Cisco 7600 Series Router Software Configuration Guide, Cisco IOS Release 15S
Configuring GTP-SLB IPV6 Support
Downloads: This chapterpdf (PDF - 371.0KB) The complete bookPDF (PDF - 14.6MB) | Feedback

Table of Contents

Configuring GTP-SLB IPv6 Support

GTP-SLB Support for IPv6

GTP-SLB Architecture Overview

Create PDP Call Flow

GTP Echo Request Call Flow

GTP Notification Messages

Restrictions and Usage Guidelines

Configuring GTP-SLB IPv6 Support

Configuring a Serverfarm

Configuring a Virtual Server

Examples

Verification

Troubleshooting GTP-SLB IPv6 Support Configuration

Configuring GTP-SLB IPv6 Support

This chapter describes how to configure GPRS Tunneling Protocol - Server Load Balancing (GTP-SLB) IPV6 Support on Cisco 7600 series routers.

This chapter contains these sections:

GTP-SLB Support for IPv6

The GTP-SLB feature provides the functionality to distribute the Packet Datagram Protocol (PDP) context between Public Data Network (PDN) Gateways (P-GW) and Gateway GPRS Support Nodes (GGSN). A PDP contains subscriber session information and is initiated by:

  • A create session request (CSR) in GTPv2.
  • A create PDP request in GTPv1 and GTPv0.

The server load balancing module resides in the Supervisor engine of the 7600 chassis and distributes the new calls to various cards based on individual load taking into account various factors such as CPU, memory, and session count. From Release 15.0(01)S, the GTP-SLB feature is extended to support IPv6 traffic in addition to IPv4 traffic.

SLB uses the IPv6 address stored in the real(server or gateway) object and performs IPv6 Forwarding Information Base (FIB) lookup and forwards the IPv6 packet from a Serving GPRS Support Node / Mobility Management Entity (SGSN/MME) to the corresponding GTP-SLB virtual IP address. A group of real servers (know as serverfarm) servicing IPv4 and IPv6 traffic is defined and associated to dual-stack virtual server (containing table mapping for both IPv4 and IPv6 addresses). An IPv4 capable real server is selected for a CSR destined to IPv4 Virtual IP (VIP) address and an IPv6 capable real server is selected for a CSR destined to IPv6 VIP address.


NoteThe DFP weight reporting mechanism by the GGSN/PGW uses the IPv4 transport.



NoteProbe messages uses IPv4 as transport



NoteA GTPv2 real server can function as a Serving Gateway(SGW) or PDN gateway ( PGW). Only PGW supports GTPv2, V1, V0 requests. SGW supports only GTPv2 requests. A GTPv0 or GTPv1 real cannot process GTPv2 requests. You need to create a separate virtual server for GTPv2 requests and GTPv0/v1 requests, if the real servers are different.


GTP-SLB Architecture Overview

Figure 23-1 describes GTP-SLB architecture. The three main components (SGSN/MME, GTP-SLB VIP, and GGSN/PGW) of GTP-SLB implementation communicate for:

  • Creating PDP session(Create PDP Call Flow).
  • Checking the status of Gateway (GTP Echo Call Flow).
  • Exchanging notification messages between a SLB and Gateway(GTP Notification Messages).

Figure 23-1 GTP-SLB Architecture

 

Create PDP Call Flow

The SGSN/MME initiates the create PDP request with destination address as IPv6 GTP-SLB VIP. The SLB forwards this request to an active IPv6 real (GGSN/PGW) server. The GGSN creates the PDP session and sends the create response directly to SGSN. Figure 23-2 shows the call flow for create PDP session request:

Figure 23-2 Call Flow for Create PDP Session Request

 

GTP Echo Request Call Flow

To check the status of gateway, SGSN sends an echo to SLB. The SLB responds to the echo with an IPv6 echo response if the virtual server is active and operational. Figure 23-3 shows the GTP echo request call flow:

Figure 23-3 GTP Echo Request Call Flow

 

GTP Notification Messages

This section lists the notification messages exchanged between SLB and gateway:

  • SLB sends a PDP query request to a real server when the sticky idle timer exceeds the threshold limit. GGSN responds with a PDP status response for the PDP status query. A sticky timer is restarted if the PDP corresponding to International Mobile Subscriber Identity (IMSI) timer is present in the gateway, else the timer and sticky for the IMSI is deleted.
  • SGSN sends a delete pdp request to real server (GGSN/PGW). The real server (GGSN/PGW) deletes the PDP context and sends a PDP delete notification to the SLB. On receiving the delete notification, the SLB deletes the sticky entry for the IMSI and the sticky timer instance.
  • The real gateway sends a Call Admission Control (CAC) reassign notification to the SLB if it is unable to handle the session. The SLB responds by reassigning the session to another real server.

Restrictions and Usage Guidelines

When configuring GTP-SLB support for IPv6, follow these restrictions and usage guidelines:

  • All the IPv4 and IPv6 serverfarms associated to the same vserver should have the same NAT configuration.
  • Hot Standby Router Protocol (HSRP) instances (IPv4 and IPv6) for a client facing interface should have the same HSRP state.
  • Long Term Evolution (LTE) gateway should be configured with a dual stack.
  • PGW/GGSN gateway should always be configured with a IPv4 and IPv6 VIP address of virtual server. This address is used by gateway for notifications.
  • The client commands in SLB virtual server configuration mode are not supported for IPv6 addresses.
  • The interface between the IOS SLB and gateway must be configured with both IPv6 and IPv4 addresses (dual stack).

Configuring GTP-SLB IPv6 Support

When configuring IPv6 support for GTP load balancing, you need to:

  • Specify the IPv6 address for a real server using the real command in SLB serverfarm configuration mode.
  • Specify the IPv6 address and the optional IPv6 prefix for a virtual server using the virtual command in SLB virtual server configuration mode.
  • Specify the primary IPv6 server farm and the optional backup IPv6 serverfarm using the serverfarm command in SLB virtual server configuration mode.

This process of configuring IPv6 support for GTP-SLB comprises these steps:

Configuring a Serverfarm

This section describes how to configure a serverfarm.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip slb serverfarm server-farm

4. access interface

5. nat {client pool | server}

6. predictor [roundrobin | leastconns | route-map mapname]

7. probe probe

8. real ipv4-address [ipv6 ipv6-address] [port]

9. faildetect numconns number-of-conns [numclients number-of-clients]

10. maxclients number-of-conns

11. maxconns number-of-conns [sticky-override]

12. reassign threshold

13. retry retry-value

14. weight setting

15. inservice

DETAILED STEPS

 

Command
Purpose

Step 1

enable

 
Router# enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip slb serverfarm server-farm

 

Router(config)# ip slb serverfarm PUBLIC

Adds a server farm definition to the IOS SLB configuration and enters server farm configuration mode.

Step 4

access interface

 

Router(config-slb-sfarm)# access GigabitEthernet 0/1.1

(Optional) Configures an access interface or subinterface for a server farm.

Step 5

nat {client pool | server}

 

Router(config-slb-sfarm)# nat server

(Optional) Configures Network Address Translation (NAT) client translation mode or NAT server address translation mode on the server farm.

Step 6

predictor [roundrobin | leastconns | route-map mapname]

 

Router(config-slb-sfarm)# predictor leastconns

(Optional) Specifies the algorithm to be used to determine how a real server is selected.

In GPRS load balancing without GTP cause code inspection enabled, you must accept the default setting (the weighted round robin algorithm).

The Home Agent Director functions only with the default setting (the weighted round robin algorithm).

When you use the predictor route-map command in SLB server farm configuration mode, no further commands in SLB server farm configuration mode or real server configuration mode are allowed.

Step 7

probe probe

 

Router(config-slb-sfarm)# probe PROBE1

(Optional) Associates a probe with the real server.

Step 8

real ipv4-address [ipv6 ipv6-address] [port]

 

 

Router(config-slb-sfarm)# real 10.1.1.1 ipv6 100::10:10:10:1

Identifies a real server by IPv4 and IPv6 address and optional port number as a member of a server farm and enters real server configuration mode.


Note In GPRS load balancing, specify the IP addresses (virtual template addresses, for Cisco GGSN) of the real servers performing the GGSN function.


Step 9

faildetect numconns number-of-conns [numclients number-of-clients]

 

Router(config-slb-real)# faildetect numconns 10 numclients 3

(Optional) Specifies the number of consecutive connection failures and, optionally, the number of unique client connection failures, that constitute failure of the real server.

In GPRS load balancing, if a single SGSN is configured in the environment, specify the numclients keyword with a value of 1.

In RADIUS load balancing, for automatic session-based failure detection, specify the numclients keyword with a value of 1.

Step 10

maxclients number-of-conns

 

Router(config-slb-real)# maxclients 10

 

(Optional) Specifies the maximum number of IOS SLB RADIUS and GTP sticky subscribers that can be assigned to an individual virtual server.

Step 11

maxconns number-of-conns [sticky-override]

 

Router(config-slb-real)# maxconns 1000

(Optional) Specifies the maximum number of active connections allowed on the real server at an instance.

Step 12

reassign threshold

 

Router(config-slb-real)# reassign 2

(Optional) Specifies the threshold of consecutive unacknowledged synchronize sequence numbers (SYNs) or Create PDP requests that, if exceeded, result in an attempt to connect to a different real server.


Note In GPRS load balancing, you must specify a reassign threshold less than the N3-REQUESTS counter value of SGSN.


Step 13

retry retry-value

 

Router(config-slb-real)# retry 120

(Optional) Specifies the time interval (in seconds) to wait between the detection of a server failure and the next attempt to connect to the failed server.

Step 14

weight setting

 

Router(config-slb-real)# weight 24

(Optional) Specifies the real server workload capacity relative to other servers in the server farm.

If Dynamic Feedback Protocol (DFP) is used, the static weights defined using the weight command in server farm configuration mode are overridden by the weights calculated by DFP. If DFP is removed from the network, IOS SLB reverts to the static weights.

Step 15

inservice

 

Router(config-slb-real)# inservice

Enables the real server for use by IOS SLB.

Configuring a Virtual Server

This section describes how to configure a virtual server.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip slb vserver virtual-server

4. virtual ip-address [netmask [group]] {esp | gre | protocol} or virtual ip-address [netmask [group]] {tcp | udp} [port | any] [service service] or virtual ip-address [netmask [group]] [ipv6 ipv6-address [prefix ipv6-prefix]] {tcp | udp} [port | any] [service service]

5. serverfarm primary-farm [backup backup-farm [sticky] | [map map-id priority priority]] or serverfarm [primary-farm [backup backup-farm ]] [[ipv6-primary ipv6-primary-farm [ipv6-backup ipv6-backup-farm]]] [map map-id priority priority]

6. access interface [route framed-ip]

7. advertise [active]

8. client {ip-address netmask [exclude] | gtp carrier-code [code]}

9. delay {duration | radius framed-ip duration}

10. gtp notification cac [reassign-count]

11. gtp session

12. hand-off radius duration

13. idle [asn request duration | asn msid msid | gtp imsi duration [query [max-queries]] | gtp request duration | ipmobile request duration| radius {request | framed-ip} duration]

14. replicate casa listen-ip remote-ip port [interval] [password [encrypt] secret-string timeout]

15. replicate interval interval

16. replicate slave

17. sticky {duration [group group-id] [netmask netmask] | asn msid [group group-id] | gtp imsi [group group-id] | radius calling-station-id | radius framed-ip [group group-id] | radius username [msid-cisco] [group group-id]}

18. synguard syn-count interval

19. inservice [standby group-name] [active]

DETAILED STEPS

 

Command
Purpose

Step 1

enable

 
Router# enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

ip slb vserver virtual-server

 

Router(config)# ip slb vserver PUBLIC_HTTP

Identifies a virtual server and enters virtual server configuration mode.

Step 4

virtual ipv4-address [ipv4-netmask [group]] [ipv6 [ipv6-address [ipv6-prefix ipv6-prefix]] {tcp | udp} [port | any] [service service]

 

Router(config-slb-vserver)# virtual 10.0.0.1 ipv6 100::100:1 udp 0 service gtp

Specifies the following:

  • Virtual server IP address
  • IPv6 address (including the type of connection)
  • Optional TCP or User Datagram Protocol (UDP) port number,
  • Internet Key Exchange (IKE) or Wireless Session Protocol (WSP) setting
  • Service coupling.

For GPRS load balancing:

– Specify a virtual GGSN IP address as the virtual server, and specify the udp keyword option.

– To load-balance GTP v1 and GTP v2 sessions, specify port number 2123, if the GGSNs and SGSNs are in compliance with the ETSI standard, or specify port number 0 or any to configure an all-port virtual server (In this case, the virtual server accepts flows destined for all ports).

– To load-balance GTP v0 sessions, specify port number 3386, if the GGSNs and SGSNs are in compliance with the ETSI standard, or specify port number 0 or any to configure an all-port virtual server.

Step 5

serverfarm [primary-farm [backup backup-farm ]] [[ipv6-primary ipv6-primary-farm [ipv6-backup ipv6-backup-farm]]] [map map-id priority priority]

 

Router(config-slb-vserver)# serverfarm SF backup BACKUPSF ipv6-primary V6SF ipv6-backup BACKUPV6SF map 1 priority 1

Associates a real server farm with a virtual server, and optionally configures a backup server farm.

For GPRS load balancing, if the same real server is defined in two or more server farms, each server farm must be associated with a different virtual server.

You can associate more than one server farm to a GTP virtual server by configuring more than one serverfarm command, each with a unique map ID and a unique priority.

Step 6

access interface [route framed-ip]

 

Router(config-slb-vserver)# access Vlan20 route framed-ip

(Optional) Enables framed-IP routing to inspect the ingress interface.

Step 7

advertise [active]

 

Router(config-slb-vserver)# advertise

(Optional) Controls the installation of a static route to the Null or zero interface for a virtual server address.

Step 8

client {ip-address netmask [exclude] | gtp carrier-code [code]}

 

Router(config-slb-vserver)# client 10.4.4.0 255.255.255.0

(Optional) Specifies the clients that are allowed to use the virtual server.

GPRS load balancing supports only the gtp carrier-code option only if the GTP cause code inspection is enabled.

Step 9

delay {duration | radius framed-ip duration}

 

Router(config-slb-vserver)# delay 30

(Optional) Specifies the time duration for which IOS SLB maintains TCP connection context after a connection has ended.

Step 10

gtp notification cac [reassign-count]

 

Router(config-slb-vserver)# gtp notification cac 5

(Optional) Limits the number of times IOS SLB can reassign a session to a new real server for GGSN-IOS SLB messaging.

Step 11

gtp session

 

Router(config-slb-vserver)# no gtp session

(Optional) Enables IOS SLB to create GTP load-balancing sessions. This is the default setting.

To enable sticky-only load balancing for GTP, use the no form of this command.

If you enable sticky-only load balancing, you must also enable sticky connections for the virtual server using the sticky (virtual server) command.

Step 12

hand-off radius duration

 

Router(config-slb-vserver)# hand-off radius 30

(Optional) Changes the duration of time IOS SLB waits for an ACCT-START message from a new Mobile IP foreign agent in the event of a foreign agent hand-off.

Step 13

idle [asn request duration | asn msid msid | gtp imsi duration [query [max-queries]] | gtp request duration | ipmobile request duration | radius {request | framed-ip} duration]

 

Router(config-slb-vserver)# idle 120

(Optional) Specifies the minimum duration for which the IOS SLB maintains connection context in the absence of packet activity.


Note For GPRS load balancing without GTP cause code inspection enabled, specify an idle timer greater than the longest possible interval between PDP context requests on the SGSN.


Step 14

replicate casa listen-ip remote-ip port [interval]

[password [encrypt] secret-string timeout]

 

Router(config-slb-vserver)# replicate casa

10.10.10.11 10.10.11.12 4231

(Optional) Configures a stateful backup of IOS SLB decision tables to a backup switch.


Note The Home Agent Director does not support this command.


If you specify the service gtp keyword on the virtual command, and you do not specify the sticky command with the gtp imsi keyword, the replicate casa command is not supported because sessions are not persistent, and there is nothing to replicate.

Step 15

replicate interval interval

 

Router(config-slb-vserver)# replicate interval 20

(Optional) Sets the replication delivery interval for an IOS SLB virtual server.

The Home Agent Director does not support this command.

If you specify the service gtp keyword on the virtual command, and you do not specify the sticky command with the gtp imsi keyword, the replicate casa command is not supported because sessions are not persistent, and there is nothing to replicate.

Step 16

replicate slave

 

Router(config-slb-vserver)# replicate slave

(Optional) Enables stateful backup of redundant route processors for an IOS SLB virtual server.

The Home Agent Director does not support this command.

If you specify the service gtp keyword on the virtual command, and you do not specify the sticky command with the gtp imsi keyword, the replicate casa command is not supported because sessions are not persistent, and there is nothing to replicate.


Note If you use a Supervisor Engine with a configured replicate slave, you might receive out-of-sync messages on the Supervisor.


Step 17

sticky {duration [group group-id] [netmask netmask] | asn msid [group group-id] | gtp imsi [group group-id] | radius calling-station-id | radius framed-ip [group group-id] | radius username [msid-cisco] [group group-id]}

 

Router(config-slb-vserver)# sticky 60 group 10

(Optional) Specifies that the connections from the same client use the same real server, until the interval between client connections does not exceed the specified duration.

In VPN server load balancing, specify a duration of at least 15 seconds.

GPRS load balancing and the Home Agent Director do not support this command.

Step 18

synguard syn-count interval

 

Router(config-slb-vserver)# synguard 50

(Optional) Specifies the rate of TCP synchronize sequence numbers (SYNs) managed by a virtual server in order to prevent a SYN flood denial-of-service attack.


Note GPRS load balancing and the Home Agent Director do not support this command.


Step 19

inservice [standby group-name] [active]

 

Router(config-slb-vserver)# inservice

Enables the virtual server.

Examples

This example configures the serverfarm to accept only IPv6 addresses:

mwtcL05-SLB1(config)#ip slb map 1 gtp
mwtcL05-SLB1(config-slb-map-gtp)#apn abc.com
mwtcL05-SLB1(config-slb-map-gtp)#apn 456.com
mwtcL05-SLB1(config-slb-map-gtp)#apn gprs.cisco.com
mwtcL05-SLB1(config-slb-map-gtp)#ip slb map 2 gtp
mwtcL05-SLB1(config-slb-map-gtp)#apn 123.com
mwtcL05-SLB1(config-slb-map-gtp)#apn xyz.com
mwtcL05-SLB1(config-slb-map-gtp)#apn gprs_intdhcp.cisco.com
mwtcL05-SLB1(config-slb-map-gtp)#end
mwtcL05-SLB1(config)#ip slb serverfarm GGSN_FARM1
mwtcL05-SLB1(config-slb-sfarm)#real 21.21.21.1 ipv6 2021::21:21:21:1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#real 22.22.22.1 ipv6 2022::22:22:22:1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#end
mwtcL05-SLB1#conf t
mwtcL05-SLB1(config)#ip slb vserver GGSN_SERVER1
mwtcL05-SLB1(config-slb-vserver)#virtual 20.20.20.1 ipv6 2020::20:20:20:1 udp 2123 service gtp
mwtcL05-SLB1(config-slb-vserver)#serverfarm ipv6-primary GGSN_FARM1 map 1 priority 1
mwtcL05-SLB1(config-slb-vserver)#sticky gtp imsi group 1
mwtcL05-SLB1(config-slb-vserver)#gtp notification cac 2
mwtcL05-SLB1(config-slb-vserver)#idle 180
mwtcL05-SLB1(config-slb-vserver)#inservice
mwtcL05-SLB1(config-slb-vserver)#end
 
 

This example configures the serverfarm to accept IPv4 and IPv6 addresses:

mwtcL05-SLB1(config)#ip slb map 1 gtp
mwtcL05-SLB1(config-slb-map-gtp)#apn abc.com
mwtcL05-SLB1(config-slb-map-gtp)#apn 456.com
mwtcL05-SLB1(config-slb-map-gtp)#apn gprs.cisco.com
mwtcL05-SLB1(config-slb-map-gtp)#ip slb map 2 gtp
mwtcL05-SLB1(config-slb-map-gtp)#apn 123.com
mwtcL05-SLB1(config-slb-map-gtp)#apn xyz.com
mwtcL05-SLB1(config-slb-map-gtp)#apn gprs_intdhcp.cisco.com
mwtcL05-SLB1(config-slb-map-gtp)#end
mwtcL05-SLB1(config)#ip slb serverfarm GGSN_FARM1
mwtcL05-SLB1(config-slb-sfarm)#real 21.21.21.1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#real 22.22.22.1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#end
mwtcL05-SLB1(config)#ip slb serverfarm GGSN_FARM2
mwtcL05-SLB1(config-slb-sfarm)#real 21.21.21.1 ipv6 2021::21:21:21:1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#real 22.22.22.1 ipv6 2022::22:22:22:1
mwtcL05-SLB1(config-slb-real)#weight 1
mwtcL05-SLB1(config-slb-real)#reassign 0
mwtcL05-SLB1(config-slb-real)#inservice
mwtcL05-SLB1(config-slb-real)#end
mwtcL05-SLB1#conf t
mwtcL05-SLB1(config)#ip slb vserver GGSN_SERVER1
mwtcL05-SLB1(config-slb-vserver)#virtual 20.20.20.1 ipv6 2020::20:20:20:1 udp 2123 service gtp
mwtcL05-SLB1(config-slb-vserver)#serverfarm GGSN_FARM1 ipv6-primary GGSN_FARM2 map 1 priority 1
mwtcL05-SLB1(config-slb-vserver)#sticky gtp imsi group 1
mwtcL05-SLB1(config-slb-vserver)#gtp notification cac 2
mwtcL05-SLB1(config-slb-vserver)#idle 180
mwtcL05-SLB1(config-slb-vserver)#inservice
mwtcL05-SLB1(config-slb-vserver)#end

Verification

Run these commands to verify GTP-SLB IPv6 configuration:

  • show ip slb real detail command to view information about real:
mwtcL05-SLB1#show ip slb real detail
 
21.21.21.1, GGSN_FARM1, state = OPERATIONAL, type = server
ipv6 = 2021::21:21:21:1
conns = 0, dummy_conns = 0, maxconns = 4294967295
weight = 1, weight(admin) = 1, metric = 0, remainder = 0
reassign = 3, retry = 60
failconn threshold = 8, failconn count = 0
failclient threshold = 2, failclient count = 0
total conns established = 0, total conn failures = 0
server failures = 0
 
22.22.22.1, GGSN_FARM1, state = OPERATIONAL, type = server
ipv6 = 2022::22:22:22:1
conns = 0, dummy_conns = 0, maxconns = 4294967295
weight = 1, weight(admin) = 1, metric = 0, remainder = 0
reassign = 3, retry = 60
failconn threshold = 8, failconn count = 0
failclient threshold = 2, failclient count = 0
total conns established = 0, total conn failures = 0
server failures = 0
 
  • show ip slb sticky gtp imsi ipv6 command to view brief GTP-SLB IPv6 configuration:
mwtcL05-SLB1# show ip slb sticky gtp imsi ipv6
 
IMSI Real Ver Group Id vs_index refcount NSAPIs
--------------------------------------------------------------------------
12345678901234F6 21.21.21.1 1 1 7 1 0
2021::21:21:21:1
12345678901234F5 22.22.22.1 1 1 7 1 0
2022::22:22:22:1
 
mwtcL05-SLB1# show ip slb stats
Pkts via normal switching: 0
Pkts via special switching: 2
Pkts via slb routing: 0
Pkts Dropped: 0
Pkts DMA punted: 0
Connections Created: 2
Connections Established: 2
Connections Destroyed: 0
Connections Reassigned: 0
Zombie Count: 0
Connections Reused: 0
Connection Flowcache Purges: 0
Failed Connection Allocs: 0
Failed Real Assignments: 0
RADIUS framed-ip Sticky Count: 0
RADIUS username Sticky Count: 0
RADIUS cstn-id Sticky Count: 0
GTP imsi Sticky Count: 2
ASN msid sticky count: 0
ASN NAI count: 0
Failed Correlation Injects: 0
Pkt fragments drops in ssv: 0
 
 
  • show ip slb session gtp ipv6 command to view session information:
mwtcL05-SLB1# show ip slb session gtp ipv6
vserver = GGSN_SERVER1, key = 1112223334444100
client = 2002::77:77:77:3
real = 3003::21:21:21:1
state = SLB_IPV6_GTP_ESTAB
 
vserver = GGSN_SERVER1, key = 1112223334444200
client = 2002::77:77:77:3
real = 3003::22:22:22:1
state = SLB_IPV6_GTP_ESTAB
 
vserver = GGSN_SERVER1, key = 1112223334444300
client = 2002::77:77:77:3
real = 3003::23:23:23:1
state = SLB_IPV6_GTP_ESTAB
 
vserver = GGSN_SERVER1, key = 1112223334444400
client = 2002::77:77:77:3
real = 3003::24:24:24:1
state = SLB_IPV6_GTP_ESTAB
 
vserver = GGSN_SERVER1, key = 1112223334444500
client = 2002::77:77:77:3
real = 3003::21:21:21:1
state = SLB_IPV6_GTP_ESTAB
  • show ip slb stats command to view SLB statistics:
mwtcL05-SLB1# show ip slb stats
Pkts via normal switching: 0
Pkts via special switching: 2
Pkts via slb routing: 0
Pkts Dropped: 0
Pkts DMA punted: 0
Connections Created: 2
Connections Established: 2
Connections Destroyed: 0
Connections Reassigned: 0
Zombie Count: 0
Connections Reused: 0
Connection Flowcache Purges: 0
Failed Connection Allocs: 0
Failed Real Assignments: 0
RADIUS framed-ip Sticky Count: 0
RADIUS username Sticky Count: 0
RADIUS cstn-id Sticky Count: 0
GTP imsi Sticky Count: 2
ASN msid sticky count: 0
ASN NAI count: 0
Failed Correlation Injects: 0
Pkt fragments drops in ssv: 0
 
  • show ip slb vservers name GGSN_SERVER2 command to view brief virtual server configuration:
mwtcL05-SLB1# show ip slb vservers name GGSN_SERVER2
slb vserver prot virtual state conns interface(s)
--------------------------------------------------------------------------------------
GGSN_SERVER2 UDP 20.20.20.1/32:2123 INSERVICE 0 any
2020::20:20:20:1/128
  • show ip slb vservers name GGSN_SERVER2 detail command to detailed virtual server configuration:
mwtcL05-SLB1# show ip slb vservers name GGSN_SERVER2 detail
 
GGSN_SERVER2, state = OPERATIONAL, v_index = 10, interface(s) = <any>
virtual = 3.3.3.3/32:2123, UDP, service = GTP, advertise = TRUE
ipv6 = 3:3:3:3:3:3:3:3/128
serverfarm maps:
map 1: priority = 1, serverfarm = SF, backup serverfarm= SF1
ipv6 serverfarm = SF2 ipv6 backup serverfarm = SF3
severfarm = SF, backup serverfarm = SF1
ipv6 serverfarm = SF2, ipv6 backup serverfarm = SF3
backup_serverfarm_hits = 0
delay = 10, idle = 3600
gtp: request idle = 30
slb notification retry = 2
gtp sticky query: <disabled>
max retries: 0
sticky: <none>
group id = 0
synguard counter = 0, synguard period = 0
conns = 0, total conns = 0, syns = 0, syn drops = 0
standby group = None

Troubleshooting GTP-SLB IPv6 Support Configuration

This section describes how to troubleshoot GTP-SLB IPv6 support configuration. These are some troubleshooting scenarios:

  • Unable to configure least connections attribute(Leastconns) on GTP-SLB.

Leastconns is not supported on GTP-SLB as the loadbalancer does not track the number of open PDP sessions in a real server. SLB only load balances the create PDP requests and maintains a session object for each PDP request to ensure request retransmissions are delivered to the assigned real server.

  • The IOS SLB sticky connections are not functioning as expected.

Complete these steps to verify a valid sticky connection:

Reconfigure all the sticky connections.

Start a client connection.

Run the show ip slb reals detail and show ip slb conns commands.

Check the real server connection counts. Note that the new client connection is assigned to the real server with increased counts.

Run the show ip slb sticky command to display the sticky relationships stored by IOS SLB.

Terminate the connection.

Check if the real server connection decreased by a single count.

Restart the connection within the sticky timeout value.

Run the show ip slb conns command.

Check the real server connection count again and verify that the sticky connection is assigned to the same real server.

  • Server failures are not detected correctly.

Complete these steps to check the servers:

Check if the number of clients is very less, reduce the numclients value on the faildetect numconns (real server) to an optimum value.

Run the show ip slb reals detail command to view the status of the real servers.

Check the status and connection counts of the real servers. A failed server shows one of the following statuses: FAILED, TESTING, or READY_TO_TEST.


Note When a real server fails, connections that are assigned but not established (no SYN or ACK is received) are reassigned to another real server on the first inbound SYN after the reassign threshold. However, connections already established to a real server are forwarded to the same real server.



Note For weighted least connections, a new real server starts slowly so that it is not overloaded with new connections. (See the Slow Start section for more information.) The connection count also show dummy connections on the new real server, which IOS SLB uses to artificially inflate the connection counts for the real server during the slow start period.


  • There is no improvement in failure detection when both faildetect inband and Internet Control Message Protocol (ICMP) probes are configured on a real server.

When a real server is configured with both the ICMP probes and faildetect inband, the faildetect takes precendence. The ICMP probes are health probes, the state of the ICMP probes remain OPERATIONAL as long as the physical interfaces of a real server are accessible. The faildetectinband detects the failure of an application serving a client request on a real server. The ICMP probes transit states when a physical interface failure occurs. It is recommended to have either an ICMP probe or faildetect enabled for real server failure detection.

  • The no inservice command does not disable a resource immediately

The no inservice command allows the connection to complete the process before disabling the resource. To stop all the existing connections for an entire firewall farm or virtual server immediately, use the clear ip slb connections command.

  • The vserver status, active or standby chassis, configured with GTPLB and HSRP is shown for both the chassis. At an instance both the chasis are shown as active or standby.

Check the configuration for these issues:

HSRP interface should be configured with a unique group number if more than one HSRP instances are configured.

HSRP group name is casesensitive and should be unique.

  • You can load-balance a packet through layer 3 and non-layer 2 adjacent connections in the Nat server serverfarm configuration.
  • Dispatched mode does not function in the GGSN(PGW).

Verify that the GGSN is configured with the VIP address as the loopback.

  • Notification messages do not reach the SLB in directed mode

Verify that the virtual server address with next hop IP address is configured on the gateway.

  • Unable to allocate the MS address, though the address pool is configured in GGSN.

The address specified while creating the PDP request from SGPRS might not match the address in the pool defined.