Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add_workflow_for_techpubs
AUTH1
JIRAIDAUTHSBX-7516667793
REV5
REV6
REV3
REV1
 

 

The Call Accounting Manager (CAM) generates Call Detail Records (CDRs) and supports accounting events event logging to on the

Spacevars
0series4
. The As calls traverse the
Spacevars
0product
provides the ability to map CDR fields and other input parameters to Remote Authentication Dial In User Service (RADIUS) attributes (standard as well as vendor-specific attributes) and send to the appropriate RADIUS server., CDRs are generated and stored in the /var/log/sonus/sbx/evlog directory. You can view these CDR by looking at files with the “.ACT” extension. It is useful to view the ACT logs during call debugging (to get the originating trunk group, calling and called numbers, codec used, etc.). You can also view billing records (and other logs) while in EMA Platform Mode. Refer to Administration - Accounting and Logs for more information. 

Spacevars
0series4
supports to configure one remote server per
product
 accounting records can be sent to three different types of locations:

  1. Local hard disk—If accounting is enabled, then ASCII records are always written to the local disk.
  2. An external server, for example: 
    1. To a DSI-L0 server—If configured, the ASCII records can be transferred to an external
      Spacevars
      0company
       DSI server using SFTP.
    2. To an external billing server in an IMS network via the Rf Interface.
  3. RADIUS server—RADIUS accounting records can be generated and sent to an external RADIUS server.

Call Detail Record Format

This section describes the ASCII and streaming Call Detail Record (CDR) format.

Include Page
Non-ASCII Note
Non-ASCII Note

Various

Spacevars
0company
 elements such as GSX 9000, PSX, and product for the purpose of authenticating users from this server using RADIUS protocol. The username and encrypted password are sent to the remote RADIUS server in an ACCESS_REQUEST packet. The user is allowed/denied access to the SBC based on the response from the RADIUS server. 
Spacevars
0product
 users are currently segregated into the following groups which define the privileges of each user. Access to data/commands is allowed/prevented based on the group of the user who is trying to acquire the access.

  • Administrator
  • Operator
  • FieldService
  • Guest
  • SecurityAuditor
  • Calea

Since the RADIUS protocol does not provide a means to assign users to a group, the implementation currently hard codes every RADIUS authenticated user to the Administrator group.

For detailed information on RADIUS authentication, refer to Configuring SBC for RADIUS Authentication.

Viewing Billing Records 

As calls traverse the

Spacevars
0product
, Call Detail Records (CDRs) are generated and stored in /var/log/sonus/sbx/evlog directory. You can view these CDR by looking at files with the “.ACT” extension. It is useful to view these ACT logs during call debugging (to get the originating trunk group, calling and called numbers, codec used, etc.).

You may also view billing records (and other logs) from the EMA Platform Mode. Refer to Administration - Accounting and Logs for more information.

When downloading billing records (or other logs), you must use port 2024 to SFTP files off of

 use many of the same CDR fields. Because of this, some fields in the “Accounting Records” table below do not apply to

Spacevars
0product
 call details, but instead simply indicate pass-though type messages (for example, ISUP and PSTN fields).

For GW-GW calls on the

Spacevars
0product2
and 
Spacevars
0product2
Cloud, a CDR is only generated for the ingress leg. If the generation mode is configured as origination and the populateRemoteGsxInfoState flag is enabled, the SBC logs billing information from the termination node.

Note
The “Service Group” object is not applicable to the
Spacevars
0product
.

Call Detail Record Format

This section describes the ASCII and streaming Call Detail Record (CDR) format.

Include PageNon-ASCII NoteNon-ASCII NoteVarious
Spacevars
0company
 elements such as GSX 9000, PSX, and
. Any references to “Service Group” must be mapped to “Trunk Group”.

For more information on known limitations, refer to the applicable release notes at SBC Release Information page.

Renaming Open Accounting Files

The SBC includes the ability to rename a currently-open accounting file using a known suffix to make it easily identifiable by external applications. To activate this feature, simply enable the flag “Rename Open Files” using EMA GUI or CLI. 

CLI syntax example:

Info

Addtional references:

  • CDR Examples – Example CDRs.
  • CDR to VSA Mapping – Mapping of CDR fields to Vendor Specific Attribute (VSA) fields to send to external RADIUS servers.
  • Vendor Specific Attributes Reference – Complete listing of
    • Spacevars
      0product
     use many of the same CDR fields. Because of this, some fields in the “Accounting Records” table below do not apply to
    Spacevars
    0product
     call details, but instead simply indicate pass-though type messages (for example, ISUP and PSTN fields).
    • -specific VSA fields.

    Accounting File Version

    The CAM version of the SBC Core release V08.01.00 is 93.00.00 (major CAM version is 93, minor CAM version is 0, a special CAM version is 0). The associated hexadecimal format of the CAM file version is 005D0000, displayed as 005D0000 in ASCII CAM file header as follows

    Sonus Networks, Inc.00000000FF6000005D0000000000000128V08.01.00R000 0000000000000000000000000000ACT2019082617203000000000000000

    File Header

    Every event log file, including accounting logs, contains a file header. This header consists of a 128-character string terminated by a carriage return. Each field in the event log file header is defined in the following table:

    Caption
    0Table
    1File Header Details

    Field Offset

    Field Length

    Field Content

    0

    20

    ASCII OEM string, blank padded, (for example "Sonus Networks, Inc.")

    20

    8

    Reserved

    28

    2

    Old CAM File Version. Always "FF".

    30

    2

    Hex offset to the Event Log Type, or the number of bytes from the beginning of the record to the beginning of the Event Log Type field (in the above example, "60").

    32

    2

    Reserved

    34

    8

    New CAM File Version. This value is 93, and consists of:

    • 005D 0000—the 4-digit hex value of decimal value 93. This field is incremented with major
      Spacevars
      0product
      releases.
    • Minor CAM Version of "00"—This field is incremented when accounting changes are introduced in minor
      Spacevars
      0product
      releases.
    • Special CAM version of "00"—This field is incremented when accounting changes are introduced in special builds of major
      Spacevars
      0product
      releases.

    42

    8

    Reserved

    50

    4

    Hex offset to start of data. In this example, "0128".

    54

    13

    Spacevars
    0product
    software revision. In this example, "V08.01 .00".

    67

    29

    Reserved

    96

    3

    Event Log Type (same as file extension). In this example, "ACT".

    99

    16

    File creation time.

    115

    12

    Reserved

    127

    1

    Header terminator (carriage return)

    File Footer

    The one line footer,

    Note
    The “Service Group” object is not applicable to
    Spacevars
    0product
    . Any references to “Service Group” must be mapped to “Trunk Group”.

    For more information on known limitations, refer to the applicable release notes at SBC Release Information page.

    Info

    Addtional references:

    Accounting File Version

    The CAM version of

    Spacevars
    0product
     release V07.02.00 is XX.X.X (major CAM version is XX, minor CAM version is X, special CAM version is X). The associated hex format of the CAM file version is "00NA0000" as shown in below header example.

    Sonus Networks, Inc.00000000FF6000005B0000000000000128V07.02.00 0000000000000000000000000000ACT2018091103072500000000000000.

    File Header

    Every event log file, including accounting logs, contains a file header. This header consists of a 128-character string terminated by a carriage return. Each field in the event log file header is defined in the following table:

    Caption
    0Table
    1File Header Details

    Field Offset

    Field Length

    Field Content

    0

    20

    ASCII OEM string, blank padded, (for example "Sonus Networks, Inc.")

    20

    8

    Reserved

    28

    2

    Old CAM File Version. Always "FF".

    30

    2

    Hex offset to the Event Log Type, or the number of bytes from the beginning of the record to the beginning of the Event Log Type field (in the above example, "60").

    32

    2

    Reserved

    34

    8

    New CAM File Version. This value is 005B0000, and consists of:

    • 005B0000—Major CAM Version, or the 4-digit hex value of decimal value 90. This field is incremented with major
      Spacevars
      0product
      releases.
    • Minor CAM Version of "00"—This field is incremented when accounting changes are introduced in minor
      Spacevars
      0product
      releases.
    • Special CAM version of "00"—This field is incremented when accounting changes are introduced in special builds of major
      Spacevars
      0product
      releases.

    42

    8

    Reserved

    50

    4

    Hex offset to start of data. In this example, "0128".

    54

    13

    Spacevars
    0product
    software revision. In this example, "V07.02.00".

    67

    29

    Reserved

    96

    3

    Event Log Type (same as file extension). In this example, "ACT".

    99

    16

    File creation time.

    115

    12

    Reserved

    127

    1

    Header terminator (carriage return)

    File Footer

    The one line footer, below, is appended to each log file (including accounting logs) when the file is closed under controlled conditions.

    DDMMYYYY HHMMSS: File administratively closed.

    Controlled conditions include CLI commands (for example, set oam eventLog typeAdmin acct rolloverAction...) and automatic roll-overs when maximum file size is reached.

    When an uncontrolled file closure occurs, such as an

    Spacevars
    0product
     switch-over or system failure, this footer may not be present.

    How to Set Up SFTP from SBC to a CDR Server

    If the CDR server is configured,

    Spacevars
    0product
    transfers the files through SFTP to the configured destination.

    To create the CDR server, use the following command syntax:

Code Block
languagenone
Code Block
% set oam 
accounting
eventLog 
cdrServer
typeAdmin 
admin
acct renameOpenFiles enable

Once this flag is enabled, on the next accounting file open activity, the suffix .OPEN is appended to the filename using the format <shelf><sequence number>.ACT.OPEN (currently open files are not affected).

For example, as accounting file 1000099 is created with this feature already enabled, the file is named “1000099.ACT.OPEN”.

Note
If a file closes due to a rollover, logging shutdown or system shutdown, it is renamed to the original format: <shelf><sequence number>.ACT.

For configuration details, refer to:

Accounting File Roll-Over

The 

Spacevars
0product
 application maintains a configurable maximum of up to 1024 accounting files. Once the configured limit of files is reached, the application deletes the oldest files first to accommodate the new files.

When accounting file names reach the maximum value of 1FFFFFF.ACT, the next file name rolls over to 1000001.ACT. Use the “Rename Open Files” flag to rename the most recent accounting file with the ”ACT.OPEN” extension. This flag is accessible from the EMA at “System Configuration” > “CDR and Servers” tab.

Global Charge Reference

The Global Charge Reference (GCR) feature allows correlation of calls across networks where the calls are originated from and terminated at different third-party devices. The GCR field is populated in the CDRs of the SBC if the GCR is received in a gateway protocol message from a GSX9000.

The GSX9000 receives or generates the GCR parameter through an ISUP parameter. The GCR is used in conjunction with SIP call-id’s to associate calls that interwork between SIP and ISUP protocols across multiple network devices.

How to Set Up SFTP from the SBC to a CDR Server

If a CDR server is configured, the 

Spacevars
0product
transfers the files through SFTP to the configured destination.

  1. To create a CDR server, use the following command syntax:

    Code Block
    languagenone
    % set oam accounting cdrServer admin [primary | secondary] connectionTimeout <numeric: 15 to 600 seconds> filePrefix <name of SBC> ipAddress <ip address> password <password for ftp user> path <directory to ftp to> transferTimeout <numeric: 15 to 600 seconds> username <username of ftp user>

    Span

     

    An example to show the CDR server configuration and check the configuration is as follows:

    Code Block
    languagenone
    admin@SBC01> config
    admin@SBC01% set oam accounting cdrServer admin primary connectionTimeout 15 filePrefix SBC01 ipAddress 10.10.211.10 password sonus path /export/home/SBC01ACTrecs/ transferTimeout 15 username root
    admin@SBC01% commit
    admin@SBC01% quit
    
    admin@SBC01> show table oam accounting cdrServer admin
    
    [primary | secondary] connectionTimeout <numeric: 15 to 600 seconds> filePrefix <name of SBC> ipAddress <ip address> password <password for ftp user> path <directory to ftp to> transferTimeout <numeric: 15 to 600 seconds> username <username of ftp user>

    Span

     

    An example to show the CDR server configuration and check the configuration is as follows:

    Code Block
    languagenone
    admin@SBC01> config
    admin@SBC01% set oam accounting cdrServer admin primary connectionTimeout 15 filePrefix SBC01 ipAddress 10.10.211.10 password sonus path /export/home/SBC01ACTrecs/ transferTimeout 15 username root
    admin@SBC01% commit
    admin@SBC01% quit
    
    admin@SBC01> show table oam accounting cdrServer admin
                                                                                               FILE    CONNECTION  TRANSFER
    TYPE     IP ADDRESS    USERNAME  PASSWORD         PATH                          PREFIX  TIMEOUT     TIMEOUT
    --------------------------------------------------------------------------------------------------------------
    primary  10.10.211.10  root      $3$qaO71mBy8l8=  /export/home/SBC01ACTrecs/  SBC01   15          15
    [ok][2013-10-02 06:14:49]
    admin@SBC01>

    Span

     

  2. Initially, the accounting field is not set to ftp or automatically roll over. Use the following command to view Rollover setting settings for accounting (See "acct" row in the example):

    Div
    classpdf6pttext
    Code Block
    languagenone
    > show table oam eventLog typeAdmin
                                    MESSAGE                ROLLOVER                                     FILE               RENAME    DISK                           SYSLOG
                       FILE   FILE  QUEUE    SAVE  FILTER  START     ROLLOVER                 ROLLOVER  WRITE    SYSLOG    OPEN      THROTTLE  EVENT LOG   SERVER   REMOTE
    TYPE      STATE    COUNT  SIZE  SIZE     TO    LEVEL   TIME      INTERVAL  ROLLOVER TYPE  ACTION    MODE     STATE     FILES     LIMIT     VALIDATION  NO       HOST
    ----------------------------------------------------------------------------------------------------------------------------------------------------------------------
    system    enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  5000      disabled    server1  0.0.0.
    debug     enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    trace     enabled  32     2048  10       disk  info    -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    acct      enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    security  enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    audit     enabled  32     2048  10       disk  info    -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    packet    enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    memusage  enabled  32     2048  10       disk  major   -         0         nonrepetitive  stop      default  disabled  disabled  -         disabled    server1  0.0.0.
    [ok]

    Span

     

  3. To create the accounting file rollover and ftp, use the following command syntax:

    Code Block
    languagenone
    % set oam eventLog typeAdmin acct rolloverStartTime <CCYY-MM-DDTHH:MM:SS> rolloverInterval <number of seconds between each file rollover> rolloverType repetitive rolloverAction start
    where 'T' in 'DDTHH' is a constant used to indicate the Time follows.

    Span

     

    An example of the configuration and display of the accounting file rollover and ftp is as follows:

    Div
    classpdf6pttext
    Code Block
    languagenone
    % set oam eventLog typeAdmin acct rolloverStartTime 2018-09-13T06:30:00 rolloverInterval 500 rolloverType repetitive rolloverAction start
    [ok][2018-08-13 12:58:11]
    
    [edit]
    admin@SBXUK11-1% commit
    Commit complete.
    [ok][2018-08-13 12:58:14]
    
    [edit]
    admin@SBXUK11-1% exit
    
    > show table oam eventLog typeAdmin
                                    MESSAGE                                                                              FILE               RENAME    DISK
                       FILE   FILE  QUEUE    SAVE  FILTER                             ROLLOVER                 ROLLOVER  WRITE    SYSLOG    OPEN      THROTTLE  EVENT LOG
    TYPE      STATE    COUNT  SIZE  SIZE     TO    LEVEL   ROLLOVER START TIME        INTERVAL  ROLLOVER TYPE  ACTION    MODE     STATE     FILES     LIMIT     VALIDATION
    ------------
    ----------------------------------------------------------------------------------------------------------------------------------------------------------
    system    enabled  32     2048  10       disk  major   -                          0         nonrepetitive  stop      default  disabled  disabled  5000      disabled
    debug-------------
    system     enabled  32     2048  10       disk  major   -                          0         nonrepetitive  stop      default  disabled  disabled  -5000         disabled
    tracedebug     enabled  32     2048  10       disk  info major   -                          0         nonrepetitive  stop      default  disabled  disabled  -         disabled
    accttrace      enabled  32     2048  10       disk  info major   2018-09-13T06:30:00-00:00  500-              repetitive     start     default  disabled0  disabled  -     nonrepetitive  stop  disabled
    security  enabled  32default  disabled  disabled 2048 - 10       disk disabled
    acct major   -  enabled  32     2048  10       disk  major   2018-09-13T06:30:00-00:00  500 0      repetitive   nonrepetitive  stopstart      default  disabled  disabled  -         disabled
    auditsecurity     enabled  32     2048  10       disk  infomajor    -                          0         nonrepetitive  stop      default  disabled  disabled  -         disabled
    packetaudit     enabled  32     2048  10       disk  majorinfo    -                          0         nonrepetitive  stop      default  disabled  disabled  -         disabled
    memusagepacket    enabled  32     2048  10       disk  major   -                          0         nonrepetitive  stop      default  disabled  disabled  -         disabled
    [ok]

    Span

     

    View CDR Server status using the following command:

    Code Block
    languagenone
    admin@SBC01> show table oam accounting cdrServer status
    memusage  enabled  32     2048  10       disk  major   -     
    SUCCESSFUL
      
    FAILED
         
    PENDING TYPE
         
    STATE
       
    PROGRESS
      
    TRANSFERS
       
    TRANSFERS
     
    TRANSFERS ------------------------------------------------------------- primary active done
    0         nonrepetitive  
    3
    stop      default  disabled  disabled 
    0
     -         
    0
    disabled
    [ok
    ][2013-10-02 07:27:19
    ]

    Span

     

  4. Verify that the files were transferred to the FTP server by logging in to the CDR server and executing View CDR Server status using the following command:

    Code Block
    languagenone
    ftp server:
    root@hostname # pwd
    /export/home/SBC01ACTrecs
    root@hostname # ls -l
    total 708
    -rw-r--r--   1 root     other     346730 Oct  2 06:45 SBC01.20131002064500.1000022.ACT
    -rw-r--r--   1 root     other admin@SBC01> show table oam accounting cdrServer status
                               SUCCESSFUL  FAILED     PENDING
    TYPE     STATE   PROGRESS  TRANSFERS   TRANSFERS  TRANSFERS
    -------------------------------------------------------------
    primary  active  done      3       175 Oct  2 07:00 SBC01.20131002070000.1000023.ACT
    -rw-r--r--0    1 root     other        175 Oct  2 07:15 SBC01.20131002071500.1000024.ACT
    root@hostname #0
    [ok][2013-10-02 07:27:19]

    Span

     

    Execute the following command to view the successful and failed CDR file transfer:

  5. Verify that the files were transferred to the FTP server by logging in to the CDR server and executing the following command:

    Code Block
    languagenone
    ftp server:
    root@hostname # pwd
    /export/home/SBC01ACTrecs
    root@hostname # ls -l
    total 708
    -rw-r--r--   1 root     other     346730 Oct  2 06:45 SBC01.20131002064500.1000022.ACT
    -rw-r--r--   1 root
    Code Block
    languagenone
    % show table oam accounting cdrServer status
                    other        175 Oct  SUCCESSFUL2  FAILED07:00 SBC01.20131002070000.1000023.ACT
    -rw-r--r--   1 root PENDING
    TYPE    other  STATE  PROGRESS  TRANSFERS  175 Oct  2 07:15 SBC01.20131002071500.1000024.ACT
    root@hostname #

    Span

     

  6. Execute the following command to view the successful and failed CDR file transfer:

    Code Block
    languagenone
    % show table oam accounting cdrServer status
    TRANSFERS  TRANSFERS
    ---------------------------------------------------------
    primary   active  done     2           0          0
    secondary standby idle    SUCCESSFUL 0 FAILED     PENDING
    TYPE     7 STATE  PROGRESS  TRANSFERS     0

SBC Standard Attributes

The

Spacevars
0product
 RADIUS application uses standard attributes from the RADIUS when possible. For CDR fields that cannot be mapped to the standard attributes, vendor-specific attributes are defined. The
Spacevars
0product
allows instances of the standard attributes in Accounting request message as per following table:

Caption
0Table
1Allowed Standard Attributes
3Allowed Standard Attributes
  1. TRANSFERS  TRANSFERS
    ---------------------------------------------------------
    primary   active  done     2           0          0
    secondary standby idle     0           7          0

CDR Server Remote Port Configuration

Attribute Name

Attributes description

NAS-IP-Address

The IP Address of the

Spacevars
0product
generating accounting request.

NAS -Identifier

The configured NAS Identifier for a given

Spacevars
0product
. When sending RADIUS accounting messages, the NAS-Identifier field is populated with the corresponding value configured for the RADIUS server to which message is sent.

Acct-Status-Type

The type of accounting message sent by the

The 

Spacevars
0product

. The

 supports transferring call accounting files (.ACT) to a CDR server through a user-configured port. The 

Spacevars
0product

uses the appropriate value of Acct-Status-Type corresponding to the CDR type to be generated.
  • “Value” field in Acct-Status-Type attribute is “1” when call accounting record type is “START”.
  • “Value” field in Acct-Status-Type attribute is “2” when call accounting record type is “STOP”.
  • “Value” field in Acct-Status-Type attribute is “3” when call accounting record type is “INTERMEDIATE”.
  • “Value” field in Acct-Status-Type attribute is “4” when call accounting record type is “ATTEMPT”.
  • “Value” field in Acct-Status-Type attribute is “5” when call accounting record type is “REBOOT”.
  • “Value” field in Acct-Status-Type attribute is “6” when call accounting record type is “SWITCHOVER”.

Acct-Session-Id

Uniquely identifies accounting records for a given call. It is possible to match all accounting records for a given call when correlating call records.

Acct-Session-Time

The number of seconds during which the user received service (duration of the call).

Acct-Terminate-Cause

The class of termination cause. This value is derived from the disconnect reasons class value.

 also supports using Secure Shell (SSH) public keys instead of password to authenticate with the remote CDR server.

Use the following parameters within CDR server configuration to set up remote port and ssh key based authentication:

  • cdrPort
  • useSshKeyFile 
  • generateSshPublicKeys
Note

The user can either use the existing username/password or the SSH public key to authenticate with the remote CDR server. The parameter useSshKeyFile must be enabled to generate the SSH public key.

To generate a new SSH public key, execute the following command:

Code Block
languagenone
% request oam accounting cdrServer admin primary generateSshPublicKeys

The generated SSH public key must be installed on CDR server to use ssh key based authentication from SBC. The SSH public key must be copied to the remote CDR server file /home/<user>/.ssh/authorized_keys. If the private key is compromised, the key must be re-generated. Once the key is re-generated, the CDR server must be updated with the new key.

Note
  • The SSH public key generated for the primary CDR server can also be used to authenticate the secondary CDR server. The SSH public key can be installed on both primary and secondary CDR servers.
  • The configured user must have access to /home/<user>/.ssh for reading the public key.

Configuring the CDR Server Remote Port

When downloading billing records (or other logs), you must use port 2024 to SFTP files from the 

Spacevars
0product
.

Code Block
languagenone
% set oam accounting cdrServer admin primary cdrPort 2024

Using SSH Public Keys for CDR Server Authentication

 Using SSH public keys for CDR server authentication requires the following:

  1. Enabling SSH Key Based Authentication
  2. Generating the SSH Public Key
  3. Copying and Installing the SSH Public Key to CDR Servers

Anchor
Configuring SBC to Use SSH Key Based Authentication
Configuring SBC to Use SSH Key Based Authentication
Enabling SSH Key Based Authentication

To enable SSH key based authentication, execute the following command:

Code Block
languagenone
% set oam accounting cdrServer admin primary useSshKeyFile Enable

Anchor
Generating the SSH Public Key
Generating the SSH Public Key
Generating the SSH Public Key

To generate a new SSH public key, execute the following command:

Code Block
languagenone
% request oam accounting cdrServer admin primary generateSshPublicKeys
result success
reason 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDclSOlVfVmmhatw5bDQRk7AaYvCRUUfHHbSvkCBb4T8zYdJ8JNw15rMSKk9hEkVdtEEZRJU4Q97C+3LbPknZrIMM+zmSRYmh2/LkGAlydSJ+sPe9i7zWFOLYeA3gitaKJSPgSjdb4WGgDq686Ei4yup9xYDbT8wAcosQsf3tfbqH2GetNJ8tAs3KjRi7FPhH1hHdXVyH0yW1mdGlMYvoFUeFCRjhE81oJhy2jMTJD9T3eQiJo4NZQZYOgALMQPi8fxaAgnuWmvrejNTn/PgRyGpQEs7HFHkX5zHW5M74PU/Z3S3Y2uSZlYrCQRf9Y2mUiK5R40bjsKz4TqIP5LfzhX
[ok]

Anchor
Copying and Installing the SSH Public Key to CDR Servers
Copying and Installing the SSH Public Key to CDR Servers
Copying and Installing the SSH Public Key to CDR Servers

The SSH public key is copied to the remote CDR server file /home/<user>/.ssh/authorized_keys.

For configuration details, refer to Accounting - CLI.

RADIUS Accounting Support

Remote Authentication Dial In User Service (RADIUS) is a standardized protocol for supporting Authentication, Authorization, and Accounting (AAA) management in a distributed client-server architecture. The 

Spacevars
0product
 can map CDR fields and other input parameters to attributes (standard as well as vendor-specific attributes) in RADIUS call-accounting records. The
Spacevars
0product
, acting as a RADIUS client, can send the call-accounting records to an external RADIUS server. For a description of Sonus CDR to RADIUS VSA field mapping, refer to CDR to VSA Mapping.

The following accounting message types are supported by RADIUS protocol:

  • Accounting Request
  • Accounting Response

The process for sending accounting requests and responses is described below.

  • The
    Spacevars
    0product
     sends an accounting-request with Accounting-Status-Type value "Accounting-on". At a later time, this transaction informs the server about the new accounting client that will send the accounting messages to the NAS/resource usage by user.
  • When the
    Spacevars
    0product
     connects the call, the accounting starts. The accounting-request contains the Accounting-Status-Type with the value "Start". The "Start" records contains the following:
  • User identification
  • Network address
  • Point of attachment
  • Unique session identifier
  • Next, the
    Spacevars
    0product
     records the status change by NAS to the RADIUS server for this active session. The accounting-request now contains the Accounting-Status-Type with the value "Interim". The interim record usually conveys the current session duration and information on the current data usage.
  • When the user network access is closed, the NAS issues a final Accounting Stop record to the RADIUS server, providing the information on the final usage in the terms of the following:
  • Time
  • Packets transferred
  • Data transferred
  • Reason for disconnect
  • Other information related to the call

The Accounting-Request contains the Accounting-Status-Type with the value "Stop". The primary purpose of this data is to bill the user. The data is also used for statistical purposes and for general network monitoring.

Caption
0Figure
1RADIUS Client-Server Diagram

Image Added

Info

To configure the

Spacevars
0product
to send records to an external RADIUS server and to configure up to three RADIUS servers per
Spacevars
0product
, refer to Accounting - CLI.

SBC Standard Attributes

The 

Spacevars
0product
 RADIUS application uses standard attributes from the RADIUS when possible. For CDR fields that cannot be mapped to the standard attributes, vendor-specific attributes are defined. The 
Spacevars
0product
 allows instances of the standard attributes in Accounting request message as per following table:

Caption
0Table
1Allowed Standard Attributes
3Allowed Standard Attributes

Attribute Name

Attributes description

NAS-IP-Address

The IP Address of the

Spacevars
0product
generating accounting request.

NAS -Identifier

The configured NAS Identifier for a given

Spacevars
0product
. When sending RADIUS accounting messages, the NAS-Identifier field is populated with the corresponding value configured for the RADIUS server to which message is sent.

Acct-Status-Type

The type of accounting message sent by the

Spacevars
0product
. The
Spacevars
0product
uses the appropriate value of Acct-Status-Type corresponding to the CDR type to be generated.

  • “Value” field in Acct-Status-Type attribute is “1” when call accounting record type is “START”.
  • “Value” field in Acct-Status-Type attribute is “2” when call accounting record type is “STOP”.
  • “Value” field in Acct-Status-Type attribute is “3” when call accounting record type is “INTERMEDIATE”.
  • “Value” field in Acct-Status-Type attribute is “4” when call accounting record type is “ATTEMPT”.
  • “Value” field in Acct-Status-Type attribute is “5” when call accounting record type is “REBOOT”.
  • “Value” field in Acct-Status-Type attribute is “6” when call accounting record type is “SWITCHOVER”.

Acct-Session-Id

Uniquely identifies accounting records for a given call. It is possible to match all accounting records for a given call when correlating call records.

Acct-Session-Time

The number of seconds during which the user received service (duration of the call).

Acct-Terminate-Cause

The class of termination cause. This value is derived from the disconnect reasons class value.

Rf Interface Support

The

Spacevars
0series4
acting as a P-CSCF or IBCF supports Rf interface-based offline billing in compliance with standard IMS as well as file-based and stream-based CDRs. The SBC can select either CDR/streaming-based charging or Rf Interface depending on whether the system-wide flag, enableRfApp, is enabled or not. Refer to Signaling - Global - CLI or Signaling - Diam Sig Controls for configuration details.

The

Spacevars
0product
Diameter node supports both Rf application along with the existing Rx application. The Diameter node uses "Route Table" to find peer for outbound request based on destination realm and application.

For more details, refer to Rf Interface Support.

Generating CDRs in Q-SBC Format

By default, the SBC Core generates CDRs in the standard SBC Core (former Sonus) format. For deployments that require it, users with admin privileges can configure the SBC Core to generate CDRs in the format of the (former GENBAND) Q-series SBCs. Similar to SBC Core CDRs, the Q-SBC format is an ASCII-format text file with multiple records per file. When you enable the Q-SBC format, the SBC Core populates CDR log files according to the mapping shown in the Q-SBC to SBC Core CDR Mapping table. Refer to Generating CDRs in Q-SBC Format for more information

Spacevars
0product
 accounting records may be sent to three different locations:

  1. Local hard disk—If accounting is enabled, then ASCII records are always written to the local disk.
  2. An external server:
    1. To DSI-L0 server—If configured, the ASCII records are transferred to the external Sonus DSI server through SFTP.
    2. To external billing server from IMS network via Rf Interface.
  3. RADIUS server—RADIUS accounting records can be generated and sent to an external RADIUS server.

Accounting File Roll-Over

The

Spacevars
0product
 application maintains a configurable maximum of up to 1024 accounting files. Once the configured limit of files is reached, the application deletes the oldest files first to accommodate the new files.

When accounting file names reach the maximum value of 1FFFFFF.ACT, the next file name rolls over to 1000001.ACT. Use the “Rename Open Files” flag to rename the most recent accounting file with the ”ACT.OPEN” extension. This flag is accessible from the EMA at “System Configuration” > “CDR and Servers” tab.

Global Charge Reference

The Global Charge Reference (GCR) feature allows correlation of calls across networks where the calls are originated from and terminated at different third-party devices. The GCR field is populated in the CDRs of the SBC if the GCR is received in a gateway protocol message from a GSX9000.

The GSX9000 receives or generates the GCR parameter through an ISUP parameter. The GCR is used in conjunction with SIP call-id’s to associate calls that interwork between SIP and ISUP protocols across multiple network devices.

RADIUS Support

RADIUS is a standardized protocol for supporting Authentication, Authorization, and Accounting (AAA) management in a distributed client-server architecture. The

Spacevars
0product
 acting as a RADIUS client can send call-accounting records to an external RADIUS server. For a description of Sonus CDR to RADIUS VSA field mapping, refer to SBC Core Billing Guide.

The following message types are supported by RADIUS protocol:

  • Accounting Request
  • Accounting Response
  • Access-Request
  • Access-Accept
  • Access-Reject

The accounting request and its response for a transaction methodology is described below.

  • The
    Spacevars
    0product
     sends an accounting-request with Accounting-Status-Type value "Accounting-on". At a later time, this transaction informs the server about the new accounting client that will send the accounting messages to the NAS/resource usage by user.
  • When the
    Spacevars
    0product
     connects the call, the accounting starts. The accounting-request contains the Accounting-Status-Type with the value "Start". The "Start" records contains the following:
  • User identification
  • Network address
  • Point of attachment
  • Unique session identifier
  • Next, the
    Spacevars
    0product
     records the status change by NAS to the RADIUS server for this active session. The accounting-request now contains the Accounting-Status-Type with the value "Interim". The interim record usually conveys the current session duration and information on the current data usage.
  • When the user network access is closed, the NAS issues a final Accounting Stop record to the RADIUS server, providing the information on the final usage in the terms of the following:
  • Time
  • Packets transferred
  • Data transferred
  • Reason for disconnect
  • Other information related to the call

The accounting-request contains the Accounting-Status-Type with the value "Stop". The primary purpose of this data is to bill the user. The data is also used for statistical purposes and for general network monitoring.

Caption
0Figure
1RADIUS Client-Server Diagram

Image Removed

Info

To configure up to three RADIUS servers per

Spacevars
0product
, refer to Accounting - CLI.

To configure the

Spacevars
0product
for RADIUS authentication, refer to Configuring SBC for RADIUS Authentication.

 

Renaming Open Accounting Files

The SBC includes the ability to rename a currently-open accounting file using a known suffix to make it easily identifiable by external applications. To activate this feature, simply enable the flag “Rename Open Files” using EMA GUI or CLI. 

CLI syntax example:

Code Block
% set oam eventLog typeAdmin acct renameOpenFiles enable

Once this flag is enabled, on the next accounting file open activity, the suffix .OPEN is appended to the filename using the format <shelf><sequence number>.ACT.OPEN (currently open files are not affected).

For example, as accounting file 1000099 is created with this feature already enabled, the file is named “1000099.ACT.OPEN”.

Note
If a file closes due to a rollover, logging shutdown or system shutdown, it is renamed to the original format: <shelf><sequence number>.ACT.

For configuration details, refer to:

Rf Interface Support

The

Spacevars
0series4
acting as a P-CSCF or IBCF supports Rf interface-based offline billing in compliance with standard IMS as well as file-based and stream-based CDRs. The SBC can select either CDR/streaming-based charging or Rf Interface depending on whether the system-wide flag, enableRfApp, is enabled or not. Refer to Signaling - Global - CLI or Signaling - Diam Sig Controls for configuration details.

The

Spacevars
0product
Diameter node supports both Rf application along with the existing Rx application. The Diameter node uses "Route Table" to find peer for outbound request based on destination realm and application.

For more details, refer to Rf Interface Support page in the SBC Core Billing Guide section.

CDR Server Remote Port Configuration

The 

Spacevars
0product
 supports transferring the call accounting files (.ACT) to the CDR server through a user configured port. The 
Spacevars
0product
also supports using the Secure Shell (SSH) public keys instead of password to authenticate with the remote CDR server.

The following parameters are added in CDR server configuration to set remote port and ssh key based authentication:

  • cdrPort
  • useSshKeyFile
  • generateSshPublicKeys
Note

User can either use the existing username/password or the SSH public key to authenticate with the remote CDR server. The parameter useSshKeyFile must be enabled to generate the SSH public key.

To generate a new SSH public key, execute the following command:

Code Block
languagenone
% request oam accounting cdrServer admin primary generateSshPublicKeys

The generated SSH public key must be installed on CDR server to use ssh key based authentication from SBC. The SSH public key must be copied to the remote CDR server file /home/<user>/.ssh/authorized_keys. If the private key is compromised, the key must be re-generated. Once the key is re-generated, the CDR server must be updated with the new key.

Note
  • The SSH public key generated for the primary CDR server can also be used to authenticate the secondary CDR server. The SSH public key can be installed on both primary and secondary CDR servers.
  • The configured user must have access to /home/<user>/.ssh for reading the public key.

Configuring CDR Server Remote Port

Code Block
languagenone
% set oam accounting cdrServer admin primary cdrPort 2024

Using SSH Public Key for CDR Server Authentication

 Use the SSH public key for CDR server authentication to accomplish the following actions:

  1. Enabling SSH Key Based Authentication
  2. Generating the SSH Public Key
  3. Copying and Installing the SSH Public Key to CDR Servers
AnchorConfiguring SBC to Use SSH Key Based AuthenticationConfiguring SBC to Use SSH Key Based AuthenticationEnabling SSH Key Based Authentication

To enable SSH key based authentication, execute the following command:

Code Block
languagenone
% set oam accounting cdrServer admin primary useSshKeyFile Enable
AnchorGenerating the SSH Public KeyGenerating the SSH Public KeyGenerating the SSH Public Key

To generate a new SSH public key, execute the following command:

Code Block
languagenone
% request oam accounting cdrServer admin primary generateSshPublicKeys
result success
reason 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDclSOlVfVmmhatw5bDQRk7AaYvCRUUfHHbSvkCBb4T8zYdJ8JNw15rMSKk9hEkVdtEEZRJU4Q97C+3LbPknZrIMM+zmSRYmh2/LkGAlydSJ+sPe9i7zWFOLYeA3gitaKJSPgSjdb4WGgDq686Ei4yup9xYDbT8wAcosQsf3tfbqH2GetNJ8tAs3KjRi7FPhH1hHdXVyH0yW1mdGlMYvoFUeFCRjhE81oJhy2jMTJD9T3eQiJo4NZQZYOgALMQPi8fxaAgnuWmvrejNTn/PgRyGpQEs7HFHkX5zHW5M74PU/Z3S3Y2uSZlYrCQRf9Y2mUiK5R40bjsKz4TqIP5LfzhX
[ok]
AnchorCopying and Installing the SSH Public Key to CDR ServersCopying and Installing the SSH Public Key to CDR ServersCopying and Installing the SSH Public Key to CDR Servers

The SSH public key is copied to the remote CDR server file /home/<user>/.ssh/authorized_keys.

For configuration details, refer to Accounting - CLI.

Pagebreak