PDN Description

Technical
Information
MOTOROLACISCO PDN IOS

INTEGRATION
WHITE PAPER
CDMA
ENGLISH
NOV 2002
68P09301A55A
SPECIFICATIONS SUBJECT TO CHANGE WITHOUT NOTICE

Notice
While reasonable efforts have been made to assure the accuracy of this document, Motorola, Inc. assumes no liability resulting from any
inaccuracies or omissions in this document, or from use of the information obtained herein. The information in this document has been
carefully checked and is believed to be entirely reliable. However, no responsibility is assumed for inaccuracies or omissions. Motorola,
Inc. reserves the right to make changes to any products described herein and reserves the right to revise this document and to make
changes from time to time in content hereof with no obligation to notify any person of revisions or changes. Motorola, Inc. does not
assume any liability arising out of the application or use of any product, software, or circuit described herein; neither does it convey
license under its patent rights or the rights of others.
It is possible that this publication may contain references to, or information about Motorola products (machines and programs),
programming, or services that are not announced in your country. Such references or information must not be construed to mean
that Motorola intends to announce such Motorola products, programming, or services in your country.
Copyrights
This instruction manual, and the Motorola products described in this instruction manual may be, include or describe copyrighted
Motorola material, such as computer programs stored in semiconductor memories or other media. Laws in the United States and
other countries preserve for Motorola and its licensors certain exclusive rights for copyrighted material, including the exclusive
right to copy, reproduce in any form, distribute and make derivative works of the copyrighted material. Accordingly, any
copyrighted material of Motorola and its licensors contained herein or in the Motorola products described in this instruction manual
may not be copied, reproduced, distributed, merged or modified in any manner without the express written permission of Motorola.
Furthermore, the purchase of Motorola products shall not be deemed to grant either directly or by implication, estoppel, or
otherwise, any license under the copyrights, patents or patent applications of Motorola, as arises by operation of law in the sale of a
product.
Usage and Disclosure Restrictions

License Agreement
The software described in this document is the property of Motorola, Inc and its licensors. It is furnished by express license
agreement only and may be used only in accordance with the terms of such an agreement.
Copyrighted Materials
Software and documentation are copyrighted materials. Making unauthorized copies is prohibited by law. No part of the software or
documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or
computer language, in any form or by any means, without prior written permission of Motorola, Inc.
High Risk Activities

Components, units, or thirdparty products used in the product described herein are NOT faulttolerant and are NOT designed,
manufactured, or intended for use as online control equipment in the following hazardous environments requiring failsafe
controls: the operation of Nuclear Facilities, Aircraft Navigation or Aircraft Communication Systems, Air Traffic Control, Life
Support, or Weapons Systems (High Risk Activities). Motorola and its supplier(s) specifically disclaim any expressed or implied
warranty of fitness for such High Risk Activities.
Trademarks
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. All other product or service names are
the property of their respective owners.
Copyright 2002 Motorola, Inc.
Javat Technology and/or J2MEt: Java and all other Javabased marks are trademarks or registered trademarks of Sun
Microsystems, Inc. in the U.S. and other countries.
UNIXR: UNIX is a registered trademark of The Open Group in the United States and other countries.
REV091302
Foreword
Scope of manual
This manual is intended for use by cellular telephone system
craftspersons in the day-to-day operation of Motorola cellular system
equipment and ancillary devices.
This manual is not intended to replace the system and equipment
training offered by Motorola, although it can be used to supplement or
enhance the knowledge gained through such training.
Obtaining Manuals
To view, download, or order manuals (original or revised), visit the
Motorola Lifecycles Customer web page at http://services.motorola.com,
or contact your Motorola account representative.
If Motorola changes the content of a manual after the original printing
date, Motorola publishes a new version with the same part number but a
different revision character.
Text conventions
The following special paragraphs are used in this manual to point out
information that must be read. This information may be set-off from the
surrounding text, but is always preceded by a bold title in capital letters.
The four categories of these special paragraphs are:
NOTE
Presents additional, helpful, non-critical information that
you can use.
IMPORTANT
Presents information to help you avoid an undesirable

situation or provides additional information to help you
understand a topic or concept.
CAUTION
Presents information to identify a situation in which
damage to software, stored data, or equipment could occur,
thus avoiding the damage.
WARNING
Presents information to warn you of a potentially
hazardous situation in which there is a possibility of
personal injury.
NOV 2002
MotorolaCisco PDN IOS Integration
Foreword continued
The following typographical conventions are used for the presentation of

software information:
S In text, sans serif BOLDFACE CAPITAL characters (a type style
without angular strokes: for example, SERIF versus SANS SERIF)
are used to name a command.
S In text, typewriter style characters represent prompts and the
system output as displayed on an operator terminal or printer.
S In command definitions, sans serif boldface characters represent
those parts of the command string that must be entered exactly as
shown and typewriter style characters represent command output
responses as displayed on an operator terminal or printer.
S In the command format of the command definition, typewriter
style characters represent the command parameters.
Reporting manual errors
To report a documentation error, call the CNRC (Customer Network
Resolution Center) and provide the following information to enable
CNRC to open an MR (Modification Request):
the document type
the manual title, part number, and revision character
the page number(s) with the error
a detailed description of the error and if possible the proposed solution
Motorola appreciates feedback from the users of our manuals.
Contact us
Send questions and comments regarding user documentation to the email
address below:
cdma.documentation@motorola.com
Motorola appreciates feedback from the users of our information.
Manual banner definitions
A banner (oversized text on the bottom of the page, for example,
PRELIMINARY) indicates that some information contained in the
manual is not yet approved for general customer use.
24-hour support service
If you have problems regarding the operation of your equipment, please
contact the Customer Network Resolution Center (CNRC) for immediate
assistance. The 24 hour telephone numbers are:
North America
Europe, Middle East, Africa
Asia Pacific
Japan & Korea . . . . . . . . . . .
Latin American Countries
+18004335202
+44 (0) 1793565444
+861088417733
+81354633550
+5112124020
For further CNRC contact information, contact your Motorola account

representative.
ii
NOV 2002
General Safety
Remember! . . . Safety
depends on you!!
The following general safety precautions must be observed during all
phases of operation, service, and repair of the equipment described in
this manual. Failure to comply with these precautions or with specific
warnings elsewhere in this manual violates safety standards of design,
manufacture, and intended use of the equipment. Motorola, Inc. assumes
no liability for the customers failure to comply with these requirements.
The safety precautions listed below represent warnings of certain dangers
of which we are aware. You, as the user of this product, should follow
these warnings and all other safety precautions necessary for the safe
operation of the equipment in your operating environment.
Ground the instrument
To minimize shock hazard, the equipment chassis and enclosure must be
connected to an electrical ground. If the equipment is supplied with a
three-conductor ac power cable, the power cable must be either plugged
into an approved three-contact electrical outlet or used with a
three-contact to two-contact adapter. The three-contact to two-contact
adapter must have the grounding wire (green) firmly connected to an
electrical ground (safety ground) at the power outlet. The power jack and
mating plug of the power cable must meet International Electrotechnical
Commission (IEC) safety standards.
NOTE
Refer to Grounding Guideline for Cellular Radio
Installations 68P81150E62.
Do not operate in an explosive

atmosphere
Do not operate the equipment in the presence of flammable gases or
fumes. Operation of any electrical equipment in such an environment
constitutes a definite safety hazard.
Keep away from live circuits
Operating personnel must:
S not remove equipment covers. Only Factory Authorized Service

Personnel or other qualified maintenance personnel may remove
equipment covers for internal subassembly, or component
replacement, or any internal adjustment.
S not replace components with power cable connected. Under certain

conditions, dangerous voltages may exist even with the power cable
removed.
S always disconnect power and discharge circuits before touching them.

NOV 2002
iii
General Safety continued
Do not service or adjust alone

Do not attempt internal service or adjustment, unless another person,
capable of rendering first aid and resuscitation, is present.
Use caution when exposing or
handling the CRT
Breakage of the CathodeRay Tube (CRT) causes a high-velocity
scattering of glass fragments (implosion). To prevent CRT implosion,
avoid rough handling or jarring of the equipment. The CRT should be
handled only by qualified maintenance personnel, using approved safety
mask and gloves.
Do not substitute parts or
modify equipment
Because of the danger of introducing additional hazards, do not install
substitute parts or perform any unauthorized modification of equipment.
Contact Motorola Warranty and Repair for service and repair to ensure
that safety features are maintained.
Dangerous procedure
warnings
Warnings, such as the example below, precede potentially dangerous
procedures throughout this manual. Instructions contained in the
warnings must be followed. You should also employ all other safety
precautions that you deem necessary for the operation of the equipment
in your operating environment.
WARNING
Dangerous voltages, capable of causing death, are present in this
equipment. Use extreme caution when handling, testing, and
adjusting .
iv
NOV 2002
Motorola - Cisco
PDN IOS Integration
White Paper
Note: This is a dynamic document that is subject to change without notice.
Abstract: This document addresses the integration between Motorola RAN (Radio Access Network) and Cisco
PDSN/HA running Release 1.2 using Cisco AR3.0.
Motorola, Inc.
Inter Vendor Verification and Validation Group
5555 N. Beach St.
Fort Worth, Texas 76137
Version 1.0
Motorola Cisco IOS Network Integration
Page 1 of 30
Revision History
This revision history page is intended to ensure that all parties are knowledgeable of the additions,
deletions, and updates made to the white paper.
Version
0.1
0.2
1.0
Version 1.0
Sections
All
All
All
Date
Oct. 9, 2002
Oct. 14, 2002
Nov. 15, 2002
Authors
Tracy McElvaney
Tracy McElvaney
Tracy McElvaney
Description
Initial Draft
Updates after review by Cisco Dev/Test group
Updates after review by TIPS and MOT
development, additional information on
upgrade strategy, corrections to config file
statements.
Page 2 of 30
Glossary
A
A10 / A11 IOS packet data interface between PCF
and PDSN. See also RP.
AAA Authentication, Authorization and
Accounting Server
AN Access Node
AR Access Registrar (see AAA)
AREGCMD Cisco Access Registrar Command
Line Interface
M
MIP Mobile Internet Protocol
MN Mobile Node
MN-AAA Mobile Node to AAA authentication
(Mobile IP only).
MN-HA Mobile Node to Home Agent
Authentication (Mobile IP only).
MPPC Microsoft Point-to-Point Compression
Protocol
B
BTS Base Transceiver Station
BVI Bridged Virtual Interface
N
NAS Network Address Server
C
CAT (6509) Cisco Catalyst 6509 switch used in
Motorola Access Node
CBSC Centralized Base Station Controller
CCO Cisco Connection Online
CDG CDMA Data Group
CDMA Code Division Multiple Access
CDMA-Ix CDMA RP interface defined on Cisco
PDSN
CLI Command Line Interface
O
1X - RTT CDMA 2000 Radio Transmission
Technology (1 * 1.25MHz spread spectrum)
OMC Operations and Maintenance Center
OSPF Open Shortest Path First
P
PA Port Adapter
PCF Packet Control Function
PDN Packet Data Network
PDSN Packet Data Serv ing Node
Pi Payload Interface
PPP Point-to-Point Protocol
F
FA Foreign Agent (see also PDSN)
FE Fast Ethernet
FTP File Transfer Protocol
R
RAN Radio Access Network
RP Radio Packet Interface (see also A10/A11)
G
H
HA Home Agent
Home AR AAA serving the Home Agent for MIP
connections.
HSRP Hot Standby Routing Protocol
I
IMSI International Mobile Station Identity
IOS Inter-Operability Specification
IP Internet Protocol
IPSEC Internet Protocol Security
IVVV Inter-Vendor Verification and Validation
L
Local AR AAA serving the PDSN/FA for local
connections.
Version 1.0
S
SA-ISA IPSEC Service Adapter for Cisco
PDSN/HA
SIP Simple Internet Protocol
T
TCP Transfer Control Protocol
TX - Transceiver
U
V
VJ TCP/IP Van Jacobsen TCP/IP Header
Compression
VLAN Virtual Local Area Network
VPDN Virtual Private Dial-up Networking
VPN Virtual Private Networking
Page 3 of 30
1 References
[1] Cisco Packet Data Serving Node (PDSN) Release 1.2 ; published by Cisco on CCO web site.
[2] Relase Notes for the Cisco PDSN 1.2 feature in Cisco IOS release 12.2(8)BY ; published by Cisco on
CCO web site.
[3] Cisco CDMA2000 Home Agent ; published by Cisco on CCO web site.
[4] Release Notes for the Cisco Home Agent 1.2 feature in Cisco IOS release 12.2(8)BY ; published by
Cisco on CCO web site.
[5] Cisco-Motorola CDMA 1XRTT Packet Network Configuration; ENG119255 version 2.1; published
internally to test groups by Cisco Systems
[6] Cisco Access Registrar 3.0 Documentation ; published by Cisco on CCO web site.
* The Cisco CCO web site can be accessed at http://www.cisco.com
Version 1.0
Page 4 of 30
Table of Contents
1
REFERENCES ......................................................................................................................................................................4
SCOPE.....................................................................................................................................................................................6
IVVV CISCO PDN TEST BED ........................................................................................................................................7
PDN NETWORK OVERVIEW .......................................................................................................................................8

4.1
SUPPORTED PDSN/HA CONFIGURATIONS ................................................................................................................. 8
4.2
CLUSTER CONFIGURATIONS.......................................................................................................................................... 9
4.2.1
Stand-alone Configuration (RAN PDSN Cluster Control) ............................................................................9
4.2.2
Peer-to-Peer Clustering.......................................................................................................................................9
4.2.3
Controller/Member Clustering...........................................................................................................................9
4.3
NETWORK CONFIGURATIONS........................................................................................................................................ 9
4.3.1
Direct to AN .........................................................................................................................................................10
4.3.2
Distributed in Customer Network.....................................................................................................................11
SIMPLE IP DATABASE PROVISIONING...............................................................................................................12

5.1
PDSN CONFIGURATION............................................................................................................................................... 12
5.2
PEER-TO-PEER CLUSTERING ....................................................................................................................................... 15
5.3
CONTROLLER/MEMBER CLUSTERING........................................................................................................................ 15
5.3.1
PDSN Controller Configuration.......................................................................................................................15
5.3.2
PDSN Member Configuration...........................................................................................................................18
5.4
CBSC DATABASE PROVISIONING.............................................................................................................................. 18
5.5
AN DATABASE .............................................................................................................................................................. 19
5.5.1
Add the VLANs.....................................................................................................................................................20
5.5.2
Configure the VLAN interfaces.........................................................................................................................20
5.5.3
Configure the Layer 2 Switched Ports.............................................................................................................22
5.5.4
Configure the OSPF routing table...................................................................................................................23
5.6
LOCAL AAA DATABASE PROVISIONING................................................................................................................... 23
5.6.1
Verify the PDSN Client has been added to the AR........................................................................................24
5.6.2
Verify the User Record .......................................................................................................................................24
5.6.3
Verify the User Profile .......................................................................................................................................25
MOBILE IP DATABASE PROVISIONING..............................................................................................................26

6.1
6.2
6.3
HA CONFIGURATION.................................................................................................................................................... 26
PDSN M OBILE-IP CONFIGURATION.......................................................................................................................... 28
HOME AAA CONSIDERATIONS................................................................................................................................... 29
UPGRADE CONSIDERATIONS ..................................................................................................................................30

7.1
7.2
UPGRADING PDSN / HA DEVICES ............................................................................................................................ 30

UPGRADING THE AR..................................................................................................................................................... 30
Version 1.0
Page 5 of 30
2 Scope
This document is intended to provide a descriptio n of the steps required to integrate the Motorola
CDMA 1X-RTT RAN and Cisco 7206 VXR NPE-400 running Cisco PDSN/HA Release 1.2.
The corresponding Cisco AR release used for this integration is 3.0. This paper will ensure the
respective systems inter-operate through Motorolas CDMA CDG A10/A11 IOS Interface.
Since there is no Motorola specific requirement for the configuration of the Cisco AR, it will not
be addressed in this document. The relevant AR material required for configuration can be
accessed by the hyperlink in the References section.
This document is a technically oriented guide that will describe and explain the steps to deploy a
Motorola-Cisco IOS system. It has been assumed that the necessary database is already data
filled on CBSC and required IP planning is in place for the Cisco PDN and Access Node. The
integration process has been implemented and tested in the IVVV lab in Fort Worth.
Disclaimer: This paper is not intended to replace installation/configuration documentation
provided by either Motorola or Cisco. It is intended to provide the guidance necessary to ensure
successful integration of the Motorola RAN with the Cisco PDSN. All information in this
document is based on experiences learned during the IVVV certification of the Cisco PDN
Release 1.2. It is the end users responsibility to have at their disposal all related
installation/configuration documentation provided by each company. Due to the complex nature
of the networking equipment involved, this document will not attempt to cover all possible
configurations.
Version 1.0
Page 6 of 30
3 IVVV Cisco PDN Test Bed

FTP Server
Fa2/0
Access Node
Fa1/0
Fa0/0
Fa0/1
PCF-1
HA-1 /
Controller-2 /
PDSN-3
PCF-2
Controller-1 /
HA-2 /
PDSN-4
PCF-3
PDSN-1
Local AR
Home AR
PDSN-2
Internet
DNX-11
Firewall
Data Client:
Win2K
Win98
Linux
BTS -2
BTS -1
Version 1.0
BTS -3
Mobile Nodes:
Motorola 120X
Kyocera 2345
Qualcomm Twister
Page 7 of 30
4 PDN Network Overview

4.1 Supported PDSN/HA Configurations
The recommended hardware configuration for the Cisco 7200-VXR based PDSN/HA is given
below.
SA-ISA
PA-FE-TX
PA-FE-TX
1 port fast ethernet
1 port fast ethernet

I / O Controller
2 10/100 TX Ethernet Ports

2 PCMCIA Slots
Figure 1: Recommended Hardware Configuration for PDSN/HA
The two Fast Ethernet port adaptors (PA-FE-TX) will be configured for RP and Pi traffic. For
Motorolas implementation, which uses OSPF routing, it is recommended that one FE port
adaptor will handle all incoming traffic to the PDSN, while the other FE port adaptor will be
configured to handle all outgoing traffic from the PDSN. AAA and Network Management
traffic will be handled by the two 10/100 Ethernet ports hosted on the I/O controller and
configured using a BVI.
If the PDSN/HA will support IPSEC, an SA-ISA service adaptor is required. The SA-ISA card
should be in the identical slot as above (slot 4/1). The SA-ISA card is not required for a PDSN
controller.
This recommended configuration takes into account port adaptor redundancy, switching
redundancy, back office traffic redundancy, and cluster controller redundancy.
For Release 1.2, there are several types of PDSN / HA images, depending on the performance,
clustering capabilities and extended features that will be supported. The following table will
explain which image types are required for different PDSN/HA configurations.
Image Name
C7200-c5is- mz
Description
Basic PDSN Image
C7200-c5ik9s- mz
Basic PDSN w/
IPSEC
Enhanced PDSN
C7200-c6is- mz
C7200-c6ik9s- mz
Version 1.0
Enhanced PDSN w/
IPSEC
Comments
Peer-to-Peer Clustering, no prepaid, lower
session capacity
Peer-to-Peer Clustering, no prepaid,
requires SA-ISA adapter
Controller/Member Clustering or Peer-toPeer Clustering, Prepaid support
Controller/Member Clustering or Peer-toPeer Clustering, Prepaid support, requires
Page 8 of 30
SA-ISA adapter
C7200-h1is-mz
Basic HA Image
Use with C7200-c5is- mz or C7200-c6ismz image
C7200-h1ik92- mz
Basic HA image w/
Use with C7200-c5ik9s- mz or C7200IPSEC support
c6ik9s- mz image
*Note: Special export requirements apply to all IPSEC images which will be installed outside
the United States.
4.2 Cluster Configurations

4.2.1 Stand-alone Configuration (RAN PDSN Cluster Control)
In the stand-alone mode, a PDSN maintains only its local session information and cannot
perform handoff avoidance or load balancing with other PDSN devices. To configure a PDSN
cluster, the OMC database should be populated with a cluster list of PDSNs, and then a group of
PCFs must be associated with that cluster list. This cluster list will be used by all associated
PCFs for distributing calls to the PDSN devices defined. In 16.1, the PCF will employ a userdefined selection scheme to distribute the load between all PDSN devices in a cluster. The
choices for PCF-based PDSN selection are 1) ACTIVE/STANDBY, 2) IMSI Hashing, 3)
ROUND ROBIN. Stand-alone configuration can be used with any PDSN image.
4.2.2 Peer-to-Peer Clustering
In the Peer-to-Peer Cluster, each PDSN is configured to communicate its session information to
all other PDSN devices in the cluster, using multi-cast IP messages. This configuration is
resource intensive and limits the capacity of the cluster because each PDSN has to maintain the
global session information of the entire cluster. In Peer-to-Peer clustering, the PCF can have one
or all of the PDSN devices in its cluster configuration. Load balancing and handoff avoidance
will occur between the PDSNs based on global session information. Peer-to-Peer clustering is
supported by both c5 and c6 PDSN images.
4.2.3 Controller/Member Clustering
PDSN Release 1.2 introduces the Controller/Member clustering feature, which significantly
improves the cluster capacity by provisioning a dedicated cluster controller or redundant cluster
controller group. This controller performs the PDSN selection function and maintains the global
session tables for the entire cluster. No user traffic is handled by a Cluster Controller. Using the
HSRP protocol, a redundant Controller can be configured. With redundancy enabled, the global
session tables will be synchronized between the active and standby controllers. Redundant
HSRP groups are also supported. The Controller will load balance and perform inter-PDSN
handoff avoidance for all members in its cluster. In the Controller/Member configuration, the
PCF should be configured to have only the Controller in its Cluster IP list on the OMC. The
HSRP address is used in the OMC PDSN cluster configuration for a controller instead of the
CDMA-Ix interface as with the stand-alone PDSN. Controller/Member clustering is only
supported by the c6 PDSN images.
4.3 Network Configurations

In the network design phase, the customer will decide on one of two possible network design
alternatives. The PDSN/HA/AR can either be tethered to an AN in which all devices will be
Version 1.0
Page 9 of 30
physically connected to a single AN, or any combination of the devices can be configured in a
distributed fashion such that the AN routes packets from the PCF to the customer network and on
to a PDSN/HA/AR, which is physically located remotely in the customers network.
4.3.1 Direct to AN
In the direct configuration, the PDSN/HA and AR devices (or any combination thereof) will be
directly connected to the CAT 6509 routers in the Access Node. The routing should be
configured using OSPF and VLANs so that redundancy and load sharing are maximized. In the
direct configuration, there are several configuration principles to consider.
In the direct configuration, three VLANs are set up on each CAT. VLAN 1 is designated as the
BVI VLAN. This VLAN will carry all AAA/NMS traffic to and from the PDSN/HA devices.
VLAN 2 is designated as the outgoing RP/Pi and MIP VLAN. This VLAN will be configured
on the AN, with a lower OSPF cost in order to route all RP/Pi and MIP traffic out of the AN to
the PDSN/HA devices. Finally VLAN 3 is designated as the incoming RP/Pi and MIP VLAN.
This VLAN will be configured with a higher OSPF cost value than VLAN 2 in order to act as a
redundant route to the outgoing RP/Pi and MIP traffic. The OSPF cost settings on corresponding
PDSN/HA interfaces will be configured in the opposite fashion to control the flow of traffic out
of the PDSN.
VLAN-2
RP/Pi or MIP to PDSN/HA
CAT-1
AR / NMS Bridge
VLAN-1
PDSN
CAT-2
RP/Pi or MIP from PDSN/HA
VLAN-3
Figure 2: Default Routing Diagram of PDSN directly connected to AN
*Note that VLAN-3 is also defined in CAT-1, and VLAN-2 is also defined in CAT-2, although
no physical Ethernet ports will be switched into those VLANs on the opposite CAT. This is to
allow for OSPF routing of packets coming in from the PCF or network, which may enter on an
opposite CAT interface. By defining each VLAN in both CATs, the VLANs will use the ISL
trunk to route packets destined for that VLAN to the other CAT, where the physical port is
switched into the VLAN.
Any AR that is directly connected to the AN will be connected to the AR/NMS VLAN (VLAN1) on CAT-1.
If the Controller/Member clustering and/or redundant HA schemes are used, it recommended
that a fourth VLAN be added as a Controller and HA BVI VLAN. The PDSN controller and
redundant HA configurations use an HSRP interface as the primary interface. This means that
Version 1.0
Page 10 of 30
OSPF routing on the FE Port Adapters will not be possible. In order to maintain port
redundancy, a second BVI needs to be created to act as a virtual interface for the HSRP
configuration. An example of the Controller/HA connectivity diagram is below.
VLAN-4
RP / MIP Bridge
CAT-1
AR/NMS Bridge
VLAN-1
PDSN Controller /
Redundant HA
CAT-2
RP / MIP Bridge
VLAN-4
This document will cover the redundant HA and Controller configurations. For the nonredundant HA configuration, the PDSN example configuration can be used as a model for
configuring the HA interfaces (fa1/0 and fa2/0) as they are identical to the PDSN, or the
redundant approach can be followed even though a redundant device is not yet deployed. The
latter will provide for ease of migration if a redundant HA/Controller ever is deployed.
4.3.2 Distributed in Customer Network
In the remote configuration, the PDSN/HA and AR devices (or any combination thereof) will be
located remotely from the Access Node, and configuration on the CAT-6509 devices will be
much less complex than in the direct configuration. In the remote configuration, it is
recommended that redundant links be configured on each CAT-6509 in the AN and that the
OSPF priorities be set such that load sharing occurs between the CATs. The remote
configuration example will not be covered in this document, as there are too many possibilities to
consider.
Version 1.0
Page 11 of 30
5 Simple IP Database Provisioning

The following section has been formatted to cover the typical PDSN configuration for a
Motorola network using OSPF routing. The generic product documentation does not take into
account the routing protocols that may be used by different vendors/customers.
5.1 PDSN Configuration

Listed below are the key actions which are required for basic PDSN operation.
o
o
o
o
o
o
o
o
Enable PDSN Services.

Define the CDMA-Ix Interface, which will be the PDSN address known to a PCF
in the RAN network.
Define the Loopback interface, which will be known to the public network and
used for Layer 3 routing purposes.
Define the Loopback interface, which will be used for terminating the PPP links
of the mobile nodes.
Define Virtual Template Interface for terminating PPP sessions.
Define the Bridge Group Virtual Interface, which will be used for Network
Management, AAA and Peer-to-Peer clustering communication (if supported).
Configure the PDSN for AR communications.
Enable RP Signaling.
A sample configuration file of the basic PDSN is given below. The generic configuration file
listed in Ciscos PDSN documentation was taken and modified to fit Motorolas generic
configuration template. This template was verified and used during lab testing of Cisco 1.2 PDN
in the IVVV lab. Note tha t this template enables the enhanced PDSN service with
Controller/Member clustering. Also, this image is IPSEC capable, but IPSEC has not been
configured. For IPSEC, Prepaid, VPN or other enhanced features, please refer to the Cisco
configuration documentation, as there is no Motorola specific configuration documentation
required.
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service cdma pdsn
!
hostname pdsn_A
!
boot system flash disk0:c7200-c 6ik9s-mz.122-8.BY.bin
! Configure AAA services
aaa new-model
!
!
aaa group server radius MOT
server 5.2.250.11 auth-port 1645 acct-port 1646
!
aaa authentication ppp default local group MOT
Version 1.0
Page 12 of 30
aaa authorization config-commands

aaa authorization network default group MOT
aaa authorization configuration default group MOT
aaa accounting update periodic 60
aaa accounting network pdsn start-stop group MOT
aaa session-id common
enable password ivvv
!
username pdsnA
ip subnet-zero
no ip gratuitous-arps
ip cef
!
controller ISA 4/1
!
! Enable IRB routing protocol for bridge virtual interface
bridge irb
!
interface Loopback0
no ip address
!
! Configure PPP virtual loopback address
interface Loopback1
ip address 5.2.254.245 255.255.255.255
!
! Configure RP Interface
interface CDMA-Ix1
description PDSN A RP Interface
ip address 5.2.254.225 255.255.255.255
no ip mroute-cache
tunnel source 5.2.254.225
!
! FA0/0 and FA0/1 will be for AR/NMS communications
! AR/NMS interfaces will be configured as a Virtual Bridge
interface FastEthernet0/0
description AR/NMS to CAT1 fa3/5
no ip address
duplex full
speed 100
bridge-group 1
!
no ip address
duplex full
speed 100
bridge-group 1
!
!FA1/0 and FA2/0 will be for RP/Pi traffic
! RP/Pi traffic will be routed into FA1/0 and out of FA2/0 using OSPF
description RP/Pi in from CAT1 fa3/13
ip address 5.2.250.33 255.255.255.240
ip ospf message-digest-key 1 md5 CISCO
ip ospf cost 4
ip ospf hello-interval 30
Version 1.0
Page 13 of 30
duplex full
!
description RP/Pi out to CAT2 fa3/13
ip address 5.2.250.49 255.255.255.240
ip ospf cost 3
duplex full
!
! Configure PPP Virtual Template
interface Virtual-Template1
ip unnumbered Loopback1
ip ospf network point-to-point
peer default ip address pool pdsna_sip
ppp accm 0
ppp authentication chap pap optional
ppp accounting none
ppp timeout idle 2000
!
! Configure Virtual Bridge Interface for AR/NMS
interface BVI1
description AR/NMS Bridge
ip address 5.2.250.5 255.255.255.240
no ip mroute-cache
!
! Configure OSPF routing table
router ospf 100
log-adjacency-changes
area 200 authentication message-digest
redistribute connected subnets
passive-interface Virtual-Template1
network 5.2.250.33 0.0.0.0 area 200
network 5.2.250.49 0.0.0.0 area 200
!
! Configure local IP pool for PPP
ip local pool pdsna_sip 5.2.254.1 5.2.254.7
ip classless
no ip http server
ip pim bidir-enable
!
ip radius source-interface BVI1
!
! Configure RADIUS server (local AAA)
radius-server host 5.2.250.11 auth-port 1645 acct-port 1646 key cisco
radius-server retransmit 3
radius-server deadtime 5
radius-server vsa send accounting 3gpp2
radius-server vsa send authentication 3gpp2
! Configure RP Interface paramters
cdma pdsn virtual-template 1
cdma pdsn a10 max-lifetime 36000
cdma pdsn msid-authentication
! Define default security association for PCF devices
cdma pdsn secure pcf default spi 100 key hex 31313131313131313131313131313131
! Enable ieee bridge protocol and enable ip routing
Version 1.0
Page 14 of 30
bridge 1 protocol ieee

bridge 1 route ip
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
gatekeeper
shutdown
!
line con 0
line aux 0
line vty 0 4
!
ntp clock-period 17180175
ntp server 5.2.0.1
!
end
5.2 Peer-to-Peer Clustering

The following information should be entered into any PDSN participating in Peer-to-Peer
communications. Please do not execute these commands if the PDSN is operating in stand-alone
or in Controller/Member clustering mode.
!
! Define the cluster security association
cdma pdsn secure cluster default spi 100 key ascii cisco
! Define the interface to use for PDSN selection
cdma pdsn selection interface CDMA-Ix1
! Configure load parameters
cdma pdsn selection session-table-size 8000
cdma pdsn selection load-balancing threshold 7500
5.3 Controller/Member Clustering

In order to enable Controller/Member clustering, a 7206 VXR must be designated and
configured as the Controller. Once the controller is enabled, then member PDSNs can be
configured into the cluster. Controller redundancy is supported using the HSRP protocol. The
Controller does not carry any user traffic.
5.3.1 PDSN Controller Configuration
The following information details a basic configuration for a Controller in the
Controller/Member configuration. Please do not enter these commands if the device is meant to
operate in the stand-alone or Peer-to-Peer clustering modes. Note that the BVI will still be used
by the Controller for NMS communications. Redundant OSPF routes will be configured to route
Controller/Member signaling information. If controller redundancy is configured (as in the
following example), an HSRP address will be assigned to FA1/0. This means that, if
communications to FA1/0 is lost, or if the Controller fails, the standby controller will take over
as primary. Note that an SA-ISA card is not required for the controller, since it does not handle
any user traffic.
Version 1.0
Page 15 of 30
Current configuration : 1806 bytes

!
! Last configuration change at 15:35:42 UTC Tue Oct 1 2002
! NVRAM config last updated at 15:35:42 UTC Tue Oct 1 2002
!
version 12.2
service cdma pdsn
!
hostname controller_A
!
boot sys tem flash disk0:c7200-c6ik9s-mz.122-8.BY.bin
!
username contA
ip subnet-zero
ip cef
!
!
! Enable IRB routing protocol
bridge irb
!
!
! FA0/0 and Fa0/1 will be used for NMS communications
! Controller does not communicate with AAA
! BVI 1 will be used as NMS bridge
no ip address
duplex full
speed 100
bridge-group 1
!
no ip address
duplex full
speed 100
bridge-group 1
!
! FA1/0 and FA2/0 will be used for RP proxy signalling to members
! BVI 2 will be used for RP signalling bridge
description RP to CAT1 fa3/22
no ip address
duplex full
bridge-group 2
!
description RP to CAT2 fa3/22
no ip address
duplex full
Version 1.0
Page 16 of 30
bridge-group 2
!
interface BVI1
ip address 5.2.250.3 255.255.255.240
no ip mroute-cache
!
interface BVI2
description RP Bridge
ip address 5.2.252.3 255.255.255.0
no ip mroute-cache
standby 2 ip 5.2.252.11
standby 2 priority 100
standby 2 name Control_Group_A
!
! Define Gateway of last resort so controller can route packets
ip classless
ip route 0.0.0.0 0.0.0.0 5.2.252.13
no ip http server
ip pim bid ir-enable
!
!
! Define default PCF security association and cluster parameters
cdma pdsn secure pcf default spi 100 key hex 31313131313131313131313131313131
cdma pdsn cluster controller standby Control_Group_A
cdma pdsn cluster controller interface BVI 2
cdma pdsn cluster controller timeout 10
cdma pdsn cluster controller window 2
bridge 1 route ip
bridge 2 route ip
call rsvp-sync
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
login
!
ntp clock-period 17179958
ntp server 5.2.0.1
!
end
Version 1.0
Page 17 of 30
5.3.2 PDSN Member Configuration

The following data should be entered into each PDSN that will function as a member of a cluster.
Please do not enter this information into the Cluster Controller or into a PDSN that is meant to
operate in the stand-alone or Peer-to-Peer clustering modes.
!
! Controller address should be the HSRP address of BVI 2
cdma pdsn cluster member controller 5.2.252.11
cdma pdsn cluster member interface CDMA-Ix1
cdma pdsn cluster member timeout 10
cdma pdsn cluster member window 2
!
5.4 CBSC Database Provisioning

Using the following example, add the PDSN cluster on the OMC CLI. For Peer-to-Peer
configurations and/or stand-alone configuration, any number of PDSNs in Peer selection group
(maximum of 16) can be added in one OMC PDSN cluster. For Controller-Member
configurations, only the primary controller should be added to the OMC PDSN cluster.
I3V-SUNOMC1-000642 > add pdsn-<cluster_id> !
expecting an integer number (from 1 to 16)
NUMPDSNS= ? <number of PDSNs in cluster>
?? Stand Alone: between 1 and 16 PDSNs may be entered
?? Controller/Member: Only the controller address is needed
expecting an integer number (from 0x00000100 to 0xffffffff)
SPI= ? 0x100
Enter a string of characters surrounded with double quotes
SECURITYKEY= ? 31313131313131313131313131313131
expecting an enumerated value:
N Y
SUMMARIZED= ? n
expecting IP address (or subnet mask) from 000.000.000.000 to 255.255.255.255 surrounded by double
quotes
IPADDRESS= ? <IP Address of RP Interface>
?? CDMA-IX 1 for PDSN in stand alone or Peer-to-Peer
?? HSRP address for Controller
expecting IP address (or subnet mask) from 000.000.000.000 to 255.255.255.255 surrounded by double
quotes
SUBNETMASK= ? <subnet mask of PDSN network>
IPFROM= ? <indicates cluster which PDSN IP addresses are taken fro m (optional)>
ACTIVESTANDBY IMSIHASHING ROUNDROBIN
Version 1.0
Page 18 of 30
SELSCHEME= ? <PDSN selection scheme>

PRIMARYINDEX= ? <index of PDSN>
?? If ACTIVESTANDBY is used, which PDSN will be Primary
SECONDARYINDEX= ? <index if PDSN>
?? If ACTIVESTANDBY is used, which PDSN will be secondary
ALLOW_NVOSE NO_NVOSE
NVOSEMODE= ? ALLOW_NVOSE
NO_SECTOR_ID STANDARD
BSIDFORMAT= ? STANDARD
NO YES
RESERVED1= ? NO
NO YES
RESERVED2= ? NO
o
Standard BASE ID is as defined by 3GPP2, Non-Standard BASE ID omits sector id and

shifts remaining 3 elements pre-pending the ID with an ascii 0. Non-Standard BASE ID
should not be used unless required by PDSN/AAA
Allowing NVOSE will cause PCF to also pass PANID/CANID, ESN and 3GPP2 Active time
in IOS 4.1 Registration Request Message. No NVOSE will remove the NVOSE,
PANID/CANID and ESN and pass Registration Request message per IOS 4.0.
Once the PDSN cluster is defined, the following CLI command should be executed for all PCF
devices that will operate using the above cluster list.
ITID-OMC2-000106 > edit pktpcf-<cbsc#>-<pcf#> pdsn add <cluster#>!
5.5 AN Database
The AN database configuration should be determined by the IP design of the system. The
following examples give a generic overview as the required steps for integrating a PDSN/AR
into the Access Node. It is impossible to determine the AN configuration for a distributed
network design whereby the PDN equipment is located remotely from the Access Node.
Therefore, the following example will detail the steps required to configure the AN according to
the PDSN configuration given in the previous section.
o
Version 1.0
RP/Pi traffic should be routed into the PDSN on the PA (FA1/0) interface from
CAT-1, and out of the PDSN on the other PA interface (FA2/0) to CAT-2 in order
to maximize redundancy and loading on the interfaces. This is accomplished by
setting the OSPF priorities correctly on the CAT and PDSN.
Page 19 of 30
There should be three VLANs configured for routing the PDN traffic. VLAN-1
should be the VLAN carrying traffic into the PDSN from CAT-1. VLAN-2
should be the VLAN carrying traffic out of the PDSN into CAT-2. VLAN-3
should be the AAA/NMS VLAN carrying RADIUS signalling and any cluster
messaging for cluster configurations.
Care should be taken when configuring VLAN-1 and VLAN-2. Although both
VLANs need to be configured in each CAT (this enables VLAN trunk routing
over the ISL links), no ports from CAT-1 should be switched into VLAN-2. Also
the converse holds that no ports from CAT-2 will be switched into VLAN-1.
If PDSN Controller and/or redundant HA features are part of the network design,
the a fourth VLAN will be added and configured as a Bridge (just like the
AR/NMS VLAN).
5.5.1 Add the VLANs

Add the VLANs to each CAT for routing PDN traffic
MLS -1-1#vlan database
MLS -1-1(vlan)#vlan <vlan number> name RP_PI_to_PDSN
MLS -1-1(vlan)#vlan <vlan number> name RP_PI_from_PDSN
MLS -1-1(vlan)#vlan <vlan number> name AR_NMS_VLAN
MLS -1-1(vlan)#vlan <vlan number> name Controller_HA_VLA N
MLS -1-1(vlan)#exit
5.5.2 Configure the VLAN interfaces

Configure CAT-1 VLANs.
!VLAN 300 will be AR/NMS VLAN
!Note: All PDSN/HA fa0/0 interfaces will be switched into CAT-1 VLAN 300
interface Vlan300
description AR/NMS VLAN CAT1
ip address 5.2.250.13 255.255.255.240
no ip redirects
ntp broadcast
!
!VLAN 301 will be the default outgoing route to the PDSN/HA
interface Vlan301
description RP/Pi/MIP to PDSN/HA
ip address 5.2.250.45 255.255.255.240
no ip redirects
ip ospf cost 3
ntp broadcast
!
!VLAN 302 will be the redundant outgoing route to the PDSN/HA
!Note: no interfaces on CAT-1 will be switched into VLAN302
interface Vlan302
description RP/Pi/MIP from PDSN/HA
ip address 5.2.250.61 255.255.255.240
no ip redirects
Version 1.0
Page 20 of 30
ip ospf cost 4
ntp broadcast
!VLAN 500 will be the Controller/HA VLAN
!Note: All Controller/HA fa1/0 interfaces will be switched into CAT-1 VLAN 500
interface Vlan500
description Controller/HA VLAN CAT1
ip address 5.2.252.13 255.255.255.240
no ip redirects
ntp broadcast
!
Configure the CAT-2 VLANs

!VLAN 300 will be AR/NMS VLAN
interface Vlan300
description AR/NMS VLAN CAT2
ip address 5.2.250.14 255.255.255.240
no ip redirects
ntp broadcast
!
!VLAN 301 will be the default outgoing route to the PDSN/HA
!Note: No PDSN/HA interfaces will be switched into CAT-2 VLAN 301
interface Vlan301
description RP/Pi/MIP to PDSN/HA
ip address 5.2.250.46 255.255.255.240
no ip redirects
ip ospf cost 3
ntp broadcast
!
!VLAN 302 will be the redundant outgoing route to the PDSN/HA
!Note: All fa2/0 interfaces on PDSN/HA will be switched into CAT-2 VLAN 302
interface Vlan302
description RP/Pi/MIP from PDSN/HA
ip address 5.2.250.62 255.255.255.240
no ip redirects
ip ospf cost 4
ip ospf dead-interval 3
ntp broadcast
!VLAN 500 will be the Controller/HA VLAN
!Note: All Controller/HA fa2/0 interfaces will be switched into CAT-2 VLAN 500
interface Vlan500
description Controller/HA VLAN CAT1
! In this example, the netmask is set to 24 bits to
! include the addresses which will be used for the MIP virtual network
! Customers may employ alternate routing techniques to achieve the same goal.
ip address 5.2.252.14 255.255.255.0
no ip redirects
ntp broadcast
Version 1.0
Page 21 of 30
5.5.3 Configure the Layer 2 Switched Ports

Each router (PDSN/HA/Controller) will have four ports switched into the appropriate VLAN.
All ports will be configured in the same fashion. The following is an example of a single PDSN
configured for the above VLAN assignments. The same configuration principle applies to
HA/Controllers as well.
CAT-1 port assignments
!
description AR/NMS from PDSN A fa0/0
no ip address
duplex full
speed 100
switchport
switchport access vlan 300
switchport mode access
end
!
description RP/Pi to PDSN A fa1/0
no ip address
duplex full
speed 100
switchport
end
CAT-2 port assignments

!
description AR/NMS to PDSN A fa0/1
no ip address
duplex full
speed 100
switchport
end
!
description RP/Pi from PDSN A fa2/0
no ip address
duplex full
speed 100
switchport
Version 1.0
Page 22 of 30
end
5.5.4 Configure the OSPF routing table

Enter the connected networks into the CAT OSPF routing table. An example of the connected
networks would be the network used for each VLAN defined (PA and BVI) on that particular
CAT. Please note that the wildcard bits will most likely be different based on core IP network
design.
Example of the network statements in the router ospf 100 routing table:
router ospf 100
.
.
! set authentication type for PDN ospf area
area 200 authentication message-digest
.
.
! 250 subnet is PDSN address range
network 5.2.250.0 0.0.0.255 area 200
! 252 subnet is the Controller/HA address range
network 5.2.252.0 0.0.0.255 area 200
* For Mobile IP applications, always ensure that the AN routing tables are able to route to the
virtual network addresses configured for MIP users.
5.6 Local AAA Database Provisioning

The following section will discuss specific details on basic checks for ensuring that the PDSN
and user exist in the AR database. Overall Cisco AR configuration and setup should be reviewed
in the Cisco documentation.
To start the Cisco AR CLI tool (aregcmd), login to the server and change execute the following
command:
# /opt/CSCOar/bin/aregcmd -s
This will initiate the aregcmd interface and give the user access to the AR. Once the AR has
successfully started, the following should be seen:
Cisco Access Registrar 3.0R0 Configuration Utility
Copyright (C) 1995-2002 by Cisco Systems, Inc. All rights reserved.
Logging in to localhost
[ //localhost ]
LicenseKey = <license ###>
Radius/
Administrators/
Server 'Radius' is Running, its health is 10 out of 10
-->
Version 1.0
Page 23 of 30
5.6.1 Verify the PDSN Client has been added to the AR

Refer to the following example to verify the PDSN client exists in the AR database.
--> cd radius/clients
[ //localhost/Radius/Clients ]
Entries 1 to 3 from 3 total entries
Current filter: <all>
ivvv_pdsn1/
ivvv_pdsn2/
localhost/
--> cd ivvv_pdsn1
[ //localhost/Radius/Clients/ivvv_pdsn1 ]
Name = ivvv_pdsn1
Description =
IPAddress = 5.2.250.5
SharedSecret = cisco
Type = NAS
Vendor =
IncomingScript~ =
OutgoingScript~ =
UseDNIS = FALSE
DeviceName =
DevicePassword =
The above example shows a default PDSN client (type NAS) has been added and a shared secret
exists (cisco). This shared secret must match the secret defined in the radius-server host
command on the PDSN.
5.6.2 Verify the User Record
The following command shows the user ivvv_tester has been added under the default local user
list ISPABCLocalUsers. Note that each AR may have several different userlists defined
depending on whether the user is Mobile IP, VPDN, Simple IP etc. Notice that the user has no
attributes defined, but it does reference a base profile. This means the profile should be verified
for accuracy.
--> cd /Radius/UserLists/ISPABCLocalUsers/ivvv_tester
[ //localhost/Radius/UserLists/ISPABCLocalUsers/ivvv_tester ]
Name = ivvv_tester
Description =
Password = <encrypted>
AllowNullPassword = FALSE
Enabled = TRUE
Group~ =
BaseProfile~ = mwts_uc1_nopool
AuthenticationScript~ =
Version 1.0
Page 24 of 30
AuthorizationScript~ =
UserDefined1 =
Attributes/
CheckItems/
--> cd attributes
[ //localhost/Radius/UserLists/ISPABCLocalUsers/ivvv_tester/Attributes ]
--> ls
5.6.3 Verify the User Profile

The following example shows the user profile and attributes for mwts_uc1_nopool, which is
used as a base profile for user ivvv_tester. The attributes defined for this profile will determine
how the PDSN treats the user.
--> cd /radius/profiles/mwts_uc1_nopool
[ //localhost/Radius/Profiles/mwts_uc1_nopool ]
Name = mwts_uc1_nopool
Description =
Attributes/
--> ls attributes
[ Attributes ]
cisco-avpair = lcp:cdma-user-class=1
cisco-avpair = "lcp:interface-config=compress mppc"
Framed-Compression = "VJ TCP/IP header compression"
Framed-MTU = 1500
Framed-Protocol = ppp
Framed-Routing = None
Service-Type = Framed
From the attributes listed above, it can be seen that the user profile is defined as user class 1 (SIP
only). The user is set to use framed PPP for the connection with an MTU of 1500 bytes and
allowed to use VJ TCP/IP header compression as well as MPPC PPP compression if the client
allows. Since there is no IP address defined, the PDSN will assign an IP address to it from an
local PPP pool. It is possible to have the AR configured to manage the IP pools and assign a
dynamic address as well.
Version 1.0
Page 25 of 30
6 Mobile IP Database Provisioning

?? Note: In order to establish Mobile IP functionality, the Simple IP Database provisioning
must be complete and fully operational.
6.1 HA Configuration
Once the network is configured for Simple IP, the basic foundation is in place and ready for
Mobile IP support. The HA must first be configured to provide MIP tunneling services to
subscribers in the network. The following configuration example assumes that HA redundancy
will be supported.
Current configuration : 2561 bytes
!
version 12.2
!
hostname HA_A
!
boot system flash disk0:c7200-h1ik9s-mz.122-8.BY.bin
! Configure the Home AAA
aaa new-model
!
!
aaa group server radius MOT
server 5.2.250.12 auth-port 1645 acct-port 1646
!
aaa authentication login CONSOLE none
aaa authentication ppp default local group MOT
aaa authorization config-commands
aaa authorization ipmobile default group MOT
aaa authorization network default group MOT
aaa accounting update periodic 60
aaa accounting network default start-stop group MOT
aaa session-id common
!
username haA
ip subnet-zero
ip cef
!
!
controller ISA 4/1
!
bridge irb
!
!
!
! Define the loopback interface for mobile hosts
interface Loopback10
description MIP Virtual Network Loopback
Version 1.0
Page 26 of 30
no ip address
!
! FA0/0 and FA1/0 will be used for AR/NMS
! BVI 1 will be the virtual bridge interface
description Cisco AR/NMS to CAT-1 fa3/1
no ip address
duplex full
speed 100
bridge-group 1
!
description Cisco AR/NMS to CAT-2 fa3/1
no ip address
duplex full
speed 100
bridge-group 1
!
! FA1/0 and FA2/0 will be used for MIP traffic
! BVI 2 will be the virtual bridge interface
description MIP to CAT-1 fa3/20
no ip address
duplex full
bridge-group 2
!
description MIP to CAT-2 fa3/20
no ip address
duplex full
bridge-group 2
!
interface BVI1
ip address 5.2.250.1 255.255.255.240
no ip mroute-cache
!
interface BVI2
description MIP Bridge
ip address 5.2.252.1 255.255.255.0
no ip mroute-cache
standby 1 ip 5.2.252.10
standby 1 priority 100
standby 1 name HA_Group_1
!
! Enable Mobile IP
router mobile
!
ip local pool ha_mip 5.2.252.19 5.2.252.30
ip classless
ip route 0.0.0.0 0.0.0.0 5.2.252.13
no ip http server
ip pim bidir-enable
! Enable the home agent function
ip mobile home-agent
! Define the mobile host network and mobile host security associations
Version 1.0
Page 27 of 30
ip mobile host nai @ispxyz.com address pool local ha_mip virtual-network 5.2.252.0 255.255.255.0 aaa
load-sa
! Define security associations for the valid foreign agents this HA will serve
ip mobile secure foreign-agent 5.2.254.225 spi 100 key ascii cisco algorithm md5 mode prefix-suffix
ip mobile secure foreign-agent 5.2.254.226 spi 100 key ascii cisco algorithm md5 mode prefix-suffix
!
!
!
!
! Configure the home AAA radius function
radius-server host 5.2.250.12 auth-port 1645 acct-port 1646 key cisco
radius-server retransmit 3
radius-server deadtime 5
radius-server vsa send accounting 3gpp2
radius-server vsa send authentication 3gpp2
bridge 1 route ip
bridge 2 route ip
call rsvp-sync
!
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
line aux 0
line vty 0 4
!
!
end
6.2 PDSN Mobile-IP Configuration

Now that a Home Agent has been configured, the PDSN providing MIP services needs to be
configured as a Foreign Agent.
router mobile
!
ip mobile foreign-agent care-of CDMA-Ix1
ip mobile secure home -agent 5.2.252.10 spi 100 key ascii cisco algorithm md5 mode prefix-suffix
cdma pdsn send-agent-adv
!
interface virtual-template 1
cdma pdsn mobile-advertisement-burst 3 200
ip mobile foreign-service challenge 200 5
ip mobile foreign-service challenge forward-mfce timeout 10 window 5
ip mobile registration lifetime 36000
Version 1.0
Page 28 of 30
ip mobile foreign-serveice reverse-tunnel

!
6.3 Home AAA Considerations

Please refer to section 5.6 and follow the examples to verify that the HA client exists in the
Home AAA database and that a Mobile IP subscriber/profile exists in the database as well.
During Mobile IP registrations, the following key actions need to occur.
1. Mobile Node to AAA Authentication: If configured on the mobile, it will send a General
Authentication Extension containing a CHAP password in the MIP Registration Request
Message. When received, the PDSN will send an Access-Request Message to the local
AAA along with the MSID of the user for authentication. The local AAA must be
configured either to authenticate the user based on its MSID or to proxy the MSID based
authentication over to a remote AAA server for authentication. It sho uld be understood
that for Mobile IP, PPP CHAP authentication is not performed, and the
username/password in the DUN on the data client is not used. The MIP username and
AAA password must be programmed into the mobile by the vendor using QPST or some
other equivalent tool.
2. Mobile Node to HA Authentication: If configured on the mobile, it will send a MNHA
Authentication Extension in the MIP Registration Request Message. When received, the
HA will send an Access-Request message to the home AAA along with the MIP
username for authentication. The home AAA must authenticate the user and pass the
user profile information back to the HA for processing. The HA must have either a
security association defined for the mobile, or the home AAA must provide it based on
the subscribers profile so that the HA can authenticate the user. The MNHA
authentication is based on an SPI and shared secret much like the PCF to PDSN. This
information must also be programmed into the phone by the vendor.
Version 1.0
Page 29 of 30
7 Upgrade Considerations
7.1 Upgrading PDSN / HA Devices
There are several CLI command changes when moving from 1.0 to 1.2 image lines with the
Cisco PDSN/HA. It is highly recommended that the system engineers update their configuration
files according to this document prior to loading the 1.2 image. The configuration updates
should be done offline (text editor) so that the existing configuration stays in tact on 1.0 devices.
Do not attempt to use the new configuration files on a 1.0 device.
After loading the 1.2 image, the new configuration should be applied. This will avoid any
configuration data loss due to CLI command changes.
7.2 Upgrading the AR

AR version 3.0 requires Solaris 5.8. In many instances, existing AR devices are not running this
operating system. It is highly recommended that the system engineers upgrade the AR devices to
5.8 running AR1.7 prior to upgrading the AR software. This will allow the AR upgrade
procedure to automatically update the AR database to the 3.0 format without any manual
intervention.
Cisco highly recommends Sun Professional Services as a support mechanism for upgrading the
Sun platforms to 5.8 and implementing AR Clustering.
Version 1.0
Page 30 of 30
*68P09301A55A*
68P09301A55A
Technical
Information
MOTOROLACISCO PDN IOS

INTEGRATION
WHITE PAPER
CDMA
ENGLISH
NOV 2002
68P09301A55A
68P09301A55A
CDMA
ENGLISH
WHITE PAPER
NOV 2002
MOTOROLACISCO PDN IOS INTEGRATION
Technical Information Products and Services
STANDARD MANUAL PRINTING INSTRUCTIONS

Filename:
Part Number: 68P09301A55A
301a55a.pdf
APC:
625
Title: MotorolaCisco PDN IOS Integration

Volume
of
Print Vendor: e.DOC
Date
11/18/02
STANDARD SPECIFICATIONS FOR REFERENCEDO NOT MODIFY
PAPER:
1st. LEVEL TABS: 2nd. LEVEL TABS:
Body: 70 lb.
Inside Cover: 65 lb. Cougar
Tabs: 110 lb. Index
Binder Cover: Standard TED
cover 10 pt. Carolina
Single Sided
5 Cuts
Clear Mylar
Pantone 2706C
Black Ink
Single Sided
7 Cuts
Clear Mylar
White
Black Ink
FINISHING:
3Ring Binder
SlantD
3Hole Punched
(5/16in. dia.)
Shrink Wrap Body
Black ink for body, inside cover, and binder cover.
TAB and SHEET SIZE/QUANTITY
7X9
8.5x11 21
1st Level Tabs
11x17
Sheets = (Total Pages) / 2
2nd Level Tabs
NONSTANDARD SPECIFICATIONS
X Tape Bound
Corner Stitch
Other: Meet with manager to determine the deliverable.
SPECIAL INSTRUCTIONS

PDN Description

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

PDN Description

Загружено:

Авторское право:

Доступные форматы

Technical

MOTOROLACISCO PDN IOS

SPECIFICATIONS SUBJECT TO CHANGE WITHOUT NOTICE

Usage and Disclosure Restrictions

High Risk Activities

Presents information to help you avoid an undesirable

MotorolaCisco PDN IOS Integration

The following typographical conventions are used for the presentation of

For further CNRC contact information, contact your Motorola account

MotorolaCisco PDN IOS Integration

Do not operate in an explosive

S not remove equipment covers. Only Factory Authorized Service

S not replace components with power cable connected. Under certain

S always disconnect power and discharge circuits before touching them.

MotorolaCisco PDN IOS Integration

General Safety continued

Do not service or adjust alone

MotorolaCisco PDN IOS Integration

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

IVVV CISCO PDN TEST BED ........................................................................................................................................7

PDN NETWORK OVERVIEW .......................................................................................................................................8

SIMPLE IP DATABASE PROVISIONING...............................................................................................................12

MOBILE IP DATABASE PROVISIONING..............................................................................................................26

UPGRADE CONSIDERATIONS ..................................................................................................................................30

UPGRADING PDSN / HA DEVICES ............................................................................................................................ 30

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

3 IVVV Cisco PDN Test Bed

Motorola Cisco IOS Network Integration

4 PDN Network Overview

1 port fast ethernet

1 port fast ethernet

2 10/100 TX Ethernet Ports

Figure 1: Recommended Hardware Configuration for PDSN/HA

Motorola Cisco IOS Network Integration

4.2 Cluster Configurations

4.3 Network Configurations

Motorola Cisco IOS Network Integration

RP/Pi or MIP to PDSN/HA

Figure 2: Default Routing Diagram of PDSN directly connected to AN

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

5 Simple IP Database Provisioning

5.1 PDSN Configuration

Enable PDSN Services.

Motorola Cisco IOS Network Integration

aaa authorization config-commands

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

bridge 1 protocol ieee

5.2 Peer-to-Peer Clustering

5.3 Controller/Member Clustering

Motorola Cisco IOS Network Integration

Current configuration : 1806 bytes

Motorola Cisco IOS Network Integration

Motorola Cisco IOS Network Integration

5.3.2 PDSN Member Configuration

5.4 CBSC Database Provisioning

Motorola Cisco IOS Network Integration

SELSCHEME= ? <PDSN selection scheme>