|
Step 1
|
configure
|
|
|
Step 2
|
ipv6
mobile pmipv6-lma
lma-identifier
domain
domain-name
RP/0/RSP0/CPU0:router(config)# ipv6 mobile pmipv6-lma lma1 domain cisco.com
|
Enables the
LMA service on the router, configures the PMIPv6 domain for the LMA, and enters
LMA configuration mode.
|
|
Step 3
|
hnp
maximum
number
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# hnp maximum 2
|
Configures the
maximum number of home network prefixes (HNP) that a mobile node can posses.
|
|
Step 4
|
heartbeat
interval
interval-value
retries
retries-value
timeout
timeout-value
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# heartbeat interval 100 retries 5 timeout 10
|
Configures
global LMA heartbeat options.
interval-value specifies the interval between two heartbeat
messages in seconds.
retries-value specifies the number of retries (in the
absence of reply from the peer) before the path to the peer is declared as
down.
timeout-value specifies the timeout value to wait for a
response from the peer after which the request is declared as timed out.
|
|
Step 5
|
bce
maximum
number
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bce maximum 2500
|
Configures the
maximum number of binding cache entries (BCEs) or bindings that the LMA can
support.
|
|
Step 6
|
bce
lifetime
seconds
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bce lifetime 2500
|
Configures the
permitted lifetime of a binding in seconds. The granted lifetime is minimum of
this configured value and the value received from the MAG in the PBU packet.
|
|
Step 7
|
bce
delete-wait-time
milliseconds
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bce delete-wait-time 100
|
Configures the
time in milliseconds that LMA must wait before it deletes a BCE of a MN, upon
receiving a PBU message from a MAG with a lifetime value of 0.
|
|
Step 8
|
replay-protection timestamp window
seconds
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# replay-protection timestamp window 18
|
Configures the
time window between the LMA’s running clock and the timestamp value received in
the PBU from the MAG that the LMA can tolerate for the binding request to be
accepted. If the calculated window is larger than this configured value, then
the PBU is rejected with status code 156.
|
|
Step 9
|
bri delay
{ min | max }
milliseconds
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bri delay min 500
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bri delay max 2500
|
Configures the
minimum and maximum time in milliseconds for which an LMA should wait before
transmitting the Binding Revocation Indication (BRI) message to a MAG.
|
|
Step 10
|
bri
retries
count
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# bri retries 5
|
Configures the
maximum number of times an LMA should retransmit a BRI message until a Binding
Revocation Acknowledgment (BRA) is received from the MAG.
|
|
Step 11
|
dynamic
mag learning
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# dynamic mag learning
|
Enables an LMA
to accept Proxy Mobile IPv6 (PMIPv6) signaling messages from any Mobile Access
Gateway (MAG) that is not locally configured.
|
|
Step 12
|
aaa
accounting [ interim
interim-interval
]
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# aaa accounting interim 2
|
Enables LMA
accounting. If the
interim
interim-interval option is specified, Interim-Update records
are sent to the RADIUS security server at the configured
interim-interval specified in minutes. Otherwise, only Start
and Stop records are sent to the RADIUS security server.
There are two
types of accounting sessions, one for Mobile Nodes and one for tunnels.
Interim-Update records are enabled only for tunnel accounting and not for
Mobile Node accounting. For information about AAA/RADIUS configuration for
accounting, see the
Authentication, Authorization, and Accounting Commands
chapter in Cisco ASR 9000 Series Aggregation Services Router System Security
Command Reference.
|
|
Step 13
|
dscp
control-plane
dscp-value
[
force ]
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# dscp control-plane 45
|
Configures the
value of Differentiated Services Code Point (DSCP) in the outgoing PMIPv6
control plane messages. The outgoing packets include locally generated packets
such as Proxy Binding Revocation Indications (PBRIs), Proxy Binding Revocation
Acknowledgments (PBRAs), Heartbeat Requests, and packets sent in response to
packets received from MAG such as Proxy Binding Acknowledgments (PBAs), PBRIs,
PBRAs, and Heartbeat Responses.
If
dscp-value is not specified, then the DSCP received in a
request is used in the outgoing response packet. DSCP is not set in the other
outgoing packets.
If
dscp-value is specified without the
force
option:
-
The
configured DSCP value is set in locally generated packets.
-
If the
received packet does not have DSCP marking, the configured value is set in the
outgoing packet.
-
If the
received packet has DSCP marking that matches the configured value, then the
DSCP received is set in the outgoing response packet.
-
If the
received packet has DSCP marking that does not match the configured value, then
the DSCP received is used in the outgoing response packet.
If
dscp-value is specified with the
force
option, then the configured DSCP value is set in all outgoing packets.
|
|
Step 14
|
mobility-service mobile-local-loop
RP/0/RSP0/CPU0:router(config-pmipv6-lma)# mobility-service mobile-local-loop
|
Configures
Mobile Loop Local (MLL) service on the LMA and enters the service configuration
mode.
|
|
Step 15
|
customer
customer-name
vrf
vrf-name
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll)# customer CUST1 vrf VRF1
|
Configures the
name and the VRF of a customer. The command enters the customer configuration
mode where other parameters of the customer are configured. Use the
no form of
this command to remove an existing customer. There can be many customers,
however no two customers can be configured with the same VRF.
|
|
Step 16
|
auth-option
spi
hex-value
key
ascii
value
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust)# auth-option spi 87E key ascii KEY1
|
Configures
customer-specific authentication for the LMA within the MLL. The authentication
option includes an SPI value specified in hexadecimal format and a shared
secret key which is specified as an ASCII string. This configuration overrides
the global
auth-option configuration in the PMIPv6 LMA Domain.
|
|
Step 17
|
heartbeat
interval
interval-value
retries
retries-value
timeout
timeout-value
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust)# heartbeat interval 30 retries 10 timeout 10
|
Configures
customer-specific heartbeat options.
interval-value specifies the interval between two heartbeat
messages in seconds.
retries-value specifies the number of retries (in the
absence of reply from the peer) before the path to the peer is declared as
down.
timeout-value specifies the timeout value to wait for a
response from the peer after which the request is declared as timed out. This
configuration overrides the global LMA heartbeat configuration.
|
|
Step 18
|
bce lifetime seconds
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust)# bce lifetime 1500
|
Configures
customer-specific permitted lifetime of binding cache entries (BCEs) in
seconds. This configuration overrides the global LMA BCE configuration.
|
|
Step 19
|
network {
unauthorized | authorized
network-name
}
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust)# network authorized NETW1
|
Configures
customer-specific network.
Use the
unauthorized keyword to configure an unauthorized network.
In this case, no network pools are configured for address assignment. The
address/prefix of the Logical Mobile Node (LMN) on the MAG and the network
prefixes on the Mobile Network interfaces are accepted as received in the Proxy
Binding Update (PBU).
Use the
authorized keyword to configure a named network. In this
case, the address/prefix of the LMN and Mobile Network prefixes are validated
against the configured network pool. The uniqueness of the named network is
ensured.
Use the
no form
of this command to remove an existing network.
|
|
Step 20
|
pool {
mobile-node | mobile-network } { ipv4 | ipv6 } start-address
address
pool-prefix
prefix
[
network-prefix
prefix]
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust-network)# pool mobile-node ipv4 start-address 192.168.0.2 pool-prefix 8
|
Perform this
step only if you have configured a named network in the previous step using the
network authorized command. Configures
the IPv4 or IPv6 address pool(s) from which LMA assigns IP addresses to the
mobile nodes. The pool is characterized by whether it is for Mobile Nodes or
Mobile Networks for the customer, whether it is for IPv4 or IPv6 address
family, the start address of the pool, the pool prefix and the network prefix
of the pool.
|
|
Step 21
|
transport [
vrf
vrf-name ]
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust)# transport vrf TVRF1
|
Configures
customer’s transport options. They include peering or transport VRF and the LMA
IPv4 and/or IPv6 addresses. The addresses are configured in the transport
configuration mode using the
address command.
A customer can
have multiple transports and can have the same addresses in all transports.
However, each customer must have a unique IPv4 and/or a unique IPv6 address.
|
Note
|
If the
transport is in global VRF, then VRF and
vrf-name can be omitted in this command.
|
|
|
Step 22
|
address
{ ipv4 |
ipv6 }
address
RP/0/RSP0/CPU0:router(config-pmipv6-lma-mll-cust-tpt)# address ipv6 2001:DB8::1
|
Configures
customer-specific LMA IPv4 and/or IPv6 addresses. There can only be two
instances of addresses, one for IPv4 and one for IPv6.
|
|
Step 23
|
commit
|
|
Feedback