The ASR 5000 system provides wireless carriers with a flexible solution that can support a wide variety of services. These services are described in detail in the ASR 5000 Product Overview Guide.
Associate ports with contexts through bindings. For additional information on bindings, refer to the Bindings section below. You can configure each physical port to support multiple logical IP interfaces, each with up to 17 IP addresses (one primary and up to 16 secondaries).
For complete information on line cards and port assignments, refer to the ASR 5000 Installation and Administration Guide.
You must associate a port with a virtual circuit or tunnel called a logical interface before the port can allow the flow of user data. A logical interface within the system is the assignment of a virtual router instance that provides higher-layer protocol transport, such as Layer 3 IP addressing. Interfaces are configured as part of the VPN context and are independent from the physical port that will be used to bridge the virtual interfaces to the network.
Define management interfaces in the local context and bind them to the ports on the Switch Processor Input/Output (SPIO) cards.
Static binding is accomplished through system configuration. Static bindings associate:
Dynamic binding associates a subscriber to a specific egress context based on the configuration of their profile or system parameters. This provides a higher degree of deployment flexibility, as it allows a wireless carrier to support multiple services and facilitates seamless connections to multiple networks.
Important: Mobile IP support depends on the availability and purchase of a standalone license or a license bundle that includes Home Agent (HA).|
•
|
RADIUS-based Subscribers: The most common type of subscriber, these users are identified by their International Mobile Subscriber Identity (IMSI) number, an Electronic Serial Number (ESN), or by their domain name or user name. They are configured on and authenticated by a RADIUS AAA server.
|
Important: Attribute settings received by the system from a RADIUS AAA server take precedence over local-subscriber attributes and parameters configured on the system.|
•
|
Local Subscribers: These are subscribers, primarily used for testing purposes, that are configured and authenticated within a specific context. Unlike RADIUS-based subscribers, the local subscriber’s user profile (containing attributes like those used by RADIUS-based subscribers) is configured within the context where they are created.
|
When local subscriber profiles are first created, attributes for that subscriber are set to the system’s default settings. The same default settings are applied to all subscriber profiles, including the subscriber named default which is created automatically by the system for each system context. When configuring local profile attributes, the changes are made on a subscriber-by-subscriber basis.
Important: Attributes configured for local subscribers take precedence over context-level parameters. However, they could be over-ridden by attributes returned from a RADIUS AAA server.|
•
|
Management Subscribers: A management user is an authorized user who can monitor, control, and configure the system through the CLI or Web Element Manager application. Management is performed either locally, through the system Console port, or remotely through the use of the Telnet or secure shell (SSH) protocols. Management users are typically configured as a local subscriber within the Local context, which is used exclusively for system management and administration. As with a local subscriber, a management subscriber’s user profile is configured within the context where the subscriber was created (in this case, the Local context). However, management subscribers may also be authenticated remotely via RADIUS, if an AAA configuration exists within the local context, or TACACS+.
|
The system comes configured with a context called local that you use specifically for management purposes. The context selection process for context-level administrative users (those configured within a context) is simplified because the management port(s) on the SPIO are associated only with the Local context. Therefore, the source and destination contexts for a context-level administrative user responsible for managing the entire system should always be the local context.
For all FTP or SFTP connections, you must connect through an SPIO interface. If you SFTP or FTP as a non-local context account, you must use the username syntax of username@contextname.
The context selection process for a subscriber session is more involved than that for the administrative users. Subscriber session context selection information for specific products is located in the Administration Guide for the individual product.
The following flowchart shows each step in the startup process. For additional information about system configuration files, refer to the Understanding Configuration Files section.
Important: If no SMCs are installed, or if they are installed incorrectly, no other card installed in the system will boot.The wizard creates a configuration file (system.cfg) that you can use as a starting point for subsequent configurations. This allows you to configure the system automatically by applying the configuration file during any subsequent boot. For additional information about system configuration files, refer to the Understanding Configuration Files section.
Important: Pipes ( | ), used with the grep and more keywords, can potentially cause errors in configuration file processing. Therefore, the system automatically ignores keywords with pipes during processing.
Important: Always save configuration files in UNIX format. Failure to do so can result in errors that prevent configuration file processing. The commands and configuration data within the file are organized and formatted just as they would be if they were being entered at the CLI prompt. For example, if you wanted to create a context called source in the CLI, you would enter the following commands at their respective prompts:
To create a context called source using a configuration file, you would use a text editor to create a new file that consists of the following:
|
•
|
|
•
|
Important: When you apply a configuration file after the boot process, the file does not delete the configuration loaded as part of the boot process. Only those commands that are duplicated are overwritten.|
•
|
CompactFlash™: Installed on the SPC or SMC.
|
|
•
|
PCMCIA Flash Card: Installed in a slot on the SPC or SMC.
|
|
•
|
Network Server: Any workstation or server on the network that the system can access using the Trivial File Transfer Protocol (TFTP). This is recommended for large network deployments in which multiple systems require the same configuration.
|
|
•
|
/flash: a solid-state device with limited storage.
|
An Internet Protocol Version 4 (IPv4) address consists of 32 bits divided into four octets. These four octets are written in decimal numbers, ranging from 0 to 255, and are concatenated as a character string with full stop delimiters (dots) between each number.
An Internet Protocol Version 6 (IPv6) address has two logical parts: a 64-bit network prefix, and a 64-bit host address part. An IPv6 address is represented by eight groups of 16-bit hexadecimal values separated by colons (:).
|
•
|
Do not use any of the following “special” characters in an alphanumeric string except as noted below:
|
•
|
& (ampersand)
|
|
•
|
‘ (apostrophe)
|
|
•
|
< > (arrow brackets) [see exception below]
|
|
•
|
* (asterisk) [see wildcard exception below]
|
|
•
|
{ } (braces)
|
|
•
|
[ ] (brackets)
|
|
•
|
$ (dollar sign) [see wildcard exception below]
|
|
•
|
! (exclamation point) [see exception below]
|
|
•
|
( ) [parentheses]
|
|
•
|
% (percent) [see exception below]
|
|
•
|
# (pound sign) [see exception below]
|
|
•
|
? (question mark)
|
|
•
|
' (quotation mark – single)
|
|
•
|
" (quotation mark – double)
|
|
•
|
; (semicolon)
|
|
•
|
\ (slash – backward) [see exception below]
|
|
•
|
/ (slash – forward) [see exception below]
|
|
•
|
~ (tilde)
|
|
•
|
| (vertical bar) [see exception below]
|
|
•
|
< > (arrow brackets) [less than or greater than]
|
|
•
|
* (asterisk) [wildcard]
|
|
•
|
: (colon)
|
|
•
|
$ (dollar sign) [wildcard]
|
|
•
|
. (dot)
|
|
•
|
= (equals sign)
|
|
•
|
! (exclamation point)
|
|
•
|
% (percent)
|
|
•
|
/ (slash – forward)
|
|
•
|
| (vertical bar)
|
|
•
|
@ (at sign)
|
|
•
|
- (dash or hyphen)
|
|
•
|
# (hash or pound sign)
|
|
•
|
% [percent]
|
|
•
|
\ (slash – backward) [must be entered as double slash “\\”]
|
|
•
|
/ (slash – forward)
|
