Service Provider WiFi: Support for Integrated Ethernet Over GRE

Similar documents
Call Flows for Simple IP Users

Flow-Based per Port-Channel Load Balancing

Virtual Fragmentation Reassembly

Controlling Access to a Virtual Terminal Line

Configuring a Load-Balancing Scheme

Configuring a Load-Balancing Scheme

CCT vs. CCENT Skill Set Comparison

Firewall Authentication Proxy for FTP and Telnet Sessions

RADIUS Server Load Balancing

co Sample Configurations for Cisco 7200 Broadband Aggreg

Firewall Support for SIP

Firewall Stateful Inspection of ICMP

DHCP Server Port-Based Address Allocation

BGP Link Bandwidth. Finding Feature Information. Contents

Transferring Files Using HTTP or HTTPS

Configuring a Load-Balancing Scheme

HTTP 1.1 Web Server and Client

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

Ethernet Overhead Accounting

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Getting Started with Configuring Cisco IOS NetFlow and NetFlow Data Export

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Encrypted Preshared Key

Cisco IOS Flexible NetFlow Command Reference

Constraining IP Multicast in a Switched Ethernet Network

Image Verification. Finding Feature Information. Restrictions for Image Verification

Configuring Aggressive Load Balancing

QoS: CBQoS Management Policy-to- Interface Mapping Support Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 1000)

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

QoS: Color-Aware Policer

Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example

VLAN and QinQ Technology White Paper

End of Sale/End of Life Report Tool Usage Notes for CiscoWorks NCM 1.6

Using Link Layer Discovery Protocol in Multivendor Networks

Multiprotocol Label Switching Load Balancing

Implementing Object Tracking on Cisco IOS XR Software

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Configuring Enhanced Object Tracking

Interconnecting Cisco Network Devices 1 Course, Class Outline

Course Contents CCNP (CISco certified network professional)

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

Configuring Auto-MDIX

Web Authentication Proxy on a Wireless LAN Controller Configuration Example

Interconnecting Cisco Networking Devices Part 2

Configuring Aggressive Load Balancing

Deployment Guide: Cisco Guest Access Using the Cisco Wireless LAN Controller

Configure ISDN Backup and VPN Connection

What is VLAN Routing?

Configuring the Device for Access Point Discovery

"Charting the Course...

Connecting Remote Offices by Setting Up VPN Tunnels

Cisco Which VPN Solution is Right for You?

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Lab - Using IOS CLI with Switch MAC Address Tables

How To Learn Cisco Cisco Ios And Cisco Vlan

Lab Organizing CCENT Objectives by OSI Layer

Configuring DHCP Snooping

Topic 7 DHCP and NAT. Networking BAsics.

Configuring Right-To-Use Licenses

Cisco Nexus 1000V Virtual Ethernet Module Software Installation Guide, Release 4.0(4)SV1(1)

On-boarding and Provisioning with Cisco Identity Services Engine

Configuring DHCP. DHCP Server Overview

Release Notes for Cisco C881G-U-K9

Device Interface IP Address Subnet Mask Default Gateway

V310 Support Note Version 1.0 November, 2011

GLBP - Gateway Load Balancing Protocol

Using Cisco UC320W with Windows Small Business Server

Skills Assessment Student Training Exam

Apache CloudStack 4.x (incubating) Network Setup: excerpt from Installation Guide. Revised February 28, :32 pm Pacific

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

VRRPv3: Object Tracking Integration

A Software Defined Networking Approach To Cable Wi-Fi Alon Bernstein, Vince Pandolfi, Charles Duffy, Sangeeta Ramakrishnan Cisco Systems

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

Securing Networks with PIX and ASA

Cisco Video Surveillance Operations Manager Mobile App User Guide

IPv6 for AT&T Broadband

VLANs. Application Note

Configuring IKEv2 Load Balancer

Cisco Networking Professional-6Months Project Based Training

RADIUS Server Load Balancing

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Cisco Collaboration with Microsoft Interoperability

Configuring Network Address Translation (NAT)

Procedure: You can find the problem sheet on Drive D: of the lab PCs. 1. IP address for this host computer 2. Subnet mask 3. Default gateway address

Configuring DNS. Finding Feature Information

Integrating a Hitachi IP5000 Wireless IP Phone

L2TP Dial-Out Load Balancing and Redundancy

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

NetFlow Subinterface Support

Network Virtualization Network Admission Control Deployment Guide

NAT TCP SIP ALG Support

Creating a Gateway to Client VPN between Sidewinder G2 and a Mac OS X Client

Catalyst Layer 3 Switch for Wake On LAN Support Across VLANs Configuration Example

Configuring H.323 over Port Network Address Translation (PNAT) for Avaya IP Endpoints using the Avaya SG200 Security Gateway - Issue 1.

: Interconnecting Cisco Networking Devices Part 2 v1.1

Configuring Secure Socket Layer HTTP

Digitally Signed Cisco Software

Abstract. MEP; Reviewed: GAK 10/17/2005. Solution & Interoperability Test Lab Application Notes 2005 Avaya Inc. All Rights Reserved.

Layer 3 Routing User s Manual

Transcription:

Service Provider WiFi: Support for Integrated Ethernet Over GRE First Published: November 28, 2012 Last Updated: November 20, 2013 Generic Routing Encapsulation (GRE) is a tunneling protocol that encapsulates a wide variety of network layer protocols inside virtual point-to-point links over a Layer 3 IPv4 or Layer 3 IPv6 access network. Ethernet over GRE (EoGRE) is a new aggregation solution for aggregating WiFi traffic from hotspots. This solution enables customer premises equipment (CPE) devices to bridge the Ethernet traffic coming from an end host, and encapsulate the traffic in Ethernet packets over an IP GRE tunnel. When the IP GRE tunnels are terminated on a service provider broadband network gateway, the end host s traffic is terminated and subscriber sessions are initiated for the end host. Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Finding Feature Information Figure 1 shows the structure of the Ethernet over GRE. Figure 1 Ethernet Over GRE Structure Finding Feature Information Your software release may not support all the features documented in this module. For the latest information about features and caveats, see the release notes document pertaining to your platform and software release. To find information about the features documented in this module and to view a list of the releases in which each feature is supported, see the Feature Information for Configuring Ethernet Over GRE section on page 14. Use the Cisco Feature Navigator to find information about platform support and Cisco IOS and Cisco Catalyst operating system software image support. To access the Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required. Contents Restrictions for Configuring Ethernet Over GRE, page 3 Prerequisites for Configuring Ethernet Over GRE, page 3 Information About Configuring Ethernet Over GRE, page 3 Supported Features, page 8 How to Configure the EoGRE Feature, page 8 Additional References, page 13 Feature Information for Configuring Ethernet Over GRE, page 14 2

Restrictions for Configuring Ethernet Over GRE Restrictions for Configuring Ethernet Over GRE The following features are not supported on the Cisco ASR 1000 Series Aggregation Services Routers: IPsec tunnel between the Cisco ASR 1000 Series Aggregation Services Routers and the CPE devices. Native multicast coexistence for subscribers Per-CPE QoS IPv6 subscriber The Cisco Intelligent Services Gateway (ISG) RADIUS proxy initiator QinQ tag for the inner L2 frame High Availability is not supported. Prerequisites for Configuring Ethernet Over GRE Before you configure the Ethernet over GRE feature on the Cisco ASR 1000 Series Aggregation Services Routers, ensure that the following prerequisites are met: A physical interface or dot1q interface should be configured. The ISG policy should not be applied to the physical interface. Information About Configuring Ethernet Over GRE The Cisco ASR 1000 Series Aggregation Services Routers serve as a service provider broadband network gateway that: Terminates IPv4 or IPv6 GRE tunnels. Manages the subscriber session for end-host clients. The EoGRE feature works with legacy residential gateways and CPE devices to terminate the Ethernet L2 traffic in the Cisco ASR 1000 Series Aggregation Services Routers. When configured as an intelligent Wireless Access Gateway (iwag) with EoGRE access tunneling support, the Cisco ASR 1000 Series Aggregation Services Routers can extend mobility and the ISG services in support of these legacy devices. Figure 2 shows the structure of the EoGRE feature with PMIP/GTP integrated for mobility service. 3

3G 9:42 AM Information About Configuring Ethernet Over GRE Figure 2 Structure of the EoGRE Feature with PMIP/GTP Integrated for Mobility Service Indoor Hotspot Metro WiFi IP or Ethernet Aggregation Network Public User IP Traffic iwag with EoGRE Access Internet Topology View Transport View Public User IP Traffic EoGRE Tunnel DA configured on AP to point to EoGRE GW IP Terminate EoGRE directly into ISG Session Apply ISG Subscriber features and control GGSN with GTPv1 access or PGW with PMIPv6 over s2a Agg. Network Encap (IPoE) GRE Ethernet Core Network Encap (IPoIP) GTP or PMIPv6 Internet Indoor/Outdoor Managed AP iwag with EoGRE Access GGSN or PGW User IP obtained via DHCP. AP in DHCP relay mode Proxy ARP for Subscribers EoGRE Tunnel IP Address = RG IP Address EoGRE Endpoint IP configured in AP 360124 4

3G 9:42 AM Information About Configuring Ethernet Over GRE Figure 3 shows the structure of the EoGRE feature for simple IP service. Figure 3 Structure of the EoGRE Feature for Simple IP Service Indoor Hotspot Metro WiFi IP or Ethernet Aggregation Network Public User IP Traffic iwag with EoGRE Access NAT IP/MPLS Internet Topology View Transport View Public User IP Traffic EoGRE Tunnel DA configured on AP to point to EoGRE GW IP Terminate Guest L2TP PPPor IP sessions. ROute to ISG Apply ISG Subscriber features and control Optional NAT Stage if Provider allocates Private IPs to subs Agg. Network Encap (IPoE) GRE Ethernet IP/MPLS Internet Indoor/Outdoor Managed AP iwag with EoGRE Access NAT User IP obtained via DHCP. AP in DHCP relay mode Proxy ARP for Subscribers EoGRE Tunnel IP Address = RG IP Address EoGRE Endpoint IP configured in AP (Optional) 360125 The EoGRE feature supports the following deployments: EoGRE Deployment with PMIPv6 Integrated for Mobility Service, page 6 EoGRE Deployment with GTP Integrated for Mobility Service, page 7 EoGRE Deployment with ISG Integrated for Simple IP Service, page 7 5

Information About Configuring Ethernet Over GRE EoGRE Deployment with PMIPv6 Integrated for Mobility Service Proxy Mobile IPv6 (PMIPv6) provides mobility service to the mobile nodes that are connected to the Mobile Access Gateway (MAG) via an EoGRE tunnel. Figure 4 shows the structure of the EoGRE deployment with PMIPv6 integrated for mobility service. Figure 4 Structure of the EoGRE Deployment with PMIPv6 Integrated for Mobility Service Mobile nodes access the mobile internet service over Wi-Fi access points. The access points are either autonomous access points or are connected to the Cisco Wireless LAN Controller (WLC). These access points and WLCs are used as residential gateways or CPE devices. CPEs are preconfigured with a point-to-multipoint GRE IP tunnel to the Cisco ASR 1000 Series Aggregation Services Routers as the MAG. The tunnel from the CPE device can be configured with a static GRE key. The CPEs are provisioned to forward the Ethernet traffic from both public and private customers to the GRE tunnel, and to add a VLAN tag on the Ethernet frame before forwarding the traffic. As with regular PMIPv6 deployments, the Cisco ASR 1000 Series Aggregation Services Routers can create IP sessions on EoGRE access tunnels similar to the regular IP sessions on the physical Ethernet interfaces, and allocate IP addresses for mobile nodes, either locally or in the proxy mode. Mobility service is provided to the mobile nodes and the tunneled Ethernet traffic is forwarded via IP tunnels to the Local Mobility Anchor (LMA). Note When you ping a mobile node from the MAG with a packet size that is larger than that of the path maximum transmission unit (PMTU) that is configured with the DF bit set, the packet will be dropped. However, you will not get the return type as M.M.M (could not fragment). This is reflected in the log messages or error messages. For more information about PMIPv6 and the ISG configurations for the iwag, see the Intelligent Wireless Gateway Configuration Guide, Cisco IOS Release 3S. 6

3G 9:42 AM 3G 3G 9:42 AM 9:42 AM Information About Configuring Ethernet Over GRE EoGRE Deployment with GTP Integrated for Mobility Service GPRS Tunneling Protocol (GTP) provides mobility service to the mobile nodes that are connected to the iwag via an EoGRE tunnel, as shown in Figure 5. Figure 5 Structure of the EoGRE Deployment with GTP Integrated for Mobility Service WLC/CPE Ethernet Over IP Mobility within same iwag Ethernet Over IP iwag-1 GTP Tunnel to GGSN CPE Mobility across different iwags GTP Tunnel to GGSN GGSN Ethernet Over IP iwag-2 CPE 360171 For more information about the GTP and ISG configurations for the iwag, see the Cisco ASR 1000 Series Aggregation Services Routers Software Configuration Guide. EoGRE Deployment with ISG Integrated for Simple IP Service The ISG provides simple IP service to mobile nodes that are connected to ISG via the EoGRE tunnel, as shown in Figure 6. The Cisco ASR 1000 Series Aggregation Services Routers use the ISG framework to allocate IP sessions for authenticated subscribers. Simple IP subscribers are provided ISG services, including Internet access, but are not provided access to mobility services via GTP or PMIPv6. 7

Supported Features Figure 6 Structure of the EoGRE Deployment with ISG Integrated for Simple IP Service Supported Features The following features are supported as part of the EoGRE feature on the Cisco ASR 1000 Series Aggregation Services Routers: Ethernet over GRE traffic termination on the routers Frames can have up to one dot1q VLAN tag L2-connected IPv4 mobile nodes GRE tunnel for IPv4 or IPv6 ISG and PMIPv6 or GTP integrated with the EoGRE tunnel ISG initiator-unclassified MAC, DHCP, DNAv4 Subscriber roaming How to Configure the EoGRE Feature SUMMARY STEPS 1. enable 2. configure terminal 3. interface interface-name 4. ip unnumbered loopback interface-name or ip address ip-address 5. tunnel source interface-type interface-number 6. (For simple IP mode) mac-address H.H.H 7. tunnel mode ethernet gre ipv4 8

How to Configure the EoGRE Feature or tunnel mode ethernet gre ipv6 8. (Optional) tunnel vlan vlan-id 9. end DETAILED STEPS Step 1 Step 2 Command or Action enable Router> enable configure terminal Purpose Enables the privileged EXEC mode. Enter your password, if prompted. Enters the global configuration mode. Step 3 Router# configure terminal interface interface-name Specifies the logical interface for the EoGRE tunnel. Step 4 Router(config)# interface Tunnel 0 ip unnumbered loopback interface-name Router(config-if)# ip unnumbered loopback 0 or ip address ip-address For PMIPv6 and GTP scenarios, an unnumbered address or a specified IP address can be configured on the tunnel interface. For a simple IP scenario, only a specified IP address can be configured on the tunnel interface. This IP address can be used as a default gateway IP address. Step 5 Step 6 Router(config-if)# ip address 20.1.1.2 255.255.255.0 tunnel source interface-type interface-number Router(config-if)# tunnel source Loopback 0 (For simple IP mode) mac-address H.H.H Router(config-if)# mac-address 0000.5e00.5213 Sets the source interface for the EoGRE tunnel interface. Sets the source MAC address for the EoGRE tunnel interface. The MAC address is mandatory for simple IP deployment. For PMIPv6/GTP, the default MAC address associated with EoGRE Tunnel is 0000.5e00.5213. 9

How to Configure the EoGRE Feature Step 7 Command or Action tunnel mode ethernet gre ipv4 Router(config-if)# tunnel mode ethernet gre ipv4 or tunnel mode ethernet gre ipv6 Purpose Sets the EoGRE encapsulation mode for the tunnel interface for IPv4. or Sets the EoGRE encapsulation mode for the tunnel interface for IPv6. Step 8 Router(config-if)# tunnel mode ethernet gre ipv6 (Optional) tunnel vlan vlan-id (Optional) Sets the VLAN ID of the EoGRE tunnel. Step 9 Router(config-if)# tunnel vlan 1000 end Ends the current configuration session. Router(config-if)# end 10

How to Configure the EoGRE Feature Examples aaa new-model aaa group server radius AAA_SERVER_CAR server-private 5.3.1.76 auth-port 2145 acct-port 2146 key cisco aaa authentication login default none aaa authentication login ISG_PROXY_LIST group AAA_SERVER_CAR aaa authorization network ISG_PROXY_LIST group AAA_SERVER_CAR aaa authorization subscriber-service default local group AAA_SERVER_CAR aaa accounting network PROXY_TO_CAR action-type start-stop group AAA_SERVER_CAR aaa accounting network ISG_PROXY_LIST start-stop group AAA_SERVER_CAR aaa server radius dynamic-author client 5.3.1.76 server-key cisco auth-type any ignore server-key ip dhcp excluded-address 172.16.254.254 ip dhcp pool ISG_SIMPLE_IP network 172.16.0.0 255.255.0.0 default-router 172.16.254.254 domain-name cisco.com policy-map type control EOGRE_L2_ISG class type control always event session-start 2 authorize aaa list ISG_PROXY_LIST password cisco identifier mac-address 4 set-timer IP_UNAUTH_TIMER 5 class type control always event service-start 1 service-policy type service identifier service-name 2 collect identifier nas-port interface Loopback0 ip address 9.9.9.9 255.255.255.255 interface GigabitEthernet1/0/0 ip address 192.168.0.9 255.255.255.0 negotiation auto interface GigabitEthernet1/0/0.778 description "to ASR5K GGSN" encapsulation dot1q 778 ip address 172.16.199.9 255.255.255.0 interface Tunnel10 description "EoGRE Tunnel for Simple IP subscribers" mac-address 0000.5e00.5213 ip address 172.16.254.254 255.255.0.0 no ip redirects tunnel source 172.16.199.9 tunnel mode ethernet gre ipv4 service-policy type control EOGRE_L2_ISG ip subscriber l2-connected 11

How to Configure the EoGRE Feature initiator unclassified mac-address initiator dhcp interface Tunnel100 description "IPv4 EoGRE Tunnel for PMIP/GTP subscribers" ip unnumbered Loopback0 tunnel source GigabitEthernet1/0/0 tunnel mode ethernet gre ipv4 tunnel vlan 100 service-policy type control EOGRE_L2_ISG ip subscriber l2-connected initiator unclassified mac-address initiator dhcp interface Tunnel200 description "IPv6 EoGRE Tunnel for PMIP/GTP subscribers" ip unnumbered Loopback0 tunnel source 2001:161::9 tunnel mode ethernet gre ipv6 tunnel vlan 200 service-policy type control EOGRE_L2_ISG ip subscriber l2-connected initiator unclassified mac-address initiator dhcp mcsa enable sessionmgr ipv6 mobile pmipv6-domain D1 replay-protection timestamp window 255 lma LMA_5K ipv4-address 192.168.199.1 ipv6 mobile pmipv6-mag M1 domain D1 sessionmgr role 3GPP address ipv4 9.9.9.9 interface Tunnel100 interface Tunnel200 lma LMA_5K D1 ipv4-address 192.168.199.1 encap gre-ipv4 ntp master gtp information-element rat-type wlan interface local GigabitEthernet1/0/0.778 apn 1 apn-name gtp.com ip address ggsn 172.16.199.1 fixed link-layer address 00ab.00cd.00ef default-gw 20.100.254.254 prefix-len 16 dns-server 20.100.254.254 dhcp-server 20.100.254.254 end You can use the following commands to check and show subscriber session information: show ip dhcp sip statistics show subscriber statistics show subscriber session 12

Additional References show ipv6 mobile pmipv6 mag binding show gtp pdp-context all show interface tunnel-name Additional References The following sections provide references related to the Configuring Ethernet over GRE feature. Related Documents Related Topic Cisco IOS commands Cisco IOS Configuration Fundamentals Document Title Cisco IOS Master Commands List, All Releases Cisco IOS Configuration Fundamentals Command Reference Standards Standard No new or modified standards are supported by this feature. Title MIBs No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature. RFCs No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature. 13

Feature Information for Configuring Ethernet Over GRE Technical Assistance Description The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and resolving technical issues with Cisco products and technologies. To receive security and technical information about your products, you can subscribe to various services, such as the Product Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds. Access to most tools on the Cisco Support website requires a Cisco.com user ID and password. Link http://www.cisco.com/cisco/web/support/index.html Feature Information for Configuring Ethernet Over GRE Table 1 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS XE Release 3.9.1S or later appear in the table. Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the corresponding command reference documentation. Use the Cisco Feature Navigator to find information about platform support and software image support. The Cisco Feature Navigator enables you to determine which Cisco IOS and Cisco Catalyst operating system software images support a specific software release, feature set, or platform. To access the Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required. Table 1 Feature Information for the Configuring Ethernet Over GRE Feature Feature Name Releases Feature Information Service Provider WiFi: Integrated Ethernet Over GRE 3.9.1S This feature enables the Ethernet over Generic Routing Encapsulation (EoGRE) tunnel to be used as a service provider WiFi access interface from CPE devices. A Cisco ASR 1000 Series Aggregation Services Router is used as an L2 aggregator to terminate L2 traffic at the GRE tunnel interface and provide L3 services. In Cisco IOS XE Release 3.9.1S, this feature is implemented on the Cisco ASR 1000 Series Aggregation Services Routers. The following sections provide information about this feature: Information About Configuring Ethernet Over GRE How to Configure the EoGRE Feature 14

Feature Information for Configuring Ethernet Over GRE Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental. 2012-2013 Cisco Systems, Inc. All rights reserved. 15

Feature Information for Configuring Ethernet Over GRE 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information