Planning to Configure the GGSN
This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).
This chapter includes the following sections:
•Prerequisites
•Restrictions
•Additional References
Prerequisites
Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:
•Before You Begin
•Platform Prerequisites
Before You Begin
The Cisco GGSN Release 8.0 is supported on the Cisco Service and Application Module for IP (SAMI) for the Cisco 7600 series router platform.
Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for those networks, and plan the associated access points to those networks and configure them on the GGSN.
For example, you might want to provide user access to the Internet through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.
Platform Prerequisites
When configuring GGSNs on the Cisco 7600 series router platform, ensure that requirements outlined in the following sections are met:
•Required Hardware and Software
•Required Base Configuration
Required Hardware and Software
Implementing a Cisco GGSN on the Cisco 7600 series Internet router platform requires the following hardware and software.
•Any module that has ports to connect to the network.
•Supervisor Engine 720, with a Multilayer Switch Feature Card, running Cisco IOS Release 12.2(33)SRB1 or later.
or
Cisco 7600 Series Supervisor Engine 32, with a Multilayer Switch Feature Card, running Cisco IOS Release 12.2(33)SRC and LCP ROMMON Version 12.2[121] on the Cisco SAMI.
For details on upgrading the Cisco IOS release running on the supervisor engine, refer to the "Upgrading to a New Software Release" section in the Release Notes for Cisco IOS Release 12.2SR. For information about verifying and upgrading the LCP ROMMON image on the Cisco SAMI, refer to the Cisco Service and Application Module for IP User Guide.
Note The Cisco IOS software required on the supervisor engine is dependent on the supervisor engine being used and the Cisco mobile wireless application running on the Cisco SAMI processors.
•Cisco Service and Application Module for IP (Cisco Product Number: WS-SVC-SAMI-BB-K9). The SAMI processors must be running Cisco IOS Release 12.4(15)XQ or later. The image is automatically loaded onto each processor during an image upgrade and supports both the 1 GB memory default and the 2 GB memory option ( Cisco Product Number: MEM-SAMI-6P-2GB[=]).
•IPSec VPN Services Module (for security)
Note Certain GGSN features, such as enhanced service-aware billing and GTP-session redundancy, require additional hardware and software.
GTP-Session Redundancy
In addition to the required hardware and software above, implementing GTP-Session Redundancy (GTP-SR) requires at minimum:
•In a one-router implementation, two Cisco SAMIs in the Cisco 7600 series router, or
•In a two-router implementation, one Cisco SAMI in each of the Cisco 7600 series routers.
Enhanced Service-Aware Billing
In addition to the required hardware and software, implementing enhanced service-aware billing requires an additional Cisco SAMI running the Cisco Content Services Gateway - 2nd Generation software in each Cisco 7600 series router.
Required Base Configuration
After connectivity has been established from the switch to the different elements in your network, ensure that you complete the following base configuration before implementing and customizing GGSNs on the Cisco SAMI:
On the supervisor engine, ensure that:
1. A Layer-3-routed VLAN for each of the GGSN interfaces has been created. Specifically, create a VLAN for the following interfaces:
–Gn VLAN—Interconnects the Gn interfaces.
–Ga VLAN—Interconnects the Ga interfaces.
–AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for AAA, Operation, Administration, and Maintenance (OAM), and DHCP functions.
–One VLAN per APN Gi interface
You can configure the VLANs from VLAN database mode or global configuration mode. You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.
Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode and not through the VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.
To configure a VLAN from global configuration mode:
Sup#conf terminal
Enter configuration commands, one per line. End with CNTL/Z.
Sup(config)#vlan 222
Sup(config-vlan)#end
Sup#
In the preceding example, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the supervisor engine routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), configure a VLAN 222 interface on the supervisor engine and assign an IP address to the interface:
Sup(config)# interface vlan222
Sup(config-if)# ip address n.n.n.n mask
Sup(config-if)# no ip redirects
The following is an example of the VLAN configuration on the supervisor engine:
vlan 103,110,160,200,300-301,310
ip address 10.20.21.1 255.255.255.0
description OAM/AAA/DHCP VLAN
ip address 10.20.50.1 255.255.255.0
description Ga Charging VLAN
description VLAN for APN Internet
ip address 10.20.51.1 255.255.255.0
For detailed information on configuring VLANs, see the Cisco 7600 Series Cisco IOS Software Configuration Guide.
2. The Cisco IOS software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and Chapter 13 "Configuring Load Balancing on the GGSN."
3. Permit traffic to the SAMI by enabling multiple switch virtual interfaces (SVIs), assiging the VLANs to a VLAN group, and then assigning the VLAN groups to the SAMI using the following commands:
svclc multiple-vlan-interfaces
svclc module 7 vlan-group 71, 73
svclc vlan-group 73, 95, 100, 101
Note VLAN IDs must be the same in the supervisor engine and Cisco SAMI configurations. For more information about configuring the Cisco SAMI, refer the Cisco Service and Application Module for IP User Guide.
4. A static route is configured to each GGSN instance configured on the Cisco SAMI:
ip route 10.20.30.1 255.255.255.255 10.20.21.20
ip route 10.20.30.2 255.255.255.255 10.20.21.21
ip route 10.20.30.3 255.255.255.255 10.20.21.22
ip route 10.20.30.4 255.255.255.255 10.20.21.23
ip route 10.20.30.5 255.255.255.255 10.20.21.24
On each GGSN instance on the Cisco SAMI, ensure that:
1. A static route is configured to the supervisor engine.
ip route 0.0.0.0.0 0.0.0.0 10.20.21.1
2. A subinterface, on which 802.1Q encapsulation is enabled, is configured to each of the VLANs that you created on the supervisor engine.
The following is an example of a Ga/Gn subinterface configuration on the GGSN to VLAN 103 configured on the supervisor engine:
interface GigabitEthernet0/0.2
description Ga/Gn Interface
ip address 10.1.1.72 255.255.255.0
For detailed information on configuring:
–Ga subinterfaces, see the "Configuring an Interface to the Charging Gateway" section.
–Gn subinterfaces, see the "Configuring an Interface to the SGSN" section.
–Gi subinterfaces, see the "Configuring an Interface to a PDN" section.
Configuration Examples
The following are base configuration examples for the supervisor engine and the GGSN instance running on the Cisco SAMI.
Supervisor Engine
boot device module 7 cf:4
svclc multiple-vlan-interfaces
svclc module 7 vlan-group 71, 73
svclc vlan-group 73, 95, 100, 101
power redundancy-mode combined
name Internal_Gi_for_GGSN-SAMI
interface FastEthernet8/22
switchport access vlan 302
interface FastEthernet8/23
switchport access vlan 302
interface FastEthernet8/26
description To DHCP/RADIUS Servers
switchport access vlan 95
interface FastEthernet8/31
switchport access vlan 71
interface FastEthernet9/32
switchport access vlan 165
description VLAN to tftpserver
ip address 1.7.46.65 255.255.0.0
description VLAN for RADIUS and DHCP
ip address 10.2.25.1 255.255.255.0
description Internal VLAN SUP-to-SAMI Gi
ip address 10.1.2.1 255.255.255.0
description VLAN to GGSN for GA/GN
ip address 10.1.1.1 255.255.255.0
description VLAN to CORPA
ip address 165.1.1.1 255.255.0.0
ip address 40.0.2.1 255.255.255.0
ip address 40.0.3.1 255.255.255.0
summary-address 9.9.9.0 255.255.255.0
redistribute static subnets route-map GGSN-routes
network 40.0.2.0 0.0.0.255 area 300
network 40.0.3.0 0.0.0.255 area 300
ip route 9.9.9.72 255.255.255.255 10.1.1.72
ip route 9.9.9.73 255.255.255.255 10.1.1.73
ip route 9.9.9.74 255.255.255.255 10.1.1.74
ip route 9.9.9.75 255.255.255.255 10.1.1.75
ip route 9.9.9.76 255.255.255.255 10.1.1.76
ip route 110.72.0.0 255.255.0.0 10.1.1.72
ip route 110.73.0.0 255.255.0.0 10.1.1.73
ip route 110.74.0.0 255.255.0.0 10.1.1.74
ip route 110.75.0.0 255.255.0.0 10.1.1.75
ip route 110.76.0.0 255.255.0.0 10.1.1.76
access-list 1 permit 9.9.9.0 0.0.0.255
route-map GGSN-routes permit 10
GGSN Instance on a Cisco SAMI Processor
description USED FOR DHCP gateway
ip address 110.72.0.2 255.255.255.255
description GPRS GTP V-TEMPLATE IP ADDRESS
ip address 9.9.9.72 255.255.255.0
interface GigabitEthernet0/0
interface GigabitEthernet0/0.1
ip address 10.1.2.72 255.255.255.0
interface GigabitEthernet0/0.2
description Ga/Gn Interface
ip address 10.1.1.72 255.255.255.0
interface GigabitEthernet0/0.71
description TFTP or Backbone
ip address 1.7.46.72 255.255.0.0
interface GigabitEthernet0/0.95
ip address 10.2.25.72 255.255.255.0
interface Virtual-Template1
ip unnumbered Loopback100
gprs access-point-list gprs
ip route 0.0.0.0 0.0.0.0 10.1.2.1
ip route 40.1.2.1 255.255.255.255 10.1.1.1
ip route 40.1.3.10 255.255.255.255 10.1.1.1
ip route 40.2.2.1 255.255.255.255 10.1.1.1
ip route 40.2.3.10 255.255.255.255 10.1.1.1
ip route 40.3.2.3 255.255.255.255 10.1.1.1
ip route 40.4.2.3 255.255.255.255 10.1.1.1
gprs access-point-list gprs
access-point-name CORPA.com
ip-address-pool dhcp-proxy-client
dhcp-gateway-address 110.72.0.2
Restrictions
When configuring a Cisco GGSN, observe the following:
•The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] has been configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).
Note DFP weighs PPP PDPs against IP PDPs with one PPP PDP equal to eight IP PDPs. One IPv6 PDP equals 8 IPv4 PDPs.
Table 2-1 lists the maximum number of PDP contexts the Cisco SAMI with the 1 GB memory option can support. Table 2-2 lists the maximum number the Cisco SAMI with the 2 GB memory option can support.:
Table 2-1 Number of PDPs Supported in 1 GB SAMI
|
|
Maximum Number per SAMI
1
|
IPv4 |
60,000 |
360,000 |
IPv6 |
8,000 |
48,000 |
PPP Regeneration |
16,000 |
96,000 |
PPP |
8,000 |
48,000 |
Table 2-2 Number of PDPs Supported in 2 GB SAMI
|
|
Maximum Number per SAMI
1
|
IPv4 |
128,000 |
768,000 |
IPv6 |
16,000 |
96,000 |
PPP Regeneration |
32,000 |
192,000 |
PPP |
16,000 |
96,000 |
Note Table 2-1 and Table 2-2 list the maximum number of PDPs supported when the no virtual-template subinterface global configuration command is not configured on the GGSN.
With Cisco GGSN Release 8.0 and later, PDPs regenerated to a PPP session run on software interface description blocks (IDBs), which increases the number of sessions the GGSN can support. The GTP virtual template is a subinterface. If the no virtual-template subinterface command is configured in global configuration mode, PDPs regenerated to a PPP session run on hardware IDBs instead. When sessions are running on hardware IDBs, the GGSN supports fewer sessions.
•To avoid issues with high CPU usage, we recommend the following configurations:
–To reduce the CPU usage during bootup, disable logging to the console terminal by configuring the no logging console global configuration command.
–To ensure that the HSRP interface does not declare itself active until it is ready to process a peer's Hello packets, configure the delay period before the initialization of HSRP groups with the standby delay minimum 100 reload 100 interface configuration command under the HRSP interface.
–To minimize issues with high CPU usage for additional reasons, such as periods of high PPP PDP processing (creating and deleting), disable the notification of interface data link status changes on all virtual template interfaces of the GGSN using the no logging event link-status interface configuration command.
interface Virtual-Template1
no logging event link-status
gprs access-point-list gprs
For implementation of a service-aware GGSN, the following additional important notes, limitations, and restrictions apply:
•RADIUS accounting is enabled between the CSG2 and GGSN to populate the Known User Entries Table (KUT) entries with the PDP context user information.
•CSG2 must be configured with the QS addresses of all the GGSN instances.
•Service IDs on the CSG2 are configured as numeric strings that match the category IDs on the Diameter Credit Control Application (DCCA) server.
•If RADIUS is not being used, the Cisco CSG2 is configured as a RADIUS endpoint on the GGSN.
•On the SGSN, the values configured for the number GTP N3 requests and T3 retransmissions must be larger than the sum of all possible server timers (RADIUS, DCCA, and CSG2).
Specifically the SGSN N3*T3 must be greater than:
2 x RADIUS timeout + N x DCCA timeout + CSG2 timeout
where:
–2 is for both authentication and accounting.
–N is for the number of diameter servers configured in the server group.
Note Configuring a N3* T3 lower than the default might impact slow TCP-based charging paths.
Additional References
For additional information related to implementing basic connectivity, see the following sections:
•Related Documents
•Standards
•MIBS
•RFCs
•Technical Assistance
Related Documents
•Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.4
•Cisco IOS Configuration Fundamentals Command Reference, Release 12.4
•Cisco IOS Dial Technologies Configuration Guide, Release 12.4
•Cisco IOS Dial Technologies Command Reference, Release 12.4
•Cisco IOS Interface and Hardware Component Configuration Guide, Release 12.4
•Cisco IOS Interface and Hardware Component Command Reference, Release 12.4
•Cisco IOS IP Mobility Configuration Guide, Release 12.4
•Cisco IOS IP Mobility Command Reference, Release 12.4
•Cisco IOS IP Multicast Configuration Guide, Release 12.4
•Cisco IOS IP Multicast Command Reference, Release 12.4
•Cisco IOS IP Routing Protocols Configuration Guide, Release 12.4
•Cisco IOS IP Routing Protocols Command Reference, Release 12.4
•Cisco IOS IP Switching Configuration Guide, Release 12.4
•Cisco IOS IP Switching Command Reference, Release 12.4
•Cisco IOS IPv6 Configuration Guide, Release 12.4
•Cisco IOS IPv6 Command Reference, Release 12.4
•Cisco IOS LAN Switching Configuration Guide, Release 12.4
•Cisco IOS LAN Switching Command Reference, Release 12.4
•Cisco IOS Mobile Wireless Packet Data Serving Node Configuration Guide, Release 12.4
•Cisco IOS Mobile Wireless Packet Data Serving Node Command Reference, Release 12.4
•Cisco IOS Network Management Configuration Guide, Release 12.4
•Cisco IOS Network Management Command Reference, Release 12.4
•Cisco IOS Optimized Edge Routing Configuration Guide, Release 12.4
•Cisco IOS Optimized Edge Routing Command Reference, Release 12.4
•Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
•Cisco IOS Quality of Service Solutions Command Reference, Release 12.4
•Cisco IOS Security Configuration Guide, Release 12.4
•Cisco IOS Security Command Reference, Release 12.4
•Cisco Multi-Processor WAN Application Module Installation and Configuration Note
Standards
Cisco GGSN Release 8.0 supports the following Third Generation Partnership Program (3GPP) standards and is backward compatible with prior 3GPP Technical Specifications (TS):
Table 2-3 Third Generation Partnership Program (3GPP) Standards Supported by Cisco GGSN Release 8.0
|
|
|
|
29.060 |
GTP across Gn and Gp |
7 |
8.1.0 |
29.061 |
Interworking with PDN |
7 |
7.5.0 |
32.015 |
Charging |
99 |
3.12.0 |
32.215 |
Charging |
5 |
5.9.0 |
32.251 |
Charging |
7 |
7.5.1 |
Note Cisco GGSN Release 8.0 provides limited support on some sections of the TSs listed above.
The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:
•Ga interface—SMG#28 R99
•Gn interface—SMG#31 R98
MIBS
•CISCO-GGSN-EXT-MIB
•CISCO-GGSN-MIB
•CISCO-GGSN-QOS-MIB
•CISCO-GGSN-SERVICE-AWARE-MIB
•CISCO-GPRS-ACC-PT-MIB
•CISCO-GPRS-CHARGING-MIB
•CISCO-GPRS-GTP-CAPABILITY-MIB
•CISCO-GTP-MIB
RFCs
•RFC 1518, An Architecture for IP Address Allocation with CIDR
•RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy
•RFC 1661, The Point-to-Point Protocol (PPP)
•RFC 2461, Neighbor Discovery for IP Version 6 (IPv6)
•RFC 2462, IPv6 Stateless Address Autoconfiguration
•RFC 2475, An Architecture for Differentiated Services
•RFC 3162, RADIUS and IPv6
•RFC 3588, Diameter Base Protocol
•RFC 3720, Internet Small Computer Systems Interface (iSCSI)
•RFC 4006 Diameter Credit-Control Application
Technical Assistance
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.
http://www.cisco.com/techsupport