LMA Service Configuration Mode Commands

The LMA Service Configuration Mode is used to create and manage the Local Mobility Anchor configuration supporting Proxy Mobile IP on a PDN Gateway in an eHRPD and E-UTRAN/EPC network.

Mode

Exec > Global Configuration > Context Configuration > LMA Service Configuration

configure > context context_name > lma-service service_name

Entering the above command sequence results in the following prompt:

[context_name]host_name(config-lma-service)# 

Important

The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).


aaa accounting

Enables the LMA to send AAA accounting information for subscriber sessions.

Product

P-GW

SAEGW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > LMA Service Configuration

configure > context context_name > lma-service service_name

Entering the above command sequence results in the following prompt:

[context_name]host_name(config-lma-service)# 

Syntax

[ default | no ] aaa accounting 

default

Sets the command to the default condition of enabled.

no

Disables the ability of the LMA to send AAA accounting information.

Usage Guidelines

Use this command to enable the LMA service to send all accounting data (start, stop, and interim) to the configured AAA servers.


Important

In order for this command to function properly, AAA accounting must be enabled for the context in which the LMA service is configured using the aaa accounting subscriber radius command.


Example

The following command disables aaa accounting for the LMA service:
no aaa accounting 

alt-coa-allowed

Allows Alternate Care-of-address support to be added at LMA to separate signaling and control plane traffic.

Product

P-GW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > LMA Service Configuration

configure > context context_name > lma-service service_name

Entering the above command sequence results in the following prompt:

[context_name]host_name(config-lma-service)# 

Syntax

              [  default | no ] alt-coa-allowed   

default

Including this keyword with the command disables the feature. The feature is disabled by default.

no

Disables the specified functionality.

Usage Guidelines

This command allows Alternate Care-of-address support to be added at LMA to separate signaling and control plane traffic.


Important

The support of the extensions and functionality is defined in RFC 6275 and RFC 6463 for IPv6 and IPv4 transport respectively.


Proxy Mobile IPv6 is a network-based mobility management protocol. The mobility entities involved in the Proxy Mobile IPv6 protocol, the Mobile Access Gateway (MAG) and the Local Mobility Anchor (LMA), setup tunnels dynamically to manage mobility for a mobile node within the Proxy Mobile IPv6 domain. There is an extension to the Proxy Mobile IPv6 protocol to register an IPv4 or IPv6 data plane address that is different from the Proxy Care-of Address with the LMA. This allows separation of control and data plane. Some of the deployments of Proxy Mobile IPv6 separated the control and data plane end points for Mobile Access Gateway. There will be a separate IP address for the entity that sends and received the Proxy Mobile IPv6 signaling messages. Similarly, there will be a separate IP address for the entity that encapsulates and decapsulates the data traffic to and from the mobile node.

In order to allow the separation of the control and data plane, the address of the data plane traffic endpoint needs to be sent in a separate extension to register two IP addresses with the LMA. The IP address used for the signaling messages will continue to be called the Proxy Care-of-Address. A separate IP address for the data plane is carried in the Proxy Binding Update to indicate the tunnel end point for the data traffic.

The extension Alternate Care-of-Address Mobility Option defined in RFC 6275 should be used. When using IPv6 transport and IPv4 transport, Alternate Ipv4 Care of Address Mobility Option defined in RFC 6463 should be used.

Normally, a binding update specifies the desired care-of-address in the source address field of the IPv6 header. However, in some cases such as when the mobile node wishes to indicate a Care-of Address that it cannot use as a topologically correct source address or when the used security mechanism does not protect the IPv6 header it is not possible.

The Alternate Care-of-Address option is for this type of situation. This option is valid only in binding update. The Alternate Care-of Address field contains an address to use as the care-of-address for binding rather than using the source address of the packet as the care-of-address.

Example

The following command disables Alternate Care-of-address support:

              no alt-coa-allowed   

bind address

Binds the LMA service to a logical IP interface serving as the S2a (HSGW) or S5/S8 (S-GW) interface and specifies the maximum number of subscribers that can access this service over the configured interface.

Product

P-GW

SAEGW

Privilege

Administrator

Mode

Exec > Global Configuration > Context Configuration > LMA Service Configuration

configure > context context_name > lma-service service_name

Entering the above command sequence results in the following prompt:

[context_name]host_name(config-lma-service)# 

Syntax

bind address ipv6_address [ ipv4-address ipv4_address ] [ max-subscribers num ] 
no bind address 

no

Removes the interface binding from this service.

address ipv6_address

Specifies the IPv6 address of the interface configured as the S2a or S5/S8 interface. ipv6_address is specified in colon separated notation.

ipv4-address ipv4_address

Specifies optional IPv4 HA/P-GW address to support DSMIP6 session using IPv4 transport.ipv4_address must be entered as a standard IPv4 address in dotted decimal notation.

max-subscribers num

Default: 3000000

Specifies the maximum number of subscribers that can access this service on this interface. num must be configured to an integer between 0 and 3,000,000.


Important

The maximum number of subscribers supported is dependant on the license key installed and the number of active PSCs in the system. A fully loaded system with 13 active PSCs can support 3,000,000 total subscribers. Refer to the license key command and the Usage section (below) for additional information.


Usage Guidelines

Associate the LMA service to a specific logical IP address. The logical IP address or interface takes on the characteristics of an S2a or S5/S8 interface that provides the session connectivity to an HSGW (S2a) or S-GW (S5/S8). Only one interface can be bound to a service. The interface should be configured prior to issuing this command.

This command also sets a limit as to the number of simultaneous subscribers sessions that can be facilitated by the service/interface at any given time.

When configuring the max-subscribers option, be sure to consider the following:
  • The total number of S2a or S5/S8 interfaces you will configure

  • The total number of subscriber sessions that all of the configured interfaces may handle during peak busy hours

  • An average bandwidth per session multiplied by the total number of sessions

  • The type of physical port (10/100Base-T or 1000Base-Tx) that these interfaces will be bound to

Taking these factors into account and distributing your subscriber session across all available interfaces will allow you to configure your interfaces to optimally handle sessions without degraded performance.

Example

The following command would bind the logical IP interface with the address of 4551:0db8:85a3:08d3:3319:8a2e:0370:1344 to the LMA service and specifies that a maximum of 300,000 simultaneous subscriber sessions can be facilitated by the interface/service at any given time:
bind address 4551:0db8:85a3:08d3:3319:8a2e:0370:1344 max-subscribers 300000 

end

Exits the current mode and returns to the Exec Mode.

Product

All

Privilege

Administrator

Syntax

end

Usage Guidelines

Change the mode back to the Exec mode.

exit

Exits the current mode and returns to the previous mode.

Product

All

Privilege

Administrator

Syntax

exit

Usage Guidelines

Return to the previous mode.

heartbeat

Configures the PMIPv6 heartbeat message interval, retransmission timeout, and max retransmission for the LMA Service.

Product

P-GW

Privilege

Administrator

Syntax

heartbeat { interval seconds | retransmission { max number [ exceed-action drop-session ] | timeout seconds } } 
default heartbeat { interval | retransmission { max | timeout } }  
no heartbeat  

no

Disables the PMIPv6 heartbeat functionality. The P-GW starts sending heartbeat request to peers when the heartbeat interval is configured.

default

Resets the specified parameter to the system default value.

interval seconds

The interval in seconds at which heartbeat messages are sent.

seconds is an integer from 30 through 3600.

Default: 60

retransmission max number

The maximum number of heartbeat retransmissions allowed.

number is an integer from 1 through 15.

Default: 3

exceed-action

Specifies the action to be taken after the maximum number of heartbeat retransmission is reached.


Important

This keyword is valid only for NEMO-LMA sessions and takes effect if the Heartbeat feature is enabled.


drop-session

Used for dropping the session when path failure is detected.


Important

This keyword is valid only for NEMO-LMA sessions and takes effect if the Heartbeat feature is enabled.


retransmission timeout seconds

The timeout in seconds for heartbeat retransmissions.

seconds is an integer from 1 through 20.

Default: 3

Usage Guidelines

Proxy Mobile IPv6 (PMIPv6) is a network-based mobility management protocol to provide mobility without requiring the participation of the mobile node in any PMIPv6 mobility related signaling. The Local Mobility Anchor (LMA) service sets up tunnels dynamically to manage mobility for a mobile node.

This command provides configuration of heartbeat messages between the LMA and MAG services to know the reachability of the peers, to detect failures, quickly inform peers in the event of a recovery from node failures, and allow a peer to take appropriate action.

Example

The following command enables PMIPv6 heartbeat messaging to known LMA service peers and sets the heartbeat interval to 160 seconds.
heartbeat interval 160 

heartbeat monitor-max-peers

Configures monitoring of a maximum of 128000 PMIP sessions through the heartbeat mechanism.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

[ default ] heartbeat monitor-max-peers 

default

Monitors 256 peers through the heartbeat mechanism.

heartbeat monitor-max-peers

Monitors a maximum of 128000 peers through the heartbeat mechanism.

Usage Guidelines

Use this command to monitor a maximum of 128000 PMIP sessions through the heartbeat mechanism.

This CLI is disabled by default.

Example

The following command enables monitoring of a maximum of 128000 peers through the heartbeat mechanism.
heartbeat monitor-max-peers 

mobility-option-type-value

Changes the mobility option type value used in mobility messages.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

mobility-option-type-value { custom1 | custom2 | standard } 
default mobility-option-type-value 

default

Sets the command to the default value of custom1.

custom1

(Default) Non-standard type values used before they were defined by IANA.

custom2

Standard type values, as defined by IANA, and some customer-specific message formats.

standard

Standard type values as defined by IANA. In addition, standard option uses type values defined in RFC 5844 for HoA options for PMIPv6 PBU/PBA/revocation message.

Usage Guidelines

Use this command to change the mobility option type value used in mobility messages.

Example

The following command changes the mobility option type value to standard:
mobility-option-type-value standard 

refresh-advice-option

Configures inclusion of a refresh advice option in the binding acknowledgement message sent by the LMA.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

[ default | no ] refresh-advice-option 

default

Returns the command setting to the default setting of disabled.

no

Disables the inclusion of the refresh advice option in the binding acknowledgement message sent by the LMA

Usage Guidelines

Use this command to enable the LMA to include this option in a binding acknowledgment sent to the requesting MAG. The option provides a "hint" to the MAG of when it should refresh the binding.

As defined in RFC 3775 "Mobility Support in IPv6", the binding refresh advice option can only be present in the binding acknowledgement sent from the mobile node's home agent in reply to a registration request. A refresh interval parameter determines the amount of time until the mobile node must send a new registration to the home agent to avoid de-registration and loss of session.


Important

Refer to the refresh-interval-percent and reg-lifetime commands for a complete understanding of registration (binding) lifetimes and refresh intervals.


refresh-interval-percent

Configures percentage of the granted registration lifetime to be used in the refresh interval mobility option in a binding acknowledgement message sent by the LMA service.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

refresh-interval-percent number 
default refresh-interval-percent 

default

Resets the command value to the default setting of 75.

number

Default: 75

Sets the percent value for session lifetimes for this service.

number must be an integer value from 1 to 99.

Usage Guidelines

Use this command to configure the amount of the granted registration lifetime to be used in the refresh interval mobility option in the binding acknowledgement message sent by the LMA service to the requesting MAG.

Refreshing a binding or registration is based on the granted registration lifetime. Since a refresh request must be within the granted range of a registration lifetime, this command provides a method of setting the interval of when a refresh request is sent.

As described in RFC 3775 "Mobility Support in IPv6", if a binding refresh advice option is present in the binding acknowledgement, the refresh interval field in the option must be a value less than the binding lifetime (also returned in the binding acknowledgement). The mobile node then should attempt to refresh its registration at the shorter refresh interval. The home agent will still honor the registration for the lifetime period, even if the mobile node does not refresh its registration within the refresh period.


Important

Refer to the refresh-advice-option and reg-lifetime commands for a complete understanding of registration (binding) lifetimes and refresh intervals.


Example

The following command sets the refresh interval percent to 90 :
refresh-interval-percent 90 

reg-lifetime

Configures the Mobile IPv6 session registration lifetime for this service.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

reg-lifetime seconds 
default reg-lifetime 

default

Resets the command value to the default setting of 600.

seconds

Default: 600

Sets the time value for session lifetimes for this service.

seconds must be an integer value from1 to 262140.

Usage Guidelines

Use this command to limit PMIPv6 lifetime on this service. If the PBU contains a lifetime shorter than what is specified, it is granted. If the lifetime is longer, then HA service will limit the granted lifetime to the configured value.


Important

Refer to the refresh-interval-percent and refresh-advice-option commands for a complete understanding of registration (binding) lifetimes and refresh intervals.


Example

The following command sets the registration lifetime for Mobile IPv6 sessions using this service to 1200 seconds (20 minutes):
reg-lifetime 1200 

revocation

Enables the MIP revocation feature and configures revocation parameters.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

revocation { enable | max-retransmission number | retransmission-timeout msecs } 
default revocation { enable | max-retransmission | retransmission-timeout } 
no revocation enable 

default

Resets the keyword to its default value.

no

Disables revocation for this service.

enable

Default: disabled

Enables the MIP registration revocation feature for the LMA service. When enabled, if revocation is negotiated with a MAG and a MIP binding is terminated, the LMA can send a Revocation message to the MAG. This feature is disabled by default.

max-retransmission number

Default: 3

The maximum number of retransmissions of a Revocation message before the revocation fails. number must be an integer value from 0 through 10.

retransmission-timeout msecs

Default: 3000

The number of milliseconds to wait for a Revocation Acknowledgement from the MAG before retransmitting the Revocation message. msecs must be an integer value from 500 through 10000.

Usage Guidelines

Use this command to enable or disable the MIP revocation feature on the LMA or to change settings for this feature.

Example

The following command sets the maximum number of retries for a Revocation message to 6 :
revocation max-retransmission 6 
The following command sets the timeout between retransmissions to 10 :
revocation retransmission-timeout 10 

sequence-number-validate

Configures sequence number validation of the received MIPv6 control packets by the LMA service according to RFC 3775.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

[ default | no ] sequence-number-validate 

default

Resets the command value to the default setting of enabled.

no

Disables the feature.

Usage Guidelines

Use this command to configure the sequence number validation of the received MIPv6 control packets (PBUs) by the LMA service. This feature validates MIPv6 control packets and insures that any incoming packets with a sequence number prior to the last number received is consider invalid.

If this service has no cache entry of the home address included in the PBU, it will accept any sequence value in the initial PBU from the mobile node.

setup-timeout

The maximum amount of time allowed for session setup.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

setup-timeout seconds 
default setup-timeout 

default

Resets the command value to the default setting of 60.

seconds

Default: 60 seconds

The maximum amount of time, in seconds, to allow for setup of a session in this service. seconds must be an integer value from 1 through 1000000.

Usage Guidelines

Use this command to set the maximum amount of time allowed for setting up a session.

Example

The following command sets the maximum time allowed for setting up a session to 5 minutes (300 seconds):
setup-timeout 300 

signalling-packets

Enables the DSCP marking feature for IP headers carrying outgoing signalling packets.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

signalling-packets ip-header-dscp value 
{ default | no } signalling-packets ip-header-dscp 

default

Restores the specified parameter to its default setting of 0x0.

no

Disables the specified functionality.

ip-header-dscp value

Used to configure the QoS Differentiated Services Code Point (DSCP) marking for IP header encapsulation.

value : Represents the DSCP setting. It represents the first six most-significant bits of the ToS field. It can be configured to any hex value from 0x0 through 0x3F. Default is 0x0.

Usage Guidelines

Use this command to enable or disable the DSCP marking feature for IP headers carrying outgoing signalling packets. DSCP marking is disabled by default.

Example

The following command configures the HSGW service to support DSCP marking for IP headers carrying outgoing signalling packets:
signalling-packets ip-header-dscp 0x21 

simul-bindings

Specifies the maximum number of "care-of" addresses that can simultaneously be bound for the same user as identified by NAI and Home address.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

simul-bindings number 
default simul-bindings 

default

Resets the command value to the default setting of 1.

number

Default: 1

Configures maximum number of "care of" addresses that can be simultaneously bound for the same user as identified by their NAI and home address. number must be an integer value between 1 and 3.

Usage Guidelines

Per RFC 5213 (and 3775), the LMA service creates a binding record known as a binding cache entry (BCE) for each subscriber session it is facilitating. Each BCE is associated with a care-of address. As the mobile node roams, it is possible that the session will be associated with a new care of address.

Typically, the LMA service will delete an old binding and create a new one when the information in the registration request changes. However, the mobile node could request that the LMA maintains previously stored BCEs. This command allows you to configure the maximum number of BCEs that can be stored per subscriber if more than one is requested.

Example

The following command configures the service to support up to 2 addresses per subscriber:
simul-bindings 2 

standalone

Configures the LMA service to start in standalone mode.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

[ default | no ] standalone 

default

Resets the command value to the default setting.

no

Disables the feature.

Usage Guidelines

Use this command to start the LMA service in standalone mode.

timestamp-option-validation

Configures validation of timestamp option in binding update messages. By default, timestamp option is mandatory.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

[ default | no ] timestamp-option-validation 

default

Resets the command value to the default setting of enabled.

no

Disables the feature.

Usage Guidelines

Use this command to configure timestamp validation in binding update messages.

timestamp-replay-protection

Designates timestamp replay protection scheme as per RFC 4285.

Product

P-GW

SAEGW

Privilege

Administrator

Syntax

timestamp-replay-protection tolerance seconds 
{ default | no } timestamp-replay-protection tolerance 

default

Resets the command value to the default setting of 7.

no

Disables the timestamp replay protection feature.

tolerance seconds

Default: 7

Defines the acceptable difference in timing (between timestamps) before rejecting packet, in seconds. seconds must be an integer value between 0 and 65535.

Usage Guidelines

Use this command to define the acceptable difference in timing (between timestamps) before rejecting packet.

Example

The following command sets the acceptable difference for timestamps to 10 seconds:
timestamp-replay-protection tolerance 10