Cisco Prime Nerk 43 User Guide
Have a look at the manual Cisco Prime Nerk 43 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
27-117 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Figure 27-11 Home Agent Service Details Table 27-75 displays the Home Agent service details. Table 27-75 Home Agent Service Details Field Description Service Name The name of the home agent service. Status The status of the home agent service, which can be any one of the following: Down Running Initiated Unknown This field defaults to Down. Default Subscriber The name of the subscriber template that is applied to the subscribers. Local IP Port The User Datagram Protocol (UDP) port for the R-P interface of the IP socket. This IP port can be any value between 1 and 65535 and defaults to 699. Bind Address The IP address to which the service is bound to. This can be any address in the IPV4/IPv6 range. MIP NAT Traversal Indicates whether the acceptance of UDP tunnels for NAT traversal is enabled. Max. Subscribers The maximum subscriber sessions that could be supported.
27-118 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Force UDP Tunnel Indicates whether HA would accept requests when Network Address Translation (NAT) is not detected but the Force bit is set in the Registration Request (RRQ) with the UDP Tunnel Request. Simultaneous Bindings The maximum number of care of addresses that can be simultaneously bound for the same user identified by Network Access Identifier (NAI) and Home address. Destination Context The name of the context to assign to the subscriber, after authentication. A11 Signalling Packets IP Header DSCPThe Differential Services Code Point (DSCP) value in the IP header. Registration Life Time The registration lifetime configured for all the subscribers to the service. GRE Encapsulation Without KeyIndicates whether Generic Routing Encapsulation (GRE) without encapsulation key is used during Mobile IP sessions with FA. Idle Time Out The method the HA service uses to determine the time to reset a session idle timer, which can be any one of the following: Aggressive Handoff Normal SPI List The Security Parameter Index (SPI) between the HA service and the FA. Optimize Tunnel ReassemblyIndicates whether the option to optimize tunnel reassembly is enabled. Wi-Max 3GPP Indicates whether the Worldwide Interoperability for Microwave Access (Wi-Max)-3GPP option is enabled for the Home agent service. Private Address without Reverse TunnelThis allows calls with private addresses and there is no reverse tunneling. Per Domain Statistics CollectionThis enables/disables per-domain statistics collection. Max Sessions Configures the maximum number of subscribers that can use this service. Default is 800000. IPNE Service Configures associated IPNE Service. Bind Binds Home Agent service to IP address of interface. Radius Accounting Dropped PktsIndicates that the RADIUS accounting related configuration is enabled or disabled for dropped packets. By default this feature is disabled. Setup Time Out The maximum time (in seconds) allowed for session setup. Reverse Tunnel Indicates whether the reverse tunnel feature is enabled for the home agent feature. NoteA reverse tunnel is a tunnel that starts at the care-of address of the mobile node and terminates at the home agent. A mobile node can request a reverse tunnel between the foreign agent and the home agent when the mobile node registers. Table 27-75 Home Agent Service Details (continued) Field Description
27-119 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Viewing the AAA Configuration for Home Agent Service In order to support Packet Data Serving Node (PDSN), FA, and HA functionality, the system must be configured with at least one source context and at least two destination contexts as shown in the following figure. The source context will facilitate the PDSN service(s), and the R-P interfaces. The AAA context will be configured to provide foreign/home AAA functionality for subscriber sessions and facilitate the AAA interfaces. To view the AAA configuration: Step 1In the Logical Inventory window, choose Logical Inventory > Context> Mobile > Home Agent> Home agent service> AAA. The AAA configuration details are displayed in the content pane. Table 27-76 displays the AAA configuration for a home agent service. Min. Life Time The minimum registration life time for a mobile IP session. GRE Encapsulation With KeyIndicates whether GRE is used during mobile IP sessions with an FA. FA HA SPIs / MN HA SPIs tab SPI Number The number to indicate the security context between services. Remote Address The IP address of the source service. Hash Algorithm The hash algorithm used between the source and destination services. Time Stamp Tolerance The acceptable allowable difference in time stamps. If this difference is exceeded, then the session is rejected. Replay Protection The replay protection scheme that should be implemented by the service. Permit Any Hash AlgorithmIndicates whether verification of MN-HA authenticator using other hash algorithms is allowed, on failure of the configured hash algorithm. NoteThis field is available only in the MN HA SPIs tab. Description The description of the SPI. IPSEC Crypto Maps Map Name The name of the crypto map that is configured in the same context that defines the IPSec tunnel properties. Peer FA Address The IP address of the Peer FA to which the IPSEC SA will be established. Skey Expiry The expiry information of the secret key. Table 27-75 Home Agent Service Details (continued) Field Description
27-120 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Viewing the GRE Configuration for Home Agent Service To view the GRE configuration: Step 1In the Logical Inventory window, choose Logical Inventory > Context> Mobile > Home Agent> Home agent service> GRE. The GRE configuration details are displayed in the content pane. Table 27-77 displays the GRE configuration for a home agent service. Table 27-76 AAA Configuration for Home Agent Service Field Description AAA Context The AAA context for the home agent service. Click this link to view the relevant AAA context. AAA Accounting Indicates whether the Home Agent can send AAA accounting information for subscriber sessions. AAA Accounting GroupThe AAA Accounting group for the Home agent service. AAA Distributed MIP KeysIndicates the usage of AAA distributed MIP keys for authenticating RRQ for WiMax HA calls. DMU Refresh Key Indicates whether the Home Agent is allowed to retrieve the MN-HA key again from the AAA during the call and use this freshly retrieved key value to recheck authentication. IMSI Authentication Indicates whether MN-AAA or MN-FAC extensions are present in the RRQ. MN HA Authentication Ty p eIndicates whether the HA service looks for an MN-HA authentication in the RRQ. MN AAA Authentication TypeThe method used to send authentication request to AAA for each re-registration attempt. NoteThe initial registration request and de-registrations are handled normally. PMIP Authentication Indicates whether the HA service looks for an PMIP authentication in the RRQ. Stale Key Disconnect Indicates whether the call must be disconnected immediately on failure of MN-HA authentication. Skew Lifetime The IKE pre-shared key\u2018s time skew. Table 27-77 GRE Configuration for Home Agent Service Field Description Checksum Indicates whether insertion of GRE checksum in outgoing GRE data packets is enabled. Checksum Verify Indicates whether verification of GRE checksum in incoming GRE packets is enabled. Reorder Timeout The maximum amount of time (in milliseconds) to wait before reordered out-of-sequence GRE packets are processed.
27-121 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Viewing the Policy Configuration for Home Agent Service To view the Policy configuration: Step 1In the Logical Inventory window, choose Logical Inventory > Context> Mobile > Home Agent> Home agent service> Policy. The Policy configuration details are displayed in the content pane. Table 27-78 displays the Policy configuration for a home agent service. Viewing the Registration Revocation Details for a Home Agent Service To view the Registration revocation configuration details: Step 1In the Logical Inventory window, choose Logical Inventory > Context> Mobile > Home Agent> Home agent service> Registration Revocation. The configuration details are displayed in the content pane. Table 27-79 displays the Registration Revocation configuration for a home agent service. Sequence Mode The method to handle incoming out-of-sequence GRE packets, which can be any one of the following: Reorder None Sequence Numbers Indicates whether the option to insert or remove GRE sequence numbers in GRE packets is enabled. Table 27-77 GRE Configuration for Home Agent Service (continued) Field Description Table 27-78 Policy Configuration for Home Agent Service Field Description BC Response Code The response code for a binding cache (BC) query result in response to a network failure or error. NW-Reachability PolicyThe action to be taken on detection of an upstream network-reachability failure. Over Load Policy The overload policy within the HA service. New Call Policy The new call policy within the HA service. Null Username Policy Configures Null Username Policy to HA service Over Load Redirect / NW-Reachability Redirect IP Address The IP address associated with the policy. Weight The weightage of the IP address associated with the policy.
27-122 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Monitoring the Foreign Agent (FA) A Foreign Agent (FA) is basically a router on a mobile node’s visited network that provides routing services to the mobile node. The FA acts as a mediator between the mobile node and it’s home agent (HA). When the mobile node moves out of its home network, the FA registers the mobile node with a Care of Address (CoA). It also facilitates routing information to the mobile node’s home agent, which contains the permanent address of the node. When a node tries to communicate with a mobile node that is roaming, it sends packets to the permanent address. The HA interacts with the FA and delivers the packets to the mobile node using the COA. Figure 27-12 depicts the function of a foreign agent in a network and the different components that it interacts with. Table 27-79 Registration Revocation configuration for Home Agent Service Field Description Registration Revocation StateIndicates whether the Registration Revocation Status is enabled. Revocation IBit Indicates whether the Revocation Ibit feature is enabled. Send NAI Extension Indicates whether the option to send NAI extension in the revocation message is enabled. Handoff Old FA Indicates whether the option to send a revocation message from the HA to the FA is enabled. NoteThe revocation message is sent from the HA to the FA when an inter-access gateway or FA handoff of the MIP session occurs. Idle Timeout Indicates whether the HA must send a revocation message to the FA when the session times out. Revocation Max Retries The number of times the revocation message can be retransmitted. Revocation Timeout The maximum amount of time (in seconds) to wait for the receipt of an acknowledgement from the FA before the revocation message is transmitted again.
27-123 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Figure 27-12 Foreign Agent Architecture Viewing the Foreign Agent Configuration Details To view the Foreign Agent configuration details: Step 1Right-click the required device in the Vision client and choose Inventory. Step 2In the Logical Inventory window, choose Logical Inventory > Context> Mobile > FA. The list of Foreign agents configured in Prime Network are displayed in the content pane. Step 3From the FA node, choose a FA service. The FA service details are displayed in the content pane as shown in Figure 27-13. Radio To w e r Radio Access Network (RAN) BSC/PCF MN 320489 PDSN/FA PPP Foreign AAA R-P Interface HACN Home AAA Internet or PDN IP in IP or GRE Tunnel IP
27-124 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Figure 27-13 Foreign Agent Service Details Table 27-80 displays the Foreign Agent configuration details.
27-125 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks Table 27-80 FA Configuration Details Field Description Service Name The unique name to identify the FA service. Status The status of the FA service, which can be any one of the following: Down Running Initiated Unknown This field defaults to Down. Bind Address The IPv4 address to which the service is bound. Local IP Port The UDP port for the R-P Interface of the IP socket. This port can be any value between 1 and 65535, and defaults to 434. Max. Subscribers The maximum subscriber sessions that is supported by the service. This can be any value between 0 and 2500000, and defaults to 2500000. Default Subscriber The name of the subscriber template that is applicable to the subscribers using this domain alias. A11 Signalling Packets IP Header DSCPThe Differential Service Code Point (DSCP) value in the IP header. This value can range between 0x0 and 0x3F, and defaults to 0x0F. NoteThe Differentiated Services (DS) field of a packet contains 6 bits that represents the DSCP value. Out of these 6 bits, five of them represent the DSCP. Hence, you can assign upto 32 DSCPs for various priorities. Registration Life Time The amount of time (in seconds) that an A10 connection can exist before its registration expires. This time can be any value between 1 and 65534, and defaults to 1800 seconds. New Call Policy The call policy for one or all the services, which can be any one of the following: Reject None This field defaults to None. Challenge Window The number of challenges that can be handled by the FA. Dynamic MIP Key UpdateThe status of the Dynamic Mobile IP Key update feature. This option is disabled by default. Ignore Stale Challenge The status of the Ignore Stale Challenge in MIP RRQ. This option is disabled by default. Ignore MIP Key Data The status of the Ignore MIP Key data. This option is disabled by default. Allow Private Address Without Reverse TunnelIndicates whether the mobile node can use reverse tunnel for a private address. This option is disabled by default. Registration Timeout The amount of time (in seconds) for the registration reply timeout.
27-126 Cisco Prime Network 4.3.2 User Guide EDCS-1524415 Chapter 27 Managing Mobile Networks LTE Networks You can also view the following configuration details for a Foreign Agent service: Advertisement—Foreign agents advertise their presence on their attached links by periodically multicasting or broadcasting messages called agent advertisements. Mobile nodes listen to these advertisements and determine if they are connected to their home link or foreign link. Rather than waiting for agent advertisements, an MN can also send an agent solicitation. This solicitation forces any agents on the link to immediately send an agent advertisement. Authentication—Authentication verifies users before they are allowed access to the network and network services. GRE—Generic routing encapsulation (GRE) is a tunneling protocol used by Mobile IP. The GRE tunnel interface creates a virtual point-to-point link between two routers at remote points over an IP internetwork. If the GRE for Cisco Mobile Networks feature is enabled, the mobile router will request GRE encapsulation in the registration request only if the FA advertises that it is capable of GRE encapsulation (the G bit is set in the advertisement). If the registration request is successful, packets will be tunneled using GRE encapsulation. If the GRE for Cisco Mobile Networks feature is enabled and the mobile router is using collocated care-of address (CCoA), the mobile router will attempt to register with the HA using GRE encapsulation. If the registration request is successful, packets will be tunneled using GRE encapsulation. HA Configurations—Once the mobile node roams to a new network, it must register with the home agent as being away from home. Its registration is sent by way of the Foreign Agent (FA), the router providing service on the foreign network. A security association between the home agent (HA) and the foreign agent (FA) is mandatory. Idle Timeout Mode The idle timeout method, which can be any one of the following: Normal Aggressive Reverse Tunnel Indicates whether reverse tunneling is applicable for client mobile IP sessions. This option is enabled by default. Limit Registration Time Indicates whether MIP registration lifetime is shorter than session idle, absolute, and long-duration timeouts. By default, this option is enabled. Maximum Challenge LengthThe maximum length of the FA challenge. Optimize Tunnel ReassemblyIndicates whether tunnel reassembly is optimized for fragmented large packets passed between HA and FA. By default, this option is disabled. MN-AAA Removal IndicationIndicates whether the FA can remove MN-FAC and MN-AAA extensions from RRQs. By default, this option is disabled. Max Sessions The maximum number of subscriber sessions allowed. Standalone FA Service Shows the standalone FA service status. If the status is enabled then, the system performs only as a standalone FA. Table 27-80 FA Configuration Details (continued) Field Description