1. Diameter Security Application User Guide with UDR
  2. UDR Configuration

4 UDR Configuration

This section provides information about enabling the security profile and configuring the Audit Time.

4.1 Enabling Security Profile on Active UDR NOAM for DSA Application

  1. Log in to Active NOAM Server through putty session and run the enableSecurityApp loader.
  2. Go to this path: /usr/TKLC/udr/prod/maint/loaders/upgrade.
  3. Run the enableSecurityApp script.

    Note:

    To enable all the following MNP, ENUM, SPLIT, SFAPP, and DSA features together, run the following command:
    "enableMNPwithSplit_Enum_SFAPP"
  4. Reboot both the UDR NOAM servers.

4.2 Auditing Time Configuration on Active UDR NOAM

By default, the Audit Time configuration is disabled (unchecked), for example, no record is cleaned up on the UDR server.
  1. To clean up the old records on UDR, do the following:
    1. Select the Cleanup Inactive Security App Subscriber Enabled option.
    2. Set the value of Security App SDO Audit Interval to 10.
      The system removes all the records after 10 seconds.

4.3 Configure DSA Fields in UDR

  1. From the main Menu, navigate to UDR, then select Subscriber Entity Configuration, then select Transparent Entity, select Base Field Set.
  2. Click SprProfileBFS.

    Figure 4-1 SprProfileBFS screen


    SprProfileBFS screen

  3. Click Edit.
  4. Add the following fields.
    IMSI Regular expression: ^\d{10,15}$
lastUN Regular expression: ^[\x20-\x7e]{0,255}$
VPLMN Regular expression: ^[\x20-\x7e]{0,255}$
MCC Regular expression: ^[\x20-\x7e]{0,255}$
MMEH Regular expression: ^[\x20-\x7e]{0,255}$
MMER Regular expression: ^[\x20-\x7e]{0,255}$
HSSR Regular expression: ^[\x20-\x7e]{0,255}$
HSSH Regular expression: ^[\x20-\x7e]{0,255}$
lastTS Regular expression: ^[\x20-\x7e]{0,255}$
VPLMNID_OLD Regular expression: ^[\x20-\x7e]{0,255}$
MMER_OLD Regular expression: ^[\x20-\x7e]{0,255}$
MMEH_OLD Regular expression: ^[\x20-\x7e]{0,255}$
HSSR_OLD Regular expression: ^[\x20-\x7e]{0,255}$
HSSH_OLD Regular expression: ^[\x20-\x7e]{0,255}$

    Figure 4-2 Configuration Fields


    Configuration Fields

4.4 UDR Protection Against Excess Shared Memory (SHM) usage for DSA Calls

This feature safeguards UDR when the Shared Memory (SHM) usage reaches Major (90%) or Critical (95%) thresholds limit. Safeguarding UDR against excessive SHM usage prevents UDR from becoming non-responsive when SHM usage increases to 100%.

UDR sends the result code as 0 (success) till SHM reaches major threshold limit of 90%. When it reaches the 90% threshold limit, UDR starts to send a new result code Success_ExcessiveSHMUsage ==> 228 and the customer must start deleting the expired subscribers by using SOAP/REST interfaces. The SOAP/REST Interface Guide reference are as follows:
  • Refer the sample example Request 1 mentioned under the section 5.1.4 of the REST Provisioning Interface Specification Guide.
  • Refer the sample example Request 1 mentioned under the section 6.1.3 of the SOAP Provisioning Interface Specification Guide.

When SHM is cleared after subscribers are deleted, UDR allows to create more subscribers without increasing the SHM. If SHM reaches critical threshold limit of 95%, only delete and read requests are allowed, other requests are rejected from UDR with result code "Error_DatabaseFull ==> 229". If SHM reaches MostCriticalThreshold limit of 97.5%, then all requests to UDR are rejected.

Two new result codes are added to support this feature as follows:
  • Success_ExcessiveSHMUsage ==> 228
  • Error_DatabaseFull ==> 229
Perform the following steps to enable the feature:
  • Run the configuration scripts "enableCriticalShMemThManagement" and "setShMemThresholdsValues" on your Active NOAMP node located on the following path on the installation setup:

    /usr/TKLC/udr/prod/maint/loaders/upgrade

  • Run the below command to restart the udrbe process:
    pm.set off udrbe
  • You must wait for udrbe process to kill and then run the following command:
    pm.set on udrbe