DTCP Messages Used for Subscriber Secure Policy
You can use DTCP to provision traffic mirroring on the router by sending DTCP messages from the mediation device to the router.
There are four types of DTCP messages supported for radius-flow-tap services:
ADD—Triggers mirroring of subscriber secure policy sessions. You include attributes that trigger the router to begin mirroring a subscriber session. In addition to one or more attributes that trigger the router to begin traffic mirroring, you can also include attributes that identify where to send the mirrored session data and how to uniquely identify traffic when simultaneous intercepts are active. The ADD message also provides instructions to populate fields in the encapsulation header for packets sent to the mediation device.
DELETE—Removes a subscriber mirroring trigger or can be used to remove all mirroring.
ENABLE—Triggers a drop policy on the router if one does not already exist from a prior DTCP ADD or DTCP ENABLE message.
LIST—Requests information about sessions that are currently being mirrored. This information is returned in a LIST response.
Consult the documentation for your mediation device to learn how to configure DTCP messages on the device.