Cisco GGSN Release 6.0 Configuration Guide, Cisco IOS Release 12.4(2)XB8
Configuring Load Balancing on the GGSN
Downloads: This chapterpdf (PDF - 405.0KB) The complete bookPDF (PDF - 8.73MB) | Feedback

Configuring Load Balancing on the GGSN

Table Of Contents

Configuring Load Balancing on the GGSN

Overview of GTP Load Balancing

Overview of Cisco IOS SLB

GGSN GTP Load Balancing Support

Overview of GTP Load Balancing on the Catalyst 6500/Cisco 7600 Platform

Supported GTP Load Balancing Types

Cisco IOS SLB Algorithms Supported for GTP Load Balancing

Dynamic Feedback Protocol for Cisco IOS SLB

GTP IMSI Sticky Database

GTP SLB Restrictions

Configuring GTP Load Balancing

GTP Load Balancing Configuration Task List

Configuration Guidelines

Configuring the Cisco IOS SLB for GTP Load Balancing

Configuring a Server Farm and Real Server

Configuring a Virtual Server

Configuring a GSN Idle Timer

Configuring DFP Support

Configuring the GGSN for GTP Load Balancing

Configuring a Loopback Interface for GTP SLB

Configuring DFP Support on the GGSN

Configuring Messaging from the GGSN to the Cisco IOS SLB

Configuring Support for GGSN-IOS SLB Messaging CAC Failure Notifications

Configuring Support for GGSN-IOS SLB Messaging Delete Notifications (GTP IMSI Sticky Database Support)

Verifying the Cisco IOS SLB Configuration

Verifying the Virtual Server

Verifying the Server Farm

Verifying Cisco IOS SLB Connectivity

Monitoring and Maintaining the Cisco IOS SLB Feature

Configuration Examples

Cisco 7200 Platform Configuration Examples

Cisco IOS SLB with GTP Load Balancing Configuration Example

Cisco IOS SLB with GTP Load Balancing and NAT Example

Cisco IOS SLB with GTP Load Balancing, NAT, and GTP Cause Code Inspection Example

Catalyst 6500/Cisco 7600 Platform Configuration Example

Cisco IOS SLB Configuration Statements

GGSN1 Configuration Statements


Configuring Load Balancing on the GGSN


This chapter describes how to configure a gateway GPRS support node (GGSN) to support load balancing functions using the Cisco IOS software Server Load Balancing (SLB) feature. GTP load balancing provides increased reliability and availability when you are using multiple Cisco GGSNs or non-Cisco GGSNs in your GPRS/UMTS network.

For a complete description of the GGSN commands in this chapter, refer to the Cisco GGSN Release 6.0 Command Reference. For a complete description of the other Cisco IOS SLB commands in this chapter, refer to the IOS Server Load Balancing feature module.

To locate documentation of other commands that appear in this chapter, use the command reference master index or search online.

This chapter includes the following sections:

Overview of GTP Load Balancing

Configuring GTP Load Balancing

Configuring Messaging from the GGSN to the Cisco IOS SLB (Optional)

Monitoring and Maintaining the Cisco IOS SLB Feature

Configuration Examples


Note You can also use the GTP Director Module (GDM) to obtain simple, round-robin load balancing in environments where non-Cisco GGSNs are found. For more information about GDM and load balancing, see the GTP Director Module section of this book.


Overview of GTP Load Balancing

This section provides an overview of the Cisco IOS SLB feature and GTP load balancing support on the GGSN. It includes the following sections:

Overview of Cisco IOS SLB

GGSN GTP Load Balancing Support

GTP SLB Restrictions

Overview of Cisco IOS SLB

The Cisco SLB feature is an IOS-based solution that provides IP server load balancing. Using the Cisco IOS SLB feature, you can define a virtual server that represents a group of real servers in a cluster of network servers known as a server farm. In this environment, the clients connect to the IP address of the virtual server. When a client initiates a connection to the virtual server, the Cisco IOS SLB feature chooses a real server for the connection, based on a configured load-balancing algorithm.

The Cisco IOS SLB feature also provides firewall load balancing, which balances flows across a group of firewalls called a firewall farm.

Figure 12-1 presents a logical view of a simple Cisco IOS SLB network.

Figure 12-1 Logical View of IOS SLB

GGSN GTP Load Balancing Support

Cisco IOS SLB provides GGSN GTP load balancing and increased reliability and availability for the GGSN. GGSN GTP load balancing supports a subset of the overall server load-balancing functions that are available in the Cisco IOS SLB feature. Therefore, the full scope of Cisco IOS SLB functions is not applicable to the general packet radio service/Universal Mobile Telecommunication System (GPRS/UMTS) environment. For more information about unsupported functions, see the "GTP SLB Restrictions" section.

When configuring GTP load balancing, a pool of GGSNs is configured as a server farm in Cisco IOS SLB. These are the GGSNs across which you want to load-balance GTP sessions. A virtual server instance is configured in IOS SLB to load balance GTP sessions across the GGSN farm. This virtual server is associated with the server farm that you configured in Cisco IOS SLB.

Overview of GTP Load Balancing on the Catalyst 6500/Cisco 7600 Platform

On the Catalyst 6500/Cisco 7600 platform, GTP load balancing is supported by using the Cisco IOS SLB feature on the Supervisor 2/MSFC2.

On receiving a Create PDP Context request, the SLB on the MSFC2 will process only the Create PDP Context request sent to the GGSN virtual IP address. On receiving a Create PDP Context request, a real GGSN is selected based on the load at that time. Once the PDP context has been established by the GGSN, all subsequent transactions corresponding to the PDP contexts occurs directly between that GGSN and corresponding SGSN, bypassing the Cisco IOS SLB on the MSFC2.

On the Catalyst 6500/Cisco 7600 platform:

Multiple GGSN virtual farms are supported

Load-balanced real servers can be internal or external to the Catalyst 6500/Cisco 7600 chassis

Each GGSN virtual farm must have one unique public IP address that is reachable from the SGSNs

Each virtual farm can correspond to one or more access point names (APNs).

The Domain Name System (DNS) server used by the SGSNs to resolve the APNs to a GGSN IP address should use the GGSN virtual IP address

Supported GTP Load Balancing Types

The Cisco IOS SLB supports two types of GTP load balancing:

GTP Load Balancing Without GTP Cause Code Inspection

GTP Load Balancing With GTP Cause Code Inspection

GTP Load Balancing Without GTP Cause Code Inspection

GTP load balancing without GTP cause code inspection enabled is recommended for Cisco GGSNs. It has the following characteristics:

Can operate in dispatched mode or in directed server Network Address Translation (NAT) mode, but not in directed client NAT mode. In dispatched mode, the GGSNs must be Layer 2-adjacent to the Cisco IOS SLB device.

Does not support stateful backup.

Delivers tunnel creation messages destined to the virtual GGSN IP address to one of the real GGSNs, using the weighted round-robin load-balancing algorithm. See the "Weighted Round-Robin" section for more information about this algorithm.

Requires Dynamic Feedback Protocol (DFP) to account for secondary PDP contexts in GTP v1.

GTP Load Balancing With GTP Cause Code Inspection

GTP load balancing with GTP cause code inspection enabled allows Cisco IOS SLB to monitor all PDP context signaling flows to and from GGSN server farms. This enables Cisco IOS SLB to monitor GTP failure cause codes, detecting system-level problems in both Cisco and non-Cisco GGSNs.

Table 12-1 lists the Create PDP Context response cause codes and the corresponding actions taken by Cisco IOS SLB.

Table 12-1 PDP Create Response Cause Codes and Corresponding Cisco IOS SLB Actions

Cause Code
Cisco IOS SLB Action

Request Accepted

Establish session

No Resource Available

Fail current real, reassign session, drop the response

All dynamic addresses are occupied

Fail current real, reassign session, drop the response

No memory is available

Fail current real, reassign session, drop the response

System Failure

Fail current real, reassign session, drop the response

Missing or Unknown APN

Forward the response

Unknown PDP Address or PDP type

Forward the response

User Authentication Failed

Forward the response

Semantic error in TFT operation

Forward the response

Syntactic error in TFT operation

Forward the response

Semantic error in packet filter

Forward the response

Syntactic error in packet filter

Forward the response

Mandatory IE incorrect

Forward the response

Mandatory IE missing

Forward the response

Optional IE incorrect

Forward the response

Invalid message format

Forward the response

Version not supported

Forward the response

PDP context without TFT already activated

Fail current real, reassign session, drop the response


GTP load balancing with GTP cause code inspection enabled has the following characteristics:

Must operate in directed server NAT mode.

Assigns PDP context creates from a specific International Mobile Subscriber ID (IMSI) to the same GGSN.

Supports stateful backup.

Tracks the number of open PDP contexts for each GGSN, which enables GGSN server farms to use the weighted least connections (leastconns) algorithm for GTP load balancing. See the "Weighted Least Connections" section for more information about this algorithm.

Enables Cisco IOS SLB to deny access to a virtual GGSN if the carrier code of the requesting IMSI does not match a specified value.

Enables Cisco IOS SLB to support secondary PDP contexts, even without DFP.

Cisco IOS SLB Algorithms Supported for GTP Load Balancing

The following two Cisco IOS SLB algorithms are supported for GTP load balancing:

Weighted Round-Robin

Weighted Least Connections

Weighted Round-Robin

The weighted round- robin algorithm specifies that the real server used for a new connection to the virtual server is chosen from the server farm in a circular fashion. Each real server is assigned a weight, n, that represents its capacity to handle connections, as compared to the other real servers associated with the virtual server. That is, new connections are assigned to a given real server n times before the next real server in the server farm is chosen.

For example, assume a server farm made up of three real servers: ServerA with = 3, ServerB with = 1, and ServerC with = 2. The first three connections to the virtual server are assigned to ServerA, the fourth connection to ServerB, and the fifth and sixth connections to ServerC.


Note Assigning a weight of n = 1 to all of the servers in the server farm configures the Cisco IOS SLB device to use a simple round-robin algorithm.

GTP load balancing without GTP cause code inspection enabled requires the weighted round-robin algorithm. A server farm that uses weighted least connections can be bound to a virtual server that provides GTP load balancing without GTP cause code inspection enabled, but you cannot place that virtual server INSERVICE. If you try to do so, Cisco IOS SLB issues an error message.


Weighted Least Connections

When GTP cause code inspection is enabled, GTP load balancing supports the Cisco IOS SLB weighted least connections algorithm.

The weighted least connections algorithm specifies that the next real server chosen from a server farm for a new connection to the virtual server is the server with the fewest active connections. Each real server is assigned a weight for this algorithm, also. When weights are assigned, the server with the fewest connections is determined on the basis of the number of active connections on each server and the relative capacity of each server. The capacity of a given real server is calculated as the assigned weight of that server divided by the sum of the assigned weights of all the real servers associated with that virtual server, or n1/(n1+n2+n3...).

For example, assume a server farm made up of three real servers: ServerA with n = 3, ServerB with n = 1, and ServerC with n = 2. ServerA would have a calculated capacity of 3/(3+1+2), or half of all active connections on the virtual server, ServerB would have a calculated capacity of one-sixth of all active connections, and ServerC one-third of all active connections. At any point in time, the next connection to the virtual server would be assigned to the real server whose number of active connections is farthest below its calculated capacity.


Note Assigning a weight of n = 1 to all of the servers in the server farm configures the Cisco IOS SLB device to use a simple least-connection algorithm.

GTP load balancing without GTP cause code inspection enabled does not support the weighted least connections algorithm.

GTP load balancing with GTP cause code inspection does support the weighted least connections algorithm.


Dynamic Feedback Protocol for Cisco IOS SLB

In GTP load balancing, Cisco IOS SLB detects when a PDP context is established, but it does not detect when PDP contexts are cleared, and therefore it cannot determine the number of open PDP contexts for each GGSN. Use the Cisco IOS SLB DFP to calculate GPRS/UMTS load-balancing weights dynamically.

With Cisco IOS SLB DFP support, a DFP manager in a load-balancing environment can initiate a TCP connection with a DFP agent. Thereafter, the DFP agent collects status information from one or more real host servers, converts the information to relative weights, and reports the weights to the DFP manager. The DFP manager factors in the weights when load balancing the real servers. In addition to reporting at user-defined intervals, the DFP agent sends an early report if there is a sudden change in a real server's status.

The weights calculated by DFP override the static weights you define using the weight (server farm) command. If DFP is removed from the network, Cisco IOS SLB reverts to the static weights.

You can define Cisco IOS SLB as a DFP manager, as a DFP agent for another DFP manager (such as DistributedDirector), or as both at the same time. In such a configuration, Cisco IOS SLB sends periodic reports to DistributedDirector, which uses the information to choose the best server farm for each new connection request. Cisco IOS SLB then uses the same information to choose the best real server within the chosen server farm.

DFP also supports the use of multiple DFP agents from different client subsystems (such as Cisco IOS SLB and GPRS/UMTS) at the same time.

In GTP load balancing, you can define Cisco IOS SLB as a DFP manager and define a DFP agent on each GGSN in the server farm, and the DFP agent can report the weights of the GGSNs. The DFP agents calculate the weight of each GGSN, based on CPU utilization, processor memory, and the maximum number of PDP contexts (mobile sessions) that can be activated for each GGSN.

The weight for each GGSN is based primarily on the ratio of existing PDP contexts on the GGSN and the maximum number of allowed PDP contexts. CPU and memory utilization become part of the weight calculation only after the utilization exceeds 85%. Because the maximum number of allowed PDP contexts is considered to be the GGSNs maximum load, you should carefully consider the value that you configure in the gprs maximum-pdp-context-allowed command, which defaults to 10,000 PDP contexts.

GTP IMSI Sticky Database

Cisco IOS SLB can select a GGSN for a given International Mobile Subscriber ID (IMSI), and forward all subsequent Packet Data Protocol (PDP) create requests from the same IMSI to the selected GGSN.

To enable this feature, IOS SLB uses a GTP IMSI sticky database, which maps each IMSI to its corresponding real server, in addition to its session database.

The Cisco IOS SLB creates a sticky database object when it processes the first Create PDP Context request for a given IMSI. The Cisco IOS SLB removes the sticky object when it receives a notification to do so from the real server, or as a result of inactivity. When the last PDP belonging to an IMSI is deleted on the GGSN, the GGSN notifies Cisco IOS SLB to remove the sticky object.

GTP SLB Restrictions

The following restrictions apply when configuring GTP load balancing:

For GTP load balancing without GTP cause code inspection enabled:

Operates in either dispatched mode or directed server NAT mode only

Cannot load balance network-initiated PDP context requests

Does not support the following Cisco IOS SLB functions:

- Bind IDs

- Client-assigned load balancing

- Slow Start

- Stateful backup (not supported on the Catalyst 6500/Cisco 7600 platform)

- Weighted least connections load-balancing algorithm

For GTP load balancing with GTP cause code inspection enabled:

Operates in directed server NAT mode only

Cannot load-balance network-initiated PDP context requests

Requires either the SGSN or the GGSN to echo its peer

Inbound and outbound traffic should be routed via Cisco IOS SLB

Does not support the following Cisco IOS SLB functions:

- Bind IDs

- Client-assigned load balancing

- Slow Start

- Sticky connections

Configuring GTP Load Balancing

This section includes the following topics:

GTP Load Balancing Configuration Task List

Configuration Guidelines

GTP Load Balancing Configuration Task List

This section lists the tasks used to configure GTP load balancing. Detailed configuration information is contained in the referenced sections of this document or other documents. Required and optional tasks are indicated.

1. On the Cisco IOS SLB, complete the following tasks:

a. Configuring a Server Farm and Real Server (Required)

b. Configuring a Virtual Server (Required)

c. Configuring a GSN Idle Timer (Optional if GTP cause code inspection is enabled)

d. Configuring DFP Support (Optional, but recommended)

2. On the GGSN, complete the following tasks:

a. Configuring a Loopback Interface for GTP SLB (Required)

b. Configuring DFP Support on the GGSN (Optional, but recommended)

3. Routing each GGSN to each associated serving GPRS support node (SGSN) (Required)

The route can be static or dynamic but the GGSN needs to be able to reach the SGSN. For more information, see the "Configuring a Route to the SGSN" section on page 7-5.

4. On the SGSN, route each SGSN to the virtual templates on each associated GGSN, and to the GGSN load-balancing virtual server (Required)

5. Configuring Messaging from the GGSN to the Cisco IOS SLB (Optional)

6. Configuring GTP IMSI

Configuration Guidelines

When configuring the network shared by Cisco IOS SLB and the GGSNs, keep the following considerations in mind:

Specify static routes (using ip route commands) and real server IP addresses (using real commands) so that the Layer 2 information is correct and unambiguous.

Configure the static route from the SGSN to the virtual server.

Choose subnets carefully, using one of the following methods:

Do not overlap virtual template address subnets.

Specify next-hop addresses to real servers, not to interfaces on those servers.

Cisco IOS SLB supports two types of GTP load balancing:

GTP Load Balancing Without GTP Cause Code Inspection

GTP Load Balancing With GTP Cause Code Inspection

Cisco IOS SLB supports both GTP v0 and GTP v1. Support for GTP enables Cisco IOS SLB to become "GTP aware," extending Cisco IOS SLB's knowledge into Layer 5.

On the Catalyst 6500/Cisco 7600 platform, the following apply:

Multiple GGSN virtual farms are supported.

Load balanced real servers can be internal or external to the Catalyst 6500/Cisco 7600 chassis.

Each GGSN virtual farm must have one unique public IP address that is reachable from the SGSNs.

Each virtual farm can correspond to one or more APNs.

The DNS server used by the SGSNs to resolve the APNs to a GGSN IP address should use the GGSN virtual IP address.

Configuring the Cisco IOS SLB for GTP Load Balancing

To configure GTP load balancing, you must complete the following tasks on the Cisco IOS SLB:

Configuring a Server Farm and Real Server (Required)

Configuring a Virtual Server (Required)

Configuring a GSN Idle Timer (Optional)

Configuring DFP Support (Optional, but recommended)

Configuring a Server Farm and Real Server

When you configure the server farm and real server on the Cisco IOS SLB for GTP load balancing, use the following guidelines to ensure proper configuration:

If GTP cause code inspection is not enabled, accept the default setting (the weighted round-robin algorithm) for the predictor command.

If GTP cause code inspection is enabled, you can specify either the weighted round-robin algorithm (roundrobin) or the weighted least connections (leastconns) algorithm.

Specify the IP addresses (virtual template addresses, for Cisco GGSNs) of the real servers performing the GGSN function, using the real command.

Specify a reassign threshold less than the SGSN's N3-REQUESTS counter value by using the reassign command.

To configure a Cisco IOS SLB server farm, use the following commands, beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router-SLB(config)# ip slb serverfarm 
serverfarm-name
Router(config-slb-sfarm)#

Adds a server farm definition to the Cisco IOS SLB configuration, and enters server farm configuration mode.

Step 2 

Router-SLB(config-slb-sfarm)# predictor [roundrobin 
| leastconns]

Specifies the algorithm to be used to determine how a real server is selected.


Note In GTP load balancing without GTP cause code inspection enabled, you must accept the default setting (the weighted round-robin algorithm).


See the following sections for more details about each algorithm:

Weighted Round-Robin

Weighted Least Connections

Step 3 

Router-SLB(config-slb-sfarm)# nat server

(Required if GTP cause code inspection is enabled; optional for GTP load balancing without cause code inspection enabled) Configures NAT server address translation mode on the server farm.

Step 4 

Router-SLB(config-slb-sfarm)# real ip-address [port]

Identifies a real GGSN as a member of a server farm, using the IP address of the GGSN's virtual template interface, and enters real server configuration mode.

Step 5 

Router-SLB(config-slb-real)# faildetect numconns 
number-conns [numclients number-clients]

(Optional) Specifies the number of consecutive connection failures and, optionally, the number of unique client connection failures, that constitute failure of the real server.

Step 6 

Router-SLB(config-slb-real)# maxconns number-conns

(Optional) Specifies the maximum number of active connections allowed on the real server at one time.


Note In GTP load balancing without cause code inspection enabled, the impact of this command is minimal because a session will last no longer than the duration specified with the ip gtp request command.


Step 7 

Router-SLB(config-slb-real)# reassign threshold

(Optional) Specifies the threshold of consecutive unacknowledged synchronizations or Create PDP Context requests that, if exceeded, results in an attempted connection to a different real server.

Step 8 

Router-SLB(config-slb-real)# retry retry-value

(Optional) Specifies the interval, in seconds, to wait between the detection of a server failure and the next attempt to connect to the failed server.

Step 9 

Router-SLB(config-slb-real)# weight weighting-value

(Optional) Specifies the real server's workload capacity relative to other servers in the server farm.


Note If you use DFP, the static weights you define using the weight (server farm) command are overridden by the weights calculated by DFP. If DFP is removed from the network, Cisco IOS SLB reverts to the static weights.


Step 10 

Router-SLB(config-slb-real)# inservice

Enables the real server for use by Cisco IOS SLB.

Configuring a Virtual Server

When you configure the virtual server on the Cisco IOS SLB for GTP load balancing, use the following guidelines to ensure proper configuration:

Configure a static route from the SGSN to the virtual server.

Specify a virtual GGSN IP address as the virtual server, and use the udp keyword option.

To load-balance GTP v1 sessions, specify port number 2123, if the GGSNs and SGSNs are in compliance with the ETSI standard, or specify port number 0 or any to configure an all-port virtual server (that is, a virtual server that accepts flows destined for all ports).

To load-balance GTP v0 sessions, specify port number 3386, if the GGSNs and SGSNs are in compliance with the European Telecommunications Standards Institute (ETSI) standard, or specify port number 0 or any to configure an all-port virtual server.

To enable GTP load balancing without GTP cause code inspection, specify the service gtp keyword option.

To enable GTP load balancing with GTP cause code inspection, specify the service gtp-inspect keyword option.

In GTP load balancing without GTP cause code inspection enabled, when you configure the GTP idle timer using the idle command, specify a GTP idle timer greater than the longest possible interval between PDP context requests on the SGSN.

To configure an Cisco IOS SLB virtual server, use the following commands, beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router-SLB(config)# ip slb vserver 
virtual_server-name

Identifies a virtual server, and enters virtual server configuration mode.

Step 2 

Router-SLB(config-slb-vserver)# virtual ip-addr 
[netmask [group]] {esp gre protocol}

or

Router(config-slb-vserver)# virtual ip-addr 
[netmask [group]] {tcp udp} [port any] 
[service service]

Specifies the virtual server IP address, type of connection, and optional TCP or UDP port number, Internet Key Exchange (IKE) Internet Security Association and Key Management Protocol (ISAKMP) or Wireless Session Protocol (WSP) setting, and service coupling.

Note For GTP load balancing:

Specify a virtual GGSN IP address as the virtual server, and specify the udp keyword option.

To load-balance GTP v1 sessions, specify port number 2123, if the GGSNs and SGSNs are in compliance with the ETSI standard, or specify port number 0 or any to configure an all-port virtual server (that is, a virtual server that accepts flows destined for all ports).

To load-balance GTP v0 sessions, specify port number 3386, if the GGSNs and SGSNs are in compliance with the ETSI standard, or specify port number 0 or any to configure an all-port virtual server.

To enable GTP load balancing without GTP cause code inspection, specify the service gtp keyword option.

To enable GTP load balancing with GTP cause code inspection, specify the service gtp-inspect keyword option.

Step 3 

Router-SLB(config-slb-vserver)# serverfarm 
primary-farm [backup backup-farm]

Associates a real server farm with a virtual server, or configures a backup server farm.

Step 4 

Router-SLB(config-slb-vserver)# idle [gtp request] 
duration

(Optional) Specifies the minimum amount of time that Cisco IOS SLB maintains connection context in the absence of packet activity.

The idle command specified without the gtp request keyword option controls the GTP idle timer for GTP load balancing without cause code inspection enable. The idle gtp request command controls the GTP idle timer for both GTP load balancing without cause code inspection enabled and for GTP load balancing with cause code inspection enabled. The idle gtp request is the recommended configuration.


Note In GTP load balancing without GTP cause code inspection enabled, specify a GTP idle timer greater than the longest possible interval between PDP context requests on the SGSN.


Step 5 

Router-SLB(config-slb-vserver)# inservice

Enables the virtual server for use by Cisco IOS SLB.

Step 6 

Router-SLB(config-slb-vserver)# client {ip-address 
network-mask [exclude] | gtp carrier-code [code]}

(Optional) Specifies which clients are allowed to use the virtual server.


Note GTP load balancing supports only the gtp carrier-code option, and only if GTP cause code inspection is enabled.


Step 7 

Router-SLB(config-slb-vserver)# replicate casa 
listen-ip remote-ip port [interval] [password [0 | 
7] password timeout]

(Optional) Configures a stateful backup of Cisco IOS SLB decision tables to a backup switch.


Note GTP load balancing without GTP cause code inspection enabled does not support this command.


Configuring a GSN Idle Timer

When GTP cause code inspection is enabled, you can configure the amount of time that the Cisco IOS SLB will maintain sessions to and from and idle GGSN or SGSN.

To configure a GSN idle timer, enter the following command in global configuration mode on the Cisco IOS SLB:

Command
Purpose
Router-SLB(config)# ip slb timers gtp gsn duration

Changes the amount of time that Cisco IOS SLB maintains sessions to and from an idle GGSN or SGSN.


Configuring DFP Support

You can define Cisco IOS SLB as a DFP manager, as a DFP agent for another DFP manager (such as DistributedDirector), or as both at the same time. Depending on your network configuration, you might enter the commands for configuring Cisco IOS SLB as a DFP manager and the commands for configuring Cisco IOS SLB as a DFP agent on the same device or on different devices.

To configure Cisco IOS SLB as a DFP manager, and to identify a DFP agent with which Cisco IOS SLB can initiate connections, use the following commands, beginning in global configuration mode:

 
Command
Description

Step 1 

Router-SLB(config)# ip slb dfp [password [0|7] 
password [timeout]]

Configures DFP, supplies an optional password, and enters DFP configuration mode.

Step 2 

Router-SLB(config-slb-dfp)# agent ip_address 
port-number [timeout [retry_count [retry_interval]]]

Identifies a DFP agent to which Cisco IOS SLB can connect.

Configuring the GGSN for GTP Load Balancing

To configure GTP load balancing on the GGSN, complete the tasks in the following sections:

Configuring a Loopback Interface for GTP SLB (Required if using dispatched mode without GTP cause code inspection enabled)

Configuring DFP Support on the GGSN (Optional, but recommended)

Configuring a Loopback Interface for GTP SLB

To enable GTP load balancing, a loopback interface must be configured with the same IP address as the virtual server on the Cisco IOS SLB on each GGSN in a farm.

To create a loopback interface, use the following commands, beginning in global configuration mode:

 
Command
Description

Step 1 

Router-GGSN(config)# interface loopback number

Creates a loopback interface. A loopback interface is a virtual interface that is always up.

Step 2 

Router-GGSN(config-if)# ip address ip-address mask 

Assigns an IP address to the loopback interface.

Configuring DFP Support on the GGSN

To configure DFP support for GTP SLB, you must complete the following tasks:

Configuring the GGSN as a DFP Agent

Configuring the Maximum DFP Weight for a GGSN

Configuring the Maximum Number of PDP Contexts for a GGSN

Configuring the GGSN as a DFP Agent

For complete information on configuring a DFP agent, refer to the DFP Agent Subsystem feature module.

To define the port number to be used by the DFP manager (the Cisco IOS SLB in this instance) to connect to the DFP agent , enter the following commands in order, beginning in global configuration mode:

 
Command
Description

Step 1 

Router-GGSN(config)# ip dfp agent gprs

Identifies a DFP agent subsystem and initiates DFP agent configuration mode.

Step 2 

Router-GGSNconfig-dfp)# interval seconds 

(Optional) Configures a DFP agent weight recalculation interval.

Step 3 

Router-GGSN(config-dfp)# password [0|7] password 
[timeout] 

Optional) Configures a DFP agent password for MD5 authentication.

Step 4 

Router-GGSN(config-dfp)# port port-number 

Defines the port number to be used by the DFP manager to connect to the DFP agent.

Step 5 

Router-GGSN(config-dfp)# inservice 

Enables the DFP agent for communication with a DFP manager. A DFP agent is inactive until both of the following conditions are met:

The DFP agent has been enabled using the inservice (DFP agent) command.

The client subsystem has changed the DFP agent's state to ACTIVE.

Configuring the Maximum DFP Weight for a GGSN

If you use DFP with GTP load balancing, each GGSN that acts as a DFP agent has a maximum weight that it can send to a DFP manager. For each GGSN, you can accept the default maximum weight, or you can specify a different maximum weight.

To specify the maximum weight for a GGSN, use the following command in global configuration mode on the GGSN:

Command
Purpose
Router-GGSN(config)# gprs dfp max-weight 
[max-weight-value]

Specifies the maximum weight of a GGSN that is acting as a DFP agent.


Configuring the Maximum Number of PDP Contexts for a GGSN

If you use DFP with GTP load balancing, you must specify a maximum number of PDP contexts for each GGSN, using the gprs maximum-pdp-context-allowed command. Do not accept the default value of 10000 PDP contexts. Significantly lower values, including the default value of 10,000, can impact capacity in a GPRS/UMTS load-balancing environment.


Note DFP weighs PPP PDPs against IP PDPs, with one PPP PDP equal to 8 IP PDPs. Therefore, when using DFP, be aware that the configured maximum number of PDP contexts affects the GGSN weight. The lower the maximum number of PDP contexts, the lower the weight, when all other parameters remain the same.


To configure a maximum number of PDP contexts for a GGSN, use the following command in global configuration mode on the GGSN:

Command
Purpose
Router-GGSN(config)# gprs maximum-pdp-context-allowed 
[pdp-contexts]

Specifies the maximum number of PDP contexts (mobile sessions) that can be activated on the GGSN.


Configuring Messaging from the GGSN to the Cisco IOS SLB

The GGSN-IOS SLB messaging feature enables you to configure the GGSN to notify the Cisco IOS SLB when a certain condition exists that affects a session forwarded by the Cisco IOS SLB. The notification also instructs the Cisco IOS SLB on how to react to the condition.

There are two types of GGSN-IOS SLB notifications that can be configured using the gprs slb notify command—CAC failure notifications and delete notifications (for GTP IMSI sticky database support). The following sections describe how to configure each of them:

Configuring Support for GGSN-IOS SLB Messaging CAC Failure Notifications

Configuring Support for GGSN-IOS SLB Messaging Delete Notifications (GTP IMSI Sticky Database Support)

Configuring Support for GGSN-IOS SLB Messaging CAC Failure Notifications

The GGSN can be configured to notify the Cisco IOS SLB when a UMTS QoS CAC failure has caused a Create PDP Context request to be rejected.

CAC failure notifications sent by the GGSN include the following information elements (IEs):

Type—Notification type (reassign).

Session identifier—Session key on the Cisco IOS SLB that identifies the session to which a notification belongs.

Create response—Create response that the GGSN would send to the SGSN when a failure occurred. If there is not an alternate GGSN available to which to reassign the session, or if the maximum number of reassign attempts has been exceeded, the Cisco IOS SLB relays this information to the SGSN.

The way you configure support for CAC failure notifications depends on whether the Cisco IOS SLB is operating in dispatched mode or directed server NAT mode. For information on each procedure, see the following sections:

Configuring CAC Failure Notification Support when the Cisco IOS SLB is in Dispatched Mode

Configuring CAC Failure Notification Support when the Cisco IOS SLB is in Directed Server NAT Mode

Configuring CAC Failure Notification Support when the Cisco IOS SLB is in Dispatched Mode

If the Cisco IOS SLB is functioning in dispatched mode, the virtual server that forwarded the Create PDP Context request to the GGSN is known to the GGSN, and the GGSN can send CAC failure notifications directly to the server.

To configure the GGSN to send CAC failure notifications to the Cisco IOS SLB when the Cisco IOS SLB is in dispatched mode, use the following command in global configuration mode:

 
Command
Description

Step 1 

Router-GGSN(config)# gprs slb mode dispatched

Defines dispatched as the Cisco IOS SLB operation mode for GGSN-IOS SLB messaging.

Note The default is dispatched mode.

Step 2 

Router-GGSN(config)# gprs slb notify cac-failure

Enables the GGSN to notify the Cisco IOS SLB when a UMTS QoS CAC failure has caused a Create PDP Context request to be rejected.

To enable CAC failure notification support on the Cisco IOS SLB, use the following command in virtual server mode:

Command
Purpose
Router-SLB(config-slb-vserver)# gtp notification cac 
count

Enables support of GGSN-IOS SLB messaging CAC failure notifications and configures the maximum number of times a rejected Create PDP Context can be reassigned to a new real GGSN. The default is 2 (which is 3 real selections per session, including the initial send).


Configuring CAC Failure Notification Support when the Cisco IOS SLB is in Directed Server NAT Mode

If the Cisco IOS SLB is functioning in directed server NAT mode, the virtual server is not known to the GGSN. Therefore, in addition to configuring the GGSN to send CAC failure notifications to the Cisco IOS SLB, a list of virtual servers must be defined on the GGSN using the gprs slb vserver global configuration command, and the Cisco IOS SLB mode of operation must be defined using the gprs slb mode global configuration command.


Note If the Cisco IOS SLB operation mode and virtual servers are not defined on the GGSN when the Cisco IOS SLB is functioning in directed server NAT mode, support for CAC failure notification is not enabled, even if the gprs slb notify cac-failure and gtp notification cac commands are configured.


To enable the GGSN to send CAC failure notifications to the Cisco IOS SLB when the Cisco IOS SLB is in directed server NAT mode, use the following commands while in global configuration mode:

 
Command
Description

Step 1 

Router-GGSN(config)# gprs slb mode directed

Defines directed server NAT as the Cisco IOS SLB operation mode for GGSN-IOS SLB messaging.

Note The default is dispatched mode.

Step 2 

Router-GGSN(config)# gprs slb notify cac-failure

Enables the GGSN to notify the Cisco IOS SLB when a UMTS QoS CAC failure has caused a Create PDP Context request to be rejected.

Step 3 

Router-GGSN(config)# gprs slb vserver ip_address 
[next-hop ip ip-address [vrf name]]

Configures the Cisco IOS SLB virtual server(s) to be notified by a GGSN when the condition defined using the gprs slb notify command occurs.

Optionally, also configures the IP address of the next-hop that can be used to reach the virtual server and specifies the VPN routing and forwarding instance.

To enable CAC failure notification support on the Cisco IOS SLB, use the following command in virtual server mode:

Command
Purpose
Router-SLB(config-slb-vserver)# gtp notification cac 
count

Enables support of GGSN-IOS SLB messaging CAC failure notifications and configures the maximum number of times a rejected Create PDP Context can be reassigned to a new real GGSN. The default is 2 (including the initial send, 3 real selections per session).


Configuring Support for GGSN-IOS SLB Messaging Delete Notifications (GTP IMSI Sticky Database Support)

When support for delete notifications is configured on the GGSN and the Cisco IOS SLB, a sticky database entry is created on the Cisco IOS SLB when the first Create PDP Context request from a subscriber is received. When the last PDP context of that IMSI is deleted on the GGSN, the GGSN sends a delete notification to the Cisco IOS SLB that instructs the Cisco IOS SLB to remove the sticky entry from the database.


Note This configuration requires that the virtual virtual server configuration command be configured with the service gtp keywords specified.



Note If the sticky gtp imsi command is configured under multiple vservers, the group number configuration facilitate sharing of the sticky object in the event the same MS connects through different vservers. All vservers that have the same sticky group number share the sticky IMSI entry for a user.


To configure the GGSN to send a delete notification to the Cisco IOS SLB when the last PDP context of an IMSI is deleted on the GGSN, complete the following tasks while in global configuration mode:

 
Command
Description

Step 1 

Router-GGSN(config)# gprs slb mode {dispatched | 
directed}

Defines the Cisco IOS SLB operation mode for GGSN-IOS SLB messaging. The default is dispatched mode.

Step 2 

Router-GGSN(config)# gprs slb notify session-deletion

Configures the GGSN to send a delete notification message to the Cisco IOS SLB when the last PDP context associated with an IMSI is deleted.

Step 3 

Router-GGSN(config)# gprs slb vservers ip_address 
[next-hop ip ip-address [vrf name]]

Configures the Cisco IOS SLB virtual server(s) to be notified by a GGSN when the condition defined using the gprs slb notify command occurs.

Optionally, also configures the IP address of the next-hop that can be used to reach the virtual server and specifies the VPN routing and forwarding instance.

To configure GTP IMSI sticky database support on the Cisco IOS SLB, complete the following task while in virtual server configuration mode:

Command
Purpose
Router-SLB(config-slb-vserver)# sticky gtp imsi [group 
number]

Enables Cisco IOS SLB to load-balance GTP Create PDP Context requests to the same real server that processed all previous create requests for a given IMSI.


Verifying the Cisco IOS SLB Configuration

This section describes how to verify the Cisco IOS SLB configuration. It includes the following topics:

Verifying the Virtual Server

Verifying the Server Farm

Verifying Cisco IOS SLB Connectivity

Verifying the Virtual Server

The following show ip slb vserver command verifies the configuration of the virtual servers PUBLIC_HTTP and RESTRICTED_HTTP:

Router-SLB# show ip slb vserver

slb vserver      prot  virtual               state         conns
-------------------------------------------------------------------
PUBLIC_HTTP      TCP   10.0.0.1:80           OPERATIONAL     0
RESTRICTED_HTTP  TCP   10.0.0.2:80           OPERATIONAL     0
IOSSLB#

Verifying the Server Farm

The following show ip slb reals command displays the status of server farms PUBLIC and RESTRICTED, the associated real servers, and their status:

Router-SLB# show ip slb real

real                    farm name        weight   state          conns
---------------------------------------------------------------------
10.1.1.1                 PUBLIC           8       OPERATIONAL      0
10.1.1.2                 PUBLIC           8       OPERATIONAL      0
10.1.1.3                 PUBLIC           8       OPERATIONAL      0
10.1.1.20                RESTRICTED       8       OPERATIONAL      0
10.1.1.21                RESTRICTED       8       OPERATIONAL      0
IOSSLB#

The following show ip slb serverfarm command displays the configuration and status of server farms PUBLIC and RESTRICTED:

Router-SLB# show ip slb serverfarm

server farm      predictor    nat   reals   bind id
---------------------------------------------------
PUBLIC           ROUNDROBIN   none  3       0
RESTRICTED       ROUNDROBIN   none  2       0
IOSSLB#

Verifying Cisco IOS SLB Connectivity

To verify that the Cisco IOS SLB feature has been installed and is operating correctly, ping the real servers from the Cisco IOS SLB switch, and then ping the virtual servers from the clients.

The following show ip slb stats command displays detailed information about the Cisco IOS SLB 
network status:

Router-SLB# show ip slb stats
Pkts via normal switching:    0
Pkts via special switching:   0
Pkts via slb routing:         0
Pkts Dropped:                 0
Connections Created:          0
Connections Established:      0
Connections Destroyed:        0
Connections Reassigned:       0
Zombie Count:                 0
Connections Reused:           0
Connection Flowcache Purges:  0
Failed Connection Allocs:     0
Failed Real Assignments:      0
RADIUS framed-ip Sticky Count:0
RADIUS username Sticky Count: 0

See the "Monitoring and Maintaining the Cisco IOS SLB Feature" section for additional commands used to verify Cisco IOS SLB networks and connections.

Monitoring and Maintaining the Cisco IOS SLB Feature

To clear, obtain, and display GTP SLB information on the GGSN, use the following commands in privileged EXEC mode:

Command
Purpose
Router-GGSN# clear gprs slb statistics

Clears Cisco IOS SLB statistics.

Router-GGSN# show gprs slb detail

Displays all Cisco IOS SLB-related information, such as operation mode, virtual server addresses for GGSN-IOS SLB messaging, SLB notifications, and statistics.

Router-GGSN# show gprs slb mode

Displays the Cisco IOS SLB mode of operation.

Router-GGSN# show gprs slb statistics

Displays Cisco IOS SLB statistics.

Router-GGSN# show gprs slb vservers

Displays a list of defined Cisco IOS SLB virtual servers for GGSN-IOS SLB messaging.


To obtain and display information about the GTP SLB on the Cisco IOS SLB, use the following commands in privileged EXEC mode on the Cisco IOS SLB:

Command
Purpose
Router-SLB# show ip slb conns [vserver virtual_server-name | 
client ip-address | firewall firewallfarm-name] [detail]

Displays all connections handled by Cisco IOS SLB, or, optionally, only the connections associated with a particular virtual server or client.

Router-SLB# show ip slb dfp [agent agent_ip_address 
port-number | manager manager_ip_address | detail | weights]

Displays information about DFP and DFP agents, and about the weights assigned to real servers.

Router-SLB# show ip slb gtp {gsn [gsn-ip-address] | nsapi 
[nsapi-key] [detail]

Displays Cisco IOS SLB GTP information when GTP load balancing with cause code inspection is enabled.

Router-SLB# show ip slb reals [sfarm server-farm] [detail]

Displays information about the real servers defined to Cisco IOS SLB.

Router-SLB# show ip slb replicate

Displays information about the Cisco IOS SLB replication configuration.

Router-SLB# show ip slb serverfarms [name serverfarm-name] 
[detail]

Displays information about the server farms defined to Cisco IOS SLB.

Router-SLB show ip slb sessions [gtp gtp-inspect radius] 
[vserver virtual-server] [client ip-addr netmask] [detail]

Displays information about sessions handled by Cisco IOS SLB.


Note With GTP load balancing without cause code inspection, a session lasts no longer than the duration of the virtual server GTP idler time specified using the idle gtp request command.


Router=SLB# show ip slb stats

Displays Cisco IOS SLB statistics.

Router-SLB# show ip slb sticky gtp imsi [id imsi] 

Displays only entries of the Cisco IOS SLB sticky database associated with the Cisco IOS SLB GTP IMSI sticky database, and shows all of the Network Service Access Point Identifiers (NSAPIs) that the user has used as primary PDPs.

Optionally, displays only those sticky database entries associated with the specified IMSI.

Router-SLB# show ip slb vserver [name virtual_server] 
[redirect] [detail]

Displays information about the virtual servers defined to Cisco IOS SLB.


Configuration Examples

This section provides real-world examples of the GGSN Cisco IOS SLB examples. For complete descriptions of the GGSN commands in this section, refer to the Cisco GGSN Release 6.0 Command Reference. For complete descriptions of the Cisco IOS SLB commands in this section, refer to the IOS Server Load Balancing feature module documentation.

This section includes the following information:

Cisco 7200 Platform Configuration Examples

Catalyst 6500/Cisco 7600 Platform Configuration Example

Cisco 7200 Platform Configuration Examples

This section includes the following examples:

Cisco IOS SLB with GTP Load Balancing Configuration Example

Cisco IOS SLB with GTP Load Balancing and NAT Example

Cisco IOS SLB with GTP Load Balancing, NAT, and GTP Cause Code Inspection Example

Cisco IOS SLB with GTP Load Balancing Configuration Example

Figure 12-2 shows a typical GTP load-balancing configuration without GTP cause code inspection enabled. In this configuration:

Cisco IOS SLB can balance GTP flows across multiple real GGSNs. The SGSN "sees" the real GGSNs as a single virtual GGSN. This configuration increases the flow-handling capability of the real GGSNs and increases the reliability and availability.

The IP address of the SGSN is 10.111.111.111.

The virtual template address of GGSN1 is 192.168.1.1.

The virtual template address of GGSN2 is 192.168.2.2.

The virtual template address of GGSN3 is 192.168.3.3.

Figure 12-2 Cisco IOS SLB with GTP Load Balancing on a Cisco 7200 Series Router Platform

Following are the configuration statements for the configuration shown in Figure 12-2:

Cisco IOS SLB Configuration Statements

GGSN1 Configuration Statements

GGSN2 Configuration Statements

GGSN3 Configuration Statements

Detailed GGSN configuration examples are available throughout this book.

Cisco IOS SLB Configuration Statements

hostname GTP_SLB
!
ip domain-name gprs.com
!
ip slb serverfarm GPRS
 real 192.168.1.1
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.2.2
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.3.3
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
ip slb vserver FOR_GPRS
 virtual 10.10.10.10 udp 3386 service gtp
 serverfarm GPRS
 inservice
!
ip slb dfp password Cookies 0
 agent 10.1.1.201 1111 30 0 10
 agent 10.1.1.202 1111 30 0 10
 agent 10.1.1.203 1111 30 0 10
!
interface FastEthernet1/0
 description TO SERVERFARM GPRS
 ip address 10.1.1.100 255.255.255.0
 no ip redirects
 duplex half
!
interface FastEthernet3/0
 description TO SGSN
 ip address 10.2.1.100 255.255.255.0
 no ip mroute-cache
 duplex half
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
ip route 192.168.1.1 255.255.255.255 10.1.1.201
ip route 192.168.2.2 255.255.255.255 10.1.1.202
ip route 192.168.3.3 255.255.255.255 10.1.1.203

GGSN1 Configuration Statements

service gprs ggsn
!
hostname GGSN1
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface loopback 1
 description LOOPBACK SAME AS IOS SLB VSERVER ADDRESS
 ip address 10.10.10.10 255.255.255.255
 no ip mroute-cache
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.201 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.1.1 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!
gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!
gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

GGSN2 Configuration Statements

service gprs ggsn
!
hostname GGSN2
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface loopback 1
 description LOOPBACK SAME AS IOS SLB VSERVER ADDRESS
 ip address 10.10.10.10 255.255.255.255
 no ip mroute-cache
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.202 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.2.2 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!
gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!
gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

GGSN3 Configuration Statements

service gprs ggsn
!
hostname GGSN3
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface loopback 1
 description LOOPBACK SAME AS IOS SLB VSERVER ADDRESS
 ip address 10.10.10.10 255.255.255.255
 no ip mroute-cache
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.203 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.3.3 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!

gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!
gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

Cisco IOS SLB with GTP Load Balancing and NAT Example

The following example uses the same basic configuration as in the "Cisco IOS SLB with GTP Load Balancing Configuration Example" section, including the network shown in Figure 12-2, but with the addition of NAT:

Cisco IOS SLB Configuration Statements

GGSN1 Configuration Statements

GGSN2 Configuration Statements

GGSN3 Configuration Statements

Cisco IOS SLB Configuration Statements

hostname GTP_SLB
!
ip domain-name gprs.com
!
ip slb serverfarm GPRS
 nat server
 real 192.168.1.1
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.2.2
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.3.3
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
ip slb vserver FOR_GPRS
 virtual 10.10.10.10 udp 3386 service gtp
 serverfarm GPRS
 inservice
!
ip slb dfp password Cookies 0
 agent 10.1.1.201 1111 30 0 10
 agent 10.1.1.202 1111 30 0 10
 agent 10.1.1.203 1111 30 0 10
!
interface FastEthernet1/0
 description TO SERVERFARM GPRS
 ip address 10.1.1.100 255.255.255.0
 no ip redirects
 duplex half
!
interface FastEthernet3/0
 description TO SGSN
 ip address 10.2.1.100 255.255.255.0
 no ip mroute-cache
 duplex half
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
ip route 192.168.1.1 255.255.255.255 10.1.1.201
ip route 192.168.2.2 255.255.255.255 10.1.1.202
ip route 192.168.3.3 255.255.255.255 10.1.1.203

GGSN1 Configuration Statements

service gprs ggsn
!
hostname GGSN1
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.201 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.1.1 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!
gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!



gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

GGSN2 Configuration Statements

service gprs ggsn
!
hostname GGSN2
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.202 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.2.2 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!
gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!
gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

GGSN3 Configuration Statements

service gprs ggsn
!
hostname GGSN3
!
ip cef
!
ip dfp agent gprs
 port 1111
 password Cookies 0
 inservice
!
ip domain-name gprs.com
!
interface FastEthernet1/0
 description TO SLB
 ip address 10.1.1.203 255.255.255.0
 ip directed-broadcast
 no ip mroute-cache
 duplex half
!
interface Virtual-Template1
 description GTP VIRTUAL TEMPLATE
 ip address 192.168.3.3 255.255.255.0
 encapsulation gtp
 gprs access-point-list gprs1
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
!
gprs access-point-list gprs1
  access-point 1
   access-point-name gprs.company.com
   access-mode non-transparent
   ip-address-pool dhcp-proxy-client
   dhcp-server 10.100.0.5 10.100.0.6
   dhcp-gateway-address 10.27.3.1
   exit
!
gprs maximum-pdp-context-allowed 45000
gprs qos map canonical-qos
gprs gtp path-echo-interval 0
gprs dfp max-weight 32

Cisco IOS SLB with GTP Load Balancing, NAT, and GTP Cause Code Inspection Example

The following example uses the same basic configuration as in the "Cisco IOS SLB with GTP Load Balancing and NAT Example" section, including the network shown in Figure 12-2, but with the GTP cause code inspection enabled. In this configuration:

The GSN idle timer is set to 20 seconds.

The GTP request idle timer is set to 15 seconds.

The virtual server accepts PDP context creates only from international mobile subscriber identities (IMSIs) with carrier code mcc 222 mnc 22.

Following are the configuration statements for the configuration shown in Figure 12-2, with the addition of NAT and GTP cause code inspection support:

Cisco IOS SLB Configuration Statements

GGSN1 Configuration Statements (no change for GTP cause code inspection)

GGSN2 Configuration Statements (no change for GTP cause code inspection)

GGSN3 Configuration Statements (no change for GTP cause code inspection)

Cisco IOS SLB Configuration Statements

hostname GTP_SLB
!
ip domain-name gprs.com
!
ip slb timers gtp gsn 90
!
ip slb serverfarm GPRS
 nat server
 real 192.168.1.1
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.2.2
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
 real 192.168.3.3
  weight 1
  faildetect numconns 255 numclients 8
  inservice
!
ip slb vserver FOR_GPRS
 virtual 10.10.10.10 udp 0 service gtp-inspect
 client gtp carrier-code mcc 222 mnc 22
 serverfarm GPRS
 inservice
!
ip slb dfp password Cookies 0
 agent 10.1.1.201 1111 30 0 10
 agent 10.1.1.202 1111 30 0 10
 agent 10.1.1.203 1111 30 0 10
!
interface FastEthernet1/0
 description TO SERVERFARM GPRS
 ip address 10.1.1.100 255.255.255.0
 no ip redirects
 duplex half
!
interface FastEthernet3/0
 description TO SGSN
 ip address 10.2.1.100 255.255.255.0
 no ip mroute-cache
 duplex half
!
ip route 10.111.111.111 255.255.255.255 FastEthernet1/0
ip route 192.168.1.1 255.255.255.255 10.1.1.201
ip route 192.168.2.2 255.255.255.255 10.1.1.202
ip route 192.168.3.3 255.255.255.255 10.1.1.203

Catalyst 6500/Cisco 7600 Platform Configuration Example

This section includes examples of Cisco IOS SLB with GTP load balancing and NAT configured on the Catalyst 6500/Cisco 7600 platform:

Cisco IOS SLB Configuration Statements

GGSN1 Configuration Statements

Cisco IOS SLB Configuration Statements

hostname 6500-a
!
ip slb probe PINGPROBE ping
 interval 3
 faildetect 3
!
ip slb serverfarm MWAM1
 nat server
 probe PINGPROBE
!
 real 9.9.9.72
  reassign 4
  faildetect numconns 255 numclients 8
  inservice
!
 real 9.9.9.73
  reassign 4
  faildetect numconns 255 numclients 8
  inservice
!
 real 9.9.9.74
  reassign 4
  faildetect numconns 255 numclients 8
  inservice
!
 real 9.9.9.75
  reassign 4
  faildetect numconns 255 numclients 8
  inservice
!
 real 9.9.9.76
  reassign 4
  faildetect numconns 255 numclients 8
  inservice
!
ip slb vserver V0-GGSN
 virtual 10.10.10.10 udp 3386 service gtp
 serverfarm MWAM1
 idle gtp request 100
 inservice
!
ip slb vserver V1-GGSN
 virtual 10.10.10.10 udp 2123 service gtp
 serverfarm MWAM1
 idle gtp request 100
 inservice
!
ip slb dfp password ciscodfp 0
 agent 9.9.9.72 1111 30 0 10
 agent 9.9.9.73 1111 30 0 10
 agent 9.9.9.74 1111 30 0 10
 agent 9.9.9.75 1111 30 0 10
 agent 9.9.9.76 1111 30 0 10
!
interface FastEthernet9/36
 description TO SGSN
 no ip address
 switchport
 switchport access vlan 302
!
interface Vlan101
 description Vlan to GGSN for GN
 ip address 10.1.1.1 255.255.255.0
!
interface Vlan302
 ip address 40.0.2.1 255.255.255.0
!
router ospf 300
 log-adjacency-changes
 summary-address 9.9.9.0 255.255.255.0
 redistribute static subnets route-map GGSN-routes
 network 40.0.2.0 0.0.0.255 area 300
 network 40.0.3.0 0.0.0.255 area 300
!
ip route 9.9.9.72 255.255.255.255 10.1.1.72
ip route 9.9.9.73 255.255.255.255 10.1.1.73
ip route 9.9.9.74 255.255.255.255 10.1.1.74
ip route 9.9.9.75 255.255.255.255 10.1.1.75
ip route 9.9.9.76 255.255.255.255 10.1.1.76
!
access-list 1 permit 9.9.9.0 0.0.0.255
!
route-map GGSN-routes permit 10
 match ip address 1
!
!

GGSN1 Configuration Statements

!
ip dfp agent gprs
 port 1111
 password ciscodfp 0
 inservice
!
interface Loopback100
 description GPRS GTP V-TEMPLATE IP ADDRESS
 ip address 9.9.9.72 255.255.255.0
!
interface GigabitEthernet0/0.2
 description Gn Interface
 encapsulation dot1Q 101
 ip address 10.1.1.72 255.255.255.0
 no cdp enable
!
interface Virtual-Template1
 description GTP v-access
 ip unnumbered Loopback100
 encapsulation gtp
 gprs access-point-list gprs
!
! route to SGSNs
ip route 40.1.2.1 255.255.255.255 10.1.1.1
ip route 40.2.2.1 255.255.255.255 10.1.1.1