BNG Blaster Logo
  • Installation
  • Quickstart Guide
  • Interfaces
  • Access Protocols
    • PPPoE
    • IPoE
    • L2TP
    • L2BSA
    • Session Traffic
    • Multicast and IPTV
    • Legal Interception (LI)
    • Monkey
  • Routing Protocols
  • Traffic Streams
  • ICMP
  • HTTP Emulation
  • NAT / CGNAT
  • Reports
  • Configuration
  • API/CLI
  • Controller
  • Performance Guide
  • Troubleshooting
  • Frequently Asked Questions
BNG Blaster
  • Access Protocols
  • Legal Interception (LI)
  • View page source

Legal Interception (LI)

The BNG Blaster can be used to emulate a mediation device providing detailed statistics about the received flows. Today only the BCM QMX LI header format is supported but further headers can be easily integrated.

BCM QMX LI Header Format

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| D   | PT    | SPT | LIID                                      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The functionality is automatically enabled on the network interface and works combined with sessions in one instance or as standalone mediation device as shown in the following example.

{
    "interfaces": {
        "network": {
            "interface": "eth2",
            "address": "100.0.0.10/24",
            "gateway": "100.0.0.2"
        }
    }
}

The received flows can be displayed with the command li-flows.

$ sudo bngblaster-cli run.sock li-flows

{
    "status": "ok",
    "code": 200,
    "li-flows": [
        {
            "source-address": "1.1.1.1",
            "source-port": 49152,
            "destination-address": "1.1.1.2",
            "destination-port": 49152,
            "direction": "downstream",
            "packet-type": "ethernet",
            "sub-packet-type": "double-tagged",
            "liid": 4194301,
            "bytes-rx": 94,
            "packets-rx": 1,
            "packets-rx-ipv4": 0,
            "packets-rx-ipv4-tcp": 0,
            "packets-rx-ipv4-udp": 0,
            "packets-rx-ipv4-host-internal": 0,
            "packets-rx-ipv6": 0,
            "packets-rx-ipv6-tcp": 0,
            "packets-rx-ipv6-udp": 0,
            "packets-rx-ipv6-host-internal": 0,
            "packets-rx-ipv6-no-next-header": 0
        },
        {
            "source-address": "1.1.1.1",
            "source-port": 49152,
            "destination-address": "1.1.1.2",
            "destination-port": 49152,
            "direction": "upstream",
            "packet-type": "ethernet",
            "sub-packet-type": "double-tagged",
            "liid": 4194301,
            "bytes-rx": 160720,
            "packets-rx": 820,
            "packets-rx-ipv4": 820,
            "packets-rx-ipv4-tcp": 0,
            "packets-rx-ipv4-udp": 0,
            "packets-rx-ipv4-host-internal": 820,
            "packets-rx-ipv6": 0,
            "packets-rx-ipv6-tcp": 0,
            "packets-rx-ipv6-udp": 0,
            "packets-rx-ipv6-host-internal": 0,
            "packets-rx-ipv6-no-next-header": 0
        }
    ]
}

The packets-rx-ipv4-host-internal refers to the IPv4 protocol number 61 (any host internal protocol) which is used by some network testers as the default type for traffic streams. The same is valid for packets-rx-ipv6-host-internal which refers to next header 61 and packets-rx-ipv6-no-next-header with next header 59.

Previous Next

© Copyright 2020-2025, RtBrick, Inc..

Built with Sphinx using a theme provided by Read the Docs.