GGSN Service Configuration Mode Commands


GGSN Service Configuration Mode Commands
 
 
The Gateway GPRS Support Node (GGSN) Configuration Mode is used to create and manage GGSN services within for the current context.
 
Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
 
accounting
Configures the name of the context configured on the system that processes accounting for PDP contexts handled by this GGSN service.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
accounting context context_name
no accounting context
no
Removes a previously configured accounting context.
context_name
Specifies the name of the context to be used for accounting. The name must be between 1 and 79 alpha and/or numeric characters and is case sensitive.
Usage
By default, the system attempts to use the same context as the one in which the GGSN service is configured for accounting purposes. This command can be used to either change the system’s default behavior, or allow GPRS Tunneling Protocol Prime (GTPP) accounting to a charging gateway (CG).
By default when GTPP accounting is used, accounting records will be sent to the accounting servers configured in whichever context the GGSN service is configured. This command may be used to override that default.
Example
The following command configures the GGSN service’s accounting context to be plmn1:
accounting context plmn1
 
authorize-with-hss
This command enables/disables subscriber session authorization with HSS over S6b Diameter interface. This feature is required to support the interworking of GGSN with P-GW and HA.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[default] authorize-with-hss
Usage
Use this command to enable/disable the authorization support for subscriber over S6b interface which is used between GGSN and the 3GPP AAA to exchange the information related to charging, P-CSCF discovery, etc.
By use of this feature allows the GGSN service to interact with HSS over S6b interface through Diameter configuration which is already configured on the system.
Important: Dimeter configuration must be available before enabling this command. For more information of Diameter interface configuration, refer Diameter Endpoint Configuration Mode Commands chapter..
Important: This command is a license-enabled feature.
Example
The following command enables the subscriber authorization with HSS over S6b Diameter interface to provide session interoperability between GGSN and PGW and HA in this GGSN service:
authorize-with-hss
 
bind
Binds the GGSN service to a logical IP interface serving as the Gn interface. Specifies the maximum number of subscribers that can access this service over the interface.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
bind address address [max-total-pdp-contexts max_total | max-ppp-pdp-contexts max_ppp]
no bind addressaddress
no
Removes a previously configured binding for the GGSN service.
address
Specifies the IP address (address) of the interface configured as the Gn interface. address is specified in dotted decimal notation.
max-total-pdp-contexts max_total
Default: 1,500,000
Specifies the maximum number of PDP contexts (both IP and PPP) that can access this service on this interface.
count can be configured to any integer value between 4,000,000 on ASR 5000.
Important: The maximum number of subscriber contexts supported is dependant on the session capacity license installed and the number of active PACs/PSCs installed in the system. A fully loaded ASR 5000 with 13 active PSCs can support 4,000,000 total IP and PPP PDP contexts. Note that each PPP PDP context is treated as two IP PDP contexts. Refer to the license key command for additional information.
max-ppp-pdp-contexts max_ppp
Default: 750,000
Specifies the maximum number of PPP PDP contexts that can access this service on this interface.
count can be configured to any integer value between 0 and 2,500,000 on ASR 5000.
Important: The maximum number of subscriber contexts supported is dependant on the session capacity license installed and the number of active PACs installed in the system. A fully loaded ST16 system with 13 active PACs can support 1,500,000 PPP PDP contexts. Refer to the license key command for additional information.
Important: The maximum number of subscriber contexts supported is dependant on the session capacity license installed and the number of active processing cards installed in the system. A fully loaded ASR 5000 with 13 active processing cards can support 2,500,000 total PPP PDP contexts. Refer to the license key command for additional information.
Usage
Used to associate or tie the GGSN service to a specific logical IP address. The logical IP address or interface takes on the characteristics of a Gn interface. Only one interface can be bound to a service. The interface should be configured prior to issuing this command.
This command also sets a “soft” limit as to the number of simultaneous subscriber contexts that can be facilitated by the service/interface at any given time. Soft limits are based on measurements gathered at regular short intervals (several times per minute) as opposed to measurements taken in real-time. Therefore the sampled measurement may not match the actual number of PDP contexts currently being processed. Every PDP context request received is compared against the result of the last sample. If the sample is less than the soft limit configured, the request will be processed. If it is more, the request will be rejected.
When configuring the max-total-pdp-contexts or max-ppp-pdp-contexts options, be sure to consider the following:
Taking these factors into account and distributing your subscriber contexts across all available interfaces allows you to configure your interfaces to optimally handle PDP contexts without degraded performance.
Example
The following command would bind the logical IP interface with the address of 192.168.3.1 to the GGSN service and specifies that a maximum of 600 simultaneous subscriber sessions can be facilitated by the interface/service at any given time:
bind address 192.168.3.1 max-subscribers 600
The following command disables a binding that was previously configured:
no bind address
 
cc behavior
Configures the 3GPP behavior bits associated with the GGSN’s charging characteristics (CC).
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
cc behavior no-records nr_value }
no-records nr_value
Default: 0 (disabled)
Specifies the behavior bit upon which the GGSN ceases sending accounting records to a server.
nr_value can be configured to any integer value between 1 and 12 corresponding to the 12 behavior bits B1 through B12.
Usage
3GPP standards after 3GPP R98 included 12 behavior bits as part of GGSN charging characteristics. Like the charging characteristics profile index, the behavior bits are sent by the SGSN to the GGSN in the Create PDP Context request message.
This command configures the behavior bits for each of the conditions described.
Example
The following command configures a behavior bit of 10 for no-records:
cc behavior no-records 10
 
cc profile
Configures the charging characteristic (CC) profile index properties.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
cc profile index [buckets number | interval time [downlink down_octets uplink up_octets | total total_octets ] | prepaid {prohibited | use-rulebase-configuration } | server address context | sgsns num_changes | tariff time1 mins hours [time2 mins hours [time3 mins hours [time4 mins hours [time5 mins hours [time6 mins hours ]]]] | volume {downlink vol_down_octets uplink vol_up_octets | total total_octets} ]
no cc profile index {buckets | interval | prepaid | server address | sgsns | tariff | volume }
default cc profile index [buckets | interval | prepaid | server address | sgsns | tariff | volume]
no
Removes a previously configured profile index.
default
Returns the specified cc profile to the original default system settings.
index
Configures a profile index for the parameter to be specified. index can be configured to any integer value from 0 to 15.
Important: 3GPP standards suggest that profile index values of 1, 2, 4, and 8 be used for hot billing, flat rate billing, prepaid billing and normal billing, respectively. A single charging characteristics profile can contain multiple behavior settings.
buckets number
Default: 4
Specifies the number of statistics container changes due to QoS changes or tariff time that can occur before an accounting record should be closed.
number can be configured to any integer value from 1 through 4.
interval time [downlink down_octets uplink up_octets | total total_octets ]
Specifies the normal time duration that must elapse before closing an accounting record provided that any or all of the following conditions occur:
time is measured in seconds and can be configured to any integer value from 60 to 40,000,000.
down_octets is the downlink traffic volume measured in octets and can be configured to any integer value from 0 to 1,000,000.
up_octets is the uplink traffic volume measured in octets and can be configured to any integer value from 0 to 1,000,000.
total_octets is the total traffic volume measured in octets and can be configured to any integer value from 0 to 1,000,000.
prepaid {prohibited | use-rulebase-configuration }
This command enables or disables prepaid for the specified profile index.
Default: N/A
prohibited: Disable prepaid for the specified profile index.
use-rulebase-configuration: Use the prepaid configuration in the rulebase.
sgsns num_changes
Default: 4
Specifies the number of SGSN changes (i.e., inter-SGSN switchovers) resulting in a new RAI (Routing Area Identity) that can occur before closing an accounting record.
num_changes can be configured to any integer value from 1 to 15.
tariff time1 mins hours time2 mins hours time3 mins hours time4 mins hours time5 mins hours time6 mins hours
Specifies time-of-day time values to close the current statistics container (but not necessarily the accounting record). Six different tariff times may be specified. If less than six times are required, the same time can be specified multiple times.
Important: The system assumes that the billing system uses the day/date to determine if the statistics container represents an actual tariff period.
For each of the different tariff times, the following parameters must be configured:
mins: The minutes of the hour, an integer value from 0 to 59.
hours: The hour of the day, an integer value from 0 to 23.
volume {downlink vol_down_octets uplink vol_up_octets | total total_octets }
Specifies the downlink, uplink, and total volumes that must be met before closing an accounting record.
vol_down_octets is measured in octets and can be configured to any integer value from 100,000 to 4,000,000,000.
vol_up_octets is measured in octets and can be configured to any integer value from 100,000 to 4,000,000,000.
total_octets is the total traffic volume (up and downlink) measured in octets and can be configured to any integer value from 100,000 to 4,000,000,000.
Usage
Charging characteristics consist of a profile index and behavior settings. This command configures profile indexes for the GGSN’s charging characteristics. The GGSN supports up to 16 profile indexes.
This command works in conjunction with the cc-sgsn command located in the APN configuration mode that dictates which CCs should be used for subscriber PDP contexts.
Example
The following command configures a profile index of 10 for tariff times of 7:00 AM and 7:30 PM:
cc profile 10 tariff time1 0 7 time2 30 19 time3 0 7 time4 30 19
 
default
Sets/restores the default value assigned for the specified parameter.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
default {cc {behavior | profile index } | echo-interval | gtpu echo-interval | gtpu reorder {context | sequence-numbers | timeout } | guard-interval | ip {local-port gtpc-v1 | qos-dscp } | max-retransmissions | plmn {unlisted-sgsn } | setup-timeout | timeout }
cc {behavior | profile index }
Restores the GGSN’s charging characteristics parameters to the following default settings:
behavior: Restores all behavior parameters to their default values of 0 (disabled).
profile: For the specified index, the following defaults are applied:
echo-interval
Restores the GTP echo-interval parameter to its default setting of 60.
gtpu echo-interval
Restores the GTPU echo-interval parameter to its default setting of 60.
gtpu reorder {context | sequence-numbers | timeout }
Restores the gtpu reordering parameters to the following default settings:
gtpu udp-checksum insert
Restores the GGSN gtpu udp-checksum parameter to its default setting of enabled.
guard-interval
Restores the GGSN guard-interval parameter to its default setting of 100.
ip {local-port gtpc-v1 | qos-dscp }
Restores the GGSN ip parameters to the following default setting:
qos-dscp: conversational ef streaming af11 interactive af21 background be
max-retransmissions
Restores the GGSN max-retransmissions parameter to its default setting of 4.
plmn {unlisted-sgsn }
Restores the GGSN plmn unlisted-ggsn parameter to its default setting of reject.
setup-timeout
Restores the GGSN setup-timeout parameter to its default setting of 60.
timeout
Restores the GGSN timeout parameter to its default setting of 5.
Usage
After the system has been modified from its default values, this command is used to set/restore specific parameters to their default values.
Example
The following command restores the GGSN service’s guard interval parameter to its default setting:
default guard-interval
 
dns-client
This command defines the context name where a DNS client is configured. This comamnd will associates an existing DNS client configuration with GGSN to perform DNS query for P-CSCF, if P-CSCF query request in AAA message is received from Diameter node.
Product
All
Privilege
Security Administrator, Administrator
Syntax
dns-client context dns_ctxt_name
[no] dns-client context
no
Removes the association of DNS context which was configured to perform DSN query in this GGSN service.
dns_ctxt_name
Specifies the name of the context in which a DNS client configuration is present. Typically this should be the same where this GGSN servie is configured.
dns_ctxt_name is a context name and must be alpha and/or numeric string of 1 through 79 characters.
Usage
Use this command to associate a DNS client configuration to perform DNS query used for the resolution of P-CSCF query received in AAA message from Diameter peer, on the basis of DNS client parameters configured in a context.
A DNS client configuration must be present in the same context as GGSN service before enabling this command to perform DNS query for P-CSCF.
Important: This command is a license-enabled feature.
Example
The following command associates a DNS client configuration to perform DNS query for P-CSCF with this GGSN service which is configured in same context as GGSN service:
default dns-client context
 
echo-interval
Configures the rate at which GPRS Tunneling Protocol (GTP) v1-C Echo packets are sent from the GGSN service to the SGSN.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
echo-interval time_interval
no echo-interval
no
Disables the sending of GTPv1-C Echo packets.
time_interval
Default: 60
Specifies the frequency at which the GGSN service sends GTPv1-C Echo packets to the SGSN(s) it is configured to communicate with.
time_interval is measured in seconds and can be configured to any integer value between 60 and 3600.
Usage
Use this command to adjust the rate at which the GGSN sends these packets. GTPv1-C Echo packets are used to detect whether SGSNs that the GGSN service is communicating with, has become unresponsive or has rebooted.
The system initiates this protocol for each of the following scenarios:
Upon the configuration of a new SGSN on the system using the sgsn address command as described in this chapter
The echo-interval command is used in conjunction with the max-retransmissions and retransmission-timeout commands as described in this chapter.
In addition to receiving an echo response for this echo protocol, if GGSN receives a Node Alive Request message or a Echo Request message from a presumed dead SGSN, it will immediately assume the SGSN is active again.
If the GGSN discovers that an SGSN has become unresponsive, it will terminate all PDP contexts that had been established with the SGSN.
Example
The following command configures the GGSN service to send GTP Echo packets every 120 seconds:
echo-interval 120
 
end
Exits the GGSN service configuration mode and returns to the Administrator-Exec mode prompt.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
end
Usage
Change the mode back to the Administrator-Exec mode.
 
exit
Exits the GGSN service configuration mode and returns to the context configuration mode.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
exit
Usage
Returns to the context configuration mode.
 
fqdn
This command defines Fully Qualified Domain Name (FQDN) which would be used for authorization over S6b interface between GGSN and 3GPP AAA/HSS.
Product
All
Privilege
Security Administrator, Administrator
Syntax
[no | default] fqdn host host_name realm realm_id
no
Removes configured FQDN host name and realm id from GGSN service.
default
Sets the system to default mode for this command and configure the host and realm id value to NULL.
host host_name
Specifies the name of the host to be used for authorization over S6b interface with 3GPP AAA server/HSS from GGSN service.
host_name is a unique name that need to be configured for the authorization over S6b interface from this GGSN service.
host_name must be an alpha and/or numeric string of from 1 through 127 characters. host_name allows punctuation marks.
realm realm_id
Specifies the realm as FQDN to be used for authorization over S6b interface with 3GPP AAA server/HSS from GGSN service. The realm may typically be a company or service name.
realm_id is a unique identifier that need to be configured for the authorization over S6b interface from this GGSN service and must be an alpha and/or numeric string of from 1 through 127 characters. It allows punctuation marks.
host_name
Usage
Use this command to define host and realm as FQDN for 3GPP AAA server/HSS which would be used for authorization over S6b interface with GGSN. The realm specified as FQDN may typically be a company or service name.
By default the FQDN host and realm will be NULL
Important: This command is a license-enabled feature.
Example
The following configures the hss1 as host name and xyz.com as realm for FQDN to support authorization over S6b from this GGSN service:
fqdn host hss1 realm xyz.com
 
gtpc nsapi-in-create-pdp-response
This command configures the exclusion/inclusion of optional information element (IE) Network Service Access Point Identifier (NSAPI) in “Create PDP Context Response” messages in GTP-C.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[default | no] gtpc nsapi-in-create-pdp-response
default
Sets the default mode for GTP-C messages; i.e. to not to include NSAPI IE in “Create PDP Context Response” messages.
no
Removes the preconfigured mode for GTP-C messages; in other words sets the mode for GTP-C message to not to include NSAPI IE in “Create PDP Context Response” messages. By default it is disabled.
Usage
Use this command to configure the mode for the GTP-C messages to exclude or include the NSAPI IE in “Create PDP Context Response” message received from SGSN.
Example
The following command configures the GGSN service to include the optional IE of NSAPI in “Create PDP Context Response” message:
gtpc nsapi-in-create-pdp-response
 
gtpc private-extension
This command configures the customer specific private extension in GTP-C messages.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
gtpc private-extension {{{focs | odb} access-list acl_name in disconnect-on-violation }| ggsn-preservation-mode | insk | loss-of-radio-coverage | none}
default gtpc private-extension
no gtpc private-extension [focs | insk | preservation-mode | loss-of-radio-coverage]
default
Sets the default mode for GTP-C messages. By default it is disabled.
no
Disables the configured private extensions for GTP-C messages.
{focs | odb} access-list acl_name in disconnect-on-violation
These keywords configures the Free-Of-Charge-Service and Operator Determined Barring fo all packet oriented services as defined by operators.
focs: This keyword enables/disables Free of Charging Services for the subscriber who has no credit, and also takes the access-list acl_name to be applied for FOCS.
odb: This keyword enables/disables “all packet oriented service barred” for the subscriber, and also takes the access-list acl_name to be applied for ODB.
acl_name is the name of configured access control list for this service.
Important: These are the customer-specific keywords and need customer-specific license to use them.
insk
This keyword is for the Intelligent-Network-Service-Key defined by vendors. This private extension can be present in Create PDP Context request messages.
A radius dictionary can be configured to send that value in accounting messages.
Important: This is a customer specific-keyword and needs customer-specific license to use this feature.
ggsn-preservation-mode
This keyword is the customer specific option and used to indicate the presence of such a private extension in Update PDP Context requests. It indicates whether the subscriber is active or has become idle, and RAN resources might have been released. It also indicates the "type" of desired preservation mode behavior.
System support two different types of behavior. When ggsn-preservation-mode is configured, different generation of accounting records occur based on the "type" of mode. To enable the different generation of accounting records, the trigger for preservation mode must be configured for RADIUS or GTPP command for that accounting protocol. If that trigger is not configured, there will be no change in the generation of accounting records.
Important: This is a customer-specific keyword and needs customer-specific license to use this feature.
loss-of-radio-coverage
These keywords enables the protection for overcharging to a subscriber due to loss of radio coverage (LORC) in a GGSN service. It also enables the system to understand the private extension in GTP-C message for LORC in Update PDP Context message from SGSN.
Important: This is a license enabled keyword and need feature-specific license to use it.
none
Removes the private extensions from record which are from GTP-C messages received from the SGSN.
Usage
Use this command to configure the private extensions to record from the GTP-C messages received from SGSN. It also configures the customer specific features; i.e. preservation mode for GGSN service.
Overcharging protection for LORC is a solution which provides the ability to configure mobile carriers to maximize their network solutions and balancing the requirements to accurately bill their customer.
Consider scenario where a mobile is streaming or downloading very large files from external sources and the mobile goes out of radio coverage. If this download is happening on Background/Interactive traffic class then the GGSN is unaware of such loss of connectivity as SGSN does not perform the Update PDP Context procedure to set QoS to 0kbps (this is done when traffic class is either Streaming or Conversational only). The GGSN continues to forward the downlink packets to SGSN. In the loss of radio coverage, the SGSN will do paging request and find out that the mobile is not responding; SGSN will then drops the packets. In such cases, the G-CDR will have increased counts but S-CDR will not. This means that when operators charge the subscribers based on G-CDR the subscribers may be overcharged. This feature is implemented to avoid the overcharging in such cases.
This implementation is based on Cisco-specific private extension to GTP messages and/or any co-relation of G-CDRs and S-CDRs. It also does not modify any RANAP messages.
Important: This is a license enabled command and needs feature-specific license/s to use this command.
Important: Some of the keywords a customer-specific feature and need customer-specific license/s to use them.
Example
The following command configures the GGSN service to record the private extension for intelligent network service key as defined by operator:
gtpc private-extension insk
 
gtpc ran-procedure-ready-delay
This command configures the GGSN to enable the RAN Procedure Ready feature for the particular GGSN service and specify the timeout period for RAN procedure timer in GGSN which is started on arrival of every secondary Create PDP Context request.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
gtpc ran-procedure-ready-delay [timeout dur]
[default | no] gtpc ran-procedure-ready-delay
default
Sets the default mode of RAN Procedure Ready feature for the particular GGSN service. By default it is disabled.
no
This keyword is used to disable RAN Procedure Ready feature for the particular GGSN service. By default it is disabled.
timeout dur
Default: 10
Specifies the timeout duration in seconds for RAN procedure timer in GGSN which is started on arrival of every secondary “Create PDP Context Request” message.
This is an optional keyword. If no timeout period is specified then default value of 10 seconds will be assigned to timeout period.
dur must be an integer between 1 through 40.
Usage
Use this command to enable the RAN Procedure Ready feature for the particular GGSN service and to specify the timeout period for RAN procedure timer in GGSN which is started on arrival of every secondary “Create PDP Context Request” message.
Once a “Create PDP Context Request” is received by GGSN from SGSN, a timer will be started at GGSN and GGSN will wait till the Radio Access Bearer setup is completed and “Update PDP Context Request” is sent by SGSN. If any downlink data is received before arrival of “Update PDP Context Request” or before timer expire, that downlink packets will be queued or buffered. Currently buffer limit of sub-system is 1024 packets.
To support this feature each sub-session uses a common flag ‘ran procedure ready state’, whenever a “Create PDP Context Request” is received for secondary PDP context and sub-session is allocated, this flag will be set to TRUE by default. This common flag is checked while sending downlink traffic, if this flag is FALSE then GGSN permit flow of downlink data but, if it is TRUE, GGSN will queue the downlink packets.
In case if the buffer becomes full ( total buffer limit is of 1024 packets) then, all the newly coming packets will be dropped.
If “Update PDP Context Request” is received by GGSN with RAN Procedure flag set or if timer expires the ‘ran-procedure ready state’ flag in sub-session will be reset and hence GGSN will start sending queued packets in ‘first-in first-out’ manner and buffering will be disabled for further downlink traffic.
This feature supports following scenarios when RAB setup timer starts at the GGSN:
Important: This feature make no effect on Enhanced Charging Service or DPI as the buffering of downlink data is done before sending it to ACSMgr.
Important: During SGSN handoff scenario all packets will be processed in a normal way and the downlink packets buffered till the timer expires.
Example
The following command configures the GGSN service to enable the RAN Procedure Ready feature and specify the timeout period as 20 seconds for RAN procedure timer in GGSN:
gtpc ran-procedure-ready-delay timeout 20
 
gtpu echo-interval
Configures the rate at which GPRS Tunneling Protocol (GTP) v1-U Echo packets are sent from the GGSN service to the SGSN.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
gtpu echo-interval time_interval
no gtpu echo-interval
no
Disables the sending of GTPv1-U Echo packets.
time_interval
Default: 60
Specifies the frequency at which the GGSN service sends GTPv1-C Echo packets to the SGSN(s) it is configured to communicate with.
time_interval is measured in seconds and can be configured to any integer value between 60 and 3600.
Usage
GTPv1-C Echo packets are used to detect whether SGSNs that the GGSN service is communicating with, has become unresponsive or has rebooted. Use this command to adjust the rate at which the GGSN sends these packets.
If the GGSN discovers that an SGSN has become unresponsive, it will terminate all PDP contexts that had been established with the SGSN.
Example
The following command configures the GGSN service to send GTPv1-U Echo packets every 120 seconds:
gtpu echo-interval 120
 
gtpu reorder
Configures packet data reordering for the GGSN service.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
gtpu reorder {context {ppp } | sequence-numbers {ipv4 | ppp | ipv4-ppp | ppp-ipv4 } | timeout time }
no gtpu reorder {context | sequence-numbers {ipv4 | ppp | ipv4-ppp | ppp-ipv4 } }
no
Disables the re-ordering of GTPU packets.
context {ppp }
Default: Disabled
Enables the GGSN service to re-order PPP data packets based on the sequence numbers inserted by the SGSN.
sequence-numbers {ipv4 | ppp | ipv4-ppp | ppp-ipv4 }
Default: Disabled
Enables the GGSN service to insert sequence numbers into the data packets that it sends to the SGSN.
The insertion of sequence numbers can be controlled for specific PDP context types. The following PDP context types can be specified:
ipv4 : Enables re-ordering for IP PDP context types
ppp : Enables re-ordering for PPP PDP context types
ipv4-ppp : Enables re-ordering for both IP and PDP context types
ppp-ipv4: The same as ipv4-ppp, enables re-ordering for both IP and PDP context types
Important: If packet re-ordering is enabled using the gtpu reorder context command, sequence numbers are automatically be added regardless of this command.
timeout time
Default: 100 milliseconds
If re-ordering is enabled, this option specifies the amount of time that the GGSN should wait prior to sending re-sequenced data packets stored in queue.
time is measured in milliseconds and can be configured to any integer value between 0 and 5000. A timeout of “0” indicates that only packets arriving in sequence are processed and the accepted sequence number is updated for each in-sequence packet. Packets are not queued. Packets arriving with seq number less than the accepted sequence number are discarded.
Usage
Use this command to control data packet re-ordering between the GGSN and SGSN.
If re-ordering is enabled for the GGSN service, the GGSN informs the SGSN to also reorder the data packets from the GGSN. The GGSN informs the SGSN in the create PDP context response. The GGSN and SGSN optionally insert sequence numbers into the data packets that they send.
Example
The following command specifies that the GGSN service re-sequences data packets received from the SGSN for PPP PDP context types:
gtpu reorder context ppp
The following command specifies that the GGSN service inserts sequence numbers for both IP and PPP PDP context types into data packets it is sending to the SGSN for PPP PDP context types:
gtpu reorder sequence-numbers ppp-ipv4
 
gtpu udp-checksum insert
This command enables/disables the insertion of UDP checksum in outgoing UDP data packets. By default checksum insertion is enabled.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[no | default] gtpu udp-checksum insert
no
Disables insertion of UDP checksum in outgoing UDP data packets.
default
Enables the insertion of UDP checksum in outgoing UDP data packets.
Usage
Use this command to enable or disable the system to insert UDP checksum in outgoing UDP data packets.
Example
The following command specifies that the GGSN service will insert the UDP checksum into outgoing UDP data packets:
gtpu udp-checksum insert
 
guard-interval
Configures the time period after which a redundant PDP context request received from an SGSN is treated as a new request rather than a re-send of a previous request.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
guard-interval guard_time
no guard-interval
no
Disables the guard-interval function for the GGSN service.
guard_time
Default: 100
Specifies the amount of time that must pass before a GGSN service treats a redundant PDP context request as a new request instead of a re-send of a previous request.
guard_time is measured in seconds and can be configured to any integer value between 10 and 3600.
Usage
The guard interval is used to protect against replay attacks. Without a guard interval configured, information from a valid PDP context request could be used to gain un-authorized network access.
If the GGSN service receives a PDP context request in which the International Mobile Subscriber Identity (IMSI), the Network Service Access Point Identifier (NSAPI), the end user IP address, and the GTP sequence number are identical to those received in a previous request, the GGSN treats the new request as a re-send of the original. Therefore, information from a valid PDP context request could be collected and re-sent at a later time by an un-authorized user to gain network access.
Configuring a guard interval limits the amount of time that the information contained within a PDP context request remains valid.
Example
The following command configures the GGSN service with a guard interval of 60 seconds:
guard-interval 60
 
ip local-port
Configures the local User Datagram Protocol (UDP) port for the Gn interfaces’ GTPC socket for GTPv1.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
ip local-port gtpc-v1 port#
gtpc-v1 port#
Default: 2123
Specifies the UDP port number for GTPv1 GTPC sockets.
port# can be configured to any integer value between 1 and 65535.
Usage
By default, the GGSN service attempts to use GTPv1 when communicating with SGSNs. This parameter configures the UDP port over which the GTP control (GTPC) sockets are sent.
If an SGSN only supports GTPv0, the GGSN service automatically switches to GTPv0 when communicating with this SGSN. In the scenario, the GGSN service communicates with the SGSN on UDP port 3386 and does not have a GTPC socket.
Important: The UDP port setting on the SGSN must match the local-port setting for the GGSN service on the system in order for the two devices to communicate.
Example
The following command configures the GGSN service to use UDP port 2500 for exchanging GTPC sockets with SGSNs when using GTPv1:
ip local port 2500
 
ip qos-dscp
Configures the quality of service (QOS) differentiated service code point (DSCP) used when sending data packets over the Gn interface.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
ip qos-dscp {{allocation-retention-priority | background | conversational | interactive traffic_priority | streaming } { dscp}}+
no ip qos-dscp [allocation-retention-priority | background | conversational | interactive traffic_priority | streaming] +
allocation-retention-priority
Specifies the DSCP for interactive class if the allocation priority is present in the QOS profile.
allocation-retention-priority can be the integers 1, 2, or 3.
DSCP values use the following matrix to map based on traffic handling priority and Alloc/Retention priority if the allocation priority is present in the QOS profile.
The following table shows the DSCP value matrix for allocation-retention-priority.
Default DSCP Value Matrix
background
Specifies the QOS for traffic patterns in which the data transfer is not time-critical (for example email exchange). This traffic pattern requires the lowest QOS.
conversational
Specifies the QOS for traffic patterns in which there is an constant flow of packets in each direction, upstream and downstream. This traffic pattern requires the highest QOS.
interactive
Specifies the QOS for traffic patterns in which there is an intermittent flow of packets in each direction, upstream and downstream. This traffic pattern requires a higher QOS than the background pattern, but not as high as that for the streaming pattern.
traffic_priority is the 3GPP traffic handling priority and can be the integers 1,2 or 3.
streaming
Specifies the QOS for traffic patterns in which there is a constant flow of data in one direction, either upstream or downstream. This traffic pattern requires a higher QOS than the interactive pattern, but not as high as that for the conversational pattern.
dscp
Default:
Specifies the DSCP for the specified traffic pattern. dscp can be configured to any one of the following:
af11: Assured Forwarding 11 per-hop-behavior (PHB)
af32: Assured Forwarding 32 PHB
af12: Assured Forwarding 12 PHB
af33: Assured Forwarding 33 PHB
af13: Assured Forwarding 13 PHB
af41: Assured Forwarding 41 PHB
af21: Assured Forwarding 21 PHB
af42: Assured Forwarding 42 PHB
af22: Assured Forwarding 22 PHB
af43: Assured Forwarding 43 PHB
af23: Assured Forwarding 23 PHB
be: Best effort forwarding PHB
af31: Assured Forwarding 31 PHB
ef: Expedited forwarding PHB
+
More than one of the above keywords can be entered within a single command.
Usage
DSCP levels can be assigned to specific traffic patterns in order to ensure that data packets are delivered according to the precedence with which they’re tagged. The diffserv markings are applied to the outer IP header of every GTP data packet. The diffserv marking of the inner IP header is not modified.
The four traffic patterns have the following order of precedence: background (lowest), interactive, streaming, and conversational (highest). Data packets falling under the category of each of the traffic patterns are tagged with a DSCP that further indicate their precedence as shown in the following tables :
Class structure for assured forwarding (af) levels
DSCP Precedence
The DSCP level can be configured for multiple traffic patterns within a single instance of this command.
The no ip qos command can be issued to remove a QOS setting and return it to it’s default setting.
Example
The following command configures the DSCP level for the streaming traffic pattern to be ef:
ip qos streaming ef
The following command configures the DSCP levels for the conversational, streaming, interactive and background traffic patterns to be ef, ef, af22, and af41, respectively:
ip qos-dscp conversational ef streaming ef interactive af22 background af41
 
max-retransmissions
Configures the maximum number of times that GTP control packets are retransmitted to an SGSN before it marks it unreachable.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
max-retransmissions max_number
max_number
Default: 4
Indicates the maximum number of times that GTP control packets are retransmitted.
max_number can be configured to any integer value between 0 and 15.
Usage
This command is used in conjunction with the timeout command to control the retransmission of GTP control packets when no response is received from an SGSN. It is equivalent to the N3-REQUESTS parameter discussed in 3GPP TS 29.060.
If no response is received from the SGSN prior to the expiration of the timeout value, the GTP control packets are re-sent by the GGSN. This process occurs as many times as allowed by the configuration of this command.
If the max-retransmissions value is exceeded, the GGSN records a “Path Failure” for that SGSN and releases all PDP contexts associated with it.
Example
The following command configures the maximum number of retransmissions to 8:
max-retransmissions 8
 
mbms policy
This command enables/disables the MBMS user service support for Multicast and/or Broadcast mode. It also specifies the policy for MBMS user service mode.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
mbms policy multicst broadcast
[no | default] mbms policy
no
Removes/disables the configured MBMS support for Multicast and/or Broadcast mode in this GGSN service.
default
Restores the default mode of MBMS support in this GGSN service.
multicst broadcast
Enables the MBMS support and configures the policy for multicast and broadcast of user service.
Usage
Use this command to enable/disable the MBMS user service support for Multicast and/or Broadcast mode. It also specifies the policy for MBMS user service mode.
Example
The following command enables the MBMS support in this GGSN service:
mbms policy multicast broadcast
 
newcall
This command enables/disables the new call related behavior of GGSN service when duplicate sessions with same IP address request is received. This feature is required to support the interworking with P-GW and HA.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[default] newcall duplicate-subscriber-requested-address {accept | reject}
default
Restores the default mode for new call session with same address request received in this GGSN service. It sets the new call related behavior to reject call with duplicate address request.
accept
Sets the system to “accept” the another session using same IP address for new call. New session will be accepted and old session will be torn down.
Default: Disbaled
reject
Reject new call with duplicate address request. This is the default behavior.
Default: Enabled
Usage
Use this command to enable/disable to support the new connection where UE is not able to gracefully disconnect from the Enterprise PDN before it attempts to reconnect via another access method. The Enterprise xGW (GGSN) shall be able to tear down the old session in order to accept the new connection with the same IP address assignment.
By use of this feature GGSN will allow accepting request for static subscriber address, even if address is already used by another session. If this feature is not enabled, then new request with same IP address for another session will be rejected.
Important: This command is a license-enabled feature.
Example
The following command allows the GGSN to accept the duplicate call session request with same IP address:
newcall duplicate-subscriber-requested-address accept
 
path-failure
Determines the GTP path-failure behavior on echo/non-echo messages.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
path-failure detection-policy gtp {echo [non-echo] | non-echo [echo] }
[no | default] path-failure detection-policy
no
No defined detection policy means path-failures are not detected.
default
Use the default command to set the path-failure detection-policy to gtp in echo mode.
detection-policy gtp {echo [non-echo] | non-echo [echo] }
Detection-policy is the policy to be used when path-failure is in the default active state. GTP messages are either gtp(u) (user) or gtp(c) (control) type, and the gtp keyword takes either echo or non-echo as message type.
echo: gtp(u) or gtp(c) message.
non-echo: a message type other than gtp(u) or gtp(c).
Usage
Under current circumstances, a GGSN shuts down the GTP tunnel if the associated SGSN does not respond to multiple retries of an echo or non-echo message from the GGSN. In this way, a single call failure could be responsible for the loss of all active calls in the tunnel.
This is also an issue when echo is disabled, or when there is very little traffic on the SGSN and the GGSN is configured with large echo intervals.
This behavior adversely impacts the user experience because the customer has to reconnect every time this happens with their SGSN.
Example
The following example detects path failures when the SGSN fails to respond to multiple echo message retries:
path-failure detection-policy gtp echo
The following example turns off path-failure detection. On timeout of gtp(c) message retries, the particular context will be purged:
no path-failure detection-policy
 
plmn id
Configures the GGSN’s public land mobile network (PLMN) identifiers. Up to five PLMN IDs can be configured for each GGSN service.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
plmn id mcc mcc_number mnc mnc_number [primary]
no plmn id mcc mcc_number mnc mnc_number
no
Removes a previously configured PLMN identifier for the GGSN service.
mcc mcc_number
Specifies the mobile country code (MCC) portion of the PLMN’s identifier.
mcc_number is the PLMN MCC identifier and can be configured to any integer value between 100 and 999.
mnc mnc_number
Specifies the mobile network code (MNC) portion of the PLMN’s identifier.
mnc_number is the PLMN MNC identifier and can be configured to any 2 or 3 digit integer value between 00 and 999.
primary
When multiple PLMN IDs are configured the primary keyword can be used to designate one of the PLMN IDs to be used for the AAA attribute (3GPP-GGSN-MCC-MNC).
Usage
The PLMN identifier is used to aid the GGSN service in the determination of whether or not a mobile station is visiting, roaming, or home. Multiple GGSN services can be configured with the same PLMN identifier. Up to five PLMN IDs can be configured for each GGSN Service.
Example
The following command configures the PLMN identifier with an MCC of 462 and MNC of 2:
plmn id mcc 462 mnc 02
 
plmn unlisted-sgsn
Configures the GGSN’s policy for handling communications from SGSNs that it is not configured to communicate with.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[default] plmn unlisted-sgsn {foreign [disable-gtpc-echo] [reject-foreign-subscriber] | home [disable-gtpc-echo] | reject}
default
Resets configured parameters to their default settings.
foreign
Default: Disabled
Specifies that the GGSN service accepts messages from SGSNs that are not configured within the service using the sgsn command.
This keyword also dictates that unlisted SGSNs are treated as if they belong to a foreign PLMN. Therefore PDP contexts originating from them are treated as visiting or roaming.
disable-gtpc-echo
Default: Send GTPC Echo messages to unlisted SGSNs.
When this keyword is specified, GTPC echo messages are not sent to unlisted SGSNs.
reject-foreign-subscriber
Default: Disabled
Specifies that incoming calls from foreign subscribers are rejected.
home
Default: Disabled
Specifies that the GGSN service accepts messages from SGSNs that are not configured within the service using the sgsn command.
This keyword also dictates that unlisted SGSNs are treated as if they belong to the GGSN service’s home PLMN.
reject
Default: Enabled
Specifies that the GGSN service rejects messages from SGSNs that are not configured within the service using the sgsn command.
When the GGSN service rejects the message(s), it returns a cause code of No Resources 199 (C7H, No resources available).
Usage
This command works in conjunction with the sgsn command that configures the GGSN service to communicate with specific SGSNs. Any messages received from SGSNs not configured in that list are subject to the rules dictated by the unlisted-sgsn policy.
Example
The following command configures the GGSN service to accept messages from unlisted SGSNs and treat the SGSN as if it is on the GGSN’s home network:
plmn unlisted-sgsn accept home
 
policy
Specifies the reject code to be used in the "Create PDP Context" response message when a RADIUS server timeouts.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
policy {accounting-server-timeout use-reject-code {system-failure | no-resources } | authentication-server-timeout use-reject-code {system-failure | user-authentication-failure } }
default policy {authentication-server-timeout | accounting-server-timeout }
default
Restores the specified parameter to its default setting.
accounting-server-timeout use-reject-code {system-failure | no-resources }
Default: no-resources
Specifies the reject code used by the GGSN if communication with an accounting server times out. The possible reject codes are:
authentication-server-timeout use-reject-code {system-failure | user-authentication-failure }
Default: user-authentication-failure
Specifies the reject code used by the GGSN if communication with an authentication server times out. The possible reject codes are:
Usage
This command is used to configure the cause code used by the GGSN if communication with either a RADIUS authentication or accounting server times out.
When this parameter is used in conjunction with Radius accounting servers, the response is only set if a flag is configured in the APN Delay GTP Response, only after getting a response to the Accounting Start.
Example
The following command configures the GGSN response to a RADIUS authentication server timeout to be system-failure:
policy authentication-server-timeout use-reject-code system-failure
 
retransmission-timeout
Configures the timeout period in between retransmissions of GTP control packets. This timeout configuration is not applicable on Echo Request retransmission.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
retransmission-timeout retransmit_time
retransmit_time
Default: 5
Specifies the amount of time that must pass without an SGSN response before the GGSN service retransmits GTP control packets.
retransmit_time is measured in seconds and can be configured to any integer value between 1 and 20.
Usage
This command is used in conjunction with the max-retransmissions command to control the retransmission of GTP control packets when no response is received from an SGSN.
If no response is received from the SGSN prior to the expiration of the timeout value, the GTP control packets are re-sent by the GGSN. This process occurs as many times as allowed by the configuration of the max-retransmissions command.
If the max-retransmissions value is exceeded within the retransmission-timeout period, the GGSN records a “Path Failure” for that SGSN and releases all PDP contexts associated with it.
Important: This retransmission timeout configuration in not applicable for Echo Requests message retransmission. Echo are sent/retransmitted every echo interval, which can be configured separately.
Example
The following command configures a timeout value of 20 seconds:
retransmission-timeout 20
 
setup-timeout
Configures the maximum amount of time the GGSN service allows for the setting up of PDP contexts.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
setup-timeout setup_time
setup-time
Default: 60
Specifies the maximum amount of time the GGSN service allows for the setting up of PDP contexts.
setup_time is measured in seconds and can be configured to any integer value between 1 and 6000.
Usage
Use this command to limit the amount of time allowed for setting up PDP contexts. If the PDP context is not setup within the configured time frame, the GGSN service rejects the PDP context with a cause code of 199 (C7H, No resources available).
Example
The following command allows a maximum of 120 seconds for the setting up of PDP contexts:
setup-timeout 120
 
sgsn address
Configures the SGSNs that this GGSN service is allowed to communicate with.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
sgsn address {{ip_address [subnetmask netmask ]} | ip_address/netmask} [plmn-foreign [reject-foreign-subscriber] |mcc mcc_code mnc mnc_code [reject-foreign-subscriber]] [rat-type {GAN | GERAN | HSPA | UTRAN | WLAN }] [description description ] [disable-gtpc-echo]
no sgsn {address ip_address [subnetmask netmask ] }
no
Removes a specific SGSN from the list or all configured SGSNs.
address
Configures the IP address of the SGSN.
ip_address must be expressed in dotted decimal notation.
subnetmask
Configures the subnet mask of the SGSN.
netmask must be expressed in dotted decimal notation.
disable-gtpc-echo
Default: Send GTPC Echo messages to unlisted SGSNs.
When this keyword is specified, GTPC echo messages are not sent to unlisted SGSNs.
plmn-foreign
Indicates whether or not the SGSN belongs to a foreign public land mobile network (PLMN).
reject-foreign-subscriber
Default: Disabled
Specifies that incoming calls from foreign subscribers are rejected.
mcc mcc_code
Specifies the mobile country code (MCC) portion of the PLMN’s identifier.
mcc_code is the PLMN MCC identifier and can be configured to any integer value between 100 and 999.
mnc mnc_code
Specifies the mobile network code (MNC) portion of the PLMN’s identifier.
mnc_code is the PLMN MNC identifier and can be configured to any 2 or 3 digit integer value between 00 and 999.
rat-type {GAN | GERAN | HSPA | UTRAN | WLAN }
This keyword configures the type of radio access technology.
GAN: Specifies the Generic Access Network type of RAT.
GERAN: Specifies the GSM EDGE Radio Access Network type of RAT.
HSPA: Specifies the Hight Speed Packet Access type of RAT.
UTRAN: Specifies the UMTS Terrestrial Radio Access Network type of RAT.
WLAN: Specifies the Wireless Local Access Network type of RAT.
description description
Add description field to the SGSN entry in GGSN service.
description is a string of 1 to 63 alpha and/or numeric characters.
Usage
Use this command to configure a list of SGSNs that the GGSN service is to communicate with. This command can be entered multiple times to configure multiple SGSNs.
Important: The GGSN only communicates with the SGSNs configured using this command unless a plmn-policy is enabled to allow communication with unconfigured SGSNs. PLMN policies are configured using the plmn unlisted-sgsn command.
Example
The following command configures the GGSN to communicate with an SGSN on a foreign PLMN with an IP address of 192.168.1.100 and subnet mask of 255.255.255.0:
sgsn address 192.168.1.100 subnetmask 255.255.255.0 plmn-foreign
 
sgsn define-multiple-address-group
This keyword defines an SGSN Multiple Address Group and enters SGSN Multiple Address Group Configuration mode. Whenever there is a change in the control address in a GTPC UPC message, it is treated as an inter-SGSN handoff because an SGSN is usually identified uniquely by a single IP-address. This command supports a multiple address group feature which allows you to specify a set of addresses that specify a single SGSN. When a UPC handoff is received from any address in the group, it is treated as an intra-SGSN handoff.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
[no] sgsn define-multiple-address-group grp_name
no
Removes a specific SGSN Multiple Address Group from the list GGSN service configuration.
grp_name
Specifies the name of an SGSN multiple address group to create or configure.
must be an alphanumeric string from 1 through 63 characters in length.
Usage
Use this command to create or configure an SGSN Multiple Address Group that the GGSN service is to communicate with. This command can be entered multiple times to configure multiple SGSN Multiple Address Groups.
Example
The following command creates an SGSN Multiple Address Group named sgsngrp1 enters SGSN Multiple Address Group Configuration mode:
sgsn define-multiple-address-group sgsngrp1
 
sgsn multiple-address-group
Configures the SGSN multiple address groups that this GGSN service is allowed to communicate with.
Product
GGSN
Privilege
Security Administrator, Administrator
Syntax
sgsn multiple-address-group grp_name [disable-gtpc-echo] [mcc mcc_code mnc mnc_code [reject-foreign-subscriber]] [plmn-foreign [reject-foreign-subscriber] [rat-type {GAN | GERAN | HSPA | UTRAN | WLAN }] [description description ]
no sgsn multiple-address-group grp_name
no
Removes a specific SGSN multiple address group from the list of configured SGSN multiple address groups.
grp_name
Specifies the name of a configured SGSN multiple address group to use.
disable-gtpc-echo
Default: Send GTPC Echo messages to unlisted SGSNs.
When this keyword is specified, GTPC echo messages are not sent to unlisted SGSNs.
plmn-foreign
Indicates whether or not the SGSN multiple address group belongs to a foreign public land mobile network (PLMN).
reject-foreign-subscriber
Default: Disabled
Specifies that incoming calls from foreign subscribers are rejected.
mcc mcc_code
Specifies the mobile country code (MCC) portion of the PLMN’s identifier.
mcc_code is the PLMN MCC identifier and can be configured to any integer value between 100 and 999.
mnc mnc_code
Specifies the mobile network code (MNC) portion of the PLMN’s identifier.
mnc_code is the PLMN MNC identifier and can be configured to any 2 or 3 digit integer value between 00 and 999.
rat-type {GAN | GERAN | HSPA | UTRAN | WLAN }
This keyword configures the type of radio access technology.
GAN: Specifies the Generic Access Network type of RAT.
GERAN: Specifies the GSM EDGE Radio Access Network type of RAT.
HSPA: Specifies the Hight Speed Packet Access type of RAT.
UTRAN: Specifies the UMTS Terrestrial Radio Access Network type of RAT.
WLAN: Specifies the Wireless Local Access Network type of RAT.
description description
Add a description field to the SGSN multiple address group entry in the GGSN service configuration.
description must be a string of 1 through 63 alphanumeric characters.
Usage
Use this command to configure a list of SGSN multiple address groups that the GGSN service is to communicate with. This command can be entered multiple times to configure multiple SGSN multiple address groups.
Important: The GGSN only communicates with the SGSN multiple address groups configured using this command unless a plmn-policy is enabled to allow communication with unconfigured SGSNs. PLMN policies are configured using the plmn unlisted-sgsn command.
Example
The following command configures the GGSN to communicate with an SGSN with multiple address that is defined by an SGSN multiple address group named sgsngrp1 that is on a foreign PLMN:
sgsn multiple-address-group sgsngrp1 plmn-foreign
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883