in a Protected Network. When the vAF/pCSCF initiates a transaction to the hPCRF, the hPCRF saves
the vAF/pCSCF's identity for use in subsequent hPCRF-to-vAF/pCSCF transactions. This vAF/pCSCF's
pseudo-host name must not only be unique, but the DEA must be able to convert the vAF/pCSCF's
pseudo-name to an actual vAF/pCSCF host name for these subsequent hPCRF to vAF/pCSCF
transactions.
To hide the number of AF/pCSCFs in a network, each AF/pCSCF will be assigned either a random
or fixed number of pseudo-host names (the maximum is defined by an S9 AF/pCSCF TH Configuration
Set attribute called Maximum Pseudo-Host Names per AF/pCSCF). This procedure of creating
randomized AF/pCSCF pseudo-host names and assigning them to actual pseudo-host names will be
performed by the GUI and the used by D RL. The TH Host Names MO will allow DRL to map a
Protected-AF/pCSCF actual-host name to a set of AF/pCSCF pseudo-host names as well as map an
AF/pCSCF pseudo-host name received from an Untrusted network to a Protected-AF/pCSCF
actual-host name.

Protected-vAF/pCSCF to Untrusted-hPCRF Transactions

When AF/pCSCF and PCRF are in a Protected Network and AF/pCSCF uses vPCRF in proxy mode
to communicate Rx messages initiated by vAF/pCSCF to hPCRF in Untrusted Network, then S9
AF/pCSCF TH is used to hide AF/pCSCF host names to Untrusted Network.
For Protected-vAF/pCSCF to Untrusted-hPCRF Rx Diameter transactions, S9 AF/pCSCF TH is
concerned with the following topology information and restoral issues:
• The AVPs containing an AF/pCSCF's actual-host name in Request message must be hidden with
one of the pseudo-host names assigned to the AF/pCSCF at TH trigger point RTH
• The Untrusted Network's PCRF (hPCRF in this case) will save the subscriber's location using the
Origin-Host AVP contents containing a pseudo-host name. This action has the following impact:
• In subsequent hPCRF-vAF/pCSCF transactions (for example, RAR/ASR), the vAF/pCSCF will
be addressed by on of its pseudo-host names requiring a pseudo-to-actual name restoral
• All vAF/pCSCF-to-hPCRF transactions associated with a particular session must use the same
vAF/pCSCF pseudo-host name. The Session is identified by Session-ID AVP, a mandatory AVP
in all S9/RX messages.
Note: Although the Origin-Host and Session-ID AVPs both have actual AF/pCSCF host names,
the may be different. Because Rx is a session based application, actual AF/pCSCF host names
must be restored in subsequent hPCRF-vAF/pCSCF transactions. Hence the Origin-Host and
Session-ID AVPs must be selected from the Actual Host Names TH Host Names.
• The hPCRF will send an Answer response to the transaction with the Session-ID received in the
Request (containing an AF/pCSCF pseudo-host name). Because the Session-ID value returned in
the Answer must match the Request, the AF/pCSCF pseudo-host name in the Session-ID AVP
must be replaced with its corresponding value received in the Request message. This value is
restored at TH trigger point ATR. This will require saving the host name portion of the Session-ID
AVP value in the PTR. This host name restoral procedure is not required for Answers initiated by
internal nodes as these Answer responses are based upon the original Request message content.
An example of a Protected-vAF/pCSCF to Untrusted-hPCRF Diameter transaction is shown in Figure
33: Protected vAF/pCSCF to Untrusted-hPCRF Transaction.
Figure 33: Protected vAF/pCSCF to Untrusted-hPCRF Transaction
To ensure all Rx messages for the same session are modified using the same pseudo-name, Session-ID
AVP can be used as a key to select a Pseudo Host Name for an Actual Host Name.
For Protected-vAF/pCSCF to Untrusted-hPCRF Rx transactions, S9 Af/pCSCF topology hiding is
only required on Request messages at topology hiding point RTH which meet the following criteria:
• S9 AF/pCSCF TH is enabled for the Protected Network (S9 PCRF TH Configuration Set is assigned
to the Protected Network) and

• The Request message is a member of the Rx message set and was initiated by an AF/pCSCF and
• The Origin-Host and/or Session-ID AVPs in the Request contain an actual AF/pCSCF host name
assigned to the Protected Network via the S9 AF/pCSCF TH Configuration Set.
For Protected-vAF/pCSCF to Untrusted-hPCRF transactions, AF/pCSCF topology information restoral
is only performed on Answer messages which meet the following criterion:
• At TH Trigger Point ATR, the AF/pCSCF TH ATR flag in the PTR associated with the Answer
Untrusted-hPCRF to Protected-vAf/pCSCF Transactions

When an Untrusted-hPCRF initiates a transaction to a Protected-vAF/pCSCF, it will most likely be
addressed to one of the vAF/pCSCF pseudo-host names that the hPCRF saved in a previous
vAF/pCSCF-to-hPCRF transaction for which S9 AF/pCSCF TH was applied. For Untrusted-hPCRF
to Protected-vAF/pCSCF Diameter transactions (RAR, ASR, and so on), S9 AF/pCSCF TH is concerned
with the following topology information hiding and resotral issues:
• The Destination-Host AVP contains a vAF/pCSCF pseudo-host name. This pseudo-host name
must be replaced with the vAF/pCSCF's actual-host name at TH trigger point RTR. It's perfectly
acceptable that an Untrusted-hPCRF to Protected-vAF/pCSCF Request message does not contain
a vAF/pCSCF pseudo-host name. If the Destination-Host AVP value does not match a Pseudo-Host
entry in the TH Host Name table , then no host name conversion is required and the Request
message will be routed as normal. Destination-Host name conversion is performed to prevent the
following problems:
• Certain vAF/pCSCF's will not accept messages that do not contain its actual host name
Peer Node and used for the Capabilities Exchange procedure (CER/CEA)).
• The host portion of Session-ID AVP containing a vAF/pCSCF pseudo-host name must be
replaced back with vAF/pCSCF's actual host name at TH trigger point RTR
• An Origin-Host AVP containing an vAF/pCSCF's actual-host name in the Answer response
from the Protected- vAF/pCSCF must be hidden with one of the pseudo-host names assigned
to that vAF/pCSCF. This is done at TH trigger point ATH.
• Session-ID AVP containing an vAF/pCSCF's actual-host name in the Answer response from
the Protected-vAF/pCSCF must be hidden with one of the pseudo-host names assigned to that
vAF/pCSCF. This is done at TH trigger point ATH.
An example of an Untrusted-hPCRF to Protected- vAF/pCSCF Diameter transaction is shown in Figure

34: Untrusted-hPCRF to Protected-vAF/pCSCF Transaction.
Figure 34: Untrusted-hPCRF to Protected-vAF/pCSCF Transaction

For Untrusted-hPCRF to Protected-vAF/pCSCF transactions, S9 AF/pCSCF TH is only invoked on

Request messages at topology trigger point RTR which meet the following criteria:
• Message was a candidate for topology hiding as defined by topology trigger point RTR and
• S9 AF/pCSCF TH is enabled for the Protected Network (S9 AF/pCSCF TH Configuration Set is
assigned to the Protected Network) and
• The Request message is a member of the Rx message set and was initiated by a AF/pCSCF and
• The Destination-Host AVP or host portion of Session-ID AVP contains a AF/pCSCF pseudo-host
name that is assigned to the Protected Network as determined from the internal AF/pCSCF TH
Pseudo-Host Name
• S9 AF/pCSCF TH is enabled for the Protected Network (S9 AF/pCSCF TH Configuration Set is
assigned to the Protected Network)
• The Answer message is a member of the Rx message set and was initiated by a AF/pCSCF
• The Origin-Host AVP or host portion of Session-ID AVP contains an actual AF/pCSCF host name
that is assigned to the Protected Network via the S9 AF/pCSCF TH Configuration Set
Protected-hPCRF to Untrusted-vAF/pCSCF Transactions

When AF/pCSCF and PCRF are in untrusted network and AF/pCSCF uses vPCRF in proxy to
communicate Rx messages initiated by vAF/pCSCF to hPCRF in protected network, then S9 PCRF
TH is used to hide PCRF host names to untrusted network.
Untrusted-vAF/pCSCF to Protected-hPCRF Transactions

When AF/pCSCF and PCRF are in untrusted network and AF/pCSCF uses vPCRF in proxy to
communicate Rx messages initiated by hPCRF in protected network to vAF/pCSCF, then S9 PCRF
TH is used to hide PCRF host names to untrusted network.
Trusted Networks Lists

A Trusted Network List is a list of Realms identifying networks where Topology Hiding will NOT be
invoked for messages to and from that network. Up to 500 Trusted Network Lists can be configured.
Each Trusted Network List can contain up to 100 Trusted Network Realms.
Trusted Network Lists can be configured only on an NOAM.
On the Diameter > Configuration > Topology Hiding > Trusted Networks Lists page, you can
perform the following actions:
• Filter the list of Trusted Networks Lists, to display only the desired Trusted Networks Lists.
• Sort the list entries in ascending or descending order by Trusted Networks List Name by clicking
the column heading. By default, the list is sorted by Trusted Networks List Name in ascending
numerical order.
• Click Insert.
The Diameter > Configuration > Topology Hiding > Trusted Networks Lists page opens. You
can add a new Trusted Networks List. See Adding a Trusted Network List. If the maximum number
of Trusted Networks Lists (500) already exists in the system, the Diameter > Configuration >
Topology Hiding > Trusted Networks Lists page will not open, and an error message is displayed.

• Select a Trusted Networks List Name in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > Trusted Networks Lists page opens. You
can edit the selected Trusted Networks List. See Editing a Trusted Network List.
• Select a Trusted Networks List Name in the list, and click Delete to remove the selected Trusted
Networks List. See Deleting a Trusted Network List.
Diameter Trusted Network Lists elements

Table 84: Trusted Network Lists elements describes the fields on the Diameter > Configuration > Topology
Hiding > Trusted Networks Lists View, Insert, and Edit pages. Data Input Notes apply only to the
Insert and Edit pages; the View page is read-only.
Table 84: Trusted Network Lists elements
* Trusted Network A name that uniquely identifies Format: case-sensitive; alphanumeric and
List Name the Trusted Network List. underscore (_); cannot start with a digit and
* Trusted Network Trusted Network Realms for this Format: Test box; case-insensitive string
Realms Trusted Network List. For consisting of a list of labels separated by
Trusted Network Realms the dots, where a label may contain letters,
Topology Hiding Feature will not digits, dashes ('-') and underscore ('_'). A
be applied. label must start with a letter, digit or
underscore and must end with a letter or
Click Add to enter another Realm.
digit. Underscores can be used only as the
Click the X next to a Realm to first character. A label can be at most 63
delete the entry. characters long and a Realm can be at most
255 characters long.
Range: 1-100 entries
Viewing Topology Hiding Trusted Network Lists

Use this task to view configured Topology Hiding Trusted Network Lists.
On the NOAM, select Diameter > Configuration > Topology Hiding > Trusted Network Lists.
The Diameter > Configuration > Topology Hiding > Trusted Networks Lists page appears.
Adding a Trusted Network List

Use this task on the NOAM to create a new Trusted Network List. The fields are described in Diameter
Trusted Network Lists elements.
1. Select Diameter > Configuration > Topology Hiding > Trusted Network Lists.

2. Click Insert.
The Diameter > Configuration > Topology Hiding > Trusted Networks Lists [Insert] page
appears.
3. Enter a unique name for the Trusted Network List in the Trusted Network List Name field.
4. Enter one or more, up to 100, Trusted Network Realms.
5. Click:
• OK to save the data and return to the Diameter > Configuration > Topology Hiding > Trusted
Networks Lists page.
• Cancel to return to the Diameter > Configuration > Topology Hiding > Trusted Networks
Lists page without saving any changes.
• The Trusted Network List Name is not unique; it already exists in the system
• The maximum number of Trusted Network Lists (100) would be exceeded in the system
Editing a Trusted Network List

Use this task to make changes to existing Trusted Network Lists.
The Trusted Network List Name cannot be changed.
1. Select Diameter > Configuration > Topology Hiding > Trusted Network Lists.
2. Select the Trusted Network List you want to edit.
3. Click Edit.
The Diameter > Configuration > Topology Hiding > Trusted Networks Lists [Edit] page appears.
The page is initially populated with the current configured values for the selected Trusted Network
List.

For more information about each field see Diameter Trusted Network Lists elements.
5. Click:
• OK to save the data and return to the Diameter > Configuration > Topology Hiding > Trusted
Networks Lists page .
• Cancel to return to the Diameter > Configuration > Topology Hiding > Trusted Networks

Deleting a Trusted Network List

Use this task on the NOAM to delete a Trusted Network List.
Note: A Pending Answer Timer cannot be deleted if it is referenced by either a Peer Node or a Routing
Option Set is referenced by Protected Networks. It also cannot be deleted if it is associated with any
Routing Option Set.
1. Select Diameter > Configuration > Topology Hiding > Trusted Networks Lists.
2. Select the Trusted Network List you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Trusted Network List.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Topology
Hiding > Trusted Networks Lists page.
If OK is clicked and the selected Trusted Network List no longer exists (it was deleted by another
user), an error message is displayed and the Trusted Network Lists view is refreshed.
Path Topology Hiding Configuration Sets

Path Topology Hiding Configuration Sets provide information that is used to perform Path Topology
Hiding for Protected Networks. Each Protected Network can reference a single Path Topology Hiding
Configuration Set.
The fields are described in Diameter Topology Hiding Path Topology Hiding Configuration Set elements.
Each Path Topology Hiding Configuration Set contains the following information:
• Path Topology Hiding Configuration Set Name – Unique name for this Configuration Set.
• Hostname Suffixes – List of Hostname suffixes that are used to identify the Protected Network's
host name that must be hidden in Route-Record, Proxy-Host, and Error-Reporting-Host AVPs.
• Route-Record Pseudo Hostname – Pseudo-host name to be used when replacing Route-Record
headers.
• Proxy-Host Pseudo Hostname – Proxy-Host Pseudo Hostname will be used while replacing the
host name in the Proxy-Host AVP.
• Encryption Key – Encryption key used for Error-Reporting-Host obscuring.
On the Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration Sets
page, you can perform the following actions:
• Filter the list of Path Topology Hiding Configuration Sets to display only the desired Path Topology
Hiding Configuration Sets.
• Sort the list by column contents in ascending or descending order (except Hostname Suffixes), by
clicking the column heading. The default order is by Path Topology Hiding Configuration Set
Name in ascending ASCII order.
• In the Hostname Suffixes column,

• Click the + sign to the left of the number of Hostname Suffixes to expand the list of Hostname
Suffixes for the Configuration Set.
• Click the - sign to the left of the number of Hostname Suffixes to collapse the list of Hostname
Suffixes for the Configuration Set.
• Click Insert.
The Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration Sets
[Insert] page appears. You can add a new Path Topology Hiding Configuration Set and its elements.
See Adding a Path Topology Hiding Configuration Set.
If the maximum number of Path Topology Hiding Configuration Sets per Network Element (500)
already exist in the system, the Diameter > Configuration > Topology Hiding > Path Topology
Hiding Configuration Sets [Insert] page will not open, and an error message is displayed.
• Select a Path Topology Hiding Configuration Set Name in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration Sets
[Edit] page opens. You can edit the selected Path Topology Hiding Configuration Set. See Editing
a Path Topology Hiding Configuration Set.
If at least one Protected Network references the Path Topology Hiding Configuration Set the
Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration Sets
[Edit] page will not open.
• Select a Path Topology Hiding Configuration Set Name in the list, and click Delete to remove the
selected Path Topology Hiding Configuration Set. See Deleting a Path Topology Hiding Configuration
Set.
If at least one Protected Network references the selected Path Topology Hiding Configuration Set,
the Configuration Set will not be deleted.
Diameter Topology Hiding Path Topology Hiding Configuration Set elements

Table 85: Path Topology Hiding Configuration Sets Elements describes the fields on the Path Topology
Hiding Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only to the Insert and
Edit pages; the View page is read-only.
Table 85: Path Topology Hiding Configuration Sets Elements
Field (* indicates
* Path Topology Hiding A name that uniquely identifies the Format: case-sensitive string;
Configuration Set Name Path Topology Hiding Configuration alphanumeric and underscore (_);
Set. must contain at least one alpha
and cannot start with a digit.
* Hostname Suffixes List of Hostname Suffixes that are used Format: case-insensitive string
to identify the Protected Network's host consisting of a list of labels
name that must be hidden in separated by dots, where a label
Route-Record, Proxy-Host, and may contain letters, digits, dashes
Error-Reporting-Host AVPs. (-), and underscore (_). A label

Field (* indicates
Up to 10 Hostname Suffixes can be must start with a letter, digit, or
configured for each Path Topology underscore and must end with a
Hiding Configuration Set. letter or digit. Underscores can be
Label - up to 63 characters;
Hostname Suffix - up to 255
characters.
* Route-Record Pseudo A pseudo-host name that is used in Format: case-insensitive string

Hostname replacing Route-Record headers. consisting of a list of labels
separated by dots, where a label
(-), and underscore (_). A label
must start with a letter, digit, or
letter or digit. Underscores can be
Route-Record Pseudo Hostname -
up to 255 characters.
* Proxy Host Pseudo A pseudo-host name that is used in Format: case-insensitive string
Hostname replacing the host name in the consisting of a list of labels
Proxy-Host AVP. separated by dots, where a label
(-), and underscore (_). A label
must start with a letter, digit, or
letter or digit. Underscores can be
Label - up to 63 characters; Proxy
Host Pseudo Hostname - up to 255
characters.
* Encryption Key Encryption Key to be used in Format: alphanumeric string

Error-Reporting Host obscuring.
Range: up to 16 characters; valid
Encryption Key
Viewing Path Topology Hiding Configuration Sets

Use this task to view currently configured Path Topology Hiding Configuration Sets.
Select Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration
Sets.
The Path Topology Hiding Configuration Sets page appears.

Adding a Path Topology Hiding Configuration Set

Use this task to create a new Path Topology Hiding Configuration Set.
For more information about the fields, see Diameter Topology Hiding Path Topology Hiding Configuration
Set elements.
1. Select Diameter > Configuration > Configuration Sets > Path Topology Hiding Configuration
Sets.
2. Click Insert.
The Path Topology Hiding Configuration Sets [Insert] page appears.
Note: If the maximum number of Configuration Sets allowed in the system (500) has been
configured, the Path Topology Hiding Configration Sets page will not open.
3. Enter a unique name for the Configuration Set in the Path Topology Hiding Configuration Set
Name field.
4. Enter a suffix for the Hostname in the Hostname Suffix field.
5. Enter a value to be used when replacing the Route-Record headers in the Route-Record Pseudo
Hostname field.
6. Enter a value to be used when replacing the host name in the Proxy-Host AVP in the Proxy-Host
Pseudo Hostname field.
7. Enter an encryption key value in the Encryption Key field.
8. Click:
• OK to save the new Configuration Set and return to the Path Topology Hiding Configuration
Sets page.
• Cancel to return to the Path Topology Hiding Configuration Sets page without saving any
changes.
• The Path Topology Hiding Configuration Set Name is not unique; it already exists in the
system.
Editing a Path Topology Hiding Configuration Set

Use this task to edit an existing Path Topology Hiding Configuration Set.
When the Path Topology Hiding Configuration Sets page opens, the fields are populated with the
currently configured values.
The Path Topology Hiding Configuration Set Name cannot be edited.
1. Select Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration
Sets.

2. Select the Path Topology Hiding Configuration Set you want to edit.
3. Click Edit.
The Path Topology Hiding Configuration Sets [Edit] page appears.
For information about each field, see Diameter Topology Hiding Path Topology Hiding Configuration
Set elements.
5. Click:
• OK to save the changes and return to the Path Topology Hiding Configuration Sets page.
• Cancel to return to the Path Topology Hiding Configuration Sets page without saving any
changes.
• The selected Path Topology Hiding Configuration Set no longer exists; it has been deleted by
another user.
Deleting a Path Topology Hiding Configuration Set

Use this task to delete a Path Topology Hiding Configuration Set.
Note: A Path Topology Hiding Configuration Set that is used in a Protected Network cannot be
deleted.
1. Select Diameter > Configuration > Topology Hiding > Path Topology Hiding Configuration
Sets.
2. Select the Path Topology Hiding Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Path Topology Hiding Configuration Set.
• Cancel to cancel the delete function and return to the Path Topology Hiding Configuration
Sets page.
S6a/S6d HSS Topology Hiding Configuration Sets

S6a/S6d HSS Topology Hiding Configuration Sets provide information that is used to perform S6a/S6d
HSS Topology Hiding for Protected Networks. Each Protected Network can reference a single S6a/S6d
HSS Topology Hiding Configuration SetHSS.
The fields are described in Diameter S6a/S6d HSS Topology Hiding Configuration Set elements.
Each S6a/S6d HSS Topology Hiding Configuration Set contains the following information:

• S6a/S6d HSS Topology Hiding Configuration Set Name - Unique name for this Configuration Set.
• Use S6a/S6d Single HSS Pseudo Hostname - If checked, Single HSS Pseudo Hostname will be used
for all HSS actual hostnames.
Note: When the Use S6a/S6d Single HSS Pseudo Host NameHSS field is configured, all HSS TH
Configuration Set fields associated with multiple pseudo-host names must not be configured
• S6a/S6d Single HSS Pseudo Hostname - S6a/S6d HSS Pseudo Hostname
• Pseudo Hostname Generation - Attributes to control the format and generation of Pseudo Hostnames
corresponding to an Actual Hostname.
Note: In order to support multiple pseudo hostnames for each HSS real hostname, each S6a/S6d
TH Configuration set includes the following attributes:
• Count - The maximum number of Pseudo Hostnames associated with an Actual Hostname.
• Randomize Count - Allows random number of Pseudo Hostnames between 1 and Count to be
associated with an Actual Hostname.
• Auto Generate - Allows Pseudo Hostnames to be automatically generated corresponding to an
Actual Hostname.
• Prefix - Prefix for the auto-generated Pseudo Hostname.
• Suffix - Suffix for the auto-generated Pseudo Hostname.
• Length - Length of the random number used in the auto-generated Pseudo Hostname.
• Hostnames - List of Actual Hostnames and their Pseudo Hostnames in this S6a/S6d HSS Topology
Hiding Configuration Set.
• S6a/S6d HSS Actual Hostname Not Found Action - Action to be performed when the Orig-Host
in the Diameter message is not configured as Actual Hostname in this S6a/S6d HSS Topology
• S6a/S6d HSS Actual Hostname Not Found Answer Result-Code Value - Value to be placed in the
Result-Code AVP of the Answer message.
• S6a/S6d HSS Actual Hostname Not Found Vendor ID - Vendor ID will be placed in Vendor ID
AVP.
• S6a/S6d HSS Actual Hostname Not Found Answer Error Message - String to be placed in the
Error-Message AVP of the Answer message.
On the Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding Configuration
SetsHSS page, you can perform the following actions:
• Filter the list of S6a/S6d HSS Topology Hiding Configuration Sets to display only the desired
S6a/S6d HSS Topology Hiding Configuration Sets.
clicking the column heading. The default order is by S6a/S6d HSS Topology Hiding Configuration
Set NameHSS in ascending ASCII order.
• Click Insert.
The Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding
Configuration Sets [Insert]HSS page appears. You can add a new S6a/S6d HSS Topology Hiding
Configuration Set and its elements. See Adding an S6a/S6d HSS Topology Hiding Configuration Set.
If the maximum number of S6a/S6d HSS Topology Hiding Configuration Sets (500) already exists
in the system, the Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding
Configuration Sets [Insert] page will not open, and an error message is displayed.
• Select a S6a/S6d HSS Topology Hiding Configuration Set Name in the list, and click Edit.

The Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding
Configuration Sets [Edit]HSS page opens. You can edit the selected S6a/S6d HSS Configuration
Set. See Editing an S6a/S6d HSS Topology Hiding Configuration Set.
• Select a S6a/S6d HSS Topology Hiding Configuration Set Name in the list, and click Delete to
remove the selected S6a/S6d HSS Topology Hiding Configuration Set. See Deleting an S6a/S6d HSS
Topology Hiding Configuration Set.
If the selected S6a/S6d HSS Topology Hiding Configuration Set is used in a Protected Network,
Diameter S6a/S6d HSS Topology Hiding Configuration Set elements

Table 86: S6a/S6d HSS Topology Hiding Configuration Sets Elements describes the fields on the S6a/S6d
HSS Topology Hiding Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only
Table 86: S6a/S6d HSS Topology Hiding Configuration Sets Elements
Field (* indicates
* S6a/S6d HSS A name that uniquely identifies the S6a/S6d Format: case-sensitive string;
Topology Hiding HSS Topology Hiding Configuration Set. alphanumeric and underscore
Configuration Set (_); must contain at least one
Name alpha and cannot start with a
digit
Use S6a/S6d Single If checked, Single HSS Pseudo Hostname Default: Checked
HSS Pseudo Hostname will be used for all HSS actual hostnames.
Range: n/a
Note: When the Use S6a/S6d Single HSS
Pseudo Host NameHSS field is configured,
all HSS TH Configuration Set fields
associated with multiple pseudo-host names
must not be configured
* S6a/S6d HSS Pseudo The name to be used in replacing the HSS Format: case-insensitive string
Hostname Hostname. consisting of a list of labels
separated by dots, where a
label may contain letters, digits,
dashes (-), and underscore (_).
A label must start with a letter,
digit, or underscore and must
end with a letter or digit.
Underscores can be used only
as the first character.
S6a/S6d HSS Pseudo

Field (* indicates
Hostname - up to 255
characters.
Pseudo Hostname Attributes to control the format and Count:

Generation generation of Pseudo Hostnames
• Default = 3
• Range = 1-3
Note: In order to support multiple pseudo
hostnames for each HSS real hostname, each Randomize Count:
S6a/S6d TH Configuration set includes the • Default = Checked
following attributes: • Range = n/a
• Count - The maximum number of Auto Generate:
Pseudo Hostnames associated with an
Actual Hostname. • Default = Checked
• Randomize Count - If checked, random • Range = n/a
number of Pseudo Hostnames between Prefix:
1 and Count are associated with an
Actual Hostname. • Default = n/a
• Auto Generate - If checked, Pseudo • Range = A valid Prefix
Hostnames are automatically generated Suffix:
• Default = n/a
• Prefix - Prefix for the auto generated
Pseudo Hostname. Prefix is a • Range = A valid Suffix
case-insensitive string consisting of a list Length:
of labels separated by dots, where a label
may contain letters, digits, dashes (-) and • Default = 4
underscore (_). A label must start with a • Range = 4 - 5
letter, digit or underscore and must end
with a letter or digit. Underscores may
be used only as the first character. Prefix
must be at most 63 characters long.
• Suffix - Suffix for the auto generated
Pseudo Hostname. Suffix is
case-insensitive string consisting of a list
may contain letters, digits, dashes (-) and
underscore (_). A label must start with a
with a letter or digit. Underscores may
be used only as the first character. Suffix
must be at most 63 characters long.
• Length - Length of the random number
used in the auto generated Pseudo
Hostname.
* Hostnames List of Actual Hostnames and their Pseudo Format: case-insensitive string
Hostnames in this S6a/S6d HSS Topology consisting of a list of labels
Hiding Configuration Set. separated by dots, where a

Field (* indicates
label may contain letters, digits,
dashes (-), and underscore (_).
A label must start with a letter,
digit, or underscore and must
end with a letter or digit.
Underscores can be used only
as the first character.
S6a/S6d HSS Pseudo
Hostname - up to 255
characters.
S6a/S6d HSS Actual Action to be performed when the Orig-Host Default: Send Answer
Hostname Not Found in the Diameter message is not configured
Range: n/a
Action as Actual Hostname in this S6a/S6d HSS
S6a/S6d HSS Actual Value to be placed in the Result-Code AVP Default: 3002
Hostname Not Found of the Answer message. S6a/S6d HSS Actual
Range: 1000-5999
Answer Result-Code Hostname Not Found Answer Result-Code
Value Value is required if action is Send Answer.
S6a/S6d HSS Actual Vendor ID will be placed in Vendor ID AVP Default: n/a
Hostname Not Found
Range: 1-4294967295
Vendor ID
S6a/S6d HSS Actual String to be placed in the Error-Message Default: null string, no
Hostname Not Found AVP of the Answer message Error-Message AVP in Answer
Answer Error Message message
Viewing S6a/S6d HSS Topology Hiding Configuration Sets

Use this task to view currently configured S6a/S6d HSS Topology Hiding Configuration Sets.
Select Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding
Configuration Sets.
The S6a/S6d HSS Topology Hiding Configuration Sets page appears.
Adding an S6a/S6d HSS Topology Hiding Configuration Set

Use this task to create a new S6a/S6d HSS Topology Hiding Configuration Set.
For more information about the fields, see Diameter S6a/S6d HSS Topology Hiding Configuration Set
elements.
1. Select Diameter > Configuration > Topology Hiding > S6a/S6d HSS Topology Hiding
Configuration Sets.

The S6a/S6d HSS Topology Hiding Configuration SetsHSS page appears.

configured, the S6a/S6d HSS Topology Hiding Configuration SetsHSS page will not open.
2. Click Insert.
The S6a/S6d HSS Topology Hiding Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the S6a/S6d HSS Topology Hiding Configuration
Set Name field.
4. Check or uncheck the box for the Use S6a/S6d Single HSS Pseudo Hostname field to indicate
whether or not a Single HSS Pseudo Hostname will be used for all HSS actual hostnames.
5. Enter a unique name to be used when replacing the S6a/S6d HSS Hostname in the S6a/S6d Single
HSS Pseudo Hostname field.
6. Set the Count, Randomize Count, Auto Generate, Prefix, Suffix, and Length attributes associated
with Pseudo Hostname Generation.
7. Add Hostnames to serve as Actual Hostnames and their Pseudo Hostnames in the S6a/S6d HSS
8. Select an S6a/S6d HSS Actual Hostname Not Found Action to be performed when the Orig-Host
in the Diameter message is not configured as Actual Hostname in this S6a/S6d HSS Topology
Hiding Configuration Set in the field.
9. Enter an S6a/S6d HSS Actual Hostname Not Found Answer Result-Code Value to be placed in
the Result-Code AVP of the Answer message.
10. Enter an S6a/S6d HSS Actual Hostname Not Found Vendor ID to be placed in Vendor Id AVP.
11. Enter an S6a/S6d HSS Actual Hostname Not Found Answer Error Message to be placed in the
12. Click:
• OK to save the changes and return to the S6a/S6d HSS Topology Hiding Configuration Sets
page.
• Cancel to return to the S6a/S6d HSS Topology Hiding Configuration Sets page without saving
any changes.
• The S6a/S6d HSS Topology Hiding Configuration Set Name is not unique; it already exists
in the system.
Editing an S6a/S6d HSS Topology Hiding Configuration Set

Use this task to edit an existing S6a/S6d HSS Topology Hiding Configuration Set.
When the S6a/S6d HSS Topology Hiding Configuration Sets page opens, the fields are populated
The S6a/S6d HSS Topology Hiding Configuration Set Name cannot be edited.

Configuration Sets.
2. Select the S6a/S6d HSS Topology Hiding Configuration Set you want to edit.
3. Click Edit.
The S6a/S6d HSS Topology Hiding Configuration Sets [Edit]HSS page appears.
For information about each field, see Diameter S6a/S6d HSS Topology Hiding Configuration Set elements.
5. Click:
• OK to save the data and return to the S6a/S6d HSS Topology Hiding Configuration Sets page.
• Cancel to return to the S6a/S6d HSS Topology Hiding Configuration Sets page without saving
any changes.
• The selected S6a/S6d HSS Topology Hiding Configuration Set no longer exists; it has been
deleted by another user.
Deleting an S6a/S6d HSS Topology Hiding Configuration Set

Use this task to delete an S6a/S6d HSS Topology Hiding Configuration Set.
Note: An S9 AF/pCSCF Topology Hiding Configuration Set that is used in a Protected Network
cannot be deleted.
Configuration Sets.
2. Select the S6a/S6d HSS Topology Hiding Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the S6a/S6d HSS Topology Hiding Configuration Set.
• Cancel to cancel the delete function and return to the S6a/S6d HSS Topology Hiding
MME/SGSN Topology Hiding Configuration Sets

MME/SGSN Topology Hiding Configuration Sets provide information that is used to perform
MME/SGSN Topology Hiding for Protected Networks.
Each Protected Network can reference a single MME/SGSN Topology Hiding Configuration Set.

The fields are described in Diameter MME/SGSN Topology Hiding Configuration Set elements.
Each MME/SGSN Topology Hiding Configuration Set contains the following information:
• MME/SGSN Topology Hiding Configuration Set Name - Unique name for this Configuration Set.
Actual Hostname.
• Hostnames - List of Actual Hostnames and their Pseudo Hostnames in this MME/SGSN Topology
• MME/SGSN Actual Hostname Not Found Action - Action to be taken when the Orig-Host in the
Diameter message is not configured as Actual Hostname.
• MME/SGSN Actual Hostname Not Found Answer Result-Code Value - Value to be placed in the
• MME/SGSN Actual Hostname Not Found Vendor Id - Value to be placed in the Vendor ID AVP.
• MME/SGSN Actual Hostname Not Found Answer Error Message - String to be placed in the
On the Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding Configuration
Sets page, you can perform the following actions:
• Filter the list of MME/SGSN Topology Hiding Configuration Sets to display only the desired
MME/SGSN Topology Hiding Configuration Sets.
clicking the column heading. The default order is by MME/SGSN Topology Hiding Configuration
Set Name in ascending ASCII order.
• Click Insert.
The Diameter > Configuration [Insert] > Topology Hiding > MME/SGSN Topology Hiding
Configuration Sets page appears. You can add a new MME/SGSN Topology Hiding Configuration
Set and its elements. See Adding an MME/SGSN Topology Hiding Configuration Set.
If the maximum number of MME/SGSN Topology Hiding Configuration Sets (500) already exist
in the system, the Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding
• Select a MME/SGSN Topology Hiding Configuration Set Name in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding Configuration
Sets [Edit] page opens. You can edit the selected Configuration Set. See Editing an MME/SGSN
• Select an MME/SGSN Topology Hiding Configuration Set Name in the list, and click Delete to
remove the selected MME/SGSN Topology Hiding Configuration Set. See Deleting an MME/SGSN

If at least one Protected Network references the selected MME/SGSN Topology Hiding
Configuration Set, the Configuration Set will not be deleted.
Diameter MME/SGSN Topology Hiding Configuration Set elements

Table 87: MME/SGSN Topology Hiding Configuration Sets Elements describes the fields on the MME/SGSN
Topology Hiding Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only to the
Table 87: MME/SGSN Topology Hiding Configuration Sets Elements
Field (* indicates
* MME/SGSN A name that uniquely identifies the Format: case-sensitive string;
Topology Hiding MME/SGSN Topology Hiding Configuration alphanumeric and
Configuration Set Name Set. underscore (_); must contain
Pseudo Hostname Attributes to control the format and

corresponding to an Actual Hostname:
Count - The maximum number of Pseudo Format: pulldown list
Hostnames associated with an Actual
Range: 1 -3
Hostname.
Default: 3
Randomize Count - If checked, random Format: checkbox

number of Pseudo Hostnames between 1 and
Default = checked
Count are associated with an Actual
Hostname.
Auto Generate - If checked, Pseudo Format: checkbox
Hostnames are automatically generated
Default: checked
Prefix - Prefix for the auto generated Pseudo Format: case-insensitive
Hostname. string consisting of a list of
labels separated by dots,
where a label may contai
letters, digits, dashes (-), and
underscore (_). A label must
start with a letter, digit, or
underscore and must end
with a letter or digit.
Underscores can be used
only as the first character.

Field (* indicates
Suffix - Suffix for the auto generated Pseudo Format: case-insensitive
Hostname. string consisting of a list of
labels separated by dots,
where a label may contain
Length - Length of the random number used Format: pull-down list

in the auto generated Pseudo Hostname.
Range: 4, 5
Default: 4
* Hostnames List of Actual Hostnames and their Pseudo Format: Each Actual and
Hostnames in this MME/SGSN Topology Pseudo Hostname is a
Hiding Configuration Set. case-insensitive string
• Text boxes for Actual Hostname and
separated by dots, where a
Pseudo Hostnames
label may contain letters,
• Click Add to open up to 300 entries. digits, dashes (-), and
• Click the X at the end of an entry to delete underscore (_). A label must
the Actual Hostname entry and its start with a letter, digit, or
corresponding Pseudo Hostnames. underscore and must end
Actual or Pseudo Hostname
- up to 255 characters.
Range: Actual Hostname - 1
- 300 entries. Pseudo
Hostname - 1 - 3 entries per
actual Hostname.
MME/SGSN Actual Action to be performed when the Orig-Host Format: radio button group
Hostname Not Found in the Diameter message is not configured as
Range:
Action Actual Hostname in this MME/SGSN
Topology Hiding Configuration Set. • Send Answer
• Abandon
• Forward

Field (* indicates
MME/SGSN Actual Value to be placed in the Result-Code AVP Format: radio button group
Hostname Not Found of the Answer message. with values as a text box and
Answer Result-Code a pull-down list.
This value is required if the MME/SGSN
Value
Actual Hostname Not Found Action is Send Range: 1000 - 5999
Answer.
Default: 3002
MME/SGSN Actual Vendor ID to be placed in Vendor ID AVP. Format: text box

Hostname Not Found
Range: 1 - 4294967295
Vendor ID
MME/SGSN Actual String to be placed in the Error-Message AVP Format: text box
Hostname Not Found of the Answer message.
Answer Error Message
Default: Null string. No
Answer message.
Viewing MME/SGSN Topology Hiding Configuration Sets

Use this task to view currently configured MME/SGSN Topology Hiding Configuration Sets.
Select Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding
Configuration Sets.
The MME/SGSN Topology Hiding Configuration Sets page appears.
Adding an MME/SGSN Topology Hiding Configuration Set

Use this task to create a new MME/SGSN Topology Hiding Configuration Set.
For more information about the fields, see Diameter MME/SGSN Topology Hiding Configuration Set
elements.
1. Select Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding
Configuration Sets.
2. Click Insert.
The MME/SGSN Topology Hiding Configuration Sets [Insert] page appears.
configured, the MME/SGSN Topology Hiding Configuration Sets page will not open.
3. Enter a unique name for the Configuration Set in the MME/SGSN Topology Hiding Configuration
Set Name field.
4. Enter values for the Actual Hostname and associated Pseudo Hostnames in the appropriate fields.
5. Complete the optional fields as desired.
6. Click:

• OK to save the changes and return to the MME/SGSN Topology Hiding Configuration Sets
page.
• Cancel to return to the MME/SGSN Topology Hiding Configuration Sets page without saving
any changes.
• The MME/SGSN Topology Hiding Configuration Set Name is not unique; it already exists in
the system.
Editing an MME/SGSN Topology Hiding Configuration Set

Use this task to edit an existing MME/SGSN Topology Hiding Configuration Set.
When the MME/SGSN Topology Hiding Configuration Sets page opens, the fields are populated
Configured Actual Hostname and Pseudo Hostnames entries cannot be edited. New Actual Hostnames
and Pseudo Hostnames can be added, and configured entries can be deleted.
1. Select Diameter > Configuration > Topology Hiding > MME/SGSN Topology Hiding
Configuration Sets.
2. Select the MME/SGSN Topology Hiding Configuration Set you want to edit.
3. Click Edit.
The MME/SGSN Topology Hiding Configuration Sets [Edit] page appears.
For information about each field, see Diameter MME/SGSN Topology Hiding Configuration Set elements.
5. Click:
• OK to save the changes and return to the MME/SGSN Topology Hiding Configuration Sets
page.
• Cancel to return to the MME/SGSN Topology Hiding Configuration Sets page without saving
any changes.
• The selected MME/SGSN Topology Hiding Configuration Set no longer exists; it has been
Deleting an MME/SGSN Topology Hiding Configuration Set

Use this task to delete an MME/SGSN Topology Hiding Configuration Set.

An MME/SGSN Topology Hiding Configuration Set that is being used by a Protected Network cannot
be deleted.
1. Select Diameter > Configuration > Toplogy Hiding > MME/SGSN Toplogy Hiding Configuration
Sets.
The MME/SGSN Toplogy Hiding Configuration Sets page appears.
2. Select the MME/SGSN Topology Hiding Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the MME/SGSN Topology Hiding Configuration Set.
• Cancel to cancel the delete function and return to the MME/SGSN Toplogy Hiding
S9 PCRF Topology Hiding Configuration Sets

S9 PCRF Topology Hiding Configuration Sets provide information that is used to perform S9 PCRF
Topology Hiding for a Protected Network's PCRFs, as well as the number of PCRFs in the network,
when it exchanges messages with Untrusted Networks. A PCRF's identity is embedded in the
Origin-Host and Session-ID AVPs sent in Request messages and the Origin-Host AVP sent in Answer
messages.
The fields are described in Diameter S9 PCRF Topology Hiding Configuration Set elements.
Each S9 PCRF Topology Hiding Configuration Set contains the following information:
• S9 PCRF Topology Hiding Configuration Set Name - Unique name for this Configuration Set.
Actual Hostname.
• Hostnames - List of Actual Hostnames and their Pseudo Hostnames in this S9 PCRF Topology
• S9 PCRF Actual Hostname Not Found Action - Action to be performed when the Orig-Host in the
Diameter message is not configured as Actual Hostname in this S9 PCRF Topology Hiding
Configuration Set.
• S9 PCRF Actual Hostname Not Found Answer Result-Code Value - Value to be placed in the
• S9 PCRF Actual Hostname Not Found Vendor Id - Vendor Id will be placed in Vendor Id AVP.

• S9 PCRF Actual Hostname Not Found Answer Error Message - String to be placed in the
On the Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding Configuration
Sets page, you can perform the following actions:
• Filter the list of S9 PCRF Topology Hiding Configuration Sets to display only the desired S9 PCRF
Topology Hiding Configuration Sets.
clicking the column heading. The default order is by S9 PCRF Topology Hiding Configuration
• Click Insert.
The Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding Configuration
Sets [Insert] page appears. You can add a new S9 PCRF Topology Hiding Configuration Set and
its elements. See Adding an S9 PCRF Topology Hiding Configuration Set.
If the maximum number of S9 PCRF Topology Hiding Configuration Sets (500) already exists in
the system, the Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding
• Select a S9 PCRF Topology Hiding Configuration Set Name in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding Configuration
Sets [Edit] page opens. You can edit the selected S9 PCRF Configuration Set. See Editing an S9
PCRF Topology Hiding Configuration Set.
• Select a S9 PCRF Topology Hiding Configuration Set Name in the list, and click Delete to remove
the selected S9 PCRF Topology Hiding Configuration Set. See Deleting an S9 PCRF Topology Hiding
Configuration Set.
If the selected S9 PCRF Topology Hiding Configuration Set is used in a Protected Network, the
Configuration Set will not be deleted.
Diameter S9 PCRF Topology Hiding Configuration Set elements

Table 88: S9 PCRF Topology Hiding Configuration Sets Elements describes the fields on the S9 PCRF
Topology Hiding Configuration Sets View, Edit, and Insert pages. Data Input Notes apply only to the
Table 88: S9 PCRF Topology Hiding Configuration Sets Elements
Field (* indicates
* S9 PCRF Topology A name that uniquely identifies the S9 PCRF Format: case-sensitive string;
Hiding Configuration Topology Hiding Configuration Set. alphanumeric and
Set Name underscore (_); must contain

Field (* indicates
Pseudo Hostname Attributes to control the format and Count:
• Default = 3
• Range = 1-3
• Count - The maximum number of Pseudo
Hostnames associated with an Actual Randomize Count:
Hostname. • Default = Checked
number of Pseudo Hostnames between 1
and Count are associated with an Actual Auto Generate:
• Auto Generate - If checked, Pseudo • Range = n/a
corresponding to an Actual Hostname. Prefix:
• Prefix - Prefix for the auto generated • Default = n/a
Pseudo Hostname. Prefix is a • Range = A valid Prefix
Suffix:
may contain letters, digits, dashes (-) and • Default = n/a
underscore (_). A label must start with a • Range = A valid Suffix
with a letter or digit. Underscores may be Length:
used only as the first character. Prefix must • Default = 4
be at most 63 characters long. • Range = 4 - 5
• Suffix - Suffix for the auto generated
Pseudo Hostname. Suffix is
may contain letters, digits, dashes (-) and
underscore (_). A label must start with a
with a letter or digit. Underscores may be
used only as the first character. Suffix must
be at most 63 characters long.
• Length - Length of the random number
used in the auto generated Pseudo
Hostname.
* Hostnames List of Actual Hostnames and their Pseudo Format: case-insensitive

Hostnames in this S9 PCRF Topology Hiding string consisting of a list of
Configuration Set. labels separated by dots,
where a label may contain

Field (* indicates
S9 PCRF Pseudo Hostname
- up to 255 characters.
S9 PCRF Actual Action to be performed when the Orig-Host Default: Send Answer
Hostname Not Found in the Diameter message is not configured as
Range: n/a
Action Actual Hostname in this S9 PCRF Topology
S9 PCRF Actual Value to be placed in the Result-Code AVP Default: 3002
Hostname Not Found of the Answer message. S9 PCRF Actual
Range: 1000-5999
Answer Result-Code Hostname Not Found Answer Result-Code
Value Value is required if action is Send Answer.
S9 PCRF Actual Vendor ID will be placed in Vendor ID AVP Default: n/a
Hostname Not Found
Range: 1-4294967295
Vendor ID
S9 PCRF Actual String to be placed in the Error-Message AVP Default: null string, no
Hostname Not Found of the Answer message Error-Message AVP in
Answer Error Message Answer message
Viewing S9 PCRF Topology Hiding Configuration Sets

Use this task to view currently configured S9 PCRF Topology Hiding Configuration Sets.
Select Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding Configuration
Sets.
The S9 PCRF Topology Hiding Configuration Sets page appears.
Adding an S9 PCRF Topology Hiding Configuration Set

Use this task to create a new S9 PCRF Topology Hiding Configuration Set.
For more information about the fields, see Diameter S9 PCRF Topology Hiding Configuration Set elements.
1. Select Diameter > Configuration > Topology Hiding > S9 PCRF Topology Hiding Configuration
Sets.
Note: If the maximum number of Configuration sets allowed in the system (500) has been
configured, the S9 PCRF Topology Hiding Configuration Sets pag will not open.
2. Click Insert.
The S9 PCRF Topology Hiding Configuration Sets [Insert] page appears.

3. Enter a unique name for the Configuration Set in the S9 PCRF Topology Hiding Configuration
Set Name field.
4. Select/Enter desired values for the Pseudo Hostname Generation field.
5. Select a unique name to be used when replacing the S9 PCRF Hostname in the Hostnames field.
6. In the S9 PCRF Actual Hostname Not Found Action field, select the action to be taken if the Actual
Hostname is not found.
7. In the S9 PCRF Actual Hostname Not Found Answer Result-Code Value field, enter a value to
be placed in the Result-Code AVP of the Answer message.
8. In the S9 PCRF Actual Hostname Not Found Vendor Id field, enter a Vender Id to be place in the
Vendor id AVP.
9. In the S9 PCRF Actual Hostname Not Found Answer Error Message field, enter a string to be
placed in the Error-Message AVP of the Answer message.
10. Click:
• OK to save the changes and return to the S9 PCRF Topology Hiding Configuration Sets page.
• Cancel to return to the S9 PCRF Topology Hiding Configuration Sets page without saving
any changes.
• The S9 PCRF Topology Hiding Configuration Set Name is not unique; it already exists in the
system.
Editing an S9 PCRF Topology Hiding Configuration Set

Use this task to edit an existing S9 PCRF Topology Hiding Configuration Set.
When the S9 PCRF Topology Hiding Configuration Sets page opens, the fields are populated with
the currently configured values.
The S9 PCRF Topology Hiding Configuration Set Name cannot be edited.
Sets.
configured, the MME/SGSN Topology Hiding Configuration Sets page will not open.
2. Click Edit.
The S9 PCRF Topology Hiding Configuration Sets [Edit] page appears.
3. Enter a unique name for the Configuration Set in the S9 PCRF Topology Hiding Configuration
Set Name field.
4. Select/Enter desired values for the Pseudo Hostname Generation field.
5. Select a unique name to be used when replacing the S9 PCRF Hostname in the Hostnames field.
6. In the S9 PCRF Actual Hostname Not Found Action field, select the action to be taken if the Actual
Hostname is not found.

7. In the S9 PCRF Actual Hostname Not Found Answer Result-Code Value field, enter a value to
be placed in the Result-Code AVP of the Answer message.
8. In the S9 PCRF Actual Hostname Not Found Vendor Id field, enter a Vender Id to be place in the
Vendor id AVP.
9. In the S9 PCRF Actual Hostname Not Found Answer Error Message field, enter a string to be
placed in the Error-Message AVP of the Answer message.
10. Click:
• OK to save the changes and return to the S9 PCRF Topology Hiding Configuration Sets page.
• Cancel to return to the S9 PCRF Topology Hiding Configuration Sets page without saving
any changes.
• The S9 PCRF Topology Hiding Configuration Set Name is not unique; it already exists in the
system.
Deleting an S9 PCRF Topology Hiding Configuration Set

Use this task to delete an S9 PCRF Topology Hiding Configuration Set.
cannot be deleted.
Sets.
2. Select the S9 PCRF Topology Hiding Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the S9 PCRF Topology Hiding Configuration Set.
• Cancel to cancel the delete function and return to the S9 PCRF Topology Hiding Configuration
Sets page.
S9 AF/pCSCF Topology Hiding Configuration Sets

S9 AF/pCSCF Topology Hiding Configuration Sets provide information that is used to perform S9
AF/pCSCF Topology Hiding for a Protected Network's PCRFs, as well as the number of PCRFs in the
network, when it exchanges messages with Untrusted Networks. A PCRF's identity is embedded in
the Origin-Host and Session-ID AVPs sent in Request messages and the Origin-Host AVP sent in
Answer messages.
The fields are described in Diameter S9 AF/pCSCF Topology Hiding Configuration Set elements.

Each S9 AF/pCSCF Topology Hiding Configuration Set contains the following information:
• S9 AF/pCSCF Topology Hiding Configuration Set Name - Unique name for this Configuration
Set.
Actual Hostname.
• Hostnames - List of Actual Hostnames and their Pseudo Hostnames in this S9 PCRF Topology
• S9 AF/pCSCF Actual Hostname Not Found Action - Action to be performed when the Orig-Host
in the Diameter message is not configured as Actual Hostname in this S9 AF/pCSCF Topology
• S9 AF/pCSCF Actual Hostname Not Found Answer Result-Code Value - Value to be placed in the
• S9 AF/pCSCF Actual Hostname Not Found Vendor ID - Vendor ID will be placed in Vendor ID
AVP.
• S9 AF/pCSCF Actual Hostname Not Found Answer Error Message - String to be placed in the
On the Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology Hiding
Configuration Sets page, you can perform the following actions:
• Filter the list of S9 AF/pCSCF Topology Hiding Configuration Sets to display only the desired S9
AF/pCSCF Topology Hiding Configuration Sets.
clicking the column heading. The default order is by S9 AF/pCSCF Topology Hiding Configuration
• Click Insert.
The Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology Hiding
Configuration Sets [Insert] page appears. You can add a new S9 AF/pCSCF Topology Hiding
Configuration Set and its elements. See Adding an S9 AF/pCSCF Topology Hiding Configuration Set.
If the maximum number of S9 AF/pCSCF Topology Hiding Configuration Sets (500) already exists
in the system, the Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology
Hiding Configuration Sets [Insert] page will not open, and an error message is displayed.
• Select a S9 AF/pCSCF Topology Hiding Configuration Set Name in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology Hiding
Configuration Sets [Edit] page opens. You can edit the selected S9 AF/pCSCF Configuration Set.
See Editing an S9 AF/pCSCF Topology Hiding Configuration Set.

• Select a S9 AF/pCSCF Topology Hiding Configuration Set Name in the list, and click Delete to
remove the selected S9 AF/pCSCF Topology Hiding Configuration Set. See Deleting an S9 AF/pCSCF
If the selected S9 AF/pCSCF Topology Hiding Configuration Set is used in a Protected Network,
Diameter S9 AF/pCSCF Topology Hiding Configuration Set elements

Table 89: S9 AF/pCSCF Topology Hiding Configuration Sets Elements describes the fields on the S9
AF/pCSCF Topology Hiding Configuration Sets View, Edit, and Insert pages. Data Input Notes apply
only to the Insert and Edit pages; the View page is read-only.
Table 89: S9 AF/pCSCF Topology Hiding Configuration Sets Elements
Field (* indicates
* S9 AF/pCSCF A name that uniquely identifies the S9 AF/pCSCF Format: case-sensitive
Topology Hiding Topology Hiding Configuration Set. string; alphanumeric and
Configuration Set underscore (_); must
Name contain at least one alpha
and cannot start with a
digit
Pseudo Hostname Attributes to control the format and generation Count:

Generation of Pseudo Hostnames corresponding to an Actual
• Default = 3
Hostname
• Range = 1-3
• Count - The maximum number of Pseudo
Hostnames associated with an Actual Randomize Count:
number of Pseudo Hostnames between 1 and
Count are associated with an Actual Auto Generate:
• Auto Generate - If checked, Pseudo • Range = n/a
corresponding to an Actual Hostname. Prefix:
• Prefix - Prefix for the auto generated Pseudo • Default = n/a
Hostname. Prefix is a case-insensitive string • Range = A valid
consisting of a list of labels separated by dots, Prefix
where a label may contain letters, digits,
Suffix:
dashes (-) and underscore (_). A label must
start with a letter, digit or underscore and must • Default = n/a
end with a letter or digit. Underscores may be • Range = A valid
used only as the first character. Prefix must be Suffix
at most 63 characters long.
Length:

Field (* indicates
• Suffix - Suffix for the auto generated Pseudo • Default = 4
Hostname. Suffix is case-insensitive string • Range = 4 - 5
consisting of a list of labels separated by dots,
where a label may contain letters, digits,
dashes (-) and underscore (_). A label must
start with a letter, digit or underscore and must
end with a letter or digit. Underscores may be
used only as the first character. Suffix must be
at most 63 characters long.
• Length - Length of the random number used
in the auto generated Pseudo Hostname.
* Hostnames List of Actual Hostnames and their Pseudo Format: case-insensitive

Hostnames in this S9 AF/pCSCF Topology string consisting of a list
Hiding Configuration Set. of labels separated by
dots, where a label may
contain letters, digits,
dashes (-), and
underscore (_). A label
must start with a letter,
digit, or underscore and
digit. Underscores can be
character.
Label - up to 63
characters; S9 AF/pCSCF
Pseudo Hostname - up to
255 characters.
S9 AF/pCSCF Actual Action to be performed when the Orig-Host in Default: Send Answer
Hostname Not Found the Diameter message is not configured as Actual
Range: n/a
Action Hostname in this S9 AF/pCSCF Topology Hiding
Configuration Set.
S9 Af/pCSCF Actual Value to be placed in the Result-Code AVP of the Default: 3002
Hostname Not Found Answer message.
Range: 1000-5999
Answer Result-Code
S9 AF/pCSCF Actual Hostname Not Found
Value
Answer Result-Code Value is required if action
is Send Answer.
S9 AF/pCSCF Actual Vendor ID will be placed in Vendor ID AVP. Default: n/a

Hostname Not Found
Range: 1-4294967295
Vendor ID
S9 AF/pCSCF Actual String to be placed in the Error-Message AVP of Default: null string, no
Hostname Not Found the Answer message. Error-Message AVP in
Answer Error Message Answer message

Field (* indicates
Viewing S9 AF/pCSCF Topology Hiding Configuration Sets

Use this task to view currently configured S9 AF/pCSCF Topology Hiding Configuration Sets.
Select Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology Hiding
Configuration Sets.
The S9 AF/pCSCF Topology Hiding Configuration Sets page appears.
Adding an S9 AF/pCSCF Topology Hiding Configuration Set

Use this task to create a new S9 AF/pCSCF Topology Hiding Configuration Set.
For more information about the fields, see Diameter S9 AF/pCSCF Topology Hiding Configuration Set
elements.
1. Select Diameter > Configuration > Topology Hiding > S9 AF/pCSCF Topology Hiding
Configuration Sets.
configured, the S9 AF/PCRF Topology Hiding Configuration Sets page will not open.
2. Click Insert.
The S9 AF/pCSCF Topology Hiding Configuration Sets [Insert] page appears.
3. Enter a unique name for the Configuration Set in the S9 AF/pCSCF Topology Hiding Configuration
Set Name field.
4. Enter a unique name to be used when replacing the S9 AF/pCSCF Hostname in the S9 AF/pCSCF
Pseudo Hostname field.
5. Click:
• OK to save the changes and return to the S9 AF/pCSCF Topology Hiding Configuration Sets
page.
• Cancel to return to the S9 AF/pCSCF Topology Hiding Configuration Sets page without saving
any changes.
• The S9 AF/pCSCF Topology Hiding Configuration Set Name is not unique; it already exists
in the system.

Editing an S9 AF/pCSCF Topology Hiding Configuration Set

Use this task to edit an existing S9 AF/pCSCF Topology Hiding Configuration Set.
When the S9 AF/pCSCF Topology Hiding Configuration Sets page opens, the fields are populated
The S9 AF/pCSCF Topology Hiding Configuration Set Name cannot be edited.
Configuration Sets.
2. Select the S9 AF/pCSCF Topology Hiding Configuration Set you want to edit.
3. Click Edit.
The S9 AF/pCSCF Topology Hiding Configuration Sets [Edit] page appears.
For information about each field, see Diameter S9 AF/pCSCF Topology Hiding Configuration Set
elements.
5. Click:
• OK to save the data and return to the S9 AF/pCSCF Topology Hiding Configuration Sets
page.
• Cancel to return to the S9 AF/pCSCF Topology Hiding Configuration Sets page without saving
any changes.
• The selected S9 AF/pCSCF Topology Hiding Configuration Set no longer exists; it has been
Deleting an S9 AF/pCSCF Topology Hiding Configuration Set

Use this task to delete an S9 AF/pCSCF Topology Hiding Configuration Set.
cannot be deleted.
Configuration Sets.
2. Select the S9 AF/pCSCF Topology Hiding Configuration Set you want to delete.
3. Click Delete.
4. Click:
• OK to delete the S9 AF/pCSCF Topology Hiding Configuration Set.
• Cancel to cancel the delete function and return to the S9 AF/pCSCF Topology Hiding

Protected Networks
A Protected Network component contains Topology Hiding (TH) configuration data that is used when
messages to and from that network are to be protected using Topology Hiding. The following fields
are described in Diameter Protected Network configuration elements:
• Protected Network Realm - Realm of a network that is to be protected.
• Trusted Network List - A Trusted Network List of networks that are trusted by this Protected
Network. If a Trusted Network List is not assigned to the Protected Network, then no networks
are trusted for the Protected Network.
• Path Topology Hiding Configuration Set - The set of Path TH elements for this Protected Network.
If a Path TH Configuration Set is not assigned to the Protected Network, then Path TH is disabled
for the Protected Network.
• S9 PCRF Topology Hiding Configuration Set - S9 PCRF Topology Hiding Configuration Set name
for this Protected Network
• MME/SGSN Topology Hiding Configuration Set - The set of MME/SGSN TH elements for this
Protected Network. If a MME/SGSN TH Configuration Set is not assigned to the Protected Network,
then MME/SGSN TH is disabled for the Protected Network.
• S6a/S6d HSS Topology Hiding Configuration Set - The set of S6a/S6d HSS TH elements for this
Protected Network. If a S6a/S6d HSS TH Configuration Set is not assigned to the Protected Network,
then S6a/S6d HSS TH is disabled for the Protected Network.
• S9 AF/pCSCF Topology Hiding Configuration Set - S9 AF/pCSCF Topology Hiding Configuration
Set name for this Protected Network
On the Diameter > Configuration > Topology Hiding > Protected Networks page, you can perform
the following actions:
• Filter the list of Protected Networks, to display only the desired Protected Networks.
default order is by Protected Network Realm in ascending ASCII order.
• Click an entry that is shown in blue for a Trusted Network List or a Configuration Set, to open the
Diameter > Configuration > Topology Hiding [Filtered] view page for that entry only.
• Click Insert.
The Diameter > Configuration > Topology Hiding > Protected Networks [Insert] page appears.
You can add a new Protected Network.
The Diameter > Configuration > Topology Hiding > Protected Networks [Insert] will not open
if the maximum number of Protected Networks per Network Element (500) already exists in the
system.
• Select a Protected Network in the list, and click Edit.
The Diameter > Configuration > Topology Hiding > Protected Networks [Edit] page appears.
You can edit the selected Protected Network
• Select a Protected Network in the list, and click Delete. You can delete the selected Protected
Network.

Diameter Protected Network configuration elements

Table 90: Protected Network Configuration Elements describes the fields on the Diameter > Configuration >
Topology Hiding > Protected Networks View, Insert, and Edit pages. Data Input Notes apply only
Table 90: Protected Network Configuration Elements
Field (* indicates
* Protected Network Protected Network Realm that Format: case-insensitive string
Realm uniquely identifies the Protected consisting of a list of labels separated
Network. by dots, where a label may contain
underscore (_). A label must start with
a letter, digit, or underscore and must
end with a letter or digit. Underscores
can be used only as the first character.
Range: Label - up to 63 characters;
Protected Network Realm - up to 255
characters.
Trusted Network List Trusted Network List name for this Format: Pulldown list
Protected Network.
Range: -Disabled-; configured Trusted
Network Lists
Default: Disabled
Path Topology Hiding Path Topology Hiding Format: Pulldown list

Configuration Set Configuration Set name for this
Range: -Disabled-; configured Path
Protected Network.
Topology Configuration Sets
Default: Disabled
S6a/S6d HSS Topology S6a/S6d Topology Hiding Format: Pulldown list

Hiding Configuration Configuration Set name for this
Range: -Disabled-; configured
Set Protected Network.
S6a/S6d HSS Topology Configuration
Sets
Default: Disabled
MME/SGSN Topology MME/SGSN Topology Hiding Format: Pulldown list

Range: -Disabled-; configured
Set Protected Network.
MME/SGSN Topology Configuration
Sets
Default: Disabled

Field (* indicates
S9 PCRF Topology S9 PCRF Topology Hiding Format: Pulldown list
Range: -Disabled-; configured S9
Set Protected Network
PCRF Topology Configuration Sets
Default: Disabled
S9 AF/pCSCF Topology S9 AF/pCSCF Topology Hiding Format: Pulldown list

Range: -Disabled-; configured S9
Set Protected Network
AF/pCSCF Topology Configuration
Sets
Default: Disabled
Viewing Topology Hiding Protected Networks

Use this task to view configured Topology Hiding Protected Networks.
On the NOAM, select Diameter > Configuration > Topology Hiding > Protected Networks.
The Diameter > Configuration > Topology Hiding > Protected Networks page appears.
Adding a Protected Network

Use this task on the NOAM to create a new Protected Network.
The fields are described in Diameter Protected Network configuration elements.
1. Select Diameter > Configuration > Topology Hiding > Protected Networks.
2. Click Insert.
The Diameter > Configuration > Topology Hiding > Protected Networks [Insert] page appears.
3. Enter a unique name in the Protected Network Realm field, to identify the Protected Network.
4. Select a Trusted Network List for the Protected Network, if required.
5. Select a Configuration Set for each required type of Topology Hiding:
• Path Topology Hiding Configuration Set
• S6a/S6d HSS Topology Hiding Configuration Set
• MME/SGSN HSS Topology Hiding Configuration Set
• S9 PCRF Topology Hiding Configuration Set
• S9 AF/pCSCF Topology Hiding Configuration Set
6. Click:
• OK to save the changes and return to the Diameter > Configuration > Topology Hiding >
Protected Networks page .
• Cancel to return to the Diameter > Configuration > Topology Hiding > Protected Networks
page without saving any changes.

• The Protected Network Realm is not unique; it already exists in the system
• Adding this Protected Network would exceed the maximum number of Protected Networks
(500) allowed in the system
Editing a Protected Network

Use this task to make changes to existing Protected Networks.
The Protected Network Realm cannot be changed.
1. Select Diameter > Configuration > Topology Hiding > Protected Networks.
2. Select the Protected Network you want to edit.
3. Click Edit.
The Diameter > Configuration > Topology Hiding > Protected Networks [Edit] page appears.
The page is initially populated with the current configured values for the selected Protected Network.

For more information about each field see Diameter Protected Network configuration elements
5. Click:
• OK to save the changes and return to the Diameter > Configuration > Topology Hiding >
Protected Networks page.
• Cancel to return to the Diameter > Configuration > Topology Hiding > Protected Networks
page without saving any changes.
Deleting a Protected Network

Use this task on the NOAM to delete a Protected Network
1. Select Diameter > Configuration > > Topology Hiding > Protected Networks.
2. Select the Protected Network you want to delete.
3. Click Delete.
4. Click:
• OK to delete the Protected Network.

• Cancel to cancel the delete function and return to the Diameter > Configuration > Topology
Hiding > Protected Networks page.
If OK is clicked and the selected Protected Network no longer exists (it was deleted by another
user), an error message is displayed and the Protected Networks view is refreshed.

Chapter
11
Diameter Egress Throttle List
Topics: The following components can be configured for

Egress Throttle List:
• Egress Throttle List overview.....397
• Rate Limiting Configuration Sets
• Rate Limiting Configuration Sets on the
• Pending Transaction Limiting Configuration Sets
NOAM.....398
• Egress Throttle Lists
• Pending Transaction Limiting Configuration Sets
on the NOAM.....398 Note: Egress Throttle List configuration
• Egress Throttle Lists on the NOAM.....400 components must be managed from the NOAM.

Diameter User's Guide Diameter Egress Throttle List
Egress Throttle List overview

Egress Throttle Lists are collections of two or three Egress Throttle Groups, where each of those Egress
Throttle Groups is configured on a different diameter routing systems. Egress Throttle Lists are used
to implement Coordinated Egress Throttling across Multiple diameter routing systems. Egress Throttle
Lists aggregate Egress Message Rate and Pending Transaction data from the component Egress Throttle
Groups and use the aggregated metrics to throttle Requests to the component ETGs' peer nodes and
connections.
Egress Throttle Lists have a similar data structure to Egress Throttle Groups. Both can track Egress
Message Rate and Pending Transactions independently. Both have the same set of Onset and Abatement
Thresholds for EMR and EPT, which are calculated from associated ETL Rate and Pending Transaction
Limiting Configuration Sets.
The primary difference between Egress Throttle Lists and Egress Throttle Groups is that ETLs are
provisioned at the NOAM level, while ETGs are provisioned at the SOAM level. Egress Throttle Groups
are enabled and disabled with a maintenance GUI on the SOAM, but Egress Throttle Lists do not have
an associated maintenance screen in a GUI. Egress Throttle Lists are enabled and disabled on a diameter
signaling router by provisioning and maintenance actions against the component ETGs.
ETL Message Rate Limiting is controlled by the settings for the component ETGs, as described in Rate
Limiting Configuration Sets and Diameter Maintenance Egress Throttle Groups. ETL Pending Transaction
Limiting is controlled by the settings for the component ETGs, as described in Pending Transaction
Limiting Configuration Sets and Diameter Maintenance Egress Throttle Groups.
Egress Throttle List Maintenance

Egress Throttle Lists perform two functions: rate limiting and pending transaction limiting. Each of
the functions is independent of one another and can be optionally configured and controlled separately.
Egress Throttle Lists does not have an associated GUI maintenance page to control whether Egress
Message Rate Limiting and Egress Pending Transaction Rate Limiting are enabled or disabled. EMR
and EPT Limiting for the ETL are controlled by maintenance changes to the ETL's component ETGs.
Because an Egress Throttle List is composed of Egress Throttle Groups provisioned on different routers,
an Egress Throttle List instance on an MP has additional state data that an Egress Throttle Group does
not have. This data is the number of SMS-controlled ComAgent connections between the local diameter
router server and the other diameter router servers with Egress Throttle Groups in the Egress Throttle
List. If the local diameter router server is connected to all other diameter router servers with ETGs in
the ETL, the Egress Message Rate and Pending Transaction thresholds are based on values calculated
from the associated ETL Rate and Pending Transaction Limiting Configuration Sets. But if the local
diameter router server is not connected to all diameter router servers with ETGs in the ETL, the Egress
Message Rate and Pending Transaction thresholds are reduced according to the Per SMS Connection
Failure Percent Reduction parameter provisioned against the ETL on the local diameter signaling
router.
The following is an example of the reduced EMR and EPT thresholds due to a connectivity failure
with another diameter router server that has an ETG contained in an ETL. Assume that the ETL contains
two ETGs in two different diameter router servers. The maximum rate for the ETL is 10,000 messages
per second, and the maximum number of pending transactions is 12,000. The per-connection percent
reduction value for each ETG is 50, which means that the maximum values of EMR and EPT should
be reduced 50 percent if a diameter server router cannot connect to the other diameter signaling router
to exchange aggregated data for the ETL. In this example, if one of the diameter signaling router cannot

connect with the other, it will use 5,000 messages per second for the maximum EMR for the ETL, and
it will use 6,000 transactions as the maximum EPT. The rate and pending transaction onset and
abatement thresholds will be calculated from these reduced maximums for as long as the diameter
signaling router is not able to connect to the other diameter signaling router.
Rate Limiting Configuration Sets on the NOAM

Rate Limiting Configuration Sets configuration provides the mechanism to enter data needed by Egress
Throttle Lists to perform egress throttling by egress message rate.
Rate Limiting Configuration Sets are inserted and edited on the NOAM via the Main Menu: Diameter >
Configuration > Egress Throttle List > Rate Limiting Confuguration Sets page. For details about
the SOAM functionality, see Rate Limiting Configuration Sets.
The Rate Limiting Configuration Set fields are described in Rate Limiting Configuration Sets elements.
On the Rate Limiting Configuration Sets page, you can perform the following actions:
• Filter the list of Rate Limiting Configuration Sets to display only the desired Rate Limiting
Configuration Sets.
The default order is by Rate Limiting Configuration Set Name in ascending ASCII order.
• Click Insert.
The Rate Limiting Configuration Sets [Insert] page appears. You can add a new Rate Limiting
Configuration Set. See Adding a Rate Limiting Configuration Set.
If the maximum number of Rate Limiting Configuration Sets already exists in the system, an error
• Select a Rate Limiting Configuration Set Name in the list, and click Edit.
The Rate Limiting Configuration Sets [Edit] page opens. You can edit the selected Rate Limiting
Configuration Set. See Editing a Rate Limiting Configuration Set.
If no row is selected, the Edit button is disabled.
• Select a Rate Limiting Configuration Set Name in the list, and click Delete to remove the selected
The Default Rate Limiting Configuration Set can be edited, but cannot be deleted. See Deleting a
Pending Transaction Limiting Configuration Sets on the NOAM

Pending Transaction Limiting Configuration Sets configuration provides the mechanism to enter
configuration data needed by Egress Throttle Groups to determine when to start throttling for pending
transactions. For details about the SOAM functionality, see Pending Transaction Limiting Configuration
Sets.

Pending Transaction Limiting Configuration Sets are inserted and edited on the NOAM via the Main
Menu: Diameter > Configuration > Egress Throttle List > Pending Transaction Limiting
An ETL is always associated with an Pending Transaction Limiting Configuration Set that provides
the following data for performing Pending Transaction Throttling based on pending transactions:
• Maximum pending transactions
• Abatement time
You must change the Egress Throttling Control Scope of the Egress Throttle Group to ETL and enable
Pending Transaction Limiting on the Egress Throttle Group before Egress Pending Transaction Limiting
can be started on Egress Throttle Lists.
The Pending Transaction Limiting Configuration Sets fields are described in Pending Transaction
Limiting Configuration Sets elements.
On the Pending Transaction Limiting Configuration Sets page, you can perform the following actions:
• Filter the list of Pending Transaction Limiting Configuration Sets to display only the desired Pending
Transaction Limiting Configuration Sets.
The default order is by Pending Transaction Limiting Configuration Sets in ascending ASCII
order.
• Click Insert.
The Pending Transaction Limiting Configuration Sets [Insert] page appears. You can add a new
Pending Transaction Limiting Configuration Sets. See Adding a Pending Transaction Limiting
Configuration Set.
If the maximum number of Pending Transaction Limiting Configuration Sets already exists in the
system, an error message is displayed.
• Select a Pending Transaction Limiting Configuration Set Name in the list, and click Edit.
The Pending Transaction Limiting Configuration Sets [Edit] page opens. You can edit the selected
Pending Transaction Limiting Configuration Set. See Editing a Pending Transaction Limiting
Configuration Set.
If no row is selected, or if more than one row is selected, the Edit button is disabled.
• Select a Pending Transaction Limiting Configuration Set Name in the list, and click Delete to
remove the selected Pending Transaction Limiting Configuration Set.
See Deleting a Pending Transaction Limiting Configuration Set.

Egress Throttle Lists on the NOAM

Egress Throttle Lists is used to manage coordinated Egress Throttling across multiple diameter signaling
routers by adding Egress Throttle Groups to an Egress Throttle List. ETLs have congestion level states
similar to Egress Throttle Groups, but they span multiple diameter signaling routers.
For Coordinated Egress Throttling across Multiple diameter signalling routers, all of the Egress Throttle
Groups that belong to an Egress Throttle List must belong to the same network.
Egress Throttle Lists control the following functions:
• Defines the Egress Throttle List name.
• Identifies the site name, Egress Throttle Group, and the Connection Failure Percent Reduction.
• Establishes the Rate Limiting Configuration Set and the Pending Transaction Limiting Configuration
Set.
Diameter Egress Throttle Lists elements

Table 91: Egress Throttle Lists Elements describes the fields on the Diameter > Configuration > Egress
Throttle List > Egress Throttle Lists page.
Table 91: Egress Throttle Lists Elements
*Egress Throttle List A name that uniquely identifies the Egress Format: text box;
Name Throttle List. alphanumeric and
underscore; must
contain at least one
alpha and must not start
with a digit.
Default: NA
Site Name The Site Name to associate to the Egress Throttle Format: Pulldown list.
List Name.
Default: NA
Egress Throttle Group The Egress Throttle Group to associate to the Format: Pulldown list.
Egress Throttle List Name.
Range: NA
Default: NA
Connection Failure The Connection Failure Percent Reduction to Format: Pulldown list.
Percent Reduction associate to the Egress Throttle List Name.
Range: NA
Range: Percent
reduction for maximum
rate and pending

transactions per
connectivity failure to
other sites with ETGs in
the ETL. 0%-50%
Default: 100
Rate Limiting List of all of the Rate Limiting Configuration Sets. Format: Pulldown list.
Configuration Set
Range: NA
Default: NA
Pending Transaction List of all of the available Pending Transaction Format: Pulldown list.
Limiting Configuration Limiting Configuration Sets.
Range: NA
Set
Default: NA
Viewing Egress Throttle Lists

Use this task to view Egress Throttle Lists.
Egress Throttle Lists fields are described in Diameter Egress Throttle Lists elements.
Select Diameter > Configuration > Egress Throttle List > Egress Throttle Lists.
The Diameter > Configuration > Egress Throttle List > Egress Throttle Lists page appears.
Adding Egress Throttle Lists

Use this task to create new Egress Throttle Lists.
1. Select Diameter > Configuration > Egress Throttle List > Egress Throttle Lists..
2. Click Insert.
The Diameter > Configuration > Egress Throttle List > Egress Throttle Lists [Insert] page appears.
3. Enter a unique name for the Egress Throttle List in the Egress Throttle List Name field.
4. Select a Site Name.
5. Select a Egress Throttle Group.
6. Set a Connection Failure Percent Reduction value.
7. Select a Rate Limiting Configuration Set.
8. Select a Pending Transaction Limiting Configuration Set.
9. Click:
• OK to save the changes and return to the Diameter > Configuration > Egress Throttle List >
Egress Throttle Lists page.

• Cancel to return to the Diameter > Configuration > Egress Throttle List > Egress Throttle
• The maximum number of Egress Throttle Lists have already been created.
• There is no Egress Throttle Group in the network element corresponding to the Egress Throttle
List to be added.
• Any required fields are left empty.
• An Egress Throttle List is configured with duplicate Peers or Connections.
• An Egress Throttle List is configured with a Egress Throttle Group already configured as a
member in any Egress Throttle List.
Editing Egress Throttle Lists

Use this task to edit Egress Throttle Lists.
When the Diameter > Configuration > Egress Throttle List > Egress Throttle Lists [Edit] page opens,
the columns are initially populated with the current configuration of the selected Egress Throttle List.
The existing Egress Throttle List Name cannot be changed.
Changes can be made to an Egress Throttle List configuration with either Rate Limiting Admin State
or Pending Transaction Limiting Admin State in the Enabled or the Disabled state.
Changes can be made to an Egress Throttle List configuration irrespective of the Operational Status
of the associated Peer Connections.
1. Select Diameter > Configuration > Egress Throttle List > Egress Throttle Lists.
2. Select the Egress Throttle List to be edited, then click Edit.
The Diameter > Configuration > Egress Throttle List > Egress Throttle Lists [Edit] page appears.

An entry in a pulldown list can be removed by selecting the entry in the list, and then clicking the
X to the right of the pulldown list.
4. Click:
• OK to save the changes and return to the Diameter > Configuration > Egress Throttle List >
Egress Throttle Lists page.
• Cancel to return to the Diameter > Configuration > Egress Throttle List > Egress Throttle
Deleting Egress Throttle Lists

Use this task to delete Egress Throttle Lists.
1. Select Diameter > Configuration > Egress Throttle List > Egress Throttle Lists

2. Select the Egress Throttle List to be deleted.
3. Click Delete.
4. Click:
• OK to delete the Egress Throttle List.
• Cancel to cancel the delete function and return to the Diameter > Configuration > Egress
Throttle List > Egress Throttle Lists page.
If OK is clicked and the following condition exists, an error message appears:
• If the ETL contains one or more ETGs that have their Egress Throttling Control Scope set to
ETL. To delete the ETL, the Egress Throttling Control Scope for all of the ETGs in that ETL must
be set to ETG.

Chapter
12
Diameter RADIUS
Topics: This section introduces some of the high-level

RADIUS functionality. It is not intended to be a
• RADIUS overview.....405 comprehensive explanation of RADIUS.
RADIUS-related GUI explanations are in their
respective GUI elements topics within the online
help.

Diameter User's Guide Diameter RADIUS
RADIUS overview
RADIUS (Remote Authentication Dial In User Service) connection layer is an Authentication,
Authorization, and Accounting (AAA) protocol that is a predecessor to Diameter. From a Diameter
Plug-In perspective, it is another connection layer function which appears identical to DCL to a DRL
from a signaling perspective. RADIUS shares some similarities with Diameter, but is different in many
ways. In particular, the transport/connection layer where UDP is most commonly used by RADIUS.
In that regard, RADIUS is primarily supported on the diameter router by a new connection layer,
while using the existing routing services (with minor enhancements) and the existing Diameter-based
message interface to/from DRL.
The RADIUS Connection Layer (RCL) allows DSR to interface with RADIUS clients and servers.
RADIUS clients initiate transactions, RADIUS servers route/process transactions received from clients
and send responses. The RADIUS protocol primarily uses UDP, a connectionless datagram transport
service, as a transport layer between peer nodes. The concept of a RADIUS connection is introduced
by RCL, which allows reuse of most of the existing connection-oriented features and infrastructure
with minimal change. Due to the RADIUS client-server model and how RADIUS connections are
defined, a RADIUS connection is unidirectional; for example, DSR can either send or receive RADIUS
transactions on a RADIUS connection, but it cannot do both. In this regard, RADIUS connections are
configured as either client or server as follows:
• RADIUS Client Connection
• RADIUS Server Connection
See the following for RADIUS configuration information:
• Diameter Local Nodes
• Diameter Peer Nodes
• Connections
The key differences between the RADIUS and diameter protocols and RADIUS functionality details
are explained in RADIUS User's Guide. That document also contains information about RADIUS
message processing, Diameter message processing, RADIUS transaction processing, RADIUS connection
management, Shared Secret Encryption, and DRL message processing.
See Operations, Administration, and Maintenance (OAM) for more information about OAM, the GUI
pages nested under the Administration, Configuration, Alarms & Events, Security Log, Status &
Manage, and Measurements menu options. OAM Help explains how to use these GUI pages to view
and manage the basic operation, administration, and maintenance for the application.

Chapter
13
Diameter Message Copy
Topics: The Diameter Message Copy function provides the

ability to forward a copy of a Diameter Request
• Diameter Message Copy overview.....407 message, and optionally the Answer message,
• Diameter Message Copy.....409 routed through diameter routing to a Diameter
Application Server (a DAS Peer). Diameter Message
Copy can be triggered by a configuration or can be
dictated by a routing application.

Diameter User's Guide Diameter Message Copy
Diameter Message Copy overview

Diameter Message Copy copies both Diameter Request and Answer messages as directed by one or
more Trigger Points within the node. The Trigger Points can be any processing functions acting on
the messages, including Diameter Mediation, diameter applications, and Peer Routing Rules. Message
Copy Configuration Sets define the contents and conditions on which the copy needs to be performed.
Message Copy Configuration Sets provide a mechanism for determining the messages to be copied
(Request or Answer), the Result-Code/Experimental Result-Code on which the Message Copy is
initiated, and number of retries to be made if the Message Copy attempt to DAS fails. The Message
Copy Trigger Point must specify a Message Copy Configuration Set when the message is marked for
copying.
Trigger Points mark the message ready for copy, based on the circumstances and requirements specific
to the Trigger Points. The Diameter Message Copy feature determines the condition at which the copy
needs to made and ensures that the copied message is delivered to DAS. A triggering condition or
rule can be configured. The Trigger Points also supply a Message Copy Configuration Set to specify
the conditions on which the copy needs to be initiated and the contents to be included in the Copied
Message.
A copy of certain Diameter Request messages that transit a routing network can be used for such
functions as bookkeeping and verification or for offering additional services. The criteria or triggering
condition to copy a Request to a DAS Peer can be simple or complex, and might be based on the
presence of certain AVPs and their values in the Request message and certain Result Codes in the
Answer received in response to the Request.
When a Diameter Request meeting the triggering condition is received, the message is marked as
ready to copy by the entity that processes the message.
When the response to the Request (the Answer) is received, if the Answer contains the matching Result
Code as specified by a Message Copy Configuration Set, the resultant action is executed - in the case
of Diameter Message Copy, the action would be to copy the Request and optionally the Answer and
send the Copied Message to a DAS Peer.
The Message Copy feature copies only the Diameter portion of the Request, and optionally the Answer,
matching a triggering condition; the transport and IP layers are not copied. Diameter Message Copy
is not a port mirror that replicates everything received on the wire on a specific port to an egress port.
Figure 35: Diameter Message Copy Message Flow depicts this message flow overview:

Figure 35: Diameter Message Copy Message Flow
Possible use cases for Diameter Message Copy include the following cases:
• Use Case 1: A copy of all Requests that match certain basic criteria are sent to a DAS. For example,
an incoming ULR over the S6a interface. In this case, the operator may wish to send a welcome
SMS based on the success of the ULR. (It is assumed that the DAS has additional intelligence to
distinguish an initial registration from a re-registration)
• Use Case 2: A copy of all Requests that match some advanced criteria (like the presence of an
application level AVP or if its value equals a pre-configured value) are sent to a DAS. For example,
a Lawful Intercept server maybe in interested in the registration of a specific IMSI.
• Use Case 3: A diameter application determines the Requests to be copied to a DAS.
Message Copy Trigger Points

The Diameter Message Copy feature can be separated into a trigger action and the actual copy operation.
The actual copy operation is performed by the Diameter Routing Function. The trigger action is
executed either within the Diameter Routing Function or from a local diameter application. When a
Request message received, the different tasks that could process a message can determine whether
the messages should be tagged for copy.
The Diameter message to be copied can be the Request Message as it arrived at the Node (Ingress
Request Message) or the final processed Request message routed out of the Node (Egress Request
Message). The Trigger Point can determine whether the response Answer message received (Ingress
Answer Message) to the Request message also needs to be copied along with the Request message.
The Trigger Point tags the message for copy and uses a Message Copy Configuration Set to convey
the details and conditions for copying the message.
Each Trigger Point must specify a Message Copy Configuration Set. If there are multiple Trigger Points
acting on the same message (from Mediation or PRT triggering, or both), the Message Copy
Configuration Set specified by the last Trigger Point will be used (with its specified Route List).
The copy rules and trigger actions could be implemented as described in the following examples:

• A Message Copy trigger can be initiated from the Diameter Peer Routing Rules. Peer Routing Rules
determine the Route List based on the characteristics of the egress Request message. The criteria
configured in the Peer Routing Rules can also be used for triggering a message copy, by specifying
a Message Copy Configuration Set in a Peer Routing Rule.
• The Diameter Mediation feature can trigger a Message Copy, by specifying a Message Copy
Configuration Set in a Rule Template Action. See Diameter Mediation User's Guide for information
about rule templates.
Diameter Message Copy

Diameter Message Copy provides flexible ways to specify the conditions under which the copy of the
Request (or both Request and Answer) must be made. It makes use of the existing routing principles
supported by diameter to provide routing of the messages to DAS. The Message Copy is performed
only after the completion of the original transaction.
Message processing
While Message Copy Trigger Points tag the messages to be copied, Diameter Message Copy in the
Diameter Routing Function encodes and copies the messages to the DAS based on the details specified
in the Message Copy Configuration Sets.
As a Diameter Request message is passed from the ingress side to the egress side, the message can go
through modifications before being routed out to the upstream Peer. During diameter processing, the
Diameter Message header and data portions can get modified; a function like Mediation, a local
diameter application, and the Diameter Routing function could change the message as part of its
processing. Thus, the two points of interest in the message processing are: 1) before the Diameter
message is modified, and 2) after all the modifications are made and the Diameter message is sent out
to the upstream Peer.
Some customers need the Answer messages received for the original Diameter Request messages from
the upstream Peer to be copied along with the Request message, because the Answer message contains
critical information that will be useful at the DAS while processing the copied data. Diameter Message
Copy supports copying the Ingress Answer messages along with the Request messages (Ingress or
Egress); the Answer message alone cannot be copied to a DAS. Diameter Message Copy copies to the
DAS the ingress Answer received to original Request Message, as described in Ingress Answer Message
Encoding.
When the Diameter Request message that is marked for copying is sent out, the message is stored as
a normal Diameter Pending Transaction. When the Answer message arrives, it has been matched to
the Request message, and the message is checked for rerouting. After all required rerouting, the
terminating message is checked for copy eligibility. If eligible, the Answer is further qualified as
containing the desired Result Code; then the message is copied and routed to a DAS Peer.
Diameter Message Copy can be treated as another form of rerouting. The copy of the original Request
and Answer are combined into one single message that is encoded as a copied message, processed as
a new Diameter transaction, and passed to Peer Routing for Connection selection and transmission.
The new Diameter/copy transaction is processed as any other Diameter Request, requiring a new
Answer from the DAS Peer with a qualifying Result Code (separate from the original transaction) to
complete the copy transaction. However, with Message Copy, the Answer message from the DAS
Peer is released by the Diameter Routing Function and not forwarded on, because the Diameter Routing

Function on the local DA-MP was the originator of the transaction. (Message Copy is not performed
if diameter generates the Answer, or if the original Request times out.)
After a message is selected for copying, a DAS is selected for routing and the normal existing Diameter
routing and congestion handling is applied. Copied Messages are assigned a Message Priority of 2,
and are processed in the same way as any Priority 2 message.
Each successfully copied Diameter Request is treated as a new transaction. When a received Diameter
Request is copied it becomes two transactions - one for the original and one for the Message Copy.
Thus, a copied Request/Answer transaction deducts two MPS from the net MPS rating. No additional
flow control or congestion mechanism specific to Message Copy is required. The additional MPS for
Message Copy also accounts for copying the original Answer messages to the DAS.
Routing to a DAS Peer

A DAS Peer is treated just as another Diameter Peer. Copied messages will be routed to an available
DAS Peer selected from Route Lists configured or specified in the Diameter Routing Function. Route
Lists are configured and intended to point to a Peer Node. The DAS Route List to which the message
needs to be copied is specified in a Message Copy Configuration Set.
Note: The DASs are expected to be direct Peers. Message Copy cannot be supported to DASs connected
through other diameter applications, relays, and proxy servers.
Only Requests matching the advertised Application-ID are copied to the DAS.
If a message has been marked for Message copy to a certain DAS-Route List and all the available
Connections to the Peers in the Route List do not support the Application-ID present in the copied
message, the copy is not performed, an Event is raised, and the copy action is ignored.
Note: Diameter Message Copy does not support copying the same message to multiple DAS Peers
simultaneously.
If the diameter tries to route the original Diameter Request message to Peer in a Route List and the
Answer is not received, diameter must attempt alternate routing by selecting other Peers in the Route
Group and Route List. If alternate routing is attempted, only one copy of the original Request (Ingress
or Egress), and optionally the Answer, will be sent to the DAS Peer to avoid flooding the DAS Peer
due to failure recovery and rerouting on the signaling side.
Diameter Message Copy evaluates the copy eligibility based only on the original terminating transaction.
The Result Code/Experimental Result Code of the terminating Answer is used to evaluate the copy
eligibility. This ensures that the copy of the message is sent only once to the DAS, regardless of the
number of alternate routing attempts. Message Copy is evaluated based on the value of the Result
code/Experimental Result code AVP in the Original terminating Answer. If an Egress Request message
is selected for copying, the Egress Request corresponding to the terminating Answer is copied to the
DAS.
Regardless of which message is actually copied, the copy action is always performed by Diameter
Message Copy only once on the original Diameter Request messages. The Message Copy triggering
will not be performed on the rerouted Diameter Request messages. A Diameter Request message can
be marked for copy only before the first routing attempt of the original Request message. The Message
Copy triggering could happen multiple times on the Answer Messages in the alternate routing scenario
(from Mediation and PRT triggering). Only the last trigger that is set on the original terminating
Answer is considered for Message Copy.

DAS Peer Response and Error Handling

The DAS Peer is expected to respond to the copied message with either a 2xxx (Success) or an error
Result code/Experimental Result code. When such a response is not received (either due to an
unexpected response or outbound Connection failure), a retry mechanism will resend the message
until the expected response is received or the maximum number of retries is exhausted. The mechanism
consists of a configurable number of retries and a retry timer. If a response is received, it will be
discarded after the release of the associated resources. If the intended Route List for the DAS Peer is
unavailable, the copy is not performed (or is discarded).
Note: Reroute on Answer based on a DAS Answer response is not supported. Message Copy provides
its own rerouting mechanism.
Ingress Answer Message Encoding

When the Message Copy Configuration Set specifies that the Ingress Answer message needs to be
included in the copied message, the header-stripped Answer message is encoded in the copied Request
message in the data portion of a specific MsgCopyAnswer AVP. Table 92: Specific MsgCopyAnswer AVP
Format describes the AVP format.
Table 92: Specific MsgCopyAnswer AVP Format
Byte 1 Byte 2 Byte 3 Byte 4

AVP Code = 2516(0x9d4
Flags=10000000 Length = (number of octets including 12 octets of AVP header)
Vendor ID = 323(0x143)
Data = Answer Message (Octet String)
The value of the MsgCopyAnswer AVP has the AVP portion of the received Ingress Answer message.
The Diameter header is removed from the original Ingress Answer message, and the remaining portion
of the message that contains all the AVPs is included as the value of the MsgCopyAnswer AVP. This
is shown in Table 93: Portion of the Answer Message Included as Data Value of the MsgCopyAnswer AVP.
Table 93: Portion of the Answer Message Included as Data Value of the MsgCopyAnswer AVP
Byte 1 Byte 2 Byte 3 Byte 4

Version Message Length
Command Flags Command-Code
Application-ID
Hop-by-Hop Identifier
End-to-End Identifier
AVPs (This is the only portion included as the value of the MsgCopyAnswer AVP.)
Rerouting of Copied Messages

Rerouting of the Copied Messages to DAS is different from rerouting of the original Request messages.
A Copied Message will be retried when the Result Code in the Answer from DAS is different from

the one specified in the Message Copy Configuration Set. This is not influenced by the Reroute on
Answer configured for the Application-ID. The maximum number of attempts to resend the Copied
Message is limited by the Max DAS Retransmission Attempts value specified in the Message Copy
Configuration Set. These attempts are not influenced by the maximum reroutes specified in the Routing
Option Sets, Application-ID, or Peer configuration. The total transaction life time of a message is
controlled by the settings on the ingress Peer node. In the case of a Copied Message, the Local Node
is the ingress Peer. Therefore, there is no specific Transaction Lifetime for the Copied Messages. The
maximum number of retry attempts and the Pending Answer Timer configured for the Peers will limit
the Total Transaction Lifetime of the Copied Message.
Diameter routing Message Copy congestion

You can manually enable or disable Diameter Message Copy on a system-wide basis.
Note: The discussion in this section assumes that Diameter Message Copy is enabled.
The Diameter Routing Function can automatically disable Diameter Message Copy if the DA-MP
reaches a specific level of congestion. The congestion level at which Diameter Message Copy is disabled
is configurable on the Diameter > Configuration > System Options > Message Copy Options GUI
page.
If the local DA-MP enters a congestion level based on the value of the configured MP Congestion
Level for Message Copy, Diameter Message Copy on that DA-MP is disabled automatically as a
load-shedding mechanism. Messages that are waiting for the copy action (those that have been marked
and are awaiting an original Answer from a Diameter Peer) are not copied. Messages that have already
been copied to the DAS and are waiting for a response from the DAS to complete the transaction are
processed until normal completion (either an Answer is received from the DAS Peer, or the number
of DAS retries has been exhausted and the Copy pending transaction is deleted); thus, their transactions
are deleted by the Pending Transaction Manager.
An original Request is not eligible for copy until a matching Answer is received from the upstream
Peer. Between the time a message is marked for copy and is actually copied, the local DA-MP's status
can change. Therefore, Diameter Message Copy is declared as disabled when the next Answered
marked message is processed by the Pending Transaction Manager to have a copy made and the local
DA-MP has congested (based on the Message Copy MP Congestion Level). A Message Copy alarm is
raised at this time.
Diameter Message Copy is enabled again when the local DA-MP Congestion Level abates (based on
the configured Message Copy MP Congestion Level), and an attempt is made to copy a message that
is marked for copy. The Message Copy disabled alarm is cleared only when the local DA-MP congestion
(Message Copy) is abated below the configured Message Copy MP Congestion Level, and a message
marked for copy is processed by Diameter Message Copy.
If Diameter Message Copy processing capacity reaches 100% congestion, further Message Copy actions
cannot be completed. In order to process the messages, Diameter Message Copy will not be disabled;
but an alarm is raised to indicate the processing capacity status until the congestion abates.
Message Copy Configuration Sets

A Message Copy Configuration Set (MCCS) is a collection of attributes that determine the messages
to be copied (Request or optionally the Answer), the Result code/Experimental Result code on which
the Message Copy is initiated, and the number of retries to be made if the Message Copy attempt to
the DAS fails. A Message Copy Trigger Point must specify a Message Copy Configuration Set when
the message is marked for copying.

Up to 100 Message Copy Configuration Sets are supported. The following elements can be configured
for each Message Copy Configuration Set; the fields are described in Message Copy Configuration Set
elements:
Message Copy Each Message Copy Configuration Set is assigned a unique name. A default
Configuration Message Copy Configuration Set named Default is always provided and can be
Set Name edited, but not deleted.
Route List of the The required Route List of the DAS Node element of the MCCS specifies the Route
DAS Node List to use for copying the message. This Route List consists of a Peer Route Group
or Connection Route Group. The DAS Peers are treated like any other Diameter
Peers with respect to Connection establishment and management. The CEx
messages are exchanged upon establishing a Connection, and the DWx/DPx
messages are exchanged as needed. Requests matching the advertised
Application-ID inly are copied to the DAS. If a message has been marked for
Message Copy to a certain DAS Route List and all the available Connections to
the Peers in the Route List do not support the Application-ID present in the copied
message, the copy is not performed, an Event is raised, and the copy action is
ignored.
The Route List must exist before the MCCS can select it. Route Groups must be
configured before Route Lists can be configured in Diameter Configuration.
The DASs are expected to be direct Peers. Message Copy is not supported to DASs
connected through other diameter applications, relays, and proxy servers.
Message Copy The original Request significantly altered as it traverses the routing network.
Request Type Depending on the function provided by the DAS, the DAS might be interested in
seeing the Request prior to or after the modifications made. The DAS can receive
a copy of the Original Ingress Request or the Original Egress Request. The Original
Ingress Request is the Request as received prior to any manipulation. The Original
Egress Request is the Request as sent to the upstream Peer. The default is Original
Ingress Request.
Ingress Answer In some cases, DAS must query the contents of the original Answer received for
Included the Request message in order to accomplish the function. When the Ingress Answer
Included element is set to YES, Diameter Message Copy copies the ingress Answer
that is received for the original Request Message to the DAS, as described in Ingress
Answer Message Encoding. The default is NO, Answer not included.
Original Answer The Result Code of the Answer messages corresponding to the Original Requests
Result Code for might influence the Message Copy action. For example, a DAS might not be
Message Copy interested in receiving a copy of the Request if the Original Transaction ended
with an Answer that contained a non-2xxx Result Code/Experimental Result
Code. The DAS can receive a copy of the message based on the outcome of the
Original Transaction. If 2xxx is selected, Diameter Message Copy is performed
only if the value of the Result Code/Experimental Result Code AVP in the Original
Answer is a 2xxx. If Any Result Code is selected, the Message Copy is performed
regardless of the Result Code/Experimental Result Code AVP value as long as
the diameter routing function receives an Answer from the upstream Peer. The
default is to copy on 2xxx only.
The Diameter Message Copy is not performed if the Answer is generated or if the
original Request times out.

Alternate routing is not attempted on a given Request, but in such cases the
Diameter Message Copy is attempted just once regardless of the number of
alternate routing attempts. Message Copy is evaluated based on the value of the
Result Code/Experimental Result Code AVP in the Original terminating Answer.
DAS Answer DASs are expected to respond with a 2xxx Result Code or an error Result
Result Code Code/Experimental Result Code upon the receipt of the copied message. If an
appropriate Answer is not received, the copied message is transmitted again for
the configured maximum number of times until the appropriate response is
received. The DAS Message Copy Answer Result Code can be configured with
one of the following choices:
• 2xxx Result Code/Experimental Result Code in the DAS Answer
• Any Result Code/Experimental Result Code in the DAS Answer
Max DAS This value determines the maximum number of times a copied message is
Retransmission transmitted again using the specified Route List, until the DAS Answer containing
Attempts the specified Result Code is received.
In the event that an appropriate Answer is not received, the copied message is
transmitted again for the configured number of times until the appropriate
response is received. The default is 0 and the range is 0-4. If the value is 0, there
are no retransmission attempts.
Diameter Configuration for Message Copy

The following Diameter Configuration components must be configured if Diameter Message Copy
will be used in the system:
• For PRT-Triggered Message Copy:
• One or more Route Groups
• One or more Route Lists
• One or more Message Copy Configuration Sets
• One or more Peer Route Tables
• One or more Peer Routing Rules
A Message Copy Configuration Set must be specified in each Peer Routing Rule that will be
used to trigger Message Copy.
• Set the Message Copy Feature element to Enabled in Diameter > Configuration > System
Options
• For Mediation-Triggered Message Copy:
• One or more Route Groups
• One or more Route Lists
• One or more Message Copy Configuration Sets
A Message Copy Configuration Set must be specified in each Rule Template Action that will
be used to trigger Message Copy for Mediation.
• Set the Message Copy Feature element to Enabled in Diameter > Configuration > System
Options

PRT-Triggered Message Copy

A Peer Routing Rule can be configured such that Request messages routed through that Peer Routing
Rule can be marked for copying to a Diameter Application Server (DAS). Diameter Message Copy
uses the contents and conditions that are specified in a Message Copy Configuration Set (MCCS) for
copying the message. If there is valid MCCS configured in the Peer Routing Rule, the Diameter Routing
Function marks the message for copy and attaches the specified MCCS. Diameter Message Copy
validates the transaction using the MCCS and copies the message to the DAS.
Mediation-Triggered Diameter Message Copy

The Mediation Rule Template Message Copy Action can be defined to trigger Diameter Message Copy
for messages that are processed by Diameter Mediation. Mediation Rule Templates are described in
the Diameter Mediation User's Guide and associated online help.
The Message Copy Action triggers Diameter Message Copy, and specifies the Diameter-configured
Message Copy Configuration Set (MCCS) that contains the Request/Answer content criteria to be
used by Diameter Message Copy to copy the message to a DAS. The Message Copy Configuration Set
specifies a configured Route List for the DAS. See Message Copy Configuration Sets.
Mediation Message Copy can be performed only for Request messages; the Message Copy Action is
ignored if set at Mediation Trigger Point ATP10 (Diameter Answer message prior to be forwarded to
connection).
If Diameter Message Copy is triggered for the same message from multiple locations, the Message
Copy Configuration Set for the latest Message Copy triggering is used.
In the case of Request re-route due to invalid Result code, only the Message Copy Configuration Set
that is associated with the Answer that completes the transaction at ATP1 is considered.
The Message Copy is performed after the completion of the original transaction. The Copied Message
is not processed by the Mediation Triggering Points.

Chapter
14
Diameter Capacity and Congestion Controls
Topics: The diameter routing function provides the features

and functions for per-connection and per-MP
• Introduction.....417 capacity and congestion control. Egress Throttle
• DA-MP Overload Control.....417 Groups can monitor Egress Message Rate and
• Per-Connection Ingress MPS Control.....419 Pending Transactions across multiple DA-MPs.
• Remote Congestion Controls.....424
• Egress Throttle Groups.....437

Diameter User's Guide Diameter Capacity and Congestion Controls
Introduction
Note: RADIUS design dictates that most of the per-connection and per-MP features apply in a similar
way to both RADIUS and Diameter connections.
The diameter routing function provides the following features and functions for capacity and congestion
control:
• DA-MP Overload Control
• Per-Connection Ingress MPS Control
• User Configurable Message Priority (not supported for RADIUS)
• Remote BUSY Congestion (not supported for RADIUS)
• Egress Transport Congestion
• Per-Connection Egress Message Throttling
• User-Configurable Connection Pending Transaction Limiting
• Egress Throttle Groups
• Functions associated with Message Priority and Connection Congestion:
• Egress Request routing incorporates Request Message Priority and Connection Congestion
Level in its Connection selection criteria.
• The Routing Option Set associated with the ingress Request specifies what action is taken by
diameter when routing of a Request is abandoned and the last Connection evaluated was
congested.
• The maintenance status for a congested Connection indicates whether the congestion is due to
Remote BUSY Congestion (not supported for RADIUS), Egress Transport Congestion (not
supported for RADIUS), or Egress Message Throttling.
The Diameter Transport Function services its per-Connection ingress sockets with per-Connection
MPS controls that ensure fairness in reading ingress messages for all established Connections.
The Diameter Transport Function services its per-Connection egress queues with controls that ensure
fairness in forwarding egress messages to Peers for all established Connections.
Egress Throttle Groups monitor Egress Message Rate, Pending Transactions, or both, for logical groups
of Diameter/RADIUS Connections or Peers, or both, across multiple DA-MPs on a Network Element.
DA-MP Overload Control

DA-MP Overload Control (Message Priority and Color-Based DA-MP Overload Control) provides a
mechanism for managing internal/local DA-MP congestion detection and control.
The DA-MP Overload Control feature tracks ingress message rate, calculates the amount of traffic that
needs to be shed based on CPU congestion, and sheds that traffic based on Message Priority, Message
Color, and discard policy.
Message Color is used as a means for differentiating Diameter Connections that are under-utilized
versus those that are over-utilized with respect to ingress traffic - traffic from under-utilized Connections
is marked green by the Per-Connection Ingress MPS Control (PCIMC) feature, while traffic from
over-utilized Connections is marked yellow. In the event of (Danger of Congestion or of CPU congestion

and based on the specified discard policy, traffic from over-utilized Connections is considered for
discard before traffic from under-utilized Connections. Traffic discarded by PCIMC due to capacity
exhaustion (per-Connection or shared) is marked red and is not considered for any subsequent
processing.
The following DA-MP Congestion Controls are associated with reducing the traffic processing load
on the DA-MP when congestion is detected:
• Internal Resource Monitoring and Control
The availability of key traffic-sensitive internal software resources (stack queues and buffer pools)
is monitored in real-time against their static maximum capacity.
When resource availability drops below engineered thresholds, alarms are generated. When resource
availability is exhausted, controls are invoked to prevent over-utilization. Resource utilization KPIs
and measurements provide real-time and long-term information for making decisions about system
capacity and growth.
• DA-MP Overload Control
Traffic loads, if allowed to exceed the DA-MP's engineered capacity, will degrade the effective
performance of the DA-MP, increase message latency, and can result in message loss. DA-MP
Overload Control is responsible for reducing the traffic processing load to insure that the MP meets
its performance specifications. MP Processing Overload Control monitors the Diameter Process
CPU utilization of the Diameter Process.
Limitations
• DA-MP Overload Control is limited to local MP congestion management and does not address
remote Diameter node congestion management.
• Automatic recovery from persistent MP or egress Connection congestion is not supported. Manual
intervention is required.
Diameter Configuration for DA-MP Overload Control

The following Diameter Configuration components are used for DA-MP Overload Control:
• MP Profiles
A DA-MP Profile is assigned to each DA-MP in the system. See the MP Profiles information in
Diameter Common User's Guide.
The assigned DA-MP Profile indicates the Engineered Maximum MPS for the DA-MP and the
Message Rate Alarm Set and Clear Thresholds. These engineering-configured MP Profiles values
shown on the MPs menu vary depending on the type of server used for the DA-MP.
The following elements can be user-configured from the Diameter Common > MPs menu for use
by the DA-MP Overload Control feature:
• Congestion Level 1 Discard Percentage - The percent below the DA-MP Engineered Ingress
MPS that DA-MP Overload Control will police the total DA-MP ingress MPS to when the DA-MP
is in Congestion Level 1.

• Congestion Discard Policy - The order of Message Priority and Color-based traffic segments to
consider when determining discard candidates for the application of treatment during DA-MP
Congestion processing. The following order is considered: Color within Priority, Priority within
Color, and Priority Only.
• Danger of Congestion Discard Percentage - The percent of total DA-MP ingress MPS above the
DA-MP Engineered Ingress MPS that DA-MP Overload Control will discard when the DA-MP
is in danger of congestion,
• Danger of Congestion Discard Policy - The order of Message Priority and Color-based traffic
segments to consider when determining discard candidates for the application of treatment
during DA-MP Danger of Congestion (DOC) processing. The following order is considered:
Color within Priority, Priority within Color, and Priority Only.
• Routing Option Sets
A Routing Option Set is a set of user-configurable routing options assigned to an ingress Diameter
transaction. A Routing Option Set can be assigned to Peer Nodes and Diameter Application IDs.
DA-MP Overload Control uses the following options:
• Resource Exhausted Action
• Resource Exhausted Result-Code Value
• Resource Exhausted Vendor-ID Value
• Resource Exhausted Error-Message Value
Per-Connection Ingress MPS Control

The Per-Connection Ingress MPS Control (PCIMC) feature limits to a configurable level the
per-Connection ingress message rate of each connection. Correctly configured message rate controls
ensure that a single Connection cannot use the majority of the resources. (No limiting is done by
PCIMC for the egress message rate.)
When a connection has data in its socket receive buffer, the data is read from the socket, but is not
processed unless a process request is granted. Each time a request is granted, a single message is
processed and another request must be granted before the next message can be processed. If a process
request is not granted, the message is discarded.
When a process request occurs, if the connection has not exceeded its reserved capacity, the request
is granted. If the reserved capacity has been exceeded and the maximum capacity is not yet reached,
then the request is granted only if MP shared capacity has not been exceeded.
Regardless of a process request being granted for each message, the connection reads as fast as it is
capable of, one message at a time, until one of the following occurs:
• There is no more data in the socket receive buffer to read
• The thread is swapped out by the operating system
• The batch read limit has been reached
The Per-Connection Ingress MPS Control feature:

• Is always available in the system

• Applies to per-Connection MPS control for Connections that are statically assigned to MP servers
through configuration and do not move from one MP to another
• Is applied in the Diameter Transport Function, which is used by all diameter applications
Capacity management for this feature can be logically separated into:
• Management of the ability of the MP server to process ingress Diameter messages - how the MP
server's resources are distributed to configured Connections
• Management of the ability of a given Connection to process ingress Diameter messages - how each
Connection behaves given its configured reserved and maximum ingress MPS settings
Per-Connection Capacity Management

Per-Connection Ingress MPS Control allocates a DA-MP's ingress message processing capacity among
the Diameter Peer Connections that it hosts. Each Peer Connection is allocated, through
user-configuration, a Reserved Ingress MPS message processing capacity and a Maximum Ingress
MPS message processing capacity.
The Reserved capacity for a Connection is available for exclusive use by the Connection. The capacity
between a Connection's Reserved and Maximum capacity is shared with other Connections hosted
by the DA-MP.
The DA-MP reads messages arriving from a Peer Connection and attempts to process them as long
as Reserved or shared ingress message capacity is available for the Connection. When no Reserved or
Shared ingress message capacity is available for a Connection, the DA-MP discards the messages
without generation of any response to the Peer.
Per-Connection Ingress Message Coloring

In addition to enforcing ingress message rate limits on a Per-Connection basis, Per-Connection Ingress
MPS Control colors ingress messages based on the Reserved and average ingress message rates.
Message color can be used at other traffic shedding points, such as DA-MP Overload Control.
Traffic from under-utilized Connections is marked green by Per-Connection Ingress Message Controls,
while traffic from over-utilized Connections is marked yellow. Traffic discarded by PCIMC due to
capacity exhaustion (per-Connection or shared) is marked red and is not considered for any subsequent
processing.
The following items describe the numbered items in Figure 36: Per-Connection Message Coloring:
• When the Connection's average ingress MPS rate is equal to or below its configured Reserved
Ingress MPS, all messages processed by the Connection are colored green.
• When the Connection's average ingress MPS rate is above its configured Reserved Ingress MPS,
all messages processed by the Connection are colored yellow.
Note: If the Connection's Reserved Ingress MPS is 0, all the messages processed by the Connection
are colored yellow.

Figure 36: Per-Connection Message Coloring
Per MP Server Capacity Management

MPS rates and thresholds are used to manage ingress message MPS as it relates to the MP server as a
whole.
A DA-MP has two configured ingress message rate capacity limits:
• Engineered Ingress MPS - Maximum ingress message rate that a DA-MP will support without
overload.
This value provides a limit to the total Reserved Ingress MPS of all Diameter Connections assigned
to the DA-MP. The value is displayed on Diameter > Configuration > DA-MPs > MP Profiles
for the MP Profile assigned to the DA-MP.
• MP Engineered Maximum Ingress MPS - A configurable ingress MPS limit that dictates the
maximum rate at which the DA-MP will attempt to process messages from all Diameter Connections.
This value may be greater than the MP Engineered Ingress MPS.
The DA MP monitors its MPS rate and limits the rate to an MP Engineered Ingress MPS value. If the
MP Engineered Ingress MPS rate is exceeded, overload can occur and ingress messages are discarded
(due to MP Ingress MPS Limiting and MP Congestion Controls).
Diameter Configuration for Per-Connection Ingress MPS Control

Each Diameter Connection is associated with a Capacity Configuration Set that includes the following
configurable elements:
• Reserved Ingress MPS - Defines the capacity reserved exclusively for the Connection and not
available for use by other Connections
The Reserved Ingress MPS cannot exceed the configured Maximum Ingress MPS for a given
Connection. A Connection can be configured with a zero Reserved Ingress MPS value; such
Connections will not reserve message processing capacity.
The Reserved Ingress MPS for a Connection cannot be used by any other Connection, regardless
of the load offered to other Connections.
If the Reserved Ingress MPS Capacity is set to a non-zero value, that value times the number of
Connections using that Capacity Configuration Set on a given MP server must not be allowed to
exceed the MP Maximum Reserved Ingress MPS (which is equal to the MP Engineered Ingress
MPS - the highest MPS rate at which the MP server can process ingress Diameter messages).
• Maximum Ingress MPS - Defines the maximum rate in ingress Diameter messages per second that
the Connection is allowed to process

The Maximum Ingress MPS must be greater than or equal to the Reserved Ingress MPS. Any
difference between the Maximum Ingress MPS and the Reserved Ingress MPS represents MP server
resources that are shared among Connections that are using the same Capacity Configuration Set.
The configured Maximum Ingress MPS of a Connection cannot exceed the Engineered Ingress MPS
of the Connection (the ingress MPS that a Connection can process at a sustained rate without errors).
If the Connection has Reserved Ingress MPS, the configured Maximum Ingress MPS must be greater
than or equal to the Reserved Ingress MPS. All Connections must have a non-zero configured
Maximum Ingress MPS; otherwise they would not be allowed to process traffic at all. (The Maximum
Ingress MPS value in the Default Capacity Configuration Set is non-zero.)
The sum of the Maximum Ingress MPS configured for all Connections on the MP server can exceed
the MP Engineered Ingress MPS - the highest MPS rate at which the MP server can process ingress
Diameter messages.
• Ingress MPS Minor Alarm Threshold - Defines the percent of the Connection's Maximum Ingress
MPS at which a Minor alarm is triggered
The Ingress MPS Minor Alarm Threshold value must be less than the Ingress MPS Major Alarm
Threshold value
• Ingress MPS Major Alarm Threshold - Defines the percent of the Connection's Maximum Ingress
MPS at which a Minor alarm is triggered
The Ingress MPS Minor Alarm Threshold value must be less than the Ingress MPS Major Alarm
Threshold value
Defines the percent of the Connection's Maximum Ingress MPS at which a Major alarm is triggered.
The Ingress MPS Major Alarm Threshold must be greater than the Ingress MPS Minor Alarm
Threshold.
• Reserved Ingress MPS Abatement Time - Defines the minimum time (in ms) that a Connection's
ingress message rate must remain less than or equal to Reserved Ingress MPS, after exceeding
Reserved Ingress MPS, in order to revert the ingress traffic color from Yellow to Green.
A Default Capacity Configuration Set is provided; additional Capacity Configuration Sets can be
configured. The Default Capacity Configuration Set is used for a Connection if no other Capacity
Configuration Set is assigned to the Connection. The elements of the Default Capacity Configuration
Set have the following default values:
• Reserved Ingress MPS - Zero MPS
• Maximum Ingress MPS - Value equal to the Engineered Ingress MPS for the Connection
• Ingress MPS Minor Alarm Threshold - 50% of the configured Maximum Ingress MPS
• Ingress MPS Major Alarm Threshold - 80% of the configured Maximum Ingress MPS
• Reserved Ingress MPS Abatement Time - 2000 ms
Maintenance and Monitoring for Per-Connection Ingress MPS Control

The Per-Connection Ingress MPS Control feature provides the following maintenance and monitoring
information:
• Alarms and measurements to assist the network operator to detect and avoid possible capacity
issues related to messaging rates
• The ability to view the average ingress Diameter MPS for each Connection
The Per-Connection Ingress MPS Control feature uses the following GUI information:

• Diameter > Configuration > Connections specifies which Capacity Configuration Set the
Connection uses.
• The Diameter > Configuration > Configuration Sets > Capacity Configuration Sets pages provide
elements for configuring Capacity Configuration Sets.
• Diameter > Maintenance > Connections reports KPI 10500 for average ingress MPS for each
Diameter Connection (Ingress Msgs Per Second).
For each Connection, the MP server maintains the average number of ingress Diameter messages
per second read from the socket. This is the rate at which ingress Diameter messages are read from
the socket, not the rate at which ingress Diameter messages arrive at the socket. There is no efficient
means to know the rate at which messages actually arrive.
The average ingress message rate is a running average (approximately 30 seconds). This provides
a information about the level of ingress messages being read by each Connection while avoiding
erratic readings caused by short duration spikes in the rate.
Connection Alarm
The Per-Connection Ingress MPS Control feature provides a Connection alarm with two severities to
alert the network operator when the average ingress MPS rate goes above the configured thresholds
for percentage of the configured maximum ingress MPS for the Connection.
The Connection Ingress MPS Alarm is a Per-Connection alarm that can be configured in a Connection's
Capacity Configuration Set to trigger at a Minor and Major capacity threshold.
The Minor alarm is asserted when the 30-second average MPS rate exceeds the configured Ingress
MPS Minor Alarm Threshold value for the Connection. The Minor alarm is cleared when the 30-second
average MPS rate falls 5% below the Ingress MPS Minor Alarm Threshold value configured for the
Connection.
The Major alarm is asserted when the 30-second average MPS rate exceeds the Ingress MPS Major
Alarm Threshold value configured for the Connection. The Major alarm is converted to a Minor alarm
when the 30-second average MPS rate falls 5% below the Ingress MPS Major Alarm Threshold value
configured for the Connection.
An alarm cannot be abated until an abatement time delay has expired. For example, if a Minor alarm
is asserted, the alarm cannot be cleared until the abatement time delay has expired and the average
ingress MPS for the Connection is 5% below the Minor alarm assert percentage. The abatement time
delay is 15 seconds.
The alarm abatement time delay affects only clearing of alarms, not asserting of alarms. Therefore, it
is possible to transition rapidly from a Minor alarm to a Major alarm.
Limitations
• PCIMC relies on a configured relationship between a Connection and the MP server that will host
the Connection.
• PCIMC does not prevent the total Reserved Ingress MPS of all Connections hosted by a DA MP
from exceeding the MP Maximum Reserved MPS capacity when the MP Maximum Reserved MPS
capacity is reduced after Connections are already configured with non-zero Reserved Ingress MPS.

Remote Congestion Controls

Note: Remote Busy congestion and egress transport congestion are not supported for RADIUS.
The following features provide remote congestion controls:
Remote BUSY Addresses Remote Congestion detection
Congestion
The Remote BUSY Congestion feature calls for the server to send a
DIAMETER_TOO_BUSY Answer, which is can be used by the clients to stop
sending traffic for some duration. The feature addresses Remote Congestion
detection and the steps to be taken to alleviate the situation.
Egress Transport Supports use of transport congestion status

Congestion
The Egress Transport Congestion feature uses Congestion Levels to manage
the egress message traffic flow on a Diameter Peer Connection when the
Connection's TCP/SCTP send buffer is exhausted, as indicated by the
TCP/SCTP socket being blocked. The socket is blocked when the Diameter
Transport Function attempts to write new data to the TCP/SCTP socket fail
due to insufficient send buffer space. When a Diameter Connection socket
becomes blocked, the Diameter Transport Function sets the Egress Transport
Congestion Level to CL-4 and discards any received Request or Answer
messages.
Per-Connection Egress Targets congestion avoidance

Message Throttling
The Per Connection Egress Message Throttling feature targets congestion
avoidance by throttling the volume of Diameter traffic being sent over a
Connection when the traffic exceeds the configured maximum egress message
rate of the Connection.
User-Configurable Provides a pending transaction limit for each Peer Connection

Connection Pending
User-Configurable Connection Pending Transaction Limiting (UC-CPTL)
Transaction Limiting
provides a configurable pending transaction limit for each Peer Connection,
to customize the distribution of the available Pending Transaction Records
on a DA-MP based on the varying deployment requirements. The limit can
be configured independently for each DA-MP.
Routing Based on Congestion Level

Features such as Remote BUSY Congestion, Egress Transport Congestion, and Per Connection Egress
Throttling Control are used to control the flow of egress traffic by setting a feature-specific Congestion
Level for a Diameter Connection. Certain Requests can be prioritized over others, using the User
Configurable Message Priority feature.
The Connection Priority Level (CPL) is an overall Congestion Level for the Connection that is based
upon the highest Congestion Level of the various egress traffic control features. The CPL is used by
the Diameter Routing Function when making egress message routing decisions based on the Priority
provided by the User Configurable Message Priority feature. No message can be forwarded to a
Diameter Connection that has a Priority level less than the CPL for that Connection

Up to five Congestion Levels (CL-0 to CL-4) are supported, with CL-0 indicating no congestion to
CL-4 indicating that the Connection is blocked. The intermediate Congestion Levels CL-1, CL-2, and
CL-3 indicate the increasing severity of congestion.
Each feature has a Congestion Level range, as follows:
• Remote BUSY Congestion Levels: CL-0. CL-1, CL-2, and CL-3
• Egress Transport Congestion Levels: CL-0. CL-1, CL-2, CL03, and CL-4
• Per Connection Egress Message Throttling Congestion Levels: CL-0. CL-1, CL-2, and CL-3
The CPL value for a Connection (CONN-CPL) is based on the maximum Congestion Level of the
features.
Egress Request routing and Answer forwarding functions use the Connection Congestion Level in
conjunction with the Message Priority to determine how Requests and Answers must be handled over
an egress Connection. Message Priority and Connection Congestion Level in the Connection selection
criteria are used to avoid sending messages of Priority x and lower to Connections currently at
Congestion Level x+1.
All Answers are assigned a Message Priority of 3, while Requests can be assigned Message Priorities
0 through 2. Messages with a Priority greater than or equal to the Congestion Level are allowed, while
messages with lower Priorities are not delivered on this Connection. This arrangement ensures that
Answers have the highest Priority and are always routed unless a Connection becomes blocked, and
depending upon the level of congestion some or all of the Requests may be allowed. Table 94: CLs,
CPLs, and Message Treatment summarizes this behavior.
Table 94: CLs, CPLs, and Message Treatment
Connection Message Priorities Message Priorities

CL/CPL Value Allowed Not Allowed Comment
CL-4/4 None All Requests nor Answers can be
sent on the Connection
CL-3/3 3 0,1,2 Allow only Answers to be sent
on the Connection
CL-2/2 3, 2 0,1 Allow only Answers and Pri=2
Requests to be sent on the
Connection
CL-1/1 3, 2, 1 0 Allow only Answers and Pri=2,1
Requests to be sent on the
Connection
CL-0/0 All None All Requests and Answers can
be sent on the Connection
Congestion Levels can be set by multiple features. For example, a particular Connection may have
received a DIAMETER_TOO_BUSY for a Priority 1 Request (resulting in CL-2 congestion), and while
abating may have experienced transport congestion (CL-4). Therefore, the concept of Connection
Priority Level (CPL) is used to consider the Congestion Levels reported by all the features while making
routing decisions.

The CPL value is a function of Operational Status and the Congestion Levels reported by the Remote
BUSY Congestion, Egress Transport Congestion, and Per Connection Egress Message Throttling
features. Table 95: Mapping Congestion Levels to CPL Values summarizes this behavior.
• The CPL Value for a Connection is based on the worst-case (highest) value:
CPL Value of a Connection = Max (X1, X2, X3, X4)
• This composite CPL value is then used by the Diameter Routing Function as shown in Table 94:
CLs, CPLs, and Message Treatment.
Table 95: Mapping Congestion Levels to CPL Values
Attribute Value CPL Value

X1: Diameter Connection Operational Status Available Degraded 0 3 99
Unavailable
X2: Diameter Connection Remote BUSY Congestion CL-0 through CL-3 0-3
X3: Diameter Connection Egress Transport CL-0 through CL-4 0-4
Congestion
X4: Diameter Connection Egress Message Throttling CL-0 through CL -3 0-3
Capacity and Ranges

Table 96: Remote BUSY and EMR Capacity Ranges specifies the capacity and ranges for Remote BUSY
and Egress Message Rate.
Table 96: Remote BUSY and EMR Capacity Ranges
Item Maximum Description

Remote BUSY processing 1000 Remote BUSY processing on up to 1000
simultaneous Diameter connections on a single
DA-MP
DA-MP
DA-MP
Egress Transport Congestion 1000 Egress Transport Congestion processing on up to
processing 1000 simultaneous Diameter connections on a single
DA-MP
DA-MP
DA-MP

Item Maximum Description

Egress Message Throttling 500 Egress Message Throttling on up to 500
DA-MP
simultaneous Diameter connections on a single DA
simultaneous Diameter connections on a single DA
Egress Message Throttling 50 Up to 50
Configuration Sets
User Configurable Message Priority

Note: User Configurable Message Priority is not supported for RADIUS.
User Configurable Message Priority provides the following functions to set the Priority of messages
that are handled and to use that Priority to as input into decisions for load shedding, message throttling,
and egress Connection selection:
• A method to assign Message Priorities to incoming Diameter Requests.
The Priorities assigned are based on the combination of Application-ID and Command-Code, and
the Connection upon which the Request arrives. A combination of Application-ID, Command-Code,
and associated Priority is called a Message Priority Rule.
• Association of a Message Priority Configuration Set with a Connection.
• Association of a Message Priority Configuration Set with a Peer Node.
• Definition of a Message Priority in a Peer Routing Rule.
• A method for Request messages arriving that are to be marked with a Message Priority.
• A method for the Message Priority determined by the first diameter signaling router to handle a
Request to be communicated to any other diameter signaling router that also handles the Request.
Message Priority will be determined based in part on the Connection on which the Request arrives
at the first diameter signaling router to handle the Request. A second diameter signaling router to
handle the Request is not able to establish the Priority based on the original ingress Connection.
• A method for exception routing and load shedding that allows the Remote BUSY Congestion
feature to use the Message Priority when determining which messages are exception-routed or
shed.
• A method for exception routing and load shedding that allows the Egress Transport Congestion
feature to use the Message Priority when determining which messages are exception-routed or
shed.
• A method for the message throttling that allows the Per Connection Egress Message Throttling
feature to use the Message Priority when determining which message are exception routed or shed.
Request messages can be assigned a Message Priority value of 0, 1, or 2 (lowest to highest Priority).
Answer messages are always assigned a Message Priority value of 3 (the highest Priority).
Messages that are given a higher Priority have a lower probability of being dropped as part of shedding
or throttling logic, but having a higher Priority does not imply that the message is routed before a

message with a lower Priority. Having a higher Priority does not guarantee that a messages will never
be dropped as a result of shedding of messages due to congestion or resource exhaustion. The arrival
pattern of the Requests has an impact on which messages are shed.
Message Priority can be assigned to ingress messages upon entrance based on the following:
• The Connection on which a message arrives
• The Peer Node from which a message is sent
• A Peer Routing Rule
A configured Message Priority Configuration Set can be assigned to a Connection or to a Peer Node
A Message Priority Configuration Set is configured with one or more Message Priority Rules that
specify Application IDs, Command Codes, and the Message Priority that is assigned to Request
messages that enter on a Connection that has been assigned the Message Priority Configuration Set.
Message Priority is assigned to ingress Request messages based on message content using the strongest
matching entry in the Configuration Set:
• Application-ID + Command-Code combination
• Application-ID
• All Request messages (Application ID and Command Code values are *)
In a network where Diameter messages traverse multiple diameter routes, Request Message Priority
might need to be assigned on one diameter signaling router and used by any and all diameter signaling
routers in the routing path.
Diameter embeds Priority in all Requests that it handles. The method used for embedding Priority in
egress Requests is transparent to non-Diameter nodes.
Egress Request routing and Answer forwarding will use Message Priority and Connection Congestion
Level in its Connection selection criteria to avoid sending Priority x messages to Connections currently
at Congestion-Level x+1.
Diameter Configuration for User Configurable Message Priority

The User Configurable Message Priority feature provides the ability to define Message Priority
Configuration Sets (MPCS). Each MPCS contains the following information:
• MPCS Name - The Name is used when associating the Configuration Set with a Connection or
Peer Node
• Message Priority Rules - Sets of Application-ID, Command-Code, and Priority
• Application-ID - The Diameter Application-ID. The Application-ID can be an asterisk (*)
indicating that all Application-IDs match this Message Priority Rule
• Command-Code - The Diameter Command-Code. The Command-Code can be an asterisk (*)
indicating that all Command-Codes within the specified application match this Message Priority
Rule
If multiple Command-Codes with the same Application-ID are to get the same Message Priority,
then there must be a separate Message Priority Rule combination for each Command-Code.
• Priority - The Priority applied to all Request messages that match the Application-ID and
Command-Code combination
The Application ID and Command Code must be configured in Diameter Configuration before they
can be used to configure a Message Priority Rule.

A Default Message Priority Configuration Set is provided that contains one Message Priority Rule;
the Message Priority Rule is set to accept all Application IDs and all Command Codes (values are *)
and has Message Priority set to 0 . The Default Message Priority Configuration Set can be assigned
and used if no other Message Priority Configuration Set is assigned to the Connection or the Peer
Node (it can be edited if needed).
A total of 20 Message Priority Configuration Sets can be configured per NE. Each Message Priority
Configuration Set supports up to 50 Message Priority Rules.
A Connection or Peer can be configured with either a MPCS or to get Message Priority from the ingress
Request. If it is configured to get Message Priority from the ingress Request, then it is not possible to
configure a MPCS for the Connection or Peer.
In Peer Routing Rules, Message Priority valid values are No Change, 0, 1 and 2. 0 is the lowest priority.
The Message Priority value is applied to the message only when the Peer Routing Rule Action value
is set to Route to Peer.
The following Message Priority treatment configuration options can be selected:
• None (default)
• Apply a MPCS (by selecting from a list of configured MPCSs)
• Read from message - Used to indicate that the Priority should be taken from the ingress message.
This is used for router-to- router Connections as a way of conveying Message Priority
This option does not apply to Peer Routing Rules, which have the options None (default) and
Apply an MPCS.
Table 97: Message Priority Treatment Methods indicates which method is used. If the Request does not
match a rule in the selected Message Priority Configuration Set, then the Request is assigned a Priority
value of zero (0).
Table 97: Message Priority Treatment Methods
Message Priority Configuration

Message Priority Configuration Set Peer Node (for Connection) How Priority is Set for Ingress
Set Connection Setting Setting Requests on Connection
Not Set Not Set Use NE
Not Set MPCS X Use MPCS X to assign Priority
to Ingress Requests
Not Set Get Priority from Ingress Extract Priority from Ingress
Requests Requests
MPCS Y (Don't Care) Use MPCS Y to assign Priority
to Ingress Requests
Get Priority from Ingress (Don't Care) Extract Priority from Ingress
Requests Requests
Remote BUSY Congestion

Note: Remote BUSY Congestion is not supported for RADIUS.

The Remote BUSY Congestion feature can be used per Connection to reduce the amount of message
traffic sent to a Diameter Connection when an adjacent Diameter Peer Node is unable to process
messages as fast as they are sent to it on the Connection.
Note: The User Configured Message Priority feature is a prerequisite for the Remote BUSY Congestion
feature.
A Connection is considered congested or BUSY if the following conditions exist:
• An Answer message containing Diameter_TOO_BUSY Result Code is received on the Connection
• The Answer message was originated by the Peer Node (the Origin-Host of the Answer message is
the same as the Connections Peer FQDN.
The status is set to BUSY only for the Connection of a Peer on which DIAMETER TOO BUSY is received.
The other Connections between the diameter signaling router and the Peer might or might not be
BUSY.
Remote BUSY Congestion applies only to adjacent nodes. If the node which initiated the
DIAMETER_TOO_BUSY, as determined by the Origin-Host AVP value, is not a Peer Node, then the
DIAMETER_TOO_BUSY will be ignored.
Message traffic reduction is managed through the use of 4 Remote BUSY Congestion Levels: CL-0.
CL-1, CL-2, and CL-3, where CL-0 indicates no congestion and CL-3 is the highest level of congestion.
A Remote BUSY Congestion Level for a Connection is determined from the Priority of the egress
transactions rejected by a DIAMETER_TOO_BUSY response. When a transaction of Priority X is
rejected by a DIAMETER_TOO_BUSY on a Connection whose Remote BUSY Congestion Level is X
or smaller, then the Remote BUSY Congestion of the Connection is set to a value that prevents the
Diameter Routing Function from sending subsequent transactions of the same or lower Priority than
the rejected transaction (in this case, the Remote BUSY Congestion Level is set to X+1). For example,
if a DIAMETER_TOO_BUSY response is received for a Priority 1 transaction, then the Remote BUSY
Congestion Level will be set to CL-2 to prevent subsequent transactions of Priority 1 and lower from
being forwarded on the Connection.
Whenever the Remote BUSY Congestion Level is increased, Remote BUSY Congestion abatement is
re-started, using the configured Remote Busy Abatement Timeout value. When the Remote Busy
Abatement Timeout expires, the Congestion Level is decremented by 1, allowing transactions with
the next lower Priority to be forwarded on the Connection; the Remote Busy Abatement Timeout is
restarted. This process continues until the Congestion Level of the Connection drops back to CL-0.
Whenever the Remote BUSY Congestion Level is increased, Remote BUSY Congestion abatement is
re-started, by starting the Remote BUSY Congestion Abatement Timer. When the Remote Busy
Abatement Timeout expires, the Congestion Level is decremented by 1, thus allowing transactions
with the next lower Priority to be forwarded on the Connection; and the Remote Busy Abatement
Timeout is restarted. This process continues until the transactions of the Connection drop back to
CL-0.
Because Remote BUSY Congestion is detected by inspecting the Result-Code AVP embedded in an
Answer response, detection is performed by the Diameter Routing Function.
Except for Remote BUSY Congestion detection, the Diameter Transport Function is responsible for
handling all of the tasks associated with Remote BUSY Congestion, such as:
• Managing the Remote BUSY Congestion Level
• Managing Remote BUSY abatement
• Updating the Connection Priority Level (CPL) for the Connection
• Keeping OAM informed of the Remote BUSY Congestion status

When the Diameter Routing Function determines that the Remote BUSY Congestion Level needs to
be increased, it notifies the Diameter Transport Function instance that is currently controlling the
Diameter Connection.
Because multiple Diameter Routing Function instances can be simultaneously forwarding transactions
to the same Diameter Connection and detecting Remote BUSY Congestion, an internal procedure
minimizes the number of simultaneous the Diameter Routing Function-to-Diameter Transport Function
detection notifications that are associated with any single Diameter Connection.
The Connection Congestion Levels CL-0, CL-1, CL-2, CL-3 and CL-4 are mapped to Connection Priority
Level (CPL) values 0, 1, 2, 3, 4 respectively.
Diameter Configuration for Remote BUSY Congestion

The Remote BUSY Congestion feature is configured using the following elements on the Diameter >
Configuration > Connections page:
• Remote Busy Usage: Enabled, Disabled
• Remote Busy Abatement Timeout - time period (in seconds) that a Connection will be considered
BUSY from the last time a DIAMETER_TOO_BUSY response was rec
The configuration elements cannot be modified when the Connection is in service (Connection Admin
State=Enabled).
The Remote BUSY Congestion feature can be enabled and disabled for each configured Diameter
Connection.
Egress Transport Congestion

The Egress Transport Congestion feature manages the egress message traffic flow on a Diameter Peer
Connection when the Connection's TCP/SCTP send buffer is exhausted, as indicated by the TCP/SCTP
socket being blocked (the Diameter Transport Function attempts to write new data to the TCP/SCTP
socket fail due to insufficient send buffer space). This can happen for variety of reasons such as
under-engineered TCP or SCTP buffers or the inability of the adjacent Diameter Peer to handle the
rate of egress message traffic currently being offered on a Connection. In general, this condition should
not occur during normal traffic loads, or during abnormal or peak traffic loads if the Per Connection
Egress Message Throttling feature is enabled and properly configured for a Connection.
Egress Transport Congestion detection and abatement are solely the responsibility of the Diameter
Transport Function.
Message traffic reduction is managed through the use of 5 Egress Transport Congestion Levels: CL-0.
CL-1, CL-2, CL-3, and CL-4.
The Connection Congestion Levels CL-0, CL-1, CL-2, CL-3 and CL-4 are mapped to Connection Priority
Level (CPL) values 0, 1, 2, 3, 4 respectively, as shown in Table 98: Mapping Congestion Levels to CPL
Values.
Table 98: Mapping Congestion Levels to CPL Values

Diameter Connection Operational Status Available Degraded 0 3 99
Unavailable


Diameter Connection Remote BUSY Congestion CL-0 through CL-3 0-3
Diameter Connection Egress Transport Congestion CL-0 through CL-4 0-4
Diameter Connection Egress Message Throttling CL-0 through CL-3 0-3
Diameter messages initiated by the Diameter Transport Function are not impacted by Egress Transport
Congestion Levels CL-0, CL-1, CL-2 or CL-3. This includes Peer-to-Peer messages such as DPR/DPA,
DWR/DWA and any non-Peer-to-Peer messages such as Diameter Transport Function-initiated Answer
responses associated with DA-MP Overload.
The Diameter Transport Function suppresses the creation and attempt to forward any Diameter
messages to a Diameter Peer Node when the Egress Transport Congestion Level is CL-4. This includes
Peer-to-Peer messages such as DPR/DPA, DWR/DWA and any non- Peer-to-Peer messages such as
Diameter Transport Function-initiated Answer responses associated with DA-MP Overload.
The Egress Transport Congestion feature behaves as follows:
• Messages that are already committed to the Connection by the Diameter Routing Function when
a Connection initially becomes transport congested will be discarded.
• When a Diameter Connection socket becomes blocked (such as when a TCP or SCTP socket becomes
full), the Diameter Transport Function sets the Egress Transport Congestion Level to CL-4 to prevent
the Diameter Routing Function from forwarding any further Request or Answer messages to the
Connection.
Any messages received while the Egress Transport Congestion Level is set to CL-4 are automatically
discarded by the Diameter Transport Function. This would normally occur for messages that the
Diameter Routing Function has already forwarded to the Diameter Transport Function before
receiving notification that the Connection Priority Level (CPL) was changed to a value of 4.
• When the Diameter Transport Function is notified that the socket is no longer blocked, the Diameter
Transport Function sets the Egress Transport Congestion Level to CL-3, and starts Egress Transport
Congestion abatement.
The Transport Congestion Abatement Timeout that is configured for each Diameter Connection
defines the time spent abating each Congestion Level during abatement. For example, if the
Transport Congestion Abatement Timeout value is set to 5 seconds when the Egress Transport
Congestion Level enters CL-3, it will remain in CL-3 for the full 5 seconds before the Egress Transport
Congestion Level can be reduced to CL-2.
If the TCP or SCTP socket becomes full while the Diameter Transport Function is in Egress Transport
Congestion abatement, the entire abatement procedure is restarted.
• A throttled event with Egress Transport Congestion as the reason for the event is logged every
time the Connection Priority Level (CPL) changes due to Egress Transport Congestion.
• When the Diameter Transport Function successfully establishes an IPFE TCP or SCTP connection,
it sets the Egress Transport Congestion Level for the Diameter Connection to CL-0.
When Egress Transport Congestion occurs, the Connection degraded alarm is raised, indicating Egress
Transport Congestion and the CL.
Note: The Connection degraded alarm can be raised by for other reasons, and will not be raised for
Egress Transport Congestion if it is already asserted.

When the Connection CL is 0 upon decrementing (the Egress Transport Congestion condition and all
other conditions that could raise the alarm are mitigated), abatement is complete and the Connection
degraded alarm is cleared.
Diameter Configuration for the Egress Transport Congestion Feature

The Egress Transport Congestion feature is always enabled on all Diameter Connections and cannot
be disabled by the operator.
For the Egress Transport Congestion feature, the Transport Congestion Abatement Timeout element
can be configured for each Diameter Connection, using the Diameter Configuration Connections GUI
page. The Transport Congestion Abatement Timeout value is the time period (in seconds) spent by
the Connection in abating each Congestion Level during abatement.
The Transport Congestion Abatement Timeout value cannot be modified when the Connection is in
service (Connection Admin State=Enabled).
Per Connection Egress Message Throttling

To protect servers in periods of excessive load, explicit egress message throttling and user-configurable
Connection Pending Transaction limiting can be used as messages are aggregated from several ingress
Peers (clients) and can overload the egress Peer (server).
To assist with prevention of Diameter Peer overload, signalling provides a method for throttling the
volume of Diameter Request traffic sent to a Peer Connection. The Egress Message Rate (EMR) on a
Connection being throttled is equivalent to the egress Request rate + the egress Answer rate on the
Connection. The allowed maximum egress message rate (Max EMR) can be configured per Connection.
The Per Connection Egress Message Throttling (PCEMT) feature works in conjunction with the User
Configurable Message Priority feature to provide intelligent load shedding based on the volume of
the offered load as shown in Table 99: Congestion Levels Based on Thresholds. The load shedding is
performed by dropping Requests based on Priority and the offered message rate. PCEMT sheds
messages as the offered message rate gets closer to the configured Max EMR.
The User Configurable Message Priority feature provides the ability to configure Message Priority
Configuration Sets that define the Priority. If a Message Priority Configuration Set is not assigned to
the Connection to specify the Priority, load shedding is still performed but it is primarily restricted to
Requests as all Requests are assigned a Priority of 0.
PCEMT uses configurable Egress Message Throttling Configuration Sets to govern Connection egress
message throttling behavior. The Egress Message Throttling Configuration Set elements (Max EMR,
Throttling Thresholds, Abatement Thresholds, an EMR configured with Convergence Time, and an
Abatement Time) provide a high degree of user control over the characteristics of transitions between
Congestion Levels due to throttling.
• Up to 128 Egress Message Throttling Configuration Sets are supported.
• Up to 500 Peer Connections can have egress message throttling enabled in a single NE.
Interaction with the Alternate Routing Across Route Groups in a route List Feature
PCEMT can be used in conjunction with the Alternate Routing Across Route Groups feature to route
all throttled Requests using non-preferred Route Groups when all Connections in the preferred Route
Group are congested. Eligible Peers or Connections from the other priority Route Groups of the Route
List can be used to deliver a Request after all the Peers or Connections in the current Route Group are

exhausted. Alternate Routing Across Route Groups is attempted only if the Maximum Per Message
Forwarding Allowed (configured in the Diameter Configuration Routing Option Sets) is not exceeded.
For example, a Route List is configured with two Route Groups. The Preferred Route Group contains
two HSSs, HSS-1 and HSS-2 each with one Connection and the Non-Preferred Route Group contains
HSS-3 and HSS-4, each with one Connection. If the Connection(s) to both HSS-1 and HSS-2 exceed
Throttle Threshold X, Requests with Priority below X are routed to HSS-3 and HSS-4, while Requests
with Priorities equal to or greater than X continue to be routed to HSS-1& HSS-2. If both, HSS-3 and
HSS-4 exceed Throttle Threshold X, Requests with Priority less than X are discarded.
Diameter Configuration for Per-Connection Egress Message Throttling

The Message Priority Configuration Sets are provided by the User-Configurable Message Priority
feature.
Egress Throttling Configuration Sets can be configured and assigned to Connections to control egress
throttling behavior. In each Egress Message Throttling Configuration Set, the following elements can
be configured:
• Max EMR - the maximum volume of traffic that can be served over a particular Connection
For Peers that are deployed with multiple Connections, it is recommended as a guideline to set the
Max EMR on each Connection by dividing the total capacity of the Peer by the number of
Connections to the Peer.
• Throttle Threshold Levels and Abatement Levels 1, 2, and 3 -
Abatement Threshold Levels - percent of Max EMR; when Threshold falls below the specified
Level, the Connection Congestion Level is lowered.
Throttle Threshold Levels - percent of Max EMR; when the Threshold exceeds the specified Level,
the Connection Congestion Level is raised.
The Max EMR and the TT-1 and AT-1 Thresholds must be configured. TT-2, AT-2, TT-3 and AT-3
are optional but have to be configured in pairs. For example, if TT-2 is configured, AT-2 must also
be configured; and if TT-3/AT-3 is configured, TT-2/AT-2 must be configured.
Each EMR Throttle and Abatement Threshold Level pair dictates how the Connection congestion
state will be updated as indicated in Table 99: Congestion Levels Based on Thresholds. The offered rate
is the value computed for EMRs configured with Convergence Time.
If TT-x (where x can be 1, 2 or 3) of a Connection is exceeded, only Requests with Priority below x
are throttled while Requests with Priority x or greater are allowed over the Connection.
In an Egress Message Throttling Configuration Set, the Max EMR and the TT-1 and AT-1 Thresholds
must be configured. TT-2, AT-2, TT-3 and AT-3 are optional but have to be configured in pairs. For
example, if TT-2 is configured, AT-2 must also be configured; and if TT-3/AT-3 is configured,
TT-2/AT-2 must be configured.
EMR throttling and onset requires only one EMR sample to exceed a Throttling Threshold to
advance the EMR Congestion Level. Multi-step throttling is supported. For example, the EMR
Congestion Level can be increased from CL-0 to either CL-1, CL-2, or CL-3 after one EMR sample
period (every 90 milliseconds). This allows for a rapid response to traffic load increases while taking
a more conservative approach to traffic load decreases.
Only single-step abatement is supported. For example, CL-3->CL-2 abatement is supported, but
not CL-3->CL-1.

• Table 99: Congestion Levels Based on Thresholds
Throttle (TT-X) and

Abatement Thresholds Connection Congestion Level
(AT-X) Impact Comments
TT-3 When offered rate exceeds Allows Answers; Blocks
Threshold, Set Congestion Level Priority 0,1,2 Requests
(CL) = 3.
AT-3 When offered rate falls below Allows Answers and Priority 2
Threshold, Set Congestion Level Requests; Blocks Priority 0,1
=2 Requests
TT-2 When offered rate exceeds Allows Answers and Priority 2
Threshold, Set Congestion Level Requests; Blocks Priority 0,1
=2 Requests
AT-2 When offered rate falls below Allows Answers and Priority 2,
Threshold, Set Congestion Level 1 Requests; Blocks Priority 0
=1 Requests
TT-1 When offered rate exceeds Allows Answers and Priority 2,
Threshold, Set Congestion Level 1 Requests; Blocks Priority 0
= 1. Requests
AT-1 When offered rate falls below Allows Answers and Priority 2,
Threshold, Set Congestion Level 1,0 Requests; Blocks None.
=0
• Convergence Time - The rate convergence time is the amount of time it takes for the measured rate
to converge on the actual rate.
For example, if the actual rate jumps from 0 MPS to 1000 MPS and the Rate Convergence Time is
5 seconds, it takes that long for the measured rate to converge on the actual rate, and the that long
for the measured measured rate will be reported as follows:
• T(0) = 0 MPS
• T(1) = 200 MPS
• T(2) = 400 MPS
• T(3) = 600 MPS
• T(4) = 800 MPS
• T(5) = 1000 MPS
The EMR is calculated every 100ms by subtracting the oldest traffic count from the newest traffic
count, and averaging the difference over the elapsed time between them.
• Abatement Time - amount of time that a throttled Connection's adjusted EMR must remain below
an abatement level before allowing it to abate to a lower Congestion Level.
To enable Egress Message Throttling on a Connection,
• A configured Egress Message Throttling Configuration Set must be configured.
• The configured Egress Message Throttling Configuration Set must be assigned to the Peer Connection
that is to be throttled using the settings in that Egress Message Throttling Configuration Set.

• The Per Connection Egress Message Throttling Enabled option must be checked on the Diameter >
Configuration > System Options GUI page.
Disabling Egress Message Throttling will have the same effect as un-assigning the Egress Message
Throttling Configuration Set for all the Connections that have been previously associated with an
Egress Message Throttling Configuration Set.
All Egress Message Throttling Configuration Set parameters can be modified, but the Configuration
Set cannot be deleted, while the associated Connections are in service.
Limitations
Given that the Per Connection Egress Message Throttling feature works per Connection and does not
consider the throttling status on all the Connections to a Peer, it is possible that certain Connections
to a Peer can experience Egress Message Throttling and discard messages while other Connections to
the same Peer are not congested, thereby underutilizing the capacity of the Peer.
Because EMR is calculated every 90 milliseconds, EMR abatement can only occur on an integer-multiple
of 90 milliseconds. For example, if the user defines an EMR Abatement Time of 500 milliseconds, then
the actual abatement period would be 540 milliseconds (6 * 90 milliseconds).
User Configurable Connection Pending Transaction Limiting

User-Configurable Connection Pending Transaction Limiting (UC-CPTL) provides a configurable
pending transaction limit for each Peer Connection to customize the distribution of the available
Pending Transaction Records on a DA-MP based on the varying deployment requirements. The limit
can be configured independently for each DA-MP.
Peer Nodes have different requirements for the maximum number of pending transactions that are
required. For example:
• Diameter-to-Server Connections typically carry higher traffic volumes than Diameter-to-Client
Connections due to aggregation of traffic from many client Connections to few server Connections.
• A high percentage of the traffic on Diameter-to-Server Connections requires Pending Transaction
Records, because Requests are the majority of the egress traffic on these Connections.
• A low percentage of the traffic on Diameter-to-Client Connections requires Pending Transaction
Records, because Answers are the majority of the egress traffic on these Connections.
• Diameter-to-Server Connections might encounter significant increases in offered load for a very
short time immediately following network events such as MME failures or failures of redundant
servers providing the service. Handling these types of sudden increases in traffic volume can
require higher Pending Transaction Limits on the Connections.
A DA-MP allocates a Pending Transaction Record for a Request message sent by the DA-MP to a Peer,
and holds the PTR until the transaction completes or otherwise terminates (including Answer received
and timeout termination). An Answer message sent by a DA-MP to a Peer does not require a Pending
Transaction Record.
Multiple Active DA-MPs can route Requests to a single Connection. As a result, the maximum number
of pending transactions that can exist for a single Connection is dictated by the sum of the Pending
Transaction Per Connection values enforced independently by each Active DA-MP that is routing
Requests to the Connection.
The primary use of pending transaction limits for Connections on a DA-MP is to prevent a small
number of Connections on a DA-MP from consuming a disproportionate number of the available

Pending Transaction Records on the DA-MP, which could result in limited Pending Transaction Record
availability for the remaining Connections.
Diameter Configuration for the Pending Transactions Per Connection Option

A configurable Pending Transactions Per Connection option is provided for each Peer Connection.
The value is configured in the Diameter Options of the Connection Configuration Set that is assigned
to the Connection. The configured limit is enforced independently by all DA-MPs.
The Pending Transaction Per Connection value for a Connection can be modified while the Connection
is in-service. If the Pending Transactions Per Connection value is modified to a value below the current
value, any pending transactions on the Connection that are above the new limit will continue to be
processed and the new Pending Transactions Per Connection value will be applied only for new
transactions that are initiated after the change.
Egress Throttle Groups

An Egress Throttle Group is a collection of Diameter Connections or Peers, or both, that are logically
grouped together to monitor Egress Message Rate and Pending Transactions for multiple Peers and
Connections across multiple DA-MPs on a Network Element. If a Peer is assigned to the Egress Throttle
Group, then all Diameter Connections to that Peer are implicitly part of the Egress Throttle Group.
The following Egress Throttle Group (ETG) features provide management of egress message throttling
to Peer Diameter Nodes on a specified set of Diameter Connections:
• Egress Throttle Group Rate Limiting
• Egress Throttle Group Pending Transaction Limiting
ETG Rate Limiting and Pending Transaction Limiting throttling are done for Request Messages only.
Note: The Per Connection Egress Message Throttling and User Configurable Connection Pending
Transaction Limiting features for Egress Message Throttling are defined at a single Diameter Connection
level and are local to each DA-MP. These features are described in Per Connection Egress Message
Throttling and User Configurable Connection Pending Transaction Limiting.
Aggregated egress traffic controls falls into 2 categories:
• Egress Message Rate (EMR)
• Egress Pending Transactions (EPT)
Egress Message Rate controls are used to throttle traffic levels to a set of Diameter Nodes so that the
cumulative rate of traffic is controlled. EMR controls are across a set of configured connections and/or
peers.
Egress Pending Transactions controls are used to control the maximum number of Pending Requests
that can be sent to a set of Diameter Nodes. This can be used for load-balancing when a network
element is not responding at expected rates, and limits the total number of Requests that can be pending
to a set of Diameter Nodes. EPT controls are across a set of connections and/or peers, and are cumulative
across all DA-MPs.
Egress Throttle Groups Description

Egress Throttle Groups are implemented as part of the Diameter Routing Function.

An Egress Throttle Group is independent of a Route Group (Connection Route Group or Peer Route
Group). The members of an Egress Throttle Group may or may not be same as defined in a Route
Group; there is no defined relationship between Egress Throttle Groups and Route Groups.
The Egress Message Rate throttling is controlled by the configured maximum Egress Message Rate
(EMR) on an aggregated basis and the Egress Throttle Group - Rate Limiting Congestion Level (ETG-R
CL-) (range: CL-0- CL-3) for the ETG.
The Egress Pending Transaction Limiting throttling is controlled by the configured maximum Egress
Pending Transactions (EPT) on an aggregated basis and the Egress Throttle Group - Pending Transaction
Limiting Congestion Level (ETG-PCL) (range: CL-0- CL-3) for the ETG.
An Egress Throttle Group can contain the following configuration data:
• Up to 128 Peers, Connections, or Peers and Connections
• Maximum Egress Message Rate (EMR), used for calculation of Onset and Abatement Thresholds
• Onset and Abatement Thresholds, as percentages of the Maximum EMR, to use with Message
Priority to determine which Requests to throttle
• Convergence Time to control responsiveness of egress Request rate control
• Abatement Time
• Maximum Egress Pending Transactions(EPT), used for calculation of Onset and Abatement
Thresholds
• Onset and Abatement Thresholds, as percentages of the Maximum EPT, to use with Message
Priority to determine which Requests to throttle
• Abatement Time
A maximum of 5 congestion levels (CL-0 to CL-4) is supported, which indicate the Congestion Level
of a resource. CL0 indicates that the resource has no congestion, and CL-4 indicates that the resource
is completely blocked. CL-1, CL-2, and CL-3 indicate increasing levels of congestion.
Egress Throttle Groups (ETG) can be configured in Diameter Configuration; each Egress Throttle
Group will have its own Congestion Level states based on its configuration.
1. As an Egress Throttle Group's egress Request message traffic rate increases and exceeds the Egress
Throttle Group Rate Limiting onset thresholds configured in the Egress Throttle Group, the Egress
Throttle Group's Congestion Level also increases.
2. As the Egress Throttle Group's total number of Pending Transactions increases and exceeds the
Egress Throttle Group Pending Transaction Limiting onset thresholds configured in the Egress
Throttle Group , the Egress Throttle Group's Congestion Level also increases.
As the Egress Throttle Group's Congestion Level increases, Message Priority becomes a factor in
determining if a message can be routed to a member of the Egress Throttle Group, or will be throttled.
Requests with Message Priority less than Congestion Level will not be routed to any member of the
Egress Throttle Group.
Diameter Request messages are assigned a Message Priority 0, 1, or 2; Answers always have Priority
3. The Priority of the Request message controls when an ETG performs throttling is shown in Table
100: Message Priority and ETG Congestion Level.
Table 100: Message Priority and ETG Congestion Level
Request Message Priority When Permitted to route to Member of ETG

0 Congestion Level 0

Request Message Priority When Permitted to route to Member of ETG

1 Congestion Level 0, 1
2 Congestion Level 0, 1, 2
When the EMR for an Egress Throttle Group reaches the Egress Throttle Group Maximum Egress
Request Rate or the Egress Throttle Group's Pending Transactions reaches the Egress Throttle Group's
Maximum Egress Pending Requests, no Requests will be routed to any members of the Egress Throttle
Group.
Egress Throttle Group Rate Limiting

The ETG Message Rate Controls are optional, but if defined and enabled, then ETG Message Rate
Congestion level will be updated as indicated in Table 101: ETG Message Rate Congestion Levels Based
on Threshold.
Table 101: ETG Message Rate Congestion Levels Based on Threshold
Onset and Abatement

Thresholds ETG Rate Congestion Level (ETG-RCL) Impact
Onset Threshold-3 (OT-3) When ETG rate exceeds Threshold, set ETG-RCL = CL-3
Abatement Threshold-3 (AT-3) When ETG rate falls below Threshold, set ETG-RCL = CL-2
In an Egress Throttling Group, if Maximum Egress Request Rate is configured, then OT-1 and AT-1
thresholds must be configured. OT-2, AT-2, OT-3 and AT-3 are optional but must be configured in
pairs; for example, if OT-2 is configured, AT-2 must also be configured. Finally, AT-3 must be configured
if OT-3 is expected to be configured.
In addition to the thresholds, the Convergence Time and the Abatement Time provide a high degree
of user control over the characteristics of transitions between Congestion Levels due to throttling.
• Convergence Time - The rate convergence time is the amount of time it takes for the measured rate
to converge on the actual rate.
For example, if the actual rate jumps from 0 MPS to 1000 MPS and the Rate Convergence Time is
5 seconds, it takes that long for the measured rate to converge on the actual rate, and the that long
for the measured measured rate will be reported as follows:
• T(0) = 0 MPS
• T(1) = 200 MPS
• T(2) = 400 MPS
• T(3) = 600 MPS
• T(4) = 800 MPS
• T(5) = 1000 MPS

The EMR is calculated every 100ms by subtracting the oldest traffic count from the newest traffic
count, and averaging the difference over the elapsed time between them.
• EMR Abatement Time - Amount of time that a throttled connection's adjusted EMR must remain
below an abatement level before allowing it to abate to a lower Congestion Level.
EMR onset requires only one EMR sample to exceed an onset threshold to advance the ETG-RCL.
Multi-step throttling is supported. For example, the EMR Congestion Level can be increased from
CL-0 to CL-1, CL-2, or CL-3 after one EMR sample period. This allows for a rapid response to traffic
load increases while taking a more conservative approach to traffic load decreases.
Only single step abatement is supported. For example CL-3-> CL-2 abatement is supported but not
CL-3-> CL-1.
Rate Limiting must be enabled on the Diameter > Maintenance > Egress Throttle Groups GUI page
before Egress Message Rate throttling can be started for Egress Throttle Groups. If Rate Limiting is
enabled, then any routable Request message sent to a Peer or Connection on any DA-MP on that NE
contained in the ETG will be used for rate calculation purposes. (Diameter management messages
such as CER/CEA, DWR/DWA, and DPR/DPA are not counted in the egress message rate.)
Egress Throttle Group Pending Transaction Limiting

If Egress Throttle Group Rate Limiting is configured and enabled in an Egress Throttle Group, then
the ETG Pending Transaction Congestion Level will be updated as indicated in Table 102: ETG Pending
Transaction Congestion Levels Based on Threshold.
Table 102: ETG Pending Transaction Congestion Levels Based on Threshold
Onset and Abatement

Thresholds ETG Pending Transaction Congestion Level (ETG-PCL) Impact
Onset Threshold-3 (OT-3) When ETG Pending Transactions exceeds Threshold, set ETG-PCL =
CL-3
Abatement Threshold-3 When ETG Pending Transactions falls below Threshold, set ETG-PCL
(AT-3) = CL-2
CL-2
(AT-2) = CL-1
CL-1
(AT-1) = CL-0
In an Egress Throttling Group, if Maximum Egress Pending Transactions is configured, then OT-1
and AT-1 thresholds must be configured. OT-2, AT-2, OT-3 and AT-3 are optional but must be
configured in pairs; for example, if OT-2 is configured, AT-2 must also be configured. Finally, AT-3
must be configured if OT-3 is expected to be configured.

The local sample of number of pending Transactions to an ETG is periodically collected and sent to
the DA-MP Leader for aggregation. The aggregated value is then sent back to each DA-MP for threshold
and abatement calculation. No adjustment is applied to EPT, and aggregated values are sent back to
each DA-MP.
The EPT Abatement Time is the amount of time that egress Pending Transactions must remain below
an abatement level before allowing it to abate to a lower Congestion Level. No adjustment is applied
to EPT abatement.
Pending Transaction Limiting must be enabled Maintenance GUI before Egress Pending Transaction
Limiting can be started for Egress Throttle Groups. If Egress Pending Transaction Limiting is enabled,
then any pending Request sent to a Peer or Connection on any DA-MP on that NE contained in the
Egress Throttle Group will be used for Pending Transaction Limiting calculation.
Assumptions and Limitations

Egress Throttling Groups have the following assumptions and limitations:
• EMR abatement can occur only on an integer-multiple of 125ms. For example, if an EMR Abatement
Time of 600ms is configured, then the actual abatement period would be 625ms (5 * 125ms). Egress
Pending Transactions are updated every 125ms; if an EPT Abatement of 600ms is configured, then
the actual abatement period would be 625ms (5 * 125 ms).
• Local EMR for a 90 ms sample period is the normalized per-second message rate based on the
amount of traffic transmitted during the sample period. With a particular combination of traffic
characteristic, thresholds, and Convergence Time, this can cause EMR congestion onset to occur
in the presence of short traffic bursts that would normally, over a second, not have resulted in an
EMR threshold being crossed. As an example, suppose local messages transmitted to an ETG during
a 90ms sample X are 100 and subsequent samples (X+n) during subsequent 910 ms (1 second -
90ms) are less than 100 msgs. Local EMR for sample period X will be: 100*(1000ms/90ms) = 1100
messages/sec even though in reality the Local Message Rate was lower than 1100 msgs/sec. With
a higher Convergence Time, the effect of this limitation can be reduced.
• Because the sampling timer and MP Leader aggregation are asynchronous, the ETG aggregated
rate can lag by up to 250 ms.
Diameter Configuration for Egress Throttle Groups

Egress Throttle Groups are used to perform 2 functions: Rate limiting and Pending Transaction Limiting.
Each of the functions are independent of each other and can be optionally configured and controlled
separately.
The Diameter > Configuration > Egress Throttle Groups GUI pages provide fields for configuring
each function. Each function, if configured in the system, must have its Admin State changed to Enabled
on the Diameter > Maintenance > Egress Throttle Groups GUI page.
Egress Throttle Groups configuration procedures are provided in Diameter Egress Throttle Groups.
Egress Throttle Groups maintenance information and procedures are provided in Diameter Maintenance
Egress Throttle Groups.

Glossary
AAA Authentication, Authorization, and

Accounting (Rx Diameter
command)
ACK Data Acknowledgement
AES Advanced Encryption Standard
Application Routing Rule A set of conditions that control

message routing to a DSR
application based on message
content.
ASCII American Standard Code for

Information Interchange
ATH Answer Topology Hiding
ATR Answer Topology Restoral
AVP Attribute-Value Pair

The Diameter protocol consists of
a header followed by one or more
attribute-value pairs (AVPs). An
AVP includes a header and is used
to encapsulate protocol-specific
data (for example, routing
information) as well as
authentication, authorization or
accounting information.

Diameter User's Guide Glossary
CCA Credit Control Answer

The Diameter message that is
received from the prepaid rating
engine to acknowledge a CCR
command.
CEA Capability-Exchange-Answer
The Diameter response that the
prepaid rating engine sends to the
Mobile Originated application
during capability exchanges.
CER Capabilities-Exchange-Request
A Diameter message that the
Mobile Originated application
sends to a prepaid rating engine to
perform a capability exchange. The
CER (indicated by the
Command-Code set to 257 and the
Command Flags' 'R' bit set) is sent
to exchange local capabilities.The
prepaid rating engine responds
with a
Capability-Exchange-Answer
(CEA) message.
CEX Configuration Set A mechanism for assigning

Application IDs and supported
Vendor IDs to a Local Node or to
a Connection.
Connection Configuration Set A mechanism for assigning SCTP,

Diameter, or TCP options to a
connection.
DCA DOIC Capabilities Announcement
DCL Diameter Connection Layer

The software layer of the stack

which implements Diameter
transport connections.
DEA Diameter Edge Agent

Device through which LTE
roaming signaling traffic is
funneled to protect network
element addresses from being
exposed to third parties.
Diameter Diameter can also be used as a

signaling protocol for mobility
management which is typically
associated with an IMS or wireless
type of environment. Diameter is
the successor to the RADIUS
protocol. The MPE device supports
a range of Diameter interfaces,
including Rx, Gx, Gy, and Ty.
Protocol that provides an
Authentication, Authorization, and
Accounting (AAA) framework for
applications such as network access
or IP mobility. Diameter works in
both local and roaming AAA
situations. Diameter can also be
used as a signaling protocol for
mobility management which is
typically associated with an IMS or
wireless type of environment.
Diameter Network A set of Diameter Nodes identified

by a Realm name. A Diameter
Node that initiates a Diameter
message is identified by the
mandatory Origin-Realm AVP in
the message. A Diameter Node that
is the intended destination of a
Diameter message is identified by
the mandatory Destination-Realm
AVP in the message.

DM-IWF Diameter MAP–Interworking

DSR application that translates
Diameter messages into MAP
messages.
DNS Domain Name System

A system for converting Internet
host and domain names into IP
addresses.
DOIC Diameter Overload Indication

Conveyance
DPA Disconnect-Peer-Answer
A message used by a Diameter
node to answer the
Disconnect-Peer-Request (DPR).
DPD Dynamic Peer Discovery
DPR Disconnect-Peer-Request
A message used by a Diameter
node to inform its peer of its intent
to disconnect the transport layer.
Upon receipt of a DPR, the
Disconnect-Peer-Answer (DPA) is
returned.
DRL Diameter Routing Layer - The

software layer of the stack that
implements Diameter routing.
DTLS Datagram Transport Layer Security
DWA Device-Watchdog-Answer
A Diameter message used with the
Device-Watchdog-Request (DWR)

message to proactively detect

connection failures. If no traffic is
detected on a connection between
the Mobile Originated application
and the prepaid rating engine
within the configured timeout
period, a DWR message is sent to
the prepaid rating engine. If the
prepaid rating engine fails to
respond with a DWA within the
required time, the connection is
closed with the prepaid rating
engine and initiates failover
procedures. All new and pending
requests are then sent to the
secondary server.
DWR Device-Watchdog-Request
A Diameter message used with the
Device-Watchdog-Answer (DWA)
message to proactively detect
connection failures. If no traffic is
detected on a connection between
the Mobile Originated application
and the Diameter server within the
configured timeout period, a DWR
message is sent to the Diameter
Server. If the Diameter server fails
to respond within the required
time, the connection is closed with
the Diameter server and initiates
failover procedures. All new and
pending requests are then sent to
the secondary Diameter server.
EMR Egress Message Rate
ETL Egress Throttle List
ETS Emergency Telecommunications

Service

FIPS Federal Information Processing

Standard
FQDN Fully Qualified Domain Name

The complete domain name for a
specific computer on the Internet
(for example, www.oracle.com).
A domain name that specifies its
exact location in the tree hierarchy
of the DNS.
HSS Home Subscriber Server

A central database for subscriber
information.
IANA Internet Assigned Numbers

Authority
An organization that provides
criteria regarding registration of
values related to the Diameter
protocol.
IDIH Integrated Diameter Intelligence

Hub
IMSI International Mobile Subscriber

Identity
A unique internal network ID
identifying a mobile subscriber.
IWF InterWorking Function
Local Node A local Diameter node specified

with a fully qualified domain
name. It identifies a list of IP

addresses for the Local node, a

listen port number, supported
transport types, and so on.
MCCS Message Copy Configuration Set
MD-IWF MAP-Diameter Interworking SS7

Application, which translates MAP
messages into Diameter messages
MME Mobility Management Entity
NAPTR Name Authority Pointer

Domain Name System resource
record that identifies possible URLs
and numbers that can be returned.
NGN-PS NGN Priority Service
NIST National Institute of Standards and

Technology
NOAM Network Operations,

Administration, and Maintenance
NS/EP National Security/Emergency

Preparedness
OC Overload Conveyance
OLR Overload report

OSS Operations Support System

Computer systems used by
telecommunications service
providers, supporting processes
such as maintaining network
inventory, provisioning services,
configuring network components,
and managing faults.
OTR Offered Traffic Rate
PDU Protocol Data Unit
Peer A Diameter node to which a given

Diameter node has a direct
transport connection.
Peer Routing Rule A set of conditions that control

message routing to an upstream
peer node based on message
content.
Pending Answer Timer A timer that limits the maximum

time that Diameter will wait for an
Answer response from an upstream
Peer Node. This timer is started
when a Request message is queued
for forwarding on a Diameter
connection, and the timer is
stopped when an Answer response
to the message is received.
Protected Network A Diameter network whose

topology information is being
hidden by one of the Diameter
Topology Hiding features.
PRT Peer Route Table or Peer Routing

Table

PTR Pending Transaction Record
RCL RADIUS Connection Layer
realm A fundamental element in

Diameter is the realm, which is
loosely referred to as domain.
Realm IDs are owned by service
providers and are used by
Diameter nodes for message
routing.
RG Report Generator
RR Resource Record
An entry into the DNS database.
Depending on their type (for
example, A, SRV, and so on), RRs
provide a different set of
parameters that characterize a
certain DNS name.
RTH Request Topology Hiding

A Topology Hiding trigger point
that identifies a location within
Diameter routing where
topology-related information in a
Request message is hidden or
obscured based upon a set of
Topology Hiding rules.
RTR Router
Routes all types of SMS traffic.
SCTP Stream Control Transmission

Protocol

An IETF transport layer protocol,

similar to TCP, that sends a
message in one operation.
The transport layer for all standard
IETF-SIGTRAN protocols.
SCTP is a reliable transport
protocol that operates on top of a
connectionless packet network such
as IP and is functionally equivalent
to TCP. It establishes a connection
between two endpoints (called an
association; in TCP, these are
sockets) for transmission of user
messages.
SGSN Serving GPRS Support Node
SMS Short Message Service

A communication service
component of the GSM mobile
communication system that uses
standard communications
protocols to exchange short text
messages between mobile phone
devices. See also GSM.
SOAM System Operations,

Administration, and Maintenance
SRV DNS Server Record

Enables the localization of servers
implementing a specific service
over a specific transport protocol
(for example, SIP over UDP).DNS
Server Record.
TCP Transmission Control Protocol

A connection-oriented protocol
used by applications on networked

hosts to connect to one another and

to exchange streams of data in a
reliable and in-order manner.
TH Topology Hiding
TLS Transport Layer Security

A cryptographic protocol that
provides security for
communications over networks
such as the Internet. TLS encrypts
the segments of network
connections at the transport layer
end-to-end. TLS is an IETF
standards track protocol.
Topology Hiding The CPF will appear as a single

large CDF to the CTFs, and
vice-versa. CPF topology hiding
occurs for both Request and
Answer messages. When sending
a Request message upstream, it
refers to the hiding of the
downstream (CTF) host ID by the
DSR when sending a message to
the upstream (CDF) peer. Topology
hiding involves modifying the
Origin-Host and Origin-Realm
AVPs.
The removal of Diameter host
names from messages. This is most
often required at the boundary
between two service providers with
the goal of limiting the information
that another service provider can
discover as a result of Diameter
traffic traveling between the
carrier’s networks. For DSR CPA,
the CPF will appear as a single
large CDF to the CTFs, and
vice-versa. CPF topology hiding
occurs for both Request and
Answer messages. When sending
a Request message upstream, it

refers to the hiding of the

downstream (CTF) host ID by the
DSR when sending a message to
the upstream (CDF) peer. Topology
hiding involves modifying the
Origin-Host and Origin-Realm
AVPs.
Trusted Network A Diameter network that does not

have home network topology
information hidden by the
features.
TSA Target Set Address

An externally routable IP address
that the IPFE presents to
application clients. The IPFE
distributes traffic sent to a target
set address across a set of
application servers.
TTG Traffic Throttle Group
TTL Time to Live
TTP Troubleshooting Trigger Point - A

point within DRL at which the
flexroute library is invoked to
determine whether a Diameter
message matches any of the active
traces that are configured to be
evaluated there.
Untrusted Network A Diameter network which has

topology information hidden by
the Topology Hiding features.
UTC Coordinated Universal Time

VIP Virtual IP Address

Virtual IP is a layer-3 concept
employed to provide HA at a host
level. A VIP enables two or more
IP hosts to operate in an
active/standby HA manner. From
the perspective of the IP network,
these IP hosts appear as a single
host.

Diameter User Guide

Uploaded by

Copyright:

Available Formats

Diameter User Guide

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Diameter User Guide

Uploaded by

Copyright:

Available Formats

Oracle® Communications

Diameter Signaling Router

Chapter 1: Introducing Diameter..............................................................19

Chapter 2: User Interface Introduction....................................................24

Chapter 3: Configuring Diameter.............................................................44

E73184 Revision 01, August 2016 iii

E73184 Revision 01, August 2016 iv

E73184 Revision 01, August 2016 v

E73184 Revision 01, August 2016 vi

Chapter 4: Diameter Maintenance..........................................................264

E73184 Revision 01, August 2016 vii

Chapter 5: Diameter Reports...................................................................298

Chapter 6: Troubleshooting with IDIH.................................................303

Chapter 7: Diameter AVP Dictionary....................................................304

E73184 Revision 01, August 2016 viii

Chapter 9: Diameter Shared Traffic Throttle Groups.........................320

Chapter 10: Diameter Topology Hiding................................................323

E73184 Revision 01, August 2016 ix

E73184 Revision 01, August 2016 x

Chapter 12: Diameter RADIUS...............................................................404

Chapter 13: Diameter Message Copy.....................................................406

Chapter 14: Diameter Capacity and Congestion Controls.................416

E73184 Revision 01, August 2016 xi

Figure 1: Oracle System Login.......................................................................................................................33

Figure 2: Paginated Table................................................................................................................................35

Figure 3: Scrollable Table................................................................................................................................36

Figure 4: Form Page.........................................................................................................................................36

Figure 5: Tabbed Pages....................................................................................................................................37

Figure 6: Tabbed Pages....................................................................................................................................37

Figure 7: Report Output..................................................................................................................................37

Figure 8: Sorting a Table by Column Header..............................................................................................38

Figure 9: Clear Field Control X.......................................................................................................................39

Figure 10: Optional Layout Element Toolbar...............................................................................................39

Figure 11: Automatic Error Notification.......................................................................................................40

Figure 12: Examples of Filter Styles...............................................................................................................41

Figure 13: Diameter Topology Hiding Boundary.....................................................................................325

Figure 14: Diameter Topology Hiding Trigger Points: Protected-to-Untrusted Transactions...........326

Figure 15: Diameter Topology Hiding Trigger Points: Untrusted-to-Protected Transactions...........326

Figure 16: TH Network Deployment in an Interworking Network.......................................................330

Figure 17: TH Network Deployment in an Interworking Network.......................................................335

Figure 18: Route-Record Hiding - Request Message................................................................................341

Figure 19: Route-Record Hiding - Answer Message.................................................................................342

Figure 20: Multi-DEA Route-Record Message Loop Detection...............................................................343

Figure 21: Unsupported Pseudo-Host Route-Record Loop Detection...................................................343

Figure 22: Proxy-Host Hiding......................................................................................................................344

E73184 Revision 01, August 2016 xii

Figure 24: S6a/S6d HSS TH Protected-HSS to Untrusted-MME/SGSN Diameter Transaction........347

Figure 25: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction.........................348

Figure 26: S6a/S6d HSS TH Untrusted-MME/SGSN to Protected-HSS Transaction.........................348

Figure 27: MME/SGSN TH Protected-MME/SGSN to Untrusted HSS Transaction..........................351

Figure 28: MME/SGSN TH Untrusted-HSS to Protected MME/SGSN Transaction..........................352

Figure 29: Protected-vPCRF to Untrusted-hPCRF Transaction..............................................................354

Figure 30: Untrusted-hPCRF to Protected-vPCRF Diameter Transaction.............................................355

Figure 31: Protected-hPCRF to Untrusted-vPCRF Transaction..............................................................356

Figure 32: Untrusted-vPCRF to Protected-hPCRF Transaction..............................................................357

Figure 33: Protected vAF/pCSCF to Untrusted-hPCRF Transaction.....................................................359

Figure 34: Untrusted-hPCRF to Protected-vAF/pCSCF Transaction....................................................360

Figure 35: Diameter Message Copy Message Flow...................................................................................408

Figure 36: Per-Connection Message Coloring............................................................................................421

E73184 Revision 01, August 2016 xiii