Professional Documents
Culture Documents
Cisco Content Service Gateway CSG1 To CSG2 Migration
Cisco Content Service Gateway CSG1 To CSG2 Migration
Modification History
Revision Date Originator Comments
1 05-29-07 Calvin Person First Revision
Modification History....................................................................................................................... 1
1 Purpose ..................................................................................................................................... 3
7 CSG2 HA Changes................................................................................................................. 11
4 Supervisor Configuration
Feature CSG2
Supervisors Sup720-3BXL at FCS
Sup32, newer Sups as released.
Supervisor IOS Trains 12.2(18)SRB (7600 native)
With the introduction of CSG2, there is a change in the configuration process for the Supervisor as well
as the CSG2 module. This section will detail the changes for the Supervisor.
DemoPod2(config)#svclc multiple-vlan-interfaces
DemoPod2(config)#svclc module 2 vlan-group 1,6
DemoPod2(config)#svclc vlan-group 1 5,30,43,765
DemoPod2(config)#svclc vlan-group 6 6
b. Define RCMD commands to allow CSG2 to copy files to and from the Supervisor
no ip rcmd domain-lookup
ip rcmd rcp-enable
ip rcmd remote-host
Supervisor Configurations
DemoPod2(config)#no ip rcmd domain-lookup
DemoPod2(config)#ip rcmd rcp-enable
DemoPod2(config)#ip rcmd remote-host * 99 * enable
!
DemoPod2(config)#access-list 99 permit 127.0.0.0 0.255.255.255
!
c. Define the Supervisor to be NTP Master to CSG2 (If the Supervisor is already configured to be a
NTP client, there is no need to change that option).
ntp master
ntp update-calendar
Supervisor Configurations
DemoPod2(config)#ntp master
DemoPod2(config)#ntp update-calendar
DemoPod2# sh ntp status
Clock is synchronized, stratum 8, reference is 127.127.7.1
Note: This allows easy hardware replacement as the configuration will be preserved if we replace a CSG2
module in the same slot.
dir bootflash:
dir slavebootflash:
Supervisor Bootflash:
ip csg subscriber
c) Define Standby (HSRP feature – With CSG1 this was referred to as Fault-Tolerance)
CSG2 Configuration:
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
ip csg subscriber
ip address 10.2.3.10 255.255.255.0 secondary
ip address 10.2.3.1 255.255.255.0
!
interface GigabitEthernet0/0.5
encapsulation dot1Q 5
ip address 10.2.5.6 255.255.255.0
ip address 10.2.5.7 255.255.255.0
!
ip csg radius endpoint 10.2.3.10 key cisco
!
ip route 0.0.0.0 0.0.0.0 10.2.13.20
ip route 10.2.4.0 255.255.255.0 10.2.5.2
!
no ip http server
!
!
ntp server 127.0.0.61 ** The Supervisor is in slot 6 **
end
This configuration shows the deployment of dual CSG2 in HSRP pair. The standby IP secondary
address is used for Radius endpoint. Notice, the same IP address is used for standby IP secondary
address and Radius endpoint.
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
ip csg subscriber
ip address 10.2.3.1 255.255.255.0
standby ip 10.2.3.10 secondary
!
interface GigabitEthernet0/0.5
encapsulation dot1Q 5
ip address 10.2.5.6 255.255.255.0 secondary
1) User-Group and Accounting commands are removed with CSG2. The sub-commands that normally
appear under these two are now global commands on CSG2.
2) CSG1 Fault Tolerance has now changed to CSG2 HSRP
3) CSG1 variable commands are removed, replaced with CSG2 global commands
4) Additional command changes
CSG1 CSG2
ip csg user-group CSG ip csg user-group is removed.
entries max 300000 ip csg entries kut maximum 300000
entries idle 3610 pod ip csg entries kut idle 3610 pod
radius userid Calling-Station-Id ip csg radius userid Calling-Station-Id
radius stop purge vsa 3gpp 11 ip csg radius stop purge vsa 3gpp 11
radius pod attribute 44 ip csg radius pod attribute 44
radius pod nas 1700 key <xxx> ip csg radius pod nas 1700 key <xxx>
user-profile server radius pass ip csg entries kut profile radius pass
quota local-port 7000 ip csg quota-server local-port 7000
quota activate 2 ip csg quota-server activate 2
no quota server reassign no ip csg quota-server reassign
quota server 10.0.250.151 3386 1 ip csg quota-server 10.0.250.151 3386 1
quota server 10.0.250.152 3386 2 ip csg quota-server 10.0.250.152 3386 2
(CSG allows QS IP address and VRF to be defined. This was
not possible in CSG1)
ip csg accounting TEST ip csg accounting is removed
7 CSG2 HA Changes
2) CSG2 Replication:
To configure state replication between redundant CSG systems, the top level “ip csg
replicate” command is added to the configuration. This command specifies the local and
remote communication addresses and ports for state sync messages between the CSG
systems. This command enables stateful replication of CSG state data structures
including the user and radius tables:
Note that session/flow level replication is controlled with a separate command in content
submode, to allow for user/quota state sync independent of per-flow replication:
c. Enable HSRP:
interface gig 0/0.10
standby 5 name SB
d. When CSG2s’ are load balanced with a firewall load balancer (FWLB), standby use-bia must
be configured under HSRP configuration to ensure that the MAC address of the active CSG2
device changes (from FWLB’s perspective) when a switchover occurs.
5) Sample Configuration:
Vlan: 20
Standby IP: 10.10.25.1
10.10.25.14 10.10.25.13
Active Standby
10.10.24.14 10.10.24.13
Vlan: 10
Standby IP: 10.10.24.1
Standby Name: “SB”
Active Configuration:
redundancy inter-device
scheme standby SB
!
ipc zone default
association 1
no shutdown
protocol sctp
local-port 5000
local-ip 10.10.24.14
remote-port 5000
remote-ip 10.10.24.13
!
interface gig 0/0
!
interface gig 0/0.10
Standby Configuration:
redundancy inter-device
scheme standby SB
!
ipc zone default
association 1
no shutdown
protocol sctp
local-port 5000
local-ip 10.10.24.13
remote-port 5000
remote-ip 10.10.24.14
!
interface gig 0/0
!
interface gig 0/0.10
ip csg subscriber
encaps dot1q 10
ip address 10.10.24.13 255.255.255.0
standby use-bia
standby 5 ip 10.10.24.1
standby 5 ip 10.10.24.100 secondary
standby 5 priority 95
standby 5 name SB
!
interface gig 0/0.20
encaps dot1q 20
ip address 10.10.25.13 255.255.255.0
standby use-bia
standby 5 ip 10.10.25.1
standby 5 priority 95
standby 5 follow SB
!
ip csg replicate 10.10.24.13 10.10.24.14 2000
ip csg radius endpoint 10.10.24.100 key cisco
CSG_BASIS_BYTE_LOW_QUOTA_MAX 10000000
CSG_BASIS_FIXED_LOW_QUOTA_MAX 10000000
CSG_BASIS_SEC_LOW_QUOTA 10
-> ip csg service submode: reauthorization threshold
CSG_FRAG_BUFFER_MAX 10240
CSG_FRAG_LIFETIME 5
CSG_FRAG_POOL_MAX 16384
-> ip csg entries fragment max <n> [lifetime <n>]
CSG_GTP_MAX_RETRIES 3
CSG_GTP_RETRY_TIME 4
CSG_GTP_TX_WINDOW 128
-> ip csg gtp { keepalive | retries | retransmit | window }
CSG_HTTP_STATS_DELAY 0
-> ip csg service submode: records delay
CSG_OBSCURE_X_FORWARDED_FOR 1
-> ip csg content submode: subscriber-ip http-header x-forwarded-for [obscure]
CSG_REDIRECTS_INTERVAL 8
CSG_REDIRECTS_MAX 15
-> ip csg redirects { interval | max }
CSG_SESSION_MAX 1000000
-> ip csg entries session user max
CSG_SMTP_CDR_HEADER_REDUCTION 0
-> ip csg report smtp rfc2822
CSG_WAP_APPEND_AOC_URL 0
-> ip csg service submode: aoc append url
CSG_WAP_DROP_UKNOWN_PACKETS 0
-> ip csg block
CSG_WAP_REPORT_ACTUAL_PDU_TYPE 0
-> ip csg report wap actual-pdu
CSG_ZERO_QUOTA_TIMEOUT_INIT 4
CSG_ZERO_QUOTA_TIMEOUT_MAX 60
-> ip csg service submode: reauthorization timeout
HTTP_CASE_SENSITIVE_MATCHING 1
-> ip csg policy submode: case-sensitive
ARP_INTERVAL 300
ARP_LEARNED_INTERVAL 14400
ARP_GRATUITOUS_INTERVAL 15
ARP_RATE 10
ARP_RETRIES 3
ARP_LEARN_MODE 1
CSG_BASIS_BYTE_RESERVED_MAX 10000000
CSG_BILL_Q_HI_THRESHOLD 5000
CSG_BILL_Q_LO_THRESHOLD 3000
CSG_EXTRA_DEBUG
CSG_FAST_FIN_TIMEOUT 10
CSG_FAILOVER_DELAY 180
CSG_FTP_HA_WAIT_DELAY 20
CSG_FTP_PWD 0
CSG_FT_CONTENT 0
CSG_FT_SESSION_DELAY 0
CSG_FREE_CONTENT_ACCESS_PERMIT 0
CSG_HTTP_FIXED_INTERM_CDRS 0
CSG_IXP_FPGA_TRAP_ENABLED 0
CSG_IXP_POLL 720
CSG_IXP_WATCHDOG_ENABLED 0
CSG_IXP_WATCHDOG_TIMEOUT 60
CSG_MAX_BPLANS 128
CSG_MEM_FAILOVER_THRESHOLD
CSG_MEM_MAX_FREQUENCY
CSG_MEM_MAX_THRESHOLD
CSG_MEM_WARN_FREQUENCY
CSG_MEM_WARN_THRESHOLD
CSG_QUOTA_BLOCK 1
CSG_RADIUS_PROXY_CLIENT_REUSE 7200
CSG_REGEX_PLUS
CSG_RPR_PLUS_DELAY 90
CSG_SVC_CDR_MODE_QGRANT 65535