在GGSN应用“新呼叫策略拒绝”时DNS服务参数的最佳实践
下载选项
已更新: 2017 年 4 月 21 日
文档 ID:210801
非歧视性语言
此产品的文档集力求使用非歧视性语言。在本文档集中,非歧视性语言是指不隐含针对年龄、残障、性别、种族身份、族群身份、性取向、社会经济地位和交叉性的歧视的语言。由于产品软件的用户界面中使用的硬编码语言、基于 RFP 文档使用的语言或引用的第三方产品使用的语言,文档中可能无法确保完全使用非歧视性语言。 深入了解思科如何使用包容性语言。
关于此翻译
思科采用人工翻译与机器翻译相结合的方式将此文档翻译成不同语言,希望全球的用户都能通过各自的语言得到支持性的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 Cisco Systems, Inc. 对于翻译的准确性不承担任何责任,并建议您总是参考英文原始文档(已提供链接)。
简介
本文档介绍在用作网关通用分组无线业务(GPRS)支持节点(GGSN)的思科聚合服务路由器(ASR)5x00系列上遇到的情况,在设计域名系统(DNS)网络以避免服务中断时,新呼叫策略拒绝失败,需要牢记一些注意事项。
作者:Parthasarathy M和Anthony Fajri,思科TAC工程师。
问题:在GGSN应用Newcall Policy Reject时DNS服务参数配置
在GGSN软件升级期间,为避免服务对用户的影响,作为一种实践,新呼叫策略拒绝会应用于GGSN。期望服务GPRS支持节点(SGSN)应根据新呼叫策略将流量发送到下一个可用GGSN。
但是,在某些情况下并非如此。newcall policy reject未按预期工作,并且升级过程时出现服务降级。
解决方案
新呼叫策略拒绝如何工作?
在GGSN上应用新呼叫策略拒绝后;
[local]ASR5K_LAB# newcall policy ggsn-service all reject
GGSN拒绝新的传入创建分组数据协议(PDP)环境请求(CPC-R),但没有可用资源,以便SGSN可以选择下一个可用GGSN,从而在升级维护窗口时最小化服务干扰。
新呼叫策略拒绝的实验结果:
SGSN配置:
在本示例中,newcall policy reject应用于GGSN1。当呼叫到达时,SGSN将CPC请求发送到GGSN1,GGSN会依次拒绝呼叫,然后SGSN将请求发送到GGSN2。
监控用户跟踪输出:
===>GPRS Mobility/Session Management Message (2 Bytes) Protocol Discriminator : GMM message Message : Attach Complete INBOUND>>>>> 05:34:35:320 Eventid:88112(0) ===>GPRS Mobility/Session Management Message (34 Bytes) Protocol Discriminator : SM message Message : Activate PDP Context Request Requested NSAPI Requested LLC SAPI Requested Qos Length of Qos: 14 Requested PDP address Length : 2 Access Point Name Length: 10 <<<<OUTBOUND 05:34:35:323 Eventid:116004(3) GTPC Tx PDU, from 192.168.2.2:19002 to 192.168.2.1:2123 (110) TEID: 0x00000000, Message type: GTP_CREATE_PDP_CONTEXT_REQ_MSG (0x10) >>>>>>>>>> to GGSN1 Sequence Number:: 0x00CC (204) GTP HEADER FOLLOWS: Version number: 1 Protocol type: 1 (GTP C/U) Extended header flag: Not present Sequence number flag: Present NPDU number flag: Not present Message Type: 0x10 (GTP_CREATE_PDP_CONTEXT_REQ_MSG) Message Length: 0x0066 (102) Tunnel ID: 0x00000000 Sequence Number: 0x00CC (204) GTP HEADER ENDS. INFORMATION ELEMENTS FOLLOW: IMSI: 123450040000000 Recovery: 0x09 (9) Selection Mode: 0x0 (MS or network provided APN, subscribed verified (Subscribed)) Tunnel ID Data I: 0x8000C002 Tunnel ID Control I: 0x8000C002 NSAPI: 0x05 (5) END USER ADDRESS FOLLOWS: PDP Type Organisation: IETF PDP Type Number: IPv4 Address: Empty END USER ADDRESS ENDS. Access Point Name: sitt1.com GSN Address I: 0xC0A80202 (192.168.2.2) GSN Address II: 0xC0A80203 (192.168.2.3) MSISDN: 128612345678901 QOS Profile: 0x0223421F72967373440DFFFF00 COMMON FLAGS FOLLOW: Prohibit Payload Compression: no MBMS Service Type: Multicast Service RAN Procedures Ready: no MBMS Counting Information: no No QoS negotiation: no NRSN: yes Upgrade QoS Supported: no Dual Address Bearer Flag: no COMMON FLAGS END. Radio Access Technology: GERAN MS Time Zone: -4:00 Daylight Saving Time: +1 hour INFORMATION ELEMENTS END. INBOUND>>>>> 05:34:35:326 Eventid:116003(3) GTPC Rx PDU, from 192.168.2.1:2123 to 192.168.2.2:19002 (14) TEID: 0x8000C002, Message type: GTP_CREATE_PDP_CONTEXT_RES_MSG (0x11) Sequence Number:: 0x00CC (204) GTP HEADER FOLLOWS: Version number: 1 Protocol type: 1 (GTP C/U) Extended header flag: Not present Sequence number flag: Present NPDU number flag: Not present Message Type: 0x11 (GTP_CREATE_PDP_CONTEXT_RES_MSG) Message Length: 0x0006 (6) Tunnel ID: 0x8000C002 Sequence Number: 0x00CC (204) GTP HEADER ENDS. INFORMATION ELEMENTS FOLLOW: Cause: 0xC7 (GTP_NO_RESOURCES_AVAILABLE) INFORMATION ELEMENTS END. <<<<OUTBOUND 05:34:35:327 Eventid:116004(3) GTPC Tx PDU, from 192.168.2.2:19002 to 192.168.2.128:2123 (110) TEID: 0x00000000, Message type: GTP_CREATE_PDP_CONTEXT_REQ_MSG (0x10)>>>>>>>>>> GGSN2 Sequence Number:: 0x00CD (205) GTP HEADER FOLLOWS: Version number: 1 Protocol type: 1 (GTP C/U) Extended header flag: Not present Sequence number flag: Present NPDU number flag: Not present Message Type: 0x10 (GTP_CREATE_PDP_CONTEXT_REQ_MSG) Message Length: 0x0066 (102) Tunnel ID: 0x00000000 Sequence Number: 0x00CD (205) GTP HEADER ENDS. INFORMATION ELEMENTS FOLLOW: IMSI: 123450040000000 Recovery: 0x09 (9) Selection Mode: 0x0 (MS or network provided APN, subscribed verified (Subscribed)) Tunnel ID Data I: 0x8000C002 Tunnel ID Control I: 0x8000C002 NSAPI: 0x05 (5) END USER ADDRESS FOLLOWS: PDP Type Organisation: IETF PDP Type Number: IPv4 Address: Empty END USER ADDRESS ENDS. Access Point Name: sitt1.com GSN Address I: 0xC0A80202 (192.168.2.2) GSN Address II: 0xC0A80203 (192.168.2.3) MSISDN: 128612345678901 QOS Profile: 0x0223421F72967373440DFFFF00 COMMON FLAGS FOLLOW: Prohibit Payload Compression: no MBMS Service Type: Multicast Service RAN Procedures Ready: no MBMS Counting Information: no No QoS negotiation: no NRSN: yes Upgrade QoS Supported: no Dual Address Bearer Flag: no COMMON FLAGS END. Radio Access Technology: GERAN MS Time Zone: -4:00 Daylight Saving Time: +1 hour INFORMATION ELEMENTS END. INBOUND>>>>> 05:34:35:337 Eventid:116003(3) GTPC Rx PDU, from 192.168.2.128:2123 to 192.168.2.2:19002 (72) TEID: 0x8000C002, Message type: GTP_CREATE_PDP_CONTEXT_RES_MSG (0x11) Sequence Number:: 0x00CD (205) GTP HEADER FOLLOWS: Version number: 1 Protocol type: 1 (GTP C/U) Extended header flag: Not present Sequence number flag: Present NPDU number flag: Not present Message Type: 0x11 (GTP_CREATE_PDP_CONTEXT_RES_MSG) Message Length: 0x0040 (64) Tunnel ID: 0x8000C002 Sequence Number: 0x00CD (205) GTP HEADER ENDS. INFORMATION ELEMENTS FOLLOW: Cause: 0x80 (GTP_REQUEST_ACCEPTED) Reorder Required: 0x0 (Not present) Tunnel ID Data I: 0x0FFFFFF8 Tunnel ID Control I: 0x0FFFFFF8 Charging ID: 0x00000007 END USER ADDRESS FOLLOWS: PDP Type Organisation: IETF PDP Type Number: IPv4 IPv4 Address: 12.0.0.6 END USER ADDRESS ENDS. GSN Address I: 0xC0A80280 (192.168.2.128) GSN Address II: 0xC0A80280 (192.168.2.128) QOS Profile: 0x0222421F7296D1FE460D03FE004A4A INFORMATION ELEMENTS END.
SGSN如何选择GGSN?
在apn-profile配置下,有命令apn-resolve-dns-query snaptr。
apn-resolve-dns-query snaptr [ epc-ue |非epc-ue ]
SNAPTR过滤器基于用户设备(UE)的EPC功能。 使用此命令为具有EPC订用的3G用户启用SNAPTR类型DNS查询以解析APN。此模式下的配置可促进对每个APN的此功能的控制。
如果配置中不包含任何关键字,则S-NAPTR查询适用于所有UE,包括支持EPC的UE和非支持EPC的UE。默认情况下,此功能未启用。
这意味着SGSN以名称授权指针(NAPTR)格式(sitt1.com.apn.epc.mnc090.mcc262.3gppnetwork.org)发送DNS查询以选择GGSN。
如果NAPTR查询失败,则SGSN回退到查询类型A(sitt1.mnc045.mcc123.gprs)以获取GGSN IP地址。
实验结果:
SGSN配置:
apn-profile default
apn-resolve-dns-query snaptr
监控协议跟踪:
*** Verbosity Level ( 2) *** *** Verbosity Level ( 3) *** <<<<OUTBOUND 05:42:24:667 Eventid:5957(3) DNS PDU Tx from : 192.168.2.1 : 49351 to : 192.168.1.254 : 53 bytes : 76 Query ID : 6366 Type : Query Question : NAPTR ? sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org. Additional : Name : . Ext-RCODE : 0 Type : OPT UDPsize : 4096 INBOUND>>>>> 05:42:24:750 Eventid:5956(3) DNS PDU Rx from : 192.168.1.254 : 53 to : 192.168.2.1 : 49351 bytes : 76 Query ID : 6366 Type : Response Authoritative Answer : No Response code : ServFail Question : NAPTR ? sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org. Additional : Name : . Ext-RCODE : 0 Type : OPT UDPsize : 4096 <<<<OUTBOUND 05:42:24:752 Eventid:5957(3) DNS PDU Tx from : 192.168.2.1 : 51619 to : 192.168.1.254 : 53 bytes : 57 Query ID : 16777 Type : Query Question : A? sitt1.com.MNC045.MCC123.GPRS. Additional : Name : . Ext-RCODE : 0 Type : OPT UDPsize : 4096 INBOUND>>>>> 05:42:24:781 Eventid:5956(3) DNS PDU Rx from : 192.168.1.254 : 53 to : 192.168.2.1 : 51619 bytes : 57 Query ID : 16777 Type : Response Authoritative Answer : No Response code : Success Question : A? sitt1.com.MNC045.MCC123.GPRS. Additional : Name : . Ext-RCODE : 0 Type : OPT UDPsize : 4096
配置示例
如果使用以下服务参数配置DNS:
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp
当支持非演进分组核心(EPC)的UE根据DNS应答服务类型尝试连接时,SGSN决定是否回退到查询。
例如:
SGSN检查DNS应答服务类型,如果它找不到关键字x-3gpp-ggsn:x-gn和x-3gpp-ggsn:x-gp,则SGSN回退到A查询类型。
Query Name: sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org Answer: Order: 10 Preference: 10 Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp Regular Expression: Replacement: TOPON.S5.GGSN1.NODES.EPC.MNC090.MCC262.3GPPNETWORK.ORG Query Name: sitt1.mnc045.mcc123.gprs Query Type: A TTL: 48993 seconds Answer: IP Address: 192.168.2.1
假设,如果您仅为DNS中的A记录配置一个GGSN IP地址,则SGSN无法重定向到下一个可用GGSN,从而降低服务质量。
根据SGSN管理指南:
Gn SGSN支持并帮助为支持演进分组核心(EPC)的UE选择共置分组数据网络(PDN)网关(P-GW)/GGSN节点,并为APN完全限定域名(FQDN)执行DNS直接NAPTR(SNAPTR)查找对于服务参数x-3gpp-pgw:x-gn / x-3gpp-pgw:x-gp。服务参数x-3gpp-ggsn:x-gn和x-3gpp-ggsn:x-gp中的接口也用于选择独立GGSN。
因此,在设计DNS记录时,可以包括服务参数,例如:
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp
之后,DNS开始为不支持EPC的UE返回多个网关(GW)地址。
Query Name: sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org
Query Type: NAPTR TTL: 42755 seconds
Answer:
Order: 40 Preference: 40
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp
Regular Expression:
Replacement: TOPON.S5.GGSN03.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Name: sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org
Query Type: NAPTR TTL: 42755 seconds
Answer:
Order: 10 Preference: 10
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp
Regular Expression:
Replacement: TOPON.S5.GGSN02.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Name: sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org
Query Type: NAPTR TTL: 42755 seconds
Answer:
Order: 20 Preference: 20
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp
Regular Expression:
Replacement: TOPON.S5.GGSN05.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Name: sitt1.com.apn.epc.mnc045.mcc123.3gppnetwork.org
Query Type: NAPTR TTL: 42755 seconds
Answer:
Order: 30 Preference: 30
Flags: A Service: x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp
Regular Expression:
Replacement: TOPON.S5.GGSN04.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Name: TOPON.S5.GGSN04.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Type: NAPTR TTL: 48993 seconds
Answer:
IP Address: 192.168.2.22
Query Name: TOPON.S5.GGSN03.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Type: NAPTR TTL: 48993 seconds
Answer:
IP Address: 192.168.2.18
Query Name: TOPON.S5.GGSN05.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Type: NAPTR TTL: 48993 seconds
Answer:
IP Address: 192.168.2.23
Query Name: TOPON.S5.GGSN02.NODES.EPC.mnc045.mcc123.3GPPNETWORK.ORG
Query Type: NAPTR TTL: 48993 seconds
Answer:
IP Address: 192.168.2.21
总之,请确保您的DNS配置为x-3gpp-pgw:x-s5-gtp:x-s8-gtp:x-gn:x-gp:x-3gpp-ggsn:x-gn:x-gp:x-gp,以避免在您有多个GGSN支持地理冗余时出现服务干扰。
反馈