Planning to Configure the GGSN
This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).
This chapter includes the following sections:
•Prerequisites
•Restrictions
•Additional References
Prerequisites
Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:
•Before You Begin
•Platform Prerequisites
Before You Begin
The Cisco GGSN is supported on the Cisco Service and Application Module for IP (SAMI) for the Cisco 7600 series router platform.
Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for the networks, and plan the associated access points to those networks and configure them on the GGSN.
For example, you might want to provide user access to the Internet through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.
Platform Prerequisites
When configuring GGSNs on the Cisco 7600 series router platform, ensure that requirements outlined in the following sections are met:
•Required Hardware and Software
•Required Base Configuration
Required Hardware and Software
Implementing the Cisco GGSN Release 9.2 on the Cisco 7600 series Internet router platform requires the following hardware and software.
•Any module that has ports to connect to the network.
•A Cisco 7600 series router and one of the following supervisor engines running Cisco IOS Release 12.2(33)SRC or later:
–Cisco 7600 Series Supervisor Engine 720 with a Multiplayer Switch Feature Card 3 (WS-SUP720)
–Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3B (WS-SUP720-3B)
–Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3BXL (WS-SUP720-3BXL)
–Cisco 7600 Series Supervisor Engine 32 with a Multiplayer Switch Feature Card (WS-SUP32-GE-3B) with LCP ROMMON Version 12.2(121) or later on the Cisco SAMI.
–Cisco 7600 Series Supervisor Engine 32 with a Mutlilayer Switch Feature Card and 10 Gigabit Ethernet Uplinks (WS-SUP32-10GE-3B) with LCP ROMMON Version 12.2[121] or later on the Cisco SAMI.
Or, one of the following Cisco 7600 series route switch processors running Cisco IOS Release 12.2(33)SRE or later
–Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3C (RSP720-3C-GE)
–Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3CXL (RSP720-3CXL-GE)
For details on upgrading the Cisco IOS release running on the supervisor engine, see the "Upgrading to a New Software Release" section in the Release Notes for Cisco IOS Release 12.2SR. For information about verifying and upgrading the LCP ROMMON image on the Cisco SAMI, see Cisco Service and Application Module for IP User Guide.
Note The Cisco IOS software required on the supervisor engine is dependent on the supervisor engine being used and the Cisco mobile wireless application running on the Cisco SAMI processors.
•Cisco Service and Application Module for IP (Cisco Product Number: WS-SVC-SAMI-BB-K9). The SAMI processors must be running Cisco IOS Release 12.4(24)T3a or later.
Note The Cisco GGSN software application ships preloaded on the Cisco SAMI and automatically loads onto each processor during an image upgrade. The Cisco GGSN software application supports both the Cisco SAMI 1 GB memory default and the 2 GB memory option (Cisco Product Number: MEM-SAMI-6P-2GB[=]).
•IPSec VPN Services Module (for security)
Note Certain Cisco GGSN features, such as enhanced service-aware billing and GTP-session redundancy, require additional hardware and software.
GTP-Session Redundancy
In addition to the required hardware and software above, implementing GTP-Session Redundancy (GTP-SR) requires at minimum:
•In a one-router implementation, two Cisco SAMIs in the Cisco 7600 Series Router, or
•In a two-router implementation, one Cisco SAMI in each of the Cisco 7600 Series Routers.
Enhanced Service-Aware Billing
In addition to the required hardware and software, implementing enhanced service-aware billing requires an additional Cisco SAMI running the Cisco Content Services Gateway - 2nd Generation software in each Cisco 7600 Series Router.
Required Base Configuration
After establishing connectivity from the switch to the various elements in your network, complete the following base configuration before implementing and customizing GGSNs on the Cisco SAMI.
Supervisor Engine Configuration
On the supervisor engine, ensure that the following tasks are completed:
1. A Layer 3-routed VLAN for each GGSN interface is created. For example, create a VLAN for the following interfaces:
–Gn VLAN—Interconnects the Gn interfaces.
–Ga VLAN—Interconnects the Ga interfaces.
–AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for Authentication, Authorization, and Accounting (AAA), Operation, Administration, and Maintenance (OAM), and DHCP functions.
–One VLAN per APN Gi interface
You can configure the VLANs from VLAN database mode or global configuration mode. You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.
Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode, not in VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.
To configure a VLAN from global configuration mode:
Sup#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
Sup(config)#vlan 222
Sup(config-vlan)#end
Sup#
In the preceding example, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the supervisor engine routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), configure a VLAN 222 interface on the supervisor engine and assign an IP address to the interface:
Sup(config)# interface vlan222
Sup(config-if)# ip address n.n.n.n mask
Sup(config-if)# no ip redirects
The following is an example of the VLAN configuration on the supervisor engine:
vlan 103,110,160,200,300-301,310
ip address 10.20.21.1 255.255.255.0
description OAM/AAA/DHCP VLAN
ip address 10.20.50.1 255.255.255.0
description Ga Charging VLAN
description VLAN for APN Internet
ip address 10.20.51.1 255.255.255.0
For detailed information on configuring VLANs, see Cisco 7600 Series Cisco IOS Software Configuration Guide.
2. The Cisco IOS Software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and Chapter 14, "Configuring Load Balancing on the GGSN."
3. Traffic is permitted to the Cisco SAMI by enabling multiple switch virtual interfaces (SVIs), assigning the VLANs to a VLAN group, and then assigning the VLAN groups to the Cisco SAMI using the following commands:
svclc multiple-vlan-interfaces
svclc module 7 vlan-group 71, 73
svclc vlan-group 73, 95, 100, 101
Note VLAN IDs must be consistent be the same in the supervisor engine and Cisco SAMI configurations. For more information about configuring the Cisco SAMI, refer the Cisco Service and Application Module for IP User Guide.
4. A static route is configured to the GGSN on PPC3:
ip route 10.20.30.1 255.255.255.255 10.20.21.20
GGSN Configuration
On the GGSN on the Cisco SAMI PPC3, ensure that:
1. A static route is configured to the supervisor engine.
ip route 0.0.0.0.0 0.0.0.0 10.20.21.1
2. A subinterface, on which 802.1Q encapsulation is enabled, is configured to each VLAN that you created on the supervisor engine.
The following is an example of a Gn subinterface configuration on the GGSN to VLAN 103 configured on the supervisor engine:
interface GigabitEthernet0/0.2
ip address 10.1.1.72 255.255.255.0
For detailed information on configuring, see the following:
–Ga subinterfaces—"Configuring an Interface to the Charging Gateway" section on page 7-2.
–Gn subinterfaces—"Configuring an Interface to the SGSN" section on page 9-1.
–Gi subinterfaces— "Configuring an Interface to a PDN" section on page 9-12.
Configuration Examples
The following are base configuration examples for the supervisor engine and the Cisco GGSN.
Supervisor Engine
boot device module 7 cf:4
svclc multiple-vlan-interfaces
svclc module 7 vlan-group 71, 73
svclc vlan-group 73, 95, 100, 101
power redundancy-mode combined
name Internal_Gi_for_GGSN-SAMI
interface FastEthernet8/22
switchport access vlan 302
interface FastEthernet8/23
switchport access vlan 302
interface FastEthernet8/26
description To DHCP/RADIUS Servers
switchport access vlan 95
interface FastEthernet8/31
switchport access vlan 71
interface FastEthernet9/32
switchport access vlan 165
description VLAN to tftpserver
ip address 1.7.46.65 255.255.0.0
description VLAN for RADIUS and DHCP
ip address 10.2.25.1 255.255.255.0
description Internal VLAN SUP-to-SAMI Gi
ip address 10.1.2.1 255.255.255.0
description VLAN to GGSN for GA/GN
ip address 10.1.1.1 255.255.255.0
description VLAN to CORPA
ip address 165.1.1.1 255.255.0.0
ip address 40.0.2.1 255.255.255.0
ip address 40.0.3.1 255.255.255.0
summary-address 9.9.9.0 255.255.255.0
redistribute static subnets route-map GGSN-routes
network 40.0.2.0 0.0.0.255 area 300
network 40.0.3.0 0.0.0.255 area 300
ip route 9.9.9.72 255.255.255.255 10.1.1.72
ip route 9.9.9.73 255.255.255.255 10.1.1.73
ip route 9.9.9.74 255.255.255.255 10.1.1.74
ip route 9.9.9.75 255.255.255.255 10.1.1.75
ip route 9.9.9.76 255.255.255.255 10.1.1.76
ip route 110.72.0.0 255.255.0.0 10.1.1.72
ip route 110.73.0.0 255.255.0.0 10.1.1.73
ip route 110.74.0.0 255.255.0.0 10.1.1.74
ip route 110.75.0.0 255.255.0.0 10.1.1.75
ip route 110.76.0.0 255.255.0.0 10.1.1.76
access-list 1 permit 9.9.9.0 0.0.0.255
route-map GGSN-routes permit 10
GGSN on the Cisco SAMI PPC3
description USED FOR DHCP gateway
ip address 110.72.0.2 255.255.255.255
description GPRS GTP V-TEMPLATE IP ADDRESS
ip address 9.9.9.72 255.255.255.0
interface GigabitEthernet0/0
interface GigabitEthernet0/0.1
ip address 10.1.2.72 255.255.255.0
interface GigabitEthernet0/0.2
description Ga/Gn Interface
ip address 10.1.1.72 255.255.255.0
interface GigabitEthernet0/0.71
description TFTP or Backbone
ip address 1.7.46.72 255.255.0.0
interface GigabitEthernet0/0.95
ip address 10.2.25.72 255.255.255.0
interface Virtual-Template1
ip unnumbered Loopback100
gprs access-point-list gprs
ip route 0.0.0.0 0.0.0.0 10.1.2.1
ip route 40.1.2.1 255.255.255.255 10.1.1.1
ip route 40.1.3.10 255.255.255.255 10.1.1.1
ip route 40.2.2.1 255.255.255.255 10.1.1.1
ip route 40.2.3.10 255.255.255.255 10.1.1.1
ip route 40.3.2.3 255.255.255.255 10.1.1.1
ip route 40.4.2.3 255.255.255.255 10.1.1.1
gprs access-point-list gprs
access-point-name CORPA.com
ip-address-pool dhcp-proxy-client
dhcp-gateway-address 110.72.0.2
Restrictions
When configuring a Cisco GGSN:
•The Cisco GGSN does not support the Cisco Express Forwarding (CEF) neighbor resolution optimization feature, which is enabled by default. Therefore, to avoid the possibility of incomplete adjacency on VLAN interfaces for the redirected destination IP address and an impact to the upstream traffic flow for PDP sessions upon startup, ensure that you configure the no ip cef optimize neighbor resolution command.
•The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] is configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).
Note DFP weighs PPP PDPs against IP PDPs. One PPP PDP is equal to eight IP PDPs, and one IPv6 PDP equals 8 IPv4 PDPs.
Table 1 lists the maximum number of PDP contexts the Cisco SAMI with the 1 GB memory option can support. Table 2 lists the maximum number the Cisco SAMI with the 2 GB memory option can support.:
Table 1 Number of PDPs Supported in 1 GB SAMI
|
|
IPv4 |
384,000 |
IPv6 |
48,000 |
PPP Regeneration |
96,000 |
PPP |
48,000 |
Table 2 Number of PDPs Supported in 2 GB SAMI
|
|
IPv4 |
816,000 |
IPv6 |
96,000 |
PPP Regeneration |
192,000 |
PPP |
96,000 |
•To avoid issues with high CPU usage, we recommend the following configurations:
–To reduce the CPU usage during startup, disable logging to the console terminal by configuring the no logging console command in global configuration mode.
–To ensure that the HSRP interface does not declare itself active until it is ready to process a peer's Hello packets, configure the delay period before the initialization of HSRP groups with the standby delay minimum 100 reload 100 interface configuration command under the HRSP interface.
–To minimize issues with high CPU usage for additional reasons, such as periods of high PPP PDP processing (creating and deleting), use the no logging event link-status interface command to disable the notification of interface data link status changes on all virtual template interfaces of the GGSN.
interface Virtual-Template1
no logging event link-status
gprs access-point-list gprs
For implementation of a service-aware GGSN, the following additional important notes, limitations, and restrictions apply:
•RADIUS accounting is enabled between the CSG2 and GGSN to populate the Cisco CSG2 User Table entries with the PDP context user information.
•CSG2 must be configured with the quota server address of the GGSN.
•Service IDs on the CSG2 are configured as numeric strings that match the category IDs on the Diameter Credit Control Application (DCCA) server.
•If RADIUS is not being used, the Cisco CSG2 is configured as a RADIUS endpoint on the GGSN.
•On the SGSN, the values configured for the number GTP N3 requests and T3 retransmissions must be larger than the sum of all possible server timers (RADIUS, DCCA, and CSG2).
Specifically the SGSN N3*T3 must be greater than:
2 x RADIUS timeout + N x DCCA timeout + CSG2 timeout
where:
–2 is for both authentication and accounting.
–N is for the number of Diameter servers configured in the server group.
Note Configuring a N3* T3 lower than the default might impact slow TCP-based charging paths.
Additional References
For additional information related to implementing basic connectivity, see the following sections:
•Related Documents
•Standards
•MIBS
•RFCs
•Technical Assistance
Related Documents
•Release Notes for Cisco GGSN Release 10.0 on the Cisco SAMI, Cisco IOS Release 12.4(24)YE
•Cisco Service and Application Module for IP User Guide
•Cisco IOS Network Management Configuration Guide
•Release Notes for Cisco IOS Release 12.2SR for the Cisco 7600 Series Routers
•Cisco 7600 Series Cisco IOS Software Configuration Guide
•Cisco 7600 Series Cisco IOS Command Reference
•Cisco IOS Quality of Service Solutions Configuration Guide, Cisco IOS Release 12.4
•Cisco IOS Configuration Guides and Command References, Release 12.4
Standards
Cisco GGSN Release 10.0 supports the following Third Generation Partnership Program (3GPP) standards and is backward compatible with prior 3GPP Technical Specifications (TS):
Table 3-3 Third Generation Partnership Program (3GPP) Standards Supported by Cisco GGSN Release 10.0
|
|
|
|
29.060 |
GTP across Gn and Gp |
7 |
8.1.0 |
29.061 |
Interworking with PDN |
7 |
7.5.0 |
32.015 |
Charging |
99 |
3.12.0 |
32.215 |
Charging |
5 |
5.9.0 |
32.251 |
Charging |
7 |
7.5.1 |
Note Cisco GGSN Release 10.0 provides limited support on some sections of the TSs listed above.
The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:
•Ga interface—SMG#28 R99
•Gn interface—SMG#31 R98
MIBS
Platform-Related MIBs
•BGP4-MIB
•CISCO-AAA-SERVER-MIB
•CISCO-BULK-FILE-MIB
•CISCO-CDP-MIB
•CISCO-CLASS-BASED-QOS-MIB
•CISCO-CONFIG-COPY-MIB
•CISCO-CONFIG-MAN-MIB
•CISCO-ENTITY-ASSET-MIB
•CISCO-ENTITY-FRU-CONTROL-MIB
•CISCO-FLASH-MIB
•CISCO-FTP-CLIENT-MIB
•CISCO-HSRP-EXT-MIB
•CISCO-HSRP-MIB
•CISCO-IMAGE-MIB
•CISCO-IP-LOCAL-POOL-MIB
•CISCO-IP-STAT-MIB
•CISCO-MEMORY-POOL-MIB
•CISCO-NBAR-PROTOCOL-DISCOVERY-MIB
•CISCO-PING-MIB
•CISCO-PROCESS-MIB
•CISCO-PRODUCTS-MIB
•CISCO-QUEUE-MIB
•CISCO-RTTMON-MIB
•CISCO-STACK-MIB
•CISCO-SYSLOG-MIB
•CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB
•CISCO-VPDN-MGMT-EXT-MIB
•CISCO-VPDN-MGMT-MIB
•ENTITY-MIB
•ETHERLIKE-MIB
•EVENT-MIB
•EXPRESSION-MIB
•IF-MIB
•NOTIFICATION-LOG-MIB
•RMON-MIB
•RSVP-MIB
•SNMP-FRAMEWORK-MIB
•SNMP-NOTIFICATION-MIB
•SNMP-TARGET-MIB
•TCP-MIB
•UDP-MIB
Application-Related MIBs
•CISCO-GGSN-EXT-MIB
•CISCO-GGSN-GEO-MIB
•CISCO-GGSN-MIB
•CISCO-GGSN-QOS-MIB
•CISCO-GGSN-SERVICE-AWARE-MIB
•CISCO-GPRS-ACC-PT-MIB
•CISCO-GPRS-CHARGING-MIB
•CISCO-GTP-MIB
•CISCO-IP-LOCAL-POOL-MIB
•CISCO-ISCSI-MIB
For information about MIBs, see:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
RFCs
•RFC 1518, An Architecture for IP Address Allocation with CIDR
•RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy
•RFC 1661, The Point-to-Point Protocol (PPP)
•RFC 2461, Neighbor Discovery for IP Version 6 (IPv6)
•RFC 2462, IPv6 Stateless Address Autoconfiguration
•RFC 2475, An Architecture for Differentiated Services
•RFC 3162, RADIUS and IPv6
•RFC 3588, Diameter Base Protocol
•RFC 3720, Internet Small Computer Systems Interface (iSCSI)
•RFC 4006 Diameter Credit-Control Application
Technical Assistance
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
http://www.cisco.com/techsupport