DPI & xDPI for V4V5 xGW

Course Objectives

 Upon finishing the course, you will be able to ：

 Know what is DPI and xDPI
 Know the DPI and xDPI configuration
 Know Online charge configuration
Contents

 What is DPI and xDPI

 DPI configure
 xDPI configure
 Content charge configuration
 What is the DPI and xDPI
1. What is the concept of DPI and xDPI
DPI : Deeply Packet Inspection. Its function is to distinguish the service based on configuration. It recognize the
service based on IP, port and URL.
xDPI : eXtended DPI. Its function is to distinguish the service based on traffic characteristic code. All service have
its own feature, xDPI can use this feature code to seperate these traffic and mark appid for it.

2. What is the purpose of DPI and xDPI

DPI and xDPI can distinguish the service and mark appid for it, then operator can have different policy to
different service traffic. Fox example, DPI or xDPI can recognize whatsapp traffic and then we can give whatsapp
traffic different fee ratio.Normal traffic fee is 10Rs/MB, but we set whatsapp traffic fee is 5Rs/MB. In a word,
recognize result can be used in online charging report, offline charging report, PCEF control and etc 。

3. What is the difference between DPI and xDPI

DPI recognize the traffic based on IP, port and URL. These ip, port and URL need to be configured manual. But
xDPI recognized service traffic based on feature code, this feature code already put into xDPI software by R&D ,
no need us to configure it manual. xDPI can not recognize all service traffic as it is not possible for R&D collect all
app feature code in the network. There are more than 100k app in the public network, but xDPI only can
recognize about 8k famous APP.

© ZTE Corporation. All rights reserved

Contents

 What is DPI and xDPI

 DPI configure
 xDPI configure
 Content charge configuration
 DPI configuration

© ZTE Corporation. All rights reserved

 DPI configuration
DPI recognize the traffic based on 5-tuple and URL.
5-tuple : it is in L3/L4 level, it include : source port, source IP, destination port,destination ip and protocol.
ULR : it is L7 level. please note that ULR and domain is different.
① Souce IP address

② Destination IP address

③ IP protocol type （ TCP/UDP/ICMP ）

5 Tuples

④ Source port range （ start ～ end ）

⑤ Destination port range （ start ～

end ）

DPI configurate include L3/L3 and L7 rule configuration.

© ZTE Corporation. All rights reserved

 DPI configuration
Packet example to show which part will be analysised by DPI.

L34: Source IP+ Source Port+Destination IP+ Destination

Port+
Transmission protocol
5-tuple

L7: URIe

© ZTE Corporation. All rights reserved

 DPI configuration
DPI include below elements
 DPI template.
DPI template is set for all rules which include L3/L4 and L7. Different
DPI template can have different analysis result for same service traffic. But
one APN only can use one template.
 Rule Set
It is serivce traffic unit. It include L3/L4 rule and L7 rule. For example,
if we need distinguish whatsapp service, we can configure one rule set for
whatsapp service and its all L3/L4 rule and L7 rule is used to recognize
whatsapp service.
 Default rules, default exception rules
Default rule and default exception rules not belong to any rule set. If
the traffic can not be recognized by all other rule, it will belong to default
rule or exception rule.
 RULE
It is configuration unit. it is one of record of rule set.
 RuleBase ID
It is result of DPI analysis. xGW will get rulebase ID after DPI analysis
finally.

© ZTE Corporation. All rights reserved

 DPI configuration
 Below picture show us how go to xGW DPI configuration place. V4 and V5 DPI
configuration is in EMS.

© ZTE Corporation. All rights reserved

DPI configuration
1. Create DPI template

2. Add Default rules, default exception rules

© ZTE Corporation. All rights reserved

DPI configuration
3. Add Rule Set

4.Add L34 Rule

© ZTE Corporation. All rights reserved

DPI configuration
5. Add L7 Rule

© ZTE Corporation. All rights reserved

DPI configuration
Domain ID configuration --- L3
If the configured level-1 rule uses a domain name instead of the server IP address and the server IP
mask, a domain name ID can be configured in the level-1 rule. The domain name ID can correspond to
multiple domain names, and the corresponding relationships are configured on the DNS node.

Domain configuration machanism

This rule do not configure any ip only include Domain ID. When UE access domain, it will send request to
DNS, DNS will response the ip to the xGW. xGW get this ip and put it into L3/L4 rule then this rule get the
ip. Next time other user access same ip, system still will think the user access this service. General
Domain configuration will used with L7 rule together. and it is used in “do not know ip” scenario.

© ZTE Corporation. All rights reserved

DPI configuration
Priority of Level-1 Rules

 Three priority levels ：

Priority Field > Depth Priority Principle > Default Priority Principle

 Example ：
Rule 1 and rule 2 have same priority in priorty field.
rule 1 : server IP :10.0.0.0/24 port: 0
rule 2 : server IP : 10.0.0.1/32 port: 80
Result :
rule 2 : IP: 10.0.0.1/32 80 have higher priority

© ZTE Corporation. All rights reserved

DPI configuration
Priority of Level-2 Rules

Three priority levels ：

Priority Field > Depth Priority Principle > Default Priority Principle
Example ：
rule 3 , rule 4 and rule 5 have same priority in “priority field”
rule 3 : *.sina.com*
ruel 4 : www.sina.*
rule 5 : www.sina.com

Result : rule5 have higher priority , then rule 4 , the last is rule 3.

© ZTE Corporation. All rights reserved

DPI configuration
Load Rules
When we finish all rule configuration, we need generate bin files and download it it xGW, then
xGW can use it to recognize the service.

1. Compiling Rules
After finish the rule configuration ， Click generate button ， Compile the configured rules
into the bin file 。
2. Loading Rule
After finish step1 ， click the load button ， Generate the DPI rule file and upload it to the
directory of the MPU.
3. Active Rule
After finish step2, click the active button ， and active the DPI file 。 Or through the DPI
management button ， Select the rule file to be activated in the dialog box. After active
the DPI file, need excute the “write”command in MPU. Otherwise, the activation information
will be lost after the MPU is restarted. 。

© ZTE Corporation. All rights reserved

DPI configuration
Import and Export Rule
Export button ， Select the path for saving Input button ， Select the file to be
the exported file, and enter the file name ： imported and the import mode ：

© ZTE Corporation. All rights reserved

Contents

 What is DPI and xDPI

 DPI configure
 xDPI configure
 Online / Content charge configuration
xDPI configuration
xDPI Machanism
xDPI is software which installed in the xGW. If we enabled xDPI, when traffic reached GSU cpu,
GSU cpu will deliver all the use plane traffic to xDPI for analysis. xDPI will mark the traffic appid
after analysis and return the traffic back to GSU. xGW will transfer the appid to rulebase ID.

Twitter traffic Twitter traffic

twitter traffic(appid :390)

© ZTE Corporation. All rights reserved

xDPI configuration
xDPI APPID list
xDPI software have APPID list, it can be got from xDPI version fiel as below:

ZXDPIV1.17.10_20180803170020_Sig Ap p So ftna m e So ft.txt

From above picture we can see that facebook_video service appid is 2384.
If we have below configuration in xGW, then we can get facebook_video rulebase ID 10.
rule-si 2384 10

© ZTE Corporation. All rights reserved

Contents

 What is DPI and xDPI

 DPI configure
 xDPI configure
 Online/Content charge configuration
Content charge configuration
Basic concept of charge.
PCC Rule : Policy and Charging Control Rule
1) Local Rule : It is configured in PCEF(PGW) and not require PCRF to control.
2) Predifined Rule : The rule policy also configured in PCEF but it require PCRF to active it
3) Dynamic Rule : The rule policy is defined in PCRF and sent to PCEF by CCA message. It is more
flexible.

Online Charging : User access internet based on quota assigned by OCS. Gy interface.

Content Charging : Charging based on diffierent service. It is one of type of Online charging.

Offline Charging : Just record charging records, it can not control service. Ga interface.

Rulebace ID : it is service traffic ID.

RG : Rating group. it is reported to OCS by xGW and OCS will identify different serivce traffic
based on RG.

© ZTE Corporation. All rights reserved

Content charge configuration
PCC rule (local and predefined) configuration
Below is local and predefined PCC configuration logical.
Charge-control
ChargeControlName PCC Type RuleBaseID ChargeRule ControlRule
whatsapp default 10 WhatsappCharge WhatsappControl

Charge-rule Control-Rule
Charge-rule Name free uplink RG uplink SI downlink RG downlink SI ControlRuleName Access-control http-head-enrich
WhatsappCharge no 10 10 10 10 WhatsappControl enable no

DPI configuration
RuleBaseID L3/L4 rule L7 rule
10 whatsapp_L3 whatsapp_L7

Firstly, we need finish DPI configuration, then we can get rulebase ID.
Secondly, we need configure Charge-rule to define RG which will report to OCS.
Thirdly, we need configure control-rule. It can process traffic further. For example, whether allow
traffic go to internet or not.

© ZTE Corporation. All rights reserved

Content charge configuration
PCC rule (local and predefined) configuration example
Scenario description:
The customer have requirement that xGW need report RG=100 to OCS for Wechat traffic. Then
OCS can have different charge policy for wechat traffic. Below information provided by customer
Wechat traffic IP : 10.21.0.0/24
Wechat traffic URL : *.wechat.com.*
We need meet customer requirement by follow steps.
1. Configure DPI file for Wechat traffic using IP and URL provided by customer and plan rulebase
ID, for example, rulebase ID is 123.
2. Configure charge-rule for wechat service.
con t
xgw
pgw
charge-rule Wechat_RG uplink 100 100 downlink 100 100 not-free offline-flux-type l3 online-flux-type l3 flow-
charge both
exit
3. Configure control-rule for wechat service.

© ZTE Corporation. All rights reserved

Content charge configuration
3. Configure control-rule for wechat service.
xgw
pgw
control-rule Wechat_ControlRule
access-control enable
http-head-enrich disable
exit
4. Configure charge-control for wechat service
xGW
pgw
ap test
charge-control default Wechat 123 Wechat_RG Wechat_ControlRule precedence 0
exit
After above script, when wechat traffic come to xGW, xGW will report RG=100 to OCS and OCS
will transfer this user balance to quota based on new fee ratio.

© ZTE Corporation. All rights reserved

Online charge configuration
When we enable online charge function, then xGW will have authentication procedure with OCS
and will try to get quota from OCS.
The configuration is below :
Firstly, we need finish Gy integration. This part will be introduced in other PPT.
Secondly, we need enable online function in APN. the example script is below:
xGW
PGW
ap test
charge charging-mode online enable content 5
charge online ocs-server adjacent-node ocs01
end

© ZTE Corporation. All rights reserved

Online charge configuration
If customer can not provide us wechat IP and URL, we also can using xDPI to recognize it in step
1.
Fristly, we check xDPI APPID decription and find below information:

Secondly, we use command SI tranfer APPID to rulebase ID.

xGW
PGW
rule-si 568 123
exit.
Thirdly, left step is the same.

© ZTE Corporation. All rights reserved

 DPI Identification Procedure

Below picture show us xGW internal procedure how to get RG to report to OCS.

UE SGW/SGSN PGW/GGSN

Check APN charge-control configuration

PGW according the UE traffic IP
and URL to match the DPI file ，
charge-control name: Wechat
Identify the rule-base ID of
the packet
check charge-control configuration in APN

rule-base ID + charge-rule name + control-rule name

123 Through rule-base ID to find the name of charge-rule and control-rule

rule-base ID ip address and url below rule-base ID 123

charge-rule name + control-rule name

check charge-rule configuration get RG

；
excute control-rule policy, like qos limit
packet ip address and url RG is 100

send diameter message or billing message

OCS/CG

© ZTE Corporation. All rights reserved