GTP Overlap Flow Sampling Maps

Starting in software version 4.8, GTP overlap flow sampling maps combines GTP whitelisting and GTP flow sampling maps into a GTP overlap flow sampling map group, which allows for selected traffic to be sent to multiple destinations simultaneously.

In this scenario, once traffic matches a map, it will be sent to the destination for that map. However, the matched traffic will also be evaluated by subsequent maps and, if a match occurs, it will be sent to each of the destinations pointed to by the subsequent maps.

Figure 2 GTP Overlap Flow Sampling Map Groups illustrates regular non-overlap mapping where, once a traffic match is achieved in one map, all other maps are ignored.

Figure 36 Non-Overlap GTP Mapping Mode

This contrasts with GTP overlap flow sampling maps. In Figure 1 Non-Overlap GTP Mapping Mode matched traffic is sent to up to six GTP whitelisting and flow sampling map pairs that in turn send accepted traffic to up to six load balanced port groups.

Figure 37 GTP Overlap Flow Sampling Map Groups

Configure GTP Overlap Mapping

The configuration of GTP whitelisting and GTP flow sampling maps that are part of the GTP overlap flow sampling map group follow the same configuration considerations discussed previously in GigaSMART GTP Whitelisting and GTP Flow Sampling. As is the case with regular non-overlap GTP mapping, GTP whitelisting selects specific subscribers based on IMSI, whereas GTP flow sampling uses map rules to select subscribers and then forward a percentage of the packets to tool ports.

Configuration Considerations

This section details certain configuration considerations that apply only to the configuration of GTP whitelisting and flow sampling maps for GTP overlap flow sampling maps.

About GTP Overlap Flow Sampling Map Mode and Port Groups

A second level type map specifying GTP overlap flow sampling map mode must be selected to configure GTP whitelisting and flow sampling maps.

To configure a GTP whilelisting map in overlap flow sampling map mode, select Type as Second Level and Subtype as Flow Whitlelist Overlap in a map.

To configure a GTP flow sampling map in GTP overlap flow sampling map mode, select Type as Second Level and Subtype as Flow Sample Overlap in a map .

You can configure one GTP whitelisting map and one GTP flow sampling map pair that contain traffic policies corresponding to one destination port group. The load balanced port groups can contain a single port, a port range, or a GigaStream. Note that, starting in software version 4.8, port groups used in GTP overlapping maps support GigaStream.

The maximum number of port groups per single GTP overlap flow sampling map group is six.

For more information about port groups, refer to Port Groups.

Maximum Number of Port Group Members

Use the following sequence to help you determine the maximum number of port group members:

1.   Determine the number of members per port group and add 1 to the number.
2. Multiply each port group result times each other.
3. The total multiplication should not exceed 512.

For instance, assume the following configuration in a GTP overlap mapping group:

Port Group 1—2 load balanced Gigastreams
Port Group 2—3 load balanced Gigastreams
Port Group 3—1 load balanced tool port
Port Group 4—1 load balanced Gigastream
Port Group 5—4 load balanced tool ports

The total number becomes:

(2+1)*(3+1)*(1+1)*(1+1)*(4+1) = 240

Since this does not exceed the maximum number of multicast IDs (512), the tool configuration shown is accepted.

GTP Overlap Flow Sampling Map Priority

Since a packet matches multiple maps independently the concept of second level map priority does not apply to GTP overlap flow sampling maps. A GTP overlap flow sampling map pair consists of one GTP whitelisting map and one GTP flow sampling map having the same destination port group. Within a GTP overlap flow sampling map pair the whitelisting map rules will be applied before the flow sampling map rules.

Virtual Port Configuration in GTP Overlap Mode

In GTP Overlap map configuration, the virtual port sending traffic to all the port groups needs to be configured in GTP overlap mode.

To configure the virtual port with GTP overlap mode, select GTP Overlap when configuring the virtual port.

About Map Groups

To create a group of maps for GTP whitelisting and GTP flow sampling, select Maps > Maps > Map Groups, and then click New. The maps for a map group are entered in the Maps field. Refer to GTP Overlap Flow Sampling Maps. All the maps in a map group receive traffic according to map rules, rather than map priority. Thus, multiple copies of a GTP packet can be sent to more than one tool.

The Maps field of the Map Group page groups the whitelisting and flow sampling maps. For example, assuming that two whitelisting maps (WLMAP1 and WLMAP2) and two flow sampling maps (FSMAP1 and FSMAP2) have been configured in GTP overlap mode, the following example groups them all into the same map group called map-group1:

Keep in mind the following configuration considerations for map groups:

A map group can be associated with only one GigaSMART group (gsgroup).
All maps within a map group must be connected to the same vport.
A map group can consist of only one GTP whitelisting map or only one GTP flow sampling map but it cannot contains two maps of the same type.
Once a map group is created, it cannot be edited to change the type or subtype of the map. However, you can add and edit the map rules for a map while it is configured in a map group.
If multiple map groups are configured, the maps within each map group must point to the same port groups as the other map groups.

For more information about map groups, refer to Create Map Groups.

About Whitelist Maps

The GTP whitelist is an IMSI list which is common to all whitelist maps. You can configure an optional rule within a whitelist map to specify a GTP version or interface-based policy.

Other than specifying a new second level type using Type Second Level and Subtype Flow Whitelist Overlap when creating the map, the configuration of GTP whitelist maps follows the same configuration guidelines as given in the section GTP Whitelisting.

A maximum of six whitelist maps sending traffic to six different port groups can be configured per GigaSMART group (gsgroup).

About Flow Sampling Maps

In GTP overlap flow sampling map mode, GTP flow sampling (rule-based flow sampling) is performed after GTP whitelist-based forwarding. Therefore, flow sampling maps have a lower priority than whitelist maps. Thus, within a GTP overlap map pair that consists of a single GTP whitelist overlap map and a GTP flow sampling overlap map, the GTP whitelist map is of higher priority.

Within the flow sampling maps, the rules in the first map have a higher priority than the rules in the second, third, and subsequent maps. Within any single map, rules are evaluated in order.

A maximum of six flow sampling maps sending traffic to six different port groups can be configured per GigaSMART group (gsgroup).

Example 1: GTP Overlap Mode

Example 1 is a GTP overlap mapping mode example.

In Example 1, traffic from a single network port goes to a single first level map (mapLevel1-GTP) which directs GTP-Control, and GTP-User traffic to a virtual port (VP31). Traffic from VP31 is replicated to two GTP whitelisting maps (WLMAP1 and WLMAP2) and two GTP flow sampling maps (FSMAP1 and FSMAP2), which then forward accepted traffic to the final port-group destinations, pg1 and pg2, for load balancing (refer to Figure 3 GTP Overlap Mode Example 1).

Figure 38 GTP Overlap Mode Example 1

Note:  In Example 1, the tool ports and GigaStreams in the port group are on the same node as the GigaSMART group and GigaSMART operation.

Within each GTP whitelisting and flow sampling pair, if there is not a match to an IMSI in the whitelist map, the traffic flow is sampled based on the rules in the flow sampling map. The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample.

Within each map pair, packets are then accepted or rejected. Accepted packets are forwarded to the port groups for load balancing. Rejected packets are dropped.

Use the following steps to configure example 1.

Task

Description

UI Steps

1

Create GigaStreams that will be part of the port groups
  1. Select Ports > Port Groups > GigaStreams
  2. Click New.
  3. Enter gs1 in the Alias field.
  4. In the Ports field, select port 1/1x16 and 1/1/x17.
  5. Click Save.
  6. Configure a second GigaStream with the alias gs2, select ports1/1/x1 and 1/1/x2 in the Ports field, and click Save.

2

Create port groups and specify the tool ports and assign GigaStreams to the port groups. The port groups will also be load balanced.
  1. Select Ports > Port Groups > All Port Groups.
  2. Click New.
  3. Enter pg1 in the Alias field.
  4. Select Type GigaSMART Load Balancing.
  5. In the Ports field, select ports 1/1/x6 and 1/1/x7.
  6. In the GigaStream field, select gs1
  7. Click Save.
  8. Configure a second Port Group. with the alias pg2, select ports1/1/x18 and 1/1/x10 in the Ports field, select GigaSMART Load Balancing, select pg2 in the GigaStream field, and then click Save.

3

Configure a GigaSMART group and associate it with a GigaSMART engine port.
  1. From the device view, select GigaSMART > GigaSMART Groups.
  2. Click New.
  3. Enter GS31 in the Alias field.
  4. In the Port List field, select an engine port. For example 1/3/e1.
  5. Click Save.

4.

Create a virtual port.

Note:  You must enable GTP Overlap when configuring a virtual port for GTP overlap mapping.
  1. From the device view, select GigaSMART > Virtual Ports > Virtual Ports.
  2. Click New
  3. Enter VP31 in the Alias field.
  4. In the GigaSMART Group field, select GS31.
  5. Select GTP Overlap,
  6. Click Save.

5.

Create the GTP Whitelist
  1. From the device view, select GigaSMART > GTP Whitelist.
  2. Click New.
  3. Enter Whitelist in the Alias field
  4. Go to Task 6.

6.

Fetch whitelist files from a specified

location to populate the GTP whitelist.
  1. On the GTP Whitelist page, select Bulk Upload.
  2. Select Bulk Entry Operation for IMSI Upload Type
  3. Select Upload from URL from the Bulk Upload Type list.
  4. Enter the URL in the Enter Remote URL field. For example,
    http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
  5. Click Save.

7.

Associate the GigaSMART group to the GTP whitelist.
  1. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups
  2. Select GS Group GS31 created in Task 3 and click Edit
  3. Under GTP Whitelist, click on the GTP Whitelist Alias field and select Whitelist.
  4. Click Save.

8.

Configure the GigaSMART operation for GTP whitelisting.
  1. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
  2. Click New.
  3. Enter gtp-overlapwhitelist1 in the Alias field.
  4. Select the GigaSMART Group GS31from the GigaSMART Groups list.
  5. Select GTP Whitelist from the GigaSMART Operations (GSOP) list
  6. Select Load Balancing from the GigaSMART Operations (GSOP) list.
  7. Configure Load Balancing as follows:
  • Select Stateful
  • Set Type to GTP
  • Select Hashing
  • Select IMSI
  1. Click Save.

9.

Configure the GigaSMART operation for GTP flow sampling.
  1. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
  2. Click New.
  3. Enter gtp-overlapsampling1 in the Alias field.
  4. Select the GigaSMART Group GS31from the GigaSMART Groups list.
  5. Select Flow Sampling-GTP
  6. Select Load Balancing from the GigaSMART Operations (GSOP) list.
  7. Configure Load Balancing as follows:
  • Select Stateful
  • Set Type to GTP
  • Select Hashing
  • Select IMSI
  1. Click Save.

10.

Configure the first level maps.

In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
  1. Configure the first map as follows:
  • Alias: mapLevel1-GTP
  • Type and Subtype: First Level By Rule
  • Source: 1/1/x1
  • Destination: VP31
  • Rule 1: Pass, Bi Directional, Port Destination 2123
  • Rule 2: Pass, Bi Directional, Port Destination 2152
  • Click Save.

11.

Configure the first second level GTP overlap map for GTP whitelisting If there is a match to an IMSI in the whitelist for GTP version 1 traffic, it is then forwarded to load balancing port group pg1.
  1. Select Maps > Maps > Maps.
  2. Click New
  3. Configure the map.
  • Alias: WLMAP1
  • Type and Subtype: Second Level GTP Flow Whitelist Overlap
  • Source: VP3
  • Destination: pg1
  • GSOP: gtp-whitelist
  • Rule 1: GTP, APN: Version V1
  1. Click Save.

12.

Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to load balancing port group pg1.
  1. Select Maps > Maps > Maps.
  2. Click New
  3. Configure the map.
  • Alias: FSMAP1
  • Type and Subtype: Second Level GTP Flow Sample Overlap
  • Source: VP3
  • Destination: pg1
  • GSOP: gtp-overlapsample1
  • Rule 1: GTP, IMSI: 3102609834*, IMEI: 35609506*, Percentage: 20
  1. Click Save.

13.

Configure the next second level GTP overlap map for GTP whitelisting If there is a match to an IMSI in the whitelist for GTP version 2 traffic, it is then forwarded to load balancing port group pg2.
  1. Select Maps > Maps > Maps.
  2. Click New.
  3. Configure the map.
  • Alias: WLMAP2
  • Type and Subtype: Second Level Flow Whitelist Overlap
  • Source: VP31
  • Destination: pg2
  • GSOP: gtp-whitelist
  • Rule 1: GTP, APN: Version V2
  1. Click Save.

14.

Configure the next second level map for GTP flow sampling. If there is not a match to an IMSI in the whitelist as evaluated by the second level GTP whitelisting map WLMAP2, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to load balancing port group pg2.
  1. Select Maps > Maps > Maps.
  2. Click New.
  3. Configure the map:
  • Alias: FSMAP2
  • Type and Subtype: Second Level GTP Flow Sample Overlap
  • Source: VP31
  • Destination: pg2
  • Rule 1: GTP, IMSI: 3102609835*, IMEI: 35609507*, Percentage: 20
  1. Click Save.

15.

Configure a map group. Add the GTP

whitelisting and the two GTP flow

sampling maps configured in previous

steps.
  1. Select Maps > Map Groups.
  2. Click New.
  3. Enter OverlapMap in the Alias field.
  4. In the Maps field, select WLMAP1,WLMAP2,FSMAP1,FSMAP2.
  5. Click Save.

Overlap Map Statistics

Starting with version 5.4 overlap and non-overlap maps are available. Overlap maps are displayed based on the following:

If at least 1 flow-sample map accepts the packets among all the pairs of overlap maps, the Sample (Tx) counters in the GTP Interface stats will be incremented. If more than 1 pair of maps accepts the packets, the Sample (Tx) counters in the GTP Interface stats is incremented only once.
If at least 1 Whitelist map matches the packets among all the pairs of overlap maps, the Sample (Tx) counters in the GTP Interface stats will be incremented. If more than 1 pair of maps matches the packets, the Sample (Tx) counters in the GTP Interface stats is incremented only once.
If there are no WL maps and all flow sample maps are no rule match, then Sample(Tx) and Sample Out counters in the GTP Interface stats is not incremented.