GigaSMART GTP Overlap Flow Sampling Maps

Starting in software version 4.8, GTP overlap flow sampling maps combine GTP whitelisting and GTP flow sampling maps into a new GTP overlap flow sampling map group, which allows for selected traffic to be sent to multiple destinations simultaneously.

In this scenario, once traffic matches a map, it will be sent to the destination for that map. However, the matched traffic will also be evaluated by subsequent maps and, if a match occurs, it will be sent to each of the destinations pointed to by the subsequent maps.

Example 1: GTP Overlap Mode

Example 1 is a GTP overlap flow sampling map example.

In Example 1, traffic from a single network port goes to a single first level map (mapLevel1-GTP) which directs GTP-Control and GTP-User traffic to virtual port (VP31). Traffic from VP31 is replicated to two GTP whitelisting maps (WLMAP1 and WLMAP2) and two GTP flow sampling maps (FSMAP1 and FSMAP2), which then forward accepted traffic to the final port-group destinations, pg1 and pg2, for load balancing (refer to 1 GTP Overlap Mode Example 1).

 

1

GTP Overlap Mode Example 1

Note:  In Example 1, the tool ports and GigaStream in the port group are on the same node as the GigaSMART group and GigaSMART operation.

Within each GTP whitelisting and flow sampling pair, if there is not a match to an IMSI in the whitelist map, the traffic flow is sampled based on the rules in the flow sampling map. The flow sampling rules specify IMSI, IMEI, and MSISDN numbers, as well as the percentage to sample.

Within each map pair, packets are then accepted or rejected. Accepted packets are forwarded to the port groups for load balancing. Rejected packets are dropped.

Use the steps in the following CLI table to configure Example 1.

Step	Description	Command
1.	Create GigaStream that will be part of the port groups.	(config) # gigastream alias gs1 port-list 1/1/x16..x17 (config) # gigastream alias gs2 port-list 1/1/x1..x2
2.	Create port groups and specify the tool ports.	(config) # port-group alias pg1 port-list 1/1/x6..x7 (config) # port-group alias pg2 port-list 1/1/x18..x19
3.	Assign GigaStream to the port groups.	(config) # port-group alias pg1 gigastream-list gs1 (config) # port-group alias pg2 gigastream-list gs2
4.	Enable load balancing on the port groups.	(config) # port-group alias pg1 smart-lb enable (config) # port-group alias pg2 smart-lb enable
5.	Configure a GigaSMART group and associate it with a GigaSMART engine port.	(config) # gsgroup alias GS31 port-list 1/3/e1
6.	Create a virtual port. Notes:  ● You must specify gtp-overlap mode when configuring a virtual port for GTP overlap flow sampling. ● When the vport mode is changed from overlap to non-overlap mode, indeterministic behavior will be in the traffic. Hence, it is recommended to do a cluster or chassis reload for the configuration to take effect.	(config) # vport alias VP31 gsgroup GS31 mode gtp-overlap
7.	Configure the first level map. Note:  In the rules, 2123 is GTP-c traffic and 2152 is GTP-u traffic. Note:  Configure your First-level map before configuring the second-level maps and collector and then the map group.	(config) # map alias mapLevel1-GTP (config map alias mapLevel1-GTP) # type firstLevel byRule (config map alias mapLevel1-GTP) # rule add pass portdst 2123 bidir (config map alias mapLevel1-GTP) # rule add pass portdst 2152 bidir (config map alias mapLevel1-GTP) # to VP31 (config map alias mapLevel1-GTP) # from 1/1/x1 (config map alias mapLevel1-GTP) # exit (config) #
8.	Create the GTP whitelist.	(config) # apps gtp-whitelist alias Whitelist create
9.	Fetch whitelist files from a specified location to populate the GTP whitelist.	(config) # apps gtp-whitelist alias Whitelist fetch add http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file1.txt (config) # apps gtp-whitelist alias Whitelist fetch add http://10.1.1.100/tftpboot/myfiles/MyIMSIs_file2.txt
10.	Associate the GigaSMART group to the GTP whitelist.	(config) # gsparams gsgroup GS31 gtp-whitelist add Whitelist
11.	Configure the GigaSMART operation for GTP whitelisting. Note:  GigaSMART operations used in GTP overlap flow sampling map mode must be enabled for load balancing.	(config) # gsop alias gtp-overlapwhitelist1 flow-ops gtp-whitelist lb app gtp metric hashing key imsi port-list GS31
12.	Configure the GigaSMART operation for GTP flow sampling.	(config) # gsop alias gtp-overlapsample1 flow-ops gtp-flowsample lb app gtp metric hashing key imsi port-list GS31
13.	Configure the first second level GTP overlap map for GTP whitelisting. If there is a match to an IMSI in the whitelist for GTP version 1 traffic, it is then forwarded to load balancing port group pg1.	(config) # map alias WLMAP1 (config map alias WLMAP1) # type secondLevel flowWhitelist-ol (config map alias WLMAP1) # use gsop gtp-whitelist (config map alias WLMAP1) # whitelist add gtp version 1 (config map alias WLMAP1) # to pg1 (config map alias WLMAP1) # from VP31 (config map alias WLMAP1) # exit (config) #
14.	Configure a second level map for GTP flow sampling, the flow sampling map. If there is not a match to an IMSI in the whitelist, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to load balancing port group pg1.	(config) # map alias FSMAP1 (config map alias FSMAP1) # type secondLevel flowSample-ol (config map alias FSMAP1) # use gsop gtp-overlapsample1 (config map alias FSMAP1) # flowsample add gtp imsi 3102609834* imei 35609506* percentage 20 (config map alias FSMAP1) # to pg1 (config map alias FSMAP1) # from VP31 (config map alias FSMAP1) # exit (config) #
15.	Configure the next second level GTP overlap map for GTP whitelisting. If there is a match to an IMSI in the whitelist for GTP version 2 traffic, it is then forwarded to load balancing port group pg2.	(config) # map alias WLMAP2 (config map alias WLMAP2) # type secondLevel flowWhitelist-ol (config map alias WLMAP2) # use gsop gtp-whitelist (config map alias WLMAP2) # whitelist add gtp version 2 (config map alias WLMAP2) # to pg2 (config map alias WLMAP2) # from VP31 (config map alias WLMAP2) # exit (config) #
16.	Configure the next second level map for GTP flow sampling. If there is not a match to an IMSI in the whitelist as evaluated by the second level GTP whitelisting map WLMAP2, the traffic flow is sampled based on the rules in this map. Accepted packets are forwarded to load balancing port group pg2.	(config) # map alias FSMAP2 (config map alias FSMAP2) # type secondLevel flowSample-ol (config map alias FSMAP2) # use gsop gtp-overlapsample1 (config map alias FSMAP2) # flowsample add gtp imsi 3102609835* imei 35609507* percentage 20 (config map alias FSMAP2) # to pg2 (config map alias FSMAP2) # from VP31 (config map alias FSMAP2) # exit (config) #
17.	Configure a map group. Add the GTP whitelisting and the two GTP flow sampling maps configured in previous steps. Note:  For overlap mode, you must configure the maps in a sequential order in the map-group. Note:  You must configure the map group for GTP overlap flow sampling. Make sure to include all the whitelisting and flow sampling maps in your configuration.	(config) # map-group alias OverlapMap map-list WLMAP1,WLMAP2,FSMAP1,FSMAP2
18.	Display the configuration for this example.	(config) # show port-group (config) # show gsgroup (config) # show vport (config) # show gsop (config) # show gsparams (config) # show map (config) # show map-group