Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Information
ENGLISH
NOV 2002
68P09301A55A
Copyrights
This instruction manual, and the Motorola products described in this instruction manual may be, include or describe copyrighted
Motorola material, such as computer programs stored in semiconductor memories or other media. Laws in the United States and
other countries preserve for Motorola and its licensors certain exclusive rights for copyrighted material, including the exclusive
right to copy, reproduce in any form, distribute and make derivative works of the copyrighted material. Accordingly, any
copyrighted material of Motorola and its licensors contained herein or in the Motorola products described in this instruction manual
may not be copied, reproduced, distributed, merged or modified in any manner without the express written permission of Motorola.
Furthermore, the purchase of Motorola products shall not be deemed to grant either directly or by implication, estoppel, or
otherwise, any license under the copyrights, patents or patent applications of Motorola, as arises by operation of law in the sale of a
product.
Copyrighted Materials
Software and documentation are copyrighted materials. Making unauthorized copies is prohibited by law. No part of the software or
documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or
computer language, in any form or by any means, without prior written permission of Motorola, Inc.
Trademarks
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are
the property of their respective owners.
Copyright 2002 Motorola, Inc.
Javat Technology and/or J2MEt: Java and all other Javabased marks are trademarks or registered trademarks of Sun
Microsystems, Inc. in the U.S. and other countries.
UNIXR: UNIX is a registered trademark of The Open Group in the United States and other countries.
REV091302
Foreword
Scope of manual
This manual is intended for use by cellular telephone system
craftspersons in the day-to-day operation of Motorola cellular system
equipment and ancillary devices.
This manual is not intended to replace the system and equipment
training offered by Motorola, although it can be used to supplement or
enhance the knowledge gained through such training.
Obtaining Manuals
To view, download, or order manuals (original or revised), visit the
Motorola Lifecycles Customer web page at http://services.motorola.com,
or contact your Motorola account representative.
If Motorola changes the content of a manual after the original printing
date, Motorola publishes a new version with the same part number but a
different revision character.
Text conventions
The following special paragraphs are used in this manual to point out
information that must be read. This information may be set-off from the
surrounding text, but is always preceded by a bold title in capital letters.
The four categories of these special paragraphs are:
NOTE
Presents additional, helpful, non-critical information that
you can use.
IMPORTANT
CAUTION
Presents information to identify a situation in which
damage to software, stored data, or equipment could occur,
thus avoiding the damage.
WARNING
Presents information to warn you of a potentially
hazardous situation in which there is a possibility of
personal injury.
NOV 2002
Foreword continued
+18004335202
+44 (0) 1793565444
+861088417733
+81354633550
+5112124020
NOV 2002
General Safety
Remember! . . . Safety
depends on you!!
The following general safety precautions must be observed during all
phases of operation, service, and repair of the equipment described in
this manual. Failure to comply with these precautions or with specific
warnings elsewhere in this manual violates safety standards of design,
manufacture, and intended use of the equipment. Motorola, Inc. assumes
no liability for the customers failure to comply with these requirements.
The safety precautions listed below represent warnings of certain dangers
of which we are aware. You, as the user of this product, should follow
these warnings and all other safety precautions necessary for the safe
operation of the equipment in your operating environment.
Ground the instrument
To minimize shock hazard, the equipment chassis and enclosure must be
connected to an electrical ground. If the equipment is supplied with a
three-conductor ac power cable, the power cable must be either plugged
into an approved three-contact electrical outlet or used with a
three-contact to two-contact adapter. The three-contact to two-contact
adapter must have the grounding wire (green) firmly connected to an
electrical ground (safety ground) at the power outlet. The power jack and
mating plug of the power cable must meet International Electrotechnical
Commission (IEC) safety standards.
NOTE
Refer to Grounding Guideline for Cellular Radio
Installations 68P81150E62.
iii
iv
NOV 2002
Motorola - Cisco
PDN IOS Integration
White Paper
Note: This is a dynamic document that is subject to change without notice.
Abstract: This document addresses the integration between Motorola RAN (Radio Access Network) and Cisco
PDSN/HA running Release 1.2 using Cisco AR3.0.
Motorola, Inc.
Inter Vendor Verification and Validation Group
5555 N. Beach St.
Fort Worth, Texas 76137
Version 1.0
Page 1 of 30
Revision History
This revision history page is intended to ensure that all parties are knowledgeable of the additions,
deletions, and updates made to the white paper.
Version
0.1
0.2
1.0
Version 1.0
Sections
All
All
All
Date
Oct. 9, 2002
Oct. 14, 2002
Nov. 15, 2002
Authors
Tracy McElvaney
Tracy McElvaney
Tracy McElvaney
Description
Initial Draft
Updates after review by Cisco Dev/Test group
Updates after review by TIPS and MOT
development, additional information on
upgrade strategy, corrections to config file
statements.
Page 2 of 30
Glossary
A
A10 / A11 IOS packet data interface between PCF
and PDSN. See also RP.
AAA Authentication, Authorization and
Accounting Server
AN Access Node
AR Access Registrar (see AAA)
AREGCMD Cisco Access Registrar Command
Line Interface
M
MIP Mobile Internet Protocol
MN Mobile Node
MN-AAA Mobile Node to AAA authentication
(Mobile IP only).
MN-HA Mobile Node to Home Agent
Authentication (Mobile IP only).
MPPC Microsoft Point-to-Point Compression
Protocol
B
BTS Base Transceiver Station
BVI Bridged Virtual Interface
N
NAS Network Address Server
C
CAT (6509) Cisco Catalyst 6509 switch used in
Motorola Access Node
CBSC Centralized Base Station Controller
CCO Cisco Connection Online
CDG CDMA Data Group
CDMA Code Division Multiple Access
CDMA-Ix CDMA RP interface defined on Cisco
PDSN
CLI Command Line Interface
O
1X - RTT CDMA 2000 Radio Transmission
Technology (1 * 1.25MHz spread spectrum)
OMC Operations and Maintenance Center
OSPF Open Shortest Path First
P
PA Port Adapter
PCF Packet Control Function
PDN Packet Data Network
PDSN Packet Data Serv ing Node
Pi Payload Interface
PPP Point-to-Point Protocol
F
FA Foreign Agent (see also PDSN)
FE Fast Ethernet
FTP File Transfer Protocol
R
RAN Radio Access Network
RP Radio Packet Interface (see also A10/A11)
G
H
HA Home Agent
Home AR AAA serving the Home Agent for MIP
connections.
HSRP Hot Standby Routing Protocol
I
IMSI International Mobile Station Identity
IOS Inter-Operability Specification
IP Internet Protocol
IPSEC Internet Protocol Security
IVVV Inter-Vendor Verification and Validation
L
Local AR AAA serving the PDSN/FA for local
connections.
Version 1.0
S
SA-ISA IPSEC Service Adapter for Cisco
PDSN/HA
SIP Simple Internet Protocol
T
TCP Transfer Control Protocol
TX - Transceiver
U
V
VJ TCP/IP Van Jacobsen TCP/IP Header
Compression
VLAN Virtual Local Area Network
VPDN Virtual Private Dial-up Networking
VPN Virtual Private Networking
Page 3 of 30
1 References
[1] Cisco Packet Data Serving Node (PDSN) Release 1.2 ; published by Cisco on CCO web site.
[2] Relase Notes for the Cisco PDSN 1.2 feature in Cisco IOS release 12.2(8)BY ; published by Cisco on
CCO web site.
[3] Cisco CDMA2000 Home Agent ; published by Cisco on CCO web site.
[4] Release Notes for the Cisco Home Agent 1.2 feature in Cisco IOS release 12.2(8)BY ; published by
Cisco on CCO web site.
[5] Cisco-Motorola CDMA 1XRTT Packet Network Configuration; ENG119255 version 2.1; published
internally to test groups by Cisco Systems
[6] Cisco Access Registrar 3.0 Documentation ; published by Cisco on CCO web site.
* The Cisco CCO web site can be accessed at http://www.cisco.com
Version 1.0
Page 4 of 30
Table of Contents
1
REFERENCES ......................................................................................................................................................................4
SCOPE.....................................................................................................................................................................................6
HA CONFIGURATION.................................................................................................................................................... 26
PDSN M OBILE-IP CONFIGURATION.......................................................................................................................... 28
HOME AAA CONSIDERATIONS................................................................................................................................... 29
Version 1.0
Page 5 of 30
2 Scope
This document is intended to provide a descriptio n of the steps required to integrate the Motorola
CDMA 1X-RTT RAN and Cisco 7206 VXR NPE-400 running Cisco PDSN/HA Release 1.2.
The corresponding Cisco AR release used for this integration is 3.0. This paper will ensure the
respective systems inter-operate through Motorolas CDMA CDG A10/A11 IOS Interface.
Since there is no Motorola specific requirement for the configuration of the Cisco AR, it will not
be addressed in this document. The relevant AR material required for configuration can be
accessed by the hyperlink in the References section.
This document is a technically oriented guide that will describe and explain the steps to deploy a
Motorola-Cisco IOS system. It has been assumed that the necessary database is already data
filled on CBSC and required IP planning is in place for the Cisco PDN and Access Node. The
integration process has been implemented and tested in the IVVV lab in Fort Worth.
Disclaimer: This paper is not intended to replace installation/configuration documentation
provided by either Motorola or Cisco. It is intended to provide the guidance necessary to ensure
successful integration of the Motorola RAN with the Cisco PDSN. All information in this
document is based on experiences learned during the IVVV certification of the Cisco PDN
Release 1.2. It is the end users responsibility to have at their disposal all related
installation/configuration documentation provided by each company. Due to the complex nature
of the networking equipment involved, this document will not attempt to cover all possible
configurations.
Version 1.0
Page 6 of 30
Fa2/0
Access Node
Fa1/0
Fa0/0
Fa0/1
PCF-1
HA-1 /
Controller-2 /
PDSN-3
PCF-2
Controller-1 /
HA-2 /
PDSN-4
PCF-3
PDSN-1
Local AR
Home AR
PDSN-2
Internet
DNX-11
Firewall
Data Client:
Win2K
Win98
Linux
BTS -2
BTS -1
Version 1.0
BTS -3
Mobile Nodes:
Motorola 120X
Kyocera 2345
Qualcomm Twister
Page 7 of 30
SA-ISA
PA-FE-TX
PA-FE-TX
The two Fast Ethernet port adaptors (PA-FE-TX) will be configured for RP and Pi traffic. For
Motorolas implementation, which uses OSPF routing, it is recommended that one FE port
adaptor will handle all incoming traffic to the PDSN, while the other FE port adaptor will be
configured to handle all outgoing traffic from the PDSN. AAA and Network Management
traffic will be handled by the two 10/100 Ethernet ports hosted on the I/O controller and
configured using a BVI.
If the PDSN/HA will support IPSEC, an SA-ISA service adaptor is required. The SA-ISA card
should be in the identical slot as above (slot 4/1). The SA-ISA card is not required for a PDSN
controller.
This recommended configuration takes into account port adaptor redundancy, switching
redundancy, back office traffic redundancy, and cluster controller redundancy.
For Release 1.2, there are several types of PDSN / HA images, depending on the performance,
clustering capabilities and extended features that will be supported. The following table will
explain which image types are required for different PDSN/HA configurations.
Image Name
C7200-c5is- mz
Description
Basic PDSN Image
C7200-c5ik9s- mz
Basic PDSN w/
IPSEC
Enhanced PDSN
C7200-c6is- mz
C7200-c6ik9s- mz
Version 1.0
Enhanced PDSN w/
IPSEC
Comments
Peer-to-Peer Clustering, no prepaid, lower
session capacity
Peer-to-Peer Clustering, no prepaid,
requires SA-ISA adapter
Controller/Member Clustering or Peer-toPeer Clustering, Prepaid support
Controller/Member Clustering or Peer-toPeer Clustering, Prepaid support, requires
Page 8 of 30
SA-ISA adapter
C7200-h1is-mz
Basic HA Image
Use with C7200-c5is- mz or C7200-c6ismz image
C7200-h1ik92- mz
Basic HA image w/
Use with C7200-c5ik9s- mz or C7200IPSEC support
c6ik9s- mz image
*Note: Special export requirements apply to all IPSEC images which will be installed outside
the United States.
Page 9 of 30
physically connected to a single AN, or any combination of the devices can be configured in a
distributed fashion such that the AN routes packets from the PCF to the customer network and on
to a PDSN/HA/AR, which is physically located remotely in the customers network.
4.3.1 Direct to AN
In the direct configuration, the PDSN/HA and AR devices (or any combination thereof) will be
directly connected to the CAT 6509 routers in the Access Node. The routing should be
configured using OSPF and VLANs so that redundancy and load sharing are maximized. In the
direct configuration, there are several configuration principles to consider.
In the direct configuration, three VLANs are set up on each CAT. VLAN 1 is designated as the
BVI VLAN. This VLAN will carry all AAA/NMS traffic to and from the PDSN/HA devices.
VLAN 2 is designated as the outgoing RP/Pi and MIP VLAN. This VLAN will be configured
on the AN, with a lower OSPF cost in order to route all RP/Pi and MIP traffic out of the AN to
the PDSN/HA devices. Finally VLAN 3 is designated as the incoming RP/Pi and MIP VLAN.
This VLAN will be configured with a higher OSPF cost value than VLAN 2 in order to act as a
redundant route to the outgoing RP/Pi and MIP traffic. The OSPF cost settings on corresponding
PDSN/HA interfaces will be configured in the opposite fashion to control the flow of traffic out
of the PDSN.
VLAN-2
CAT-1
AR / NMS Bridge
VLAN-1
PDSN
CAT-2
RP/Pi or MIP from PDSN/HA
VLAN-3
*Note that VLAN-3 is also defined in CAT-1, and VLAN-2 is also defined in CAT-2, although
no physical Ethernet ports will be switched into those VLANs on the opposite CAT. This is to
allow for OSPF routing of packets coming in from the PCF or network, which may enter on an
opposite CAT interface. By defining each VLAN in both CATs, the VLANs will use the ISL
trunk to route packets destined for that VLAN to the other CAT, where the physical port is
switched into the VLAN.
Any AR that is directly connected to the AN will be connected to the AR/NMS VLAN (VLAN1) on CAT-1.
If the Controller/Member clustering and/or redundant HA schemes are used, it recommended
that a fourth VLAN be added as a Controller and HA BVI VLAN. The PDSN controller and
redundant HA configurations use an HSRP interface as the primary interface. This means that
Version 1.0
Page 10 of 30
OSPF routing on the FE Port Adapters will not be possible. In order to maintain port
redundancy, a second BVI needs to be created to act as a virtual interface for the HSRP
configuration. An example of the Controller/HA connectivity diagram is below.
VLAN-4
RP / MIP Bridge
CAT-1
AR/NMS Bridge
VLAN-1
PDSN Controller /
Redundant HA
CAT-2
RP / MIP Bridge
VLAN-4
This document will cover the redundant HA and Controller configurations. For the nonredundant HA configuration, the PDSN example configuration can be used as a model for
configuring the HA interfaces (fa1/0 and fa2/0) as they are identical to the PDSN, or the
redundant approach can be followed even though a redundant device is not yet deployed. The
latter will provide for ease of migration if a redundant HA/Controller ever is deployed.
4.3.2 Distributed in Customer Network
In the remote configuration, the PDSN/HA and AR devices (or any combination thereof) will be
located remotely from the Access Node, and configuration on the CAT-6509 devices will be
much less complex than in the direct configuration. In the remote configuration, it is
recommended that redundant links be configured on each CAT-6509 in the AN and that the
OSPF priorities be set such that load sharing occurs between the CATs. The remote
configuration example will not be covered in this document, as there are too many possibilities to
consider.
Version 1.0
Page 11 of 30
A sample configuration file of the basic PDSN is given below. The generic configuration file
listed in Ciscos PDSN documentation was taken and modified to fit Motorolas generic
configuration template. This template was verified and used during lab testing of Cisco 1.2 PDN
in the IVVV lab. Note tha t this template enables the enhanced PDSN service with
Controller/Member clustering. Also, this image is IPSEC capable, but IPSEC has not been
configured. For IPSEC, Prepaid, VPN or other enhanced features, please refer to the Cisco
configuration documentation, as there is no Motorola specific configuration documentation
required.
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service cdma pdsn
!
hostname pdsn_A
!
boot system flash disk0:c7200-c 6ik9s-mz.122-8.BY.bin
! Configure AAA services
aaa new-model
!
!
aaa group server radius MOT
server 5.2.250.11 auth-port 1645 acct-port 1646
!
aaa authentication ppp default local group MOT
Version 1.0
Page 12 of 30
Page 13 of 30
duplex full
!
interface FastEthernet2/0
description RP/Pi out to CAT2 fa3/13
ip address 5.2.250.49 255.255.255.240
ip ospf message-digest-key 1 md5 CISCO
ip ospf cost 3
ip ospf hello-interval 30
duplex full
!
! Configure PPP Virtual Template
interface Virtual-Template1
ip unnumbered Loopback1
ip ospf network point-to-point
peer default ip address pool pdsna_sip
ppp accm 0
ppp authentication chap pap optional
ppp accounting none
ppp timeout idle 2000
!
! Configure Virtual Bridge Interface for AR/NMS
interface BVI1
description AR/NMS Bridge
ip address 5.2.250.5 255.255.255.240
no ip mroute-cache
!
! Configure OSPF routing table
router ospf 100
log-adjacency-changes
area 200 authentication message-digest
redistribute connected subnets
passive-interface Virtual-Template1
network 5.2.250.33 0.0.0.0 area 200
network 5.2.250.49 0.0.0.0 area 200
!
! Configure local IP pool for PPP
ip local pool pdsna_sip 5.2.254.1 5.2.254.7
ip classless
no ip http server
ip pim bidir-enable
!
ip radius source-interface BVI1
!
! Configure RADIUS server (local AAA)
radius-server host 5.2.250.11 auth-port 1645 acct-port 1646 key cisco
radius-server retransmit 3
radius-server deadtime 5
radius-server vsa send accounting 3gpp2
radius-server vsa send authentication 3gpp2
! Configure RP Interface paramters
cdma pdsn virtual-template 1
cdma pdsn a10 max-lifetime 36000
cdma pdsn msid-authentication
! Define default security association for PCF devices
cdma pdsn secure pcf default spi 100 key hex 31313131313131313131313131313131
! Enable ieee bridge protocol and enable ip routing
Version 1.0
Page 14 of 30
Page 15 of 30
Page 16 of 30
bridge-group 2
!
interface BVI1
description AR/NMS Bridge
ip address 5.2.250.3 255.255.255.240
no ip mroute-cache
!
interface BVI2
description RP Bridge
ip address 5.2.252.3 255.255.255.0
no ip mroute-cache
standby 2 ip 5.2.252.11
standby 2 priority 100
standby 2 name Control_Group_A
!
! Define Gateway of last resort so controller can route packets
ip classless
ip route 0.0.0.0 0.0.0.0 5.2.252.13
no ip http server
ip pim bid ir-enable
!
!
! Define default PCF security association and cluster parameters
cdma pdsn secure pcf default spi 100 key hex 31313131313131313131313131313131
cdma pdsn secure cluster default spi 100 key ascii cisco
cdma pdsn cluster controller standby Control_Group_A
cdma pdsn cluster controller interface BVI 2
cdma pdsn cluster controller timeout 10
cdma pdsn cluster controller window 2
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
login
!
ntp clock-period 17179958
ntp server 5.2.0.1
!
end
Version 1.0
Page 17 of 30
Page 18 of 30
Allowing NVOSE will cause PCF to also pass PANID/CANID, ESN and 3GPP2 Active time
in IOS 4.1 Registration Request Message. No NVOSE will remove the NVOSE,
PANID/CANID and ESN and pass Registration Request message per IOS 4.0.
Once the PDSN cluster is defined, the following CLI command should be executed for all PCF
devices that will operate using the above cluster list.
ITID-OMC2-000106 > edit pktpcf-<cbsc#>-<pcf#> pdsn add <cluster#>!
5.5 AN Database
The AN database configuration should be determined by the IP design of the system. The
following examples give a generic overview as the required steps for integrating a PDSN/AR
into the Access Node. It is impossible to determine the AN configuration for a distributed
network design whereby the PDN equipment is located remotely from the Access Node.
Therefore, the following example will detail the steps required to configure the AN according to
the PDSN configuration given in the previous section.
o
Version 1.0
RP/Pi traffic should be routed into the PDSN on the PA (FA1/0) interface from
CAT-1, and out of the PDSN on the other PA interface (FA2/0) to CAT-2 in order
to maximize redundancy and loading on the interfaces. This is accomplished by
setting the OSPF priorities correctly on the CAT and PDSN.
Motorola Cisco IOS Network Integration
Page 19 of 30
There should be three VLANs configured for routing the PDN traffic. VLAN-1
should be the VLAN carrying traffic into the PDSN from CAT-1. VLAN-2
should be the VLAN carrying traffic out of the PDSN into CAT-2. VLAN-3
should be the AAA/NMS VLAN carrying RADIUS signalling and any cluster
messaging for cluster configurations.
Care should be taken when configuring VLAN-1 and VLAN-2. Although both
VLANs need to be configured in each CAT (this enables VLAN trunk routing
over the ISL links), no ports from CAT-1 should be switched into VLAN-2. Also
the converse holds that no ports from CAT-2 will be switched into VLAN-1.
If PDSN Controller and/or redundant HA features are part of the network design,
the a fourth VLAN will be added and configured as a Bridge (just like the
AR/NMS VLAN).
Page 20 of 30
ip ospf cost 4
ip ospf hello-interval 30
ntp broadcast
!VLAN 500 will be the Controller/HA VLAN
!Note: All Controller/HA fa1/0 interfaces will be switched into CAT-1 VLAN 500
interface Vlan500
description Controller/HA VLAN CAT1
ip address 5.2.252.13 255.255.255.240
no ip redirects
ntp broadcast
!
Version 1.0
Page 21 of 30
Page 22 of 30
end
* For Mobile IP applications, always ensure that the AN routing tables are able to route to the
virtual network addresses configured for MIP users.
This will initiate the aregcmd interface and give the user access to the AR. Once the AR has
successfully started, the following should be seen:
Cisco Access Registrar 3.0R0 Configuration Utility
Copyright (C) 1995-2002 by Cisco Systems, Inc. All rights reserved.
Logging in to localhost
[ //localhost ]
LicenseKey = <license ###>
Radius/
Administrators/
Server 'Radius' is Running, its health is 10 out of 10
-->
Version 1.0
Page 23 of 30
The above example shows a default PDSN client (type NAS) has been added and a shared secret
exists (cisco). This shared secret must match the secret defined in the radius-server host
command on the PDSN.
5.6.2 Verify the User Record
The following command shows the user ivvv_tester has been added under the default local user
list ISPABCLocalUsers. Note that each AR may have several different userlists defined
depending on whether the user is Mobile IP, VPDN, Simple IP etc. Notice that the user has no
attributes defined, but it does reference a base profile. This means the profile should be verified
for accuracy.
--> cd /Radius/UserLists/ISPABCLocalUsers/ivvv_tester
[ //localhost/Radius/UserLists/ISPABCLocalUsers/ivvv_tester ]
Name = ivvv_tester
Description =
Password = <encrypted>
AllowNullPassword = FALSE
Enabled = TRUE
Group~ =
BaseProfile~ = mwts_uc1_nopool
AuthenticationScript~ =
Version 1.0
Page 24 of 30
AuthorizationScript~ =
UserDefined1 =
Attributes/
CheckItems/
--> cd attributes
[ //localhost/Radius/UserLists/ISPABCLocalUsers/ivvv_tester/Attributes ]
--> ls
From the attributes listed above, it can be seen that the user profile is defined as user class 1 (SIP
only). The user is set to use framed PPP for the connection with an MTU of 1500 bytes and
allowed to use VJ TCP/IP header compression as well as MPPC PPP compression if the client
allows. Since there is no IP address defined, the PDSN will assign an IP address to it from an
local PPP pool. It is possible to have the AR configured to manage the IP pools and assign a
dynamic address as well.
Version 1.0
Page 25 of 30
6.1 HA Configuration
Once the network is configured for Simple IP, the basic foundation is in place and ready for
Mobile IP support. The HA must first be configured to provide MIP tunneling services to
subscribers in the network. The following configuration example assumes that HA redundancy
will be supported.
Current configuration : 2561 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname HA_A
!
boot system flash disk0:c7200-h1ik9s-mz.122-8.BY.bin
! Configure the Home AAA
aaa new-model
!
!
aaa group server radius MOT
server 5.2.250.12 auth-port 1645 acct-port 1646
!
aaa authentication login CONSOLE none
aaa authentication ppp default local group MOT
aaa authorization config-commands
aaa authorization ipmobile default group MOT
aaa authorization network default group MOT
aaa accounting update periodic 60
aaa accounting network default start-stop group MOT
aaa session-id common
enable password ivvv
!
username haA
ip subnet-zero
no ip gratuitous-arps
ip cef
!
!
controller ISA 4/1
!
bridge irb
!
!
!
! Define the loopback interface for mobile hosts
interface Loopback10
description MIP Virtual Network Loopback
Version 1.0
Page 26 of 30
no ip address
!
! FA0/0 and FA1/0 will be used for AR/NMS
! BVI 1 will be the virtual bridge interface
interface FastEthernet0/0
description Cisco AR/NMS to CAT-1 fa3/1
no ip address
duplex full
speed 100
bridge-group 1
!
interface FastEthernet0/1
description Cisco AR/NMS to CAT-2 fa3/1
no ip address
duplex full
speed 100
bridge-group 1
!
! FA1/0 and FA2/0 will be used for MIP traffic
! BVI 2 will be the virtual bridge interface
interface FastEthernet1/0
description MIP to CAT-1 fa3/20
no ip address
duplex full
bridge-group 2
!
interface FastEthernet2/0
description MIP to CAT-2 fa3/20
no ip address
duplex full
bridge-group 2
!
interface BVI1
description AR/NMS Bridge
ip address 5.2.250.1 255.255.255.240
no ip mroute-cache
!
interface BVI2
description MIP Bridge
ip address 5.2.252.1 255.255.255.0
no ip mroute-cache
standby 1 ip 5.2.252.10
standby 1 priority 100
standby 1 name HA_Group_1
!
! Enable Mobile IP
router mobile
!
ip local pool ha_mip 5.2.252.19 5.2.252.30
ip classless
ip route 0.0.0.0 0.0.0.0 5.2.252.13
no ip http server
ip pim bidir-enable
! Enable the home agent function
ip mobile home-agent
! Define the mobile host network and mobile host security associations
Version 1.0
Page 27 of 30
ip mobile host nai @ispxyz.com address pool local ha_mip virtual-network 5.2.252.0 255.255.255.0 aaa
load-sa
! Define security associations for the valid foreign agents this HA will serve
ip mobile secure foreign-agent 5.2.254.225 spi 100 key ascii cisco algorithm md5 mode prefix-suffix
ip mobile secure foreign-agent 5.2.254.226 spi 100 key ascii cisco algorithm md5 mode prefix-suffix
!
!
!
!
! Configure the home AAA radius function
radius-server host 5.2.250.12 auth-port 1645 acct-port 1646 key cisco
radius-server retransmit 3
radius-server deadtime 5
radius-server vsa send accounting 3gpp2
radius-server vsa send authentication 3gpp2
bridge 1 protocol ieee
bridge 1 route ip
bridge 2 protocol ieee
bridge 2 route ip
call rsvp-sync
!
!
mgcp profile default
!
dial-peer cor custom
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
Page 28 of 30
Version 1.0
Page 29 of 30
7 Upgrade Considerations
7.1 Upgrading PDSN / HA Devices
There are several CLI command changes when moving from 1.0 to 1.2 image lines with the
Cisco PDSN/HA. It is highly recommended that the system engineers update their configuration
files according to this document prior to loading the 1.2 image. The configuration updates
should be done offline (text editor) so that the existing configuration stays in tact on 1.0 devices.
Do not attempt to use the new configuration files on a 1.0 device.
After loading the 1.2 image, the new configuration should be applied. This will avoid any
configuration data loss due to CLI command changes.
Version 1.0
Page 30 of 30
*68P09301A55A*
68P09301A55A
Technical
Information
ENGLISH
NOV 2002
68P09301A55A
68P09301A55A
CDMA
ENGLISH
WHITE PAPER
NOV 2002
301a55a.pdf
APC:
625
of
Date
11/18/02
PAPER:
Body: 70 lb.
Inside Cover: 65 lb. Cougar
Tabs: 110 lb. Index
Binder Cover: Standard TED
cover 10 pt. Carolina
Single Sided
5 Cuts
Clear Mylar
Pantone 2706C
Black Ink
Single Sided
7 Cuts
Clear Mylar
White
Black Ink
FINISHING:
3Ring Binder
SlantD
3Hole Punched
(5/16in. dia.)
Shrink Wrap Body
7X9
8.5x11 21
1st Level Tabs
11x17
NONSTANDARD SPECIFICATIONS
X Tape Bound
Corner Stitch
SPECIAL INSTRUCTIONS