《江蘇聯(lián)通GGSN培訓(xùn)講義》由會(huì)員分享,可在線閱讀,更多相關(guān)《江蘇聯(lián)通GGSN培訓(xùn)講義(44頁珍藏版)》請(qǐng)?jiān)谘b配圖網(wǎng)上搜索。
1、,單擊此處編輯母版標(biāo)題樣式,單擊此處編輯母版文本樣式,第二級(jí),第三級(jí),第四級(jí),第五級(jí),*,*,GGSN training for Jiangsu Unicom,Motorola,Cindy Wang,1,GGSN training,GGSN簡介,-GGSN主要功能,-GGSN單板組成,數(shù)據(jù)配置,-接口配置,-APN配置,-VPN配置,-計(jì)費(fèi)配置,常見故障定位和告警排除,現(xiàn)網(wǎng)網(wǎng)絡(luò)拓?fù)?2,GGSN簡介,GGSN主要功能,提供數(shù)據(jù)包在GPRS/UMTS網(wǎng)絡(luò)和外部數(shù)據(jù)網(wǎng)絡(luò)之間的路由和封裝,GGSN在網(wǎng)絡(luò)中的位置,3,GGSN簡介,提供的業(yè)務(wù)與功能,路由,靜態(tài)路由,RIP,OSPF,IS-IS,BGP
2、,接入PDN,透明接入,非透明接入,GTP功能,GTP封裝/解封裝,創(chuàng)立/更新/刪除PDP上下文,GTP承載IP,GTP承載PPP,計(jì)費(fèi),普通計(jì)費(fèi),熱計(jì)費(fèi),內(nèi)容計(jì)費(fèi),預(yù)付費(fèi),VPN,GRE,L2TP,MPLS,平安,AAA認(rèn)證,包過濾,ACL,Gi接口重定向,QoS,4,GGSN簡介,GGSN單板組成,5,GGSN簡介,SRU單板Switching and routing unit,交換與路由單元,系統(tǒng)管理的核心單板,固定配置在9,10槽,負(fù)責(zé)搜集路由信息,產(chǎn)生和分發(fā)路由表,GGSN數(shù)據(jù)報(bào)文交換中心,GGSN操作維護(hù)代理,SPU單板Service processing unit,業(yè)務(wù)處理單元,
3、業(yè)務(wù)處理,包括GTP-U和GTP-C處理功能,計(jì)費(fèi)消息處理,LPU單板Line interface processing unit,線路接口處理單元,提供到外部網(wǎng)絡(luò)SGSN、PDN、AAA Server、CG等的物理接口,一般配置在1,2槽,6,數(shù)據(jù)配置,接口配置,邏輯接口,GGSN邏輯接口圖,接口命名規(guī)那么:,邏輯接口類型+接口編號(hào),接口編號(hào)=SPU板所在槽號(hào)/虛擬接口卡號(hào)/虛擬端口號(hào)for gn/ga/gior 全局編號(hào)(for g接口),如:gnif3/0/0,gaif3/0/0,giif3/0/0,gif0,SGSN,GGSN,CG,DNS,Server,AAA Server,R,R,
4、PDN,Gn,Gi,Ga,Ga,G(Inner),R,LNS,DHCP Se,rver,Network,R,Gi,7,數(shù)據(jù)配置,物理接口,與硬件網(wǎng)口對(duì)應(yīng),由LPU板提供,命名規(guī)那么:物理接口類型+接口編號(hào),接口編號(hào)=LPU板所在槽位號(hào)/業(yè)務(wù)接口卡號(hào)/端口號(hào),如:ethernet1/0/2,邏輯接口和物理接口的對(duì)應(yīng)關(guān)系:,LPU,SPU,SRU,GGSN,Gn/Gp,Ga,Gi,G,1,2,3,SGSN,CG,AAA/DHCP Server,PDN,Logical Interface,Physical Interface,8,數(shù)據(jù)配置,Gn/Gp接口,接口協(xié)議棧,配置步驟:,配置物理接口,Eg,
5、:ACT INTF:INTFN=ethernet1/0/0;,ADD IP:INTFN=ethernet1/0/0,IPADDR=192.168.8.2,MASK=255.255.255.240;,配置,Gn/Gp,邏輯接口,Eg,:ADD INTF:INTFN=Gnif3/0/0;,ADD IP:INTFN=Gnif3/0/0,IPADDR=220.206.131.33,MASK=255.255.255.255;,配置,GTP,相關(guān)參數(shù),SET GTP;,配置到,SGSN,的路由,ADD IPRT;,9,數(shù)據(jù)配置,Ga接口,接口協(xié)議棧,配置步驟:,配置物理接口,配置,Ga,邏輯接口,配置,C
6、G,相關(guān)信息,Eg,:SET CG:IP=192.168.8.23,GRD=0,TP=UMTS,SPN=3386;,配置到,CG,的路由,ADD IPRT;,10,數(shù)據(jù)配置,Gi接口,接口協(xié)議棧,非透明方式,透明方式,11,數(shù)據(jù)配置,Gi,接口,配置步驟,配置物理接口,配置Gi邏輯接口,配置G邏輯接口,配置到PDN,AAA Server/DHCP Server的路由,配置G接口和MS下行路由,接口維護(hù),Command,Function,LST INTF,Lists the configuration of an interface,LST IP,Lists the running state
7、of an interface.,PING,Check whether the link between the GGSN and the other entity(eg,SGSN,CGW,etc)is normal,LST CGSTAT,Query the working state of all CGs or a specified CG.,12,數(shù)據(jù)配置,Eth-trunk接口,目的:采用其主備工作模式,做可靠性組網(wǎng)。,實(shí)現(xiàn):將多個(gè)物理接口捆綁成為一個(gè)Eth-trunk,以主備方式工作,主用物理接口故障,系統(tǒng)自動(dòng)切換到備用物理接口。,GGSN reliability networking
8、,Eth-trunk0,13,數(shù)據(jù)配置,APN配置,APN根本信息 SET APN;,包括APN名稱、接入方式、地址分配方式、是否使用VPN,是否允許漫游用戶或拜訪用戶接入等;,APN對(duì)應(yīng)的本地地址池,SET POOL;,DHCP動(dòng)態(tài)分配IP地址,SET DHCPSVRIP;,SET APNDHCPSVRIP;,AAA鑒權(quán)和計(jì)費(fèi),SET AUTH;,SET ACCT,配置DNS信息,SET DNS;,14,數(shù)據(jù)配置,虛擬APN,目的:用戶可以通過攜帶同一個(gè)APN(虛擬APN)來接入不同的PDN,實(shí)現(xiàn):在GGSN上設(shè)置匹配規(guī)那么,根據(jù)用戶攜帶的虛擬APN來查找對(duì)應(yīng)的真實(shí)APN,再接入到相應(yīng)的PD
9、N。提供以下四類匹配類型:,Virtual APN of the IMSI resolution mode,15,數(shù)據(jù)配置,Virtual APN of the MSISDN resolution mode,16,數(shù)據(jù)配置,Virtual APN of the RAT resolution mode,17,數(shù)據(jù)配置,Virtual APN of the PCO resolution mode,配置:,SET APN:VIRTUALAPN=ENABLE;,SET VIRTUALAPN:,SET APNRPESPT:,SET APNSUFSPT;,18,數(shù)據(jù)配置,APN Aliases,目的:AP
10、N別名,不同的APN使用相同的網(wǎng)絡(luò)資源,配置:SET APNRELAT,19,數(shù)據(jù)配置,VPNVirtual Private Network配置,VPN特點(diǎn):,地址隔離,數(shù)據(jù)平安,同一VPN內(nèi)可達(dá),VPN分類:,第二層隧道封裝協(xié)議 將整個(gè)幀封裝在隧道中,L2TP(Layer 2 Tunneling Protocol),PPTP(Point-to-Point Tunneling Protocol),第三層隧道封裝協(xié)議 只將第三層報(bào)文封裝在隧道中,GRE(Generic Routing Encapsulation),IPSec(IP Security),20,數(shù)據(jù)配置,VPN的實(shí)現(xiàn):,21,數(shù)據(jù)配
11、置,GRE VPN的應(yīng)用,企業(yè)網(wǎng),GGSN和AAA server之間,IP over GTP layer 3 GRE VPN示意圖,22,數(shù)據(jù)配置,GRE VPN相關(guān)概念,VPN instance,VPN標(biāo)識(shí),維護(hù)獨(dú)立的路由表,與全局路由表和其它VPN實(shí)例路由表隔離,RD(Route Distinguisher),VPN-IP address=RD+IP address,每個(gè)VPN實(shí)例的RD值必須在GGSN全局上唯一,Binding,APN綁定VPN實(shí)例;確定MS上行包屬于哪個(gè)VPN實(shí)例,G接口綁定VPN實(shí)例:確定MS下行包屬于哪個(gè)VPN實(shí)例,Gi接口綁定VPN實(shí)例:確定GGSN與AAA se
12、rver的報(bào)文屬于哪個(gè)VPN實(shí)例,GRE隧道綁定VPN實(shí)例:確定VPN使用哪個(gè)GRE隧道,23,數(shù)據(jù)配置,GRE VPN應(yīng)用于企業(yè)網(wǎng)的配置思路,創(chuàng)立GRE隧道,ADD INTF;,配置隧道的源端和目的端地址,SET TUNNELSRC;,SET TUNNELDES;,創(chuàng)立VPN Instance,并指定該實(shí)例的RD,CRE VPNI;,SET VPNRTDSTG;,將MS所屬APN、與APN相關(guān)的G接口、GRE隧道均捆綁到該VPN實(shí)例上,SET APN;,SET VPNIBIND,設(shè)置VPN實(shí)例的路由信息,ADD IPRTVPN,24,數(shù)據(jù)配置,計(jì)費(fèi)配置,計(jì)費(fèi)分類,普通計(jì)費(fèi),熱計(jì)費(fèi),預(yù)付費(fèi),內(nèi)
13、容計(jì)費(fèi),相關(guān)配置,配置計(jì)費(fèi)參數(shù),SET CHARGE:CDRFORMAT=G3CDR,G3CV=R4V440,GVCL=20,THRESHOLD=5;,配置節(jié)假日、星期和費(fèi)率信息,SET FESTVL;,SET WEEKDAY;,SET TARIFF;,25,數(shù)據(jù)配置,內(nèi)容計(jì)費(fèi),目的:針對(duì)MS使用的不同業(yè)務(wù)類型進(jìn)行不同計(jì)費(fèi),實(shí)現(xiàn):通過在GGSN上對(duì)MS的上下行數(shù)據(jù)包配置不同的包過濾分析規(guī)那么,第三層過濾:源目的地IP地址,第四層過濾:協(xié)議/端口號(hào),第七層過濾:應(yīng)用協(xié)議URL,26,數(shù)據(jù)配置,內(nèi)容計(jì)費(fèi)配置舉例,ADD FILTER:NAME=wap20_tcp,PTYPE=TCP,DSTIP=1
14、0.0.0.172,L7PROT=WAP20,URL1=;,ADD CHGRULE:RNAME=uniwap_rule,FGNAME=wap20_tcp,PRIORITY=1,CK=UPDOWNSID,CHGMODE=FLOW,ACT=PARSE,UPSID=0000000001,DOWNSID=0000000001;,ADD RULEUSR:OP=APN,APN=uniwap,RNAME=uniwap_rule;,27,常見故障定位和告警排除,Common Tools,Common Commands,Cases,MS Access Failed Due To APN Configuratio
15、n Error,MS Access Failed Due To No Address Available,MS Access Succeeded But Dropped Quickly,No Downlink Data Received Without Gif Interface Configured,No G-CDR Sent to CGW Without Gaif Configuration,28,常見故障定位和告警排除,Common Tools,Message tracing tools in GGSN,Ethereal,29,常見故障定位和告警排除,Common Commands,Th
16、e following commands are usually used to do troubleshooting:,LST INTF,:is used to query the details of an interface.,LST IP,:is used to query the IP address information on an interface.,LST IPRT,:is used to query the routing information.,PING,:is used to test the interconnectivity between the C-GGSN and some network node.,TRACERT,:is used to test the path between the C-GGSN and some network node.,LST USR,:is used to query the number of online users.,LST CONTEXT,:is used to query the details of P