GigaSMART GTP Whitelisting and GTP Flow Sampling
Required Licenses: GTP Filtering & Correlation and FlowVUE
Use GTP whitelisting and GTP flow sampling to provide subsets of GTP correlated flows to tools. GTP whitelisting selects specific subscribers based on IMSI, while GTP flow sampling uses map rules to select subscribers. Starting in software version 4.8, GigaSMART supports GTP overlap mapping, which combines both whitelisting and flow sampling maps as part of a map group. Refer to GTP Overlap Flow Sampling Maps
Starting in software version 4.5, a GigaSMART group (gsgroup) associated with GTP applications can have multiple GigaSMART engine port members (e ports), up to four, forming an engine group. Refer to GTP Scaling.
Refer to the following sections:
GTP Whitelisting
GTP whitelisting selects specific subscribers based on IMSI. The whitelist contains up to 500,000 subscriber IMSIs. For subscribers in the whitelist, 100% of their traffic is always sent to a specified tool port.
For example, when a subscriber session comes in, GTP whitelisting checks the IMSI of the subscriber. If the incoming IMSI matches an IMSI in the whitelist, the session is sent to the tool port or load balancing group specified in the whitelist map.
Starting in software version 4.7, GTP whitelisting is supported in a cluster. Refer to GTP Whitelisting in a Cluster for more information.
Creating the Whitelist
Subscriber IMSIs are added to a whitelist that can contain up to 500,000 subscriber IMSIs. One active whitelist per GigaSMART group is supported.
Entries in the whitelist can be added one at a time or whitelist files containing multiple IMSIs can be created and downloaded. Entries are added by using the GTP Whitelist page by selecting GigaSMART > GTP Whitelist. The GTP Whitelist page shows alias for the currently configured GTP Whitelists, the IMSI count for each Whitelist and the GigaSMART Group associated with the GTP Whitelist. (Refer to Figure 780: GTP Whitelist Page.) The GTP Whitelist is associated with the GigaSMART group by specifying its alias in the GTP Whitelist Alias field in GigaSMART Group configuration page.
Figure 780: GTP Whitelist Page
and then clicking New. Figure 781: GTP Whitelist Bulk Upload shows an example of an a whitelist with the alias MyIMSIs and ready to fetch multiple IMSIs from a whitelist file at remote location.
Figure 781: GTP Whitelist Bulk Upload
An individual IMSI is added by selecting Individual Entry Operation and specifying the IMSI in the Individual IMSI Entry field as shown in Figure 782: GTP Whitelist Add Individual IMSI.
Figure 782: GTP Whitelist Add Individual IMSI
The IMSIs in whitelist files must be distinct entries, with one IMSI on each line of a file and a maximum of 20,000 entries in each file. This means that 25 files of 20,000 entries will be needed to populate the whitelist to its capacity. Wildcards are not supported in whitelist files.
Whitelist files must have a filename with a .txt suffix. Use the GTP Whitelist page to fetch the entries from a whitelist file at a specified location, using one of the following formats, which are specified in the Enter Remote URL field when Bulk Entry Operation is selected and the Bulk Upload Type is Upload from URL:
|
•
|
http://IPaddress/path/filename.txt |
|
•
|
scp://username:password@IPaddress:/path/filename.txt |
|
•
|
tftp://IPaddress/path/filename.txt |
To fetch a whitelist file from a local location, select File Upload for Bulk Upload Type and use the Browse button to select the file.
When a whitelist file is downloaded, the entries are compared to the whitelist on the node. There may be new entries in the file that might already be part of the existing whitelist. GigaSMART will add the new, non-duplicate entries to the whitelist, without rejecting the entire file.
If the current number of entries in the whitelist plus the new entries in the whitelist file is greater than the whitelist capacity of 500,000 IMSIs, the Append operation will fail and the new entry or the entries from the new whitelist file will not be added.
GTP whitelisting does not use map rules like GTP flow sampling does. The whitelist is associated with a GigaSMART group, GigaSMART operation, and second level maps, called whitelist maps.
You can create multiple whitelists, each with 500,000 IMSIs. However, even though you can create multiple whitelists, you can only have one active whitelist in use at a time in a GigaSMART group, a GigaSMART operation, and whitelist maps. To switch from one whitelist to another, you must first either delete or destroy the currently active whitelist before you can make another whitelist active. Refer to Deleting the Whitelist.
For the sequences of steps to create a whitelist with the UI, refer to the configuration example for whitelisting in Example 1: GTP Whitelisting.
Configuring Whitelist Maps
The whitelist maps are configured per GigaSMART group. Each whitelist map, associated with the same vport, uses the same underlying whitelist.
Up to ten (10) whitelist maps are supported. Multiple whitelist maps provide a granular selection of tool ports for whitelisting. Using multiple maps, traffic can be segregated and sent to multiple destinations. Whitelist map rules allow you to select the subset of IMSIs sent to a particular tool.
Each whitelist map can contain up to four rules. The rules specify the type of traffic to be whitelisted by that map. Within any single map, the rules are evaluated in order. The rules in the first map have a higher priority than the rules in the second, third, and subsequent maps.
The rules will specify either an Evolved Packet Core (EPC) interface type (refer to Figure 783: GTP Rule for EPC Interface Type) or a GTP version (refer to Figure 784: GTP Rule for GTP Version) as the attribute to match. An Access Point Name (APN) (refer to Figure 783: GTP Rule for EPC Interface Type and Figure 783: GTP Rule for EPC Interface Type) can also be specified in a rule of a Second Level Flow Whitelist map, either by itself, or preceding the EPC interface type or in combination with the GTP version.
Figure 783: GTP Rule for EPC Interface Type
Figure 784: GTP Rule for GTP Version
For APN, you must specify a pattern (a name) to match. Use APN to direct the traffic that matches the pattern to a specific tool.
GTP version and EPC interface are mutually exclusive. A mix of versions and interface types across whitelist maps, associated with the same vport, is not supported. For example, you can configure two whitelist maps with one map specifying a rule for version 1 and another map specifying a rule for version 2, OR four whitelist maps with each map specifying a rule for each interface type (Gn, S11, S5, and S10). For more information on interfaces, refer to Supported Interfaces.
An APN pattern is for example, three.co.uk. Wildcard prefixes and suffixes are supported, for example, *mobile.com or *ims*. The pattern can be specified in up to 100 case-insensitive alphanumeric characters and can include the following special characters: period (.), hyphen (-), and wildcard (*). A standalone wildcard (*) is not allowed for APN.
Note: APN is not supported on GigaVUE-HB1.
Each new subscriber session will be evaluated by the whitelist maps in the order of priority, which, by default, is the order in which the maps were created.
When a subscriber session comes in, GTP whitelisting will check the IMSI of the subscriber. If the IMSI is present in the whitelist, the rules in the first whitelist map is evaluated to qualify the match further. Otherwise, the packet is evaluated against the rules in the subsequent whitelist maps for a possible match.
For example, with one whitelist map having a rule specifying GTP version 1 and another whitelist map having a rule specifying GTP version 2, when a subscriber session comes in, GTP whitelisting will check the IMSI of the subscriber. if the IMSI is present in the whitelist and if there is a match to version 1, the session (100% of subscriber packets) will be forwarded to the tool port, GigaStream, or load balancing group specified in the whitelist map. If there is not a match to version 1, the next map is evaluated. If there is a match to version 2 in the next map, the session will be forwarded to the tool port, GigaStream, or load balancing group specified in the second whitelist map.
Note: Both maps can specify the same destination.
Rules can be added to, or deleted from, a whitelist map. Use the Add a Rule button to add a new whitelist rule (a pass rule). Click x to delete a rule. A rule in a whitelist map cannot be edited. To edit a rule, first delete it, then recreate it.
The default map configuration in which neither GTP version, EPC interface, or APN is specified in the map, continues to be supported. If the incoming IMSI matches an IMSI in the whitelist, the session will be sent to the tool port, GigaStream, or load balancing group specified in the whitelist map.
Whitelist maps cannot contain any other rules such as GigaSMART rules (gsrule), flow filtering rules (flowrule), or flow sampling rules (flowsample).
GTP whitelist-based forwarding is performed prior to GTP flow sampling (rule-based flow sampling) and GTP flow filtering.
Note: For GTP second level maps, a maximum of fifteen maps can be attached to a vport. For example, for the same vport you can have five whitelist maps and ten flow sampling maps, or ten whitelist maps, four flow sampling maps, and one flow filtering map. In addition, you can have a collector map, which is not counted.
For the steps to create a whitelist map with the UI, refer to the configuration example for whitelisting in GTP Whitelisting and GTP Flow Sampling Examples.
Changing the Priority of Whitelist Maps
Use the Priority field in the map to change the priority of whitelist maps.
Deleting Whitelist Maps
When a whitelist map is deleted, the priority of the remaining whitelist maps will be re-prioritized. For example, if the first whitelist map is deleted, the second whitelist map will increase in priority.
For the deleted whitelist map, the traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.
When a whitelist map is re-prioritized, the existing sessions will be reevaluated according to the new priority of the map. The traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.
When the last whitelist map is deleted, the traffic associated with the rules in the map will also be reevaluated before being passed to subsequent maps. But the traffic associated with the rules in maps that were not matched, will not be reevaluated because that traffic was already passed to subsequent maps.
Applying Whitelist
When a single whitelist entry is added, whitelisting is applied for new as well as existing subscribers. When a new whitelist file is fetched, whitelisting is applied only for new subscribers.
Whitelisted traffic is then sent to the port or load balancing group specified in the whitelist map.
Deleting an Entry from the Whitelist
Entries in the whitelist can be deleted one at a time. Each entry is a single IMSI.
When a whitelist entry is deleted, the session associated with the whitelist entry stays active and traffic is still sent to the whitelist map. The whitelist session will not be reevaluated or passed to subsequent maps.
To delete a single entry from the whitelist, select Individual Entry Operation, set Remove as the Operation Type, and enter the IMSI in the Individual IMSI Entry field.
Deleting Multiple Entries from the Whitelist
Multiple IMSIs can be deleted from the whitelist. Specify the IMSIs to be deleted in a whitelist file, which can contain up to 20,000 IMSIs.
Whitelist files must have a filename with a .txt suffix. To remove multiple entries from the whitelist, select Bulk Entry Operation and set Remove as the Operation Type.
Deleting the Whitelist
The entire whitelist can be deleted using one of the following two options:
|
•
|
Delete the whitelist by deleting all the IMSI entries. With this option, you do not have to delete the whitelist map, GigaSMART operation, or disassociate the GigaSMART group from the whitelist. To delete all the IMSI entries, select Delete All. |
|
•
|
Destroy the whitelist. With this option, you must first delete the whitelist map, GigaSMART operation, and disassociate the GigaSMART group from the whitelist before deleting the whitelist. |
Destroying a Whitelist
To destroy a whitelist, use the following sequence:
|
Task
|
UI Steps
|
|
Delete the whitelist map
|
|
1.
|
Select Maps > Maps > Map. |
|
2.
|
Select the whitelist map. |
|
|
Delete the GigaSMART Operation
|
|
1.
|
From the device view, select GigaSMART > GigaSMART Operation(s) > GigaSMART Operation. |
|
2.
|
Select the GigaSMART Operation. |
|
|
Disassociate the GigaSMART group from the whitelist. (You do not need to delete the GigaSMART group.)
|
|
1.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
2.
|
Select the GigaSMART group. |
|
4.
|
Under GigaSMART Parameters, go the GTP Whitelist and set GTP Whitelist Alias to None. |
|
|
Destroy (delete) the whitelist
|
|
1.
|
From the device view, select GigaSMART > GigaSMART GTP Whitelist. |
|
2.
|
Select the GTP Whitelist. |
|
GTP Whitelisting in a Cluster
The whitelist (all whitelist files) must reside on the master node of the cluster. The non-master nodes receive a copy of the whitelist from the master. Updates to the whitelist are synchronized from the master to the non-master nodes. If a non-master node leaves the cluster and rejoins, its whitelist will be resynchronized.
GigaVUE-HB1 nodes do not support GTP whitelisting in a cluster due to their limited storage. If there are GigaVUE TA Series nodes in the cluster, they will not receive a copy of the whitelist.
GTP Flow Sampling
GTP flow sampling samples a configured percentage of GTP sessions. GTP flow sampling uses map rules to select subscribers and then forward a percentage of the packets to tool ports.
Pass rules are defined in flow sampling maps. Each rule contains some combination of IMSI, IMEI, and MSISDN numbers or patterns, Evolved Packet Core (EPC) interface type, GTP version, Access Point Name (APN), or QoS Class Identifier (QCI), as well as a percentage to sample. The flow is sampled to see if it matches a rule. The percentage of the subscriber sessions matching each rule are selected.
Map rules specify the type of traffic to be flow sampled by that map. For each new session, map rules are evaluated in top-down order of decreasing priority. If there is a match, the indicated percentage of the subscriber session is either accepted or rejected. If accepted, the traffic is sent to the tool port or load balancing group specified in the map. If rejected, the traffic is dropped. If there is not a match to a rule, the traffic is passed to subsequent maps.
Starting in software version 4.6, GTP load balancing in a cluster is supported for GTP flow sampling. For an example of GTP load balancing in a cluster, refer to GTP Whitelisting and GTP Flow Sampling Examples.
About Flow Sampling Rules and Maps
Flow sampling rules are configured in maps called flow sampling maps. Up to ten (10) flow sampling maps per GigaSMART group are supported. Each flow sampling map supports up to 20 flow sampling rules, for a maximum of 200 rules per GigaSMART group.
GTP flow sampling (rule-based flow sampling) is performed after GTP whitelist-based forwarding but before GTP flow filtering. So, flow sampling maps have a priority lower than whitelist maps and higher than flow filtering maps.
Note: For GTP second level maps, a maximum of fifteen maps can be attached to a vport. For example, for the same vport you can have one whitelist map and ten flow sampling maps, or ten whitelist map, four flow sampling maps, and one flow filtering map. In addition, you can have a collector map, which is not counted.
In the flow sampling maps, the rules in the first map have a higher priority than the rules in the second, third, and subsequent maps. Within any single map, rules are evaluated in order.
Rules can be added to, deleted from, or inserted into a flow sampling map when the subtype selected for a Second Level map is Flow Sample. Suffix wildcarding, such as IMSI 100*, is supported in the flow sampling map rules.
Use the Add a Rule button in the Maps page to add a new flow sampling rule (a pass rule). Specify IMSI, IMEI, or MSISDN subscriber IDs, as well as the percentage of the flow to be sampled. The percentage is a range from 1 to 100%. Use 0% to drop sampled data.
A rule can specify other packet attributes, such as an EPC interface type or GTP version. An APN pattern can also be specified in a rule, either by itself or preceding the EPC interface or GTP version. A QCI value can be specified, but only in combination with an APN pattern.
EPC interface and GTP version are mutually exclusive. They can be specified in a flow sampling rule, but not both in a single rule. The supported interface types for filtering are: Gn/Gp, S11/S1-U, S5/S8, S10, or S2B. The supported versions for filtering are 1 or 2. For example, you can send version 1 traffic to one tool port and version 2 traffic to another tool port. For more information on interfaces, refer to Supported Interfaces.
For APN, specify a pattern (a name) to match, for example, three.co.uk. Wildcard prefixes and suffixes are supported, for example, *mobile.com or *ims*. The pattern can be specified in up to 100 case-insensitive alphanumeric characters and can include the following special characters: period (.), hyphen (-), and wildcard (*).
Note: APN is not supported on GigaVUE-HB1.
QCI is a mechanism used in Long Term Evolution (LF TE) networks to ensure bearer traffic is allocated to the appropriate Quality of Service (QoS). For QCI, specify a value from 0 to 255. Wildcard prefixes and suffixes are not supported.
Use APN and QCI to send traffic that matches a certain APN pattern or that belongs to a certain bearer with a certain QCI to specified tool ports, based on the sampling percentage.
Click the x next to a rule to delete a specific rule. Rules are identified by a priority ID, which indicates the order of rules in a flow sampling map. For example, if a map has 12 pass flow sampling rules, there will be 12 priority IDs. Figure 785: Flow Sampling Rules with Priorities shows rules in a Flow Sampling map and their priority IDs.
Figure 785: Flow Sampling Rules with Priorities
When creating Flow Sampling rules on the Maps page, the first rule created has the highest priority and the priority of subsequent rules is in the order that they are added. To change the priority of a Flow Sampling rule in a new map, do the following:
|
2.
|
Select the map and click Edit. |
|
3.
|
Enter a priority in the Priority field of each rule to order the rules in the map. (For details about map priority, refer to Map Priority) |
Note: A flow sampling map can contain only flowsampling rules. A flow sampling map cannot contain other GigaSMART rules (gsrule) or flow filtering rules (flowrule).
For configuration examples for flow sampling, refer to GTP Whitelisting and GTP Flow Sampling Examples.
Adding a Rule to a Flow Sampling Map
Flow sampling is applied for new subscribers. When a new rule is added to the rules in a flow sampling map, traffic will be sent to the port or load balancing group specified in the map.G
Deleting a Rule from a Flow Sampling Map
When a rule is deleted from a flow sampling map, the session associated with the rule stays active. The traffic associated with the rule will not be reevaluated by subsequent maps.
Changing the Priority of Flow Sampling Maps
Use the Priority field in the GTP map rule to set the priority of flow sampling maps.
Deleting a Flow Sampling Map
When a flow sampling map is deleted, the priority of the remaining flow sampling maps will be re-prioritized. For example, if the first flow sampling map is deleted, the second flow sampling map will increase in priority.
For the deleted flow sampling map, the traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.
When a flow sampling map is re-prioritized, the existing sessions will be reevaluated according to the new priority of the map. The traffic associated with the rules in the map will be reevaluated and then passed to subsequent maps.
When the last flow sampling map is deleted, the traffic associated with the rules in the map will also be reevaluated before being passed to subsequent maps. But the traffic associated with the rules in maps that were not matched, will not be reevaluated because that traffic was already passed to subsequent maps.
Flow-Ops Report Limitation for Multiple Flow Sampling Maps
The flow-ops report displays the flow sampling rule ID for sessions that have been accepted or rejected by the flow sampling map.
However, since rule IDs are not unique across maps, when there are multiple flow sampling maps, the flow-ops report is unable to identify the exact rule that the session matched. For example, with multiple flow sampling maps, each map can have a rule ID of 1. The rule ID will be identified in the flow-ops report, but not the map associated with it.
GTP Flow Sampling Percentage
The sampling Percentage field in a map for GTP flow sampling, represents the percentage of subscribers that will be sampled (not the sessions). For example, Figure 786: GTP Flow Sampling Percentage, shows a GTP flow sampling rule with the percentage set to 80.
Figure 786: GTP Flow Sampling Percentage
The GTP correlation engine tracks all of the subscribers and all of their sessions that it sees on the network. In this example, for those subscribers with an IMSI starting with the value 46*, the GTP correlation engine keeps a list of them and randomly selects 80% of those subscribers and sets them to be in the sample, which means that a tool port (or load balanced group) will see 100% of the packets for 100% of the sessions for those randomly selected 80% of subscribers.
For the other 20% of subscribers, the GTP correlation engine continuously tracks those subscribers through the network, but does not send any packets to the tool port (or load balanced group).
Refer to the GTP flow sampling configuration examples in GTP Whitelisting and GTP Flow Sampling Examples.
Dropping Unmatched Traffic
When a session matches one of the configured flow sampling rules, it is either accepted for sampling or rejected.
If it is accepted, all packets belonging to that GTP session are sent to the tool port or ports specified in the flow sampling maps. If a subscriber is in the sample, then both the control plane packets and the user-data plane packets are sent to the tools.
If it is rejected, all packets belonging to the session are dropped. If the subscriber is not in the sample, then neither the control plane packets nor the user-data plane packets are sent to the tools.
Control plane (GTP-c) and user-data plane (GTP-u) traffic are treated the same. For a matching session, all the control plane and user-data plane traffic will be accepted. Otherwise, all the control plane and user-data plane traffic will be rejected and dropped. Instead, to enable or disable GTP control plane traffic sampling, refer to Enabling or Disabling GTP Control Plane Traffic Sampling.
Enabling or Disabling GTP Control Plane Traffic Sampling
GTP control plane (GTP-c) traffic is typically a small percentage of total GTP traffic, but it contains useful information for analytics. Therefore, it is not always expedient to drop control plane traffic for sampled sessions.
Subscriber traffic by IMSI can be sampled such that network traffic for a subset of mobile subscribers can be selected to be sent to network monitoring tools. In some cases, network monitoring tools will want to see GTP control plane and GTP user plane traffic for a percentage of the subscribers. In other cases, network monitoring tools will want to see all of the GTP control plane traffic, but see only the GTP user plane traffic for the sampled percentage of subscribers.
Starting in software version 4.5, all control plane traffic for all subscribers will be sent to tools if GTP control plane traffic sampling is disabled. When disabled, 100% of the control traffic that matches any of the flow sampling rules will be sent to the tool ports specified in the flow sampling maps. Control traffic for both accepted and rejected sessions will be sent to the tool ports.
When GTP control plane traffic sampling is enabled, GTP-c packets will be sampled and only the indicated percentage of the control traffic that matches any of the flow sampling rules will be sent to the tool ports specified in the flow sampling maps, as described in GTP Flow Sampling Percentage.
The default is enable.
To disable sampling of GTP-c traffic, which enables 100% of control plane traffic, select GigaSMART > GigaSMART Groups > GigaSMART Groups. Under GigaSMART Parameters, go to GTP Sampling and make sure that GTP Control Sampling is not selected.
To enable sampling of GTP-c traffic, which enables 100% of control plane traffic, select GigaSMART > GigaSMART Groups > GigaSMART Groups. Under GigaSMART Parameters, go to GTP Sampling and make sure that GTP Control Sampling is selected as shown in Figure 787: GTP Control Sampling Enabled. This setting applies to all the flow sampling maps for a GigaSMART group.
Figure 787: GTP Control Sampling Enabled
GTP Subscriber Aware Random Sampling
GTP Random Sampling allows to randomly sample all the subscriber’s IMSI on a rotational basis. Based on the configured sampling percentage, the selected sessions are either sampled in or out. The correlation engine takes the configurable interval as an input to rotate the random selection of each of the subscriber’s sessions.
The configurable interval is a minimum of 12 hours and a maximum of 48 hours. Each GigaSMART node must be synchronized with an NTP/PTP server, as UTC time is involved in the random selection of the subscriber’s sessions.
Note: This feature is effective for a new subscriber’s sessions after enabling the random sampling.
The Map rules in the GTP random sampling are similar to GTP Flow Sampling. For more information refer to
To enable GTP Random Sampling, select GigaSMART > GigaSMART Groups. Under GigaSMART Parameters, go to GTP and select GTP Random Sampling check box. Enter the time in Rotation Interveral in multiples of 12 hours.
GTP Whitelisting and GTP Flow Sampling Examples
Refer to the following examples:
Example 1: GTP Whitelisting
Example 1 is a GTP whitelisting configuration example. Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a port.
|
Task
|
Description
|
UI Steps
|
|
|
Configure a GigaSMART group and associate it with a GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
|
|
Create the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GTP Whitelist. |
|
c.
|
Type an alias in the Alias field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in Task 1. |
|
|
|
Fetch whitelist files from a specified location to populate the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Bulk Upload. |
|
b.
|
Select Bulk Entry Operation for IMSI Upload Type |
|
c.
|
Select Upload from URL from the Bulk Upload Type list. |
|
d.
|
Enter the URL in the Enter Remote URL field. For example, http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx |
|
|
|
Associate the GigaSMART group to the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups |
|
b.
|
Select the GigaSMART Group created in Task 1 and click Edit. |
|
c.
|
Type an alias in the Alias field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
e.
|
Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 3. |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations > GigaSMART Operation. |
|
c.
|
Type an alias in the Alias field. For example, GTP-Whitelist. |
|
d.
|
Select the GigaSMART group created in task 1. |
|
e.
|
From the GigaSMART Operations (GSOP) drop-down list, select the following: |
|
-
|
GTP Whitelist and select Enabled. |
|
f.
|
For Load Balancing, do the following: |
|
-
|
Choose Hashing for the metric and select IMSI |
|
|
|
Configure three first level maps.
Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
|
|
a.
|
Configure the first map as follows: |
|
-
|
Type and subtype: First Level By Rule |
|
-
|
Source: network port or ports |
|
-
|
Destination: virtual port created in Task 2. |
|
-
|
Rule: Pass, Bi Directional, Port Destination 2123 |
|
-
|
Map Permissions: Select current user’s group for Owner |
|
b.
|
Configure the second map as follows: |
|
-
|
Type and subtype: First Level By Rule |
|
-
|
Source: Same network port or ports as first map. |
|
-
|
Destination: virtual port created in Task 2. |
|
-
|
Rule: Pass, Bi Directional, Port Destination 2152 |
|
-
|
Map Permissions: Select current user’s group for Owner |
|
c.
|
Configure the third map as follows: |
|
-
|
Alias: Fragments-Not-First |
|
-
|
Type and subtype: First Level By Rule |
|
-
|
Source: Same network port or ports as first map |
|
-
|
Destination: virtual port created in Task 2 |
|
-
|
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst |
|
-
|
Map Permissions: Select current user’s group for Owner |
|
|
|
Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a port.
|
|
1.
|
Configure the second level map as follows: |
|
•
|
Type and subtype: Second Level By Rule |
|
•
|
Source: virtual port created in Task 2 |
|
•
|
Destination: select a tool port |
|
•
|
GSOP: GigaSMART Operation created in Task 6 |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
Example 2: GTP Whitelisting with Multiple Maps
Example 2 is a GTP whitelisting configuration example that includes multiple GTP whitelisting maps, which provide a more granular selection of tool ports.
Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not-First) and then to the virtual port (vport1). Two whitelist maps are configured. The first map specifies a rule for version 1 traffic. The second map specifies a rule for version 2 traffic.
|
Task
|
Description
|
UI Steps
|
|
|
Configure a GigaSMART group and associate it with a GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an gsg1 in the Alias field and enter an engine port in the Port List field, for example 10/7/e1. |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
c.
|
Type vport1 in the Alias field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
|
|
Create the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GTP Whitelist. |
|
c.
|
Type an MyIMSIs in the Alias field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in Task 1. |
|
|
|
Fetch whitelist files from a specified location to populate the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Bulk Upload. |
|
b.
|
Select Bulk Entry Operation for IMSI Upload Type |
|
c.
|
Select Upload from URL from the Bulk Upload Type list. |
|
d.
|
Enter the URL in the Enter Remote URL field. For example, http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx |
|
|
|
Associate the GigaSMART group to the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
b.
|
Select the GigaSMART Group created in Task 1 and click Edit. |
|
c.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
d.
|
Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 3. |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations > GigaSMART Operation. |
|
c.
|
Type gtp-whitelist in the Alias field. |
|
d.
|
Select the GigaSMART group created in task 1. |
|
e.
|
From the GigaSMART Operations (GSOP) drop-down list, select the following: |
|
-
|
GTP Whitelist and select Enabled. |
|
f.
|
For Load Balancing, do the following: |
|
-
|
Choose Hashing for the metric and select IMSI |
|
|
|
Configure three first level maps.
Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
|
Configure the first map.
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type: First Level, Sub Type: By Rule |
|
•
|
Source: 8/1/x40, 8/1/x6 |
|
•
|
Select Pass and Bi Directional |
|
•
|
Select Port Destination for the rule |
Configure the second map.
|
•
|
Type: First Level, Sub Type: By Rule |
|
•
|
Source: 8/1/x40, 8/1/x6 |
|
•
|
Select Pass and Bi Directional |
|
•
|
Select Port Destination for the rule |
Configure the second map.
|
•
|
Alias: Fragment-Not-First |
|
•
|
Type: First Level, Sub Type: By Rule |
|
•
|
Source: 8/1/x40, 8/1/x6 |
|
•
|
Select Port IPv4 Fragmentation for the rule |
|
•
|
Select allFragNoFirst for Value |
|
|
|
Configure one second level map for GTP whitelisting, the first whitelist map. If there is a match to version 1 and if the IMSI is present in the whitelist (MyIMSIs), it is forwarded to the specified port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Alias: GTP-Whitelist_v1 |
|
•
|
Type: Second Level, Sub Type: Flow Whitelist |
|
•
|
Select gtp-whitelist from the GSOP list. |
|
|
|
Configure another second level map for GTP whitelisting, the second whitelist map. If there is a match to version 2 and if the IMSI is present in the whitelist (MyIMSIs), it is forwarded to the specified port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Alias: GTP-Whitelist_v2 |
|
•
|
Type: Second Level, Sub Type: Flow Whitelist |
|
•
|
Select gtp-whitelist from the GSOP list. |
|
Example 3: GTP Flow Sampling
Example 2 is a GTP flow sampling configuration example. Traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). The traffic flow is sampled based on the rules in one flow sampling map (GTP-Sample-01). The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to a port. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps.
|
Task
|
Description
|
UI Steps
|
|
|
Configure a GigaSMART group and associate it with a GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
b.
|
In the Alias field, type an alias for this virtual port. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
|
|
Configure three first level maps.
Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
|
|
a.
|
Configure the first map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: network port or ports |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2123 |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
b.
|
Configure the second map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network port or ports as first map. |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2152 |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
c.
|
Configure the third map as follows: |
|
•
|
Alias: Fragments-Not-First |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network port or ports as first map |
|
•
|
Destination: virtual port created in Task 2 |
|
•
|
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
|
|
Configure the GigaSMART operation for GTP flow sampling.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operations. |
|
c.
|
Type an alias in the Alias field. For example, GTP-Whitelist. |
|
d.
|
Select the GigaSMART group created in task 1. |
|
e.
|
From the GigaSMART Operations (GSOP) drop-down list, select the following: |
|
•
|
GTP Whitelist and select Enabled. |
|
f.
|
For Load Balancing, do the following: |
|
c.
|
Choose Hashing for the metric and select IMSI |
|
|
|
Configure a second level map for GTP flow sampling, the flow sampling map. The traffic flow is sampled based on the rules in this map.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Sample-01 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype. |
|
•
|
Select the virtual port configured in Task 2 for the Source |
|
•
|
Select a tool port for the Destination |
|
•
|
Select the GigaSMART Operation configured in Task for from the GSOP list |
|
d.
|
Use the Add a Rule button to create the following flow sampling rules: |
|
•
|
Percentage to 50, IMEI 01416800* |
|
•
|
Percentage to 80, IMSI 46* |
|
•
|
Percentage to 25, MSISDN 1509* |
|
•
|
Percentage to 15, IMSI 01400* |
|
•
|
Percentage to 20, IMSI, 31*, MSISDN 1909* |
|
Example 4: GTP Whitelisting, GTP Flow Sampling, and Load Balancing
Example 4 combines the GTP whitelisting configuration from Example 1 with the GTP flow sampling configuration from Example 3, and adds GigaSMART load balancing.
In Example 4, traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not-First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to the port group (PG-Whitelist) for load balancing.
Note: In Example 4, the tool ports in the port group are on the same node as the GigaSMART group and GigaSMART operation.
If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in the flow sampling map (GTP-Sample-01). The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to the port group (PG-Sample) for load balancing. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps.
|
Task
|
Description
|
UI Steps
|
|
|
Create port groups and specify the tool ports and enable load balancing.
|
|
a.
|
Select Ports > Port Groups > All Port Groups. |
|
c.
|
Type PG-Whitelist in the Alias field. |
|
d.
|
Select SMART Load Balancing |
|
e.
|
Click in the Ports field and select the tool ports for the port group. |
|
g.
|
Repeat steps 2 through 6, to create a port group with the alias PF-Sample. |
|
|
|
Configure a GigaSMART group and associate it with a GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
b.
|
In the Alias field, type an alias for this virtual port. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
d.
|
From the GigaSMART Groups drop-down list, select the GigaSMART group created in task 1. |
|
|
|
Configure three first level maps.
Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
|
|
a.
|
Configure the first map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: network port or ports |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2123 |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
b.
|
Configure the second map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network port or ports as first map. |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2152 |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
c.
|
Configure the third map as follows: |
|
•
|
Alias: Fragments-Not-First |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network port or ports as first map |
|
•
|
Destination: virtual port created in Task 2 |
|
•
|
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst |
|
•
|
Map Permissions: Select current user’s group for Owner |
|
|
|
Create the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GTP Whitelist. |
|
c.
|
Type an Alias for the Whitelist in the Alias field. For example, MyIMSIs |
|
|
|
Fetch whitelist files from a specified location to populate the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Bulk Upload. |
|
b.
|
Select Bulk Entry Operation for IMSI Upload Type |
|
c.
|
Select Upload from URL from the Bulk Upload Type list. |
|
d.
|
Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx |
|
|
|
(Optional) Add a single IMSI to the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Individual Entry Operation. |
|
b.
|
Select Append for Operation Type |
|
c.
|
Enter the IMSI entry in the Individual IMSI Entry field. |
|
|
|
Associate the GigaSMART group to the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an alias in the Alias field. |
|
d.
|
Under GTP Whitelist, click on the GTP Whitelist Alias field and select the alias from Task 5. |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP)> GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list. |
|
d.
|
Type an alias in the Alias field. For example, gtp-whitelist. |
|
e.
|
Select GTP Whitelist from the GigaSMART Operations (GSOP) list. |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (MyIMSIs), it is forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type an name in the Alias field. For example GTP-Whitelist. |
|
•
|
Select Second Level for Type |
|
•
|
Select By Rule for Subtype |
|
•
|
Select the GigaSMART Operation configured in Task 9 from the GigaSMART Operations (GSOP) list. |
|
•
|
Select the virtual port configured in Task 3 for Source |
|
•
|
Select PG-Whitelist for Destination |
|
|
|
Configure the GigaSMART operation for GTP flow sampling.
|
|
e.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
g.
|
Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list. |
|
h.
|
Type an alias in the Alias field. For example, gtp-flowsample. |
|
i.
|
Select Flow Sampling from the GigaSMART Operations (GSOP) list. |
|
j.
|
Select Flow Sampling-GTP. |
|
k.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
|
|
Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type an name in the Alias field. For example GTP-Sample-01. |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype |
|
•
|
Select the GigaSMART operation for flow sampling configured in Task 11 from the GSOP list. |
|
•
|
Select the virtual port configured in Task 3 for Source |
|
•
|
Select PG-Sample for Destination |
|
d.
|
Create the following flow sample rules: |
|
•
|
Percentage 50, IMEI 01416800*, IMSI 31* |
|
•
|
Percentage 80, IMSI 46* |
|
•
|
Percentage 25, MSISDN 1509* |
|
•
|
Percentage 15, IMEI 01400*, imsi 31* |
|
•
|
Percentage 20, IMSI 31*, MSISDN 1909* |
|
Example 5: GTP Flow Sampling with Multiple Maps
Example 5 includes multiple GTP flow sampling maps, which provide a more granular selection of tool ports for flow sampling.
In Example 5, traffic from network ports go to the three first level maps (GTP-Control, GTP-User, and Fragments-Not_First) and then to the virtual port (vport1). If there is a match to an IMSI in the whitelist (VoLTE_1MM), it is forwarded to the port-group (PG-Whitelist-1) for load balancing.
Note: In Example 5, the tool ports in the port group are on the same node as the GigaSMART group and GigaSMART operation.
If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in the four flow sampling maps (GTP-Sample-1 to GTP-Sample-4).
The flow sampling rules in each map specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample. Packets are then accepted or rejected. Accepted packets are forwarded to the port-group (PG-Sample-1 to PG-Sample-4) for load balancing. Rejected packets are dropped. Packets that do not match a rule will be passed to subsequent maps, in this example, to a shared collector.
|
Task
|
Description
|
UI Steps
|
|
|
Create port groups, specifying the tool ports and enabling load balancing.
|
|
a.
|
Select Ports > Port Groups > All Port Groups. |
|
c.
|
Type PG-Sample-1 in the Alias field. |
|
d.
|
Select SMART Load Balancing |
|
e.
|
Click in the Ports field and select the tool ports for the port group. |
|
g.
|
Repeat steps 2 through 6, to create a port groups with the aliases |
|
|
|
Configure a GigaSMART group and associate it with a GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an alias in the Alias field and enter an engine port in the Port List field. |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
b.
|
Type vport1 in the Alias field. |
|
c.
|
Select the GigaSMART Groups created in Task 2 from the GigaSMART Group list. |
|
|
|
Configure three first level maps.
Note: In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic.
|
|
a.
|
Configure the first map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: network ports (for example, 10/1/x5, 10/3/x1,10/6/q1) |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2123 |
|
b.
|
Configure the second map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network ports as first map. |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule: Pass, Bi Directional, Port Destination 2152 |
|
c.
|
Configure the third map as follows: |
|
•
|
Alias: Fragments-Not-First |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: Same network ports as first map |
|
•
|
Destination: virtual port created in Task 2 |
|
•
|
Rule: Pass, IPv4 Fragmentation and select allFragNoFirst |
|
|
|
Create the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GTP Whitelist. |
|
c.
|
Enter VoLTE_1MM in the Alias field. |
|
|
|
Fetch whitelist files from a specified location to populate the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Bulk Upload. |
|
b.
|
Select Bulk Entry Operation for IMSI Upload Type |
|
c.
|
Select Upload from URL from the Bulk Upload Type list. |
|
d.
|
Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx |
|
|
|
(Optional) Add a single IMSI to the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Individual Entry Operation. |
|
b.
|
Select Append for Operation Type |
|
c.
|
Enter the IMSI entry in the Individual IMSI Entry field. |
|
|
|
Associate the GigaSMART group to the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups |
|
c.
|
Type gsg1 in the Alias field. |
|
d.
|
Under GTP Whitelist, click on the GTP Whitelist Alias field and select VolTE_1MM. |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group gsg1 created in Task 8 from the GigaSMART Groups list. |
|
d.
|
Enter gtp-whitelistl in the Alias field. |
|
e.
|
Select GTP Whitelist from the GigaSMART Operations (GSOP) list |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to an IMSI in the whitelist (VoLTE_1MM), it is forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Enter GTP-Whitelist in the Alias field. |
|
•
|
Select Second Level for Type |
|
•
|
Select By Rule for Subtype |
|
•
|
Select gtp-whitelist from the GSOP list. |
|
•
|
Select the virtual port vport1 configured in Task 3 for Source |
|
•
|
Select port group PG-Whitelist-2 for Destination |
|
|
|
Configure the GigaSMART operation for GTP flow sampling.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group created in Task 8 from the GigaSMART Groups list. |
|
d.
|
Enter gtp-flowsample-1 in the Alias field. |
|
e.
|
Select Flow Sampling from the GigaSMART Operations (GSOP) list and then select the Flow Sampling-GTP option. |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP flow sampling, the first flow sampling map. This map has 12 rules.
Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Sample-1 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype. |
|
•
|
Select the virtual port vport1 configured in Task 3 for the Source |
|
•
|
Select a port grroup PG-Sampl-1 for the Destination |
|
•
|
Select the GigaSMART Operation configured in Task for from the GSOP list |
|
d.
|
Use the Add a Rule button to create the following flow sampling rules: |
|
•
|
Percentage 75, IMSI 3182609833*, IMEI 35609506* |
|
•
|
Percentage 10, IMSI 3182609834*, IMEI 3560950* |
|
•
|
Percentage 20, IMSI 31826098350*, IMEI 356095* |
|
•
|
Percentage 20, IMSI 31826098351*, IMEI 35609* |
|
•
|
Percentage 20, IMSI 31826098352*, IMEI 3560* |
|
•
|
Percentage 20, IMSI 31826098353*, IMEI 356* |
|
•
|
Percentage 20, IMSI 31826098354*, IMEI 35* |
|
•
|
Percentage 20, IMSI 31826098355*, IMEI 31* |
|
•
|
Percentage 20, IMSI 31826098356*, IMEI 356095* |
|
•
|
Percentage 20, IMSI 31826098356*, IMEI 356095* |
|
•
|
Percentage 20, IMSI 31826098357*, IMEI 3560* |
|
•
|
Percentage 20, IMSI 31826098358*, IMEI 35* |
|
•
|
Percentage 20, IMSI 31826098359*, IMEI 356095* |
|
|
|
Configure a second level map for GTP flow sampling, the second flow sampling map. This map has 12 rules.
Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Sample-2 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype. |
|
•
|
Select the virtual port vport1 configured in Task 2 for the Source |
|
•
|
Select a tool port group PG-Sample-2 for the Destination |
|
•
|
Select flow-sample-1 configured in Task 11 for from the GSOP list |
|
d.
|
Use the Add a Rule button to create the following flow sampling rules: |
|
•
|
Percentage 30, IMSI 3182609836*, IMEI 35609506* |
|
•
|
Percentage 5, IMSI 3182609837*, IMEI 356095062* |
|
•
|
Percentage 50, IMSI 31826098380*, IMEI 356095062* |
|
•
|
Percentage 50, IMSI 31826098381*, IMEI 35609506* |
|
•
|
Percentage 50, IMSI 31826098382*, IMEI 3560950* |
|
•
|
Percentage 50, IMSI 31826098383*, IMEI 356095* |
|
•
|
Percentage 50, IMSI 31826098384*, IMEI 35* |
|
•
|
Percentage 50, IMSI 31826098385*, IMEI 356* |
|
•
|
Percentage 50, IMSI 31826098386*, IMEI 3560* |
|
•
|
Percentage 50, IMSI 31826098387*, IMEI 35609* |
|
•
|
Percentage 50, IMSI 31826098388*, IMEI 356095* |
|
•
|
Percentage 50, IMSI 31826098389*, IMEI 3560950* |
|
|
|
Configure a second level map for GTP flow sampling, the third flow sampling map. This map has 5 rules.
Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Sample-3 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype |
|
•
|
Select the virtual port vport1 configured in Task 3 for the Source |
|
•
|
Select a port group PG-Sample-3 port for the Destination |
|
•
|
Select flow-sample-1 configured in Task 11 for from the GSOP list |
|
d.
|
Use the Add a Rule button to create the following flow sampling rules: |
|
•
|
Percentage 10, IMSI 31826098390*, IMEI 35609506* |
|
•
|
Percentage 10, IMSI 31826098391*, IMEI 35609506* |
|
•
|
Percentage 10, IMSI 31826098392*, IMEI 35609506* |
|
•
|
Percentage 10, IMSI 31826098393*, IMEI 35609506* |
|
•
|
Percentage 10, IMSI 31826098394*, IMEI 35609506* |
|
|
|
Configure a second level map for GTP flow sampling, the fourth flow sampling map. This map has one rule.
Traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to a load balancing port group.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Sample-4 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype |
|
•
|
Select the virtual port vport1 configured in Task 3 for the Source |
|
•
|
Select a tool port for the Destination |
|
•
|
Select flow-sample-1 configured in Task 11 for from the GSOP list |
|
d.
|
Use the Add a Rule button to create the following flow sampling rule: |
|
•
|
Percentage 10, IMSI 31826098429*, IMEI 35609506* |
|
|
|
Configure a collector map for any packets that do not match other rules.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type GTP-Collector in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Collector for Subtype |
|
•
|
Select the virtual port vport1 configured in Task 3 for the Source |
|
Displaying GTP Flow Ops Report Statistics
To display GTP statistics, select GigaSMART > GigaSMART Operations (GSOP) > Statistics.
Refer to Flow Ops Report Statistics Definitions for GTP on page 635 for descriptions of these statistics.
Example 6: APN for GTP Whitlelisting, GTP Flow Sampling
Example 7 specifies APN patterns for GTP whitelisting and GTP flow sampling.
In Example 7, traffic from network ports go to the two first level maps (gtp_to_v1_c and gtp_to_v1_u) and then to the virtual port (v1).
In the whitelist map, if there is a match to the APN pattern and if the IMSI is present in the whitelist (IMSI), packets are forwarded to a tool port.
If there is not a match to an IMSI in the whitelist, the traffic is flow sampled based on the APN pattern in the flow sampling map. Accepted packets are forwarded to the same tool port as specified in the whitelist map.
Any unmatched traffic goes to a shared collector that sends it to a different tool port.
|
Task
|
Description
|
UI Steps
|
|
|
Configure a network port and two tool ports and enable them.
|
|
a.
|
Select Ports > Ports > All Ports. |
|
b.
|
Click Quick Port Editor. |
|
c.
|
Configure a network port. Port 22/3/x3 in this example. |
|
d.
|
Configure two tool ports. Port 22/4/x18 and 22/4/x19 in this example. |
|
e.
|
Admin enable the ports by selecting Enable for each port. |
|
|
|
Configure a GigaSMART group and associate it with two GigaSMART engine port.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type an gsg2 in the Alias field. |
|
d.
|
In the Port List field, select the engine ports, which are 22/2/e1 and 22/2/e2 in this example |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
b.
|
Type v1 in the Alias field. |
|
c.
|
Select the GigaSMART Group created in Task 2 from the GigaSMART Group list. |
|
|
|
Configure two first level maps, one for control traffic and one for user traffic.
|
|
a.
|
Configure the first map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule 1: Pass, Bi Directional, Port Destination 2123 |
|
•
|
Rule 2: Pass, Bi Directional, Port Destination 2122 |
|
b.
|
Configure the second map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Destination: virtual port created in Task 2. |
|
•
|
Rule 1: Pass, Bi Directional, Port Destination 2152 |
|
•
|
Rule 1: Pass, Bi Directional, IPv4 Fragmentation, Value: allFragNoFirst. |
|
|
|
Create the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GTP Whitelist. |
|
c.
|
Enter gtp-whitelist in the Alias field |
|
|
|
Fetch whitelist files from a specified location to populate the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Bulk Upload. |
|
b.
|
Select Bulk Entry Operation for IMSI Upload Type |
|
c.
|
Select Upload from URL from the Bulk Upload Type list. |
|
e.
|
Enter the URL in the Enter Remote URL field. For example,
http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.tx |
|
|
|
(Optional) Add a single IMSI to the GTP whitelist.
|
|
a.
|
On the GTP Whitelist page, select Individual Entry Operation. |
|
b.
|
Select Append for Operation Type |
|
c.
|
Enter the IMSI entry in the Individual IMSI Entry field. |
|
|
|
Associate the GigaSMART group to the GTP whitelist.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups |
|
b.
|
Select GS Group gsg2 created in Task 2 and click Edit |
|
c.
|
Under GTP Whitelist, click on the GTP Whitelist Alias field and select gtp-whitelist |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group gsg2 created in Task 2 and associated with the GTP whitelist in Step 8. |
|
d.
|
Enter gtp-correlat_gsp_wl in the Alias field. |
|
e.
|
Select GTP Whitelist from the GigaSMART Operations (GSOP) list |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to the APN pattern and if IMSI is present in the whitelist (IMSI), it is forwarded to a tool port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Enter GTP-Whitelist in the Alias field. |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Whitelist for Subtype |
|
•
|
Select gtp-correlate_gsg_wl from the GSOP list. |
|
•
|
Select the virtual port v1 configured in Task 3 for Source |
|
•
|
Select 22/4/x18 for Destination |
|
•
|
Rule 1: GTP, APN: mobile.com |
|
|
|
Configure the GigaSMART operation for GTP flow sampling.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group gsg2 created in Task 2 and associated with the GTP whitelist in Step 8. |
|
d.
|
Enter gtp-correlat_gsp_fs in the Alias field. |
|
e.
|
Select GTP Whitelist from the GigaSMART Operations (GSOP) list |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the APN pattern in this map. Accepted packets are forwarded to the same tool port as specified in the whitlelist map
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type from_vp_fs1 in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Flow Sample for Subtype. |
|
•
|
Select the virtual port v1 configured in Task 3 for the Source |
|
•
|
Select a 22/4/x18 for the Destination |
|
•
|
Select the GigaSMART Operation gtp-correlate_gsg_fs |
|
•
|
Rule 1: GTP, Percentage: 100, APN: imsi* |
|
|
|
Add a shared collector for any unmatched traffic from the virtual port and send it to a different tool port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type from_vp_scoll in the Alias field |
|
•
|
Select Second Level for Type |
|
•
|
Select Collector for Subtype |
|
•
|
Select the virtual port v1 configured in Task 3 for the Source |
|
Example 7: APN for FTP Whitelisting, APN and QCI for GTP Flow Sampling
Example 6 specified APN patterns for GTP whitelisting and GTP flow sampling. It also specifies QCI for GTP flow sampling.
In Example 7, traffic from network ports go to the two first level maps (gtp_to_v1_c and gtp_to_v1_u) and then to the virtual port (v1).
In the whitelist map, if there is a match to the APN pattern and if the IMSI is present in the whitelist (IMSI), packets are forwarded to a tool port.
If there is not a match to an IMSI in the whitelist, the traffic is flow sampled based on the APN pattern and QCI value in the flow sampling map. Accepted packets are forwarded to the same tool port as specified in the whitelist map. Only 50% of traffic with QCI 5 is sent to the tool port.
Any unmatched traffic goes to a shared collector that sends it to a different tool port.
|
Task
|
Description
|
UI Steps
|
|
|
Configure a network port and two tool ports and enable them.
|
|
a.
|
Select Ports > Ports > All Ports. |
|
b.
|
Click Quick Port Editor. |
|
c.
|
Select a port (for example, 22/2/x3) and set Type to Network. |
|
d.
|
Select a port (for example, 22/2/x18) and set Type to Tool |
|
e.
|
Select a second port (for example, 22/2/x19) and set Type to Tool. |
|
f.
|
Select Enable for Admin on the network and two tool ports. |
|
|
|
Configure a GigaSMART group and associate it with two GigaSMART engine ports
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups > GigaSMART Groups. |
|
c.
|
Type gsg2 in the Alias field. |
|
d.
|
Click in the Port List field and select two engine ports. For example, 22/2/e1 and 22/2/e2 |
|
|
|
Create a virtual port.
|
|
a.
|
From the device view, select GigaSMART > Virtual Ports. |
|
b.
|
Type v1 in the Alias field. |
|
c.
|
Click in the GigaSMART Group field and select the GigaSMART Group created in Task 2. |
|
|
|
Configure two first level maps, on for control traffic and one for user traffic
|
|
a.
|
Configure the first map as follows: |
|
•
|
Type and Subtype: First Level By Rule |
|
•
|
Traffic Type: select Control |
|
•
|
Source: 22/2/3/x3 (network port created in Task 1) |
|
•
|
Destination: v1 (virtual port created in Task 3) |
|
•
|
Rule 1: Pass, Bi Directional, Port Destination 2123 |
|
•
|
Rule 2: Pass, Bi Directional, Port Destination 2122 |
|
b.
|
Configure the second map as follows: |
|
•
|
Type and subtype: First Level By Rule |
|
•
|
Source: 22/2/3/x3 (network port created in Task 1) |
|
•
|
Destination: v1 (virtual port created in Task 3) |
|
•
|
Rule 1: Pass, Bi Directional, Port Destination 2152 |
|
•
|
Rule 2: Pass, Bi Directional, IPv4Fragmentation allFragNoFirst |
|
|
|
Associate the GigaSMART group to the active GTP Whitelist
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Groups. |
|
b.
|
Select the GigaSMART Group created in Task 1 and click Edit. |
|
c.
|
Locate the GTP Whitelist param, and enter the alias of whitelist in the GTP Whitelist Alias field. For example, IMSI. |
|
d.
|
Save the GigaSMART Group. |
|
|
|
Configure the GigaSMART operation for GTP whitelisting.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group gsg1 created in Task 2 from the GigaSMART Groups list. |
|
d.
|
Enter gtp-correlate_gsp_wl in the Alias field. |
|
e.
|
Select GTP Whitelist from the GigaSMART Operations (GSOP) list |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP whitelisting, the whitelist map. If there is a match to the APN pattern and if the IMSI is present in the whitelist
(IMSI), packets are forwarded to a tool port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type an Subtype: Second Level Flow Whitelist |
|
•
|
Source: v1 (virtual port created in Task 3) |
|
•
|
GSOP: gtp-corelate_gsg_wl |
|
•
|
Select gtp-whitelist from the GSOP list. |
|
•
|
Rule: GTP, APN: mobile.com |
|
|
|
Configure the GigaSMART operation for GTP flow sampling.
|
|
a.
|
From the device view, select GigaSMART > GigaSMART Operations (GSOP) > GigaSMART Operation. |
|
c.
|
Select the GigaSMART Group created in Task 2 from the GigaSMART Groups list. |
|
d.
|
Enter gtp-corelate_gsg_fs in the Alias field. |
|
e.
|
Select Flow Sampling from the GigaSMART Operations (GSOP) list and then select the Flow Sampling-GTP option. |
|
f.
|
Select Load Balancing from the GigaSMART Operations (GSOP) list. |
|
g.
|
Configure Load Balancing as follows: |
|
|
|
Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the APN pattern in this map. Accepted packets are forwarded to the same tool port as specified in the whitelist map.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type and Subtype: Second Level Flow Sample |
|
•
|
GSOP: gtp-corelate_gsg_fs |
|
•
|
Rule 1: GTP, APN: *imsi*, QCI: 5, Percentage: 50 |
|
•
|
Rule: 2: GTP, IMSI: ims*, Percentage 100 |
|
|
|
Add a shared collector for any unmatched traffic from the virtual port and send it to a different tool port.
|
|
a.
|
Select Maps > Maps > Maps. |
|
•
|
Type and Subtype: Regular Collector |
|
MORE INFORMATION 
