Configuring DHCP on the GGSN

This chapter describes how to configure the Dynamic Host Configuration Protocol (DHCP) on the GGSN. The GGSN uses DHCP to assign IP addresses to mobile station users who need to access the PDN.

For a complete description of the GGSN commands in this chapter, refer to the Cisco IOS Mobile Wireless Command Reference. To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.

This chapter includes the following sections:

Overview of Configuring DHCP on the GGSN

Configuring DHCP Server Communication Globally

Configuring DHCP at the GGSN Global Configuration Level

Configuring a Local DHCP Server

Configuration Example

Overview of Configuring DHCP on the GGSN

You can use local DHCP services within the Cisco IOS software, or you can configure the GGSN to use an external DHCP server such as the Cisco Network Registrar (CNR). For information about configuring internal DHCP services in the Cisco IOS software, see the Cisco IOS Configuration Fundamentals Configuration Guide.

The DHCP server can be specified in two ways:

At the global configuration level, using the gprs default dhcp-server command.

At the access-point configuration level, using the dhcp-server command.

To configure DHCP support on the GGSN, you must configure either the gprs default ip-address-pool global configuration command or the ip-address-pool access-point configuration command with the dhcp-proxy-client keyword option.

After you configure the access point for DHCP proxy client services, use the dhcp-server access-point configuration command to specify a DHCP server.

Use the ip-address argument to specify the IP address of the DHCP server. The second, optional ip-address argument can be used to specify the IP address of a backup DHCP server to be used in the event that the primary DHCP server is unavailable. If you do not specify a backup DHCP server, then no backup DHCP server is available.

If you specify a DHCP server at the access-point level using the dhcp-server command, then the server address specified at the access point overrides the address specified at the global level. If you do not specify a DHCP server address at the access-point level, then the address specified at the global level is used.

Therefore, you can have a global address setting and also one or more local access-point level settings if you need to use different DHCP servers for different access points.

Use the vrf keyword when the DHCP server itself is located within the address space of a VRF interface on the GGSN. If the DHCP server is located within the VRF address space, then the corresponding loopback interface for the dhcp-gateway-address must also be configured within the VRF address space.

Configuring DHCP Server Communication Globally

This section describes how to configure a global DHCP server host that the GGSN can use to assign IP addresses to mobile users. You can configure additional DHCP server communication at the GGSN global configuration level.

To globally configure DHCP server communication on the router, use the following commands beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# ip address-pool {dhcp-proxy-client | local}

Specifies an IP address pool mechanism, where:

dhcp-proxy-client—Specifies the router as the proxy-client between a third-party DHCP server and peers connecting to the router.

local—Specifies the local address pool named "default".

Note There is no default option for the ip address-pool command. If you configure a local address pool using the local keyword, you can also configure the optional commands in Step 4 and Step 5.

Step 2 

Router(config)# ip dhcp-server {ip-address | name}

Specifies the IP address or name of a DHCP server.

Step 3 

Router(config)# ip dhcp excluded address low-address [high-address]

(Optional) Specifies IP addresses that a DHCP server should not assign to DHCP clients, where:

low-address—Specifies the first IP address in an excluded address range. This address is typically the address of the DHCP server itself.

high-address—(Optional) Specifies the last IP address in the excluded address range.

Step 4 

Router(config)# ip dhcp pool name

(Optional—Supports ip address-pool local command only.)

Configures a DHCP address pool and enters DHCP pool configuration mode, where name can be either a symbolic string (such as "engineering") or an integer (such as 0).

Step 5 

Router(config-dhcp)# network network-number [mask | /prefix-length]

(Optional—Supports ip address-pool local command only.)

Specifies the subnet network number and mask of the DHCP address pool.

The prefix length specifies the number of bits that comprise the address prefix. The prefix is an alternative way of specifying the network mask of the client. The prefix length must be preceded by a forward slash (/).

For more information about configuring global DHCP services, refer to the Cisco IOS IP Configuration Guide, Cisco IOS IP Command References, and the Cisco IOS Dial Technologies Command Reference publications.

Configuring DHCP at the GGSN Global Configuration Level

To complete the DHCP configuration for the GGSN, you can configure DHCP at the GGSN global configuration level. When you configure DHCP at the GGSN configuration level, you can configure DHCP server communication for all access points, or for a specific access point.

Configuring DHCP at the GGSN configuration level includes the following tasks:

Configuring a Loopback Interface (Required)

Specifying a DHCP Server for All Access Points (Optional)

Specifying a DHCP Server for a Particular Access Point (Optional)

Configuring a Loopback Interface

When you configure a DHCP gateway address for DHCP services at an access point, and when you are supporting unique supernets across all access points on the GGSN for DHCP, then you must configure a loopback interface for each unique network.

A loopback interface is a software-only interface that emulates an interface that is always up. It is a virtual interface supported on all platforms. The interface-number is the number of the loopback interface that you want to create or configure. There is no limit on the number of loopback interfaces you can create.

To configure a loopback interface on the GGSN, use the following commands beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# interface loopback interface-number

Defines a loopback interface on the GGSN, where interface-number identifies the loopback interface.

Step 2 

Router(config-if)# ip address ip-address mask [secondary]

Specifies an IP address for the interface, where:

ip-address—Specifies the IP address of the interface in dotted decimal format.

mask—Specifies a subnet mask in dotted decimal format.

secondary—Specifies that the configured address is a secondary IP address. If this keyword is omitted, the configured address is the primary IP address.

Note The ip-address corresponds to the IP address of the DHCP gateway address at the access point. The mask should be 255.255.255.255 to match the dhcp-gateway-address value exactly.

Specifying a DHCP Server for All Access Points

When processing DHCP address allocation, the GGSN software first checks to see whether a DHCP server has been specified at the access-point configuration level. If so, it uses the DHCP server specified at the access point. If no DHCP server is specified at the access-point configuration level, then the GGSN uses the default GGSN DHCP server.

To specify a DHCP server for all GGSN access points, use the following commands beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# gprs default ip-address-pool {dhcp-proxy-client | radius-client | disable}

Specifies a dynamic address allocation method using IP address pools for the GGSN, where:

dhcp-proxy-client—Specifies that the GGSN dynamically acquires IP addresses for an MS from a DHCP server. Use this keyword to enable DHCP services.

radius-client—Specifies that the GGSN dynamically acquires IP addresses for an MS from a RADIUS server.

disable—Disables dynamic address allocation by the GGSN.

There is no default option for this command.

Step 2 

Router(config)# gprs default dhcp-server {ip-address | name} [{ip-address | name}]


Specifies a primary (and backup) DHCP server from which the GGSN obtains IP address leases for mobile users, where:

ip-address—Specifies the IP address of a DHCP server. The second (optional) ip-address argument specifies the IP address of a backup DHCP server.

name—Specifies the host name of a DHCP server. The second (optional) name argument specifies the host name of a backup DHCP server.

Specifying a DHCP Server for a Particular Access Point

To override the default DHCP server configured for all access points, you can specify a different DHCP server for a particular access point. Or, if you choose not to configure a default GGSN DHCP server, you can specify a DHCP server at each access point.

To specify a DHCP server for a particular access point, use the following commands beginning in access-point configuration mode:

 
Command
Purpose

Step 1 

Router(config-access-point)# ip-address-pool {dhcp-proxy-client | radius-client | disable}

Specifies a dynamic address allocation method using IP address pools for the current access point, where:

dhcp-proxy-client—Specifies that the access point IP address pool is maintained on a DHCP server. Use this keyword to enable DHCP services.

radius-client—Specifies that the access point IP address pool is allocated through a RADIUS server.

disable—Disables dynamic address allocation for the current access point.

There is no default option for this command.

Step 2 

Router(config-access-point)# dhcp-server {ip-address} [ip-address] [vrf]


Specifies a primary (and backup) DHCP server that the GGSN uses at a particular access point to obtain IP address leases for mobile users for access to a PDN, where:

ip-address—Specifies the IP address of a DHCP server. The second (optional) ip-address argument specifies the IP address of a backup DHCP server.

vrf—DHCP server uses the VPN routing and forwarding (VRF) table that is associated with the APN.

Step 3 

Router(config-access-point)# dhcp-gateway-address ip-address

Specifies the subnet in which the DHCP server should return addresses for DHCP requests for MS users entering a particular PDN access point.

Note You must configure a corresponding loopback interface with the same IP address as the DHCP gateway address.

Configuring a Local DHCP Server

Although most networks use external DHCP servers, such as that available through the Cisco Network Registrar (CNR), you can also configure internal DHCP services on the GGSN. If you use local DHCP services on the GGSN, then there are a couple of commands that you should configure to improve the internal DHCP response times.

To optimize local DHCP services on the GGSN, use the following commands beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# ip dhcp ping packets 0

Specifies that the Cisco IOS DHCP Server sends 0 packets to a pool address as part of a ping operation.

Step 2 

Router(config)# ip dhcp ping timeout 100

Specifies that the Cisco IOS DHCP Server waits for a ping reply from an address pool for 100 milliseconds.

Configuration Example

The following example shows a VRF configuration for vpn3 (without tunneling) using the ip vrf global configuration command. Because the ip vrf command establishes both VRF and CEF routing tables, notice that ip cef also is configured at the global configuration level to enable CEF switching at all of the interfaces.

The following other configuration elements must also associate the same VRF named vpn3:

FastEthernet0/0 is configured as the Gi interface using the ip vrf forwarding interface configuration command.

Access-point 2 implements VRF using the vrf command access-point configuration command.

The DHCP server at access-point 2 also is configured to support VRF. Notice that access-point 1 uses the same DHCP server, but is not supporting the VRF address space. The IP addresses for access-point 1 will apply to the global routing table: 

aaa new-model

!

aaa group server radius foo

 server 10.2.3.4

 server 10.6.7.8

!

aaa authentication ppp foo group foo

aaa authorization network foo group foo 

aaa accounting network foo start-stop group foo

!

ip cef

!

ip vrf vpn3

 rd 300:3

!

interface Loopback1

 ip address 10.30.30.30 255.255.255.255

!

interface Loopback2

 ip vrf forwarding vpn3

 ip address 10.27.27.27 255.255.255.255

!

interface FastEthernet0/0

 ip vrf forwarding vpn3

 ip address 10.50.0.1 255.255.0.0

 duplex half

!

interface FastEthernet1/0

 ip address 10.70.0.1 255.255.0.0

 duplex half

!

interface loopback 1

 ip address 10.8.0.1 255.255.255.0

!

interface Virtual-Template1

 ip unnumber loopback 1

 encapsulation gtp

 gprs access-point-list gprs

!

ip route 10.10.0.1 255.255.255.255 Virtual-Template1

ip route vrf vpn3 10.100.0.5 255.255.255.0 fa0/0 10.50.0.2

ip route 10.200.0.5 255.255.255.0 fa1/0 10.70.0.2

!

no ip http server

!

gprs access-point-list gprs

 access-point 1

  access-point-name gprs.pdn.com

  ip-address-pool dhcp-proxy-client

  dhcp-server 10.200.0.5

  dhcp-gateway-address 10.30.30.30 

  network-request-activation

  exit

  !

 access-point 2

  access-point-name gprs.pdn2.com

  access-mode non-transparent

  ip-address-pool dhcp-proxy-client

  dhcp-server 10.100.0.5 10.100.0.6 vrf

  dhcp-gateway-address 10.27.27.27

  aaa-group authentication foo

  vrf vpn3

  exit

!

gprs default ip-address-pool dhcp-proxy-client

gprs gtp ip udp ignore checksum

!

radius-server host 10.2.3.4 auth-port 1645 acct-port 1646 non-standard

radius-server host 10.6.7.8 auth-port 1645 acct-port 1646 non-standard

radius-server key ggsntel