Cisco GGSN Release 10.1 Configuration Guide, Cisco IOS Release 12.4(24)YE3
Planning to Configure the GGSN
Download this chapter
Planning to Configure the GGSNPlanning to Configure the GGSN
Download the complete book
Cisco GGSN Release 10.1 Configuration Guide, Cisco IOS 12.4(24)YE3Cisco GGSN Release 10.1 Configuration Guide, Cisco IOS 12.4(24)YE3 (PDF - 4 MB)
 Feedback

Table Of Contents

Planning to Configure the GGSN

Prerequisites

Before You Begin

Platform Prerequisites

Required Hardware and Software

Required Base Configuration

Restrictions

Additional References

Related Documents

Standards

MIBS

RFCs

Technical Assistance


Planning to Configure the GGSN

This chapter provides information that you should know before configuring a gateway GPRS support node (GGSN).

This chapter includes the following sections:

Prerequisites

Restrictions

Additional References

Prerequisites

Depending on the platform on which you are implementing a GGSN, the prerequisites vary. The sections below provide general guidelines to follow before configuring a GGSN in your network:

Before You Begin

Platform Prerequisites

Before You Begin

The Cisco GGSN is supported on the Cisco Service and Application Module for IP (SAMI) for the Cisco 7600 series router platform.

Before you begin to configure a GGSN, you should know which networks your mobile users will be allowed to access using the GGSN. After you identify the networks, you can plan the interfaces to configure for the networks, and plan the associated access points to those networks and configure them on the GGSN.

For example, you might want to provide user access to the Internet through a public data network (PDN), plus access to two private corporate intranets. In this case, you need to set up three access points—one to enable user access to the PDN, and one for each of the two private intranets.

Platform Prerequisites

When configuring GGSNs on the Cisco 7600 series router platform, ensure that requirements outlined in the following sections are met:

Required Hardware and Software

Required Base Configuration

Required Hardware and Software

Implementing the Cisco GGSN Release 9.2 on the Cisco 7600 series Internet router platform requires the following hardware and software.

Any module that has ports to connect to the network.

A Cisco 7600 series router and one of the following supervisor engines running Cisco IOS Release 12.2(33)SRC or later:

Cisco 7600 Series Supervisor Engine 720 with a Multiplayer Switch Feature Card 3 (WS-SUP720)

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3B (WS-SUP720-3B)

Cisco 7600 Series Supervisor Engine 720 with a Multilayer Switch Feature Card 3 and Policy Feature Card 3BXL (WS-SUP720-3BXL)

Cisco 7600 Series Supervisor Engine 32 with a Multiplayer Switch Feature Card (WS-SUP32-GE-3B) with LCP ROMMON Version 12.2(121) or later on the Cisco SAMI.

Cisco 7600 Series Supervisor Engine 32 with a Mutlilayer Switch Feature Card and 10 Gigabit Ethernet Uplinks (WS-SUP32-10GE-3B) with LCP ROMMON Version 12.2[121] or later on the Cisco SAMI.

Or, one of the following Cisco 7600 series route switch processors running Cisco IOS Release 12.2(33)SRE or later

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3C (RSP720-3C-GE)

Cisco 7600 Series Route Switch Processor 720 with Distributed Forwarding Card 3CXL (RSP720-3CXL-GE)

For details on upgrading the Cisco IOS release running on the supervisor engine, see the "Upgrading to a New Software Release" section in the Release Notes for Cisco IOS Release 12.2SR. For information about verifying and upgrading the LCP ROMMON image on the Cisco SAMI, see Cisco Service and Application Module for IP User Guide.

Note The Cisco IOS software required on the supervisor engine is dependent on the supervisor engine being used and the Cisco mobile wireless application running on the Cisco SAMI processors.

Cisco Service and Application Module for IP (Cisco Product Number: WS-SVC-SAMI-BB-K9). The SAMI processors must be running Cisco IOS Release 12.4(24)T3a or later.

Note The Cisco GGSN software application ships preloaded on the Cisco SAMI and automatically loads onto each processor during an image upgrade. The Cisco GGSN software application supports both the Cisco SAMI 1 GB memory default and the 2 GB memory option (Cisco Product Number: MEM-SAMI-6P-2GB[=]).

IPSec VPN Services Module (for security)

Note Certain Cisco GGSN features, such as enhanced service-aware billing and GTP-session redundancy, require additional hardware and software.

GTP-Session Redundancy

In addition to the required hardware and software above, implementing GTP-Session Redundancy (GTP-SR) requires at minimum:

In a one-router implementation, two Cisco SAMIs in the Cisco 7600 Series Router, or

In a two-router implementation, one Cisco SAMI in each of the Cisco 7600 Series Routers.

Enhanced Service-Aware Billing

In addition to the required hardware and software, implementing enhanced service-aware billing requires an additional Cisco SAMI running the Cisco Content Services Gateway - 2nd Generation software in each Cisco 7600 Series Router.

Required Base Configuration

After establishing connectivity from the switch to the various elements in your network, complete the following base configuration before implementing and customizing GGSNs on the Cisco SAMI.

Supervisor Engine Configuration

On the supervisor engine, ensure that the following tasks are completed:

1. A Layer 3-routed VLAN for each GGSN interface is created. For example, create a VLAN for the following interfaces:

Gn VLAN—Interconnects the Gn interfaces.

Ga VLAN—Interconnects the Ga interfaces.

AAA/OAM/DHCP VLAN—Interconnects the GGSN interfaces used for Authentication, Authorization, and Accounting (AAA), Operation, Administration, and Maintenance (OAM), and DHCP functions.

One VLAN per APN Gi interface

You can configure the VLANs from VLAN database mode or global configuration mode. You cannot configure extended-range VLANs in VLAN database mode. You can configure extended-range VLANs only in global configuration mode.

Note RPR+ redundancy does not support configurations entered in VLAN database mode. If you have a high-availability configuration with redundant Supervisor modules using RPR(+), configure the VLANs in global configuration mode, not in VLAN database mode; otherwise, the VLAN information will not be synchronized to the redundant Supervisor module.

To configure a VLAN from global configuration mode: 

Sup#conf terminal 
Enter configuration commands, one per line. End with CNTL/Z. 
Sup(config)#vlan 222 
Sup(config-vlan)#end 
Sup#

In the preceding example, VLAN 222 is a Layer 2-switched VLAN. The subnet associated with it is not known by the supervisor engine routing table. To configure VLAN 222 as a Layer 3-switched VLAN (or routed VLAN), configure a VLAN 222 interface on the supervisor engine and assign an IP address to the interface: 

Sup# configure terminal

Sup(config)# interface vlan222

Sup(config-if)# ip address n.n.n.n mask

Sup(config-if)# no ip redirects

The following is an example of the VLAN configuration on the supervisor engine: 

Sup# show running-config

!

. . .

vlan 103,110,160,200,300-301,310 

!

!

interface Vlan103

 description Gn VLAN

 ip address 10.20.21.1 255.255.255.0

 no ip redirects

!

interface Vlan110

 description OAM/AAA/DHCP VLAN

 ip address 10.20.50.1 255.255.255.0

 no ip redirects

!

interface Vlan200

 description Ga Charging VLAN

 no ip address

 no ip redirects

!

interface Vlan310

 description VLAN for APN Internet

 ip address 10.20.51.1 255.255.255.0

For detailed information on configuring VLANs, see Cisco 7600 Series Cisco IOS Software Configuration Guide.

2. The Cisco IOS Software server load balancing (SLB) feature is installed and configured for GTP load balancing. For more information, see the IOS Server Load Balancing feature module and Chapter 14, "Configuring Load Balancing on the GGSN."

3. Traffic is permitted to the Cisco SAMI by enabling multiple switch virtual interfaces (SVIs), assigning the VLANs to a VLAN group, and then assigning the VLAN groups to the Cisco SAMI using the following commands: 

!

...

!

svclc multiple-vlan-interfaces

svclc module 7 vlan-group 71, 73

svclc vlan-group 71, 71

svclc vlan-group 73, 95, 100, 101

!

...

!

Note VLAN IDs must be consistent be the same in the supervisor engine and Cisco SAMI configurations. For more information about configuring the Cisco SAMI, refer the Cisco Service and Application Module for IP User Guide.

4. A static route is configured to the GGSN on PPC3: 

...

!

ip route 10.20.30.1 255.255.255.255 10.20.21.20

!

...

GGSN Configuration

On the GGSN on the Cisco SAMI PPC3, ensure that:

1. A static route is configured to the supervisor engine. 

...

!

ip route 0.0.0.0.0 0.0.0.0 10.20.21.1

!

...

2. A subinterface, on which 802.1Q encapsulation is enabled, is configured to each VLAN that you created on the supervisor engine.

The following is an example of a Gn subinterface configuration on the GGSN to VLAN 103 configured on the supervisor engine: 

!

...

interface GigabitEthernet0/0.2

 description Gn Interface

 encapsulation dot1Q 101

 ip address 10.1.1.72 255.255.255.0

 no cdp enable

...

!

For detailed information on configuring, see the following:

Ga subinterfaces—"Configuring an Interface to the Charging Gateway" section on page 7-2.

Gn subinterfaces—"Configuring an Interface to the SGSN" section on page 9-1.

Gi subinterfaces— "Configuring an Interface to a PDN" section on page 9-12.

Configuration Examples

The following are base configuration examples for the supervisor engine and the Cisco GGSN.

Supervisor Engine 


hostname 7600-a

!

boot system flash 

boot device module 7 cf:4

!

svclc multiple-vlan-interfaces

svclc module 7 vlan-group 71, 73

svclc vlan-group 71, 71

svclc vlan-group 73, 95, 100, 101

vtp mode transparent

redundancy

 mode rpr-plus

 main-cpu

  auto-sync running-config

  auto-sync standard

!

power redundancy-mode combined

!

!

vlan 1

 vlan1 1002

 vlan2 1003

!

vlan 2

 name SNIFFER

!

vlan 71,95 

!

vlan 100

 name Internal_Gi_for_GGSN-SAMI

!

vlan 101

 name Internal_Gn/Ga

!

vlan 165

!

vlan 302

 name Gn_1

!

vlan 303

 name Ga_1

!

vlan 1002

 vlan1 1

 vlan2 1003

!

vlan 1003

 vlan1 1

 vlan2 1002

 parent 1005

 backupcrf enable

!

vlan 1004

 bridge 1

 stp type ibm

!

vlan 1005

 bridge 1

!

interface FastEthernet8/22

 description To SGSN

 no ip address

 switchport

 switchport access vlan 302

!

interface FastEthernet8/23

 description To CGF

 no ip address

 switchport

 switchport access vlan 302

!

interface FastEthernet8/26

 description To DHCP/RADIUS Servers

 no ip address

 switchport

 switchport access vlan 95

!

interface FastEthernet8/31

 description To BackBone

 no ip address

 switchport

 switchport access vlan 71

!

interface FastEthernet9/32

 description To CORPA

 no ip address

 switchport

 switchport access vlan 165

 no cdp enable

!

!interface Vlan1

 no ip address

 shutdown

!

interface Vlan71

 description VLAN to tftpserver

 ip address 1.7.46.65 255.255.0.0

!

interface Vlan95

 description VLAN for RADIUS and DHCP

 ip address 10.2.25.1 255.255.255.0

!

interface Vlan100

 description Internal VLAN SUP-to-SAMI Gi

 ip address 10.1.2.1 255.255.255.0

!

interface Vlan101

 description VLAN to GGSN for GA/GN

 ip address 10.1.1.1 255.255.255.0

!

interface Vlan165

 description VLAN to CORPA

 ip address 165.1.1.1 255.255.0.0

!

interface Vlan302

 ip address 40.0.2.1 255.255.255.0

!

interface Vlan303

 ip address 40.0.3.1 255.255.255.0

!

router ospf 300

 log-adjacency-changes

 summary-address 9.9.9.0 255.255.255.0

 redistribute static subnets route-map GGSN-routes

 network 40.0.2.0 0.0.0.255 area 300

 network 40.0.3.0 0.0.0.255 area 300

!

ip classless

ip route 9.9.9.72 255.255.255.255 10.1.1.72

ip route 9.9.9.73 255.255.255.255 10.1.1.73

ip route 9.9.9.74 255.255.255.255 10.1.1.74

ip route 9.9.9.75 255.255.255.255 10.1.1.75

ip route 9.9.9.76 255.255.255.255 10.1.1.76

ip route 110.72.0.0 255.255.0.0 10.1.1.72

ip route 110.73.0.0 255.255.0.0 10.1.1.73

ip route 110.74.0.0 255.255.0.0 10.1.1.74

ip route 110.75.0.0 255.255.0.0 10.1.1.75

ip route 110.76.0.0 255.255.0.0 10.1.1.76

!

access-list 1 permit 9.9.9.0 0.0.0.255

!

route-map GGSN-routes permit 10

 match ip address 1

!

GGSN on the Cisco SAMI PPC3 


service gprs ggsn

!

hostname 7600-7-2

!

ip cef

!

interface Loopback0

 description USED FOR DHCP gateway

 ip address 110.72.0.2 255.255.255.255

!

interface Loopback100

 description GPRS GTP V-TEMPLATE IP ADDRESS

 ip address 9.9.9.72 255.255.255.0

!

interface GigabitEthernet0/0

 no ip address

!

interface GigabitEthernet0/0.1

 description Gi

 encapsulation dot1Q 100

 ip address 10.1.2.72 255.255.255.0

!

interface GigabitEthernet0/0.2

 description Ga/Gn Interface

 encapsulation dot1Q 101

 ip address 10.1.1.72 255.255.255.0

 no cdp enable

!

interface GigabitEthernet0/0.71

 description TFTP or Backbone

 encapsulation dot1Q 71

 ip address 1.7.46.72 255.255.0.0

!

interface GigabitEthernet0/0.95

 description CNR and CAR

 encapsulation dot1Q 95

 ip address 10.2.25.72 255.255.255.0

!

interface Virtual-Template1

 description GTP v-access

 ip unnumbered Loopback100

 encapsulation gtp

 gprs access-point-list gprs

!

ip classless

ip route 0.0.0.0 0.0.0.0 10.1.2.1

ip route 40.1.2.1 255.255.255.255 10.1.1.1

ip route 40.1.3.10 255.255.255.255 10.1.1.1

ip route 40.2.2.1 255.255.255.255 10.1.1.1

ip route 40.2.3.10 255.255.255.255 10.1.1.1

ip route 40.3.2.3 255.255.255.255 10.1.1.1

ip route 40.4.2.3 255.255.255.255 10.1.1.1

!

gprs access-point-list gprs

  access-point 1

   access-point-name CORPA.com

   ip-address-pool dhcp-proxy-client  

   aggregate auto

   dhcp-server 10.2.25.90

   dhcp-gateway-address 110.72.0.2     

!

Restrictions

When configuring a Cisco GGSN:

The Cisco GGSN does not support the Cisco Express Forwarding (CEF) neighbor resolution optimization feature, which is enabled by default. Therefore, to avoid the possibility of incomplete adjacency on VLAN interfaces for the redirected destination IP address and an impact to the upstream traffic flow for PDP sessions upon startup, ensure that you configure the no ip cef optimize neighbor resolution command.

The number of PDP contexts supported on a GGSN is dependent on the memory and platform in use and the GGSN configuration (for example, whether or not a method of Point to Point Protocol [PPP] is configured to forward packets beyond the terminal equipment and mobile termination, whether Dynamic Feedback Protocol [DFP] is being used or the memory protection feature is enabled, and what rate of PDP context creation will be supported).

Note DFP weighs PPP PDPs against IP PDPs. One PPP PDP is equal to eight IP PDPs, and one IPv6 PDP equals 8 IPv4 PDPs.

Table 1 lists the maximum number of PDP contexts the Cisco SAMI with the 1 GB memory option can support. Table 2 lists the maximum number the Cisco SAMI with the 2 GB memory option can support.:

Table 1 Number of PDPs Supported in 1 GB SAMI

PDP Type
Maximum Number per SAMI

IPv4

384,000

IPv6

48,000

PPP Regeneration

96,000

PPP

48,000


Table 2 Number of PDPs Supported in 2 GB SAMI

PDP Type
Maximum Number per SAMI

IPv4

816,000

IPv6

96,000

PPP Regeneration

192,000

PPP

96,000


To avoid issues with high CPU usage, we recommend the following configurations:

To reduce the CPU usage during startup, disable logging to the console terminal by configuring the no logging console command in global configuration mode.

To ensure that the HSRP interface does not declare itself active until it is ready to process a peer's Hello packets, configure the delay period before the initialization of HSRP groups with the standby delay minimum 100 reload 100 interface configuration command under the HRSP interface.

To minimize issues with high CPU usage for additional reasons, such as periods of high PPP PDP processing (creating and deleting), use the no logging event link-status interface command to disable the notification of interface data link status changes on all virtual template interfaces of the GGSN. 

! 

interface Virtual-Template1 

description GGSN-VT 

ip unnumbered Loopback0 

encapsulation gtp 

no logging event link-status

gprs access-point-list gprs 

end

For implementation of a service-aware GGSN, the following additional important notes, limitations, and restrictions apply:

RADIUS accounting is enabled between the CSG2 and GGSN to populate the Cisco CSG2 User Table entries with the PDP context user information.

CSG2 must be configured with the quota server address of the GGSN.

Service IDs on the CSG2 are configured as numeric strings that match the category IDs on the Diameter Credit Control Application (DCCA) server.

If RADIUS is not being used, the Cisco CSG2 is configured as a RADIUS endpoint on the GGSN.

On the SGSN, the values configured for the number GTP N3 requests and T3 retransmissions must be larger than the sum of all possible server timers (RADIUS, DCCA, and CSG2).

Specifically the SGSN N3*T3 must be greater than:

2 x RADIUS timeout + N x DCCA timeout + CSG2 timeout

where:

2 is for both authentication and accounting.

N is for the number of Diameter servers configured in the server group.

Note Configuring a N3* T3 lower than the default might impact slow TCP-based charging paths.

Additional References

For additional information related to implementing basic connectivity, see the following sections:

Related Documents

Standards

MIBS

RFCs

Technical Assistance

Related Documents

Release Notes for Cisco GGSN Release 10.0 on the Cisco SAMI, Cisco IOS Release 12.4(24)YE

Cisco Service and Application Module for IP User Guide

Cisco IOS Network Management Configuration Guide

Release Notes for Cisco IOS Release 12.2SR for the Cisco 7600 Series Routers

Cisco 7600 Series Cisco IOS Software Configuration Guide

Cisco 7600 Series Cisco IOS Command Reference

Cisco IOS Quality of Service Solutions Configuration Guide, Cisco IOS Release 12.4

Cisco IOS Configuration Guides and Command References, Release 12.4

Standards

Cisco GGSN Release 10.0 supports the following Third Generation Partnership Program (3GPP) standards and is backward compatible with prior 3GPP Technical Specifications (TS):

Table 3-3 Third Generation Partnership Program (3GPP) Standards Supported by Cisco GGSN Release 10.0 

3G TS#
Title
Release
GGSN Release 10.0

29.060

GTP across Gn and Gp

7

8.1.0

29.061

Interworking with PDN

7

7.5.0

32.015

Charging

99

3.12.0

32.215

Charging

5

5.9.0

32.251

Charging

7

7.5.1


Note Cisco GGSN Release 10.0 provides limited support on some sections of the TSs listed above.

The GGSN interfaces comply with the following SMG (Special Mobile Group) standards:

Ga interface—SMG#28 R99

Gn interface—SMG#31 R98

MIBS

Platform-Related MIBs

BGP4-MIB

CISCO-AAA-SERVER-MIB

CISCO-BULK-FILE-MIB

CISCO-CDP-MIB

CISCO-CLASS-BASED-QOS-MIB

CISCO-CONFIG-COPY-MIB

CISCO-CONFIG-MAN-MIB

CISCO-ENTITY-ASSET-MIB

CISCO-ENTITY-FRU-CONTROL-MIB

CISCO-FLASH-MIB

CISCO-FTP-CLIENT-MIB

CISCO-HSRP-EXT-MIB

CISCO-HSRP-MIB

CISCO-IMAGE-MIB

CISCO-IP-LOCAL-POOL-MIB

CISCO-IP-STAT-MIB

CISCO-MEMORY-POOL-MIB

CISCO-NBAR-PROTOCOL-DISCOVERY-MIB

CISCO-PING-MIB

CISCO-PROCESS-MIB

CISCO-PRODUCTS-MIB

CISCO-QUEUE-MIB

CISCO-RTTMON-MIB

CISCO-STACK-MIB

CISCO-SYSLOG-MIB

CISCO-VLAN-IFTABLE-RELATIONSHIP-MIB

CISCO-VPDN-MGMT-EXT-MIB

CISCO-VPDN-MGMT-MIB

ENTITY-MIB

ETHERLIKE-MIB

EVENT-MIB

EXPRESSION-MIB

IF-MIB

NOTIFICATION-LOG-MIB

RMON-MIB

RSVP-MIB

SNMP-FRAMEWORK-MIB

SNMP-NOTIFICATION-MIB

SNMP-TARGET-MIB

TCP-MIB

UDP-MIB

Application-Related MIBs

CISCO-GGSN-EXT-MIB

CISCO-GGSN-GEO-MIB

CISCO-GGSN-MIB

CISCO-GGSN-QOS-MIB

CISCO-GGSN-SERVICE-AWARE-MIB

CISCO-GPRS-ACC-PT-MIB

CISCO-GPRS-CHARGING-MIB

CISCO-GTP-MIB

CISCO-IP-LOCAL-POOL-MIB

CISCO-ISCSI-MIB

For information about MIBs, see:

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

RFCs

RFC 1518, An Architecture for IP Address Allocation with CIDR

RFC 1519, Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy

RFC 1661, The Point-to-Point Protocol (PPP)

RFC 2461, Neighbor Discovery for IP Version 6 (IPv6)

RFC 2462, IPv6 Stateless Address Autoconfiguration

RFC 2475, An Architecture for Differentiated Services

RFC 3162, RADIUS and IPv6

RFC 3588, Diameter Base Protocol

RFC 3720, Internet Small Computer Systems Interface (iSCSI)

RFC 4006 Diameter Credit-Control Application

Technical Assistance

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport