LIX1 Configuration

In this section, you can find the configurations that pertain to the LIX1 interface.

Syntax:

set lawful-intercept protocol <protocol-name[1-2]> <attribute> <value>

Attribute

Description

<protocol-name[1-2]>

Enables lawful intercept on the switch. Supported Value: x1.

administrative-function-endpoint <administrative-function-endpoint[1-128]>

Specifies the ADMF endpoint URL for sending requests.

administrative-function-id <administrative-function-id[1-128]>

Specifies the LI Administration Function identifier.

mediation-device-instance <mediation-device-instance[1-64]>

Specifies the instance that hosts the mediation devices.

mutual-tls

Global mutual TLS configuration.

mutual-tls client authentication <certificate-name[1-64]>

(Optional) Name of the certificate.

mutual-tls client authentication <certificate-name[1-64]> certificate <certificate[1-8192]>

Specifies the certificate PEM data in base64 encoding. If this value is not specified, it defaults to server certificate.

mutual-tls client authentication <certificate-name[1-64]> key-encrypted-text <key-encrypted-text[4-16419]>

Specifies the Certificate key in an encrypted format.

mutual-tls client authentication <certificate-name[1-64]> key-plain-text <key-plain-text[1-8192]>

Specifies the Certificate key in base64 encoding. If this value is not specified, it defaults to server authentication key.

mutual-tls client root-ca <root-ca[1-8192]>

(Optional) Specifies the trusted CA in base64 encoding. This is mandatory for a self-signed certificate.

mutual-tls server certificate <certificate[1-8192]>

Specifies the certificate PEM data in base64 encoding.

mutual-tls server client-ca <client-ca[1-8192]>

Specifies the trusted client CAs in base64 encoding.

mutual-tls server key <key-encrypted-text[4-16419]>

Sepcifies the certificate key in base64 encoding.

network-element-id <network-element-id[1-128]>

The network element ID of the network element in the ADMF.

network-element-path <network-element-path[1-128]>

(Optional) The context-path for all incoming protocol requests. Default: /X1/NE.

sync-timeout <5-60>

(Optional) The maximum interval for completing protocol requests synchronously in seconds. Default: 5.

async-timeout <10-120>

(Optional) The maximum interval for completing protocol requests asynchronously in seconds. Default: 15.

hold-time <60-86400>

(Optional) Specifies the hold time in seconds for the LI tasks if no keepalive messages are seen from ADMF. Default: 3600.

If both sync and async-timeout are configured, async-timeout has to be at least twice the value of sync-timeout.

Invoking LI with CURL

As shown in the example below, you can use CURL to invoke LI.

sudo curl --location 'http://localhost/hostconfd/api/v1/li' --header 'Content-Type: application/json' --data '<Insert data>'  --unix-socket /var/run/rtbrick/hostconfd_sock/unix.sock -v