GTP-U Service Configuration Mode Commands

The GTP-U Service Configuration Mode is used to manage parameters applied to incoming GTP-U packets.

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Important

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).

bind

Configures the IP address to use for GTP-U data packets.

Product

ePDG

GGSN

P-GW

SAEGW

SaMOG

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

[ no ] bind { ipv4-address ipv4_address [ crypto-template crypto_template ] [ ike-bind-address { ipv4_address } ] [ ipv6-address ipv6_address [ bearer-type { non-ims-media | ims-media | all } ] | ipv6-address ipv6_address [ crypto-template crypto_template ] [ ike-bind-address { ipv6_address } ] [ ipv4-address ipv4_address ] [ bearer-type { non-ims-media | ims-media | all } ] }

no

removes a configured IP address from this service.

ipv4-address ipv4_address

Binds this service to the IPv4 address of a configured interface.

ipv4_address must be entered using IPv4 dotted-decimal notation.

bearer-type non-ims-media | ims-media | all

Specifies the type of bearer to be associated with the bind address. Default behavior is for that the address will be used for all bearer types.

non-ims-media Configures bind address for non-ims media only.

ims-media Configures bind address for ims-media traffic only.

all configures bind address to handle all types of bearer traffic. This is the default setting.

ipv6-address ipv6_address

Binds this service to the IPv6 address of a configured interface.

ipv6_address must be entered using IPv6 colon-separated-hexadecimal notation.

crypto-template crypto_template

Configures crypto template for IPSec, which enables IPSec tunneling for this GTP-U address. Must be followed by the name of an existing crypto template.

crypto_template must be an alphanumeric string of 1 through 127 characters.

ike-bind-address ip_address

Configures an IKE bind address. Must be followed by IPv4 or IPv6 address; IP address type must be the same as the GTP-U address type.

ipv4_address must be entered using IPv4 dotted-decimal notation.

ipv6_address must be entered using IPv6 colon-separated-hexadecimal notation.

bearer-type non-ims-media | ims-media | all

Specifies the type of bearer to be associated with the bind address. Default behavior is for that the address will be used for all bearer types.

non-ims-media configures bind address for non-ims media only.

ims-media configures bind address for ims-media traffic only.

all configures bind address to handle all types of bearer traffic. This is the default setting.

Usage Guidelines

Use this command to bind the service to an interface for sending/receiving GTP-U packets.


Important

If you modify this command, the parent service (service within which the eGTP/GTP-U service is configured) will automatically restart. Service restart results in dropping of active calls associated with the parent service.


Important

A GTP-U service can support a maximum of 12 GTP-U endpoints/interfaces.

Example

The following command configures the IPv4 address for this GTP-U service as 209.165.200.229 :
bind ipv4-address 209.165.200.229

echo-interval

Configures the rate at which GPRS Tunneling Protocol (GTP) v1-U echo packets are sent.

Product

ePDG

GGSN

P-GW

SAEGW

SaMOG

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

echo-interval seconds [ dynamic [ smooth-factor multiplier ] ] 
{ default | no } echo-interval

default

Disables the configured echo-interval setting.

no

Removes the configured echo-interval setting.

seconds

Specifies the number of seconds between the sending of a GTP-Uv1 echo packet. seconds must be an integer from 60 through 3600. Default: 60

dynamic [ smooth-factor multiplier ]

Enables the dynamic echo timer for the GTP-U service.

smooth-factor multiplier : Introduces a multiplier into the dynamic echo timer as an integer from 1 through 5. Default: 2

Usage Guidelines

Use this command to configure the rate at which GTP-Uv1 echo packets are sent.

Example

The following command sets the rate between the sending of echo packets at 120 seconds:
echo-interval 120

echo-retransmission-timeout

Configures the timeout for GTP-U echo message retransmissions for this service.

Product

ePDG

GGSN

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

echo-retransmission-timeout seconds 
default echo-retransmission-timeout

default

Returns the command to its default setting of 5.

seconds

Default: 5

Configures the echo retransmission timeout, in seconds, for the GTP-U service as an integer ranging from 1 to 20.

Usage Guidelines

Use this command to configure the amount of time, in seconds, before the GTP-U service transmits another echo request message. The value set in this command is used, as is, for the default echo. If dynamic echo is enabled (echo-interval dynamic ) the value set in this command serves as the dynamic minimum (if the RTT multiplied by the smooth factor is less than the value set in this command, the service uses this value).

Example

The following command sets the retransmission timeout for echo messages to 2 seconds:
echo-retransmission-timeout 2

end

Exits the current configuration mode and returns to the Exec mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

end

Usage Guidelines

Use this command to return to the Exec mode.

exit

Exits the current mode and returns to the parent configuration mode.

Product

All

Privilege

Security Administrator, Administrator

Syntax

exit

Usage Guidelines

Use this command to return to the parent configuration mode.

extension-header

Configures the addition of an extension header in the GTP-U packet header, allowing for error indication messages.

Product

GGSN

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

[ default | no ] extension-header source-udp-port

default

Returns the command to its default setting of disabled.

no

Disables the feature.

source-udp-port

Configures extension header type UDP Port support in GTP-U header for GTP-U Error Indication messages.

Usage Guidelines

Use this command to configure the addition of an extension header in the GTP-U packet to allow for error indication messages

Example

The following command enables the inclusion of an extension header to allow for error indication messages:
extension-header source-udp-port

ip qos-dscp

Configures the quality of service (QoS) differentiated service code point (DSCP) per-hop behavior (PHB) to be marked on the outer header of signalling packets originating from the LTE component.

Product

ePDG

P-GW

SAEGW

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

ip qos-dscp { af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | cs1 | cs2 | cs3 | cs4 | cs5 | cs6 | cs7 | ef } 
[ default | no ] ip qos-dscp

default

Sets/restores default value.

no

Disables DSCP marking.

af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | be | cs1 | cs2 | cs3 | cs4 | cs5 | cs6 | cs7 | ef

Specifies the IP QoS DSCP PHB to be marked on the outer header of signalling packets originating from the LTE component. This is a standards-based feature (RFC 2597 and RFC 2474).

Note that CS (class selector) mode options below are provided to support backward compatibility with the IP precedence field used by some network devides. CS maps one-to-one to IP precedence, where CS1 is IP precedence value 1. If a packet is received from a non-DSCP aware router that used IP precedence markings, then the DSCP router can still understand the encoding as a Class Selector code point.

The following forwarding types are supported:

  • af11 : Designates the use of Assured Forwarding 11 PHB.

    This is the default setting.

  • af12 : Designates the use of Assured Forwarding 12 PHB.

  • af13 : Designates the use of Assured Forwarding 13 PHB.

  • af21 : Designates the use of Assured Forwarding 21 PHB.

  • af22 : Designates the use of Assured Forwarding 22 PHB.

  • af23 : Designates the use of Assured Forwarding 23 PHB.

  • af31 : Designates the use of Assured Forwarding 31 PHB.

  • af32 : Designates the use of Assured Forwarding 32 PHB.

  • af33 : Designates the use of Assured Forwarding 33 PHB.

  • af41 : Designates the use of Assured Forwarding 41 PHB.

  • af42 : Designates the use of Assured Forwarding 42 PHB.

  • af43 : Designates the use of Assured Forwarding 43 PHB.

  • be : Designates the use of Best Effort forwarding PHB.

  • cs1 : Designates the use of Class Selector code point "CS1".

  • cs2 : Designates the use of Class Selector code point "CS2".

  • cs3 : Designates the use of Class Selector code point "CS3".

  • cs4 : Designates the use of Class Selector code point "CS4".

  • cs5 : Designates the use of Class Selector code point "CS5".

  • cs6 : Designates the use of Class Selector code point "CS6".

  • cs7 : Designates the use of Class Selector code point "CS7".

  • ef : Designates the use of Expedited Forwarding PHB typically dedicated to low-loss, low-latency traffic.

The assured forwarding behavior groups are listed in the table below.

Class 1 Class 2 Class 3 Class 4

Low Drop

AF11

AF21

AF31

AF41

Medium Drop

AF12

AF22

AF32

AF42

High Drop

AF13

AF23

AF33

AF43

Traffic marked with a higher class is given priority during congestion periods. If congestion occurs to traffic with the same class, the packets with the higher AF value are dropped first.

Usage Guidelines

Use this command to implement DSCP marking only for GTP-U ECHO Request and Response messages.

Example

Use the following command to set the use of Best Effort forwarding PHB:
ip qos-dscp be

ipsec-allow-error-ind-in-clear

Configures whether error-indication is dropped or sent without IPSec tunnel.

Product

S-GW

SAEGW

SGSN

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

[ default | no ] ipsec-allow-error-ind-in-clear

default

Error-indication is dropped if no IPSec tunnel is present for that peer.

no

Disables the feature.

Usage Guidelines

Use this command to determine whether error-indication is dropped or sent without an IPSec tunnel.

On receiving data packets for a session that does not exist, error-indication needs to be sent back to the peer. If there is no IPSec tunnel present with that peer, error-indication may be either dropped or sent without any IPSec tunnel.

Example

The following command allows error-indication to be sent without any IPSec tunnel:
 ipsec-allow-error-ind-in-clear

ipsec-tunnel-idle-timeout

Configures the IPSec tunnel idle timeout after which IPSec tunnel deletion is triggered.

Product

S-GW

SAEGW

SGSN

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

ipsec-tunnel-idle-timeout seconds 
default ipsec-tunnel-idle-timeout

seconds

Default: 60

Specifies the number of seconds an IPSec tunnel is idle before tunnel deletion is triggered. seconds must be an integer from 10 through 600.

default

Returns the command to its default setting of 60.

Usage Guidelines

When there are no bearers on a particular IPSec tunnel, GTPUMGR initiates the delete for that tunnel. This timer helps to avoid unnecessary IPSec tunnel deletions for an idle tunnel.

Example

The following command sets the IPsec tunnel idle timeout to 100 seconds:
ipsec-tunnel-idle-timeout 100

max-retransmissions

Configures the maximum retry limit for GTP-U echo retransmissions.

Product

ePDG

GGSN

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

max-retransmissions num 
no max-retransmissions

num

Default: 4

Specifies the number of GTP-U echo message retransmissions allowed before triggering a path failure error condition. num must be an integer from 0 through 15.

no

Disables the feature.

Usage Guidelines

Use this command to set the maximum number of GTP-U echo message retransmissions in order to define a limit that triggers a path failure error.

Example

The following command sets the maximum GTP-U echo message retransmissions for this service to 10 :
max-retransmissions 10

path-failure clear-trap

Configures a trigger for clearing the path failure trap.

Product

ePDG

GGSN

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

path-failure clear-trap gtp echo 
[ default | no ] path-failure clear-trap

gtp echo

Sets the clearing trigger/trap to detect a failure upon reaching the maximum number of GTP-U echo message retransmissions.

default

Resets the command to its default setting of enabled.

no

Disables the feature.

Usage Guidelines

Use this command to set the detection policy for path failures. By default, path failure trap is cleared on receiving first control plane message for that GTP-U peer allocation.

Example

The following command sets the clearing trigger to detect failures upon reaching the maximum number of GTP-U echo message retries:
path-failure clear-trap gtp echo

path-failure detection-policy

Configures a path failure detection policy on GTP-U echo messages that have been retransmitted the maximum number of retry times.

Product

ePDG

GGSN

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

path-failure detection-policy gtp echo 
[ default | no ] path-failure detection-policy

gtp echo

Sets the detection policy to detect a failure upon reaching the maximum number of GTP-U echo message retransmissions.

default

Resets the command to its default setting of enabled.

no

Disables the feature.

Usage Guidelines

Use this command to set the detection policy for path failures.

Example

The following command sets the path failure detection policy to detect failures upon reaching the maximum number of GTP-U echo message retries:
path-failure detection-policy gtp echo

retransmission-timeout

Configures retransmission timeout for GTPU echo message retransmissions for this service.


Important

In release 14.0 and later versions, this command is replaced by the echo-retransmission-timeout command.

Product

ePDG

GGSN

P-GW

SAEGW

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

retransmission-timeout seconds 
default retransmission-timeout

default

Returns the command to its default setting of 5.

seconds

Default: 5

Specifies the number of seconds between the re-sending of GTP-U echo messages. seconds must be an integer from 1 through 20.

Usage Guidelines

Use this command to set the number of seconds between the retransmission of GTP-U echo messages.

Example

The following command sets the number of seconds between the sending of GTP-U echo messages to 7 :
retransmission-timeout 7

sequence-number

Enables addition of the sequence number to every GTP-U packet. Default is disabled.

Product

GGSN

HSGW

P-GW

SAEGW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

[ no ] sequence-number

no

Disables addition of the sequence number to every GTP-U packet.

Usage Guidelines

Use this command to enable/disable addition of the sequence number to every GTP-U packet coming from Gi interface and going towards Gn/Gp interface. If GTP-U packets are received out of sequence, sequence numbers would allow the packets to be reorded.

Example

The following command enables addition of the sequence number to every GTP-U packet:
sequence-number

source-port

Configures GTP-U data packet source port related parameters.

Product

GGSN

P-GW

SAEGW

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

source-port  { non-standard | standard } 
source-port  { non-standard [ offset integer ] | standard } 
default source-port

default

Configures GTP-U service to use standard port 2152 as source port for all GTP-U data packets.

By default, standard port 2152 will be configured as GTP-U data packet source port (same as existing behavior).

non-standard

Configures GTP-U service to use multiple non-standard ports defined by system as a source port for GTP-U data packets. Starting port is 25500. Non-standard port number is unique per session manager instance.

offset integer

Generates a randomized source port using following logic.

If configured offset is R, and Session Manager instance number is N, then GTP-U service on Session Manager N generates a random number between [25500 + (N-1) x R + 1] and [25500 + N x R] and uses the number as a source port.

The integer range is from one to nine.


Important

Note the following recommendations while specifying the offset value.

  • Currently the base non-standard GTP-U source port is 25500 and the largest GTP-U source port that can be used is 65535. To avoid collision and use different source port for each Session Manager, it is recommended to use offset value less than or equal to (<=) 35000 or the maximum number of active Session Managers configured in the system.


    Note

    40035 (65535 - 25500) is the exact range of source port that all Session Managers can use for outgoing GTP-U data packets. 35000 is a safe number to avoid collision of GTP-U source port usage across Session Managers.

  • Offset can be configured per GTP-U service. If offset is configured differently for different GTP-U services, allowed range of source port for Session Managers will be different for each GTP-U service. Due to randomized GTP-U source port generation logic, two different Session Managers may use same GTP-U source port. To avoid this collision, it is recommended to use the same offset configured across all GTP-U services in the system.

standard

Configures GTP-U service to use standard port 2152 as source port for all GTP-U data packets.

Usage Guidelines

Currently, for forwarding GTP-U data packets, standard UDP port (2152) as source and destination port are used for outgoing GTP-U packet. This creates hardship to balance traffic properly over the LAG interfaces between the different L2/L3 elements in the network. Some routers use source UDP port to do load balancing of packets towards destination.

This command allows the source port outgoing GTP-U packet to be different for each SESSMGR. The destination port should remain as 2152, as per protocol.

When offset is configured in GTP-U service for non-standard source-port, the P-GW, SAEGW, or S-GW to which this GTP-U service is associated generates random GTP-U source port based on the configured offset and uses the same for outgoing GTP-U data packets.

After redundancy actions (like inter and intra chassis session recovery, sessctrl restart), GTP-U service recalculates the source port to be used for outgoing GTP-U data packets.

Example

The following command configures GTP-U service to use standard port 2152 as source port for all GTP-U data packets.:
source-port standard

udp-checksum

Inserts UDP-checksum in the UDP header of GTP-U packet.


Important

In Release 20 and later, HNBGW is not supported. This command must not be used for HNBGW in Release 20 and later. For more information, contact your Cisco account representative.

Product

GGSN

HNB-GW

P-GW

SGSN

S-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > GTP-U Service Configuration

configure > context context_name > gtpu-service service_name

Entering the above command sequence results in the following prompt: 

[context_name]host_name(config-gtpu-service)#

Syntax

udp-checksum { no-optimize | optimize } 
[ default | no ] udp-checksum

default

Through releases 14.0: Enables the UDP checksum, but no optimization is attempted. Releases 15.0 and later: Enables the UDP checksum, and attempts optimization of the UDP checksum in UDP header of GTPU packet using the inner payload transport checkusm.

no

Outer UDP checksum is marked as 'ZERO,' effectively disabling UDP checksum. Applicable only for IPv4 data.

no-optimize

No optimization attempt over UDP checksum in UDP header of GTP-U packet.

optimize

Attempts optimization of UDP checksum in UDP header of GTP-U packet using inner payload transport checksum.

Usage Guidelines

This command is used for enabling optimization of UDP checksum in UDP header of the GTP-U packet. An option to completely disable the UDP checksum of GTP-U packet is also introduced.

Example

The following command enables the optimization of UDP checksum in UDP header of the GTP-U packet: 
udp-checksum optimize