ASN Gateway Service Configuration Mode Commands


ASN Gateway Service Configuration Mode Commands
 
The ASN GW Service Configuration Mode is used to create and manage ASN Gateway services within the current context.
 
 
active-relay
This command enables the active relay functionality for R4 and R6 messages in ASN GW and configures the timeout duration in seconds for R4 or R6 messages actively relayed by the ASN GW (e.g. Data Path messages).
Product
ASN GW
Privilege
Administrator
Syntax
active-relay timeout duration
[ default ] active-relay timeout
default
Sets the total timeout duration to 15 seconds to actively relayed R4 or R6 messages.
duration
Default: 15
Specifies the maximum allowable timeout duration for the ASN GW service to actively relay the R4 or R6 messages.
duration is measured in seconds and can be configured to any integer value from 5 through 65535.
Usage
Use this command to enable the active relay of R4 and R6 messages and also to configure the maximum timeout duration for the actively relayed R4 or R6 messages by ASN GW.
By default system is pre-configured for passive relay functionality for R4 and R6 messages.
Example
The following command configures the timeout duration of 20 seconds for actively relayed R4 or R6 messages:
active-relay timeout 20
 
authentication
This command configures the authentication type and parameters used for subscribers in this service.
Product
ASN GW
Privilege
Administrator
Syntax
authentication { single-eap | none }
default authentication
default
Disables the authentication requirement for the ASN GW service.
single-eap
This keyword enables single Extensible Authentication Protocol (EAP) authentication for specific ASN GW service subscriber. Possible single-EAP authentication are User-only, Device-only, or Device-User authentication.
none
This is the default setting for authentication. This keyword disables all type of authentications for specific ASN GW service.
Usage
Use this command to configure authentication requirements for the ASN GW service.
Example
The following command sets the user authentication for ASN GW service with single EAP:
authentication single-eap
 
bind
This command binds the ASN GW service to a logical IP interface and configures the maximum number of subscriber supported within an ASN GW service.
Product
ASN GW
Privilege
Administrator
Syntax
bind address ip_address [ max-subscribers max_subs ]
no bind
no
Removes the binding of the service to a specified interface.
ip_address
Specifies the IP address of the interface to which the service is being bound. ip_address must be expressed in IPv4 dotted decimal or IPv6 colon separated notation.
max-subscribers max_subs
Configures the maximum number of subscribers allowed to connect with this ASN Gateway within specific ASN GW service.
max_subs must be an integer between 1 and 1500000.
Usage
Use this command to associated the service with a specific logical IP address and provides the identity of the ASN Gateway as either the domain name of the ASN GW service or the IP address. This command also configures the maximum number of subscribers can be allowed with this service.
Example
The following command binds the ASN GW service to a logical interface with an IP address of 1.2.3.4 with a limit of 250000 subscribers:
bind address 1.2.3.4 max-subscribers 250000
 
bs-monitor
This command provides the configurations to enable or disable the ASN base station monitoring and related parameters in a WiMAX ASN.
Product
ASN GW
Privilege
Administrator
Syntax
bs-monitor [ interval duration | num-retry retries | timeout idle_time ]
[ default | no ] bs-monitor
default
Disables the configured BS monitoring parameters.
no
Removes the configured BS monitoring feature and parameters.
interval duration
Default: 60
Configures the interval duration in seconds between two ICMP ping messages sent to ASN BS for BS monitoring.
duration specifies the amount of time in seconds between two ICMP ping message to monitor an ASN BS and must be an integer value in the range of 1 through 36000.
num-retry retries
Default: 5
Configures the number of retries before marking specific ASN BS as down/dead.
retries specifies the number of retries to sent ICMP ping messages to an ASN BS before the ASN BS is declared as dead/unreachable and must be an integer value in the range of 0 through 100.
timeout idle_time
Default: 3
Configures the timeout duration to wait for a response from ASN BS of ICMP ping message before retransmitting the ICMP ping packets.
idle_time must be an integer value in the range of 1 through 10.
Usage
Use this command to enable or disable the base station monitoring and to configure the ASN BS monitoring parameters in a WiMAX ASN.
Important: Base Station Monitoring is a license-enabled feature.
Example
The following command configures the timeout duration of 5 seconds before sending ICMP ping message if ASN BS not responded:
bs-monitor timeout 6
 
end
This command exits the current mode and returns to the Executive Mode.
Product
All
Privilege
Administrator
Syntax
end
Usage
Change the mode back to the Executive mode.
 
exit
This command exits the current mode and returns to the previous mode.
Product
All
Privilege
Administrator
Syntax
exit
Usage
Return to the previous mode.
 
gre
This command configures the GRE tunnel parameters for ASN GW gateway functionality within specific ASN GW service.
Product
ASN GW
Privilege
Administrator
Syntax
gre mtu mtu_size
default gre mtu
default
Sets the MTU size for GRE tunnel to default value of 1500 bytes in WiMAX network.
mtu mtu_size
Default: 1500 bytes
Configures the maximum transmission unit size in bytes in GRE tunnel with specific ASN GW service.
mtu_size must be an integer between 36 and 2000.
Usage
Use this command to support the tunnel reassembly optimization with MTU size in GRE tunnel in WiMAX network.
Example
The following command configures the maximum transmission unit (MTU) size to 1700 bytes for GRE tunnel:
default gre mtu 1700
 
handover
This command specifies the handover related parameters between BS, ASN GW, and MS.
Product
ASN GW
Privilege
Administrator
Syntax
handover { anchor { dp-pre-reg-termination timeout duration| dp-termination timeout duration } | max-dp-pre-registrations reg_num | non-anchor { dp-pre-reg-termination timeout duration | dp-termination timeout duration } }
default handover { anchor { dp-pre-reg-termination timeout | dp-termination timeout } | max-dp-pre-registrations | non-anchor { dp-pre-reg-termination timeout | dp-termination timeout } }
default
Sets the default values for configured handover parameters.
anchor
Configures datapath pre-registration and/or termination parameters for an anchor gateway handover.
dp-pre-reg-termination timeout duration
Default: 5
Configures the maximum allowable duration in seconds that a single MS can keep the pre-registration datapath with the previous BS after a handover has completed to another BS.
duration is measured in seconds and can be configured to any integer value from 0 through 65535.
dp-termination timeout duration
Default: 0
Configures the maximum allowable duration in seconds for which the datapath with the previous BS is maintained after a handover has completed to another BS. The system maintains the old datapath after new datapath setup is completed with another BS for specified period and then terminates it.
duration is measured in seconds and can be configured to any integer value from 0 through 65535.
max-dp-pre-registrations reg_num
Default: 1
Configures the maximum number of pre-registrations from multiple BSs that a single MS can keep at a time.
reg_num is the number of pre-registrations and can be configured to any integer value from 0 through 5.
non-anchor
Configures datapath pre-registration and/or termination parameters for a non-anchor gateway handover.
Usage
Use this command to configure the handover related parameters between MS, BS, and ASN GW.
By default system is configured to terminate the previous sessions immediately and number of pre-registration from multiple BSs is set to 0 for an MS.
Example
The following command configures the maximum allowable duration as 20 seconds for which the datapath with the previous BS is maintained after a handover has completed to another BS:
dp-pre-reg-termination timeout 20
 
idle-mode
Configures the timeout duration in seconds an ASN GW service waits to send a session to the idle mode if no activity occurs for specified duration of entry timeout or reactivate an idle session after the specified duration of exit timeout.
Product
ASN GW
Privilege
Administrator
Syntax
idle-mode { entry-timeout duration| exit-timeoutduration | timeout duration }
default idle-mode { entry-timeout| exit-timeout | timeout }
default
Resets the idle mode durations to their respective default values.
no
Disables/removes the configured idle mode entry and/or exit timeout duration for a session.
entry-timeout duration
Default: 60
Specifies the maximum duration in seconds allowed for idle mode entry for a session.
duration is measured in seconds and can be configured to any integer value from 1 through 100000.
exit-timeout duration
Default: 60
Specifies the maximum duration in seconds allowed for session to reenter in to active mode after idle mode exit.
duration is measured in seconds and can be configured to any integer value from 1 through 100000.
timeout duration
Default: 4069
Specifies the maximum time (in seconds) allowed for a session to remain in idle mode. duration must be an integer from 128 to 65535.
Usage
Use this command to configure the ASN GW service to send a session for idle mode or active mode after specified duration of time.
Example
The following command configures the idle mode entry timeout value to 50 seconds:
idle-mode entry-timeout 50
 
max-retransmission
This command the maximum number of times that the system attempts retransmission of R6 control packets to communicate with unresponsive BS.
Product
ASN GW
Privilege
Administrator
Syntax
max-retransmission retry
default max-retransmission
default
Sets the maximum number of retransmission counter to 3 for R6 control packets within specific ASN GW service.
retry
Default: 3
Configures the maximum number of retransmission of R6 control packets to BS before marking it as dead/failed. retry must be an integer between 1 and 10.
Usage
Use this command to configure number of retransmission of R6 control packets to BS before marking it as fail/dead.
Example
The following command configures the system to attempt 2 times to send R6 control packets to BS:
max-retransmission 2
 
mobile-ip
This command configures Mobile IP support with FA service(s) for specific ASN GW service and specifies the context in which the FA service is configured. Default: no
Product
ASN GW
Privilege
Administrator
Syntax
mobile-ip foreign-agent contextcontext_name
no mobile-ip foreign-agent context
foreign-agent context context_name
Default: No FA context specified.
Specifies the name of the previously configured context that facilitates the FA service(s).
context_name must be between 1 and 79 alpha or numeric characters and is case sensitive.
Usage
FA services on the system can be configured either in the same or different contexts from those facilitating ASN GW services. When they are configured in separate contexts, this command configured within an ASN GW service instructs the ASN GW service to route traffic to the context facilitating the FA service.
Use the no mobile-ip foreign-agent context to delete a previously configured destination context.
Example
The following command instructs the ASN GW service to use the context named FA-destination for FA functionality:
mobile-ip foreign-agent context fa-destination
 
peer-asngw
This command provides the facility to configure the addresses of trusted non-anchor ASN GW or non-anchor ASN PC/LR peers that a specific ASN GW service can allow R4 control and data path registration with.
Product
ASN GW
Privilege
Administrator
Syntax
[ no ] peer-asngw address ip_address
no
Removes the configured non-anchor ASN GW or non-anchor ASN PC/LR peers from a specific ASN GW service’s trusted peer list.
address ip_address ip_address
Specifies the IP address of the non-anchor ASN GW or non-anchor ASN PC/LR peers which is added as a trusted peer with the ASN GW service.
ip_address is the IP address of the non-anchor ASN GW or non-anchor ASN PC/LR peers expressed in IPv4 dotted decimal or IPv6 colon separated notation.
Usage
Use this command to create the trusted non-anchor ASN GW or non-anchor ASN PC/LR peers with a specific ASN GW service to establish R4 control and data path registration.
On receipt of R4 control or data path registration request message the ASN GW service checks whether non-anchor DPF/Authenticator ASN GW/ASN PC-LR address received in request message is in trusted peer ASN GW/ASN PC-LR list configured with this command. If the Anchor DPF/Authenticator ASN GW/ASN PC-LR address received in request message is not there (or not configured) in non-anchor ASN GW or non-anchor ASN PC/LR peers list the ASN GW service sends response for request message with Failure Indication TLV with unspecified error code.
A maximum of 32 ASN GWs or ASN PC/LRs can be configured with this command.
Example
The following command adds the ASN GW with an IP address of 1.2.3.4 as a trusted peer within an ASN GW service.
peer-asngw address 1.2.3.4
 
policy
This command configures the policies for ASN Gateway behavior within specific ASN GW service.
Product
ASN GW
Privilege
Administrator
Syntax
policy { ms-unexpected-network-reentry | msid-dhcp-chaddr-mismatch | non-anchor-mode } { allow | disallow }
default policy { ms-unexpected-network-reentry | msid-dhcp-chaddr-mismatch | non-anchor-mode }
default
Resets the policy parameters to their respective default values.
ms-unexpected-network-reentry
Default: allow
Configures the ASN Gateway to allow/disallow an MS re-entry from the same or a new BS, when an active call already exists for the same MS on the ASN Gateway.
This policy performs in the following manner:
msid-dhcp-chaddr-mismatch
Default: disallow
Configures the ASN Gateway to allow/disallow an MS to connect if MSID and DHCP address information mismatched.
non-anchor-mode
Default: allow
Configures the ASN Gateway to allow/disallow the creation of non-anchor sessions based on DP Registration Request from any Base Station.
When non-anchor mode is not allowed and a DP Registration Request is received, and there is no matching session for the MSID, the request is rejected and a DP Registration Response is sent with an error code as “Admin Prohibited”.
allow
Sets the policies to allow the MS matching with specified policy for ASN Gateway.
disallow
Sets the policies to deny/disallow the MS matching with specified policy for ASN Gateway.
Usage
Use this command to configure the policies for behavior of ASN Gateway to handle the MS connection within specific ASN GW service.
Example
The following command enforce the policy to allow an MS re-entry from new BS, when an active call exists for the same MS on the ASN Gateway via another BS.:
policy ms-unexpected-network-reentry allow
 
policy asngw-initiated-reauth
This command configures the policies for ASN Gateway behavior to initiate reauthorization triggers from ASN GW service.
Product
ASN GW
Privilege
Administrator
Syntax
policy asngw-initiated-reauth { allow | disallow | max-cmac-key-count max_count| pmk-grace-time grace_time }
default policy asngw-initiated-reauth [ max-cmac-key-count | pmk-grace-time ]
default
Resets the policy to disallow ASN GW initiated re-authorization and sets the default values for CMAC key count and PMK grace time within the specific ASN GW service.
max-cmac-key-count max_count
Default: 100
Configures the ASN Gateway to trigger the reauthorization on the basis of Cipher-based Message Authentication Code (CMAC) key counter. Once the CMAC counter crosses the configured value, the system initiates the reauthorization trigger.
max_count is the CMAC key counter and must be an integer from 2 through 32768.
pmk-grace-time grace_time
Default: 60
Configures the ASN Gateway to trigger the reauthorization on the basis of Pairwaise Master Key (PMK) key grace period. Once the configured PMK grace period exhausted the system initiates the reauthorization trigger.
grace_time is the grace period in seconds to wait for Pairwaise Master Key (PMK) and must be an integer from 10 through 65335.
allow
Default: disabled
Configures the ASN Gateway to initiate the reauthorization trigger to start the re-authentication based on two locally configured parameters; i.e. pmk-grace-time and cmac-key-count.
disallow
Default: enabled
Configures the ASN Gateway not to initiate the reauthorization trigger to start the re-authentication based on two locally configured parameters; i.e. pmk-grace-time and cmac-key-count.
Usage
Use this command to configure to enable the ASN GW to initiated reauthorization trigger on the basis of configured policy.
Example
The following command enforces the policy to trigger the reauthorization from the ASN GW:
policy asngw-initiated-reauth allow
 
policy overload
Configures traffic overload policy to control congestion in this service.
Product
ASN GW
Privilege
Administrator
Syntax
policy overload { drop | reject }
default policy overload
default
Sets the traffic overload policy action to reject in this service.
drop
Default: disabled
Specifies that the system is to drop incoming packets containing new session requests.
reject
Default: enabled
Specifies that the system processes new session request messages and responds with a reject message.
Usage
Congestion policies at the service-level can be configured for service. When congestion control functionality is enabled at service level, these policies dictate how services respond should the system detect that a congestion condition threshold has been crossed.
Example
The following command configures an overload policy of reject for this ASN GW service:
policy overload reject
 
ran-peer-map
Identifies a base station peer map for this service.
Product
ASN GW
Privilege
Administrator
Syntax
ran-peer-map name
no ran-peer-map
name
Specifies the name of the RAN Peer Map. name must be from 1 to 31 alpha and/or numeric characters and be an existing peer map. RAN Peer Maps are configured in the Global Configuration Mode.
Usage
Use this command to configure a base station peer map that this service will use to map MAC addresses received in R6 protocol messages to IPv4 addresses.
Example
The following command configures the service to refer to a peer map named ran12 when reconciling a base station MAC address to an IP address:
ran-peer-map ran12
 
retransmission-timeout
Configures the amount of time that must pass without any response before the system re-attempts to send R6 control packets to BS.
Product
ASN GW
Privilege
Administrator
Syntax
retransmission-timeout duration
[ no | default ] retransmission-timeout
default
Sets the timeout duration to 3 seconds for retransmission of R6 control packets.
no
Disables/removes the configured timeout duration for retransmission of R6 control packets.
duration
Default: 3
Specifies the maximum allowable time for the ASN GW service to wait for a response from the BS before it (a) attempts to communicate with the BS again (if the system is configured to retry the BS) or (b) marks the BS as unreachable.
duration is measured in seconds and can be configured to any integer value between 1 and 1,000.
Usage
Use this command in conjunction with the max-retransmission command in order to configure the ASN GW services behavior when it does not receive a response from a particular BS.
Use the no retransmission-timeout command to delete a previously configured timeout value. If after deleting the lifetime setting you desire to return the lifetime parameter to its default setting, use the default retransmission-timeout command.
The chassis is shipped from the factory with the retransmission timeout set to 3 seconds.
Example
The following command configures a retransmission timeout value of 5 seconds:
retransmission-timeout 5
The following command deletes a previously configured retransmission-timeout setting:
no retransmission-timeout
 
secondary-ip-hosts
This command enable/disables the multiple host support behind a WiMAX customer premise equipment (CPE). . Default: disabled
Product
ASN GW
Privilege
Administrator
Syntax
secondary-ip-hostsmax_hosts
default multiple-ip-hosts
default
Sets the multiple host configuration in an ASN GW service to default mode, i.e. disabled.
max_hosts
Default: 0 (disabled)
Specifies the maximum number of hosts allowed to connect through one primary node connection behind a WiMAX CPE.
max_hosts must be and integer from 0 through 4. Where 0, the default value, keeps this feature disabled.
Usage
Use this command to enable or disable the multi IP host support in an ASN GW service behind one WiMAX CPE through single primary airlink. If enabled this command supports up to 4 hosts as an auxiliary connection. Accounting and UDR generation for such connection will be based on the primary connection with WiMAX CPE. To apply this facility to a subscriber you need to configure the ip address secondary-pool command in the Subscriber Configuration mode.
Example
The following command enables the multiple host support and instructs the ASN GW service to allow 3 IP hosts as auxiliary connections behind one CPE:
secondary-ip-hosts 3
The following command disable the multiple host support and instructs the ASN GW service not to allow auxiliary connections behind one CPE:
default secondary-ip-host
 
setup-timeout
Configures the total amount of allowable time for the ASN GW service to setup a connection with the BS before it marks the BS as unreachable.
Product
ASN GW
Privilege
Administrator
Syntax
setup-timeoutduration
default setup-timeout
default
Sets the total timeout duration to 60 seconds to setup a connection with BS.
duration
Default: 60
Specifies the maximum allowable time for the ASN GW service to setup the R6 connection with BS before marks the BS as unreachable.
duration is measured in seconds and can be configured to any integer value between 1 and 100000.
Usage
Use this command to configure the maximum setup timeout duration to setup an R6 connection with BS. This command supersedes the duration set through the max-retransmission and retransmission-timeout commands for R6 connection.
The chassis is shipped from the factory with the connection setup timeout duration to 60 seconds.
Example
The following command configures an ASN GW service to mark a BS after waiting for 100 seconds before marks it as dead or unreachable:
setup-timeout 100
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883