GGSN and Mobile IP Service in a Single System Configuration Example

This chapter provides information for several configuration examples that can be implemented on the system to support GGSN and Mobile IP data services in a single system.


Important

This chapter does not discuss the configuration of the local context. Information about the local context can be found in System Administration Guide.


Important

When configuring Mobile IP take into account the MIP timing considerations discussed in Mobile-IP and Proxy-MIP Timer Considerations.

Using the System as Both a GGSN/FA and an HA

The system supports both GGSN and Mobile IP functionality. For Mobile IP applications, the system can be configured to perform the function of a Gateway GPRS Support Node/Foreign Agent (GGSNSN/FA) and/or a Home Agent (HA). This example describes what is needed for and how a single system simultaneously supports both of these functions.

In order to support GGSN, FA, and HA functionality, the system must be configured with at least one source context and at least two destination contexts as shown in the following figure.

The source context facilitates the following:

  • GGSN service(s) and Gn interface to the Service GPRS Support Node (SGSN)

  • GPRS Tunneling Protocol Prime (GTPP) configuration and Ga interface to the Charging Gateway Function (CGF)

The destination context facilitates the following:

  • Access Point Name (APN) configuration

  • RADIUS authentication configuration and the interface to the authentication server

  • DHCP configuration and the interface to the DHCP server

  • IP address pools

  • Gi interface to the packet data network (PDN)

The Mobile IP destination context facilitates the following:

  • FA Service(s)

  • HA Service(s)

  • Gi interface to the packet data network (PDN)

  • ICC interface facilitating communication between the FA and HA services.

This configuration supports IP (transparent and non-transparent) and PPP PDP contexts as well as network requested PDP contexts. In addition, Mobile IP and Proxy Mobile IP are supported for IP PDP contexts.
Figure 1. Simple and Mobile IP Support Within a Single System


Information Required

Prior to configuring the system as shown in this example, there is a minimum amount of information required. The following sections describe the required information to configure the source and destination contexts.

Source Context Configuration

The following table lists the information that is required to configure the source context.

Table 1. Required Information for Source Context Configuration
Required Information Description
Source context name

An identification string from 1 to 79 characters (alpha and/or numeric) by which the source context will be recognized by the system.

Gn Interface Configuration
Gn interface name

An identification string between 1 and 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

IP address and subnet These will be assigned to the Gn interface.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Physical port number

The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description

An identification string from 1 to 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions are needed if multiple ports will be used.

Physical ports are configured within the source context and are used to bind logical Gn interfaces.

Gateway IP address Used when configuring static routes from the Gn interface(s) to a specific network.
GGSN service Configuration
GGSN service name

An identification string from 1 to 63 characters (alpha and/or numeric) by which the GGSN service will be recognized by the system.

Multiple names are needed if multiple GGSN services will be used.

Accounting context

The name of the context configured on the system in which the processing of GTPP accounting records is performed.

The context name is an identification string from 1 to 79 characters (alpha and/or numeric).

By default, the system attempts to use the same context as the one in which the GGSN service is configured.

UDP port number for GTPC traffic The port used by the GGSN service and the SGSN for communicating GTPC sockets for GTPv1. The UDP port number and can be any integer value from 1 to 65535. The default value is 2123.
Public Land Mobile Network (PLMN) Identifiers Mobile Country Code (MCC): The MCC can be configured to any integer value from 0 to 999.
Mobile Network Code (MNC): The MNC can be configured to any integer value from 0 to 999.
SGSN information (optional) The GGSN can be configured with information about the SGSN(s) that it is to communicate with. This includes the SGSN's IP address and subnet mask and whether or not the SGSN is on a foreign PLMN.

Multiple SGSNs can be configured.

GGSN charging characteristics (CC) (optional)

Behavior Bits: If charging characteristics will be configured on the GGSN, behavior bits for the following conditions can be configured:

  • GGSN use of the accounting server specified by the profile index
  • GGSN rejection of Create PDP Context Request messages
  • GGSN ceases sending accounting records

Each value must be a unique bit from 1 to 12 to represent the 12 possible behavior bits allowed for in the standards. The default configuration is disabled (0).

Profile Index: If the GGSN's charging characteristics will be used for subscriber PDP contexts, profile indexes can be modified/configured for one or more of the following conditions:
  • The number of statistics container changes is met or exceeded causing an accounting record to be closed. The number can be configured from 1 to 15. The default is 4.
  • The up and/or downlink traffic volume limits are met or exceeded within a specific time interval causing a partial record to be generated. The up and downlink volumes can be configured from 0 to 1000000 octets. The interval can be configured from 60 to 40000000 seconds.
  • The up and/or downlink traffic volume limits are met or exceeded causing an accounting record to be closed. The up and downlink volumes can be configured from 100000 to 4000000000 octets.
  • The number of SGSN switchovers is met or exceeded causing an accounting record to be closed. The number can be configured from 1 to 15. The default is 4.
  • Specific tariff times within a day are reached causing an accounting record to be closed. Up to four times can be configured using the hour of the day (1-24) and the minute (1-60).
  • Prepaid accounting can be disabled for a specified profile index.

The system supports the configuration of up to 16 profile indexes numbered 0 through 15

PLMN policy The GGSN can be configured treat communications from unconfigured SGSNs in one of the following ways:
  • Treat the SGSN as if it is on a foreign PLMN
  • Treat the SGSN as if it is on a home PLMN
  • Reject communications from unconfigured SGSNs (default)
Ga Interface Configuration
Ga interface name An identification string from 1 to 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

IP address and subnet These will be assigned to the Ga interface.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description An identification string between 1 and 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions are needed if multiple ports will be used.

Physical ports are configured within the source context and are used to bind logical Ga interfaces.

Gateway IP address Used when configuring static routes from the Ga interface(s) to a specific network.
GTPP Configuration
Charging gateway address The IP address of the system's GGSN interface.
CGF server information IP address: The IP address of the CGF server to which the GGSN will send accounting information.

Multiple CGFs can be configured.

Priority: If more than on CGF is configured, this is the server's priority. It is used to determine the rotation order of the CGFs when sending accounting information.

The priority can be configured to any integer value from 1 to 1000. The default is 1.

Maximum number of messages: The maximum number of outstanding or unacknowledged GTPP messages allowed for the CGF.

The maximum number can be configured to any integer value from 1 to 256. The default is 256.

GCDR optional fields The following optional fields can be specified/configured in CDRs generated by the GGSN:
  • diagnostics
  • duration-ms (the time specified in the mandatory Duration field is reported in milliseconds)
  • local-record-sequence-number
  • plmn-id
Network Requested PDP Context Support Configuration (optional)
Activation Requirements IP address: The static IP address of the mobile station's for which network-requested PDP context activation will be supported.

Up to 1000 addresses can be configured.

Destination context name: The name of the destination context configured on the system that contains the IP address pool containing the mobile station's static address.
International Mobile Subscriber Identity (IMSI): The IMSI of the mobile station.
APN: The name of the access point that will be passed to the SGSN by the GGSN for the mobile station.
GSN-map node Communications with the HLR from the GGSN go through a GSN-map node that performs the protocol conversion from GTPC to SS7.

The IP address of the map node must be configured. Only one GSN-map node can be configured per source context.

Destination Context Configuration

The following table lists the information that is required to configure the destination context.

Table 2. Required Information for Destination Context Configuration
Required Information Description
Destination context name An identification string from 1 to 79 characters (alpha and/or numeric) by which the destination context will be recognized by the system.
Important 
For this configuration, the destination context name should not match the domain name of a specific APN.
APN Configuration
APN name An identification string by which the APN will be recognized by the system. The name can be from 1 to 62 alpha and/or numeric characters and is not case sensitive. It may also contain dots ( . ) and/or dashes ( - ).

Multiple names are needed if multiple APNs will be used.

Accounting mode Selects the accounting protocol. GTPP or RADIUS are supported. In addition, accounting can be completely disabled. The default is to perform accounting using GTPP.
Important 
The examples discussed in this chapter assumes GTPP is used.
Authentication protocols used Specifies how the system handles authentication: using a protocol (such as CHAP, PAP, or MSCHAP), or not requiring any authentication.
APN charging characteristics (CC) (optional) Specifies whether or not the GGSN accepts the CC from the SGSN for home, visiting, and roaming subscribers.

By default the GGSN accepts the CC from the SGSN for all three scenarios.

If the GGSN is to use its own CC for any of these scenarios, then each scenario requires the specification of behavior bits and a profile index to use.

Important 
The profile index parameters are configured as part of the GGSN service.
Domain Name Service (DNS) information (optional) If DNS will be used for the APN, IP addresses can be configured for primary and secondary DNS servers.
IP address allocation method Specifies how sessions facilitated by this APN will receive an IP address. IP addresses can be assigned using one of the following methods:
  • Dynamic: Address can be dynamically assigned from one of the sources:
    • Dynamic Host Control Protocol (DHCP) server: The system can be configured to act as a DHCP proxy and receive address from the server in advance and assign them as needed or it can relay DHCP messages from the MS.
    • Local address pools The system can be configured with local address pools.
  • Static: MS IP addresses can be permanently assigned.

By default, the system is configured to either dynamically assign addresses from a local pool and/or allow static addresses.

IP address pool name If addresses will be dynamically assigned from a locally configured private pool, the name of the pool must be configured. If no name is configured, the system will automatically use any configured public pool.
IP destination context name The name of the system destination context to use for subscribers accessing the APN. When supporting Mobile IP, this is the name of the context containing the FA service configuration. If no name is specified, the system automatically uses the system context in which the APN is configured.
Maximum number of PDP contexts The maximum number of PDP contexts that are supported for the APN.The maximum number can be configured to any integer value from 1 to 1000000. The default is 1000000.
PDP type The maximum number of PDP contexts that are supported for the APN.

The maximum number can be configured to any integer value from 1 to 1500000. The default is 1000000.

Verification selection mode The level of verification that will be used to ensure a MS's subscription to use the APN. The GGSN uses any of the following methods:
  • No verification and MS supplies APN
  • No verification and SGSN supplies APN
  • Verified by SGSN (default)
Mobile IP Configuration Home Agent IP Address: The IP address of an HA with which the system will tunnel subscriber Mobile IP sessions.

Configuring this information tunnels all subscriber Mobile IP PDP contexts facilitated by the APN to the same HA unless an individual subscriber profile provides an alternate HA address.

Parameters stored in individual profiles supersede parameters provided by the APN.

Mobile IP Requirement: The APN can be configured to require Mobile IP for all sessions it facilitates. Incoming PDP contexts that do/can not use Mobile IP are dropped.
DHCP Interface Configuration (optional)
DHCP interface name An identification string from 1 to 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

IP address and subnet These will be assigned to the DHCP interface and be bound to the DHCP service.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Gateway IP address Used when configuring static routes from the DHCP interface(s) to a specific network.
Physical port number The physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description An identification string from 1 to 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions are needed if multiple ports will be used.

Physical ports are configured within the source context and are used to bind logical DHCP interfaces.

DHCP Service Configuration (optional)
DHCP Service Name This is an identification string between 1 and 63 characters (alpha and/or numeric) by which the DHCP service will be recognized by the system.

Multiple names are needed if multiple GGSN services will be used.

DHCP Server Information The IP address of each DHCP server that the system is to communicate with must be configured

.Multiple servers can be configured. If multiple servers are configured, each can be assigned a priority from 1 to 1000. The default priority is 1.

Lease Duration Specifies the minimum and maximum allowable lease times that are accepted in responses from DHCP servers.
  • Minimum Lease Time: Measured in seconds and can be configured to any integer value from 600 to 3600. The default is 600 seconds.
  • Maximum Lease Time: Measured in seconds and can be configured to any integer value from 10800 to 4294967295. The default is 86400 seconds.
AAA Interface Configuration
AAA interface name This is an identification string from 1 to 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

IP address and subnet These will be assigned to the AAA interface.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Physical port number This specifies the physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description This is an identification string from 1 to 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions are needed if multiple ports will be used.

Physical ports are used to bind logical AAA interfaces.

Gateway IP address Used when configuring static routes from the AAA interface(s) to a specific network.
RADIUS Server Configuration
RADIUS Authentication server IP Address:Specifies the IP address of the RADIUS authentication server the system will communicate with to provide subscriber authentication functions.

Multiple addresses are needed if multiple RADIUS servers will be configured. If multiple servers are configured, each can be assigned a priority.

Shared Secret:The shared secret is a string between 1 and 15 characters (alpha and/or numeric) that specifies the key that is exchanged between the RADIUS authentication server and the source context.

A shared secret is needed for each configured RADIUS server.

UDP Port Number:Specifies the port used by the source context and the RADIUS authentication server for communications. The UDP port number can be any integer value between 1 and 65535. The default value is 1812.
RADIUS Accounting server (optional) IP Address: Specifies the IP address of the RADIUS accounting server that the source context will communicate with to provide subscriber accounting functions.

Multiple addresses are needed if multiple RADIUS servers will be configured.RADIUS accounting servers are configured within the source context.

Multiple servers can be configured and each assigned a priority.

Shared Secret: The shared secret is a string between 1 and 15 characters (alpha and/or numeric) that specifies the key that is exchanged between the RADIUS accounting server and the source context.

A shared secret is needed for each configured RADIUS server.

UDP Port Number:Specifies the port used by the source context and the RADIUS Accounting server for communications. The UDP port number can be any integer value between 1 and 65535. The default value is 1813.
RADIUS attribute NAS Identifier Specifies the name by which the source context will be identified in the Access-Request message(s) it sends to the RADIUS server. The name must be from 1 to 32 alpha and/or numeric characters and is case sensitive.
RADIUS NAS IP address Specifies the IP address of the system's AAA interface. A secondary address can be optionally configured.
Gi Interface Configuration
Gi interface name This is an identification string from 1 to 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

Gi interfaces are configured in the destination context.

IP address and subnet These will be assigned to the Gi interface.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Physical port number This specifies the physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description(s) This is an identification string from 1 to 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions will be needed if multiple ports will be used.

Physical ports are configured within the destination context and are used to bind logical Gi interfaces.

Gateway IP address(es) Used when configuring static routes from the Gi interface(s) to a specific network.
IP Address Pool Configuration
IP address pool name(s) his is an identification string from 1 to 31 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions will be needed if multiple ports will be used.

Pool addresses, subnet mask and type The pool can consist of either of the following:
  • An entire subnet configured using the initial address and the subnet mask
  • A range of addresses configured using the first and last IP addresses in the range

The pool can be configured as public, private, or static. Public pools can also be assigned a priority.

Mobile IP Destination Context Configuration

The following table lists the information that is required to configure the destination context.

Table 3. Required Information for Mobile IP Destination Context Configuration
Required Information Description
Mobile IP Destination context name This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the Mobile IP destination context will be recognized by the system.
Important 
For this configuration, the destination context name should not match the domain name of a specific domain. It should, however, match the name of the context in which the HA service is configured if a separate system is used to provide HA functionality.
ICC Interface Configuration
ICC interface name The intra-context communication (ICC) interface is configured to allow FA and HA services configured within the same context to communicate with each other.

The ICC interface name is an identification string between 1 and 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

ICC interface(s) are configured in the same destination context as the FA and HA services.

IP address and subnet These will be assigned to the ICC interface(s).

Multiple addresses (at least one per service) on the same subnet will be needed to assign to the same ICC interface.

Physical port number This specifies the physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions are needed if multiple ports will be used.

Physical ports are configured within the destination context and are used to bind logical ICC interfaces.

Gi Interface Configuration
Gi interface name This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the interface will be recognized by the system.

Multiple names are needed if multiple interfaces will be configured.

Gi interfaces are configured in the destination context.

IP address and subnet These will be assigned to the Gi interface.

Multiple addresses and/or subnets are needed if multiple interfaces will be configured.

Physical port number This specifies the physical port to which the interface will be bound. Ports are identified by the chassis slot number where the line card resides in, followed by the number of the physical connector on the line card. For example, port 17/1 identifies connector number 1 on the card in slot 17.

A single physical port can facilitate multiple interfaces.

Physical port description(s) This is an identification string between 1 and 79 characters (alpha and/or numeric) by which the physical port will be recognized by the system.

Multiple descriptions will be needed if multiple ports will be used.

Physical ports are configured within the destination context and are used to bind logical Gi interfaces.

Gateway IP address(es) Used when configuring static routes from the Gi interface(s) to a specific network.
IP Address Pool Configuration (optional)
IP address pool name(s) If IP address pools will be configured in the destination context(s), names or identifiers will be needed for them. The pool name can be between 1 and 31 alpha and/or numeric characters and is case sensitive.
IP pool addresses An initial address and a subnet, or a starting address and an ending address, are required for each configured pool. The pool will then consist of every possible address within the subnet, or all addresses from the starting address to the ending address.

The pool can be configured as public, private, or static.

FA Service Configuration
FA service name This is an identification string between 1 and 63 characters (alpha and/or numeric) by which the FA service will be recognized by the system

.Multiple names are needed if multiple FA services will be used.

FA services are configured in the destination context.

UDP port number for Mobile IP traffic Specifies the port used by the FA service and the HA for communications. The UDP port number can be any integer value between 1 and 65535. The default value is 434.
Security Parameter Index (indices) Information HA IP address: Specifies the IP address of the HAs with which the FA service communicates. The FA service allows the creation of a security profile that can be associated with a particular HA.
Index: Specifies the shared SPI between the FA service and a particular HA. The SPI can be configured to any integer value between 256 and 4294967295.Multiple SPIs can be configured if the FA service is to communicate with multiple HAs.
Secrets: Specifies the shared SPI secret between the FA service and the HA. The secret can be between 1 and 127 characters (alpha and/or numeric).An SPI secret is required for each SPI configured.
Hash-algorithm: Specifies the algorithm used to hash the SPI and SPI secret. The possible algorithms that can be configured are MD5 per RFC 1321 and keyed-MD5 per RFC 2002. The default is hmac-md5.A hash-algorithm is required for each SPI configured.
FA agent advertisement lifetime Specifies the time (in seconds) that an FA agent advertisement remains valid in the absence of further advertisements.

The time can be configured to any integer value between 1 and 65535. The default is 9000.

Number of allowable unanswered FA advertisements Specifies the number of unanswered agent advertisements that the FA service will allow during call setup before it will reject the session.

The number can be any integer value between 1 and 65535. The default is 5.

Maximum mobile-requested registration lifetime allowed Specifies the longest registration lifetime that the FA service will allow in any Registration Request message from the mobile node.

The lifetime is expressed in seconds and can be configured between 1 and 65534. An infinite registration lifetime can be configured by disabling the timer. The default is 600 seconds.

Registration reply timeout Specifies the amount of time that the FA service will wait for a Registration Reply from an HA.

The time is measured in seconds and can be configured to any integer value between 1 and 65535. The default is 7.

Number of simultaneous registrations Specifies the number of simultaneous Mobile IP sessions that will be supported for a single subscriber.

The maximum number of sessions is 3. The default is 1.

Important 
The system will only support multiple Mobile IP sessions per subscriber if the subscriber's mobile node has a static IP address.
Mobile node re-registration requirements Specifies how the system should handle authentication for mobile node re-registrations.

The FA service can be configured to always require authentication or not. If not, the initial registration and de-registration will still be handled normally.

HA service Configuration
HA service name This is an identification string between 1 and 63 characters (alpha and/or numeric) by which the HA service will be recognized by the system.

Multiple names are needed if multiple HA services will be used.

HA services are configured in the destination context.

UDP port number for Mobile IP traffic Specifies the port used by the HA service and the FA for communications. The UDP port number can be any integer value between 1 and 65535. The default value is 434.
Mobile node re-registration requirements Specifies how the system should handle authentication for mobile node re-registrations.The HA service can be configured as follows:
  • Always require authentication
  • Never require authentication
    Important 
    The initial registration and de-registration will still be handled normally)
  • Never look for mn-aaa extension
  • Not require authentication but will authenticate if mn-aaa extension present.
FA-to-HA Security Parameter Index Information FA IP address: The HA service allows the creation of a security profile that can be associated with a particular FA.

This specifies the IP address of the FA that the HA service will be communicating with.

Multiple FA addresses are needed if the HA will be communicating with multiple FAs.

Index: Specifies the shared SPI between the HA service and a particular FA. The SPI can be configured to any integer value between 256 and 4294967295.

Multiple SPIs can be configured if the HA service is to communicate with multiple FAs.

Secret: Specifies the shared SPI secret between the HA service and the FA. The secret can be between 1 and 127 characters (alpha and/or numeric).

An SPI secret is required for each SPI configured.

Hash-algorithm: Specifies the algorithm used to hash the SPI and SPI secret. The possible algorithms that can be configured are MD5 per RFC 1321 and keyed-MD5 per RFC 2002. The default algorithm is hmac-md5.

A hash-algorithm is required for each SPI configured.

Mobile Node Security Parameter Index Information Index: Specifies the shared SPI between the HA service and a particular FA. The SPI can be configured to any integer value between 256 and 4294967295.

Multiple SPIs can be configured if the HA service is to communicate with multiple FAs.

Secret: Specifies the shared SPI secret between the HA service and the FA. The secret can be between 1 and 127 characters (alpha and/or numeric).

An SPI secret is required for each SPI configured.

Hash-algorithm: Specifies the algorithm used to hash the SPI and SPI secret. The possible algorithms that can be configured are MD5 per RFC 1321 and keyed-MD5 per RFC 2002. The default algorithm is hmac-md5.

A hash-algorithm is required for each SPI configured.

Replay-protection process: Specifies how protection against replay-attacks is implemented. The possible processes are nonce and timestamp. The default is timestamp with a tolerance of 60 seconds.

A replay-protection process is required for each mobile node-to-HA SPI configured.

Maximum registration lifetime Specifies the longest registration lifetime that the HA service will allow in any Registration Request message from the mobile node.

The time is measured in seconds and can be configured to any integer value between 1 and 65535. An infinite registration lifetime can also be configured by disabling the timer. The default is 600.

Maximum number of simultaneous bindings Specifies the maximum number of "care-of" addresses that can simultaneously be bound for the same user as identified by NAI and Home address.

The number can be configured to any integer value between 1 and 5. The default is 3.

Default Subscriber Configuration
"Default" subscriber's IP context name Specifies the name of the egress context on the system that facilitates the Gi interfaces.
Important 
For this configuration, the IP context name should be identical to the name of the destination context.

How This Configuration Works

This system configuration supports typical GGSN and Mobile IP functionality.

System operation for typical GGSN functionality behaves as described in GGSN Configuration Example chapter of this guide for each of the various call types. This section focusses on how this system configuration functions to process a Mobile IP session. The following figure and the text that follows describe how this configuration works to process calls

Figure 2. Call Processing When Using the System as a GGSN, FA, and HA


  1. A Create PDP Context Request message for a subscriber session is sent from the SGSN to the GGSN service over the Gn interface. The message contains information such as the PDP Type, APN, and charging characteristics.
  2. The GGSN determines whether or not it is configured with an APN identical to the one specified in the message. If so, it determines how to process the session based on the configuration of the APN. In this case, it is determined that Mobile IP must be used. From the APM configuration, the system also determines the context in which the FA service is configured.
  3. If subscriber authentication is required, the GGSN authenticates the subscriber by communicating with a RADIUS server over the AAA interface.
  4. The GGSN returns an affirmative Create PDP Context Response to the SGSN over the Gn interface. The home address assigned to the mobile as part of the response is 0.0.0.0 indicating that it will be reset with a Home address after the PDP context activation procedure.
  5. The FA component of the GGSN sends a Agent Advertisement message to the MS. The message contains the FA parameters needed by the mobile such as one or more card-of addresses. The message is sent as an IP limited broadcast message (i.e. destination address 255.255.255.255), however only on the requesting MS's TEID to avoid broadcast over the radio interface.
  6. The MS sends a Mobile IP Registration request to the GGSN/FA. This message includes either the MS's static home address or it can request a temporary address by sending 0.0.0.0 as its home address. Additionally, the request must always include the Network Access Identifier (NAI) in a Mobile-Node-NAI Extension.
  7. The FA forwards the registration request from the MS to the HA while the MS's home address or NAI and TEID are stored by the GGSN. The FA service communicates with the required HA service configured in the same context over the ICC interface. In response the HA sends a registration response to the FA containing the address assigned to the MS.
  8. The FA extracts the home address assigned to the MS by the HA from the response and the GGSN updates the associated PDP context. The FA then forwards it to the MS (identified by either the home address or the NAI and TEID).
  9. The GGSN issues a PDP context modification procedure to the SGSN in order to update the PDP address for the MS.
  10. The MS sends/receives data to/from the packet data network over the GGSN's PDN interface.
  11. Upon termination of the subscriber session, the GGSN sends GGSN charging detail records to the CGF using GTPP over the Ga interface.