If you want to steer specific traffic, or otherwise regulate certain types of
traffic, you need to have developed enforcement policies. If using a Gx interface to a
PCRF, you need to create a listener that connects to a PCRF.
You can create listeners that specify how to handle traffic for policy enforcement.
Creating a listener does preliminary setup on the BIG-IP system
for application visibility, intelligent steering, bandwidth management, and reporting.
On the Main tab, click
The Listeners screen opens. .
The New Listener screen opens.
In the Name field, type a unique name for the listener.
For the Destination setting, select Host or
Network, and type the IP address or network and netmask to use.
Tip: You can use a catch-all virtual server (0.0.0.0) to specify all traffic that is routed to the BIG-IP system.
The system will create a virtual server using the address or network you specify.
For the Service Port setting, type or select the service port for the virtual server.
Subscriber provisioning using RADIUS is enabled by default. If your system is using RADIUS
for snooping subscriber identity, you need to specify VLANs and tunnels. If you are not using
RADIUS, you need to disable it.
- For the VLANs and Tunnels setting, move the VLANs and tunnels
that you want to monitor for RADIUS traffic from the Available list to
the Selected list.
- If you do not want to use RADIUS, from the Subscriber Identity
Collection list, select Disabled.
In the Policy Provisioning area, select enforcement policies to apply to the traffic.
The system applies the global policy to all subscribers in parallel with the subscriber
policies. High-precedence global policies override conflicting subscriber policies, and
low-precedence policies are overridden by conflicting subscriber policies.
For Global Policy, move policies to apply to all subscribers to High Precedence or
For Unknown Subscriber Policy, move policies to use if the subscriber is unknown to Selected.
The Policy Enforcement Manager creates a listener, and displays the listener list.
When you create a listener, the Policy Enforcement Manager also
creates virtual servers for each type of traffic (TCP, UDP, or both), and a virtual
server for HTTP traffic. The system enables classification and assigns the appropriate policy
enforcement profile to the virtual servers. If you are connecting to a RADIUS
authentication server, a virtual server for RADIUS is also added.
Now you can send traffic through the network. As network traffic moves through the
BIG-IP system, the system classifies the traffic, and if you have developed policies, the system performs
the actions specified by the enforcement policy rules.