ltm message-routing diameter profile session
ltm message-routing diameter pBltmImessage-routing diameter profile session(1)
NAME
session - Configures a Diameter Session profile.
MODULE
ltm message-routing diameter profile
SYNTAX
Configure the session component within the ltm message-routing diameter
profile module using the syntax shown in the following sections.
CREATE/MODIFY
create session [name]
modify session [name]
options:
acct-application-id [integer]
app-service [[string] | none]
array-acct-application-id [[list of integers] | none]
array-auth-application-id [[list of integers] | none]
auth-application-id [integer]
defaults-from [[name] | none]
description [string]
dest-host-rewrite [string]
dest-realm-rewrite [string]
discard-unroutable [disabled | enabled]
handshake-timeout [integer]
host-ip-address [disabled | enabled]
max-message-size [integer]
max-watchdog-failures [integer]
origin-host [string]
origin-host-rewrite [string]
origin-realm [string]
origin-realm-rewrite [string]
persist-avp [string]
persist-timeout [integer]
persist-type [avp | custom | none]
product-name [string]
reset-on-timeout [disabled | enabled]
route-unconfigured-peers [disabled | enabled]
vendor-id [integer]
vendor-specific-vendor-id [integer]
vendor-specific-acct-application-id [integer]
vendor-specific-auth-application-id [integer]
watchdog-timeout [integer]
edit session [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
reset-stats session
reset-stats session [ [ [name] | [glob] | [regex] ] ... ]
DISPLAY
list session
list session [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
one-line
show running-config session
show running-config session [ [ [name] | [glob] | [regex] ] ... ]
options:
all-properties
non-default-properties
one-line
show session
show session [ [ [name] | [glob] | [regex] ] ... ]
options:
(default | exa | gig | kil | meg | peta | raw | tera | yotta | zetta)
field-fmt
DELETE
delete session [name]
DESCRIPTION
You can use the session component to manage a Diameter session profile.
EXAMPLES
create session my_session_profile defaults-from session
Creates a Diameter session profile named my_session_profile using the
system defaults.
create session my_session_profile { reset-on-timeout disabled }
Creates a Diameter profile named my_session_profile that will not reset
the connection when watchdog failure exceed maximum-watchdog-failures.
OPTIONS
acct-application-id
Specifies as an integer the Accounting identifier for specific
application, as specified in RFC 6733. This value will be
appended ot the end of array-acct-application-id in capabilities
exchange messages if it doesn't already exist in it.
app-service
Specifies the name of the application service to which the object
belongs. The default value is none. Note: If the strict-updates
option is enabled on the application service that owns the object,
you cannot modify or delete the object. Only the application
service can modify or delete the object.
array-acct-application-id
Specifies as a whitespace separated list of integers the
Accounting identifier(s) for specific application(s), as specified
in RFC 6733.
array-auth-application-id
Specifies as a whitespace separated list of integers the
Authentication and Authorization identifier(s) for specific
application(s), as specified in RFC 6733.
auth-application-id
Specifies as an integer the Authentication and Authorization
identifier for specific application, as specified in RFC 6733.
This value will be appended ot the end of array-auth-application-
id in capabilities exchange messages if it doesn't already exist
in it.
defaults-from
Specifies the profile that you want to use as the parent profile.
Your new profile inherits all of the settings and values from the
specified parent profile. The default value is diametersession.
description
User defined description.
dest-host-rewrite
Specifies the destination host AVP to which the specified value on
the egress will be rewritten.
dest-realm-rewrite
Specifies the destination realm AVP to which the specified value
on the egress will be rewritten.
discard-unroutable
When selected (enabled), messages that do not match any known
route will be silently discarded. When disabled, unroutable
messages are routed back to the connection where they came from.
The default value is enabled.
glob Displays the items that match the glob expression. See help glob
for a description of glob expression syntax.
handshake-timeout
Specifies the number of seconds before the peer handshake times
out. The default is 10 seconds.
host-ip-address
Specifies the value that will be used in the Host-IP-Address AVP
sent in Capabilities-Exchange-Request and Capabilities-Exchange-
Answer messages. When unset (default), the Diameter router will
use the virtual server's IP address.
max-message-size
Specifies the maximum number of bytes acceptable in a Diameter
message. The default value is 0 which indicates that there is no
message size restriction for this session. Note: Messages
exceeding this size are silently discarded.
max-watchdog-failures
Specifies the maximum number of device watchdog failures that the
traffic management system can receive before it tears down the
connection. After the system receives this number of device
watchdog failures, it closes the connection. The default value is
1.
origin-host
Specifies the identifier of the originating server in the form
siteserver.f5.com. Must specify the origin-host.
origin-host-rewrite
Specifies the value to rewrite to the Origin-Host AVP on egress.
origin-realm
Specifies the Origin-Realm AVP data. Must specify the origin-
realm.
origin-realm-rewrite
Specifies the value to rewrite to the Origin-Realm AVP on egress.
persist-avp
Specifies the Diameter AVP that is used for persistence. The
format is avp[index] for a single AVP or a[x]:b[y]:c[z]:d[w] for a
grouped AVP. There may be at most 4 AVPs in a group. The AVP name
is used as the session-key; it may be an ASCII string or numeric
ID in the range 1 to 4294967295 (AVP code can be specified instead
of AVP name). Note: The default value is "SESSION-ID[0]". A
grouped-avp can be specified with the following syntax:
grouped-avp-name[index]:nested-avp1[index1]:nested-avp2[index2],
where "nested-avp1" and "nested-avp2" are the AVPs in the grouped
AVP.
persist-timeout
Specifies the timeout value (in seconds) for persistence entries.
The default value is 180. Note: Its recommended to have the
persist-timeout to be greater than transaction timeout, specified
in the Diameter router configuration, as the lesser of the two is
used when creating the persist record on receiving of the first
Diameter request message. Upon receiving of the response for the
first Diameter request message the persistence record is updated
with the persist-timeout value. For any subsequent responses
received the persist timeout is updated for the persist record.
persist-type Specifies the type of the persistence. The options are:
avp Persist based on avp in the message.
custom
Persist based on a custom key set using iRule.
none Persistence is disabled.
regex
Displays the items that match the regular expression. The regular
expression must be preceded by an at sign (@[regular expression])
to indicate that the identifier is a regular expression. See help
regex for a description of regular expression syntax.
reset-on-timeout
When enabled, the system resets the connection when the number of
watchdog failures exceeds the value of max-watchdog-failures. The
default value is enabled.
route-unconfigured-peers
When enabled, all connections will be allowed. When disabled,
connections from peers whose IP addresses cannot be found in a
statically configured route will be rejected. The default value
is enabled.
vendor-id
Specifies the vendor identification number assigned to your
diameter server by the Internet Assigned Numbers Authority (IANA).
The default value is 3375.
vendor-specific-vendor-id
Specifies the vendor ID number that will be sent in Vendor-
Specific-Application-ID AVPs. A value of 0 disables the feature.
If this value is set, exactly one of either vendor-specific-acct-
app-id or vendor-specific-auth-app-id must also be specified. The
default value is 0.
vendor-specific-acct-app-id
Specifies the accounting application ID number that will be sent
in Vendor-Specific-Application-ID AVPs. A value of 0 disables the
feature. If this value is set, vendor-specific-vendor-id must be
set and vendor-specific-auth-app-id must be unset. The default
value is 0.
vendor-specific-auth-app-id
Specifies the authentication/authorization application ID number
that will be sent in Vendor-Specific-Application-ID AVPs. A value
of 0 disables the feature. If this value is set, vendor-specific-
vendor-id must be set and vendor-specific-acct-app-id must be
unset. The default value is 0.
watchdog-timeout
Specifies the watchdog timeout in seconds. This setting specifies
the number of seconds that a connection is idle before the device
watchdog request is sent. A value of 0 means BIG-IP will not send
a device watchdog request to either client or server side. The
default value is 10 seconds.
SEE ALSO
create, delete, edit, glob, list, ltm virtual, modify, regex, reset-
stats, show, tmsh
COPYRIGHT
No part of this program may be reproduced or transmitted in any form or
by any means, electronic or mechanical, including photocopying,
recording, or information storage and retrieval systems, for any
purpose other than the purchaser's personal use, without the express
written permission of F5 Networks, Inc.
F5 Networks and BIG-IP (c) Copyright 2013-2015. All rights reserved.
BIG-IP ltm2message-routing diameter profile session(1)