IMPORTANT:
CAUTION:
IMPORTANT:
Configuring the System as a Standalone MME (base configuration)
Information Required
Required MME Context Configuration Information
Required Information | Description |
---|---|
MME context name
|
An identification string
from 1 to 79 characters (alpha and/or numeric) by which
the MME context is recognized by the system.
|
S1-MME Interface Configuration
(To/from eNodeB)
|
|
Interface name
|
An identification
string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.
Multiple names are
needed if multiple interfaces will be configured.
|
IP address and subnet
|
IPv4 or IPv6 address
assigned to the S1-MME interface. This address will be used for
binding the SCTP (local bind address(es)) to communicate with the eNodeBs
using S1-AP.
Multiple addresses
and subnets are needed if multiple interfaces will be configured.
|
Physical port number
|
The physical port
to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the
number of the physical connector on the card. For example, port
17/1 identifies connector number 1 on the card in slot
17.
A single physical port
can facilitate multiple interfaces.
|
S11 Interface Configuration
(To/from S-GW)
|
|
Interface name
|
An identification
string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.
Multiple names are
needed if multiple interfaces will be configured.
|
IP address and subnet
|
IPv4 address assigned
to the S11 interface.
Multiple addresses
and subnets are needed if multiple interfaces will be configured.
|
Physical port number
|
The physical port
to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the
number of the physical connector on the card. For example, port
17/1 identifies connector number 1 on the card in slot
17.
A single physical port
can facilitate multiple interfaces.
|
S6a Interface Configuration
(To/from HSS)
|
|
Interface name
|
An identification
string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.
Multiple names are
needed if multiple interfaces will be configured.
|
IP address and subnet
|
IPv4 or IPv6 addresses
assigned to the S6a interface.
Multiple addresses
and subnets are needed if multiple interfaces will be configured.
|
Physical port number
|
The physical port
to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the
number of the physical connector on the card. For example, port
17/1 identifies connector number 1 on the card in slot
17.
A single physical port
can facilitate multiple interfaces.
|
S6a Diameter Endpoint
Configuration
|
|
End point name
|
An identification string
from 1 to 63 characters (alpha and/or numeric) by which
the S6a Diameter endpoint configuration is recognized by the system.
|
Origin realm name
|
An identification string
between 1 through 127 characters.
The realm is the Diameter
identity. The originator’s realm is present in all Diameter
messages and is typically the company or service name.
|
Origin host name
|
An identification string
from 1 to 255 characters (alpha and/or numeric) by which
the S6a origin host is recognized by the system.
|
Origin host address
|
The IP address of the
S6a interface.
|
Peer name
|
The S6a endpoint name
described above.
|
Peer realm name
|
The S6a origin realm
name described above.
|
Peer address and port number
|
The IP address and
port number of the HSS.
|
Route-entry peer
|
The S6a endpoint name
described above.
|
S13 Interface Configuration
(To/from EIR)
|
|
Interface name
|
An identification
string between 1 and 79 characters (alpha and/or numeric) by
which the interface is recognized by the system.
Multiple names are
needed if multiple interfaces will be configured.
|
IP address and subnet
|
IPv4 or IPv6 addresses
assigned to the S13 interface.
Multiple addresses
and subnets are needed if multiple interfaces will be configured.
|
Physical port number
|
The physical port
to which the interface will be bound. Ports are identified by the
chassis slot number where the line card resides followed by the
number of the physical connector on the card. For example, port
17/1 identifies connector number 1 on the card in slot
17.
A single physical port
can facilitate multiple interfaces.
|
S13 Diameter Endpoint
Configuration
|
|
End point name
|
An identification string
from 1 to 63 characters (alpha and/or numeric) by which
the S13 Diameter endpoint configuration is recognized by the system.
|
Origin realm name
|
An identification string
between 1 through 127 characters.
The realm is the Diameter
identity. The originator’s realm is present in all Diameter
messages and is typically the company or service name.
|
Origin host name
|
An identification string
from 1 to 255 characters (alpha and/or numeric) by which
the S13 origin host is recognized by the system.
|
Origin host address
|
The IP address of the
S13 interface.
|
Peer name
|
The S13 endpoint name
described above.
|
Peer realm name
|
The S13 origin realm
name described above.
|
Peer address and port number
|
The IP address and
port number of the EIR.
|
Route-entry peer
|
The S13 endpoint name
described above.
|
MME Service Configuration
|
|
MME service name
|
An identification
string from 1 to 63 characters (alpha and/or numeric) by which
the MME service can be identified on the system. It is configured
in the Context configuration mode.
Multiple names are
needed if multiple MME services will be configured.
|
PLMN identifier
|
The identifier of
Public Land Mobile Network (PLMN) of which MME belongs to. PLMN
identifier is consisting of MCC and MNC.
|
MME identifier
|
The identifier of
MME node. The MME Id is consisting of MME group and MME code.
|
TAI management database
name
|
An identification
string from 1 to 64 characters (alpha and/or numeric) by which
the TAI management database service can be associated with the MME service.
This is required for
static S-GW selection. Refer to the Required MME Policy
Configuration Information section below.
|
P-GW IP address
|
IPv4 or IPv6 address
of a PDN Gateway (P-GW). This is required for static S-GW/P-GW
selection.
|
eGTP Service Configuration
|
|
eGTP service name
|
An identification
string from 1 to 63 characters (alpha and/or numeric) by which
the eGTP service can be associated with MME system.
Multiple names are
needed if multiple eGTP services will be used.
|
Interface type
|
Identifies the type
of interface to which the eGTP service is bound. This interface
type is “interface-mme”.
|
GTP-C binding IP address
|
The IPv4 address of
the S11 interface.
|
HSS Peer Service Configuration
|
|
HSS peer service name
|
An identification
string from 1 to 63 characters (alpha and/or numeric) by which
the HSS peer service is recognized by the system.
Multiple names are
needed if multiple HSS peer services will be used.
|
Diameter HSS peer
|
The name for a pre-configured
Diameter endpoint, configured on system to associate with this MME
service to access an HSS and an EIR. This is the S6a Diameter endpoint
name.
|
Required MME Policy Configuration Information
Required Information | Description |
---|---|
Tracking Area Identifier (TAI)
management database name
|
An identification
string from 1 to 64 characters (alpha and/or numeric) by which
the TAI management database is recognized by the system.
|
Tracking Area Identifier (TAI)
management object name
|
An identification
string from 1 to 64 characters (alpha and/or numeric) by which
the TAI management object is recognized by the system.
|
MCC, MNC, and TAC
|
The Mobile Country
Code, Mobile Network Code, and Tracking Area Code for the S-GW this
management object represents.
|
S-GW IP address
|
The IPv4 or IPv6 address of the S-GW this management object represents. |
How This Configuration Works
Creating and Configuring the MME Context and Service
configure
context
<mme_context_name>
-noconfirm
interface
<s1-mme_intf_name>
ip
address <ipv4_address>
exit
interface <s11_intf_name>
ip
address <ipv4_address>
exit
interface <s6a_intf_name>
ip
address <ipv4_address>
exit
interface <s13_intf_name>
ip
address <ipv4_address>
exit
mme-service
<mme_svc_name>
-noconfirm
mme-id
group-id <grp_id>
mme-code <mme_code>
plmn-id
mcc <mcc_value>
mnc <mnc_value>
associate
egtp-service <egtp-service_name>
context <mme_context_name>
associate
hss-peer-service <hss_peer_service_name>
context <mme_context_name>
policy
attach imei-query-type imei-sv verify-equipment-identity
pgw-address
<pgw_ip_address>
bind
s1-mme ipv4-address <ip_address>
exit
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s1-mme_intf_name> <mme_context_name>
end
Creating and Configuring the eGTP Service and Interface Association
Creating and Configuring the HSS Peer Service and Interface Associations
configure
context <mme_context_name>
hss-peer-service hss_peer_service_name
diameter
hss-endpoint <hss_endpoint_name>
eir-endpoint <eir-endpoint_name>
exit
exit
diameter
endpoint <hss-endpoint_name>
origin
realm <realm_name>
origin
host <name>
address <S6a_interface_address>
peer
<peer_name>
realm <realm_name>
address <hss_ip_address>
route-entry
realm <realm_name> peer
<peer_name>
exit
diameter
endpoint <eir-endpoint_name>
origin
realm <realm_name>
origin
host <name>
address <S13_interface_address>
peer
<peer_name>
realm <realm_name>
address <eir_ip_address>
route-entry
realm <realm_name> peer
<peer_name>
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s6a_interface_name> <mme_context_name>
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s13_interface_name> <mme_context_name>
end
Configuring Optional Features on the MME
Configuring Circuit Switched Fallback
IMPORTANT:
configure
lte-policy
tai-mgnt-db <db_name>
tai-mgmt-obj <object_name>
lai
mcc <number>
mnc <number>
lac <area_code>
tai
mcc <number>
mnc <number>
tac <area_code>
exit
exit
exit
context
<mme_context_name>
-noconfirm
interface <sgs_intf_name>
ip
address <ipv4_address>
exit
sgs-service
<name>
-noconfirm
sctp
port <port_number>
tac-to-lac-mapping
tac <value>
map-to lac <value> +
vlr
<vlr_name>
ipv4-address <ip_address>
port <port_number>
pool-area <pool_name>
lac
<area_code> +
hash-value
non-configured-value use-vlr <vlr_name>
hash-value
range <value> to
<value>
use-vlr <vlr_name>
exit
bind
ipv4-address <sgs-intf_ipv4_address>
exit
mme-service <service_name>
associate
tai-mgmt-db <db_name>
associate
sgs-service <sgs_svc_name>
end
Configuring Dynamic Peer Selection
Configuring Gn/Gp Handover Capability
configure
context
<mme_context_name>
-noconfirm
interface <Gn_intf_name>
ip
address <ipv4_address>
exit
sgtp-service <sgtp_svc_name>
gtpc
bind address <Gn_intf_ip_address>
exit
mme-service <mme_svc_name>
associate
sgtpc-service <sgtp_svc_name>
peer-sgsn
rai mcc <mcc_value> mnc
<mnc_value>
rac <value>
lac <value>
address <ip_address> capability
gn
nri
length <length>
plmn-id mcc <mcc_value>
mnc <mnc_value>
end
Configuring Inter-MME Handover Support
configure
context
<mme_context_name>
-noconfirm
interface <s10_intf_name>
ip
address <ipv4_address>
exit
egtp-service <egtp_service_name>
interface-type
interface-mme
gtpc
bind ipv4-address <s10_infc_ip_address>
exit
exit
mme-service <mme_svc_name>
peer-mme
gummei mcc <number> mnc
<number>
group-id <id>
mme-code <code>
address <ipv4_address>
exit
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s10_interface_name> <mme_context_name>
end
Configuring X.509 Certificate-based Peer Authentication
IMPORTANT:
configure
certificate
name <cert_name>
pem url <cert_pem_url>
private-key pem url <private_key_url>
ca-certificate
name <ca_cert_name> pem
url <ca_cert_url>
end
configure
context <mme_context_name>
crypto
template <crypto_template_name>
ikev2-dynamic
certificate
name <cert_name>
ca-certificate
list ca-cert-name <ca_cert_name>
authentication
local certificate
authentication
remote certificate
end
Configuring Dynamic Node-to-Node IP Security on the S1-MME Interface
Creating and Configuring an IPSec Transform Set
configure
context <mme_context_name>
ipsec
transform-set <ipsec_transform-set_name>
encryption
aes-cbc-128
group
none
hmac
sha1-96
mode
tunnel
end
Creating and Configuring an IKEv2 Transform Set
configure
context <mme_context_name>
ikev2-ikesa
transform-set <ikev2_transform-set_name>
encryption
aes-cbc-128
group
2
hmac
sha1-96
lifetime <sec>
prf
sha1
end
Creating and Configuring a Crypto Template
configure
context <mme_context_name>
crypto
template <crypto_template_name>
ikev2-dynamic
authentication
local pre-shared-key key <text>
authentication
remote pre-shared-key key <text>
ikev2-ikesa
transform-set list <name1>
. . . <name6>
ikevs-ikesa
rekey
payload
<name>
match childsa match ipv4
ipsec
transform-set list <name1>
. . . <name4>
rekey
end
Binding the S1-MME IP Address to the Crypto Template
Configuring ACL-based Node-to-Node IP Security on the S1-MME Interface
IMPORTANT:
Creating and Configuring a Crypto Access Control List
Creating and Configuring an IPSec Transform Set
configure
context <mme_context_name>
ipsec
transform-set <ipsec_transform-set_name>
encryption
aes-cbc-128
group
none
hmac
sha1-96
mode
tunnel
end
Creating and Configuring an IKEv2 Transform Set
configure
context <mme_context_name>
ikev2-ikesa
transform-set <ikev2_transform-set_name>
encryption
aes-cbc-128
group
2
hmac
sha1-96
lifetime <sec>
prf
sha1
end
Creating and Configuring a Crypto Map
configure
context <mme_context_name>
crypto
map <crypto_map_name> ikev2-ipv4
match
address <acl_name>
peer <ipv4_address>
authentication
local pre-shared-key key <text>
authentication
remote pre-shared-key key <text>
ikev2-ikesa
transform-set list <name1>
. . . <name6>
payload
<name>
match ipv4
lifetime <seconds>
ipsec
transform-set list <name1>
. . . <name4>
exit
exit
interface
<s1-mme_intf_name>
ip
address <ipv4_address>
crypto-map <crypto_map_name>
exit
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s1-mme_intf_name> <mme_context_name>
end
Configuring Load Balancing on the MME
Configuring Mobility Restriction Support
Configuring Inter-RAT Handover Restrictions on the MME
Configuring Location Area Handover Restrictions on the MME
configure
lte-policy
ho-restrict-list <name>
forbidden
location-area plmnid <id>
lac
<area_code> <area_code>
<area_code> +
end
Configuring Tracking Area Handover Restrictions on the MME
configure
lte-policy
ho-restrict-list <name>
forbidden
tracking-area plmnid <id>
tac
<area_code> <area_code>
<area_code> +
end
Configuring S4-SGSN Handover Capability
configure
context
<mme_context_name>
-noconfirm
interface <s3_interface_name>
ip
address <ipv4_address>
exit
mme-service <mme_svc_name>
peer-sgsn
rai mcc <mcc_value> mnc
<mnc_value>
rac <value>
lac <value>
address <ip_address> capability
s3
nri
length <length>
plmn-id mcc <mcc_value>
mnc <mnc_value>
exit
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s3_interface_name> <mme_context_name>
end
Configuring SCTP Multi-homing Support
Configuring SCTP Multi-homing on the S1-MME Interface
configure
context
<mme_context_name>
-noconfirm
interface
<s1-mme_intf_name>
ip
address <ipv4_address>
ip
address <secondary_ipv4_address>
exit
mme-service <mme_svc_name>
bind
s1-mme ipv4-address <ipv4_address>
ipv4-address <secondary_ipv4_address>
exit
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s1-mme_intf_name> <mme_context_name>
end
Configuring SCTP Multi-homing on the S6a Interface
configure
context <mme_context_name>
interface <s6a_intf_name>
ip
address <s6a_intf_primary_ip_addr> <ip_mask>
ip
address <s6a_intf_secondary_ip_addr2> <ip_mask>
secondary
ip
address <s6a_intf_secondary_ip_addr3> <ip_mask>
secondary
exit
exit
diameter
endpoint <hss-endpoint_name>
origin
realm <realm_name>
origin
host <name>
address <s6a_intf_primary_ip_addr>
port <number>
address <s6a_intf_secondary_ip_addr2>
port <number>
address <s6a_intf_secondary_ip_addr3>
port <number>
peer
<peer_name>
realm <realm_name>
address <hss_ip_addr1> port
<number>
address <hss_ip_addr2> port
<number>
sctp
route-entry
realm <realm_name> peer
<peer_name>
exit
port
ethernet <slot_number/port_number>
no
shutdown
bind
interface <s6a_intf_name> <mme_context_name>
exit
Configuring Static S-GW Pools
Creating and Configuring a TAI Management Database and Object
configure
lte-policy
tai-mgmt-db <db_name>
tai-mgmt-obj <object_name>
tai
mcc <number>
mnc <number>
tac <value>
sgw-address
<ipv4_address> s5-s8-protocol
gtp weight <number>
end
Associating a TAI Management Database with an MME Service
Associating a TAI Management Database with a Call Control Profile
Configuring User Location Information Reporting Support
IMPORTANT:
configure
context <mme_context_name>
mme-service <mme_svc_name>
location-reporting
end