Table Of Contents
Planning to Configure the GGSN
This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).
This chapter includes the following sections:
Cisco GGSN Release 5.2, Cisco IOS Release 12.3(14)YQ, is supported on the Cisco 7200 and the Cisco Multi-Processor WAN Application Module (MWAM) for the Catalyst 6500 series switch / Cisco 7600 series Internet router platforms. However, the GGSN Release 5.2 Service-Aware GGSN feature is supported on the Catalyst 6500 series switch / Cisco 7600 series router platform only.
Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:
Before You Begin
Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for those networks and plan the associated access points to those networks and configure them on the GGSN. For example, you might want to provide user access to the World Wide Web through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.
Cisco 7200 Series Platform Prerequisites
In addition to following the general guidelines documented in the "Before You Begin" section, ensure that the following hardware and software requirements are met before you implement a GGSN in a General Packet Radio Service/Universal Mobile Telephone Service (GPRS/UMTS) network on the Cisco 7200 series router platform:
•Cisco 7200 VXR router with network processing engine (NPE) models NPE-300 or NPE-400 running Cisco IOS Release 12.2(8)YW and later—(Required)
•Integrated Services Adapter (ISA)—(Optional) Provides IP security protocol (IPSec) support.
Catalyst 6500 / Cisco 7600 Series Platform Prerequisites
In addition to following the general guidelines given in the "Before You Begin" section, when configuring GGSNs on the Catalyst 6500 series switch / Cisco 7600 series Internet router platform, ensure that requirements outlined in the following sections are met:
Hardware and Software
The following sections list the minimum hardware and software requirements for implementing a GGSN on a Catalyst 6500 / Cisco 7600 platform.
GGSN Release 4.0 and GGSN Release 5.0
Implementing GGSNs in a GPRS/UMTS network on the Catalyst 6500 series switch / Cisco 7600 series Internet router platform requires the following hardware and software:
•Catalyst 6500 series switch / Cisco 7600 series Internet router in which a Supervisor Engine 2 (Sup2) with the 512-MB Multilayer Switch Feature Card 2 (MSFC2) is installed and running Cisco IOS Release 12.2(14)ZA1 and later—(Required) Performs routing and/or switching and Cisco IOS GPRS Tunneling Protocol (GTP) Server Load Balancing (SLB) functions.
•Additional Supervisor Engine 2 (Sup2) with 512 MB MSFC2—(Optional) Functions as a redundant Supervisor Engine.
•Catalyst 6500 / Cisco 7600 Fast Ethernet / Gigabit Ethernet port adapter (such as the Catalyst 6500 48-port 10/100)—(Required) Provides physical connectivity to the GPRS/UMTS network elements such as the SGSN, authentication, authorization, and accounting (AAA), and charging gateway (CG).
•Cisco Multi-Processor WAN Application Module (MWAM) running the Cisco IOS Release 12.3(2) XB or later release GGSN feature—(Required) Enables up to 5 instances of a Cisco IOS mobile wireless application, such as a GGSN, to be configured and running on one module. Up to two MWAMs can be installed and configured in a Catalyst 6500 / Cisco 7600 chassis, enabling the configuration of up to 10 GGSNs in one chassis. The interfaces to the IOS instances are Gigabit Ethernet 802.1Q trunk ports which carry VLAN-encapsulated traffic to and from the network through the switched fabric.
•VPN IPSec Module—(Optional) Performs IPSec.
GGSN Release 5.1—GTP-SR
Implementing the GGSN Release 5.1 GTP-SR feature requires the following hardware and software:
•Two Cisco 7600 series routers with a Cisco Supervisor Engine 720 and third-generation policy feature card (PFC3BXL) with integrated Multilayer Switch Feature Card 3 (MSFC3). The MSFC3s must be running the same Cisco IOS software release.
•A Cisco Multi-Processor WAN Application Module (MWAM) in each of the Cisco 7600 series routers. The MWAMs must be running the same Cisco IOS GGSN software release.
GGSN Release 5.2—Service-Aware GGSN
Implementing the GGSN Release 5.2 service-aware GGSN feature requires the following hardware and software:
•Two Catalyst 6500 series switches / Cisco 7600 series Internet routers in which Sup720s with the 512-MB Multilayer Switch Feature Card 2 (MSFC2) are installed and running Cisco IOS Release 12.2(18)SXE and later.
•Depending on GGSN scaling and redundancy, Multiple Cisco Multi-Processor WAN Application Module (MWAMs), each with the 1 GB memory option.
•IPSec VPN card (for security)
•A Cisco Content Services Gateway (CSG) module in each of the Cisco 7600 series routers. The CSGs must be running the same Cisco CSG software release, Release 3.1(3)C6(1) or later.
Required Base Configuration
After connectivity has been established from the switch to the different elements in your network, ensure that you complete the following base configuration before implementing and customizing GGSNs on the Cisco MWAM:
1. On the Supervisor/MSFC2, ensure that
a. A Layer-3-routed VLAN for each of the GPRS/UTMS interfaces has been created. Specifically, create a VLAN for the following interfaces:
— Gn VLAN—Interconnects the Gn interfaces.
— Ga VLAN—Interconnects the Ga interfaces.
— AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for AAA, Operation, Administration, and Maintenance (OAM), and DHCP functions.
— One VLAN per APN Gi interface
You can configure the VLANs from VLAN database mode or global configuration mode.
Note You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.
Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode and not through the VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.
To configure a VLAN from global configuration mode:Sup#conf terminal Enter configuration commands, one per line. End with CNTL/Z. Sup(config)#vlan 222 Sup(config-vlan)#end Sup#
In the preceding examples, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the MSFC2 routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), specify a VLAN 222 interface on the MSFC2 and assign an IP address to the interface:Sup# configure terminalSup(config)# interface vlan222Sup(config-if)# ip address n.n.n.n maskSup(config-if)# no ip redirects
The following is an example of the VLAN configuration on the MSFC2:Sup# show running-config!. . .vlan 103,110,160,200,300-301,310!!interface Vlan103description Gn VLANip address 10.20.21.1 255.255.255.0no ip redirects!interface Vlan110description OAM/AAA/DHCP VLANip address 10.20.50.1 255.255.255.0no ip redirects!interface Vlan200description Ga Charging VLANno ip addressno ip redirects!interface Vlan310description VLAN for APN Internetip address 10.20.51.1 255.255.255.0
For detailed information on configuring VLANs, see the Catalyst 6500 Series Software Configuration Guide.
b. The Cisco IOS software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and "Configuring Load Balancing on the GGSN."
c. The Cisco MWAM has been added to each of the VLANs you created, using the mwam module allowed-vlan command. For more information, see the Cisco Multiprocessor WAN Application Module Installation and Configuration Note.
Note VLAN IDs must be consistent be the same in the MSFC2 and Cisco MWAM configurations.
The following is an example of the mwam module allowed-vlan configuration:!...!mwam module 7 port 1 allowed-vlan 71,95,100,101mwam module 7 port 2 allowed-vlan 71,95,100,101mwam module 7 port 3 allowed-vlan 71,95,100,101!...!
d. A static route is configured to each Cisco IOS instance configured as a GGSN on the Cisco MWAM:!...!ip route 10.20.30.1 255.255.255.255 10.20.21.20ip route 10.20.30.2 255.255.255.255 10.20.21.21ip route 10.20.30.3 255.255.255.255 10.20.21.22ip route 10.20.30.4 255.255.255.255 10.20.21.23ip route 10.20.30.5 255.255.255.255 10.20.21.24!...!
2. On each GGSN instance configured on the Cisco MWAM, ensure that
a. A static route is configured to the Supervisor/MSFC2.!...!ip route 0.0.0.0.0 0.0.0.0 10.20.21.1...!
b. A subinterface is configured on which 802.1Q encapsulation is enabled to each of the VLANs you created on the MSFC2.
The following is an example of a Ga/Gn subinterface configuration on the GGSN to VLAN 103 configured on the MSFC2:!...interface GigabitEthernet0/0.2description Ga/Gn Interfaceencapsulation dot1Q 101ip address 10.1.1.72 255.255.255.0no cdp enable...!
For detailed information on configuring
— Ga subinterfaces, see the "Configuring an Interface to the Charging Gateway" section.
— Gn subinterfaces, see the "Configuring an Interface to the SGSN" section.
— Gi subinterfaces, see the "Configuring an Interface to a PDN" section.
The following are base configuration examples for the Supervisor/MSFC2 and the GGSN instance running on the Cisco MWAM.
Supervisor / MSFC2hostname Cat6500-a!boot system flashboot device module 7 cf:4mwam module 7 port 1 allowed-vlan 71,95,100,101mwam module 7 port 2 allowed-vlan 71,95,100,101mwam module 7 port 3 allowed-vlan 71,95,100,101vtp mode transparentredundancymode rpr-plusmain-cpuauto-sync running-configauto-sync standard!power redundancy-mode combined!!vlan 1vlan1 1002vlan2 1003!vlan 2name SNIFFER!vlan 71,95!vlan 100name Internal_Gi_for_GGSN-MWAM!vlan 101name Internal_Gn/Ga!vlan 165!vlan 302name Gn_1!vlan 303name Ga_1!vlan 1002vlan1 1vlan2 1003!vlan 1003vlan1 1vlan2 1002parent 1005backupcrf enable!vlan 1004bridge 1stp type ibm!vlan 1005bridge 1!interface FastEthernet8/22description To SGSNno ip addressswitchportswitchport access vlan 302!interface FastEthernet8/23description To CGFno ip addressswitchportswitchport access vlan 302!interface FastEthernet8/26description To DHCP/RADIUS Serversno ip addressswitchportswitchport access vlan 95!interface FastEthernet8/31description To BackBoneno ip addressswitchportswitchport access vlan 71!interface FastEthernet9/32description To CORPAno ip addressswitchportswitchport access vlan 165no cdp enable!!interface Vlan1no ip addressshutdown!interface Vlan71description VLAN to tftpserverip address 18.104.22.168 255.255.0.0!interface Vlan95description VLAN for RADIUS and DHCPip address 10.2.25.1 255.255.255.0!interface Vlan100description Internal VLAN SUP-to-MWAM Giip address 10.1.2.1 255.255.255.0!interface Vlan101description VLAN to GGSN for GA/GNip address 10.1.1.1 255.255.255.0!interface Vlan165description VLAN to CORPAip address 22.214.171.124 255.255.0.0!interface Vlan302ip address 126.96.36.199 255.255.255.0!interface Vlan303ip address 188.8.131.52 255.255.255.0!router ospf 300log-adjacency-changessummary-address 184.108.40.206 255.255.255.0redistribute static subnets route-map GGSN-routesnetwork 220.127.116.11 0.0.0.255 area 300network 18.104.22.168 0.0.0.255 area 300!ip classlessip route 22.214.171.124 255.255.255.255 10.1.1.72ip route 126.96.36.199 255.255.255.255 10.1.1.73ip route 188.8.131.52 255.255.255.255 10.1.1.74ip route 184.108.40.206 255.255.255.255 10.1.1.75ip route 220.127.116.11 255.255.255.255 10.1.1.76ip route 18.104.22.168 255.255.0.0 10.1.1.72ip route 22.214.171.124 255.255.0.0 10.1.1.73ip route 126.96.36.199 255.255.0.0 10.1.1.74ip route 188.8.131.52 255.255.0.0 10.1.1.75ip route 184.108.40.206 255.255.0.0 10.1.1.76!access-list 1 permit 220.127.116.11 0.0.0.255!route-map GGSN-routes permit 10match ip address 1!
GGSN Instance on the Cisco MWAMservice gprs ggsn!hostname 6500-7-2!ip cef!interface Loopback0description USED FOR DHCP gatewayip address 18.104.22.168 255.255.255.255!interface Loopback100description GPRS GTP V-TEMPLATE IP ADDRESSip address 22.214.171.124 255.255.255.0!interface GigabitEthernet0/0no ip address!interface GigabitEthernet0/0.1description Giencapsulation dot1Q 100ip address 10.1.2.72 255.255.255.0!interface GigabitEthernet0/0.2description Ga/Gn Interfaceencapsulation dot1Q 101ip address 10.1.1.72 255.255.255.0no cdp enable!interface GigabitEthernet0/0.71description TFTP or Backboneencapsulation dot1Q 71ip address 126.96.36.199 255.255.0.0!interface GigabitEthernet0/0.95description CNR and CARencapsulation dot1Q 95ip address 10.2.25.72 255.255.255.0!interface Virtual-Template1description GTP v-accessip unnumbered Loopback100encapsulation gtpgprs access-point-list gprs!ip classlessip route 0.0.0.0 0.0.0.0 10.1.2.1ip route 188.8.131.52 255.255.255.255 10.1.1.1ip route 184.108.40.206 255.255.255.255 10.1.1.1ip route 220.127.116.11 255.255.255.255 10.1.1.1ip route 18.104.22.168 255.255.255.255 10.1.1.1ip route 22.214.171.124 255.255.255.255 10.1.1.1ip route 126.96.36.199 255.255.255.255 10.1.1.1!gprs access-point-list gprsaccess-point 1access-point-name CORPA.comip-address-pool dhcp-proxy-clientaggregate autodhcp-server 10.2.25.90dhcp-gateway-address 188.8.131.52!
The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] has been configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).
Note DFP weighs PPP PDPs against IP PDPs with one PPP PDP equal to eight IP PDPs.
Cisco 7200 Series Router
The following list shows the maximum number of PDP contexts supported on the GGSN according to the memory and Cisco 7206 series router in use when no method of PPP has been configured:
•Cisco 7206 VXR NPE-300 with 256 Mb RAM—80,000 IP PDP contexts
•Cisco 7206 VXR NPE-400 router with 512 Mb RAM—135,000 IP PDP contexts
Catalyst 6500 Series Switch / Cisco 7600 Series Router
The Cisco MWAM can support up to 60,000 IP PDP contexts per GGSN instance, with a maximum of 300,000 IP PDP contexts per MWAM on which five GGSNs are configured.
Supported Standards, MIBs, and RFCs
Cisco IOS GGSN Release 5.2 supports the following Third Generation Partnership Program (3GPP) standards:
–3G TS 03.03
–3G TS 03.60 (7.7.0)
–3G TS 04.08 (7.14.0)
–3G TS 09.02
–3G TS 09.60 (7.9.0)
–3G TS 09.61 (7.4.0)
–3G TS 12.15
–3G TS 22.107
–3G TS 23.003
–3G TS 23.107 (3.9.0)
–3G TS 23.060 (3.14.0)
–3G TS 24.008 (3.14.0)
–3G TS 29.002
–3G TS 29.060 (3.15.0)
–3G TS 29.061 (3.11.0)
–3G TS 32.015 (3.10.0)
–3G TS 23.107 (4.6.0)
–3G TS 23.060 (4.7.0)
–3G TS 24.008 (4.9.0)
–3G TS 29.060 (4.6.0)
–3G TS 29.061 (4.6.0)
–3G TS 32.215 (4.4.0)
–3G TS 23.107 (5.7.0)
–3G TS 23.060 (5.4.0)
–3G TS 24.008 (5.6.0)
–3G TS 29.060 (5.4.0)
–3G TS 29.061 (5.4.0)
–3G TS 32.215 (5.2.0)
The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:
•Ga interface—SMG#28 R99
•Gn interface—SMG#31 R98
Note The CISCO-GPRS-GTP-CAPABILITY-MIB describes the scope of objects supported in the CISCO-GPRS-GTP-MIB. The CISCO-GTP-CAPABILITY-MIB describes the scope of objects supported in the CISCO-GTP-MIB.
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:
•RFC 1518, An Architecture for IP Address Allocation with CIDR
•RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy
•RFC 1661, The Point-to-Point Protocol (PPP)
•RFC 2475, An Architecture for Differentiated Services
•RFC 3588, Diameter Base Protocol
Cisco IOS Software Documentation
•Cisco IOS Dial Technologies Configuration Guide, Release 12.3
•Cisco IOS Dial Technologies Command Reference, Release 12.3
•Cisco IOS Interface Configuration Guide, Release 12.3
•Cisco IOS Interface Command Reference, Release 12.3
•Cisco IOS IP Configuration Guide, Release 12.3
•Cisco IOS IP Command Reference, Volume 1 of 3: Addressing and Services, Release 12.3
•Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.3
•Cisco IOS IP Command Reference, Volume 3 of 3: Multicast, Release 12.3
•Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.3
•Cisco IOS Quality of Service Solutions Command Reference, Release 12.3
•Cisco IOS Security Configuration Guide, Release 12.3
•Cisco IOS Security Command Reference, Release 12.3
•Cisco IOS Switching Services Configuration Guide, Release 12.3
•Cisco IOS Switching Services Command Reference, Release 12.3
•Cisco Multi-Processor WAN Application Module Installation and Configuration Note