Planning to Configure the GGSN
This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).
This chapter includes the following sections:
•Prerequisites
•Restrictions
•Additional References
Prerequisites
Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:
•Before You Begin
•Platform Prerequisites
Before You Begin
The Cisco GGSN is supported on the Cisco Multi-Processor WAN Application Module (MWAM) for the Cisco 7600 series router platform.
Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for those networks, and plan the associated access points to those networks and configure them on the GGSN. For example, you might want to provide user access to the World Wide Web through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.
Platform Prerequisites
When configuring GGSNs on the Cisco 7600 series router platform, ensure that requirements outlined in the following sections are met:
•Required Hardware and Software
•Required Base Configuration
Required Hardware and Software
Implementing a GGSN on the Cisco 7600 series Internet router platform requires the following hardware and software.
•A Cisco 7600 series router in which a Cisco Supervisor Engine (Sup720) and third-generation policy feature card (PFC3BXL) with integrated Multilayer Switch Feature Card 3 (MSFC3) is installed. The MSFC3s must be running the same Cisco IOS software release, Cisco IOS Release 12.2(18)SXE or later.
•Cisco Multi-Processor WAN Application Module (MWAM), with the 1 GB memory option. The MWAM must be running the same Cisco IOS GGSN software release.
•IPSec VPN Services Module (for security)
Certain GGSN features, such as enhanced service-aware billing and GTP-session redundancy, require additional hardware and software.
GTP-Session Redundancy (GGSN Release 5.1 and later)
Implementing GTP-Session Redundancy (GTP-SR) requires, at minimum:
•Two Cisco 7600 series router in which a Sup720 and PFC3BXL with integrated MSFC3 is installed. The MSFC3s must be running the same Cisco IOS software release, Cisco IOS Release 12.2(18)SXE or later.
•Two Cisco MWAMs (with 1 GB memory option) in each of the Cisco 7600 series routers. The MWAMs must be running the same Cisco IOS GGSN software release.
Enhanced Service-Aware Billing (GGSN Release 5.2 and later)
Implementing enhanced service-aware billing requires the following hardware and software:
•A Cisco 7600 series router in which a Sup720 and PFC3BXL with integrated MSFC3 is installed. The MSFC3s must be running the same Cisco IOS software release, Cisco IOS Release 12.2(18)SXE or later.
•A Cisco MWAM (with 1 GB memory option). The MWAMs must be running the same Cisco IOS GGSN software release.
•IPSec VPN Services Module (for security)
•A Cisco Content Services Gateway (CSG) module in each Cisco 7600 series router. The CSGs must be running the same Cisco CSG software release, Release 3.1(3)C6(1) or later.
GTP APN-Aware SBL (GGSN Release 7.0 and later)
Support for GTP APN-Aware SLB requires Cisco IOS software release 12.2(18) SRB and later on the supervisor engine.
Required Base Configuration
After connectivity has been established from the switch to the different elements in your network, ensure that you complete the following base configuration before implementing and customizing GGSNs on the Cisco MWAM:
On the supervisor engine, ensure that:
1. A Layer-3-routed VLAN for each of the GGSN interfaces has been created. Specifically, create a VLAN for the following interfaces:
–Gn VLAN—Interconnects the Gn interfaces.
–Ga VLAN—Interconnects the Ga interfaces.
–AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for AAA, Operation, Administration, and Maintenance (OAM), and DHCP functions.
–One VLAN per APN Gi interface
You can configure the VLANs from VLAN database mode or global configuration mode. You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.
Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode and not through the VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.
To configure a VLAN from global configuration mode:
Sup#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
Sup(config)#vlan 222
Sup(config-vlan)#end
Sup#
In the preceding example, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the supervisor engine routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), configure a VLAN 222 interface on the supervisor engine and assign an IP address to the interface:
Sup(config)# interface vlan222
Sup(config-if)# ip address n.n.n.n mask
Sup(config-if)# no ip redirects
The following is an example of the VLAN configuration on the supervisor engine:
vlan 103,110,160,200,300-301,310
ip address 10.20.21.1 255.255.255.0
description OAM/AAA/DHCP VLAN
ip address 10.20.50.1 255.255.255.0
description Ga Charging VLAN
description VLAN for APN Internet
ip address 10.20.51.1 255.255.255.0
For detailed information on configuring VLANs, see the Cisco 7600 Series Cisco IOS Software Configuration Guide.
2. The Cisco IOS software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and Chapter 12, "Configuring Load Balancing on the GGSN."
3. Using the mwam module allowed-vlan command, the Cisco MWAM has been added to each of the VLANs you created. For more information about the mwam module allowed-vlan command, refer the Cisco Multiprocessor WAN Application Module Installation and Configuration Note.
Note VLAN IDs must be consistent be the same in the supervisor engine and Cisco MWAM configurations.
The following is an example of the mwam module allowed-vlan configuration:
mwam module 7 port 1 allowed-vlan 71,95,100,101
mwam module 7 port 2 allowed-vlan 71,95,100,101
mwam module 7 port 3 allowed-vlan 71,95,100,101
4. A static route is configured to each GGSN instance configured on the Cisco MWAM:
ip route 10.20.30.1 255.255.255.255 10.20.21.20
ip route 10.20.30.2 255.255.255.255 10.20.21.21
ip route 10.20.30.3 255.255.255.255 10.20.21.22
ip route 10.20.30.4 255.255.255.255 10.20.21.23
ip route 10.20.30.5 255.255.255.255 10.20.21.24
On each GGSN instance on the Cisco MWAM, ensure that:
1. A static route is configured to the supervisor engine.
ip route 0.0.0.0.0 0.0.0.0 10.20.21.1
2. A subinterface, on which 802.1Q encapsulation is enabled, is configured to each of the VLANs that you created on the supervisor engine.
The following is an example of a Ga/Gn subinterface configuration on the GGSN to VLAN 103 configured on the supervisor engine:
interface GigabitEthernet0/0.2
description Ga/Gn Interface
ip address 10.1.1.72 255.255.255.0
For detailed information on configuring:
–Ga subinterfaces, see the "Configuring an Interface to the Charging Gateway" section on page 5-1.
–Gn subinterfaces, see the "Configuring an Interface to the SGSN" section on page 7-1.
–Gi subinterfaces, see the "Configuring an Interface to a PDN" section on page 7-12.
Configuration Examples
The following are base configuration examples for the supervisor engine and the GGSN instance running on the Cisco MWAM.
Supervisor Engine
boot device module 7 cf:4
mwam module 7 port 1 allowed-vlan 71,95,100,101
mwam module 7 port 2 allowed-vlan 71,95,100,101
mwam module 7 port 3 allowed-vlan 71,95,100,101
power redundancy-mode combined
name Internal_Gi_for_GGSN-MWAM
interface FastEthernet8/22
switchport access vlan 302
interface FastEthernet8/23
switchport access vlan 302
interface FastEthernet8/26
description To DHCP/RADIUS Servers
switchport access vlan 95
interface FastEthernet8/31
switchport access vlan 71
interface FastEthernet9/32
switchport access vlan 165
description VLAN to tftpserver
ip address 1.7.46.65 255.255.0.0
description VLAN for RADIUS and DHCP
ip address 10.2.25.1 255.255.255.0
description Internal VLAN SUP-to-MWAM Gi
ip address 10.1.2.1 255.255.255.0
description VLAN to GGSN for GA/GN
ip address 10.1.1.1 255.255.255.0
description VLAN to CORPA
ip address 165.1.1.1 255.255.0.0
ip address 40.0.2.1 255.255.255.0
ip address 40.0.3.1 255.255.255.0
summary-address 9.9.9.0 255.255.255.0
redistribute static subnets route-map GGSN-routes
network 40.0.2.0 0.0.0.255 area 300
network 40.0.3.0 0.0.0.255 area 300
ip route 9.9.9.72 255.255.255.255 10.1.1.72
ip route 9.9.9.73 255.255.255.255 10.1.1.73
ip route 9.9.9.74 255.255.255.255 10.1.1.74
ip route 9.9.9.75 255.255.255.255 10.1.1.75
ip route 9.9.9.76 255.255.255.255 10.1.1.76
ip route 110.72.0.0 255.255.0.0 10.1.1.72
ip route 110.73.0.0 255.255.0.0 10.1.1.73
ip route 110.74.0.0 255.255.0.0 10.1.1.74
ip route 110.75.0.0 255.255.0.0 10.1.1.75
ip route 110.76.0.0 255.255.0.0 10.1.1.76
access-list 1 permit 9.9.9.0 0.0.0.255
route-map GGSN-routes permit 10
GGSN Instance on the Cisco MWAM
description USED FOR DHCP gateway
ip address 110.72.0.2 255.255.255.255
description GPRS GTP V-TEMPLATE IP ADDRESS
ip address 9.9.9.72 255.255.255.0
interface GigabitEthernet0/0
interface GigabitEthernet0/0.1
ip address 10.1.2.72 255.255.255.0
interface GigabitEthernet0/0.2
description Ga/Gn Interface
ip address 10.1.1.72 255.255.255.0
interface GigabitEthernet0/0.71
description TFTP or Backbone
ip address 1.7.46.72 255.255.0.0
interface GigabitEthernet0/0.95
ip address 10.2.25.72 255.255.255.0
interface Virtual-Template1
ip unnumbered Loopback100
gprs access-point-list gprs
ip route 0.0.0.0 0.0.0.0 10.1.2.1
ip route 40.1.2.1 255.255.255.255 10.1.1.1
ip route 40.1.3.10 255.255.255.255 10.1.1.1
ip route 40.2.2.1 255.255.255.255 10.1.1.1
ip route 40.2.3.10 255.255.255.255 10.1.1.1
ip route 40.3.2.3 255.255.255.255 10.1.1.1
ip route 40.4.2.3 255.255.255.255 10.1.1.1
gprs access-point-list gprs
access-point-name CORPA.com
ip-address-pool dhcp-proxy-client
dhcp-gateway-address 110.72.0.2
Restrictions
When configuring a Cisco GGSN, please observe the following:
•The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] has been configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).
Note DFP weighs PPP PDPs against IP PDPs with one PPP PDP equal to eight IP PDPs. One IPv6 PDP equals 8 IPv4 PDPs.
The Cisco MWAM can support up to 60,000 IPv4 PDP contexts per GGSN instance, with a maximum of 300,000 IP PDP contexts per MWAM on which five GGSNs are configured, or up to 8,000 IPv6 PDP contexts per GGSN instance, with a maximum of 40,000 IPv6 PDP contexts per MWAM on which five GGSNs are configured.
•Only five instances of the Cisco GGSN image can be loaded onto the MWAM.
•The same image must be loaded onto all processor complexes on the MWAM.
•The session console is provided by a TCP connection from the supervisor module (no direct console).
•The available memory for bootflash for saving crash information files is 500 KB.
•A maximum of five files can be stored in the bootflash filesystem.
•To avoid issues with high CPU usage, we recommend the following configurations:
–To reduce the CPU usage during bootup, disable logging to the console terminal by configuring the no logging console global configuration command.
–To ensure that the HSRP interface does not declare itself active until it is ready to process a peer's Hello packets, configure the delay period before the initialization of HSRP groups with the standby delay minimum 100 reload 100 interface configuration command under the HRSP interface.
–To minimize issues with high CPU usage for additional reasons, such as periods of high PPP PDP processing (creating and deleting), disable the notification of interface data link status changes on all virtual template interfaces of the GGSN using the no logging event link-status interface configuration command.
interface Virtual-Template1
no logging event link-status
gprs access-point-list gprs
For implementation of a service-aware GGSN with Cisco GGSN Release 5.2, the following additional important notes, limitations, and restrictions apply:
•RADIUS accounting is enabled between the CSG and GGSN to populate the Known User Entries Table (KUT) entries with the PDP context user information.
•CSG must be configured with the QS addresses of all the GGSN instances.
•Service IDs on the CSG are configured as numeric strings that match the category IDs on the Diameter Credit Control Application (DCCA) server.
•If RADIUS is not being used, the Cisco CSG is configured as a RADIUS endpoint on the GGSN.
•On the SGSN, the values configured for the number GTP N3 requests and T3 retransmissions must be larger than the sum of all possible server timers (RADIUS, DCCA, and CSG).
Specifically the SGSN N3*T3 must be greater than:
2 x RADIUS timeout + N x DCCA timeout + CSG timeout
where:
–2 is for both authentication and accounting.
–N is for the number of diameter servers configured in the server group.
Additional References
For additional information related to implementing IPv6 basic connectivity, see the following sections:
•Related Documents
•Standards
•MIBS
•RFCs
•Technical Assistance
Related Documents
•Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.4
•Cisco IOS Configuration Fundamentals Command Reference, Release 12.4
•Cisco IOS Dial Technologies Configuration Guide, Release 12.4
•Cisco IOS Dial Technologies Command Reference, Release 12.4
•Cisco IOS Interface and Hardware Component Configuration Guide, Release 12.4
•Cisco IOS Interface and Hardware Component Command Reference, Release 12.4
•Cisco IOS IP Mobility Configuration Guide, Release 12.4
•Cisco IOS IP Mobility Command Reference, Release 12.4
•Cisco IOS IP Multicast Configuration Guide, Release 12.4
•Cisco IOS IP Multicast Command Reference, Release 12.4
•Cisco IOS IP Routing Protocols Configuration Guide, Release 12.4
•Cisco IOS IP Routing Protocols Command Reference, Release 12.4
•Cisco IOS IP Switching Configuration Guide, Release 12.4
•Cisco IOS IP Switching Command Reference, Release 12.4
•Cisco IOS IPv6 Configuration Guide, Release 12.4
•Cisco IOS IPv6 Command Reference, Release 12.4
•Cisco IOS LAN Switching Configuration Guide, Release 12.4
•Cisco IOS LAN Switching Command Reference, Release 12.4
•Cisco IOS Mobile Wireless Packet Data Serving Node Configuration Guide, Release 12.4
•Cisco IOS Mobile Wireless Packet Data Serving Node Command Reference, Release 12.4
•Cisco IOS Network Management Configuration Guide, Release 12.4
•Cisco IOS Network Management Command Reference, Release 12.4
•Cisco IOS Optimized Edge Routing Configuration Guide, Release 12.4
•Cisco IOS Optimized Edge Routing Command Reference, Release 12.4
•Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
•Cisco IOS Quality of Service Solutions Command Reference, Release 12.4
•Cisco IOS Security Configuration Guide, Release 12.4
•Cisco IOS Security Command Reference, Release 12.4
•Cisco Multi-Processor WAN Application Module Installation and Configuration Note
Standards
Cisco IOS GGSN Release 7.0 supports the following Third Generation Partnership Program (3GPP) standards:
Table 2-1 Third Generation Partnership Program (3GPP) Standards Supported by Cisco GGSN Release 7.0
|
|
|
|
03.03 |
Numbering, addressing and identification |
97 |
6.5.0 |
03.03 |
Numbering, addressing and identification |
98 |
7.6.0 |
23.003 |
Numbering, addressing and identification |
99 |
3.11.0 |
23.003 |
Numbering, addressing and identification |
4 |
4.5.0 |
23.003 |
Numbering, addressing and identification |
5 |
5.5.1 |
03.60 |
GPRS Stage 2 |
97 |
6.7.0 |
03.60 |
GPRS Stage 2 |
98 |
7.7.0 |
23.060 |
GPRS Stage 2 |
99 |
3.15.0 |
23.060 |
GPRS Stage 2 |
4 |
4.6.0 |
23.060 |
GPRS Stage 2 |
5 |
5.4.0 |
09.02 |
MAP |
97 |
NA |
09.02 |
MAP |
98 |
NA |
29.002 |
MAP |
99 |
NA |
04.08 |
Mobile radio interface layer3 |
97 |
6.9.0 |
04.08 |
Mobile radio interface layer3 |
98 |
7.14.0 |
24.008 |
Mobile radio interface layer3 |
99 |
3.14.0 |
24.008 |
Mobile radio interface layer3 |
4 |
4.9.0 |
24.008 |
Mobile radio interface layer3 |
5 |
5.6.0 |
09.60 |
GTP across Gn and Gp |
97 |
6.6.0 |
09.60 |
GTP across Gn and Gp |
98 |
7.9.0 |
29.060 |
GTP across Gn and Gp |
99 |
3.15.0 |
29.060 |
GTP across Gn and Gp |
4 |
4.6.0 |
29.060 |
GTP across Gn and Gp |
5 |
5.4.0 |
09.61 |
Interworking with PDN |
97 |
6.4.0 |
09.61 |
Interworking with PDN |
98 |
7.4.0 |
29.061 |
Interworking with PDN |
99 |
3.11.0 |
29.061 |
Interworking with PDN |
4 |
4.6.0 |
29.061 |
Interworking with PDN |
5 |
5.4.0 |
12.15 |
Charging |
97 |
NA |
12.15 |
Charging |
98 |
7.1.0 |
32.015 |
Charging |
99 |
3.7.0 |
32.215 |
Charging |
4 |
4.1.0 |
32.215 |
Charging |
5 |
4.1.0 |
23.107 |
QoS Concept and Architecture |
99 |
3.9.0 |
23.107 |
QoS Concept and Architecture |
4 |
4.6.0 |
23.107 |
QoS Concept and Architecture |
5 |
5.7.0 |
29.208 |
End-to-end QoS signaling flows |
5 |
5.2.0 |
The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:
•Ga interface—SMG#28 R99
•Gn interface—SMG#31 R98
MIBS
•CISCO-GGSN-MIB
•CISCO-GGSN-QOS-MIB
•CISCO-GGSN-SERVICE-AWARE-MIB
•CISCO-GPRS-ACC-PT-MIB
•CISCO-GPRS-CHARGING-MIB
•CISCO-GPRS-GTP-CAPABILITY-MIB
•CISCO-GTP-MIB
RFCs
•RFC 1518, An Architecture for IP Address Allocation with CIDR
•RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy
•RFC 1661, The Point-to-Point Protocol (PPP)
•RFC 2461, Neighbor Discovery for IP Version 6 (IPv6)
•RFC 2462, IPv6 Stateless Address Autoconfiguration
•RFC 2475, An Architecture for Differentiated Services
•RFC 3162, RADIUS and IPv6
•RFC 3588, Diameter Base Protocol
Technical Assistance
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
http://www.cisco.com/techsupport