Cisco GGSN Release 8.0 Configuration Guide, Cisco IOS Release 12.4(15)XQ
Planning to Configure the GGSN
Download this chapter
Planning to Configure the GGSNPlanning to Configure the GGSN
Download the complete book
Cisco GGSN Release 8.0 Configuration GuideCisco GGSN Release 8.0 Configuration Guide (PDF - 3 MB)
give_us_feedback

Table Of Contents

Planning to Configure the GGSN

Prerequisites

Before You Begin

Platform Prerequisites

Required Hardware and Software

Required Base Configuration

Restrictions

Additional References

Related Documents

Standards

MIBS

RFCs

Technical Assistance


Planning to Configure the GGSN

This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).

This chapter includes the following sections:

Prerequisites

Restrictions

Additional References

Prerequisites

Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:

Before You Begin

Platform Prerequisites

Before You Begin

The Cisco GGSN Release 8.0 is supported on the Cisco Service and Application Module for IP (SAMI) for the Cisco 7600 series router platform.

Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for those networks, and plan the associated access points to those networks and configure them on the GGSN.

For example, you might want to provide user access to the Internet through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.

Platform Prerequisites

When configuring GGSNs on the Cisco 7600 series router platform, ensure that requirements outlined in the following sections are met:

Required Hardware and Software

Required Base Configuration

Required Hardware and Software

Implementing a Cisco GGSN on the Cisco 7600 series Internet router platform requires the following hardware and software.

Any module that has ports to connect to the network.

Supervisor Engine 720, with a Multilayer Switch Feature Card, running Cisco IOS Release 12.2(33)SRB1 or later.

or

Cisco 7600 Series Supervisor Engine 32, with a Multilayer Switch Feature Card, running Cisco IOS Release 12.2(33)SRC and LCP ROMMON Version 12.2[121] on the Cisco SAMI.

For details on upgrading the Cisco IOS release running on the supervisor engine, refer to the "Upgrading to a New Software Release" section in the Release Notes for Cisco IOS Release 12.2SR. For information about verifying and upgrading the LCP ROMMON image on the Cisco SAMI, refer to the Cisco Service and Application Module for IP User Guide.

Note The Cisco IOS software required on the supervisor engine is dependent on the supervisor engine being used and the Cisco mobile wireless application running on the Cisco SAMI processors.

Cisco Service and Application Module for IP (Cisco Product Number: WS-SVC-SAMI-BB-K9). The SAMI processors must be running Cisco IOS Release 12.4(15)XQ or later. The image is automatically loaded onto each processor during an image upgrade and supports both the 1 GB memory default and the 2 GB memory option ( Cisco Product Number: MEM-SAMI-6P-2GB[=]).

IPSec VPN Services Module (for security)

Note Certain GGSN features, such as enhanced service-aware billing and GTP-session redundancy, require additional hardware and software.

GTP-Session Redundancy

In addition to the required hardware and software above, implementing GTP-Session Redundancy (GTP-SR) requires at minimum:

In a one-router implementation, two Cisco SAMIs in the Cisco 7600 series router, or

In a two-router implementation, one Cisco SAMI in each of the Cisco 7600 series routers.

Enhanced Service-Aware Billing

In addition to the required hardware and software, implementing enhanced service-aware billing requires an additional Cisco SAMI running the Cisco Content Services Gateway - 2nd Generation software in each Cisco 7600 series router.

Required Base Configuration

After connectivity has been established from the switch to the different elements in your network, ensure that you complete the following base configuration before implementing and customizing GGSNs on the Cisco SAMI:

On the supervisor engine, ensure that:

1. A Layer-3-routed VLAN for each of the GGSN interfaces has been created. Specifically, create a VLAN for the following interfaces:

Gn VLAN—Interconnects the Gn interfaces.

Ga VLAN—Interconnects the Ga interfaces.

AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for AAA, Operation, Administration, and Maintenance (OAM), and DHCP functions.

One VLAN per APN Gi interface

You can configure the VLANs from VLAN database mode or global configuration mode. You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.

Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode and not through the VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.

To configure a VLAN from global configuration mode: 

Sup#conf terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Sup(config)#vlan 222 
Sup(config-vlan)#end 
Sup#

In the preceding example, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the supervisor engine routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), configure a VLAN 222 interface on the supervisor engine and assign an IP address to the interface: 

Sup# configure terminal

Sup(config)# interface vlan222

Sup(config-if)# ip address n.n.n.n mask

Sup(config-if)# no ip redirects

The following is an example of the VLAN configuration on the supervisor engine: 

Sup# show running-config

!

. . .

vlan 103,110,160,200,300-301,310 

!

!

interface Vlan103

 description Gn VLAN

 ip address 10.20.21.1 255.255.255.0

 no ip redirects

!

interface Vlan110

 description OAM/AAA/DHCP VLAN

 ip address 10.20.50.1 255.255.255.0

 no ip redirects

!

interface Vlan200

 description Ga Charging VLAN

 no ip address

 no ip redirects

!

interface Vlan310

 description VLAN for APN Internet

 ip address 10.20.51.1 255.255.255.0

For detailed information on configuring VLANs, see the Cisco 7600 Series Cisco IOS Software Configuration Guide.

2. The Cisco IOS software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and Chapter 13, "Configuring Load Balancing on the GGSN."

3. Permit traffic to the SAMI by enabling multiple switch virtual interfaces (SVIs), assiging the VLANs to a VLAN group, and then assigning the VLAN groups to the SAMI using the following commands: 

!

...

!

svclc multiple-vlan-interfaces

svclc module 7 vlan-group 71, 73

svclc vlan-group 71, 71

svclc vlan-group 73, 95, 100, 101

!

...

!

Note VLAN IDs must be consistent be the same in the supervisor engine and Cisco SAMI configurations. For more information about configuring the Cisco SAMI, refer the Cisco Service and Application Module for IP User Guide.

4. A static route is configured to each GGSN instance configured on the Cisco SAMI: 

!

...

!

ip route 10.20.30.1 255.255.255.255 10.20.21.20

ip route 10.20.30.2 255.255.255.255 10.20.21.21

ip route 10.20.30.3 255.255.255.255 10.20.21.22

ip route 10.20.30.4 255.255.255.255 10.20.21.23

ip route 10.20.30.5 255.255.255.255 10.20.21.24

!

...

On each GGSN instance on the Cisco SAMI, ensure that:

1. A static route is configured to the supervisor engine. 

!

...

!

ip route 0.0.0.0.0 0.0.0.0 10.20.21.1

...

!

2. A subinterface, on which 802.1Q encapsulation is enabled, is configured to each of the VLANs that you created on the supervisor engine.

The following is an example of a Ga/Gn subinterface configuration on the GGSN to VLAN 103 configured on the supervisor engine: 

!

...

interface GigabitEthernet0/0.2

 description Ga/Gn Interface

 encapsulation dot1Q 101

 ip address 10.1.1.72 255.255.255.0

 no cdp enable

...

!

For detailed information on configuring:

Ga subinterfaces, see the "Configuring an Interface to the Charging Gateway" section on page 6-1.

Gn subinterfaces, see the "Configuring an Interface to the SGSN" section on page 8-1.

Gi subinterfaces, see the "Configuring an Interface to a PDN" section on page 8-12.

Configuration Examples

The following are base configuration examples for the supervisor engine and the GGSN instance running on the Cisco SAMI.

Supervisor Engine 


hostname 7600-a

!

boot system flash 

boot device module 7 cf:4

!

svclc multiple-vlan-interfaces

svclc module 7 vlan-group 71, 73

svclc vlan-group 71, 71

svclc vlan-group 73, 95, 100, 101

vtp mode transparent

redundancy

 mode rpr-plus

 main-cpu

  auto-sync running-config

  auto-sync standard

!

power redundancy-mode combined

!

!

vlan 1

 vlan1 1002

 vlan2 1003

!

vlan 2

 name SNIFFER

!

vlan 71,95 

!

vlan 100

 name Internal_Gi_for_GGSN-SAMI

!

vlan 101

 name Internal_Gn/Ga

!

vlan 165

!

vlan 302

 name Gn_1

!

vlan 303

 name Ga_1

!

vlan 1002

 vlan1 1

 vlan2 1003

!

vlan 1003

 vlan1 1

 vlan2 1002

 parent 1005

 backupcrf enable

!

vlan 1004

 bridge 1

 stp type ibm

!

vlan 1005

 bridge 1

!

interface FastEthernet8/22

 description To SGSN

 no ip address

 switchport

 switchport access vlan 302

!

interface FastEthernet8/23

 description To CGF

 no ip address

 switchport

 switchport access vlan 302

!

interface FastEthernet8/26

 description To DHCP/RADIUS Servers

 no ip address

 switchport

 switchport access vlan 95

!

interface FastEthernet8/31

 description To BackBone

 no ip address

 switchport

 switchport access vlan 71

!

interface FastEthernet9/32

 description To CORPA

 no ip address

 switchport

 switchport access vlan 165

 no cdp enable

!

!interface Vlan1

 no ip address

 shutdown

!

interface Vlan71

 description VLAN to tftpserver

 ip address 1.7.46.65 255.255.0.0

!

interface Vlan95

 description VLAN for RADIUS and DHCP

 ip address 10.2.25.1 255.255.255.0

!

interface Vlan100

 description Internal VLAN SUP-to-SAMI Gi

 ip address 10.1.2.1 255.255.255.0

!

interface Vlan101

 description VLAN to GGSN for GA/GN

 ip address 10.1.1.1 255.255.255.0

!

interface Vlan165

 description VLAN to CORPA

 ip address 165.1.1.1 255.255.0.0

!

interface Vlan302

 ip address 40.0.2.1 255.255.255.0

!

interface Vlan303

 ip address 40.0.3.1 255.255.255.0

!

router ospf 300

 log-adjacency-changes

 summary-address 9.9.9.0 255.255.255.0

 redistribute static subnets route-map GGSN-routes

 network 40.0.2.0 0.0.0.255 area 300

 network 40.0.3.0 0.0.0.255 area 300

!

ip classless

ip route 9.9.9.72 255.255.255.255 10.1.1.72

ip route 9.9.9.73 255.255.255.255 10.1.1.73

ip route 9.9.9.74 255.255.255.255 10.1.1.74

ip route 9.9.9.75 255.255.255.255 10.1.1.75

ip route 9.9.9.76 255.255.255.255 10.1.1.76

ip route 110.72.0.0 255.255.0.0 10.1.1.72

ip route 110.73.0.0 255.255.0.0 10.1.1.73

ip route 110.74.0.0 255.255.0.0 10.1.1.74

ip route 110.75.0.0 255.255.0.0 10.1.1.75

ip route 110.76.0.0 255.255.0.0 10.1.1.76

!

access-list 1 permit 9.9.9.0 0.0.0.255

!

route-map GGSN-routes permit 10

 match ip address 1

!

GGSN Instance on a Cisco SAMI Processor 


service gprs ggsn

!

hostname 7600-7-2

!

ip cef

!

interface Loopback0

 description USED FOR DHCP gateway

 ip address 110.72.0.2 255.255.255.255

!

interface Loopback100

 description GPRS GTP V-TEMPLATE IP ADDRESS

 ip address 9.9.9.72 255.255.255.0

!

interface GigabitEthernet0/0

 no ip address

!

interface GigabitEthernet0/0.1

 description Gi

 encapsulation dot1Q 100

 ip address 10.1.2.72 255.255.255.0

!

interface GigabitEthernet0/0.2

 description Ga/Gn Interface

 encapsulation dot1Q 101

 ip address 10.1.1.72 255.255.255.0

 no cdp enable

!

interface GigabitEthernet0/0.71

 description TFTP or Backbone

 encapsulation dot1Q 71

 ip address 1.7.46.72 255.255.0.0

!

interface GigabitEthernet0/0.95

 description CNR and CAR

 encapsulation dot1Q 95

 ip address 10.2.25.72 255.255.255.0

!

interface Virtual-Template1

 description GTP v-access

 ip unnumbered Loopback100

 encapsulation gtp

 gprs access-point-list gprs

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.1.2.1

ip route 40.1.2.1 255.255.255.255 10.1.1.1

ip route 40.1.3.10 255.255.255.255 10.1.1.1

ip route 40.2.2.1 255.255.255.255 10.1.1.1

ip route 40.2.3.10 255.255.255.255 10.1.1.1

ip route 40.3.2.3 255.255.255.255 10.1.1.1

ip route 40.4.2.3 255.255.255.255 10.1.1.1

!

gprs access-point-list gprs

  access-point 1

   access-point-name CORPA.com

   ip-address-pool dhcp-proxy-client  

   aggregate auto

   dhcp-server 10.2.25.90

   dhcp-gateway-address 110.72.0.2     

!

Restrictions

When configuring a Cisco GGSN, observe the following:

The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] has been configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).

Note DFP weighs PPP PDPs against IP PDPs with one PPP PDP equal to eight IP PDPs. One IPv6 PDP equals 8 IPv4 PDPs.

Table 2-1 lists the maximum number of PDP contexts the Cisco SAMI with the 1 GB memory option can support. Table 2-2 lists the maximum number the Cisco SAMI with the 2 GB memory option can support.:

Table 2-1 Number of PDPs Supported in 1 GB SAMI

PDP Type
Maximum Number per GGSN
Maximum Number per SAMI1

IPv4

60,000

360,000

IPv6

8,000

48,000

PPP Regeneration

16,000

96,000

PPP

8,000

48,000

1 Maximum number per SAMI on which six GGSNs are configured.


Table 2-2 Number of PDPs Supported in 2 GB SAMI

PDP Type
Maximum Number per GGSN
Maximum Number per SAMI1

IPv4

128,000

768,000

IPv6

16,000

96,000

PPP Regeneration

32,000

192,000

PPP

16,000

96,000

1 Maximum number per SAMI on which six GGSNs are configured.


To avoid issues with high CPU usage, we recommend the following configurations:

To reduce the CPU usage during bootup, disable logging to the console terminal by configuring the no logging console global configuration command.

To ensure that the HSRP interface does not declare itself active until it is ready to process a peer's Hello packets, configure the delay period before the initialization of HSRP groups with the standby delay minimum 100 reload 100 interface configuration command under the HRSP interface.

To minimize issues with high CPU usage for additional reasons, such as periods of high PPP PDP processing (creating and deleting), disable the notification of interface data link status changes on all virtual template interfaces of the GGSN using the no logging event link-status interface configuration command. 

! 

interface Virtual-Template1 

description GGSN-VT 

ip unnumbered Loopback0 

encapsulation gtp 

no logging event link-status

gprs access-point-list gprs 

end

For implementation of a service-aware GGSN, the following additional important notes, limitations, and restrictions apply:

RADIUS accounting is enabled between the CSG2 and GGSN to populate the Known User Entries Table (KUT) entries with the PDP context user information.

CSG2 must be configured with the QS addresses of all the GGSN instances.

Service IDs on the CSG2 are configured as numeric strings that match the category IDs on the Diameter Credit Control Application (DCCA) server.

If RADIUS is not being used, the Cisco CSG2 is configured as a RADIUS endpoint on the GGSN.

On the SGSN, the values configured for the number GTP N3 requests and T3 retransmissions must be larger than the sum of all possible server timers (RADIUS, DCCA, and CSG2).

Specifically the SGSN N3*T3 must be greater than:

2 x RADIUS timeout + N x DCCA timeout + CSG2 timeout

where:

2 is for both authentication and accounting.

N is for the number of diameter servers configured in the server group.

Note Configuring a N3* T3 lower than the default might impact slow TCP-based charging paths.

Additional References

For additional information related to implementing basic connectivity, see the following sections:

Related Documents

Standards

MIBS

RFCs

Technical Assistance

Related Documents

Cisco IOS Configuration Fundamentals Configuration Guide, Release 12.4

Cisco IOS Configuration Fundamentals Command Reference, Release 12.4

Cisco IOS Dial Technologies Configuration Guide, Release 12.4

Cisco IOS Dial Technologies Command Reference, Release 12.4

Cisco IOS Interface and Hardware Component Configuration Guide, Release 12.4

Cisco IOS Interface and Hardware Component Command Reference, Release 12.4

Cisco IOS IP Mobility Configuration Guide, Release 12.4

Cisco IOS IP Mobility Command Reference, Release 12.4

Cisco IOS IP Multicast Configuration Guide, Release 12.4

Cisco IOS IP Multicast Command Reference, Release 12.4

Cisco IOS IP Routing Protocols Configuration Guide, Release 12.4

Cisco IOS IP Routing Protocols Command Reference, Release 12.4

Cisco IOS IP Switching Configuration Guide, Release 12.4

Cisco IOS IP Switching Command Reference, Release 12.4

Cisco IOS IPv6 Configuration Guide, Release 12.4

Cisco IOS IPv6 Command Reference, Release 12.4

Cisco IOS LAN Switching Configuration Guide, Release 12.4

Cisco IOS LAN Switching Command Reference, Release 12.4

Cisco IOS Mobile Wireless Packet Data Serving Node Configuration Guide, Release 12.4

Cisco IOS Mobile Wireless Packet Data Serving Node Command Reference, Release 12.4

Cisco IOS Network Management Configuration Guide, Release 12.4

Cisco IOS Network Management Command Reference, Release 12.4

Cisco IOS Optimized Edge Routing Configuration Guide, Release 12.4

Cisco IOS Optimized Edge Routing Command Reference, Release 12.4

Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4

Cisco IOS Quality of Service Solutions Command Reference, Release 12.4

Cisco IOS Security Configuration Guide, Release 12.4

Cisco IOS Security Command Reference, Release 12.4

Cisco Multi-Processor WAN Application Module Installation and Configuration Note

Standards

Cisco GGSN Release 8.0 supports the following Third Generation Partnership Program (3GPP) standards and is backward compatible with prior 3GPP Technical Specifications (TS):

Table 2-3 Third Generation Partnership Program (3GPP) Standards Supported by Cisco GGSN Release 8.0 

3G TS#
Title
Release
GGSN Release 8.0

29.060

GTP across Gn and Gp

7

8.1.0

29.061

Interworking with PDN

7

7.5.0

32.015

Charging

99

3.12.0

32.215

Charging

5

5.9.0

32.251

Charging

7

7.5.1


Note Cisco GGSN Release 8.0 provides limited support on some sections of the TSs listed above.

The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:

Ga interface—SMG#28 R99

Gn interface—SMG#31 R98

MIBS

CISCO-GGSN-EXT-MIB

CISCO-GGSN-MIB

CISCO-GGSN-QOS-MIB

CISCO-GGSN-SERVICE-AWARE-MIB

CISCO-GPRS-ACC-PT-MIB

CISCO-GPRS-CHARGING-MIB

CISCO-GPRS-GTP-CAPABILITY-MIB

CISCO-GTP-MIB

RFCs

RFC 1518, An Architecture for IP Address Allocation with CIDR

RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy

RFC 1661, The Point-to-Point Protocol (PPP)

RFC 2461, Neighbor Discovery for IP Version 6 (IPv6)

RFC 2462, IPv6 Stateless Address Autoconfiguration

RFC 2475, An Architecture for Differentiated Services

RFC 3162, RADIUS and IPv6

RFC 3588, Diameter Base Protocol

RFC 3720, Internet Small Computer Systems Interface (iSCSI)

RFC 4006 Diameter Credit-Control Application

Technical Assistance

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport