Differences

This shows you the differences between two versions of the page.

--- en:dpi:changelog:versions:ver_14 [2026/03/24 15:20] – [Changes in version 14.1] elena.krasnobryzh
+++ en:dpi:changelog:versions:ver_14 [2026/03/26 08:28] (current) – [Changes in version 14.1] elena.krasnobryzh
@@ Line 93: / Line 93: @@
   - [BNG][srcIP spoofing] Added filtering by source AS flags on the subs→inet path before packet processing to block operator-originated DDoS attacks with IP address spoofing. [[en:dpi:bras_bng:bras_l2_options:bras_l2_vlan_ipsg#filtering_by_source_as_flags|Description]]
   - [BNG][PPP] Added database session utilization statistics to the ''ppp show stat'' command. [[en:dpi:bras_bng:cli:pppoe#pppoe_show_stat|Description]]
-  - [BNG][PCEF][Policing] Added configuration of common policing from parameters passed in the ''VasExperts-Policing-Profile'' attribute with the ''BR##'' prefix
+  - [BNG][PCEF][Policing] Added configuration of common policing from parameters passed in the ''VasExperts-Policing-Profile'' attribute with the ''BR##'' prefix. [[en:dpi:bras_bng:radius_integration:radius_auth_server_integration:radius_auth_response#policing_with_absolute_value_transmission_extended_htb_format|Description]]
-  - [BNG][PCEF][Services] Added configuration of a personal (''noname'') user profile for services from parameters passed in the ''VasExperts-Service-Profile'' attribute with the ''BP##'' prefix
+  - [BNG][PCEF][Services] Added configuration of a personal (''noname'') user profile for services from parameters passed in the ''VasExperts-Service-Profile'' attribute with the ''BP##'' prefix. [[en:dpi:bras_bng:radius_integration:radius_auth_server_integration:radius_auth_response#example_3_overriding_traffic_classes_and_policing|Description]]
   - [BNG][PCEF][rating-group] New options (cold, fastDPI restart required):
     * ''rating_group_count'' — number of rating groups, ''0'' — RG disabled. Default value: ''0''
-    * ''rating_group_max_subs'' — maximum number of subscribers with RG. Default value: ''0'' (RG disabled)\\ RG storage is initialized only if billing statistics are enabled. Memory calculation for RG statistics: counter size per RG = 32 bytes. Total required memory:<code>32 * rating_group_count * rating_group_max_subs * num_thread</code> For example, for 10k subscribers, 256 RGs, and 8 processing threads, 625M of memory is required:<code>rating_group_count = 256
+    * ''rating_group_max_subs'' — maximum number of subscribers with RG. Default value: ''0'' (RG disabled)\\ [[en:dpi:bras_bng:radius_integration:radius_accounting#rating_group|Description]]
-rating_group_max_subs  = 10000
+  - [BNG][PCEF][rating-group][RADIUS Accounting] Output of RG statistics in RADIUS Accounting. RG statistics are transmitted in separate Interim-Update packets. Only non-zero RG data are sent. [[en:dpi:bras_bng:radius_integration:radius_accounting#rating_group|Description]]
-num_thread = 8
-memory_required = 32 * 256 * 10000 * 8 = 625M</code>
-  - [BNG][PCEF][rating-group][RADIUS Accounting] Output of RG statistics in RADIUS Accounting. RG statistics are transmitted in separate Interim-Update packets. Only non-zero RG data are sent. Due to the 4096-byte RADIUS packet size limit, RG data may be split across multiple Interim-Update packets.\\ To distinguish Interim-Updates containing RG data, a new VSA ''VasExperts-Acct-Type'' (id=28, vendor 43823, integer type) is used with the following values:
-    * ''0'' — standard Interim Update Accounting
-    * ''1'' — RG data\\ Each rating group and its counters are transmitted in *one* VSA containing the following attributes:
-    * ''VasExperts-Acct-Rating-Group'' (new attribute of type short, 16-bit integer) — RG number;
-    * ''VasExperts-Acct-Input-Octets-64''
-    * ''VasExperts-Acct-Output-Octets-64''
-    * ''VasExperts-Acct-Input-Packets-64''
-    * ''VasExperts-Acct-Output-Packets-64''\\ Packet/byte counters by direction are output according to the ''acct_swap_dir'' option (as in Accounting).\\ RG transmission specifics:
-    * RGs are optional data and may be absent for a subscriber; accordingly, no RG accounting data will be transmitted for such a subscriber;
-    * if receipt of an RG packet by the RADIUS server is not confirmed, it is not retransmitted — fresh data will be sent in the subscriber’s next Interim-Update;
-    * if a subscriber has RG statistics, current RG data are sent in Interim-Update packets before sending Acct-Stop at session termination.
   - [BNG][PCEF][rating-group][CLI] Added the ''subs traffic stat'' CLI command. The command outputs billing statistics and rating group statistics for the specified subscriber, if enabled. [[en:dpi:bras_bng:cli:subs#subs_traffic_stat|Description]]
-  - [BNG][PCEF][rating-group][RADIUS Accept] Added configuration of the RG service during authorization. RG statistics accumulation can be enabled only if service 9 (bill stat) is enabled for the subscriber. RG is assigned at the subscriber level during authorization by specifying a special service 9 profile named 'RG': <code>VasExperts-Service-Profile :="9:RG"</code> When service 9 is disabled, RG accumulation is also disabled.\\ Examples of configuring service 9 and RG: <code># service 9 enabled, RG disabled. Standard RADIUS Accounting is sent.
+  - [BNG][PCEF][rating-group][RADIUS Accept] Added configuration of the RG service during authorization. RG statistics accumulation can be enabled only if service 9 (bill stat) is enabled for the subscriber. [[en:dpi:bras_bng:radius_integration:radius_accounting#rating_group|Description]]
-VasExperts-Enable-Service :="9:on"</code> <code># service 9 enabled, RG enabled. RG data are sent in RADIUS Accounting.
-VasExperts-Service-Profile :="9:RG"</code> <code># service 9 disabled, RG disabled. Standard RADIUS Accounting and RG are not sent.
-VasExperts-Enable-Service :="9:off"</code>
   - [BNG][SHCV][hot] Added activity monitoring for static IP L2 subscribers (subscribers for whom RADIUS returned the ''VasExperts-L2-User=1'' flag during L3 authorization). [[en:dpi:bras_bng:bras_l2_options:subs_activity#monitoring_subscriber_activity_with_session_termination_subscriber_host_connectivity_verification|Description]]
   - [BNG][DHCP][hot] New values are available for the ''bras_dhcp_check_secondary_keys'' option: 2 (check only opt82) and 4 (check only QinQ). [[en:dpi:bras_bng:bras_l2_vlan:bras_l2_vlan_dhcp:bras_l2_vlan_dhcp_proxy:bras_l2_vlan_dhcp_proxy_secondary_keys|Description]]
   - [BNG][L2TP] Fixed: crash when receiving a duplicate out-of-order ctl packet
   - [BNG][dhcp-relay] Added the ability to preserve the siaddr field value.\\ New flag in the ''bras_dhcp_server'' option: ''keep_siaddr=1'' — preserve the DHCP packet siaddr field. Example:<code bash>bras_dhcp_server=188.227.73.42%eth0;arp_proxy=1;reply_port=67;keep_siaddr=1</code> By default, the siaddr field may be modified to hide the real DHCP server address. [[en:dpi:bras_bng:bras_l2_vlan:bras_l2_vlan_dhcp:bras_l2_vlan_dhcp_relay#configuration|Description]]
-  - [BNG][CLI] Added the ''subs db stat'' command to display L2 BNG database statistics
+  - [BNG][CLI] Added the ''subs db stat'' command to display L2 BNG database statistics. [[en:dpi:bras_bng:cli:subs#subs_db_stat|Description]]
   - [BNG][DHCP6] Fixed: crash when processing DHCPv6 with an invalid UDP header length
 ===NAT===
   - [CG-NAT] Added ''rx_dispatcher=3'' — a method with uniform load balancing across an arbitrary number of threads with support for NAT 1:1 and the requirement to assign specific addresses. [[en:dpi:opt_cgnat:сgnat_settings#parameters_and_possible_values|Description]]
-  - [CG-NAT] Accounting of translation lifetime in the ''fdpi_ctrl list status --service 11 --login UserName (--ip IP)'' command. Additional fields were added to the command output: ''active_sess_tcp'' — number of active NAT translations for TCP and ''active_sess_udp'' — number of active NAT translations for UDP.\\ Translation activity is determined by the time of its last use and the lifetime parameter configured in the cluster options. [[en:dpi:opt_cgnat:cgnat_diagnostics#output_of_public_addresses_statistics|Description]]
+  - [CG-NAT] Accounting of translation lifetime in the ''fdpi_ctrl list status --service 11 --login UserName (--ip IP)'' command. Additional fields were added to the command output: ''active_sess_tcp'' — number of active NAT translations for TCP and ''active_sess_udp'' — number of active NAT translations for UDP.\\ Translation activity is determined by the time of its last use and the lifetime parameter configured in the cluster options. [[en:dpi:opt_cgnat:cgnat_diagnostics#legend_for_the_nat_statistics_view_by_subscriber|Description]]
   - [CG-NAT][CLI] Accounting of translation lifetime in the ''nat show <internal_ip> [<lifetime>]'' command. Displays a list of all NAT translations for the specified gray IP. [[en:dpi:opt_cgnat:cgnat_diagnostics#list_of_nat_translations|Description]]
@@ Line 135: / Line 119: @@
 ===IPFIX===
-  - [IPFIX] Storage of TTL information from the IP packet header. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#шаблон_экспорта_в_формате_ipfix_netflow_v10_для_протокола_ipv4|Description]]\\ TTL statistics added to Full NetFlow in IPFIX format:
+  - [IPFIX] Storage of TTL information from the IP packet header. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#export_template_in_ipfix_format_netflow_v10_for_ipv4_protocol|Description]]\\ TTL statistics added to Full NetFlow in IPFIX format:
     * Packet TTL, id 192. The field is used for both directions: subs2inet and inet2subs
     * Rating group, id 2020
   - [IPFIX] Fixed an error in time conversion to unix format
-  - [IPFIX] New 64-bit fields added to Full NetFlow IPFIX. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#шаблон_экспорта_в_формате_ipfix_netflow_v10_для_протокола_ipv4|Description]]\\ ''service_flags'' — information about the tags assigned to the flow in DPI. Detected tethering is reported via IPFIX in bit 1 of the service_flags field. 63 bits are available for further use.\\ ''detection_flags'' — reserved for detection methods.\\ ''action_flags'' — reserved for transmitting actions applied to the flow.
+  - [IPFIX] New 64-bit fields added to Full NetFlow IPFIX. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#export_template_in_ipfix_format_netflow_v10_for_ipv4_protocol|Description]]\\ ''service_flags'' — information about the tags assigned to the flow in DPI. Detected tethering is reported via IPFIX in bit 1 of the service_flags field. 63 bits are available for further use.\\ ''detection_flags'' — reserved for detection methods.\\ ''action_flags'' — reserved for transmitting actions applied to the flow.
-  - [IPFIX] Fixed TTL transmission in Full NetFlow IPFIX in a single field with identifier 192 depending on direction. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#шаблон_экспорта_в_формате_ipfix_netflow_v10_для_протокола_ipv4|Description]]
+  - [IPFIX] Fixed TTL transmission in Full NetFlow IPFIX in a single field with identifier 192 depending on direction. [[en:dpi:dpi_options:opt_statistics:statistics_ipfix#export_template_in_ipfix_format_netflow_v10_for_ipv4_protocol|Description]]
 ===Utilities===
@@ Line 146: / Line 130: @@
 ===RADIUS===
-  - [FastRADIUS] Added support for logging to syslog. New parameter ''syslog_level'' in fdpi_radius.conf — the level of logging messages from the alert log to syslog. ''0'' — syslog logging disabled (default).
+  - [FastRADIUS] Added support for logging to syslog. New parameter ''syslog_level'' in fdpi_radius.conf — the level of logging messages from the alert log to syslog. ''0'' — syslog logging disabled (default). [[en:dpi:dpi_components:radius:radius_admin#syslog_logging_support|Description]]
-  - [FastRADIUS] Added extraction of the 3GPP User Location Info RADIUS attribute and its export to IPFIX
+  - [FastRADIUS] Added extraction of the 3GPP User Location Info RADIUS attribute and its export to IPFIX. [[en:dpi:dpi_components:radius:radmon_acct_ipfix|Description]]

Differences

What were you trying to find?