Support for Common access-type in twan-profile for EoGRE-PMIP Calls

Feature Summary and Revision History

Summary Data

Applicable Product(s) or Functional Area

SaMOG

Applicable Platform(s)

Cisco ASR 5500

Default Setting

Disabled - Configuration Required

Related Changes in This Release

Not Applicable

Related Documentation

  • SaMOG Administration Guide

Revision History

Revision Details

Release

First introduced.

21.21

Feature Description

SaMOG supports the common access-type, eogre-pmip , in a twan-profile to handle both PMIP and EoGRE calls. Because of this common access-type the RADIUS client is mapped with two different access types by defining in one twan-profile. SaMOG allows same RADIUS Client IP to be used for PMIP and EoGRE calls.

How it Works

This section describes how common access types work in the following scenarios:

  • Attach Call flow with PMIP Access-Type

  • Attach Call Flow with EoGRE Access-Type

  • EoGRE to PMIP Handover

  • PMIP to EoGRE Handover

Attach Call Flow with PMIP Access-Type

Attaching call flows with Proxy Mobile IP (PMIP) and Ethernet over GRE (EoGRE) are performed simultaneously in SaMOG. The access-type is set up after receiving Proxy Binding Update (PBU) or DHCP request from Wireless LAN Controller (WLC). The call flows explain the twan-profile that is configured with new access-type eogre-pmip.

Figure 1. Call Flow
Table 1. Procedure

Step

Description

1

The UE initiates an initial attach procedure towards the WLC. The WLC forms an Access-Request message with the EAP-Identity payload, User-Name and Acct-Session-Id, and sends the same to SaMOG.

2

SaMOG forms a Radius Access-Request or Diameter DER message towards the AAA server using the attributes received from the WLC.

3

The AAA server performs an Extensible Authentication Protocol (EAP) authentication and sends the Access-Challenge or DEA to SaMOG with the EAP payload

4

SaMOG copies the EAP payload to the Access-Challenge towards WLC. The WLC sends an EAP request towards UE.

5

The UE sends an EAP response. The WLC sends the Access-Request to SaMOG with the EAP payload received from the UE.

6

SaMOG sends the Access-Request or DER to the AAA server with the EAP payload.

7

The AAA server fetches the subscriber profile from HLR/HSS and validates the EAP Challenge response sent from the UE. The Access-Accept/DEA is sent to SaMOG with the user profile and EAP Success payload. SaMOG saves the user profile information. After UE authentication, SaMOG installs the NPU flows related to EoGRE and sets the access-type to eogre-pmip.

8

SaMOG performs DNS procedures towards the DNS server to get the P-GW/GGSN IP address.

9

SaMOG delays sending the Access-Accept to the WLC and initiates S2a/Gn procedures towards P-GW/GGSN, by including the IMEIs V IE with the UE MAC value received as Calling-Station-ID AVP in the Access-Request, if sending of IE is enabled through configuration.

10

SaMOG sends Access-Accept to the WLC with EAP-Success payload after completion of S2a or Gn procedures. The WLC sends EAP-Success to the UE.

11

The UE sends DHCP discover (broadcast) request to the WLC. The WLC acts as a DHCP server and initiates PMIPv6 PBU towards SaMOG for L3 Attachment by including the NAI and Service-Selection parameters

12

SaMOG processes the received PMIPv6 PBU and responds back with a PMIPv6 PBA by including the allocated home-address by P-GW/GGSN and the default gateway IP address. SaMOG updates the access-type to PMIP based on the received PBU message

13

The WLC sends a DHCP offer towards the UE with the allocated UEs IP address and the default gateway.

14

The UE sends DHCP request to the WLC for DHCP, by including router options and the allocated UE's IP address for further confirmation. The WLC sends DHCP Ack message to the UE.

If proxy accounting is enabled, SaMOG will proxy accounting messages between the WLC and AAA server.

15

The UE performs ARP request for the default gateway received from SaMOG. The WLC includes the virtual MAC address in the ARP response for the received Default gateway IP address in the ARP.

Attach Call Flow with EoGRE Access-Type

This section explains the initilizaton call flow and procedure of EoGRE calls.

Figure 2. Call Flow
Table 2. Procedure

Step

Description

1

The UE initiates an initial attach procedure towards the Wireless LAN Controller (WLC). The WLC forms an Access-Request message with the EAP-Identity payload, User-Name and Acct-Session-Id, and sends the same to SaMOG.

2

SaMOG forms a Radius Access-Request or Diameter DER message towards the AAA server using the attributes received from the WLC.

3

The AAA server performs an EAP authentication and sends the Access-Challenge or DEA to SaMOG with the EAP payload.

4

SaMOG copies the EAP payload to the Access-Challenge towards WLC. The WLC sends an EAP Request towards UE.

5

The UE sends an EAP response. The WLC sends the Access-Request to SaMOG with the EAP payload received from the UE.

6

SaMOG sends the Access-Request or DER to the AAA server with the EAP payload.

7

The AAA server fetches the subscriber profile from HLR/HSS and validates the EAP Challenge response sent from the UE. The Access-Accept/DEA is sent to SaMOG with the user profile and EAP Success payload. SaMOG saves the user profile information. After UE authentication, SaMOG installs the NPU flows related to EoGRE and sets the access-type to eogre-pmip .

8

SaMOG performs DNS procedures towards the DNS server to get the P-GW/GGSN IP address.

9

SaMOG delays sending the Access-Accept to the WLC and initiates S2a/Gn procedures towards P-GW/GGSN, by including the IMEIs V IE with the UE MAC value received as Calling-Station-ID AVP in the Access-Request, if sending of IE is enabled through configuration.

10

SaMOG sends Access-Accept to the WLC with EAP-Success payload after completion of S2a/Gn procedures. The WLC sends EAP-Success to the UE.

11

The UE sends DHCP discover (broadcast) request to the WLC. The WLC acts as a DHCP server and initiates DHCP discover over EoGRE tunnel towards SaMOG for L3 Attachment.

12

SaMOG processes the received PMIPv6 PBU and responds back with a PMIPv6 PBA by including the allocated home-address by P-GW/GGSN and the default gateway IP address. SaMOG updates the access-type to EoGRE based on the received DHCP Discover message.

13

The WLC sends a DHCP offer towards the UE with the allocated UE's IP address and the default gateway. The UE sends DHCP request to the WLC for DHCP, by including router options and the allocated UE's IP address for further confirmation. The WLC acts as a DHCP server and initiates a DHCP Request over the EoGRE tunnel towards SaMOG.

14

SaMOG processes the received DHCP Request over the EoGRE tunnel and respond back with a DHCP Ack over the EoGRE tunnel by including the DNS Parameters in the router options. The WLC sends a DHCP Acknowledgement towards the UE.

If proxy accounting is enabled, SaMOG will proxy accounting messages between the WLC and AAA server.

15

The UE performs an ARP request for the default gateway received from SaMOG. The WLC sends the ARP request packets over the EoGRE tunnel and SaMOG responds back with an ARP Response over the EoGRE tunnel by including the virtual MAC address of the default gateway.

EoGRE to PMIP Handover

This section explains the handover call flow and procedure of EoGRE to PMIP calls.

Figure 3. Call Flow
Table 3. Procedure

Step

Description

1

UE is attached to the network as described in the PMIP call flow.

2

The WLC forms an Access-Request message with the EAP-Identity payload, User-Name and Acct-Session-Id, and sends the same to SaMOG.

3

SaMOG treats the call as a handoff request based on the twan-profile configuration (with access-type as eogre-pmip). The access-type is set to eogre-pmip as this could be an EoGRE to PMIP or an EoGRE to EoGRE case.

4

SaMOG forms a Radius Access-Request or Diameter DER message towards the AAA server using the attributes received from the WLC.

5

The AAA server performs an EAP authentication and sends the Access-Challenge/DEA to SaMOG with the EAP payload.

6

SaMOG copies the EAP payload to the Access-Challenge towards WLC. The WLC sends an EAP Request towards UE.

7

The UE sends an EAP response. The WLC sends the Access-Request to SaMOG with the EAP payload received from the UE.

8

SaMOG sends the Access-Request/DER to the AAA server with the EAP payload.

9

The AAA server fetches the subscriber profile from HLR/HSS and validates the EAP Challenge response sent from the UE. The Access-Accept/DEA is sent to SaMOG with the user profile and EAP Success payload. SaMOG saves the user profile information.

10

SaMOG sends Access-Accept to the WLC with EAP-Success payload after completion of authentication procedures. The WLC sends EAP-Success to the UE.

11

The UE sends DHCP discover (broadcast) request to the WLC. The WLC acts as a DHCP server and initiates PMIPv6 PBU towards SaMOG for L3 Attachment by including the NAI and Service-Selection parameters.

12

SaMOG will process the received PMIPv6 PBU and responds back with a PMIPv6 PBA by including the allocated home-address by P-GW/GGSN and the default gateway IP address.

SaMOG updates the access-type to PMIP based on the received PBU message.

13

 The WLC sends a DHCP offer towards the UE with the allocated UEs IP address and the default gateway. The UE sends DHCP request to the WLC for DHCP, by including router options and the allocated UE's IP address for further confirmation. The WLC sends DHCP Ack message to the UE.

14

If proxy accounting is enabled, SaMOG will proxy accounting messages between the WLC and AAA server.

PMIP to EoGRE Handover

This section explains the handover call flow and procedure of Proxy Mobile IP (PMIP) to Ethernet over GRE (EoGRE) calls.

Figure 4. Call Flow
Table 4. Procedure

Step

Description

1

UE is attached to the network as described in the PMIP call flow.

2

The UE initiates an initial attach procedure towards the Wireless LAN Controller (WLC). The WLC forms an Access-Request message with the EAP-Identity payload , User-Name and Acct-Session-Id , and sends the same to SaMOG.

3

SaMOG treats the call as a handoff request based on the twan-profile configuration (with access-type as eogre-pmip). The access-type is set to eogre-pmip as this could be a PMIP to PMIP or a PMIP to EoGRE case.

4

SaMOG forms a Radius Access-Request or Diameter DER message towards the AAA server using the attributes received from the WLC.

5

The AAA server performs an Extensible Authentication Protocol (EAP) authentication and sends the Access-Challenge/DEA to SaMOG with the EAP payload.

6

SaMOG copies the EAP payload to the Access-Challenge towards WLC. The WLC sends an EAP Request towards the UE.

7

The UE sends an EAP response. The WLC sends the Access-Request to SaMOG with the EAP payload received from the UE.

8

SaMOG sends the Access-Request/DER to the AAA server with the EAP payload.

9

The AAA server fetches the subscriber profile from HLR/HSS and validates the EAP Challenge response sent from the UE. The Access-Accept/DEA is sent to SaMOG with the user profile and EAP Success payload. SaMOG saves the user profile information.

10

SaMOG sends Access-Accept to the WLC with EAP-Success payload after completion of S2a/Gn procedures. The WLC sends EAP-Success to the UE.

11

The UE sends DHCP discover (broadcast) request to the WLC. The WLC acts as a DHCP server and initiates DHCP discover over EoGRE tunnel towards SaMOG for L3 Attachment.

12

SaMOG will process the received DHCP discover over EoGRE tunnel and responds back with a DHCP Offer over the EoGRE tunnel by including the allocated home-address by P-GW/GGSN and the default gateway IP address.

SaMOG updates the access-type to EoGRE based on the received DHCP Discover message.

13

 The WLC sends a DHCP offer towards the UE with the allocated UE's IP address and the default gateway. The UE sends DHCP request to the WLC for DHCP, by including router options and the allocated UE's IP address for further confirmation. The WLC acts as a DHCP server and initiates a DHCP Request over the EoGRE tunnel towards SaMOG.

14

SaMOG processes the received DHCP Request over the EoGRE tunnel and respond back with a DHCP Ack over the EoGRE tunnel by including the DNS Parameters in the router options. The WLC sends a DHCP Ack towards the UE.

If proxy accounting is enabled, SaMOG will proxy the accounting messages between the WLC and the AAA server.

Configuring Eogre-PMIP access-type in twan-profile

Use the following configuration to configure eogre-pmip access type. The eogre-pmip access type is configured only with radius trigger type. 

configure 
   context context_name 
      twan-profile profile_name 
         access-type eogre-pmip 
            end

Notes:

  • access-type eogre-pmip : Enables EoGRE or PMIP Access type for all clients under profile.


    Note
    The eogre-pmip cannot be configured in combination with other access-types like EoGRE, PMIP and IP.

Limitations

The Common access-type in twan-profile feature has the following limitations:

  • Supports only Access-Types (EoGRE/PMIPv6). IP Access-Type is not supported.

  • Supports only Radius Access-Request trigger type. DHCP, PMIP, and Accounting-based trigger types are not supported.

  • Support is limited to GTPv2 based s2a interface.

  • Because IP Access-Type is not supported, Handover (HO) scenarios from/to IP Access-Type to/from EoGRE/PMIP access-types are not supported.

  • The new access-type eogre-pmip is applicable only for radius Access-Request trigger type.

  • The new access-type eogre-pmip cannot be configured with other access-types (EoGRE, PMIP, IP) in other twan-profiles.

Monitoring and Troubleshooting

Show commands and Outputs

Show twan-profile

The following details are displayed to the output of the show twan-profile { all | name profile_name } command in support of this feature: 

TWAN Profile Name         : twan1 
    Access-Type Client List 
        Default Access Type                 : EOGRE-PMIP  
        Default Radius Dictionary           : custom 70  
        Session Trigger Type                : Radius 
       Location reported from DHCP Option 82 : Not Enabled
Table 5. show twan-profile Command Output Descriptions

Field

Description

TWAN Profile Name

Name of the TWAN profile

Access-Type Client List

Default Access Type

Default access type set for the TWAN profile. Access type for the TWAN profile for RADIUS-based session trigger is Eogre-PMIP.

If access-type is not configured, then default value would be PMIP. When configured, the appropriate access-type is displayed in this field.

Default Radius Dictionary

Default RADIUS dictionary used for the TWAN profile.

The default RADIUS dictionary can be one of the following:

  • custom70 for non-Cisco WLC

Session Trigger Type

The session trigger type set for the TWAN profile.

Session Trigger type must be only Radius.

Location reported from DHCP Option 82

Shows whether the Location reported from DHCP Option 82 is enabled or disabled.