Cisco Intelligent Wireless Access Gateway Скачать руководство пользователя страница 96 | Manualshive

Страница: 96 / 144

background image

•

The

ip nat translation max-entries all-host

command can be used in scenarios where the Cisco ASR

1000 Series Router acting as ISG, performs NAT on all or most of the subscriber traffic. This helps the
operator to prevent a single host from occupying the entire translation table, while allowing a reasonable
upper limit to each host.

•

The maximum number of translations per host can be configured using either of these ways:

◦

Configuring the same number of maximum translation entries for all the subscribers using the
following command:

ip nat translation max-entries all-host maximum number of NAT entries for each host

◦

Configuring the maximum translation entries for a given subscriber using the following command:

ip nat translation max-entries host ip-address

[

per-host NAT entry limit

]

•

Ensure that you keep the translations timeout low, around 2 minutes for TCP, and 1 minute for UDP
translations:

◦

ip nat translation timeout 120

◦

ip nat translation tcp-timeout 120

◦

ip nat translation udp-timeout 60

NAT Overloading and Port Parity

You can preserve the addresses in the global address pool by allowing a device to use one global address for
many local addresses. This type of NAT configuration is called overloading.

When an Interface IP is overloaded for the translations and a single IP address is used for all the expected
translations, a maximum of 60,000 translations can be achieved with this configuration depending on the
traffic ports and the port parity involved. You can use the NAT Pool Overload configuration to achieve
maximum translations.

There is a concept of port parity (even/odd) in NAT and NAT64. If a source port is in the port range of 0 to
1023, it is translated between ports 512 to 1023. If a source port range is more than 1023, it takes ports from
1024 onwards.

NAT Interface Overloading with VRF

The NAT Interface Overloading with VRF scenario assumes that the service provider is only interested in
performing application-specific NAT, for example, the service provider perform NAT only on the DNS
requests from clients and the rest of the traffic will proceed as it is. Therefore, we can use Interface Overloading
instead of a pool. With this, we can have a maximum of 60000 translations per interface, which is deemed
good for the application-specific NAT. Also, the IP sessions and NAT are in a VRF (named
PROVIDER_WIFI_01, in the example below).

Intelligent Wireless Access Gateway Configuration Guide

88

OL-30226-03

Flow-Based Redirect

NAT Overloading and Port Parity

«
...
94
95
96
97
98
...
»

Содержание Intelligent Wireless Access Gateway

Страница 1: ...Guide First Published July 26 2013 Last Modified March 28 2014 Americas Headquarters Cisco Systems Inc 170 West Tasman Drive San Jose CA 95134 1706 USA http www cisco com Tel 408 526 4000 800 553 NETS 6387 Fax 408 527 0883 Text Part Number OL 30226 03 ...

Страница 2: ... IMPLIED INCLUDING WITHOUT LIMITATION THOSE OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING USAGE OR TRADE PRACTICE IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT SPECIAL CONSEQUENTIAL OR INCIDENTAL DAMAGES INCLUDING WITHOUT LIMITATION LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE T...

Страница 3: ...iguring DHCP when the iWAG Acts as a DHCP Proxy 10 Configuring the Cisco ISG Class Map and Policy Map for the iWAG 12 Configuring a Session Initiator for the iWAG 15 Configuring a Tunnel Interface for the iWAG 16 Enabling Mobile Client Service Abstraction 17 Configuring the GTP of the iWAG 18 Configuring the iWAG for 4G Mobile IP Users 21 Configuring PMIPv6 for the iWAG 21 Enabling Mobile Client S...

Страница 4: ...Over GRE 37 Finding Feature Information 37 Information About Ethernet Over GRE 38 Restrictions for Configuring Ethernet Over GRE 38 Prerequisites for Configuring Ethernet Over GRE 39 Information About Configuring Ethernet Over GRE 39 EoGRE Deployment with PMIPv6 Integrated for Mobility Service 42 EoGRE Deployment with GTP Integrated for Mobility Service 43 EoGRE Deployment with ISG Integrated for ...

Страница 5: ...n 61 Restrictions for Configuring ISG Policy Templates 61 Information About Configuring ISG Policy Templates 61 How to Configure ISG Policy Templates 62 Additional References 62 Feature Information for Configuring ISG Policy Templates 63 63 C H A P T E R 8 Cisco ISG Accounting Accuracy for LNS Sessions 65 Finding Feature Information 65 Information About Cisco ISG Accounting Accuracy for LNS Sessio...

Страница 6: ...ons for GTP 75 Example Configuring an Interface to PGW or GGSN 75 Example Configuring a Control Policy for Dual Stack GTP 75 Example Configuring an Access Interface for Dual Stack GTP 75 Enabling IPv6 Routing 76 Additional References 76 Feature Information for Dual Stack Support for PMIPv6 and GTP 77 77 C H A P T E R 1 0 Flow Based Redirect 79 Finding Feature Information 79 Flow Based Redirect for...

Страница 7: ...ll Flow 108 4G DHCP Discover Call Flow Configuration 110 4G Roaming Call Flow 111 4G Roaming Call Flow Configuration 114 Additional References 115 Feature Information for Call Flows for 3G and 4G Mobile IP Users 116 116 C H A P T E R 1 3 Call Flows for Dual Stack PMIPv6 and GTP 117 Finding Feature Information 117 Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for PMIPv6 Call Flow 118 Dual Stac...

Страница 8: ...irect Scaling 133 Configuring Call Admission Control 133 Walk by User Support for PWLAN in iWAG 133 Additional References 134 Feature Information for iWAG Scalability and Performance 135 Intelligent Wireless Access Gateway Configuration Guide viii OL 30226 03 Contents ...

Страница 9: ... the iWAG page 2 Restrictions for the iWAG page 2 Information About the iWAG page 2 How to Configure the iWAG page 8 Additional References page 22 Feature Information for the Intelligent Wireless Access Gateway page 23 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and t...

Страница 10: ... either the GTP service or the PMIPv6 service applied to user traffic The iWAG provides mobility services to mobile IP users and as a result a mobile client can seamlessly access a 3G or 4G mobility network However the iWAG does not provide mobility services to simple IP users Therefore simple IP users can access the Public Wireless LAN PWLAN network through the Cisco ISG Clients are devices that ...

Страница 11: ...iber control Delivers scalable manageable and secure wireless connectivity Enables new revenue sharing business models such as Mobile Virtual Network Operators MVNO and others Delivers a WiFi platform that offers new location based services The iWAG offers the following benefits for subscribers Provides enhanced quality of experience to subscribers on WiFi networks Provides unified billing across ...

Страница 12: ...C address of the mobile node String Calling Station ID 31 O N N O N 3GPP IMSI String 3GPP IMSI 26 10415 1 O O N O N Rules for producing charging information String 3GPP Charging Characteristics 26 10415 13 C N N C N Service Identifier APN String Cisco Service Selection 26 9 1 C M N M N Mobile Node Identifier String Cisco Mobile Node Identifier 26 9 1 N C N N C SSID of the Access Point String Cisco...

Страница 13: ...ace 26 9 1 O N N O N True False Multihoming support for mobile node Binary Cisco Multihoming Support 26 9 1 O N N O N 32 bit GRE Key to be used on the uplink path 4 octet hex encoding Integer Cisco Uplink GRE Key 26 9 1 O N N O N 32 bit GRE Key to be used on the downlink path 4 octet hex encoding Integer Cisco Downlink GRE Key 26 9 1 O N N C N Mobile node s Home LMA IPv6 address String Cisco Home ...

Страница 14: ...e node s Visited LMA IPv4 address IPv4 Address Cisco Visited LMA IPv4 Address 26 9 1 C N N O N Mobile node s Visited LMA IPv4 address IPv4 Address Cisco Home IPv4 Home Address 26 9 1 C N N O N Mobile node s Visited IPv4 address IPv4 Address Cisco Visited IPv4 Home Address 26 9 1 N N N O N GRPS QoS Profile String THREEGENPP _GPRS _QOS _PROFILE 26 10415 5 Intelligent Wireless Access Gateway Configur...

Страница 15: ...d Software Compatibility Matrix for the iWAG ESP RP Memory Chassis Integrated Integrated RP with 16 GB Cisco ASR 1001 Router Integrated Integrated RP with 16 GB Cisco ASR 1002 X Router ESP 40G RP2 16 GB Cisco ASR 1004 Router ESP 40G RP2 16 GB Cisco ASR 1006 Router and Cisco ASR 1013 Router offering duplex RP or ESP setup ESP 100G RP2 16 GB Cisco ASR 1006 Router and Cisco ASR 1013 Router offering d...

Страница 16: ...s You must configure DHCP support in your network before performing the tasks listed below For detailed steps on assigning IP addresses using DHCP see the Assigning ISG Subscriber IP Addresses by Using DHCP section in the Intelligent Services Gateway Configuration Guide Configuring an ISG Interface for Dynamic DHCP Class Association Configuring DHCP Server User Authentication Configuring a DHCP Cl...

Страница 17: ...p stop only none broadcast group group name DETAILED STEPS Purpose Command or Action Enables the privileged EXEC mode enable Step 1 Example Router enable Enter your password if prompted Enters the global configuration mode configure terminal Example Router configure terminal Step 2 Enables the AAA access control model aaa new model Example Router config aaa new model Step 3 Groups different RADIUS...

Страница 18: ...p only none broadcast group group name Example Router config aaa accounting network PROXY_TO_CAR Step 9 Enables the type of actions to be performed on accounting records action type none start stop stop only Example Router cfg acct mlist action type start stop Step 10 Specifies the AAA TACACS server group to use for preauthentication group tacacs server group Example Router cfg preauth group AAA_S...

Страница 19: ...ame ip address Example Router config ip dhcp excluded address 192 168 10 1 Step 3 Configures a DHCP address pool on a DHCP server and enters the DHCP pool configuration mode ip dhcp pool pool name Example Router config ip dhcp pool test Step 4 Configures the network number and mask for a DHCP address pool primary subnet or DHCP address pool secondary subnet on a Cisco IOS DHCP server network netwo...

Страница 20: ...p name 6 policy map type service policy map name 7 priority class type traffic class map name default in out input output 8 accounting aaa list aaa method list 9 priority class type traffic class map name default in out input output 10 drop 11 policy map type control policy map name 12 class type control control class name always event access reject account logoff account logon acct notification c...

Страница 21: ...the specified ACL match access group input access group name access group name Example Router config traffic classmap match access group input name ACL_IN_OPENGARDEN Step 5 Creates or modifies a service policy map that is used to define a Cisco ISG subscriber service policy map type service policy map name Example Router config policy map type service OPENGARDEN_SERVICE Step 6 Creates or modifies ...

Страница 22: ...default service session restart session service found session start timed policy expiry Example Router config control policymap class type control always event session start Activates a Cisco ISG service action number service policy type service unapply aaa list list name name service name identifier Step 13 authenticated domain authenticated username dnis nas port tunnel name unauthenticated doma...

Страница 23: ...ry vrf vrf name 6 negotiation auto 7 service policy type control policy map name 8 ip subscriber l2 connected 9 initiator dhcp radius proxy static ip subscriber list listname unclassified ip unclassified mac address 10 initiator dhcp radius proxy static ip subscriber list listname unclassified ip unclassified mac address DETAILED STEPS Purpose Command or Action Enables the privileged EXEC mode ena...

Страница 24: ...rface ip subscriber l2 connected Example Router config if ip subscriber l2 connected Step 8 The iWAG does not support the routed access method Note Enables the Cisco ISG to create an IP subscriber session upon receipt of a specified type of packet initiator dhcp radius proxy static ip subscriber list listname unclassified ip unclassified mac address Example Router config subscriber initiator uncla...

Страница 25: ...gabitEthernet 1 3 5 Step 3 Adds a description to an interface configuration description string Example Router config if description interface connected to GGSN Step 4 Sets a primary IP address or secondary IP address for an interface ip address ip address mask secondary vrf vrf name Example Router config if ip address 192 170 10 1 255 255 0 0 Step 5 Enables auto negotiation on a Gigabit Ethernet i...

Страница 26: ...mple Router configure terminal Step 2 Enables MCSA on the Cisco ASR 1000 Series Aggregation Services Router mcsa Example Router config mcsa Step 3 Enables MCSA to receive notifications from the Cisco ISG enable sessionmgr Example Router config mcsa enable sessionmgr Step 4 Configuring the GTP of the iWAG This section describes how to configure GTPv1 for the iWAG solution Before You Begin Enable mo...

Страница 27: ...ple Router configure terminal Step 2 Configures the GTP for the iWAG solution on the Cisco ASR 1000 Series Aggregation Services Router gtp Example Router config gtp Step 3 Specifies the number of times a control message must be retried before a failure message is sent The default value is 5 n3 request number of requests Example Router config gtp n3 request 3 Step 4 Specifies the time interval in s...

Страница 28: ... of the IP provided by the GGSN using GTP and not the default gateway address on the physical local interface that the subscriber is connected to They can be the same but we recommend that they be two different subnets Note default gw address prefix len value Example Router config gtp apn default gw 192 171 10 1 prefix len 16 Step 10 Specifies the Domain Name System DNS IP servers that are availab...

Страница 29: ...Anchor For detailed steps see the How to Configure Proxy Mobile IPv6 Support for LMA Functionality section in the IP Mobility PMIPv6 Configuration Guide Cisco IOS XE Release 3S Configuring a Proxy Mobile IPv6 Domain by Using the Configuration from the AAA Server Configuring a Minimum Configuration for a Domain When an AAA Server Is Not Available Configuring a Detailed Configuration for a Domain Wh...

Страница 30: ...d Documents Document Title Related Topic Cisco IOS Master Command List All Releases Cisco IOS commands ISG Configuration Guide ISG concepts configuration tasks and examples Cisco IOS Intelligent Services Gateway Command Reference ISG commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands IP Mobility PMIPv6 Configuration Guide Mobile IP configuration concepts tasks a...

Страница 31: ... software and tools Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies Access to most tools on the Cisco Support and Documentation website requires a Cisco com user ID and password FeatureInformationfortheIntelligentWirelessAccessGateway The following table provides release information about the feature or...

Страница 32: ... of a 4G environment where iWAG behaves as a PMIPv6 Mobile Access Gateway MAG connecting to an Local Mobility Anchor LMA that is co located with a Packet Gateway PGW which acts as PMIPv6 LMA In Cisco IOS XE Release 3 8S this feature was implemented on the Cisco ASR 1000 Series Aggregation Services Routers Cisco IOS XE Release 3 8S Intelligent Wireless Access Gateway Cisco and the Cisco logo are tr...

Страница 33: ...re Information for IP Sessions over Gigabit EtherChannel page 30 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases...

Страница 34: ...IPoGEC is supported on all Ethernet SPAs including 10 Gigabit Ethernet ports and 1 Gigabit Ethernet ports Configuring IP Sessions over Gigabit EtherChannel SUMMARY STEPS 1 configure terminal 2 interface port channel channel number 3 description string 4 ip address ip address mask secondary vrf vrf name 5 load interval seconds 6 lacp fast switchover 7 lacp max bundle max bundle number 8 service pol...

Страница 35: ...cp max bundle max bundle number Example Router config if lacp max bundle 1 Step 7 Applies a control policy to a context service policy type control policy map name Example Router config if service policy type control BB_PMAP Step 8 Enables Cisco Intelligent Services Gateway ISG IP subscriber support on an interface and specifies the ip subscriber l2 connected Example Router config if ip subscriber...

Страница 36: ...ep 1 Removes an IP address from an interface no ip address ip address mask secondary vrf vrf name Step 2 Example Router config if no ip address Sets the carrier delay on a serial interface To achieve faster switchover from active to standby member link the carrier delay value can be set to 0 ms carrier delay delay seconds msec milliseconds Example Router config if carrier delay msec 50 Step 3 Sets...

Страница 37: ...initiator unclassified mac address ipv4 initiator dhcp Example Configuring Member Links for IPoGEC interface GigabitEthernet0 0 1 no ip address carrier delay msec 50 lacp port priority 4000 channel group 1 mode active interface GigabitEthernet0 0 2 no ip address carrier delay msec 50 lacp port priority 3000 channel group 1 mode active Additional References Related Documents Document Title Related ...

Страница 38: ...Newsletter and Really Simple Syndication RSS Feeds Access to most tools on the Cisco Support website requires a Cisco com user ID and password Feature Information for IP Sessions over Gigabit EtherChannel The following table provides release information about the feature or features described in this module This table lists only the software release that introduced support for a given feature in a...

Страница 39: ...ers Cisco IOS XE Release 3 9 IP Sessions over Gigabit EtherChannel Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL http www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a p...

Страница 40: ...Intelligent Wireless Access Gateway Configuration Guide 32 OL 30226 03 IP Sessions Over Gigabit EtherChannel ...

Страница 41: ...to see a list of the releases in which each feature is supported see the feature information table at the end of this module Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Information About Multiple Flow Tunnel Both the GTP and PMIPv6 support...

Страница 42: ...platforms Cisco software releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs No new or modified MIBs are supported by this feature Technical Assistance Link Description http www cisco com cisco web support index html The Cisco Support website provides extensive online resources including documentation and tools for troubleshooting and resolving tec...

Страница 43: ...Feature Information for Multiple Flow Tunnel Feature Information Releases Feature Name In Cisco IOS XE Release 3 9S this feature was implemented on the Cisco ASR 1000 Series Aggregation Services Routers Cisco IOS XE Release 3 9S Multiple Flow Tunnel Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and or its affiliates in the U S and other countries To view a list of Cisco...

Страница 44: ...Intelligent Wireless Access Gateway Configuration Guide 36 OL 30226 03 Multiple Flow Tunnel ...

Страница 45: ...he EoGRE Feature page 46 Additional References page 48 Feature Information for Configuring Ethernet Over GRE page 49 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documen...

Страница 46: ...ing figure shows the structure of the Ethernet over GRE Figure 2 Ethernet Over GRE Structure Restrictions for Configuring Ethernet Over GRE The following features are not supported on the Cisco ASR 1000 Series Aggregation Services Routers IPsec tunnel between the Cisco ASR 1000 Series Aggregation Services Routers and the CPE devices Native multicast coexistence for subscribers Per CPE QoS IPv6 sub...

Страница 47: ...gateway that Terminates IPv4 or IPv6 GRE tunnels Manages the subscriber session for end host clients The EoGRE feature works with legacy residential gateways and CPE devices to terminate the Ethernet L2 traffic in the Cisco ASR 1000 Series Aggregation Services Routers When configured as an intelligent Wireless Access Gateway iWAG with EoGRE access tunneling support the Cisco ASR 1000 Series Aggreg...

Страница 48: ...for mobility service Figure 3 Structure of the EoGRE Feature with PMIP GTP Integrated for Mobility Service Intelligent Wireless Access Gateway Configuration Guide 40 OL 30226 03 Service Provider WiFi Support for Integrated Ethernet Over GRE Information About Configuring Ethernet Over GRE ...

Страница 49: ...ollowing deployments EoGRE Deployment with PMIPv6 Integrated for Mobility Service EoGRE Deployment with GTP Integrated for Mobility Service EoGRE Deployment with ISG Integrated for Simple IP Service Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 41 Service Provider WiFi Support for Integrated Ethernet Over GRE Information About Configuring Ethernet Over GRE ...

Страница 50: ...he GRE tunnel and to add a VLAN tag on the Ethernet frame before forwarding the traffic As with regular PMIPv6 deployments the Cisco ASR 1000 Series Aggregation Services Routers can create IP sessions on EoGRE access tunnels similar to the regular IP sessions on the physical Ethernet interfaces and allocate IP addresses for mobile nodes either locally or in the proxy mode Mobility service is provi...

Страница 51: ...d ISG configurations for the iWAG see the Intelligent Wireless Gateway Configuration Guide EoGRE Deployment with ISG Integrated for Simple IP Service The ISG provides simple IP service to mobile nodes that are connected to ISG via the EoGRE tunnel as shown in the following figure The Cisco ASR 1000 Series Aggregation Services Routers use the ISG Intelligent Wireless Access Gateway Configuration Gu...

Страница 52: ...tures are supported as part of the EoGRE feature on the Cisco ASR 1000 Series Aggregation Services Routers Ethernet over GRE traffic termination on the routers Frames can have up to one dot1Q VLAN tag L2 connected IPv4 mobile nodes GRE tunnel for IPv4 or IPv6 ISG and PMIPv6 or GTP integrated with the EoGRE tunnel ISG initiator unclassified MAC DHCP DNAv4 Subscriber roaming Intelligent Wireless Acc...

Страница 53: ...er configure terminal Step 2 Specifies the logical interface for the EoGRE tunnel interface interface name Example Router config interface Tunnel 0 Step 3 For PMIPv6 and GTP scenarios an unnumbered address or a specified IP address can be configured on the tunnel interface ip unnumbered loopback interface name or ip address ip address Example Router config if ip unnumbered loopback 0 Step 4 For a ...

Страница 54: ...r config if tunnel mode ethernet gre ipv6 Optional Sets the VLAN ID of the EoGRE tunnel Optional tunnel vlan vlan id Example Router config if tunnel vlan 1000 Step 8 Ends the current configuration session end Example Router config if end Step 9 Example Configuring the EoGRE Feature aaa new model aaa group server radius AAA_SERVER_CAR server private 5 3 1 76 auth port 2145 acct port 2146 key cisco ...

Страница 55: ...ess 0000 5e00 5213 ip address 172 16 254 254 255 255 0 0 no ip redirects tunnel source 172 16 199 9 tunnel mode ethernet gre ipv4 service policy type control EOGRE_L2_ISG ip subscriber l2 connected initiator unclassified mac address initiator dhcp interface Tunnel100 description IPv4 EoGRE Tunnel for PMIP GTP subscribers ip unnumbered Loopback0 tunnel source GigabitEthernet1 0 0 tunnel mode ethern...

Страница 56: ... ip dhcp sip statistics show subscriber statistics show subscriber session show ipv6 mobile pmipv6 mag binding show gtp pdp context all show interface tunnel name Additional References Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands MIBs MIBs Link MIB To locat...

Страница 57: ...r ID and password Feature Information for Configuring Ethernet Over GRE The following table provides release information about the feature or features described in this module This table lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use...

Страница 58: ...the GRE tunnel interface and provide L3 services In Cisco IOS XE Release 3 9 1S this feature is implemented on the Cisco ASR 1000 Series Aggregation Services Routers The following sections provide information about this feature Information About Configuring Ethernet Over GRE on page 39 How to Configure the EoGRE Feature on page 45 3 9 1S Service Provider WiFi Integrated Ethernet Over GRE Intellige...

Страница 59: ...ng Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table ...

Страница 60: ...rver 192 168 255 253 dhcp lease 3000 apn 2356 apn name example com Same domain name as apn1 not supported should be different ip address ggsn 98 0 7 14 default gw 192 168 0 1 prefix len 16 different domain name but same pool ip this is not supported dns server 10 254 255 253 dhcp lease 3000 Information About GTPv2 in the iWAG A GTP session with GTPv2 support uses more memory than a GTP session wit...

Страница 61: ...bscriber roaming across different access interfaces of the iWAG GTPv1 and GTPv2 preserve and update their existing sessions to allow their data traffic to flow through the new ingress interfaces from the access network Configuration for the GTPv1 and GTPv2 Roaming Scenario The initiator unclassified mac address command must be configured on every iWAG access interface to support subscriber roaming...

Страница 62: ... 13 default gw 192 168 0 1 prefix len 16 dns server 192 168 255 253 dhcp lease 3000 interface access GigabitEthernet0 0 2 interface access GigabitEthernet0 0 3 Additional References Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands MIBs MIBs Link MIB To locate a...

Страница 63: ...ise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 6 Feature Information for GTPv2 Support in the iWAG Feature Information Releases Feature Name In Cisco IOS X...

Страница 64: ...Intelligent Wireless Access Gateway Configuration Guide 56 OL 30226 03 GTPv2 Support in the iWAG ...

Страница 65: ...latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table at the end of this module Use Cisco Feature Navigator to find information about platform support and Cisco softw...

Страница 66: ...n a user has the following options Option 1 preferred 1 Disable the echo messages on the iWAG and GGSN for the duration of the ISSU 2 Re enable the echo messages after ISSU is completed on the iWAG and GGSN Option 2 Extend the t3 and n3 configurations to exceed the expected traffic interruption The traffic interruption characterized in the Cisco IOS XE Release 3 10S is 127 seconds Hence we recomme...

Страница 67: ...lated Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco software releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs No new or modified MIBs are...

Страница 68: ...rwise subsequent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 7 Feature Information for iWAG SSO Support for GTP Feature Information Releases Feature Name In Cisco IOS ...

Страница 69: ...es for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table at the end of this module Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn...

Страница 70: ... until the router is reloaded Similarly if templating is enabled the router has to be reloaded after the no subscriber template command is entered to disable ISG policy templating Note Additional References Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands MIBs ...

Страница 71: ...uent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 8 Feature Information for Configuring ISG Policy Templates Feature Information Releases Feature Name In Cisco IOS XE R...

Страница 72: ...Intelligent Wireless Access Gateway Configuration Guide 64 OL 30226 03 Configuring ISG Policy Templates ...

Страница 73: ... software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table at the end of this module U...

Страница 74: ...fied MIBs are supported by this feature Technical Assistance Link Description http www cisco com cisco web support index html The Cisco Support website provides extensive online resources including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies To receive security and technical information about your products you can subscribe to var...

Страница 75: ...uracy for Sessions feature improves the accuracy of reported statistics for L2TP Network Server LNS sessions and traffic classes in the Stop Accounting messages In Cisco IOS XE Release 3 11S this feature was implemented on the Cisco ASR 1000 Series Aggregation Services Routers Cisco IOS XE Release 3 11 Cisco ISG Accounting Accuracy for LNS Sessions Cisco and the Cisco logo are trademarks or regist...

Страница 76: ...Intelligent Wireless Access Gateway Configuration Guide 68 OL 30226 03 Cisco ISG Accounting Accuracy for LNS Sessions ...

Страница 77: ...in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of the releases in which each feature is supported see the feature information table at the end of this module Use Cisco Feature Navigator to find information about platform ...

Страница 78: ...ss to a client Therefore the overall number of supported subscribers on the Cisco ASR 1000 Series Aggregation Services Routers are not affected by a mix of IPv4 and IPv6 traffic Prior to the introduction of the Dual Stack feature GTP supported only IPv4 sessions Note Dual Stack GTP sessions support the following session initiators Unclassified MAC IPv6 Neighbor Discovery DHCPv4 Restrictions for Du...

Страница 79: ...t ipv6 any any ipv6 access list IPV6_ACL_INTERNET2 permit ipv6 any any ipv6 access list IPV6_ACL_OPENGARDEN permit ipv6 any any Example Configuring a Classmap for Dual Stack PMIPv6 class map type traffic match any TC_OPENGARDEN defines the traffic rule used in the service using ACL match access group output name ACL_OUT_OPENGARDEN match access group input name ACL_IN_OPENGARDEN class map type traf...

Страница 80: ...dle 60 Example Configuring a Control Policy for Dual Stack PMIPv6 policy map type control PMIP_DUAL_STACK class type control always event session start 10 service policy type service name DRL_V4 applying services during dual stack 11 service policy type service name DRL_V6 applying services during dual stack 15 service policy type service name ACC_V4 applying services during dual stack 16 service ...

Страница 81: ...4 and IPv6 packets are treated as FSOL to create a session initiator dhcp DHCP control packets are used as FSOL to create DHCPv4 only session end Example Configuring the Local Mobility Anchor for Cisco ASR 5000 Routers context pgw ip pool PMIP_POOL 70 70 0 1 255 255 0 0 public 0 subscriber gw address 70 70 70 1 ip pool v4_staticpool 9 9 9 1 255 255 0 0 static ipv6 pool v6_pool prefix eeee 1 48 pub...

Страница 82: ...003 4 ipv4 address 16 1 1 2 mag M1 associating MAG with name M1 to domain D1 ipv6 address 2002 4 ipv4 address 15 1 1 1 nai MN1 example com local subscriber NAI definition for authotrization where service for this particular NAI is defined apn example com lma lma1 service dual dual stack is enabled for MN1 example com client int att ETHERNET l2 addr 0000 1111 2222 ipv6 mobile pmipv6 mag M1 domain D...

Страница 83: ...rt ip address 10 201 31 1 255 255 255 0 negotiation auto ipv6 address 2007 2 64 end Example Configuring a Control Policy for Dual Stack GTP policy map type control BB_PMAP class type control always event session start 10 authorize aaa list BB_1 password cisco identifier mac address Example Configuring an Access Interface for Dual Stack GTP interface GigabitEthernet0 0 3 ip address 21 0 0 1 255 255...

Страница 84: ... Link Description http www cisco com cisco web support index html The Cisco Support website provides extensive online resources including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies To receive security and technical information about your products you can subscribe to various services such as the Product Alert Tool accessed from F...

Страница 85: ...isco IOS XE Release 3 11S this feature was implemented on the Cisco ASR 1000 Series Aggregation Services Routers Cisco IOS XE Release 3 11 Dual Stack Support for PMIPv6 The Dual Stack Support for GTP feature allows both IPv4 and IPv6 traffic streams to flow through a single GTP session In Cisco IOS XE Release 3 11S this feature was implemented on the Cisco ASR 1000 Series Aggregation Services Rout...

Страница 86: ...Intelligent Wireless Access Gateway Configuration Guide 78 OL 30226 03 Dual Stack Support for PMIPv6 and GTP ...

Страница 87: ...ion page 79 Flow Based Redirect for Adult Content Filtering page 80 Flow Based Redirect for Selective IP Traffic Offload page 81 Activating and Deactivating the Flow Based Redirect Feature Through Vendor Specific Attributes page 82 Configuring Flow Based Redirect for a Traffic Class Service page 82 Examples page 85 Best Practices for Configuring the NAT on the Cisco ASR 1000 Series Routers page 87...

Страница 88: ... Content Filtering ACF where web traffic needs to be redirected to a Web Filtering Appliance You can apply the ACF policy to subscriber traffic in the following ways If the Wi Fi hotspot provider allows individual subscribers to opt out of the ACF the ACF policy is not applied on their personal profile For those subscribers who do not opt out of the ACF the ACF policy is applied on their personal ...

Страница 89: ...c sessions NAT is enabled at the outgoing interface level so NAT does not need to be IPoE session aware when used with Flow Based Redirect for Selective IP Traffic Offload In existing deployment a NAT or Carrier Grade Network Address Translation CGN device may exist upstream of the Intelligent Wireless Access Gateway iWAG device In such a scenario it is possible to keep the architecture in place w...

Страница 90: ...SERVICE Configuring Flow Based Redirect for a Traffic Class Service The following steps show how to configure the Flow Based Redirect feature for a traffic class service SUMMARY STEPS 1 enable 2 configure terminal 3 ip access list extended traffic class 4 permit tcp source_IP destination_IP eq port 5 class map type traffic match any traffic class map 6 match access group input name traffic class 7...

Страница 91: ...es the match criteria for the ACF_ACL traffic class map on the basis of the specified host traffic class match access group input name traffic class Example Router config traffic classmap match access group input name WEB_ACL_IN Step 6 Creates the ACF_SERVICE policy map which is used to define an ISG service policy map type service policy map name Example Router config policy map type service ACF_...

Страница 92: ...unapply identifier service name Example Router config control policymap class control 1 service policy type service unapply identifier service name Step 14 Specifies a control class for the service start event class type control always event service start Example Router config control policymap class type control always event service start Step 15 Applies the defined service upon a service start e...

Страница 93: ...ol policymap class type control always event service start Router config control policymap class control 10 service policy type service identifier service name Router config control policymap class type control always event account logoff Router config control policymap class control 10 service disconnect delay 5 Viewing the FBR Policy that is Attached to a Session To view the FBR policy that is a...

Страница 94: ... 0 375 0 0 size max drops flushes Total output drops 0 Queueing strategy fifo Output queue 0 40 size max 5 minute input rate 0 bits sec 0 packets sec 5 minute output rate 12000 bits sec 20 packets sec 7 packets input 690 bytes 0 no buffer Received 2 broadcasts 0 IP multicasts 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 overrun 0 ignored 0 watchdog 0 multicast 0 pause input 4897 pac...

Страница 95: ...lowing are the recommended best practices to configure the NAT on the Cisco ASR 1000 Series Aggregation Services Routers Restriction on the total QFP DRAM usage At 97 percent DRAM utilization depletion messages are displayed in the syslog as a warning message to make the operator aware of low QFP DRAM availability We recommend that you configure QFP DRAM CAC in the system to avoid any unexpected b...

Страница 96: ...any local addresses This type of NAT configuration is called overloading When an Interface IP is overloaded for the translations and a single IP address is used for all the expected translations a maximum of 60 000 translations can be achieved with this configuration depending on the traffic ports and the port parity involved You can use the NAT Pool Overload configuration to achieve maximum trans...

Страница 97: ...echnical issues with Cisco products and technologies To receive security and technical information about your products you can subscribe to various services such as the Product Alert Tool accessed from Field Notices the Cisco Technical Services Newsletter and Really Simple Syndication RSS Feeds Access to most tools on the Cisco Support website requires a Cisco com user ID and password Feature Info...

Страница 98: ...irect FBR feature enables Selective IP Traffic Offload SIPTO to route matching traffic to a specified next hop device Cisco IOS XE Release 3 12 Flow Based Redirect for Selective IP Traffic Offload Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL http www cisco com go trad...

Страница 99: ...method is associated with the web authentication method and is prevalent in public access control as used in public wireless LAN PWLAN applications or in limited usage as in broadband residential access Here many sessions are aggregated on a single VLAN or interface at the broadband remote access server BRAS and individual sessions are identified based on the source MAC address for the Layer 2 acc...

Страница 100: ...ilure only User authentication at the RADIUS server Profile download and auto login service activation Access to features such as change of authorization CoA account logout account stop account ping Intelligent Wireless Access Gateway Configuration Guide 92 OL 30226 03 Call Flows for Simple IP Users Simple IP Unclassified MAC Authentication MAC TAL and Web Login Call Flows ...

Страница 101: ...mple IP user Figure 10 Simple IP Unclassified MAC with MAC TAL Authentication Call Flow The following steps describe the call flow for a successful MAC TAL Web authorization for a simple IP subscriber Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 93 Call Flows for Simple IP Users Simple IP Unclassified MAC with MAC TAL Authentication Call Flow ...

Страница 102: ...subscriber for the session 4 The defined services are applied to the subscriber s session and the subscriber can start accessing the Internet 5 The subscriber now has full access to the network 6 An Accounting Start message is sent to the application provider to indicate the start of the subscriber s service The subscriber can now access the Internet services applicable as part of the subscription...

Страница 103: ... a successful MAC TAL Web authorization for a simple IP subscriber 1 The subscriber initiates IP traffic to get connected to the Internet service ISG notices a new subscriber address and creates an unauthenticated subscriber session 2 ISG then sends an authorization request to the RADIUS server with the subscriber s MAC address as the username Intelligent Wireless Access Gateway Configuration Guid...

Страница 104: ...n provider to indicate the start of the subscriber s service Now the subscriber is connected to the Internet Simple IP Unclassified MAC Authentication Call Flow Configuration The following configuration is an example of a simple IP unclassified MAC call flow This is applicable to both the MAC TAL and web logon authentication scenarios AAA and RADIUS aaa new model aaa server radius dynamic author c...

Страница 105: ...T match access group input name ACL_IN_L4REDIRECT class map type control match all IP_UNAUTH_COND match timer IP_UNAUTH_TIMER match authen status unauthenticated Redirect Group Definition redirect server group ISG_GROUP server ip 10 10 33 166 port 80 Policy Map policy map type control TAL class type control always event session start 10 service policy type service name PBHK_SERVICE 20 authorize aa...

Страница 106: ...Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Command Reference iWAG commands MIBs MIBs Link MIB To locate and download MIBs for selected platforms Cisco software releases and feature sets use Cisco MIB Locator found at the following URL http www cisco com go mibs No new or modified MIBs are supported by this featur...

Страница 107: ...equent releases of that software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 12 Feature Information for Call Flows for Simple IP Users Feature Information Releases Feature Name In Cisco IOS XE ...

Страница 108: ...Intelligent Wireless Access Gateway Configuration Guide 100 OL 30226 03 Call Flows for Simple IP Users Feature Information for Call Flows for Simple IP Users ...

Страница 109: ...s documented in this module and to see a list of the releases in which each feature is supported see the feature information table at the end of this module Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required 3G DHCP Discover Call Flow In the 3G D...

Страница 110: ...DHCP Discover authentication for a 3G user Figure 12 3G DHCP Discover Call Flow Part 1 Figure 13 3G DHCP Discover Call Flow Part 2 Intelligent Wireless Access Gateway Configuration Guide 102 OL 30226 03 Call Flows for 3G and 4G Mobile IP Users 3G DHCP Discover Call Flow ...

Страница 111: ...e WLC sends the successful EAP authentication message to the mobile device 9 The mobile device sends a DHCP Discover message to the iWAG In response to this DHCP Discover message the DHCP goes into a new pending state to wait for the signaling on the MNO side to be completed which assigns an IP address to the subscriber In response to this DHCP Discover message DHCP goes into a new pending state t...

Страница 112: ...ice 21 The WiFi subscriber traffic now has a data path through which it can flow 3G DHCP Discover Call Flow Configuration The following example shows a 3G DHCP Discover call flow configuration aaa new model authentication authorization and accounting configurations aaa group server radius AAA_SERVER1 server private 99 0 7 10 auth port 1812 acct port 1813 key cisco aaa authentication login default ...

Страница 113: ...garden match access group output name acl_out_opengarden policy map type service OPENGARDEN_SERVICE 10 class type traffic TC_OPENGARDEN accounting aaa list ACCT_SERVER class type traffic default in out drop policy map type service SERVICE_POSTPAID 20 class type traffic TC_POSTPAID police input 512000 class type traffic default in out drop policy map type service SERVICE_TIMEOUT 25 class type traff...

Страница 114: ...subscriber l2 connected integration to ISG initiator unclassified mac address initiator dhcp recognizes the incoming dhcp request interface GigabitEthernet0 3 0 description To Client facing interface ip address 192 3 1 1 255 255 0 0 negotiation auto service policy type control ISG_GTP_CONTROL ip subscriber l2 connected initiator unclassified mac address initiator dhcp interface GigabitEthernet1 3 ...

Страница 115: ... radius server host 99 0 7 10 auth port 1812 acct port 1813 radius server throttle accounting 300 radius server key cisco control plane line con 0 exec timeout 0 0 stopbits 1 line vty 0 4 exec timeout 0 0 Configuring GTP in IWAG gtp Make sure to configure mcsa before configuring GTP n3 request 7 interval t3 response 1 interval echo request 64 information element rat type wlan RAT Radio Access Tech...

Страница 116: ...AAA server and downloads the mobility parameters through an Access Accept message 4 After receiving the mobility parameters the iWAG initiates PMIP signaling by sending a PBU message to the LMA 5 The LMA responds with a PBA message that includes IP address gateway and mask 6 Now the PMIP tunnel is established between the iWAG and the LMA 7 The iWAG offers an IP address to the client and creates a ...

Страница 117: ...figuration 1 The client sends an EAP authentication request to the AP or WLC 2 The WLC sends an Access Request message to AAA server 3 On receiving Access Accept message from the AAA server the WLC authenticates the client or mobile node Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 109 Call Flows for 3G and 4G Mobile IP Users 4G DHCP Discover Call Flow ...

Страница 118: ...mobile node s request by sending a DHCP ACK message 13 The iWAG finally creates a DHCP binding 14 The mobile node configures the IP address that was offered on its wireless interface 15 The mobile node seamlessly exchanges data traffic with the correspondent node 4G DHCP Discover Call Flow Configuration The following is a 4G DHCP session initiator configuration LMA ASR 5000 context pgw ip pool PMI...

Страница 119: ...nfig terminal mcsa enable sessionmgr ipv6 mobile pmipv6 domain D1 replay protection timestamp window 255 lma lma1 ipv6 address 2001 DB8 0 1 1 mag M1 ipv6 address 2001 DB8 0 1 FFFF 1234 5 ipv6 mobile pmipv6 mag M1 domain D1 no discover mn detach sessionmgr role 3GPP apn example com address ipv6 2001 0DB8 2 4 2 interface GigabitEthernet0 1 1 lma lma1 D1 ipv6 address 2001 DB8 0 1 2 4G Roaming Call Fl...

Страница 120: ... message to iWAG 1 to delete the binding for the mobile node This call flow covers the following Session roaming from iWAG 1 to another iWAG 2 PMIP tunnel creation between LMA and iWAG 2 Assigning same IP address to the MN after roaming Session termination Intelligent Wireless Access Gateway Configuration Guide 112 OL 30226 03 Call Flows for 3G and 4G Mobile IP Users 4G Roaming Call Flow ...

Страница 121: ...re 15 4G Roaming Call Flow The following are the call flow steps for the 4G roaming configuration 1 A mobile node roams from iWAG 1 to iWAG 2 The mobile node directly sends the IP packet to iWAG 2 The iWAG 2 creates sessions and send access request to the AAA server Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 113 Call Flows for 3G and 4G Mobile IP Users 4G Roaming Call Flow...

Страница 122: ...201 1 ipv6 address 2001 DB8 1 64 ip address 10 8 24 101 255 255 255 0 secondary subscriber default exit apn serviceprovider com selection mode sent by ms accounting mode none ip context name pgw ip address pool name PMIP_POOL_TME ipv6 address prefix pool v6_pool exit lma service lma1 no aaa accounting reg lifetime 40000 timestamp replay protection tolerance 0 mobility option type value standard re...

Страница 123: ... connected initiator dhcp initiator unclassified mac In 4G roaming involving a DHCP RADIUS proxy initiated session DHCP RADIUS proxy and unclassified MAC address together indicate FSOL on the iWAG access interface Note Additional References Related Documents Document Title Related Topic Cisco IOS Master Commands List All Releases Cisco IOS commands Cisco IOS Intelligent Wireless Access Gateway Com...

Страница 124: ...at software release train also support that feature Use Cisco Feature Navigator to find information about platform support and Cisco software image support To access Cisco Feature Navigator go to www cisco com go cfn An account on Cisco com is not required Table 13 Feature Information for Call Flows for 3G and 4G Mobile IP Users Feature Information Releases Feature Name In Cisco IOS XE Release 3 1...

Страница 125: ...8 Feature Information for Call Flows for Dual Stack PMIPv6 and GTP page 129 Finding Feature Information Your software release may not support all the features documented in this module For the latest caveats and feature information see Bug Search Tool and the release notes for your platform and software release To find information about the features documented in this module and to see a list of t...

Страница 126: ...t IPoE session with Dynamic Host Configuration Protocol version 4 DHCPv4 as first sign of life FSOL for PMIPv6 Figure 16 Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for PMIPv6 Call Flow Intelligent Wireless Access Gateway Configuration Guide 118 OL 30226 03 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for PMIPv6 Call Flow ...

Страница 127: ...fier SSID broadcast by the access points to establish and maintain wireless connectivity Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 119 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for PMIPv6 Call Flow ...

Страница 128: ...sage to the iWAG 9 If the received profile has cisco mpc protocol interface attribute with value as pmipv6 then iWAG initiates PMIPv6 tunneling by sending a Proxy Binding Update PBU message to the local mobility anchor LMA 10 The LMA responds with a Proxy Binding Acknowledgment PBA message that includes IP address gateway and mask 11 The PMIPv6 tunnel is established between the iWAG and the LMA 12...

Страница 129: ...Ethernet IPoE session with IPv6 Neighbor Discovery ND as first sign of life FSOL for PMIPv6 Call Flow Figure 17 Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for PMIPv6 Call Flow Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 121 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for PMIPv6 Call Flow ...

Страница 130: ...ier SSID broadcast by the access points to establish and maintain wireless connectivity Intelligent Wireless Access Gateway Configuration Guide 122 OL 30226 03 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for PMIPv6 Call Flow ...

Страница 131: ...reated 8 The AAA server sends the RADIUS Access Accept message to the iWAG 9 If the received profile has cisco mpc protocol interface attribute with value as pmipv6 then iWAG initiates PMIPv6 tunneling by sending a Proxy Binding Update PBU message to the local mobility anchor LMA 10 The LMA responds with a Proxy Binding Acknowledgment PBA message that includes IP address gateway and mask 11 The PM...

Страница 132: ...rnet IPoE session with Dynamic Host Configuration Protocol version 4 DHCPv4 as first sign of life FSOL for GTP Figure 18 Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for GTP Call Flow Intelligent Wireless Access Gateway Configuration Guide 124 OL 30226 03 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with DHCPv4 as FSOL for GTP Call Flow ...

Страница 133: ...neling by sending a Create PDP Context Request to the GGSN 10 The GGSN sends a RADIUS Access Request to the AAA server 11 The AAA server replies with a RADIUS Access Accept message to the GGSN 12 The GGSN sends a Create PDP Context Response 13 The GTP U tunnel is established between the iWAG and the GGSN 14 The iWAG sends the IPv4 address through a DHCP Offer message to the mobile device The iWAG ...

Страница 134: ...IP over Ethernet IPoE session with IPv6 Neighbor Discovery ND as first sign of life FSOL for GTP Figure 19 Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for GTP Call Flow Intelligent Wireless Access Gateway Configuration Guide 126 OL 30226 03 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for GTP Call Flow ...

Страница 135: ...ifier SSID broadcast by the access points to establish and maintain wireless connectivity Intelligent Wireless Access Gateway Configuration Guide OL 30226 03 127 Call Flows for Dual Stack PMIPv6 and GTP Dual Stack Mobile IPoE Session with IPv6 ND as FSOL for GTP Call Flow ...

Страница 136: ...ile has cisco mpc protocol interface attribute with value as GTP then iWAG initiates GTP tunneling by sending a Create PDP Context Request to the GGSN 10 The GGSN sends a RADIUS Access Request to the AAA server 11 The AAA server replies with a RADIUS Access Accept message to the GGSN 12 The GGSN sends a Create PDP Context Response 13 The GTP U tunnel is established between the iWAG and the GGSN 14...

Страница 137: ...rmation for Call Flows for Dual Stack PMIPv6 and GTP The following table provides release information about the feature or features described in this module This table lists only the software release that introduced support for a given feature in a given software release train Unless noted otherwise subsequent releases of that software release train also support that feature Use Cisco Feature Navi...

Страница 138: ...emarks go to this URL http www cisco com go trademarks Third party trademarks mentioned are the property of their respective owners The use of the word partner does not imply a partnership relationship between Cisco and any other company 1110R Intelligent Wireless Access Gateway Configuration Guide 130 OL 30226 03 Call Flows for Dual Stack PMIPv6 and GTP ...

Страница 139: ...es page 134 Feature Information for iWAG Scalability and Performance page 135 iWAG Scaling The ASR 1000 Series Routers can be deployed as an IP session aggregator The maximum number of IP sessions that can be supported depends on the hardware combination Table below lists the iWAG scaling numbers and maximum number of IP sessions supported on the ASR 1000 hardware Hardware combination and the maxi...

Страница 140: ...WAG Scale Maximum Number of IP Sessions Supported on ASR 1000 Hardware Total number of Session combined Authenticated and Walk by Users Authenticated Users Walk by Users ESP RP Chassis 24000 8000 16000 ESP 2 5G or ESP 5G Integrated 16 GB 1001 160000 32000 128000 ESP licensing from 5G 10G 20 or 36G Integrated 16 GB 1002 X 256000 64000 192000 ESP 40G RP2 16 GB 1004 1006 1013 384000 128000 256000 ESP...

Страница 141: ...ser Support for PWLAN in iWAG In public wireless LAN PWLAN setups a high number of ISG sessions might be unauthenticated sessions from wireless devices that do not use the PWLAN service These sessions are referred to in this document as walk by sessions and users that use these sessions are referred to as walk by users Walk by sessions if not dealt with in an optimized way may consume a large port...

Страница 142: ...co com en US docs ios xml ios isg configuration xe 3s isg wlkby supp html Additional References Related Documents Document Title Related Topic Quality of Service Solutions Configuration Guide Control Plane Policing Intelligent Services Gateway Configuration Guide Cisco IOS XE Release 3S Using ARP for Keepalive Messages and Using ICMP for Keepalive Messages Cisco IOS Master Commands List All Releas...

Страница 143: ...are image support Cisco Feature Navigator enables you to determine which software images support a specific software release feature set or platform To access Cisco Feature Navigator go to http www cisco com go cfn An account on Cisco com is not required Feature Information for IWAG Scalability and Performance table lists only the software release that introduced support for a given feature in a g...

Страница 144: ...Intelligent Wireless Access Gateway Configuration Guide 136 OL 30226 03 iWAG Scalability and Performance Feature Information for iWAG Scalability and Performance ...

Отзывы:

Нет отзывов

Похожие инструкции для Intelligent Wireless Access Gateway

Бренд: AMPLIFIED ENGINEERING Страницы: 20

Бренд: ATCOM Страницы: 8

Бренд: M-system Страницы: 7

Бренд: Dinstar Страницы: 100

Sentry 556 Series

Бренд: Forum Systems Страницы: 21

Бренд: Fortinet Страницы: 13

Бренд: Fortinet Страницы: 23

Бренд: Authonet Страницы: 2

PROFIBUS DP GATEWAY

Бренд: Omron Страницы: 95

Бренд: Juniper Страницы: 26

Бренд: OWL Страницы: 16

Бренд: ActionTec Страницы: 83

Бренд: Kiwi Страницы: 60

SURFboard SBG6950

Бренд: Arris Страницы: 22

Storage Gateway

Бренд: AWS Страницы: 438

Бренд: DEERE Страницы: 45

Бренд: Raisecom Страницы: 30

Бренд: Gigalink Страницы: 46

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды