GigaSMART GTP Whitelisting and GTP Flow Sampling

Required Licenses: GTP Filtering & Correlation and FlowVUE

Use GTP whitelisting and GTP flow sampling to provide subsets of GTP correlated flows to tools. GTP whitelisting selects specific subscribers based on IMSI, while GTP flow sampling uses map rules to select subscribers. Starting in software version 4.8, GigaSMART supports GTP overlap mapping, which combines both whitelisting and flow sampling maps as part of a map group. Refer to GTP Overlap Flow Sampling Maps

Starting in software version 4.5, a GigaSMART group (gsgroup) associated with GTP applications can have multiple GigaSMART engine port members (e ports), up to four, forming an engine group. Refer to GTP Scaling.

Refer to the following sections:

GTP Whitelisting
GTP Flow Sampling
GTP Whitelisting and GTP Flow Sampling Examples

GTP Whitelisting

GTP whitelisting selects specific subscribers based on IMSI. The whitelist contains up to 500,000 subscriber IMSIs. For subscribers in the whitelist, 100% of their traffic is always sent to a specified tool port.

For example, when a subscriber session comes in, GTP whitelisting checks the IMSI of the subscriber. If the incoming IMSI matches an IMSI in the whitelist, the session is sent to the tool port or load balancing group specified in the whitelist map.

Starting in software version 4.7, GTP whitelisting is supported in a cluster. Refer to GTP Whitelisting in a Cluster for more information.

Creating the Whitelist

Subscriber IMSIs are added to a whitelist that can contain up to 500,000 subscriber IMSIs. One active whitelist per GigaSMART group is supported.

Entries in the whitelist can be added one at a time or whitelist files containing multiple IMSIs can be created and downloaded. Entries are added by using the GTP Whitelist page by selecting GigaSMART > GTP Whitelist. The GTP Whitelist page shows alias for the currently configured GTP Whitelists, the IMSI count for each Whitelist and the GigaSMART Group associated with the GTP Whitelist. (Refer to Figure 780: GTP Whitelist Page.) The GTP Whitelist is associated with the GigaSMART group by specifying its alias in the GTP Whitelist Alias field in GigaSMART Group configuration page.

 

Figure 780: GTP Whitelist Page

and then clicking New. Figure 781: GTP Whitelist Bulk Upload shows an example of an a whitelist with the alias MyIMSIs and ready to fetch multiple IMSIs from a whitelist file at remote location.

 

Figure 781: GTP Whitelist Bulk Upload

An individual IMSI is added by selecting Individual Entry Operation and specifying the IMSI in the Individual IMSI Entry field as shown in Figure 782: GTP Whitelist Add Individual IMSI.

 

Figure 782: GTP Whitelist Add Individual IMSI

The IMSIs in whitelist files must be distinct entries, with one IMSI on each line of a file and a maximum of 20,000 entries in each file. This means that 25 files of 20,000 entries will be needed to populate the whitelist to its capacity. Wildcards are not supported in whitelist files.

Whitelist files must have a filename with a .txt suffix. Use the GTP Whitelist page to fetch the entries from a whitelist file at a specified location, using one of the following formats, which are specified in the Enter Remote URL field when Bulk Entry Operation is selected and the Bulk Upload Type is Upload from URL:

http://IPaddress/path/filename.txt
scp://username:password@IPaddress:/path/filename.txt
tftp://IPaddress/path/filename.txt

To fetch a whitelist file from a local location, select File Upload for Bulk Upload Type and use the Browse button to select the file.

When a whitelist file is downloaded, the entries are compared to the whitelist on the node. There may be new entries in the file that might already be part of the existing whitelist. GigaSMART will add the new, non-duplicate entries to the whitelist, without rejecting the entire file.

If the current number of entries in the whitelist plus the new entries in the whitelist file is greater than the whitelist capacity of 500,000 IMSIs, the Append operation will fail and the new entry or the entries from the new whitelist file will not be added.

GTP whitelisting does not use map rules like GTP flow sampling does. The whitelist is associated with a GigaSMART group, GigaSMART operation, and second level maps, called whitelist maps.

You can create multiple whitelists, each with 500,000 IMSIs. However, even though you can create multiple whitelists, you can only have one active whitelist in use at a time in a GigaSMART group, a GigaSMART operation, and whitelist maps. To switch from one whitelist to another, you must first either delete or destroy the currently active whitelist before you can make another whitelist active. Refer to Deleting the Whitelist.

For the sequences of steps to create a whitelist with the UI, refer to the configuration example for whitelisting in Example 1: GTP Whitelisting.

Configuring Whitelist Maps

The whitelist maps are configured per GigaSMART group. Each whitelist map, associated with the same vport, uses the same underlying whitelist.

Up to ten (10) whitelist maps are supported. Multiple whitelist maps provide a granular selection of tool ports for whitelisting. Using multiple maps, traffic can be segregated and sent to multiple destinations. Whitelist map rules allow you to select the subset of IMSIs sent to a particular tool.

Each whitelist map can contain up to four rules. The rules specify the type of traffic to be whitelisted by that map. Within any single map, the rules are evaluated in order. The rules in the first map have a higher priority than the rules in the second, third, and subsequent maps.

The rules will specify either an Evolved Packet Core (EPC) interface type (refer to Figure 783: GTP Rule for EPC Interface Type) or a GTP version (refer to Figure 784: GTP Rule for GTP Version) as the attribute to match. An Access Point Name (APN) (refer to Figure 783: GTP Rule for EPC Interface Type and Figure 783: GTP Rule for EPC Interface Type) can also be specified in a rule of a Second Level Flow Whitelist map, either by itself, or preceding the EPC interface type or in combination with the GTP version.

 

Figure 783: GTP Rule for EPC Interface Type

 

Figure 784: GTP Rule for GTP Version

For APN, you must specify a pattern (a name) to match. Use APN to direct the traffic that matches the pattern to a specific tool.

GTP version and EPC interface are mutually exclusive. A mix of versions and interface types across whitelist maps, associated with the same vport, is not supported. For example, you can configure two whitelist maps with one map specifying a rule for version 1 and another map specifying a rule for version 2, OR four whitelist maps with each map specifying a rule for each interface type (Gn, S11, S5, and S10). For more information on interfaces, refer to Supported Interfaces.

An APN pattern is for example, three.co.uk. Wildcard prefixes and suffixes are supported, for example, *mobile.com or *ims*. The pattern can be specified in up to 100 case-insensitive alphanumeric characters and can include the following special characters: period (.), hyphen (-), and wildcard (*). A standalone wildcard (*) is not allowed for APN.

Note:  APN is not supported on GigaVUE-HB1.

Each new subscriber session will be evaluated by the whitelist maps in the order of priority, which, by default, is the order in which the maps were created.

When a subscriber session comes in, GTP whitelisting will check the IMSI of the subscriber. If the IMSI is present in the whitelist, the rules in the first whitelist map is evaluated to qualify the match further. Otherwise, the packet is evaluated against the rules in the subsequent whitelist maps for a possible match.

For example, with one whitelist map having a rule specifying GTP version 1 and another whitelist map having a rule specifying GTP version 2, when a subscriber session comes in, GTP whitelisting will check the IMSI of the subscriber. if the IMSI is present in the whitelist and if there is a match to version 1, the session (100% of subscriber packets) will be forwarded to the tool port, GigaStream, or load balancing group specified in the whitelist map. If there is not a match to version 1, the next map is evaluated. If there is a match to version 2 in the next map, the session will be forwarded to the tool port, GigaStream, or load balancing group specified in the second whitelist map.

Note:  Both maps can specify the same destination.

Rules can be added to, or deleted from, a whitelist map. Use the Add a Rule button to add a new whitelist rule (a pass rule). Click x to delete a rule. A rule in a whitelist map cannot be edited. To edit a rule, first delete it, then recreate it.

The default map configuration in which neither GTP version, EPC interface, or APN is specified in the map, continues to be supported. If the incoming IMSI matches an IMSI in the whitelist, the session will be sent to the tool port, GigaStream, or load balancing group specified in the whitelist map.

Whitelist maps cannot contain any other rules such as GigaSMART rules (gsrule), flow filtering rules (flowrule), or flow sampling rules (flowsample).

GTP whitelist-based forwarding is performed prior to GTP flow sampling (rule-based flow sampling) and GTP flow filtering.

Note:  For GTP second level maps, a maximum of fifteen maps can be attached to a vport. For example, for the same vport you can have five whitelist maps and ten flow sampling maps, or ten whitelist maps, four flow sampling maps, and one flow filtering map. In addition, you can have a collector map, which is not counted.

For the steps to create a whitelist map with the UI, refer to the configuration example for whitelisting in GTP Whitelisting and GTP Flow Sampling Examples.

Changing the Priority of Whitelist Maps

Use the Priority field in the map to change the priority of whitelist maps.

Deleting Whitelist Maps

When a whitelist map is deleted, the priority of the remaining whitelist maps will be re-prioritized. For example, if the first whitelist map is deleted, the second whitelist map will increase in priority.

For the deleted whitelist map, the traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.

When a whitelist map is re-prioritized, the existing sessions will be reevaluated according to the new priority of the map. The traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.

When the last whitelist map is deleted, the traffic associated with the rules in the map will also be reevaluated before being passed to subsequent maps. But the traffic associated with the rules in maps that were not matched, will not be reevaluated because that traffic was already passed to subsequent maps.

Applying Whitelist

When a single whitelist entry is added, whitelisting is applied for new as well as existing subscribers. When a new whitelist file is fetched, whitelisting is applied only for new subscribers.

Whitelisted traffic is then sent to the port or load balancing group specified in the whitelist map.

Deleting an Entry from the Whitelist

Entries in the whitelist can be deleted one at a time. Each entry is a single IMSI.

When a whitelist entry is deleted, the session associated with the whitelist entry stays active and traffic is still sent to the whitelist map. The whitelist session will not be reevaluated or passed to subsequent maps.

To delete a single entry from the whitelist, select Individual Entry Operation, set Remove as the Operation Type, and enter the IMSI in the Individual IMSI Entry field.

Deleting Multiple Entries from the Whitelist

Multiple IMSIs can be deleted from the whitelist. Specify the IMSIs to be deleted in a whitelist file, which can contain up to 20,000 IMSIs.

Whitelist files must have a filename with a .txt suffix. To remove multiple entries from the whitelist, select Bulk Entry Operation and set Remove as the Operation Type.

Deleting the Whitelist

The entire whitelist can be deleted using one of the following two options:

Delete the whitelist by deleting all the IMSI entries. With this option, you do not have to delete the whitelist map, GigaSMART operation, or disassociate the GigaSMART group from the whitelist. To delete all the IMSI entries, select Delete All.
Destroy the whitelist. With this option, you must first delete the whitelist map, GigaSMART operation, and disassociate the GigaSMART group from the whitelist before deleting the whitelist.
Destroying a Whitelist

To destroy a whitelist, use the following sequence:

Task

UI Steps

Delete the whitelist map

1. Select Maps > Maps > Map.
2. Select the whitelist map.
3. Click Delete.

Delete the GigaSMART Operation

1. From the device view, select GigaSMART > GigaSMART Operation(s) > GigaSMART Operation.
2. Select the GigaSMART Operation.
3. Click Delete.

Disassociate the GigaSMART group from the whitelist. (You do not need to delete the GigaSMART group.)

1. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
2. Select the GigaSMART group.
3. Click Edit.
4. Under GigaSMART Parameters, go the GTP Whitelist and set GTP Whitelist Alias to None.

Destroy (delete) the whitelist

1. From the device view, select GigaSMART > GigaSMART GTP Whitelist.
2. Select the GTP Whitelist.
3. Click Delete.
GTP Whitelisting in a Cluster

The whitelist (all whitelist files) must reside on the master node of the cluster. The non-master nodes receive a copy of the whitelist from the master. Updates to the whitelist are synchronized from the master to the non-master nodes. If a non-master node leaves the cluster and rejoins, its whitelist will be resynchronized.

GigaVUE-HB1 nodes do not support GTP whitelisting in a cluster due to their limited storage. If there are GigaVUE TA Series nodes in the cluster, they will not receive a copy of the whitelist.

GTP Flow Sampling

GTP flow sampling samples a configured percentage of GTP sessions. GTP flow sampling uses map rules to select subscribers and then forward a percentage of the packets to tool ports.

Pass rules are defined in flow sampling maps. Each rule contains some combination of IMSI, IMEI, and MSISDN numbers or patterns, Evolved Packet Core (EPC) interface type, GTP version, Access Point Name (APN), or QoS Class Identifier (QCI), as well as a percentage to sample. The flow is sampled to see if it matches a rule. The percentage of the subscriber sessions matching each rule are selected.

Map rules specify the type of traffic to be flow sampled by that map. For each new session, map rules are evaluated in top-down order of decreasing priority. If there is a match, the indicated percentage of the subscriber session is either accepted or rejected. If accepted, the traffic is sent to the tool port or load balancing group specified in the map. If rejected, the traffic is dropped. If there is not a match to a rule, the traffic is passed to subsequent maps.

Starting in software version 4.6, GTP load balancing in a cluster is supported for GTP flow sampling. For an example of GTP load balancing in a cluster, refer to GTP Whitelisting and GTP Flow Sampling Examples.

About Flow Sampling Rules and Maps

Flow sampling rules are configured in maps called flow sampling maps. Up to ten (10) flow sampling maps per GigaSMART group are supported. Each flow sampling map supports up to 20 flow sampling rules, for a maximum of 200 rules per GigaSMART group.

GTP flow sampling (rule-based flow sampling) is performed after GTP whitelist-based forwarding but before GTP flow filtering. So, flow sampling maps have a priority lower than whitelist maps and higher than flow filtering maps.

Note:  For GTP second level maps, a maximum of fifteen maps can be attached to a vport. For example, for the same vport you can have one whitelist map and ten flow sampling maps, or ten whitelist map, four flow sampling maps, and one flow filtering map. In addition, you can have a collector map, which is not counted.

In the flow sampling maps, the rules in the first map have a higher priority than the rules in the second, third, and subsequent maps. Within any single map, rules are evaluated in order.

Rules can be added to, deleted from, or inserted into a flow sampling map when the subtype selected for a Second Level map is Flow Sample. Suffix wildcarding, such as IMSI 100*, is supported in the flow sampling map rules.

Use the Add a Rule button in the Maps page to add a new flow sampling rule (a pass rule). Specify IMSI, IMEI, or MSISDN subscriber IDs, as well as the percentage of the flow to be sampled. The percentage is a range from 1 to 100%. Use 0% to drop sampled data.

A rule can specify other packet attributes, such as an EPC interface type or GTP version. An APN pattern can also be specified in a rule, either by itself or preceding the EPC interface or GTP version. A QCI value can be specified, but only in combination with an APN pattern.

EPC interface and GTP version are mutually exclusive. They can be specified in a flow sampling rule, but not both in a single rule. The supported interface types for filtering are: Gn/Gp, S11/S1-U, S5/S8, S10, or S2B. The supported versions for filtering are 1 or 2. For example, you can send version 1 traffic to one tool port and version 2 traffic to another tool port. For more information on interfaces, refer to Supported Interfaces.

For APN, specify a pattern (a name) to match, for example, three.co.uk. Wildcard prefixes and suffixes are supported, for example, *mobile.com or *ims*. The pattern can be specified in up to 100 case-insensitive alphanumeric characters and can include the following special characters: period (.), hyphen (-), and wildcard (*).

Note:  APN is not supported on GigaVUE-HB1.

QCI is a mechanism used in Long Term Evolution (LF TE) networks to ensure bearer traffic is allocated to the appropriate Quality of Service (QoS). For QCI, specify a value from 0 to 255. Wildcard prefixes and suffixes are not supported.

Use APN and QCI to send traffic that matches a certain APN pattern or that belongs to a certain bearer with a certain QCI to specified tool ports, based on the sampling percentage.

Click the x next to a rule to delete a specific rule. Rules are identified by a priority ID, which indicates the order of rules in a flow sampling map. For example, if a map has 12 pass flow sampling rules, there will be 12 priority IDs. Figure 785: Flow Sampling Rules with Priorities shows rules in a Flow Sampling map and their priority IDs.

 

Figure 785: Flow Sampling Rules with Priorities

When creating Flow Sampling rules on the Maps page, the first rule created has the highest priority and the priority of subsequent rules is in the order that they are added. To change the priority of a Flow Sampling rule in a new map, do the following:

1.   Save the rule.
2. Select the map and click Edit.
3. Enter a priority in the Priority field of each rule to order the rules in the map. (For details about map priority, refer to Map Priority)

Note:  A flow sampling map can contain only flowsampling rules. A flow sampling map cannot contain other GigaSMART rules (gsrule) or flow filtering rules (flowrule).

For configuration examples for flow sampling, refer to GTP Whitelisting and GTP Flow Sampling Examples.

Adding a Rule to a Flow Sampling Map

Flow sampling is applied for new subscribers. When a new rule is added to the rules in a flow sampling map, traffic will be sent to the port or load balancing group specified in the map.G

Deleting a Rule from a Flow Sampling Map

When a rule is deleted from a flow sampling map, the session associated with the rule stays active. The traffic associated with the rule will not be reevaluated by subsequent maps.

Changing the Priority of Flow Sampling Maps

Use the Priority field in the GTP map rule to set the priority of flow sampling maps.

Deleting a Flow Sampling Map

When a flow sampling map is deleted, the priority of the remaining flow sampling maps will be re-prioritized. For example, if the first flow sampling map is deleted, the second flow sampling map will increase in priority.

For the deleted flow sampling map, the traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.

When a flow sampling map is re-prioritized, the existing sessions will be reevaluated according to the new priority of the map. The traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.

When the last flow sampling map is deleted, the traffic associated with the rules in the map will also be reevaluated before being passed to subsequent maps. But the traffic associated with the rules in maps that were not matched, will not be reevaluated because that traffic was already passed to subsequent maps.

Flow-Ops Report Limitation for Multiple Flow Sampling Maps

The flow-ops report displays the flow sampling rule ID for sessions that have been accepted or rejected by the flow sampling map.

However, since rule IDs are not unique across maps, when there are multiple flow sampling maps, the flow-ops report is unable to identify the exact rule that the session matched. For example, with multiple flow sampling maps, each map can have a rule ID of 1. The rule ID will be identified in the flow-ops report, but not the map associated with it.

GTP Flow Sampling Percentage

The sampling Percentage field in a map for GTP flow sampling, represents the percentage of subscribers that will be sampled (not the sessions). For example, Figure 786: GTP Flow Sampling Percentage, shows a GTP flow sampling rule with the percentage set to 80.

 

Figure 786: GTP Flow Sampling Percentage

The GTP correlation engine tracks all of the subscribers and all of their sessions that it sees on the network. In this example, for those subscribers with an IMSI starting with the value 46*, the GTP correlation engine keeps a list of them and randomly selects 80% of those subscribers and sets them to be in the sample, which means that a tool port (or load balanced group) will see 100% of the packets for 100% of the sessions for those randomly selected 80% of subscribers.

For the other 20% of subscribers, the GTP correlation engine continuously tracks those subscribers through the network, but does not send any packets to the tool port (or load balanced group).

Refer to the GTP flow sampling configuration examples in GTP Whitelisting and GTP Flow Sampling Examples.

Dropping Unmatched Traffic

When a session matches one of the configured flow sampling rules, it is either accepted for sampling or rejected.

If it is accepted, all packets belonging to that GTP session are sent to the tool port or ports specified in the flow sampling maps. If a subscriber is in the sample, then both the control plane packets and the user-data plane packets are sent to the tools.

If it is rejected, all packets belonging to the session are dropped. If the subscriber is not in the sample, then neither the control plane packets nor the user-data plane packets are sent to the tools.

Control plane (GTP-c) and user-data plane (GTP-u) traffic are treated the same. For a matching session, all the control plane and user-data plane traffic will be accepted. Otherwise, all the control plane and user-data plane traffic will be rejected and dropped. Instead, to enable or disable GTP control plane traffic sampling, refer to Enabling or Disabling GTP Control Plane Traffic Sampling.

Enabling or Disabling GTP Control Plane Traffic Sampling

GTP control plane (GTP-c) traffic is typically a small percentage of total GTP traffic, but it contains useful information for analytics. Therefore, it is not always expedient to drop control plane traffic for sampled sessions.

Subscriber traffic by IMSI can be sampled such that network traffic for a subset of mobile subscribers can be selected to be sent to network monitoring tools. In some cases, network monitoring tools will want to see GTP control plane and GTP user plane traffic for a percentage of the subscribers. In other cases, network monitoring tools will want to see all of the GTP control plane traffic, but see only the GTP user plane traffic for the sampled percentage of subscribers.

Starting in software version 4.5, all control plane traffic for all subscribers will be sent to tools if GTP control plane traffic sampling is disabled. When disabled, 100% of the control traffic that matches any of the flow sampling rules will be sent to the tool ports specified in the flow sampling maps. Control traffic for both accepted and rejected sessions will be sent to the tool ports.

When GTP control plane traffic sampling is enabled, GTP-c packets will be sampled and only the indicated percentage of the control traffic that matches any of the flow sampling rules will be sent to the tool ports specified in the flow sampling maps, as described in GTP Flow Sampling Percentage.

The default is enable.

To disable sampling of GTP-c traffic, which enables 100% of control plane traffic, select GigaSMART > GigaSMART Groups > GigaSMART Groups. Under GigaSMART Parameters, go to GTP Sampling and make sure that GTP Control Sampling is not selected.

To enable sampling of GTP-c traffic, which enables 100% of control plane traffic, select GigaSMART > GigaSMART Groups > GigaSMART Groups. Under GigaSMART Parameters, go to GTP Sampling and make sure that GTP Control Sampling is selected as shown in Figure 787: GTP Control Sampling Enabled. This setting applies to all the flow sampling maps for a GigaSMART group.

 

Figure 787: GTP Control Sampling Enabled

GTP Subscriber Aware Random Sampling

GTP Random Sampling allows to randomly sample all the subscriber’s IMSI on a rotational basis. Based on the configured sampling percentage, the selected sessions are either sampled in or out. The correlation engine takes the configurable interval as an input to rotate the random selection of each of the subscriber’s sessions.

The configurable interval is a minimum of 12 hours and a maximum of 48 hours. Each GigaSMART node must be synchronized with an NTP/PTP server, as UTC time is involved in the random selection of the subscriber’s sessions.

Note:  This feature is effective for a new subscriber’s sessions after enabling the random sampling.

The Map rules in the GTP random sampling are similar to GTP Flow Sampling. For more information refer to

To enable GTP Random Sampling, select GigaSMART > GigaSMART Groups. Under GigaSMART Parameters, go to GTP and select GTP Random Sampling check box. Enter the time in Rotation Interveral in multiples of 12 hours.

GTP Whitelisting and GTP Flow Sampling Examples

Refer to the following examples:

Example 1: GTP Whitelisting
Example 2: GTP Whitelisting with Multiple Maps
Example 3: GTP Flow Sampling
Example 4: GTP Whitelisting, GTP Flow Sampling, and Load Balancing
Example 5: GTP Flow Sampling with Multiple Maps
Example 6: APN for GTP Whitlelisting, GTP Flow Sampling
Example 7: APN for FTP Whitelisting, APN and QCI for GTP Flow Sampling
Example 1: GTP Whitelisting

Example 1 is a GTP whitelisting configuration example. Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a port.

Task

Description

UI Steps

1.    

Configure a GigaSMART group and associate it with a GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups.
b. Click New.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. Click Save.
2.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. Click New.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
e. Click Save.
3.  

Create the GTP whitelist.

a. From the device view, select GigaSMART > GTP Whitelist.
b. Click New.
c. Type an alias in the Alias field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in Task 1.
e. Go to Task 4.
4.  

Fetch whitelist files from a specified location to populate the GTP whitelist.

a. On the GTP Whitelist page, select Bulk Upload.
b. Select Bulk Entry Operation for IMSI Upload Type
c. Select Upload from URL from the Bulk Upload Type list.
d. Enter the URL in the Enter Remote URL field. For example, http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
e. Click Save.
5.  

Associate the GigaSMART group to the GTP whitelist.

a. From the device view, select GigaSMART > GigaSMART Groups
b. Select the GigaSMART Group created in Task 1 and click Edit.
c. Type an alias in the Alias field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
e. Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 3.
f. Click Save.
6.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations > GigaSMART Operation.
b. Click New.
c. Type an alias in the Alias field. For example, GTP-Whitelist.
d. Select the GigaSMART group created in task 1.
e. From the GigaSMART Operations (GSOP) drop-down list, select the following:
- GTP Whitelist and select Enabled.
- Load Balancing.
f. For Load Balancing, do the following:
- Choose Stateful
- For Type select GTP
- Choose Hashing for the metric and select IMSI
g. Click Save.
7.  

Configure three first level maps.

Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.

a. Configure the first map as follows:
- Alias: GTP-Control
- Type and subtype: First Level By Rule
- Source: network port or ports
- Destination: virtual port created in Task 2.
- Rule: Pass, Bi Directional, Port Destination 2123
- Map Permissions: Select current user’s group for Owner
- Save the map
b. Configure the second map as follows:
- Alias: GTP-User
- Type and subtype: First Level By Rule
- Source: Same network port or ports as first map.
- Destination: virtual port created in Task 2.
- Rule: Pass, Bi Directional, Port Destination 2152
- Map Permissions: Select current user’s group for Owner
- Save the map
c. Configure the third map as follows:
- Alias: Fragments-Not-First
- Type and subtype: First Level By Rule
- Source: Same network port or ports as first map
- Destination: virtual port created in Task 2
- Rule: Pass, IPv4 Fragmentation and select allFragNoFirst
- Map Permissions: Select current user’s group for Owner
- Save the map
8.  

Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a port.

1. Configure the second level map as follows:
Alias: GTP-Whitelist
Type and subtype: Second Level By Rule
Source: virtual port created in Task 2
Destination: select a tool port
GSOP: GigaSMART Operation created in Task 6
Map Permissions: Select current user’s group for Owner
2. Click Save.
Example 2: GTP Whitelisting with Multiple Maps

Example 2 is a GTP whitelisting configuration example that includes multiple GTP whitelisting maps, which provide a more granular selection of tool ports.

Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not-First) and then to the virtual port (vport1). Two whitelist maps are configured. The first map specifies a rule for version 1 traffic. The second map specifies a rule for version 2 traffic.

 

Task

Description

UI Steps

1.    

Configure a GigaSMART group and associate it with a GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an gsg1 in the Alias field and enter an engine port in the Port List field, for example 10/7/e1.
d. Click Save.
2.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. Click New.
c. Type vport1 in the Alias field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
e. Click Save.
3.  

Create the GTP whitelist.

a. From the device view, select GigaSMART > GTP Whitelist.
b. Click New.
c. Type an MyIMSIs in the Alias field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in Task 1.
e. Go to Task 4.
4.  

Fetch whitelist files from a specified location to populate the GTP whitelist.

a. On the GTP Whitelist page, select Bulk Upload.
b. Select Bulk Entry Operation for IMSI Upload Type
c. Select Upload from URL from the Bulk Upload Type list.
d. Enter the URL in the Enter Remote URL field. For example, http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
e. Click Save.
5.  

Associate the GigaSMART group to the GTP whitelist.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Select the GigaSMART Group created in Task 1 and click Edit.
c. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
d. Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 3.
e. Click Save.
6.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations > GigaSMART Operation.
b. Click New.
c. Type gtp-whitelist in the Alias field.
d. Select the GigaSMART group created in task 1.
e. From the GigaSMART Operations (GSOP) drop-down list, select the following:
- GTP Whitelist and select Enabled.
- Load Balancing.
f. For Load Balancing, do the following:
- Choose Stateful
- For Type select GTP
- Choose Hashing for the metric and select IMSI
g. Click Save.
7.  

Configure three first level maps.

Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.

Configure the first map.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map:
Alias: GTP-Control
Type: First Level, Sub Type: By Rule
Source: 8/1/x40, 8/1/x6
Destination: vport1
d. Click Add a Rule.
Select Pass and Bi Directional
Select Port Destination for the rule
Set port value to 2123
e. Click Save.

Configure the second map.

a. Click New.
b. Configure the map:
Alias: GTP-User
Type: First Level, Sub Type: By Rule
Source: 8/1/x40, 8/1/x6
Destination: vport1
c. Click Add a Rule.
Select Pass and Bi Directional
Select Port Destination for the rule
Set port value to 2152
d. Click Save.

Configure the second map.

a. Click New.
b. Configure the map:
Alias: Fragment-Not-First
Type: First Level, Sub Type: By Rule
Source: 8/1/x40, 8/1/x6
Destination: vport1
c. Click Add a Rule.
Select Pass
Select Port IPv4 Fragmentation for the rule
Select allFragNoFirst for Value
d. Click Save.
8.  

Configure one second level map for GTP whitelisting, the first whitelist map. If there is a match to version 1 and if the IMSI is present in the whitelist (MyIMSIs), it is forwarded to the specified port.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map:
Alias: GTP-Whitelist_v1
Type: Second Level, Sub Type: Flow Whitelist
Source: vport1
Destination: 1/2x23
Select gtp-whitelist from the GSOP list.
d. Click Add a Rule.
Select GTP
Set Version to V1
e. Click Save.
9.  

Configure another second level map for GTP whitelisting, the second whitelist map. If there is a match to version 2 and if the IMSI is present in the whitelist (MyIMSIs), it is forwarded to the specified port.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map:
Alias: GTP-Whitelist_v2
Type: Second Level, Sub Type: Flow Whitelist
Source: vport1
Destination: 1/2x24
Select gtp-whitelist from the GSOP list.
d. Click Add a Rule.
Select GTP
Set Version to V2
e. Click Save.
Example 3: GTP Flow Sampling

Example 2 is a GTP flow sampling configuration example. Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). The traffic flow is sampled based on the rules in one flow sampling map (GTP-Sample-01). The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to a port. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps.

 

Task

Description

UI Steps

1.    

Configure a GigaSMART group and associate it with a GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. Click Save.
2.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. In the Alias field, type an alias for this virtual port.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
e. Click Save.
3.  

Configure three first level maps.

Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.

a. Configure the first map as follows:
Alias: GTP-Control
Type and subtype: First Level By Rule
Source: network port or ports
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2123
Map Permissions: Select current user’s group for Owner
Save the map
b. Configure the second map as follows:
Alias: GTP-User
Type and subtype: First Level By Rule
Source: Same network port or ports as first map.
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2152
Map Permissions: Select current user’s group for Owner
Save the map
c. Configure the third map as follows:
Alias: Fragments-Not-First
Type and subtype: First Level By Rule
Source: Same network port or ports as first map
Destination: virtual port created in Task 2
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst
Map Permissions: Select current user’s group for Owner
Save the map
4.  

Configure the GigaSMART operation for GTP flow sampling.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operations.
b. Click New.
c. Type an alias in the Alias field. For example, GTP-Whitelist.
d. Select the GigaSMART group created in task 1.
e. From the GigaSMART Operations (GSOP) drop-down list, select the following:
GTP Whitelist and select Enabled.
Load Balancing.
f. For Load Balancing, do the following:
a. Choose Stateful
b. For Type select GTP
c. Choose Hashing for the metric and select IMSI
d. Click Save.
5.  

Configure a second level map for GTP flow sampling, the flow sampling map. The traffic flow is sampled based on the rules in this map.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Sample-01 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype.
Select the virtual port configured in Task 2 for the Source
Select a tool port for the Destination
Select the GigaSMART Operation configured in Task for from the GSOP list
d. Use the Add a Rule button to create the following flow sampling rules:
Percentage to 50, IMEI 01416800*
Percentage to 80, IMSI 46*
Percentage to 25, MSISDN 1509*
Percentage to 15, IMSI 01400*
Percentage to 20, IMSI, 31*, MSISDN 1909*
e. Click Save.
Example 4: GTP Whitelisting, GTP Flow Sampling, and Load Balancing

Example 4 combines the GTP whitelisting configuration from Example 1 with the GTP flow sampling configuration from Example 3, and adds GigaSMART load balancing.

In Example 4, traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not-First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to the port group (PG-Whitelist) for load balancing.

Note:  In Example 4, the tool ports in the port group are on the same node as the GigaSMART group and GigaSMART operation.

If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in the flow sampling map (GTP-Sample-01). The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to the port group (PG-Sample) for load balancing. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps.

 

Task

Description

UI Steps

1.    

Create port groups and specify the tool ports and enable load balancing.

a. Select Ports > Port Groups > All Port Groups.
b. Click New.
c. Type PG-Whitelist in the Alias field.
d. Select SMART Load Balancing
e. Click in the Ports field and select the tool ports for the port group.
f. Click Save.
g. Repeat steps 2 through 6, to create a port group with the alias PF-Sample.
2.  

Configure a GigaSMART group and associate it with a GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. Click Save.
3.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. In the Alias field, type an alias for this virtual port.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1.
e. Click Save.
4.  

Configure three first level maps.

Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.

a. Configure the first map as follows:
Alias: GTP-Control
Type and subtype: First Level By Rule
Source: network port or ports
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2123
Map Permissions: Select current user’s group for Owner
Save the map
b. Configure the second map as follows:
Alias: GTP-User
Type and subtype: First Level By Rule
Source: Same network port or ports as first map.
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2152
Map Permissions: Select current user’s group for Owner
Save the map
c. Configure the third map as follows:
Alias: Fragments-Not-First
Type and subtype: First Level By Rule
Source: Same network port or ports as first map
Destination: virtual port created in Task 2
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst
Map Permissions: Select current user’s group for Owner
Save the map
5.  

Create the GTP whitelist.

a. From the device view, select GigaSMART > GTP Whitelist.
b. Click New.
c. Type an Alias for the Whitelist in the Alias field. For example, MyIMSIs
6.  

Fetch whitelist files from a specified location to populate the GTP whitelist.

a. On the GTP Whitelist page, select Bulk Upload.
b. Select Bulk Entry Operation for IMSI Upload Type
c. Select Upload from URL from the Bulk Upload Type list.
d. Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
e. Click Save.
7.  

(Optional) Add a single IMSI to the GTP whitelist.

a. On the GTP Whitelist page, select Individual Entry Operation.
b. Select Append for Operation Type
c. Enter the IMSI entry in the Individual IMSI Entry field.
d. Click Save.
8.  

Associate the GigaSMART group to the GTP whitelist.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an alias in the Alias field.
d. Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 5.
e. Click Save.
9.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP)> GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list.
d. Type an alias in the Alias field. For example, gtp-whitelist.
e. Select GTP Whitelist from the GigaSMART Operations (GSOP) list.
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save.
10.  

Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New
c. Configure the map.
Type an name in the Alias field. For example GTP-Whitelist.
Select Second Level for Type
Select By Rule for Subtype
Select the GigaSMART Operation configured in Task 9 from the GigaSMART Operations (GSOP) list.
Select the virtual port configured in Task 3 for Source
Select PG-Whitelist for Destination
d. Click Save.
11.  

Configure the GigaSMART operation for GTP flow sampling.

e. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
f. Click New.
g. Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list.
h. Type an alias in the Alias field. For example, gtp-flowsample.
i. Select Flow Sampling from the GigaSMART Operations (GSOP) list.
j. Select Flow Sampling-GTP.
k. Select Load Balancing from the GigaSMART Operations (GSOP) list.
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
l. Click Save.
12.  

Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New
c. Configure the map.
Type an name in the Alias field. For example GTP-Sample-01.
Select Second Level for Type
Select Flow Sample for Subtype
Select the GigaSMART operation for flow sampling configured in Task 11 from the GSOP list.
Select the virtual port configured in Task 3 for Source
Select PG-Sample for Destination
d. Create the following flow sample rules:
Percentage 50, IMEI 01416800*, IMSI 31*
Percentage 80, IMSI 46*
Percentage 25, MSISDN 1509*
Percentage 15, IMEI 01400*, imsi 31*
Percentage 20, IMSI 31*, MSISDN 1909*
e. Click Save.
Example 5: GTP Flow Sampling with Multiple Maps

Example 5 includes multiple GTP flow sampling maps, which provide a more granular selection of tool ports for flow sampling.

In Example 5, traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (VoLTE_1MM), it is forwarded to the port-group (PG-Whitelist-1) for load balancing.

Note:  In Example 5, the tool ports in the port group are on the same node as the GigaSMART group and GigaSMART operation.

If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in the four flow sampling maps (GTP-Sample-1 to GTP-Sample-4).

The flow sampling rules in each map specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to the port-group (PG-Sample-1 to PG-Sample-4) for load balancing. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps, in this example, to a shared collector.

 

Task

Description

UI Steps

1.    

Create port groups, specifying the tool ports and enabling load balancing.

a. Select Ports > Port Groups > All Port Groups.
b. Click New.
c. Type PG-Sample-1 in the Alias field.
d. Select SMART Load Balancing
e. Click in the Ports field and select the tool ports for the port group.
f. Click Save.
g. Repeat steps 2 through 6, to create a port groups with the aliases
2.  

Configure a GigaSMART group and associate it with a GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an alias in the Alias field and enter an engine port in the Port List field.
d. Click Save.
3.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. Type vport1 in the Alias field.
c. Select the GigaSMART Groups created in Task 2 from the GigaSMART Group list.
d. Click Save.
4.  

Configure three first level maps.

Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.

a. Configure the first map as follows:
Alias: GTP-Control
Type and subtype: First Level By Rule
Source: network ports (for example, 10/1/x5, 10/3/x1,10/6/q1)
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2123
Save the map
b. Configure the second map as follows:
Alias: GTP-User
Type and subtype: First Level By Rule
Source: Same network ports as first map.
Destination: virtual port created in Task 2.
Rule: Pass, Bi Directional, Port Destination 2152
Save the map
c. Configure the third map as follows:
Alias: Fragments-Not-First
Type and subtype: First Level By Rule
Source: Same network ports as first map
Destination: virtual port created in Task 2
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst
Save the map
5.  

Create the GTP whitelist.

a. From the device view, select GigaSMART > GTP Whitelist.
b. Click New.
c. Enter VoLTE_1MM in the Alias field.
d. Go to Task 6.
6.  

Fetch whitelist files from a specified location to populate the GTP whitelist.

a. On the GTP Whitelist page, select Bulk Upload.
b. Select Bulk Entry Operation for IMSI Upload Type
c. Select Upload from URL from the Bulk Upload Type list.
d. Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
e. Click Save.
7.  

(Optional) Add a single IMSI to the GTP whitelist.

a. On the GTP Whitelist page, select Individual Entry Operation.
b. Select Append for Operation Type
c. Enter the IMSI entry in the Individual IMSI Entry field.
d. Click Save.
8.  

Associate the GigaSMART group to the GTP whitelist.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups
b. Click New.
c. Type gsg1 in the Alias field.
d. Under GTP Whitelist, click on the GTP Whitelist Alias field and select VolTE_1MM.
e. Click Save.
9.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group gsg1 created in Task 8 from the GigaSMART Groups list.
d. Enter gtp-whitelistl in the Alias field.
e. Select GTP Whitelist from the GigaSMART Operations (GSOP) list
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save.
10.  

Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (VoLTE_1MM), it is forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New
c. Configure the map.
Enter GTP-Whitelist in the Alias field.
Select Second Level for Type
Select By Rule for Subtype
Select gtp-whitelist from the GSOP list.
Select the virtual port vport1 configured in Task 3 for Source
Select port group PG-Whitelist-2 for Destination
d. Click Save.
11.  

Configure the GigaSMART operation for GTP flow sampling.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list.
d. Enter gtp-flowsample-1 in the Alias field.
e. Select Flow Sampling from the GigaSMART Operations (GSOP) list and then select the Flow Sampling-GTP option.
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save.
12.  

Configure a second level map for GTP flow sampling, the first flow sampling map. This map has 12 rules.

Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Sample-1 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype.
Select the virtual port vport1 configured in Task 3 for the Source
Select a port grroup PG-Sampl-1 for the Destination
Select the GigaSMART Operation configured in Task for from the GSOP list
d. Use the Add a Rule button to create the following flow sampling rules:
Percentage 75, IMSI 3182609833*, IMEI 35609506*
Percentage 10, IMSI 3182609834*, IMEI 3560950*
Percentage 20, IMSI 31826098350*, IMEI 356095*
Percentage 20, IMSI 31826098351*, IMEI 35609*
Percentage 20, IMSI 31826098352*, IMEI 3560*
Percentage 20, IMSI 31826098353*, IMEI 356*
Percentage 20, IMSI 31826098354*, IMEI 35*
Percentage 20, IMSI 31826098355*, IMEI 31*
Percentage 20, IMSI 31826098356*, IMEI 356095*
Percentage 20, IMSI 31826098356*, IMEI 356095*
Percentage 20, IMSI 31826098357*, IMEI 3560*
Percentage 20, IMSI 31826098358*, IMEI 35*
Percentage 20, IMSI 31826098359*, IMEI 356095*
e. Click Save.
13.  

Configure a second level map for GTP flow sampling, the second flow sampling map. This map has 12 rules.

Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Sample-2 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype.
Select the virtual port vport1 configured in Task 2 for the Source
Select a tool port group PG-Sample-2 for the Destination
Select flow-sample-1 configured in Task 11 for from the GSOP list
d. Use the Add a Rule button to create the following flow sampling rules:
Percentage 30, IMSI 3182609836*, IMEI 35609506*
Percentage 5, IMSI 3182609837*, IMEI 356095062*
Percentage 50, IMSI 31826098380*, IMEI 356095062*
Percentage 50, IMSI 31826098381*, IMEI 35609506*
Percentage 50, IMSI 31826098382*, IMEI 3560950*
Percentage 50, IMSI 31826098383*, IMEI 356095*
Percentage 50, IMSI 31826098384*, IMEI 35*
Percentage 50, IMSI 31826098385*, IMEI 356*
Percentage 50, IMSI 31826098386*, IMEI 3560*
Percentage 50, IMSI 31826098387*, IMEI 35609*
Percentage 50, IMSI 31826098388*, IMEI 356095*
Percentage 50, IMSI 31826098389*, IMEI 3560950*
e. Click Save.
14.  

Configure a second level map for GTP flow sampling, the third flow sampling map. This map has 5 rules.

Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Sample-3 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype
Select the virtual port vport1 configured in Task 3 for the Source
Select a port group PG-Sample-3 port for the Destination
Select flow-sample-1 configured in Task 11 for from the GSOP list
d. Use the Add a Rule button to create the following flow sampling rules:
Percentage 10, IMSI 31826098390*, IMEI 35609506*
Percentage 10, IMSI 31826098391*, IMEI 35609506*
Percentage 10, IMSI 31826098392*, IMEI 35609506*
Percentage 10, IMSI 31826098393*, IMEI 35609506*
Percentage 10, IMSI 31826098394*, IMEI 35609506*
e. Click Save.
15.  

Configure a second level map for GTP flow sampling, the fourth flow sampling map. This map has one rule.

Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Sample-4 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype
Select the virtual port vport1 configured in Task 3 for the Source
Select a tool port for the Destination
Select flow-sample-1 configured in Task 11 for from the GSOP list
d. Use the Add a Rule button to create the following flow sampling rule:
Percentage 10, IMSI 31826098429*, IMEI 35609506*
e. Click Save.
16.  

Configure a collector map for any packets that do not match other rules.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type GTP-Collector in the Alias field
Select Second Level for Type
Select Collector for Subtype
Select the virtual port vport1 configured in Task 3 for the Source
d. Click Save.
Displaying GTP Flow Ops Report Statistics

To display GTP statistics, select GigaSMART > GigaSMART Operations (GSOP) > Statistics.

Refer to Flow Ops Report Statistics Definitions for GTP on page 635 for descriptions of these statistics.

Example 6: APN for GTP Whitlelisting, GTP Flow Sampling

Example 7 specifies APN patterns for GTP whitelisting and GTP flow sampling.

In Example 7, traffic from network ports go to the two first level maps (gtp_to_v1_c and gtp_to_v1_u) and then to the virtual port (v1).

In the whitelist map, if there is a match to the APN pattern and if the IMSI is present in the whitelist (IMSI), packets are forwarded to a tool port.

If there is not a match to an IMSI in the whitelist, the traffic is flow sampled based on the APN pattern in the flow sampling map. Accepted packets are forwarded to the same tool port as specified in the whitelist map.

Any unmatched traffic goes to a shared collector that sends it to a different tool port.

 

Task

Description

UI Steps

1.    

Configure a network port and two tool ports and enable them.

a. Select Ports > Ports > All Ports.
b. Click Quick Port Editor.
c. Configure a network port. Port 22/3/x3 in this example.
d. Configure two tool ports. Port 22/4/x18 and 22/4/x19 in this example.
e. Admin enable the ports by selecting Enable for each port.
f. Click OK.
2.  

Configure a GigaSMART group and associate it with two GigaSMART engine port.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type an gsg2 in the Alias field.
d. In the Port List field, select the engine ports, which are 22/2/e1 and 22/2/e2 in this example
e. Click Save.
3.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. Type v1 in the Alias field.
c. Select the GigaSMART Group created in Task 2 from the GigaSMART Group list.
d. Click Save.
4.  

Configure two first level maps, one for control traffic and one for user traffic.

a. Configure the first map as follows:
Alias: gtp_to_v1_c
Type and subtype: First Level By Rule
Source: 22/3/x3
Destination: virtual port created in Task 2.
Rule 1: Pass, Bi Directional, Port Destination 2123
Rule 2: Pass, Bi Directional, Port Destination 2122
Save the map
b. Configure the second map as follows:
Alias: gtp_to_v1_u
Type and subtype: First Level By Rule
Source: 22/3/x3.
Destination: virtual port created in Task 2.
Rule 1: Pass, Bi Directional, Port Destination 2152
Rule 1: Pass, Bi Directional, IPv4 Fragmentation, Value: allFragNoFirst.
Save the map
5.  

Create the GTP whitelist.

a. From the device view, select GigaSMART > GTP Whitelist.
b. Click New.
c. Enter gtp-whitelist in the Alias field
d. Go to Task 6.
6.  

Fetch whitelist files from a specified location to populate the GTP whitelist.

a. On the GTP Whitelist page, select Bulk Upload.
b. Select Bulk Entry Operation for IMSI Upload Type
c. Select Upload from URL from the Bulk Upload Type list.
d. Select Append.
e. Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx
f. Click Save.
7.  

(Optional) Add a single IMSI to the GTP whitelist.

a. On the GTP Whitelist page, select Individual Entry Operation.
b. Select Append for Operation Type
c. Enter the IMSI entry in the Individual IMSI Entry field.
d. Click Save.
8.  

Associate the GigaSMART group to the GTP whitelist.

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups
b. Select GS Group gsg2 created in Task 2 and click Edit
c. Under GTP Whitelist, click on the GTP Whitelist Alias field and select gtp-whitelist
d. Click Save.
9.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group gsg2 created in Task 2 and associated with the GTP whitelist in Step 8.
d. Enter gtp-correlat_gsp_wl in the Alias field.
e. Select GTP Whitelist from the GigaSMART Operations (GSOP) list
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save.
10.  

Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to the APN pattern and if IMSI is present in the whitelist (IMSI), it is forwarded to a tool port.

a. Select Maps > Maps > Maps.
b. Click New
c. Configure the map.
Enter GTP-Whitelist in the Alias field.
Select Second Level for Type
Select Flow Whitelist for Subtype
Select gtp-correlate_gsg_wl from the GSOP list.
Select the virtual port v1 configured in Task 3 for Source
Select 22/4/x18 for Destination
Rule 1: GTP, APN: mobile.com
d. Click Save.
11.  

Configure the GigaSMART operation for GTP flow sampling.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group gsg2 created in Task 2 and associated with the GTP whitelist in Step 8.
d. Enter gtp-correlat_gsp_fs in the Alias field.
e. Select GTP Whitelist from the GigaSMART Operations (GSOP) list
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save
12.  

Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the APN pattern in this map. Accepted packets are forwarded to the same tool port as specified in the whitlelist map

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type from_vp_fs1 in the Alias field
Select Second Level for Type
Select Flow Sample for Subtype.
Select the virtual port v1 configured in Task 3 for the Source
Select a 22/4/x18 for the Destination
Select the GigaSMART Operation gtp-correlate_gsg_fs
Rule 1: GTP, Percentage: 100, APN: imsi*
d. Click Save.
13.  

Add a shared collector for any unmatched traffic from the virtual port and send it to a different tool port.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Type from_vp_scoll in the Alias field
Select Second Level for Type
Select Collector for Subtype
Select the virtual port v1 configured in Task 3 for the Source
d. Click Save.
Example 7: APN for FTP Whitelisting, APN and QCI for GTP Flow Sampling

Example 6 specified APN patterns for GTP whitelisting and GTP flow sampling. It also specifies QCI for GTP flow sampling.

In Example 7, traffic from network ports go to the two first level maps (gtp_to_v1_c and gtp_to_v1_u) and then to the virtual port (v1).

In the whitelist map, if there is a match to the APN pattern and if the IMSI is present in the whitelist (IMSI), packets are forwarded to a tool port.

If there is not a match to an IMSI in the whitelist, the traffic is flow sampled based on the APN pattern and QCI value in the flow sampling map. Accepted packets are forwarded to the same tool port as specified in the whitelist map. Only 50% of traffic with QCI 5 is sent to the tool port.

Any unmatched traffic goes to a shared collector that sends it to a different tool port.

 

Task

Description

UI Steps

1.    

Configure a network port and two tool ports and enable them.

a. Select Ports > Ports > All Ports.
b. Click Quick Port Editor.
c. Select a port (for example, 22/2/x3) and set Type to Network.
d. Select a port (for example, 22/2/x18) and set Type to Tool
e. Select a second port (for example, 22/2/x19) and set Type to Tool.
f. Select Enable for Admin on the network and two tool ports.
g. Click OK.
2.  

Configure a GigaSMART group and associate it with two GigaSMART engine ports

a. From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups.
b. Click New.
c. Type gsg2 in the Alias field.
d. Click in the Port List field and select two engine ports. For example, 22/2/e1 and 22/2/e2
e. Click Save.
3.  

Create a virtual port.

a. From the device view, select GigaSMART > Virtual Ports.
b. Type v1 in the Alias field.
c. Click in the GigaSMART Group field and select the GigaSMART Group created in Task 2.
d. Click Save.
4.  

Configure two first level maps, on for control traffic and one for user traffic

a. Configure the first map as follows:
Alias: gtp_to_v1_c
Type and Subtype: First Level By Rule
Traffic Type: select Control
Source: 22/2/3/x3 (network port created in Task 1)
Destination: v1 (virtual port created in Task 3)
Rule 1: Pass, Bi Directional, Port Destination 2123
Rule 2: Pass, Bi Directional, Port Destination 2122
Save the map
b. Configure the second map as follows:
Alias: gtp_to_v1_u
Type and subtype: First Level By Rule
Source: 22/2/3/x3 (network port created in Task 1)
Destination: v1 (virtual port created in Task 3)
Rule 1: Pass, Bi Directional, Port Destination 2152
Rule 2: Pass, Bi Directional, IPv4Fragmentation allFragNoFirst
Save the map
5.  

Associate the GigaSMART group to the active GTP Whitelist

a. From the device view, select GigaSMART > GigaSMART Groups.
b. Select the GigaSMART Group created in Task 1 and click Edit.
c. Locate the GTP Whitelist param, and enter the alias of whitelist in the GTP Whitelist Alias field. For example, IMSI.
d. Save the GigaSMART Group.
6.  

Configure the GigaSMART operation for GTP whitelisting.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group gsg1 created in Task 2 from the GigaSMART Groups list.
d. Enter gtp-correlate_gsp_wl in the Alias field.
e. Select GTP Whitelist from the GigaSMART Operations (GSOP) list
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMSI
h. Click Save.
7.  

Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to the APN pattern and if the IMSI is present in the whitelist

(IMSI), packets are forwarded to a tool port.

a. Select Maps > Maps > Maps.
b. Click New
c. Configure the map.
Alias: GTP-whitelist
Type an Subtype: Second Level Flow Whitelist
Source: v1 (virtual port created in Task 3)
Destination: 22/4/x18
GSOP: gtp-corelate_gsg_wl
Select gtp-whitelist from the GSOP list.
Rule: GTP, APN: mobile.com
d. Click Save.
8.  

Configure the GigaSMART operation for GTP flow sampling.

a. From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation.
b. Click New.
c. Select the GigaSMART Group created in Task 2 from the GigaSMART Groups list.
d. Enter gtp-corelate_gsg_fs in the Alias field.
e. Select Flow Sampling from the GigaSMART Operations (GSOP) list and then select the Flow Sampling-GTP option.
f. Select Load Balancing from the GigaSMART Operations (GSOP) list.
g. Configure Load Balancing as follows:
Select Stateful
Set Type to GTP
Select Hashing
Select IMEI
h. Click Save.
9.  

Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the APN pattern in this map. Accepted packets are forwarded to the same tool port as specified in the whitelist map.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map.
Alias: from_vp_fs1
Type and Subtype: Second Level Flow Sample
Source: vp1
Destination: 22/4/x18
GSOP: gtp-corelate_gsg_fs
Rule 1: GTP, APN: *imsi*, QCI: 5, Percentage: 50
Rule: 2: GTP, IMSI: ims*, Percentage 100
d. Click Save.
10.  

Add a shared collector for any unmatched traffic from the virtual port and send it to a different tool port.

a. Select Maps > Maps > Maps.
b. Click New.
c. Configure the map:
Alias: from_vp_scoll
Type and Subtype: Regular Collector
Source: v1
Destination: 22/4/x19
d. Click Save.