1. No category

PDF - Complete Book (2.96 MB)

Cisco ASR 9000 Series Aggregation
Services Router Carrier Grade IPv6 (CGv6)
Configuration Guide
Cisco IOS XR Software Release 5.1.x
Cisco Systems, Inc.
www.cisco.com
Cisco has more than 200 offices worldwide.
Addresses, phone numbers, and fax numbers
are listed on the Cisco website at
www.cisco.com/go/offices.
Customer Order Number: OL-30392-02
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.
The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.
NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.
IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this
URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the
document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
© 2013 - 2014 Cisco Systems, Inc. All rights reserved.
CONTENTS
1
Preface
1
Changes to This Document
1
Obtaining Documentation and Submitting a Service Request
CHAPTER
1
New and Changed Information in Cisco IOS XR Release 5.1.x
CHAPTER
2
Introduction
2-1
Contents
2-1
Overview of CGv6 2-2
CGv6 Overview 2-2
Benefits of CGv6 2-3
IPv4 Address Shortage 2-3
Prerequisites for Implementing the CGv6
1
1-1
2-3
Implementation of NAT 2-3
This section explains various implementations of NAT. The implementation of NAT over ISM and
VSM are explained in the following chapters. 2-3
Implementing NAT with ICMP 2-3
ICMP Query Session Timeout 2-4
Implementing NAT with TCP 2-4
Address and Port Mapping Behavior 2-4
Internally Initiated Connections 2-4
Externally Initiated Connections 2-4
Double NAT 444
2-5
Address Family Translation
2-5
Additional References 2-5
Related Documents 2-5
Standards 2-5
MIBs 2-6
RFCs 2-6
Technical Assistance 2-6
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
11
Contents
CHAPTER
3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Contents
3-3
3-3
Cisco Integrated Service Module 3-3
Solution Components 3-3
Support for Multiple ISM Line Cards 3-4
CGN as Default Application on ISM 3-5
Configuring CGN as Default Application on ISM
3-5
Implementing NAT over ISM 3-5
Implementing NAT 44 over ISM 3-5
Implementing NAT 64 over ISM 3-8
CGv6 Applications 3-11
Network Address Translation (NAT44) 3-11
Dual-Stack Lite 3-12
Stateful NAT64 3-13
Mapping of Address and Port-Translation Mode 3-15
IPv6 Rapid Deployment 3-16
Mapping of Address and Port-Encapsulation Mode 3-17
Policy Functions 3-17
Application Level Gateway 3-17
TCP Maximum Segment Size Adjustment 3-18
Static Port Forwarding 3-18
High Availability 3-18
External Logging 3-19
Netflow v9 Support 3-19
Syslog Support 3-19
Bulk Port Allocation 3-20
Destination-Based Logging 3-20
Configuring CGv6 on Cisco IOS XR Software 3-20
Installing Carrier Grade IPv6 on ISM 3-20
Hardware 3-20
Software 3-20
FPGA UPGRADE 3-21
Accessing CPU consoles on ISM Card 3-22
Installing CGv6 Application on an ISM Running CDS-TV/CDS-IS for Cisco IOS XR
Software Release 4.2.0 3-22
Installing CGv6 Application on an ISM Running CDS-TV/CDS-IS for Cisco IOS XR
Software Release 4.2.1 3-23
Configuring the Service Role for the Carrier Grade IPv6 3-24
Configuring the Service Instance and Location for the Carrier Grade IPv6 3-26
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
12
OL-30392-01
Contents
Configuring the Infrastructure Service Virtual Interface for the Carrier Grade IPv6
3-27
Configuring Different CGv6 Applications on ISM 3-29
Configuring NAT44 on ISM 3-29
Configuring the Application Service Virtual Interface 3-29
Configuring a NAT44 Instance 3-31
Configuring an Inside and Outside Address Pool Map 3-32
Configuring the Policy Functions 3-34
Configuring External Logging for the NAT Table Entries 3-51
Netflow Logging 3-52
Syslog Logging 3-60
Bulk Port Allocation 3-66
Destination-Based Logging for NAT44 3-68
Configuring DS-Lite on ISM 3-72
Configuring the Application Service Virtual Interface 3-72
Configuring a DS Lite Instance 3-74
Configuring the Policy Functions 3-75
Configuring External Logging 3-91
Netflow Logging 3-91
Syslog Logging 3-98
Bulk Port Allocation 3-104
Destination-Based Logging for DS-Lite 3-105
Configuring Stateful NAT64 on ISM 3-109
Configuring the Application Service Virtual Interface 3-109
Configuring a Stateful NAT64 Instance 3-111
Configuring the Policy Functions 3-112
Configuring External Logging 3-143
Configuring MAP-T on ISM 3-153
Configuring the Application Service Virtual Interface 3-153
Configuring a MAP-T Instance 3-155
Configuring the Policy Functions 3-156
Configuring 6RD on ISM 3-173
Configuring the Application Service Virtual Interface 3-173
Configuring a 6RD Instance 3-175
Configuring the Policy Functions 3-176
Configuring MAP-E on ISM 3-193
Configuring the Application Service Virtual Interface 3-193
Configuring a MAP-E Instance 3-195
Configuring the Policy Functions 3-196
Configuring High Availability on ISM 3-210
Configuring Active or Standby ISM 3-210
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
13
Contents
Enabling Failure Detection
3-212
Configuration Examples for Implementing CGv6 3-214
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44: Example
NAT44 Configuration: Example 3-215
Bulk Port Allocation and Syslog Configuration: Example 3-217
DS Lite Configuration: Example 3-217
IPv6 ServiceApp and Static Route Configuration 3-217
IPv4 ServiceApp and Static Route Configuration 3-218
DS Lite Configuration 3-218
Stateful NAT64 Configuration: Example 3-218
MAP-T Configuration: Example 3-221
DBL Configuration: Example 3-222
NAT44 Instance 3-222
DS-Lite Instance 3-222
Services Redundancy Configuation (Active/Standby ISM): Example 3-222
6RD Configuration: Example 3-223
MAP-E Configuration: Example 3-224
PPTP ALG Configuration: Example 3-225
NAT44 Instance 3-225
CHAPTER
4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
3-214
4-1
Virtualized Services Module (VSM) 4-1
VSM Components 4-1
Features and Considerations 4-2
Installing CGv6 on VSM 4-2
Prerequisites 4-3
Installing CGv6 OVA Package
Activating CGv6 VM 4-4
4-3
Uninstalling CGv6 on VSM 4-5
Deactivating CGv6 VM 4-5
Uninstalling CGv6 OVA Package 4-5
Disabling the Service Enablement Feature
4-5
Implementing NAT44 on VSM 4-5
TCP Sequence Check 4-6
Address and Port-Dependent Filtering 4-6
Configuring NAT44 on VSM 4-7
Configuring a NAT44 Instance 4-7
Configuring the Application Service Virtual Interface
4-8
4-10
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
14
OL-30392-01
Contents
Configuring an Inside and Outside Address Pool Map 4-10
Configuring the Policy Functions 4-12
Configuring External Logging for the NAT Table Entries 4-35
Netflow Logging 4-35
Syslog Logging 4-43
Configuration Examples for Implementing CGv6 4-49
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44: Example
NAT44 Configuration: Example 4-50
Configuring TCP Sequence-Check: Example 4-52
Configuring Address and Port-Dependent Filtering: Example 4-53
Bulk Port Allocation and Syslog Configuration: Example 4-53
CHAPTER
5
External Logging
5-3
Bulk Port Allocation 5-3
Restrictions for Bulk Port Allocation
Session logging
4-49
5-3
5-4
Syslog 5-4
Restrictions for Syslog 5-4
Syslog Message Format 5-5
Header 5-5
Structured Data 5-6
MSG 5-6
Netflow v9 Support 5-9
Considerations 5-9
NetFlow Record Format
Header 5-9
Templates 5-9
Options Templates
Events 5-10
Frequently Asked Questions
5-9
5-9
5-20
INDEX
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
15
Contents
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
16
OL-30392-01
Preface
The Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration
Guide preface contains the following sections:
•
Changes to This Document, page 1
•
Obtaining Documentation and Submitting a Service Request, page 1
Changes to This Document
Table 1 lists the technical changes made to this document since it was first printed.
Table 1
Changes to This Document
Revision
Date
Change Summary
OL-30392-02
May 2014
Re-published with documentation updates for Cisco IOS XR
Release 5.1.2 features.
OL-30392-01
September 2013
Initial release of this document.
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a
service request, and gathering additional information, see What’s New in Cisco Product Documentation.
To receive new and revised Cisco technical content directly to your desktop, you can subscribe to
the What’s New in Cisco Product Documentation RSS feed. The RSS feeds are a free service.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
11
Obtaining Documentation and Submitting a Service Request
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
12
OL-30392-01
CH A P T E R
1
New and Changed Information in Cisco IOS XR
Release 5.1.x
This table summarizes the new and changed information for the Cisco ASR 9000 Series Aggregation
Services Router CGv6 Configuration Guide, and tells you where the features are documented.
Table 1-1
New and Changed Features
Introduced/Changed
in Release
Where Documented
CGv6 over
Virtualized
Services Module
(VSM) has been
introduced
Release 5.1.2
CGv6 over VSM chapter
NA
Release 5.1.0
NA
Feature
Description
VSM
No new features.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
1-11
Chapter 1
New and Changed Information in Cisco IOS XR Release 5.1.x
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
1-12
OL-30392-01
CH A P T E R
2
Introduction
This module provides an overview of the Carrier Grade IPv6 (CGv6) on Cisco IOS XR software.
Contents
•
Overview of CGv6
•
Implementation of NAT
•
Double NAT 444
•
Address Family Translation
•
Additional References
The following table lists changes made to the document.
Table 2-1
Feature History for Implementing CGv6 on ASR 9000 Router
Release
Modification
Release 4.2.0
Initial release of this document.
CGv6 applications such as CGN or NAT44 are supported.
Release 4.2.1
These features were introduced:
•
DS-Lite.
•
Syslog and Bulk Port Allocation for NAT44 and DS-Lite.
Release 4.2.3
Support for multiple ISM line cards.
Release 4.3.0
These features were introduced:
•
Stateful NAT64
•
Mapping of Address and Port-Translation Mode
•
High Availability
•
Destination-Based Logging
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
2-11
Chapter 2
Introduction
Overview of CGv6
Table 2-1
Feature History for Implementing CGv6 on ASR 9000 Router
Release
Modification
Release 4.3.1
These features were introduced:
Release 5.1.1
•
IPv6 Rapid Deployment
•
Mapping of Address and Port-Encapsulation Mode
•
Point-to-Point Tunneling Protocol-Application Level Gateway on
NAT44
•
Real-Time Streaming Proocol-Application Level Gateway on
Stateful NAT64
Support for Virtualized Services Module (VSM) has been introduced
in this release.
Overview of CGv6
To implement the CGv6, you should understand the following concepts.
•
CGv6 Overview, page 2-2
•
Benefits of CGv6, page 2-3
•
Prerequisites for Implementing the CGv6, page 2-3
CGv6 Overview
Internet Protocol version 4 (IPv4) has reached exhaustion at the international level (IANA). But service
providers must maintain and continue to accelerate growth. Billions of new devices such as mobile
phones, portable multimedia devices, sensors, and controllers are demanding Internet connectivity at an
increasing rate. The Cisco Carrier Grade IPv6 Solution (CGv6) is designed to help address these
challenges. With Cisco CGv6, you can:
•
Preserve investments in IPv4 infrastructure, assets, and delivery models.
•
Prepare for the smooth, incremental transition to IPv6 services that are interoperable with IPv4.
•
Prosper through accelerated subscriber, device, and service growth that are enabled by the
efficiencies that IPv6 can deliver.
Cisco CGv6 extends the already wide array of IPv6 platforms, solutions, and services. Cisco CGv6 helps
you build a bridge to the future of the Internet with IPv6.
Cisco ASR 9000 Series Aggregation Services Router is part of the Cisco CGv6 solution portfolio and
therefore different CGv6 solutions or applications are implemented on this platform (specifically on ISM
service card).
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
2-12
OL-30392-01
Chapter 2
Introduction
Implementation of NAT
Benefits of CGv6
CGv6 offers these benefits.
•
Enables service providers to execute orderly transitions to IPv6 through mixed IPv4 and IPv6
networks.
•
Provides address family translation but not limited to just translation within one address family.
•
Delivers a comprehensive solution suite for IP address management and IPv6 transition.
IPv4 Address Shortage
A fixed-size resource such as the 32-bit public IPv4 address space will run out in a few years. Therefore,
the IPv4 address shortage presents a significant and major challenge to all service providers who depend
on large blocks of public or private IPv4 addresses for provisioning and managing their customers.
Service providers cannot easily allocate sufficient public IPv4 address space to support new customers
that need to access the public IPv4 Internet.
Prerequisites for Implementing the CGv6
The following prerequisites are required to implement CGv6.
Note
•
You must be running Cisco IOS XR software Release 4.2.0 and above.
•
You must have installed the CGv6 service package, asr9k-services-p.pie (to be used with RSP2) or
asr9k-services-px.pie (to be used with RSP3).
•
You must be in a user group associated with a task group that includes the proper task IDs. The
command reference guides include the task IDs required for each command.
All the error conditions result in a syslog message. On observation of Heartbeat failure messages, contact
Cisco Technical Support with show tech-support services cgn information.
If you suspect user group assignment is preventing you from using a command, contact your AAA
administrator for assistance.
Implementation of NAT
This section explains various implementations of NAT. The implementation of NAT over ISM and VSM are explained in the
following chapters.
Implementing NAT with ICMP
This section explains how the Network Address Translation (NAT) devices work in conjunction with
Internet Control Message Protocol (ICMP).
The implementations of NAT varies in terms of how they handle different traffic.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
2-13
Chapter 2
Introduction
Implementing NAT with ICMP
ICMP Query Session Timeout
RFC 5508 provides ICMP Query Session timeouts. A mapping timeout is maintained by NATs for ICMP
queries that traverse them. The ICMP Query Session timeout is the period during which a mapping will
stay active without packets traversing the NATs. The timeouts can be set as either Maximum Round Trip
Time (Maximum RTT) or Maximum Segment Lifetime (MSL). For the purpose of constraining the
maximum RTT, the Maximum Segment Lifetime (MSL) is considered a guideline to set packet lifetime.
If the ICMP NAT session timeout is set to a very large duration (240 seconds) it can tie up precious NAT
resources such as Query mappings and NAT Sessions for the whole duration. Also, if the timeout is set
to very low it can result in premature freeing of NAT resources and applications failing to complete
gracefully. The ICMP Query session timeout needs to be a balance between the two extremes. A
60-second timeout is a balance between the two extremes.
Implementing NAT with TCP
This section explains various NAT behaviors that are applicable to TCP connection initiation. The
detailed NAT with TCP functionality is defined in RFC 5382.
Address and Port Mapping Behavior
A NAT translates packets for each TCP connection using the mapping. A mapping is dynamically
allocated for connections initiated from the internal side, and potentially reused for certain connections
later.
Internally Initiated Connections
A TCP connection is initiated by internal endpoints through a NAT by sending SYN packet. All the
external IP address and port used for translation for that connection are defined in the mapping.
Generally for the client-server applications where an internal client initiates the connection to an
external server, to translate the outbound SYN, the resulting inbound SYN-ACK response mapping is
used, the subsequent outbound ACK, and other packets for the connection.
The 3-way handshake corresponds to method of connection initiation.
Externally Initiated Connections
For the first connection that is initiated by an internal endpoint NAT allocates the mapping. For some
situations, the NAT policy may allow reusing of this mapping for connection initiated from the external
side to the internal endpoint.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
2-14
OL-30392-01
Chapter 2
Introduction
Double NAT 444
Double NAT 444
The Double NAT 444 solution offers the fastest and simplest way to address the IPv4 depletion problem
without requiring an upgrade to IPv6 anywhere in the network. Service providers can continue offering
new IPv4 customers access to the public IPv4 Internet by using private IPv4 address blocks, if the service
provider is large enough; However, they need to have an overlapping RFC 1918 address space, which
forces the service provider to partition their network management systems and creates complexity with
access control lists (ACL).
Double NAT 444 uses the edge NAT and CGv6 to hold the translation state for each session. For example,
both NATs must hold 100 entries in their respective translation tables if all the hosts in the residence of
a subscriber have 100 connections to hosts on the Internet). There is no easy way for a private IPv4 host
to communicate with the CGv6 to learn its public IP address and port information or to configure a static
incoming port forwarding.
Address Family Translation
The IPv6-only to IPv4-only protocol is referred to as address family translation (AFT). The AFT
translates the IP address from one address family into another address family. For example, IPv6 to IPv4
translation is called NAT 64 or IPv4 to IPv6 translation is called NAT 46.
Additional References
For additional information related to Implementing the Carrier Grade IPv6, see the following references:
Related Documents
Related Topic
Document Title
Cisco IOS XR Carrier Grade IPv6 commands
Cisco IOS XR Carrier Grade IPv6 (CGv6) Command Reference for
the Cisco CRS-1 Router.
Cisco CRS-1 Router Getting Started material
Cisco IOS XR Getting Started Guide
Information about user groups and task IDs
Configuring AAA Services on Cisco IOS XR Software module of the
Cisco IOS XR System Security Configuration Guide
Standards
Standards1
Title
No new or modified standards are supported by this feature, and
support for existing standards has not been modified by this
feature.
—
1. Not all supported standards are listed.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
2-15
Chapter 2
Introduction
Additional References
MIBs
MIBs
MIBs Link
—
To locate and download MIBs using Cisco IOS XR software, use the
Cisco MIB Locator found at the following URL and choose a
platform under the Cisco Access Products menu:
http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
RFCs
RFCs1
Title
RFC 4787
Network Address Translation (NAT) Behavioral Requirements for
Unicast UDP
RFC 5382
NAT Behavioral Requirements for TCP
RFC 5508
NAT Behavioral Requirements for ICMP
1. Not all supported RFCs are listed.
Technical Assistance
Description
Link
http://www.cisco.com/techsupport
The Cisco Technical Support website contains
thousands of pages of searchable technical content,
including links to products, technologies, solutions,
technical tips, and tools. Registered Cisco.com users
can log in from this page to access even more content.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
2-16
OL-30392-01
CH A P T E R
3
Carrier Grade IPv6 over Integrated Services
Module (ISM)
This module describes how to implement the Carrier Grade IPv6 (CGv6) over Integrated Services
Module (ISM).
Contents
•
Cisco Integrated Service Module
•
Implementing NAT over ISM
•
Configuring Different CGv6 Applications on ISM
•
Configuring High Availability on ISM
•
Configuration Examples for Implementing CGv6
Cisco Integrated Service Module
Cisco Integrated Service Module (ISM) is a physical line interface module (PLIM) that provides a highly
scalable modular services delivery platform for delivering multiple types of services. ISM is designed to
deliver flexible and highly scalable service integration that allows operational efficiency, service
flexibility, and faster time to market. The module offers the architectural advantages of integration with
the routing system.
Solution Components
These are the solution components of the Cisco Integrated Service Module (ISM).
•
ASR 9000 with IOS XR
– High-capacity, carrier-class SP platform with Cisco IOS XR Software
– Leverages XR infrastructure to divert packets to ISM
– Uniform, integrated configuration and management
•
Integrated Service Module
– Flexible Linux-based development & test environment
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-13
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Cisco Integrated Service Module
– Supports required CGv6
– First IPv6 Transition Strategy
•
Integrated Service Module
– Hardware•
CGv6 function residing on ISM
•
Intel x86 with 12 CPU cores
– Software-
•
•
IOS-XR on LC, Linux on Intel CPUs
•
Integrated configuration and management through Cisco IOS XR Software
Service Virtual Interface (SVI)
– Two types of Service Virtual Interfaces are used in ISM
•
ServiceInfra SVI
•
ServiceApp SVI
There can be only one ServiceInfra SVI per ISM Slot. This is used for the management plane and is
required to bring up ISM. This is of local significance within the chassis.
ServiceApp SVI is used to forward the data traffic to the Application. Scale of ISM 244 ServiceApp per
chassis is validated. These interfaces can be advertised in IGP/EGP.
Support for Multiple ISM Line Cards
Cisco IOS XR Software Release 4.2.3 and onwards supports a maximum of six ISM line cards in each
Cisco ASR 9000 Series Aggregation Services Router chassis. For applications such as NAT44 and
DS-Lite, the configuration can be independently applied to each ISM line card.
For NAT-44, a maximum of twenty million sessions are supported by each ISM line card.
For NAT-64, a maximum of fifteen million sessions are supported by each ISM line card
For DS-Lite, a maximum of twenty million sessions are supported by each ISM line card.
Note
No additional configuration is required to support multiple ISM line cards.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-14
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
CGN as Default Application on ISM
ISM supports CGN as the default application.
Configuring CGN as Default Application on ISM
To configure CGN as the default application, perform these steps.
Step 1
Install CGN services.pie.
Step 2
Configure the CGN role using hw-module service cgn location <node_id> command.
Step 3
Load the CGN Linux image as the default image instead of CDS-IS.
Step 4
Reload ISM.
Implementing NAT over ISM
These sections provide the information about implementation of NAT.
•
Implementing NAT 44 over ISM, page 3-5
•
Implementing NAT 64 over ISM, page 3-8
Implementing NAT 44 over ISM
The following figure illustrates the implementation of NAT 44 over ISM.
Inside
VRF
Outside
VRF
Interface
Interface
Private IPv6
Subscribers
App SV
ISM on
ASR9K
App SV
VLAN
Public IPv4
VLAN
361060
VLAN
The components of this illustration are as follows:
•
Private IP4 subscribers: It denotes a private network.
•
Interface/VLAN: It denotes a designated interface or VLAN which is associated with the VRF.
•
Inside VRF: It denotes the VRF that handles packets coming from the subscriber network. It is
known as inside VRF as it forwards packets from the private network.
•
App SVI: It denotes an application interface that forwards the data packet to and from the ISM. The
data packet may be sent from another line card through a backplane. Because the ISM card does not
have a physical interface, the APP SVI acts as a logical entry into it.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-15
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
The inside VRF is bound to an App SVI. There are 2 App SVIs required; one for the inside VRF and
the other one for the outside VRF. Each App SVI pair will be associated with a unique "inside VRF"
and a unique public IP address pool. The VRF consists of a static route for forwarding packets to
App SVI1.
•
Outside VRF: It denotes the VRF that handles packets going out to the public network. It is known
as outside VRF as it forwards packets from the public network.
•
Public IPV4: It denotes a public network.
The following figure illustrates the path of the data packet from a private network to a public network in
a NAT implementation.
PVT
NW
Slot 3
ISM
s: 10.222.5.55 : 5000
d: 50.12.13.8 : 5000
s: 10.222.5.55 : 5000
d: 50.12.13.8 : 5000
Default static route (VRF:InsideCustomer1)
to send traffic to ServiceApp1
Via FIB look-up (VRF:OutsideCustomer1),
sends traffic to egress port on Slot 6 GE LC
s: 100.0.0.192 : 23156
d: 50.12.13.8 : 5000
PUB
NW
s: 100.0.0.192 : 23156
d: 50.12.13.8 : 5000
G0/6/5/1.1
50.12.13.2/24
50.12.13.8
ServiceApp2
ipv4 addr 2.1.1.1/24
App N: SRC IP/Port: 10.222.5.55 : 5000
--> (after NAT) 100.0.0.192 : 23156
G0/6/5/0.1
10.222.5.2/24
10.222.5.22
Slot 6
GigE
The packet goes through the following steps when it travels from the private network to the public
network:
Step 1
In the network shown in this figure, the packet travels from the host A (having the IP address
10.222.5.55) in the private network to host B (having the IP address 5.5.5.2) in the public network. The
private address has to be mapped to the public address by NAT44 that is implemented in ISM.
Step 2
The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 0. While using
NAT44, it is mandatory that the packet enters through VRF.
Step 3
Once the packet reaches the designated interface or VLAN on ASR9K, it is forwarded to the inside VRF
either through static routing or ACL-based forwarding (ABL). After the inside VRF determines that the
packet needs address translation, it is forwarded to the App SVI that is bound to the VRF.
Step 4
The packet is forwarded by AppSVI1 through a default static route (ivrf1). The destination address and
the port get translated because of the CGN configuration applied on ISM.
Step 5
The ISM applies NAT44 to the packet and a translation entry is created. The CGN determines the
destination address from the FIB Look Up. It pushes the packet to the egress port.
Step 6
The packet is then forwarded to the egress port on the interface through App SVI2. An inside VRF is
mapped to an outside VRF. The outside VRF is associated with this interface. The packet is forwarded
by App SVI2 through the default static route (ovrf1). Then the packet is sent to the public network.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-16
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Step 7
The packets that do not need the address translation can bypass the App SVI and can be forwarded to
the destination through a different static route and a different egress port.
The following figure illustrates the path of the packet coming from the public network to the private
network.
Traffic: outside --> inside
ServiceApp1
ipv4 addr 1.1.1.1/24
s: 50.12.13.8 : 5000
d: 10.222.5.55 : 5000
s: 50.12.13.8 : 5000
d: 10.222.5.55 : 5000
Via FIB look-up (VRF:InsideCustomer1),
sends traffic to Slot 6 GE port
Static route (VRF:OutsideCustomer1)
sends traffic to ServiceApp2
s: 50.12.13.8 : 5000
d: 100.0.0.192 : 23156
PUB
NW
s: 50.12.13.8 : 5000
d: 100.0.0.192 : 23156
G0/6/5/1.1
50.12.13.2/24
50.12.13.8
ServiceApp2
ipv4 addr 2.1.1.1/24
Viking with 2 or 3 LCs (ingessand
egress GE LCs could be different)
361061
PVT
NW
Slot 3
ISM
App N: DST IP: 100.0.0.192 : 23156
--> (Reverse NAT) eth1: 10.222.5.55 : 5000
G0/6/5/0.1
10.222.5.2/24
10.222.5.22
Slot 6
GigE
The packet goes through the following steps when it travels from the public network to the private
network:
Step 1
In the network shown in this figure, the packet travels from the host A (having the IP address
10.222.5.55) in the public network to host B (having the IP address 5.5.5.2) in the private network. The
public address has to be mapped to the private address by NAT44 that is implemented in ISM.
Step 2
The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 0.
Step 3
Once the packet reaches the designated interface or VLAN on ASR9K, it is forwarded to the outside VRF
either through static routing or ACL-based forwarding (ABL).
Step 4
The packet is forwarded by App SVI2 through a default static route. The destination address and the port
are mapped to the translated address.
Step 5
The ISM applies NAT44 to the packet. The CGN determines the destination address from the FIB Look
Up. It pushes the packet to the egress port.
Step 6
The packet is then forwarded to the egress port on the interface through App SVI2. Then the packet is
sent to the private network through the inside VRF.
Step 7
The packets that do not need the address translation can bypass the App SVI and can be forwarded to
the destination through a different static route and a different egress port.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-17
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Implementing NAT 64 over ISM
This section explains how NAT64 is implemented over ISM. The figure illustrates the implementation
of NAT64 over ISM.
Stateful NAT64
Ipv6 destination prefix
(eg: 3301:db8::/32)
Interface
Interface
App SV
ISM
Public IPv4
App SV
VLAN
VLAN
Ipv6 Prefix
3301:db8::/32
Ipv4 map pool
52.52.52.0/24
3001:DB8:E0E:E03::
52.52.52.187
3301:DB8:a0a:102::
10.10.1.2
UDP port 3000, 3000
UDP port 10546, 3000
Payload
Payload
361059
Private IPv6
Subscribers
The components of this implementation are as follows:
•
Private IP6 subscribers – It denotes a private network.
•
Interface/VLAN- It denotes a designated interface or VLAN which is associated with the VRF.
•
Inside VRF – It denotes the VRF that handles packets coming from the subscriber network. It is
known as inside VRF as it forwards packets from the private network.
•
App SVI- It denotes an application interface that forwards the data packet to and from the ISM. The
data packet may be sent from another line card through a backplane. Because the ISM card does not
have a physical interface, the APP SVI acts as a logical entry into it.
The inside VRF is bound to an App SVI. There are 2 App SVIs required; one for the inside VRF and
the other one for the outside VRF. Each App SVI pair will be associated with a unique "inside VRF"
and a unique public IP address pool. The VRF consists of a static route for forwarding packets to
App SVI1.
•
Outside VRF- It denotes the VRF that handles packets going out to the public network. It is known
as outside VRF as it forwards packets from the public network.
•
Public IPV4- It denotes a public network.
The following figure illustrates the path of the data packet from a private network to a public network in
a NAT64 implementation.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-18
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
routerstatic
address-family ipv6 unicast
3301:db8::/32 ServiceApp612001:202:2
Traffic: Inside - Outside
Port 3 (HTTP V6 Client)
3001:DB8:E0E:E03::
Gi0/3/1/3
3001:db8:e0e:e01::
Private IPv6
subscribers
Slot 3
GigE
ServiceApp61
2001.202::/32
Slot 2
CGSE
NAT64 Prefix: 3301:0db8::/40
IPV4 pool map : 52.52.52.0/24
U-bit not reserved
Port 3 (HTTP V4 Server)
11.11.11.2
Gi0/3/1/1
11.11.11.1/24
ServiceApp41
41.1.1.1/30
361058
Public IPv4
The packet goes through the following steps when it travels from the private network to the public
network:
Step 1
In the network shown in this figure, the packet travels from the host A (having the IP address
3001:DB8:E0E:E03::/40) in the private network to host B (having the IP address 11.11.11.2) in the
public network. The private address has to be mapped to the public address by NAT64 that is
implemented in ISM.
Step 2
The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 3.
Step 3
Once the packet reaches the designated interface or VLAN on ASR9K, it is forwarded to the inside VRF
either through static routing or ACL-based forwarding (ABL). Based on this routing decision, the packet
that needs address translation is determined and is forwarded to the App SVI that is bound to the VRF.
Step 4
The packet is forwarded by AppSVI1 through a default static route. The destination address and the port
get translated because of the CGN configuration applied on ISM.
Step 5
The ISM applies NAT64 to the packet and a translation entry is created. The CGN determines the
destination address from the FIB Look Up. It pushes the packet to the egress port.
Step 6
The packet is then forwarded to the egress port on the interface through App SVI2. The packet is
forwarded by App SVI2 through the default static route. Then the packet is sent to the public network.
Step 7
The packets that do not need the address translation can bypass the App SVI and can be forwarded to
the destination through a different static route and a different egress port.
The following figure illustrates the path of the packet coming from the public network to the private
network.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-19
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
routerstatic
address-family ipv6 unicast
3301:db8::/32 ServiceApp612001:202:2
Traffic: Outside - Inside
Port 3 (HTTP V6 Client)
3001:DB8:E0E:E03::
Private IPv6
subscribers
Gi0/3/1/3
3001:db8:e0e:e01::
Dest V4
address
Port
11.11.11.2
80
Slot 3
GigE
ServiceApp61
2001.202::/32
Slot 2
CGSE
s: 3301 : DB8:B0B:B02::
80
d: 3001 : DB8:E0E:B03::
80
s: 11.11.11.2-->3301 : DB8:B0B:B02::
80
d: 52.52.52.123-->3001 : DB8:E0E:B03::63209-->80
Port 3 (HTTP V4 Server)
11.11.11.2
Gi0/3/1/1
11.11.11.1/24
ServiceApp41
41.1.1.1/30
361062
Public IPv4
routerstatic
address-family ipv4 unicast
52.52.52.0/24 ServiceApp41 41.1.1.2
The packet goes through the following steps when it travels from the public network to the private
network:
Step 1
In the network shown in this figure, the packet travels from the host A (having the IP address 11.11.11.2)
in the public network to host B (having the IP address 3001:DB8:E0E:E03::) in the private network. The
public address has to be mapped to the private address by NAT64 that is implemented in ISM.
Step 2
The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 3.
Step 3
Once the packet reaches the designated interface or VLAN on ASR9K, it is forwarded to the outside VRF
either through static routing or ACL-based forwarding (ABL). Based on this routing decision, the packet
is forwarded to the App SVI that is bound to the VRF.
Step 4
The packet is forwarded by App SVI2 through a default static route. The destination address and the port
are mapped to the translated address.
Step 5
The ISM applies NAT64 to the packet. The CGN determines the destination address from the FIB Look
Up. It pushes the packet to the egress port.
Step 6
The packet is then forwarded to the egress port on the interface through App SVI2. Then the packet is
sent to the private network through the inside VRF.
Step 7
The packets that do not need the address translation can bypass the App SVI and can be forwarded to
the destination through a different static route and a different egress port.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-110
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Table 3-1
Supported Interfaces and Forwarding Features on CGv6
4.3.x
5.1.x
5.2.x
5.3.x
Physical Interface
Yes
Yes
Yes
Yes
VLAN Sub-interface
Yes
Yes
Yes
Yes
Bundle Interface
Yes
Yes
Yes
Yes
Bundle Sub-interface
Yes
Yes
Yes
Yes
BVI Interface
No
No
No
No
BNG
IP-Sub-interface/PPPoE
No
Yes
Yes
Yes
Ethernet Attachment
Circuit or Pseudo wire
No
No
No
No
GRE Tunnel
No
No
No
No
Basic IPv4 IGP Forwarding Yes
Yes
Yes
Yes
BGP Traffic
Yes
Yes
Yes
Yes
Forwarding in VRF
Yes
Yes
Yes
Yes
Recursive Routes
Yes
Yes
Yes
Yes
uRPF
No
No
No
No
BGP-PA
No
No
No
No
Egress Interfaces
L3 Unicast Forwarding Features
MPLS and Fast Reroute (FRR) Support
Note: The ISM card does not generate label for packets. It only processes unlabeled
packets.
MPLS-TE Paths
No
Yes
Yes
Yes
Basic Labeled Path
Yes
Yes
Yes
Yes
MPLS-TE Tunnel
No
Yes
Yes
Yes
MPLS-TP Tunnel
No
No
No
No
TE-FRR
No
Yes
Yes
Yes
IP-FRR
No
No
No
No
LFA-FRR
No
No
No
No
IP Multicast
No
No
No
No
MVPN
No
No
No
No
Label Switched Multicast
No
No
No
No
ABF to ServiceApp
Interface
Yes
Yes
Yes
Yes
ABF from ServiceApp
Interface
No
No
No
No
Multicast
ServiceApp Interfaces
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-111
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
4.3.x
5.1.x
5.2.x
5.3.x
ACL to ServiceApp
Interface
No
No
No
No
QOS on ServiceApp
Interface
No
No
No
No
Lawful Intercept (LI) on
ServiceApp Interface
No
No
No
No
IPv4 Enable/Disable (Per
Interface)
No
No
No
No
MPLS Enable/Disable (Per No
Interface)
No
No
No
MTU Setting (Per
Interface)
No
No
No
No
Statistics on ServiceApp
Interface
Partial.
Partial.
Yes
Yes
Per-interface
per-protocol
packet/byte
count is
supported
Per-interface
per-protocol
packet/byte
count is
supported
No
No
Pre-Label Tunnel Interface No
Note
No
•
The table refers to packet handling after CGv6 processing (from ingress to egress).
•
The CGv6 application processes only L3 unicast traffic. Other traffic types such as L2 and L3
multicast are not supported.
•
The forwarding features that are supported are only those where traffic is injected from CGv6
application as an IPv4 or IPv6 packet.
CGv6 Applications
These applications are deployed on the ISM line card.
•
Network Address Translation (NAT44), page 3-13
•
Dual-Stack Lite, page 3-14
•
Stateful NAT64, page 3-15
•
Mapping of Address and Port-Translation Mode, page 3-17
•
IPv6 Rapid Deployment, page 3-17
•
Mapping of Address and Port-Encapsulation Mode, page 3-19
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-112
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Network Address Translation (NAT44)
Network Address Translation (NAT44) or Carrier Grade Network Address Translation (CGN) is a large
scale NAT that is capable of providing private IPv4 to public IPv4 address translation in the order of
millions of translations to support a large number of subscribers, and at least 10 Gbps full-duplex
bandwidth throughput.
CGN is a workable solution to the IPv4 address completion problem, and offers a way for service
provider subscribers and content providers to implement a seamless transition to IPv6. CGN employs
network address and port translation (NAPT) methods to aggregate many private IP addresses into fewer
public IPv4 addresses. For example, a single public IPv4 address with a pool of 32 K port numbers
supports 320 individual private IP subscribers assuming each subscriber requires 100 ports. For example,
each TCP connection needs one port number.
A Network Address Translation (NAT) box is positioned between private and public IP networks that are
addressed with non-global private addresses and a public IP addresses respectively. A NAT performs the
task of mapping one or many private (or internal) IP addresses into one public IP address by employing
both network address and port translation (NAPT) techniques. The mappings, otherwise referred to as
bindings, are typically created when a private IPv4 host located behind the NAT initiates a connection
(for example, TCP SYN) with a public IPv4 host. The NAT intercepts the packet to perform these
functions:
•
Rewrites the private IP host source address and port values with its own IP source address and port
values
•
Stores the private-to-public binding information in a table and sends the packet. When the public IP
host returns a packet, it is addressed to the NAT. The stored binding information is used to replace
the IP destination address and port values with the private IP host address and port values.
Traditionally, NAT boxes are deployed in the residential home gateway (HGW) to translate multiple
private IP addresses. The NAT boxes are configured on multiple devices inside the home to a single
public IP address, which are configured and provisioned on the HGW by the service provider. In
enterprise scenarios, you can use the NAT functions combined with the firewall to offer security
protection for corporate resources and allow for provider-independent IPv4 addresses. NATs have made
it easier for private IP home networks to flourish independently from service provider IP address
provisioning. Enterprises can permanently employ private IP addressing for Intranet connectivity while
relying on a few NAT boxes, and public IPv4 addresses for external public Internet connectivity. NAT
boxes in conjunction with classic methods such as Classless Inter-Domain Routing (CIDR) have slowed
public IPv4 address consumption.
Network Address and Port Mapping
Network address and port mapping can be reused to map new sessions to external endpoints after
establishing a first mapping between an internal address and port to an external address. These NAT
mapping definitions are defined from RFC 4787:
Note
•
Endpoint-independent mapping—Reuses the port mapping for subsequent packets that are sent
from the same internal IP address and port to any external IP address and port.
•
Address-dependent mapping—Reuses the port mapping for subsequent packets that are sent from
the same internal IP address and port to the same external IP address, regardless of the external port.
CGN on ISM implements Endpoint-Independent Mapping.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-113
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Translation Filtering
RFC 4787 provides translation filtering behaviors for NATs. These options are used by NAT to filter
packets originating from specific external endpoints:
Note
•
Endpoint-independent filtering—Filters out only packets that are not destined to the internal
address and port regardless of the external IP address and port source.
•
Address-dependent filtering—Filters out packets that are not destined to the internal address. In
addition, NAT filters out packets that are destined for the internal endpoint.
•
Address and port-dependent filtering—Filters out packets that are not destined to the internal
address. In addition, NAT filets out packets that are destined for the internal endpoint if the packets
were not sent previously.
CGN on ISM implements Endpoint-Independent Filtering.
Dual-Stack Lite
The DS-Lite (DS-Lite) feature enables legacy IPv4 hosts and server communication over both IPv4 and
IPv6 networks. Also, IPv4 hosts may need to access IPv4 internet over an IPv6 access network. The IPv4
hosts will have private addresses which need to have network address translation (NAT) completed
before reaching the IPv4 internet.
The DS-Lite application has these two components:
•
Basic Bridging BroadBand Element (B4): This is a Customer Premises Equipment (CPE) router that
is attached to the end hosts. The IPv4 packets entering B4 are encapsulated using a IPv6 tunnel and
sent to the Address Family Transition Router (AFTR).
•
Address Family Transition Router(AFTR): This is the router that terminates the tunnel from the B4.
It decapsulates the tunneled IPv4 packet, translates the network address and routes to the IPv4
network. In the reverse direction, IPv4 packets coming from the internet are reverse network address
translated and the resultant IPv4 packets are sent the B4 using a IPv6 tunnel.
The Dual Stack Lite feature helps in these functions:
•
Tunnelling IPv4 packets from CE devices over IPv6 tunnels to the ISM blade.
•
Decapsulating the IPv4 packet and sending the decapsulated content to the IPv4 internet after
completing network address translation.
•
In the reverse direction completing reverse-network address translation and then tunnelling them
over IPv6 tunnels to the CPE device.
IPv6 traffic from the CPE device is natively forwarded.
Note
The number of DS-Lite instances supported on the Integrated Service Module (ISM) line card is 64.
Scalability and Performance of DS Lite
The DS-Lite feature pulls translation entries from the same pool as the NAT44.
•
Supports a total of 20 million sessions.
•
Number of unique users behind B4 router, basically IPv6 and IPv4 Source tuple, can scale to 1
million.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-114
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
There is no real limit to the number of B4 routers and their associated tunnels connecting to the AFTR,
except the session limit, which is 20 million B4 routers (assuming each router has only one session). In
reality, a maximum of 1 million B4 routers can connect to an AFTR at any given time.
The performance of DS-Lite traffic, combined IPv4 and IPv6, is 10 Gbps.
Stateful NAT64
Stateful NAT64 provides a translation mechanism that translates IPv6 packets into IPv4 packets, and
vice versa.
Stateful NAT64 supports Internet Control Message Protocol (ICMP), TCP, and UDP traffic. Packets that
are generated in an IPv6 network and destined for an IPv4 network are routed within the IPv6 network
towards the Stateful NAT64 translator. Stateful NAT64 translates the packets and forwards them as IPv4
packets through the IPv4 network. The process is reversed for traffic that is generated by hosts connected
to the IPv4 network and destined for an IPv6 receiver.
The Stateful NAT64 translation is not symmetric, because the IPv6 address space is larger than the IPv4
address space and a one-to-one address mapping is not possible. Before it can perform an IPv6 to an IPv4
translation, Stateful NAT64 requires a state that binds the IPv6 address and the TCP or UDP port to the
IPv4 address. The binding state is either statically configured or dynamically created when the first
packet that flows from the IPv6 network to the IPv4 network is translated. After the binding state is
created, packets flowing in both directions are translated. In dynamic binding, Stateful NAT64 supports
communication initiated by the IPv6-only node toward an IPv4-only node. Static binding supports
communication initiated by an IPv4-only node to an IPv6-only node, and vice versa. Stateful NAT64
with port overloading provides a 1:n mapping between IPv4 and IPv6 addresses.
Each NAT64 instance configured is associated with two serviceApps for the following purposes:
•
One serviceApp is used to carry traffic from IPv6 side
•
Another serviceApp is used to carry traffic from IPv4 side of the NAT64.
NAT64 instance parameters are configured using the CGN CLI. The NAT64 application in the octeons
updates its NAT64 instance and serviceApp databases, which are used to perform the translation between
IPv6 and IPv4 and vice versa.
Active CGN instance configuration is replicated in the standby CGN instance through the XR control
plane. Translations that are established on the Active CGN instance are exported to the Standby CGN
instance as the failure of the Active CGN affects the service until translations are re-established through
normal packet flow. Service interruption is moderate for the given fault detection time and translation
learning rate in terms of seconds or tens of seconds for a large translation database.
Note
A maximum of 64 NAT64 instances are supported in the NAT64 configuration.
Prefix Format
A set of bits at the start of an IPv6 address is called the format prefix. Prefix length is a decimal value
that specifies the number of the left-most contiguous bits of an address.
When packets flow from the IPv6 to the IPv4 direction, the IPv4 host address is derived from the
destination IP address of the IPv6 packet that uses the prefix length. When packets flow from the IPv4
to the IPv6 direction, the IPv6 host address is constructed using the stateful prefix.
According to the IETF address format, a u-bit (bit 70) defined in the IPv6 architecture should be set to
zero. The reserved octet, also called u-octet, is reserved for compatibility with the host identifier format
defined in the IPv6 addressing architecture. When constructing an IPv6 packet, the translator has to
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-115
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
make sure that the u-bits are not tampered, and are set to the value suggested by RFC 2373. The suffix
will be set to all zeros by the translator. IETF recommends that the 8 bits of the u-octet (bit range 64-71)
be set to zero.
Well Known Prefix (WKP)
Well Known Prefix (WKP) 64:FF9B::/96 is supported for Stateful NAT64. During stateful translation, if
no stateful prefix is configured (either on the interface or globally), the WKP prefix is used to translate
the IPv4 host addresses.
Stateful IPv4-to-IPv6 Packet Flow
The packet flow of IPv4-initiated packets for Stateful NAT64:
•
The destination address is routed to a NAT Virtual Interface (NVI). A virtual interface is created
when Stateful NAT64 is configured. For Stateful NAT64 translation to work, all packets must get
routed to the NVI. When you configure an address pool, a route is automatically added to all IPv4
addresses in the pool. This route automatically points to the NVI.
•
The IPv4-initiated packet hits static or dynamic binding. Dynamic address bindings are created by
the Stateful NAT64 translator when you configure dynamic Stateful NAT64. A binding is
dynamically created between an IPv6 and an IPv4 address pool. Dynamic binding is triggered by
the IPv6-to-IPv4 traffic and the address is dynamically allocated. Based on your configuration, you
can have static or dynamic binding.
•
The IPv4-initiated packet is protocol-translated and the destination IP address of the packet is set to
IPv6 based on static or dynamic binding. The Stateful NAT64 translator translates the source IP
address to IPv6 by using the Stateful NAT64 prefix (if a stateful prefix is configured) or the Well
Known Prefix (WKP) (if a stateful prefix is not configured).
•
A session is created based on the translation information.
All subsequent IPv4-initiated packets are translated based on the previously created session.
Stateful IPv6-to-IPv4 Packet Flow
Stateful IPv6-initiated packet flow:
•
The first IPv6 packet is routed to the NAT Virtual Interface (NVI) based on the automatic routing
setup that is configured for the stateful prefix. Stateful NAT64 performs a series of lookups to
determine whether the IPv6 packet matches any of the configured mappings based on an access
control list (ACL) lookup. Based on the mapping, an IPv4 address (and port) is associated with the
IPv6 destination address. The IPv6 packet is translated and the IPv4 packet is formed by using these
methods:
– Extracting the destination IPv4 address by stripping the prefix from the IPv6 address. The
source address is replaced by the allocated IPv4 address (and port).
– Translating the rest of the fields from IPv6-to-IPv4 to form a valid IPv4 packet.
•
Note
Creating a new NAT64 translation in the session database and in the bind database. The pool and
port databases are updated depending on the configuration. The return traffic and the subsequent
traffic of the IPv6 packet flow will use this session database entry for translation.
Static port forwarding is not supported over StatefulNAT64 on ISM.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-116
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
IP Packet Filtering
Stateful NAT64 filters IPv6 and IPv4 packets. All IPv6 packets that are transmitted into the stateful
translator are filtered because statefully translated IPv6 packets consume resources in the translator.
These packets consume processor resources for packet processing, memory resources (always session
memory) for static configuration, IPv4 address resources for dynamic configuration, and IPv4 address
and port resources for Port Address Translation (PAT).
Stateful NAT64 utilizes configured access control lists (ACLs) and prefix lists to filter IPv6-initiated
traffic flows that are allowed to create the NAT64 state. Filtering of IPv6 packets is done in the
IPv6-to-IPv4 direction because dynamic allocation of mapping between an IPv6 host and an IPv4
address can be done only in this direction.
Stateful NAT64 supports endpoint-dependent filtering for the IPv4-to-IPv6 packet flow with PAT
configuration. In a Stateful NAT64 PAT configuration, the packet flow originates from the IPv6 realm
and creates the state information in NAT64 state tables. Packets from the IPv4 side that do not have a
previously created state are dropped. Endpoint-independent filtering is supported with static NAT and
non-PAT configurations.
Mapping of Address and Port-Translation Mode
Mapping of Address and Port-Translation Mode (MAP-T) is a CGN solution that enables IPv4-only
clients to communicate with IPv6-only resources using address and packet translation. MAP-T is also
referred to as Dual IVI (dIVI) or Stateless NAT46. This enables a service provider to offer IPv4 services
to IPv6 enabled (customer) sites to which it provides customer premise equipment (CPE). This approach
utilizes stateless IPv4 to IPv6 translation (that is NAT64) to transit IPv6-enabled network infrastructure.
The provider access network can now be on IPv6, while customers use IPv6 and IPv4 services
simultaneously. MAP-T keeps the stateful NAT44 on CPE, as usual, to handle IPv4 address exhaustion,
in addition to stateless NAT64 on CPE and Border Router.
MAP-T is attractive to those SPs who have deployed, or are planning to deploy IPv6 end-to-end services,
and want to manage IPv4 address exhaustion with utmost predictability.
MAP-T is a preferred alternate to DS-Lite in a sevice provider network when there is no tunneling
needed.
Note
MAP-T is offered in stateless mode only.
IPv6 Rapid Deployment
IPv6 Rapid Deployment (6RD) is a mechanism that allows service providers to provide a unicast IPv6
service to customers over their IPv4 network. This approach utilizes stateless IPv6 in IPv4 encapsulation
to transit IPv4-only network infrastructure. 6RD encapsulates an IPv6 packet with an IPv4 header for
transport over an IPv4 network. The mapping between an IPv6 destination address in the inner packet,
and the IPv4 destination address of the outer packet is computed at the time of packet forwarding.
The encapsulation must be supported by the Customer Premise Equipment (CPE), while the CGv6
solution (6RD Border Relay) must support tunnel termination to route packets to Internet hosts on IPv6.
The provider access network continues to be on IPv4, while customers experience IPv6 and IPv4 service
simultaneously.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-117
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
6RD Concepts
•
6RD Customer Edge: The 6RD Customer Edge (CE) router sits between an IPv6-enabled site and
an IPv4-enabled SP network. In the context of residential broadband deployment, this is the
Residential Gateway (RG) or Customer Premises Equipment (CPE) or Internet Gateway Device
(IGD). This router has a 6RD tunnel interface acting as an endpoint for the IPv6 in IPv4
encapsulation and forwarding, with at least one 6RD CE LAN side interface and 6RD CE WAN side
interface, respectively.
•
6RD Border Relay: The 6RD Border Relay (BR) router is located at the service provider's premises.
It has at least one IPv4 interface, a 6RD tunnel interface for multi-point tunneling, and at least one
IPv6 interface that is reachable through the IPv6 Internet or IPv6-enabled part of the SP network.
•
6RD Delegated Prefix: The 6RD Delegated Prefix (DP) is an IPv6 prefix, determined by the 6RD
CE device, for use by hosts within the customer site.
•
6RD Service Provider Prefix: The 6RD Service Provider Prefix (SP Prefix) is an IPv6 prefix selected
by the service provider for use by a 6RD domain. There is only one 6RD prefix for a given 6RD
domain.
•
Customer Edge LAN side: The functionality of a 6RD Customer Edge (CE) that serves the LAN or
customer-facing side of the CE. The CE LAN side interface is only IPv6-enabled.
•
Customer Edge WAN side: The functionality of a 6RD Customer Edge (CE) that serves the WAN or
service provider-facing side of the CE. The CE WAN side is only IPv4-enabled.
•
Border Relay IPv4 address: The IPv4 address of the 6RD Border Relay (BR) for a given 6RD
domain. This IPv4 address is used by the CE to send packets to a BR in order to reach IPv6
destinations outside the 6RD domain.
•
Customer Edge IPv4 address: The IPv4 address assigned to the CE as part of normal IPv4 Internet
access (configured through DHCP, PPP, or otherwise). This address may be global or private within
the 6RD domain. This address is used by a 6RD CE to create the 6RD delegated prefix, and to send
and receive IPv4-encapsulated IPv6 packets.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-118
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Mapping of Address and Port-Encapsulation Mode
Mapping of Address and Port-Encapsulation Mode (MAP-E) is a CGN solution that allows a service
provider to enable IPv4 services at IPv6 (customer) sites to which it provides Customer Premise
Equipment (CPE). This approach utilizes stateless IPv4-in-IPv6 encapsulation to transit IPv6-enabled
network infrastructure. The encapsulation must be supported by the CPE and MAP-E Gateway/Border
Relay, which removes the IPv6 encapsulation from IPv4 packets while forwarding them to the Internet.
The provider access network can now be on IPv6, while customers see IPv6 and IPv4 service
simultaneously.
MAP-E also helps manage IPv4 address exhaustion by keeping the stateful NAT44 on CPE.
Policy Functions
These are the policy functions used to configure CGv6 applications.
•
Application Level Gateway, page 3-19
•
TCP Maximum Segment Size Adjustment, page 3-20
•
Static Port Forwarding, page 3-20
Application Level Gateway
The Application Level Gateway (ALG) deals with the applications that are embedded in the IP address
payload. Active File Transfer Protocol (FTP), Point-to-Point Tunneling Protocol (PPTP), and Real Time
Streaming Protocol (RTSP) are supported.
FTP-ALG
CGN supports both passive and active FTP. FTP clients are supported with inside (private) address and
servers with outside (public) addresses. Passive FTP is provided by the basic NAT function. Active FTP
is used with the ALG.
RTSP-ALG
CGN supports the RTSP, an application-level protocol for control over the delivery of data with real-time
properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of
real-time data, such as audio and video. Sources of data can include both live data feeds and stored clips.
PPTP-ALG
CGN supports the PPTP, a network protocol that enables secure transfer of data from a remote client to
a private enterprise server by creating a Virtual Private Network (VPN). It is used to provide IP security
at the network layer.
PPTP-ALG allows traffic from all clients to pass through a single PPTP tunnel.
PPTP uses a control channel over TCP, and a GRE tunnel operating to encapsulate Point-to-Point
Protocol (PPP) packets.
A PPTP tunnel is instantiated on a TCP port. This TCP connection is then used to initiate and manage a
second GRE tunnel to the same peer.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-119
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Components of PPTP:
PPTP uses an access controller and a network server to establish the connection.
Note
•
PPTP Access Controller (PAC)- A device attached to one or more PSTN or ISDN lines capable of
Point-to-Point Protocol operation and handling the PPTP protocol. It terminates the PPTP tunnel
and provides VPN connectivity to a remote client.
•
PPTP Network Server (PNS)-A device which provides the interface between the PPP (encapsulated
in the PPTP protocol) and a LAN or WAN. The PNS uses the PPTP protocol to support tunneling
between a PAC and the PNS. It requests to establish a VPN connectivity using PPTP tunnel.
•
Control Connection-A control connection is established between a PAC and a PNS for TCP.
•
Tunnel-A tunnel carries GRE encapsulated PPP datagrams between a PAC and a PNS.
Active FTP, PPTP ALG, and RTSP ALG are supported on NAT44 applications. Active FTP and RTSP
ALG are supported on DS-Lite and Stateful NAT64 applications.
TCP Maximum Segment Size Adjustment
When a host initiates a TCP session with a server, the host negotiates the IP segment size by using the
maximum segment size (MSS) option. The value of the MSS option is determined by the maximum
transmission unit (MTU) that is configured on the host.
Static Port Forwarding
Static port forwarding configures a fixed, private (internal) IP address and port that are associated with
a particular subscriber while CGv6 allocates a free public IP address and port. Therefore, the inside IP
address and port are associated to a free outside IP address and port.
High Availability
High Availability (HA) or 1:1 redundancy enables network-wide protection by providing fast recovery
from faults that may occur in any part of the network. With Cisco High Availability on ISM, the network
hardware and software work together and enable rapid recovery from disruption, to ensure fault
transparency to users and network applications. It provides continuous access to applications, data, and
content anywhere, anytime by addressing potential causes of downtime with functionality, design, and
best practices.
ISM HA supports:
•
1:1 active or standby redundancy infrastructure for the services running on the ISM
– Intra-chassis redundancy
– Cold standby redundancy
•
Replication of CGN-related configuration into a standby card
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-120
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Implementing NAT over ISM
Before upgrading or downgrading the CGv6 OVA package on the Active VSM card in HA (high
availability) mode, perform a graceful shift of the traffic from Active VSM to Standby VSM.
This will ensure that the CGN-related configuration is replicated into a standby card. To perform
graceful shift of the traffic, run the “service redundancy failover service-type all preferred-active
<active-vsm-slot>” command in EXEC mode.
Note
•
Failure detection
– Punt path - Channel between the ISM line card CPU and CGv6 application processes
– Data path - Channel through which CGV6 application data packets traverse
– CPU health monitoring
– Control path
– Crashed processes
The following commands are supported for failure detection:
– Punt Path
RP/0/RP0/CPU0:router(config)# service-cgv6-ha location location-name puntpath-test
– Data Path
RP/0/RP0/CPU0:router(config)# service-cgv6-ha location location-name datapath-test
Note
By default, failure detection for punt path, data path is not triggered unless the above commands are
configured.These commands can be configured only when ISM role is CGN and ISM in “App-Ready”
state.
•
Failure reporting and recovery
– If redundant ISM card is configured, then switch-over the stand by ISM to active and reload the
active ISM.
– If redundant ISM card is not configured, then reload the ISM. This comes up again as an active
ISM.
External Logging
External logging configures the export and logging of the NAT table entries, private bindings that are
associated with a particular global IP port address, and to use Netflow to export the NAT table entries.
•
Netflow v9 Support, page 3-21
•
Syslog Support, page 3-22
•
Bulk Port Allocation, page 3-22
•
Destination-Based Logging, page 3-22
Netflow v9 Support
The NAT44 and DS Lite features support Netflow for logging of the translation records. Logging of the
translation records can be mandated by for Lawful Intercept. The Netflow uses binary format and hence
requires software to parse and present the translation records.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-121
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Syslog Support
The DS Lite and NAT44 features support Syslog as an alternative to Netflow. Syslog uses ASCII format,
which can be read by users. However, the log data volume is higher in Syslog than Netflow.
Attributes of Syslog Collector
•
Syslog is supported in ASCII format only.
•
Logging to multiple syslog collectors (or relay agents) is not supported.
Bulk Port Allocation
The creation and deletion of NAT sessions need to be logged and these create huge amount of data. These
are stored on Syslog collector which is supported over UDP. In order to reduce the volume of data
generated by the NAT device, bulk port allocation can be enabled. When bulk port allocation is enabled
and when a subscriber creates the first session, a number of contiguous outside ports are pre-allocated.
A bulk allocation message is logged indicating this allocation. Subsequent session creations will use one
of the pre-allocated port and hence does not require logging.
Destination-Based Logging
Destination-Based Logging (DBL) includes the destination IPv4 address and port number in the Netflow
create and delete records for NAT44, Stateful NAT64, and DS-Lite applications. It is also known as
Session-Logging.
Note
Session-Logging and Bulk Port Allocation are mutually exclusive.
Configuring CGv6 on Cisco IOS XR Software
These configuration tasks are required to implement CGv6 on Cisco IOS XR software.
•
Installing Carrier Grade IPv6 on ISM, page 3-22
•
Configuring the Service Role for the Carrier Grade IPv6, page 3-27
•
Configuring the Service Instance and Location for the Carrier Grade IPv6, page 3-29
•
Configuring the Infrastructure Service Virtual Interface for the Carrier Grade IPv6, page 3-30
Installing Carrier Grade IPv6 on ISM
This section provides instructions on installing CGv6 on the ISM line card, removing CGv6 on the ISM
line card, and reinstalling the CDS TV application support.
Hardware
•
ISM hardware in chassis
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-122
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Software
•
asr9k-mini-p.vm or asr9k-mini-px.vm
•
asr9k-services-p.pie or asr9k-services-px.pie
•
asr9k-fpd-p.pie or asr9k-fpd-px.pie
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-123
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
FPGA UPGRADE
The installation is similar to an FPGA upgrade on any other ASR 9000 cards.
Step 1
Load the fpd pie.
Step 2
Run the show hw-module fpd location <> command in admin mode.
RP/0/RP0/CPU0:#admin
RP/0/RSP1/CPU0:LHOTSE#show hw-module fpd location 0/1/CPU0
===================================== ================================================
Existing Field Programmable Devices
================================================
HW
Current SW Upg/
Location
Card Type
Version Type Subtype Inst
Version
Dng?
============ ======================== ======= ==== ======= ==== =========== ==== =====
-------------------------------------------------------------------------------------0/1/CPU0
A9K-ISM-100
1.0 lc
fpga1
0
0.29
No
1.0 lc
cbc
0
18.04
Yes
1.0 lc
cpld1
0
0.01
No
1.0 lc
fpga7
0
0.17
No
1.0 lc
cpld3
0
0.16
No
1.0 lc
fpga2
0
0.01
Yes
--------------------------------------------------------------------------------------
If one or more FPD needs an upgrade (can be identified from the Upg/Dng column in the output) then
this can be accomplished using the following steps.
Step 3
Upgrade the identified FPGAs using the relevant commands:
upgrade
upgrade
upgrade
upgrade
upgrade
upgrade
hw-module
hw-module
hw-module
hw-module
hw-module
hw-module
fpd
fpd
fpd
fpd
fpd
fpd
fpga1 location <>
cbc location <>
cpld1 location <>
fpga7 location <>
cpld3 location <>
fpga2 location <>
To upgrade all FPGA using a single command, type:
upgrade hw-module fpd all location <>
Step 4
If one or more FPGAs were upgraded, reload the ISM card after all the upgrade operation completes
successfully.
hw-module location <> reload
Step 5
After the ISM card comes up, check for the FPGA version. This can be done using the following
command from the admin mode.
show hw-module fpd location <>
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-124
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Accessing CPU consoles on ISM Card
This output shows ISM card in slot1:
RP/0/RSP0/CPU0 #show platform
0/RSP0/CPU0
A9K-RSP-4G(Active)
0/1/CPU0
A9K-ISM-100(LCP)
0/1/CPU1
A9K-ISM-100(SE)
IOS XR RUN
IOS XR RUN
SEOS-READY
PWR,NSHUT,MON
PWR,NSHUT,MON
To access LC CPU console:
RP/0/RSP0/CPU0#run attach 0/1/CPU0
#
To return to RSP console:
#exit
To access X86 CPU console:
RP/0/RSP0/CPU0:CRANE#run attachCon 0/0/cpu1 115200
attachCon: Starting console session to node 0/0/cpu1
attachCon: To quit console session type 'detach'
Current Baud 115200
Setting Baud to 115200
localhost.localdomain login: root
Password: rootroot
[root@localhost ~]#
To return to RSP console:
[root@localhost]# detach
Installing CGv6 Application on an ISM for Cisco IOS XR Software Release 4.2.0
If the card is in CDS-IS mode, then it must be converted to CDS-TV before installing CGv6. For
installation instructions, see the Cisco ASR 9000 Series Aggregation Services Router ISM Line Card
Installation Guide.
Note
With kernel.rpm, the "kernel.rpm" or "kernel-4.2.0.rpm" file is referred and with "ism_infra.tgz", the
"ism_infra.tgz" or "ism_infra-4.2.0.tgz" file is referred.
Step 1
Manually remove the non-CGv6 (CDS TV) configuration.
Step 2
Install the R4.2.0 image on the ASR 9000 router.
Step 3
To handle version incompatibility between APIs of Cisco IOS XR and Linux software, run these
commands as soon as the ISM LCP is in IOS XR RUN state.
RP/0/RSP0/CPU0#proc mandatory OFF fib_mgr location <ism_node_location>
RP/0/RSP0/CPU0#proc SHUTDOWN fib_mgr location <ism_node_location>
RP/0/RP0/CPU0:#admin
RP/0/RSP0/CPU0(admin)#debug sim reload-disable location<ism_node_location>
Caution
Step 4
Any delay may result in card reload due to API mismatch.
Extract the ism_infra.tgz and kernel.rpm image from the tar file (available in the Download Software
page in Cisco.com) and copy the content to the disk on the RSP console.
RP/0/RSP0/CPU0#copy tftp://<tftp_addr><image_location>/ism_infra.tgz disk0:/
RP/0/RSP0/CPU0#copy tftp://<tftp_addr><image_location>/kernel.rpm disk0:/
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-125
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Step 5
Copy kernel.rpm and ism_infra.tgz to X86 location.
a.
Log into X86 CPU console and start the se_mbox_server process:
[root@localhost]# se_mbox_server -d
b.
Log into ISM LC CPU and upload the images to X86:
#avsm_se_upload
#avsm_se_upload
c.
Step 6
/disk0:/kernel.rpm
/disk0:/ism_infra.tgz
After successful upload, the images should be available under /tmp directory in the X86 CPU.
Install the images on X86:
[root@localhost /] cd /tmp
[root@localhost tmp]# rpm -i --force kernel.rpm
[root@localhost tmp]# avsm_install ism_infra.tgz
Step 7
Run the following Cisco IOS XR Software Release 4.2.0 commands in admin mode, on RSP to install
the Services PIE:
RP/0/RSP0/CPU0#admin
(admin)#install add tftp://<tftp_addr>/<image_location>/asr9k-services-p.pie synchronous
activate
. . . . . . . . . . .
(admin)#exit
Step 8
Run the following Cisco IOS XR Software Release 4.2.0 commands on the RSP to set the service role
as cgn.
RP/0/RSP0/CPU0#config
(config)#hw-module service cgn location <ism_node_location>
(config)#commit
(config)#exit
Step 9
Revert the changes made in Step 3
RP/0/RSP0/CPU0#proc mandatory ON fib_mgr location <ism_node_location>
RP/0/RSP0/CPU0#proc START fib_mgr location <ism_node_location>
RP/0/RP0/CPU0:#admin
RP/0/RSP0/CPU0:(admin)#no debug sim reload-disable location <ism_node_location>
Step 10
Reload the ISM line card.
RP/0/RSP0/CPU0#hw-module location <ism_node_location> reload
Step 11
Wait for the card to return to SEOS-READY and proceed with ServiceInfra interface configuration.
Installing CGv6 Application on an ISM for Cisco IOS XR Software Release 4.2.1 and later
From R4.2.1 onwards, the CGv6 application can be installed on an ISM line card directly without
changing from CDS-IS to CDS-TV and then CGv6.
Step 1
Manually remove the non-CGv6 configuration, if any.
Step 2
Install the Cisco IOS XR Software Release 5.1.x image(asr9k-mini-p/px.vm/pie) on the router.
Step 3
To handle version incompatibility between APIs of Cisco IOS XR and Linux software, run the following
commands in admin mode. Enter into maintenance mode by using the following command.
RP/0/RP0/CPU0:#admin
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-126
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
RP/0/RSP0/CPU0(admin)#debug sim reload-disable location<ism_node_location>
The card must be in the following state:
RP/0/RSP0/CPU0# show platform
Node
Type
State
Config State
___________________________________________________________________________
0/5/CPU0
A9K-ISM-100(LCP)
IOS XR RUN
PWR,NSHUT,MON
0/5/CPU1
A9K-ISM-100(SE)
RECOVERY MODE
Sometimes, the card goes into IN-RESET state due to multiple resets or if you miss to execute the step
for a long time.
Reload the card using the following command to get out of the state:
RP/0/RSP0/CPU0(admin)# hw-module location <ism_node_location> reload
Note
Step 4
The command must be executed in admin mode.
To install the Services PIE on RSP, run the commands in admin mode:
RP/0/RSP0/CPU0#admin
(admin)#install add tftp://<tftp_addr>/<image_location>/asr9k-services-p.pie synchronous
activate
. . . . . . . . . . .
(admin)#exit
Step 5
To set the service role as cgn on RSP, run the following commands.
RP/0/RSP0/CPU0#config
(config)#hw-module service cgn location <ism_node_location>
(config)#commit
(config)#exit
Step 6
To install Linux Install-Kit from RSP, run the commands in admin mode.
RP/0/RSP0/CPU0#admin
RP/0/RSP0/CPU0(admin)# download install-image <install_kit_name_and_location> from
<rsp_where_kit_present> to <ism_node_location>
Note
Step 7
For Cisco IOS XR Release 4.2.1, you can download the Install-Kit from the File Exchage Server
https://upload.cisco.com/cgi-bin/swc/fileexg/main.cgi?CONTYPES=IOS-XR
Wait for around 12-14 minutes for the card to come at SEOS-READY. Proceed with ServiceInfra
interface configuration.
Configuring the Service Role for the Carrier Grade IPv6
Perform this task to configure the service role on the specified location to start the CGv6 service.
Note
Removal of service role is strictly not recommended while the card is active. This puts the card into
FAILED state, which is service impacting.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-127
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
SUMMARY STEPS
1.
configure
2.
hw-module service cgn location node-id
3.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
hw-module service cgn location node-id
Configures a CGv6 service role (cgn) on location
0/1/CPU0.
Example:
RP/0/RP0/CPU0:router(config)# hw-module service
cgn location 0/1/CPU0
Step 3
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-128
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Configuring the Service Instance and Location for the Carrier Grade IPv6
Perform this task to configure the service instance and location for the CGv6 application.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-location preferred-active node-id
4.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-129
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
Step 3
Command or Action
Purpose
service-location preferred-active node-id
Configures the active locations for the CGv6 application.
Note
Example:
preferred-standby option is supported in Cisco
IOS XR Release 4.3.0 onwards for redundancy.
RP/0/RP0/CPU0:router(config-cgn)#
service-location preferred-active 0/1/CPU0
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Infrastructure Service Virtual Interface for the Carrier Grade
IPv6
Perform this task to configure the infrastructure service virtual interface (SVI) to forward the control
traffic. The subnet mask length must be at least 30 (denoted as /30).
Note
Do not remove or modify service infra interface configuration when the card is in Active state. The
configuration is service affecting and the line card must be reloaded for the changes to take effect.
SUMMARY STEPS
1.
configure
2.
interface ServiceInfra value
3.
service-location node-id
4.
ipv4 address address/mask
5.
end
or
commit
6.
reload
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-130
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring CGv6 on Cisco IOS XR Software
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceInfra value
Configures the infrastructure service virtual interface (SVI)
as 1 and enters CGv6 configuration mode.
Example:
Note
RP/0/RP0/CPU0:router(config)# interface
ServiceInfra 1
RP/0/RP0/CPU0:router(config-if)#
Step 3
service-location node-id
Only one service infrastructure SVI can be
configured for a CGv6 instance.
Configures the location of the CGv6 service for the
infrastructure SVI.
Example:
RP/0/RP0/CPU0:router(config-if)#
service-location 0/1/CPU0
Step 4
ipv4 address address/mask
Sets the primary IPv4 address for an interface.
Example:
RP/0/RP0/CPU0:router(config-if)# ipv4 address
1.1.1.1/30
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Step 6
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Once the configuration is complete, the card must be
reloaded for changes to take effect.
reload
Example:
RP/0/RP0/CPU0:Router#hw-mod location 0/3/cpu0
reload
WARNING: This will take the requested node out
of service.
Do you wish to continue?[confirm(y/n)] y
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-131
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring Different CGv6 Applications on ISM
These CGv6 applications are configured on ISM.
•
Configuring NAT44 on ISM, page 3-32
•
Configuring DS-Lite on ISM, page 3-75
•
Configuring Stateful NAT64 on ISM, page 3-112
•
Configuring MAP-T on ISM, page 3-156
•
Configuring 6RD on ISM, page 3-176
•
Configuring MAP-E on ISM, page 3-196
Configuring NAT44 on ISM
Perform these tasks to configure NAT44 on ISM.
•
Configuring the Application Service Virtual Interface, page 3-32
•
Configuring a NAT44 Instance, page 3-34
•
Configuring the Policy Functions, page 3-37
•
Configuring External Logging for the NAT Table Entries, page 3-54
Configuring the Application Service Virtual Interface
The following section lists guidelines for selecting serviceapp interfaces for NAT44.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that
the ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with
ServiceApp2 or ServiceApp3 with ServiceApp4
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. However, maintaining a track of these associations can be error prone. For example,
ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10, ServiceApp3 with
ServiceApp8, or ServiceApp3 with ServiceApp12
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6. Although such
ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and Outside-to-Inside traffic
for the ServiceApp pair is halved.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
One ServiceApp pair can be used as inside and the other as outside.
Perform the following tasks to configure the application service virtual interface (SVI) to forward data
traffic.
SUMMARY STEPS
1.
configure
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-132
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
2.
interface ServiceApp value
3.
service cgn instance-name service-type nat44
4.
vrf vrf-name
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI as 1 and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Step 3
service cgn instance-name service-type nat44
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-133
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
vrf vrf-name
Configures the VPN routing and forwarding (VRF) for the
Service Application interface
Example:
RP/0/RP0/CPU0:router(config-if)# vrf insidevrf1
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a NAT44 Instance
Perform this task to configure a NAT44 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-134
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn nat44 instance-name
Configures the instance named cgn1 for the CGv6 NAT44
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an Inside and Outside Address Pool Map
Perform this task to configure an inside and outside address pool map with the following scenarios.
•
The designated address pool is used for CNAT.
•
One inside VRF is mapped to only one outside VRF.
•
Multiple non-overlapping address pools can be used in a specified outside VRF mapped to different
inside VRF.
•
Max Outside public pool per ISM/CGv6 instance is 64 K or 65536 addresses. That is, if a /16 address
pool is mapped, then we cannot map any other pool to that particular ISM.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-135
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Multiple inside vrf cannot be mapped to same outside address pool.
•
While Mapping Outside Pool Minimum value for prefix is 16 and maximum value is 30.
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
map [outside-vrf outside-vrf-name] address-pool address/prefix
6.
end
or
commit
SUMMARY STEPS
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures an inside VRF named insidevrf1 and enters
CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-136
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
map [outside-vrf outside-vrf-name] address-pool
address/prefix
Configures an inside VRF to an outside VRF and address
pool mapping.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)# map
outside-vrf outside vrf1 address-pool
10.10.0.0/16
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring the Port Limit Per Subscriber, page 3-37
•
Configuring the Timeout Value for the Protocol, page 3-39
•
Configuring FTP ALG, page 3-44
•
Configuring PPTP ALG, page 3-45
•
Configuring RTSP ALG, page 3-46
•
Configuring the TCP Adjustment Value for the Maximum Segment Size, page 3-48
•
Configuring the Refresh Direction for the Network Address Translation, page 3-50
•
Configuring Static Port Forwarding for Port Numbers, page 3-52
•
Configuring the Dynamic Port Ranges, page 3-53
Configuring the Port Limit Per Subscriber
Perform this task to configure the port limit per subscriber for the system that includes TCP, UDP, and
ICMP.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-137
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
portlimit value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-138
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
portlimit value
Limits the number of entries per address for each subscriber
of the system
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
portlimit 10
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the Protocol
•
Configuring the Timeout Value for the ICMP Protocol, page 3-39
•
Configuring the Timeout Value for the TCP Session, page 3-41
•
Configuring the Timeout Value for the UDP Session, page 3-42
Configuring the Timeout Value for the ICMP Protocol
Perform this task to configure the timeout value for the ICMP type for the CGv6 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol icmp
5.
timeout seconds
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-139
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
protocol icmp
Example:
Configures the ICMP protocol session. The example shows
how to configure the ICMP protocol for the CGv6 instance
named cgn1.
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol icmp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Step 5
timeout seconds
Configures the timeout value as 908 for the ICMP session
for the CGv6 instance named cgn1.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# timeout
908
Step 6
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-140
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring the Timeout Value for the TCP Session
Perform this task to configure the timeout value for either the active or initial sessions for TCP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol tcp
5.
session {active | initial} timeout seconds
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures the TCP protocol session. The example shows
how to configure the TCP protocol for the CGv6 instance
named cgn1.
protocol tcp
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-141
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
session {active | initial} timeout seconds
Configures the timeout value as 90 for the TCP session. The
example shows how to configure the initial session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
initial timeout 90
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the UDP Session
Perform this task to configure the timeout value for either the active or initial sessions for UDP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol udp
5.
session {active | initial} timeout seconds
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-142
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures the UDP protocol sessions. The example shows
how to configure the TCP protocol for the CGv6 instance
named cgn1.
protocol udp
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol udp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Step 5
session {active | initial} timeout seconds
Configures the timeout value as 90 for the UDP session. The
example shows how to configure the active session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
active timeout 90
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-143
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring FTP ALG
Perform this task to configure FTP as the ALG for the specified NAT44 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg activeFTP
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-144
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
alg activeFTP
Configures the FTP ALG on the NAT44 instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
activeFTP
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring PPTP ALG
Perform this task to configure PPTP as the ALG for the specified NAT44 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg pptpAlg
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-145
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures PPTP as the ALG for the NAT44 instance.
alg pptpAlg
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
pptpAlg
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring RTSP ALG
Perform this task to configure RTSP as the ALG for the specified NAT44 instance. RTSP packets are
usually destined to port 554. But this is not always true because RTSP port value can be configured.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-146
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg rtsp server-port value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-147
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
alg rtsp [server-port] value
Configures the rtsp ALG on the NAT44 instance for server
port 5000. The range is from 1 to 65535. The default port is
554.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
rtsp server-port 5000
Caution
Step 5
The option of specifying a server
port) is currently not supported. Even
if you configure some port, RTSP
works only on the default port (554).
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the TCP Adjustment Value for the Maximum Segment Size
Perform this task to configure the adjustment value for the maximum segment size (MSS) for the VRF.
You can configure the TCP MSS adjustment value on each VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
protocol tcp
6.
mss size
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-148
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)#
service-location preferred-active 0/1/CPU0
Step 4
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
inside-vrf vrf-name
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
Configures the TCP protocol session and enters CGv6
inside VRF AFI protocol configuration mode.
protocol tcp
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-149
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
mss size
Configures the adjustment MSS value as 1100 for the inside
VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi-proto
)# mss 1100
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)# e
nd
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Direction for the Network Address Translation
Perform this task to configure the NAT mapping refresh direction as outbound for TCP and UDP traffic.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
refresh-direction Outbound
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-150
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
refresh-direction Outbound
Configures the NAT mapping refresh direction as outbound
for the CGv6 instance named cgn1.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-proto)#refreshdirection Outbound
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-151
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring Static Port Forwarding for Port Numbers
Perform this task to configure static port forwarding for reserved or nonreserved port numbers.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
protocol tcp
6.
static-forward inside
7.
address address port number
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
protocol tcp
Configures the TCP protocol session and enters CGv6
inside VRF AFI protocol configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-152
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
static-forward inside
Configures the CGv6 static port forwarding entries on
reserved or nonreserved ports and enters CGv6 inside static
port inside configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
static-forward inside
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)#
Step 7
address address port number
Configures the CGv6 static port forwarding entries for the
inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# address 1.2.3.4 port 90
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Dynamic Port Ranges
Perform this task to configure dynamic port ranges for TCP, UDP, and ICMP ports. The default value
range of 0 to 1023 is preserved and not used for dynamic translations. Therefore, if the value of dynamic
port range start is not configured explicitly, the dynamic port range value starts at 1024.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
dynamic port range start value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-153
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
dynamic port range start value
Example:
Configures the value of dynamic port range start for a
CGv6 NAT 44 instance. The value can range from 1 to
65535.
RP/0/RP0/CPU0:router(config-cgn-nat44)# dynamic
port range start 1024
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring External Logging for the NAT Table Entries
Perform the following to configure external logging for NAT table entries.
•
Netflow Logging, page 3-55
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-154
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Syslog Logging, page 3-63
•
Bulk Port Allocation, page 3-69
•
Destination-Based Logging for NAT44, page 3-71
Netflow Logging
Perform the following tasks to configure Netflow Logging for NAT table entries.
•
Configuring the Server Address and Port for Netflow Logging, page 3-55
•
Configuring the Path Maximum Transmission Unit for Netflow Logging, page 3-57
•
Configuring the Refresh Rate for Netflow Logging, page 3-59
•
Configuring the Timeout for Netflow Logging, page 3-61
Configuring the Server Address and Port for Netflow Logging
Perform this task to configure the server address and port to log network address translation (NAT) table
entries for Netflow logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
address address port number
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-155
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 3
Command or Action
Purpose
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-156
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
address address port number
Configures the IPv4 address and port number 45 to log
Netflow entries for the NAT table.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# address 2.3.4.5 port 45
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Netflow Logging
Perform this task to configure the path maximum transmission unit (MTU) for the netflowv9-based
external-logging facility for the inside VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
path-mtu value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-157
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-158
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 200 for the
netflowv9-based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# path-mtu 200
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Rate for Netflow Logging
Perform this task to configure the refresh rate at which the Netflow-v9 logging templates are refreshed
or resent to the Netflow-v9 logging server.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
refresh-rate value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-159
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow-v9 based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-160
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
refresh-rate value
Configures the refresh rate value of 50 to log Netflow-based
external logging information for an inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# refresh-rate 50
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout for Netflow Logging
Perform this task to configure the frequency in minutes at which the Netflow-V9 logging templates are
to be sent to the Netflow-v9 logging server.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
timeout value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-161
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflowv9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-162
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
timeout value
Configures the timeout value of 50 for Netflow logging of
NAT table entries for an inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# timeout 50
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Syslog Logging
Perform the following tasks to configure Syslog Logging for NAT table entries.
•
Configuring the Server Address and Port for Syslog Logging, page 3-63
•
Configuring the Host-Name for Syslog Logging, page 3-65
•
Configuring the Path Maximum Transmission Unit for Syslog Logging, page 3-67
Configuring the Server Address and Port for Syslog Logging
Perform this task to configure the server address and port to log NAT table entries for Syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
address address port number
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-163
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-164
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
address address port number
Configures the IPv4 address and port number 45 to log
Netflow entries for the NAT table.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# address 2.3.4.5 port 45
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Host-Name for Syslog Logging
Perform this task to configure the host name to be filled in the Netflow header for the syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
host-name name
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-165
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-166
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
host-name name
Configures the host name for the syslog-based
external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# host-name host1
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Syslog Logging
Perform this task to configure the path maximum transmission unit (MTU) for the syslog-based
external-logging facility for the inside VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
path-mtu value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-167
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-168
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 200 for the
syslog-based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# path-mtu 200
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Bulk Port Allocation
Perform this task to configure bulk port allocation to reduce Netflow or Syslog data volume.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-instance
5.
bulk-port-alloc size number of ports
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-169
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-170
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
bulk-port-alloc size number of ports
Allocate ports in bulk to reduce Netflow/Syslog data
volume.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44-invrf-)#
bulk-port-alloc size 64
RP/0/RP0/CPU0:router(config-cgn-nat44-invrf)
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44-invrf)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat44-invrf)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Destination-Based Logging for NAT44
Perform these tasks to configure destination-based logging for NAT table entries.
•
Configuring the Session-Logging for Netflow Logging, page 3-71
•
Configuring the Session-Logging for Syslog Logging, page 3-73
Configuring the Session-Logging for Netflow Logging
Perform this task to configure session-logging if destination IP and Port information needs to logged in
the Netflow records.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
session-logging
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-171
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGN instance named
cgn1 and enters CGN inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflowv9
Configures the external-logging facility for the NAT44
instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
server
Example:
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow-v9 based external-logging facility.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)# server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-172
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
session-logging
Configures the session logging for a NAT44 instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# session-logging
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Session-Logging for Syslog Logging
Perform this task to configure session-logging if destination IP and Port information needs to logged in
the Netflow records.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
session-logging
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-173
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGN instance named
cgn1 and enters CGN inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Configures the external-logging facility for the NAT44
instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
server
Example:
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)# server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-174
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 7
Command or Action
Purpose
session-logging
Configures the session logging for a NAT44 instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# session-logging
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring DS-Lite on ISM
Perform these tasks to configure DS-Lite on ISM.
•
Configuring the Application Service Virtual Interface, page 3-75
•
Configuring a DS Lite Instance, page 3-77
•
Configuring the Policy Functions, page 3-78
•
Configuring External Logging, page 3-94
Configuring the Application Service Virtual Interface
The following section lists guidelines for selecting serviceapp interfaces for DS-Lite.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that
the ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with
ServiceApp2 or ServiceApp3 with ServiceApp4
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. However, maintaining a track of these associations can be error prone. For example,
ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10, ServiceApp3 with
ServiceApp8, or ServiceApp3 with ServiceApp12
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-175
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6. Although such
ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and Outside-to-Inside traffic
for the ServiceApp pair is halved.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
One ServiceApp pair can be used as inside and the other as outside.
Perform the following tasks to configure the application service virtual interface (SVI) to forward data
traffic.
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
service cgn instance-name service-type ds-lite
4.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI as 1 and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-176
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 3
Command or Action
Purpose
service cgn instance-name service-type ds-lite
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1 service-type ds-lite ds-lite1
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a DS Lite Instance
Perform this task to configure an instance of the DS-Lite application.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-177
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions:
•
Configuring IPv6 Tunnel Endpoint Address, page 3-79
•
Configuring the FTP ALG, page 3-80
•
Configuring the RTSP ALG, page 3-81
•
Configuring an Address Pool Map, page 3-83
•
Configuring the Path Maximum Transmission Unit, page 3-84
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-178
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring the Port Limit Per Subscriber, page 3-86
•
Configuring the Timeout Value for the Protocol, page 3-87
•
Configuring the TCP Adjustment Value for the Maximum Segment Size, page 3-92
Configuring IPv6 Tunnel Endpoint Address
Perform this task to configure the IPv6 tunnel endpoint address:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance name
4.
aftr-tunnel-endpoint-address X:X::X IPv6 address
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-179
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
aftr-tunnel-endpoint-address X:X::X IPv6
address
Configures an IPv6 tunnel endpoint address.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
aftr-tunnel-endpoint-address 10:2::10
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the FTP ALG
Perform this task to configure the FTP ALG for the specified DS-Lite instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
alg ftp
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-180
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for DS-Lite
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
Configures the FTP ALG on the DS-Lite instance.
alg ftp
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# alg
ftp
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the RTSP ALG
Perform this task to configure the ALG for the rtsp for the specified DS-Lite instance. RTSP packets are
usually destined to port 554. But this is not always true because RTSP port value is configurable.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-181
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
alg rtsp {server-port} value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for DS-Lite
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-182
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
alg rtsp [server-port] value
Configures the rtsp ALG on the DS-Lite instance for server
port 5000. The range is from 1 to 65535. The default port is
554.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# alg
rtsp server-port 5000
Caution
Step 5
The option of specifying a server
port) is currently not supported. Even
if you configure some port, RTSP
works only on the default port (554).
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an Address Pool Map
Perform this task to configure an address pool map.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance name
4.
map address-pool address/prefix
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-183
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
map address-pool address/prefix
Configures an address pool mapping.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# map
address-pool 10.10.0.0/16
or
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# map
address-pool 100.1.0.0/16
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit
Perform this task to configure the path maximum transmission unit (MTU):
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-184
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance name
4.
path-mtu value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-185
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 2000 for the
ds-lite instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
path-mtu 2000
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Port Limit Per Subscriber
Perform this task to configure the port limit per subscriber for the system that includes TCP, UDP, and
ICMP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
port-limit value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-186
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 4
Configures the port value that restricts the number of
translations for the ds-lite instance.
port-limit value
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
port-limit 65
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the Protocol
•
Configuring the Timeout Value for the ICMP Protocol, page 3-88
•
Configuring the Timeout Value for the TCP Session, page 3-89
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-187
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring the Timeout Value for the UDP Session, page 3-91
Configuring the Timeout Value for the ICMP Protocol
Perform this task to configure the timeout value for the ICMP type.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
protocol icmp
5.
timeout seconds
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 4
protocol icmp
Configures the ICMP protocol session.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
protocol icmp
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-188
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
timeout seconds
Configures the timeout value for the ICMP session.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
timeout 90
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the TCP Session
Perform this task to configure the timeout value for either the active or initial sessions for TCP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
protocol tcp
5.
session {active | init} timeout seconds
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-189
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 4
protocol tcp
Configures the TCP protocol session.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
Step 5
session {active | initial} timeout seconds
Configures the timeout value for the TCP session. The
example shows how to configure the initial session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
initial timeout 90
Step 6
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-190
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring the Timeout Value for the UDP Session
Perform this task to configure the timeout value for either the active or initial sessions for UDP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
protocol udp
5.
session {active | init} timeout seconds
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 4
Configures the UDP protocol session.
protocol udp
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
protocol icmp
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-191
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
session {active | initial} timeout seconds
Configures the timeout value for the UDP session. The
example shows how to configure the initial session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
initial timeout 90
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the TCP Adjustment Value for the Maximum Segment Size
Perform this task to configure the adjustment value for the maximum segment size (MSS).
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
protocol tcp
5.
mss size
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-192
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 4
Configures the TCP protocol session.
protocol tcp
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)
Step 5
Configures maximum segment size value for TCP sessions
for a ds-lite instance
mss size
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# mss 90
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-193
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring External Logging
Perform the following to configure external logging for DS-Lite entries.
•
Netflow Logging, page 3-94
•
Syslog Logging, page 3-101
•
Bulk Port Allocation, page 3-107
•
Destination-Based Logging for DS-Lite, page 3-108
Netflow Logging
Perform these tasks to configure Netflow Logging for DS-Lite entries.
•
Configuring the Server Address and Port for Netflow Logging, page 3-94
•
Configuring the Path Maximum Transmission Unit for Netflow Logging, page 3-96
•
Configuring the Refresh Rate for Netflow Logging, page 3-97
•
Configuring the Timeout for Netflow Logging, page 3-99
Configuring the Server Address and Port for Netflow Logging
Perform this task to configure the server address and port for Netflow logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging netflow9
5.
server
6.
address address port number
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-194
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 3
Command or Action
Purpose
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
Step 4
external-logging netflow9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging netflow9
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Step 6
address address port number
Configures the IPv4 address and port number to log Netflow
entries for the DS-Lite instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# address 10.3.20.130 port 45
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-195
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring the Path Maximum Transmission Unit for Netflow Logging
Perform this task to configure the path maximum transmission unit (MTU) for the netflow9-based
external-logging facility.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging netflow9
5.
server
6.
path-mtu value
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
Step 4
external-logging netflow9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging netflow9
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-196
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Command or Action
Step 5
Purpose
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow9-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Step 6
Configures the path MTU with the value of 200 for the
netflowv9-based external-logging facility.
path-mtu value
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# path mtu 200
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Rate for Netflow Logging
Perform this task to configure the refresh rate at which the Netflow-9 logging templates are refreshed or
resent to the Netflow-9 logging server:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging netflow9
5.
server
6.
refresh-rate value
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-197
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
Step 4
external-logging netflowv9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging netflow9
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow9-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-198
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
refresh-rate value
Configures the refresh rate value of 200 to log
Netflow-based external logging information.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# refresh-rate 200
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout for Netflow Logging
Perform this task to configure the frequency in minutes at which the Netflow-9 logging templates are to
be sent to the Netflow-9 logging server:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging netflow9
5.
server
6.
timeout value
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-199
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite instance-name
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
Step 4
external-logging netflow9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging netflow9
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow9-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1100
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
timeout value
Configures the timeout value of 200 for Netflow logging of
the DS-Lite instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# timeout 200
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Syslog Logging
Perform the following tasks to configure Syslog Logging for DS-Lite entries.
•
Configuring the Server Address and Port for Syslog Logging, page 3-101
•
Configuring the Host-Name for Syslog Logging, page 3-103
•
Configuring the Path Maximum Transmission Unit for Syslog Logging, page 3-105
Configuring the Server Address and Port for Syslog Logging
Perform this task to configure the server address and port to log DS-Lite entries for Syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging syslog
5.
server
6.
address address port number
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1101
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1102
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
address address port number
Configures the IPv4 address and port number 45 to log
Netflow entries.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# address 2.3.4.5 port 45
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Host-Name for Syslog Logging
Perform this task to configure the host name to be filled in the Netflow header for the syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging syslog
5.
server
6.
host-name name
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1103
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1104
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
host-name name
Configures the host name for the syslog-based
external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# host-name host1
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Syslog Logging
Perform this task to configure the path maximum transmission unit (MTU) for the syslog-based
external-logging facility.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging syslog
5.
server
6.
path-mtu value
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1105
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 external logging
configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
external logging server configuration mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
server
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1106
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 200 for the
syslog-based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# path-mtu 200
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Bulk Port Allocation
Perform this task to configure bulk port allocation to reduce Netflow or Syslog data volume.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite ds-lite1
4.
bulk-port-alloc size number of ports
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1107
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for CGv6
DS-Lite application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
bulk-port-alloc size number of ports
Allocate ports in bulk to reduce Netflow/Syslog data
volume.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
bulk-port-alloc size 64
RP/0/RP0/CPU0:router(config-cgn-ds-lite)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Destination-Based Logging for DS-Lite
Perform these tasks to configure destination-based logging for DS-Lite entries.
•
Configuring Session-Logging for Netflow Logging, page 3-109
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1108
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring the Session-Logging for Syslog Logging, page 3-110
Configuring Session-Logging for Netflow Logging
Perform this task to configure session-logging if destination IP and Port information needs to logged in
the Netflow records.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite ds-lite1
4.
external-logging netflow9
5.
server
6.
session-logging
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for DS-Lite
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
external-loging netflow9
Configures the external-logging facility for the DS-Lite
instance.
Example:
RP/0/RP0/CPU0:router(config-cgn)#
external-logging netflow9
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1109
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 5
Command or Action
Purpose
server
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow-9
based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Step 6
Configures the session logging for a DS-Lite instance.
session-logging
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# session-logging
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Session-Logging for Syslog Logging
Perform this task to configure session-logging if destination IP and Port information needs to logged in
the Netflow records.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type ds-lite instance-name
4.
external-logging syslog
5.
server
6.
session-logging
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1110
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type ds-lite ds-lite1
Configures the service type keyword definition for DS-Lite
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
ds-lite ds-lite1
Step 4
external-logging syslog
Configures the external-logging facility for the DS-Lite
instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
#
Step 5
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility.
server
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog)
# server
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1111
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
session-logging
Configures the session logging for a DS-Lite instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# session-logging
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlogserver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Stateful NAT64 on ISM
Perform these tasks to configure Stateful NAT64 on ISM.
•
Configuring the Application Service Virtual Interface, page 3-112
•
Configuring a Stateful NAT64 Instance, page 3-114
•
Configuring the Policy Functions, page 3-115
•
Configuring External Logging, page 3-146
Configuring the Application Service Virtual Interface
The following section lists guidelines for selecting serviceapp interfaces for Stateful NAT64.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that
the ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with
ServiceApp2 or ServiceApp3 with ServiceApp4
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. However, maintaining a track of these associations can be error prone. For example,
ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10, ServiceApp3 with
ServiceApp8, or ServiceApp3 with ServiceApp12
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1112
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6. Although such
ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and Outside-to-Inside traffic
for the ServiceApp pair is halved.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
One ServiceApp pair can be used as inside and the other as outside.
Perform the following tasks to configure the application service virtual interface (SVI) to forward data
traffic.
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
service cgn instance-name service-type nat64 stateful
4.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI as 1 and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1113
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 3
Command or Action
Purpose
service cgn instance-name service-type nat64
stateful
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1 service-type nat64 stateful nat1
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a Stateful NAT64 Instance
Perform this task to configure a stateful NAT64 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1114
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring Address Family, page 3-116
•
Configuring RTSP ALG, page 3-128
•
Configuring Dynamic Port Range, page 3-130
•
Configuring Filter-Policy, page 3-131
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1115
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring Fragment-Timeout, page 3-132
•
Configuring an IPv4 Address Pool, page 3-134
•
Configuring an IPv6-Prefix, page 3-135
•
Configuring Portlimit per Subscriber, page 3-137
•
Configuring the Timeout Value for ICMP, TCP and UDP Sessions, page 3-139
•
Configuring the Timeout Value for ICMP, TCP and UDP Sessions per Address and Port, page 3-140
•
Configuring the Timeout Value for IPv4 Initiated Sessions, page 3-142
•
Configuring TCP Policy, page 3-143
•
Configuring Ubit-Reserved, page 3-144
Configuring Address Family
•
Configuring IPv4 Address Family, page 3-116
•
Configuring IPv6 Address Family, page 3-121
Configuring IPv4 Address Family
•
Configuring an IPv4 Interface, page 3-116
•
Configuring IPv4 TCP Maximum Segment Size (MSS), page 3-118
•
Configuring IPv4 Type of Service (ToS), page 3-119
Configuring an IPv4 Interface
Perform this task to configure an IPv4 interface for a stateful NAT64 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv4 interface ServiceApp number
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1116
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
address-family ipv4 interface ServiceApp number
Configures the IPv4 interface to divert Ipv4 nat64 traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv4 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1117
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring IPv4 TCP Maximum Segment Size (MSS)
Perform this task to configure the MSS for TCP in bytes.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv4 tcp mss value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1118
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv4 tcp mss value
Configures the MSS for TCP in bytes.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv4 tcp mss 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv4 Type of Service (ToS)
Perform this task to configure the configure ToS value to be used when translating a packet from IPv6
to IPv4.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv4 tos value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1119
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
address-family ipv4 tos value
Configures the ToS value.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv4 tos 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1120
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring IPv6 Address Family
•
Configuring IPv6 Do not Fragment (DF) Override, page 3-121
•
Configuring an IPv6 Interface, page 3-122
•
Configuring IPv6 Reset Maximum Transmission Unit (MTU) for an ICMP Protocol, page 3-124
•
Configuring IPv6 TCP Maximum Segment Size (MSS), page 3-125
•
Configuring IPv6 Traffic-Class, page 3-127
Configuring IPv6 Do not Fragment (DF) Override
Perform this task to enable DF override configuration.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv6 df-override
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1121
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 df-override
Configures the DF-Override.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv6 df-override
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an IPv6 Interface
Perform this task to configure an IPv6 interface for a stateful NAT64 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv6 interface ServiceApp number
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1122
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
address-family ipv6 interface ServiceApp number
Configures the IPv6 interface to divert IPv6 nat64 traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv6 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1123
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring IPv6 Reset Maximum Transmission Unit (MTU) for an ICMP Protocol
Perform this task to reset the MTU for an ICMP protocol.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv6 protocol icmp reset-mtu
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1124
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 protocol icmp reset-mtu
Resets the MTU value of the ICMP protocol packet.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv6 protocol icmp reset-mtu
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 TCP Maximum Segment Size (MSS)
Perform this task to configure the MSS for TCP in bytes.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv6 tcp mss value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1125
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
address-family ipv6 tcp mss value
Configures the MSS for TCP in bytes.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv6 tcp mss 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1126
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring IPv6 Traffic-Class
Perform this task to configure a traffic-class.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
address-family ipv6 traffic-class value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1127
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 traffic-class value
Configures the traffic class to be set.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#address-family ipv6 traffic-class 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring RTSP ALG
Perform this task to configure RTSP as the ALG for the specified Stateful NAT64 instance. RTSP packets
are usually destined to port 554. But this is not always true because RTSP port value can be configured.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
alg rtsp server-port value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1128
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
alg rtsp server-port value
Configures the server port for RTSP. The default port is 554.
The range is from 1 to 65535.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#alg rtsp server-port 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stful-afi
)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1129
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring Dynamic Port Range
Perform this task to configure a dynamic port range.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
dynamic-port-range start port number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1130
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
dynamic-port-range start port number
Configures the port range from 1 to 65535.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#dynamic-port-range start 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Filter-Policy
Perform this task to configure the filter policy.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
filter-policy
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1131
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
filter-policy
Configures the address-dependent filtering policy.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#filter-policy
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Fragment-Timeout
Perform this task to configure the time interval to store packet fragments.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1132
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
fragment-timeout value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1133
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
fragment-timeout value
Configures the time interval, in seconds, to store packet
fragments.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#fragment-timeout 6
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an IPv4 Address Pool
Perform this task to configure an IPv4 address pool.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
ipv4 address-pool address/prefix
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1134
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
ipv4 address-pool address/prefix
Configures an IPv4 address pool.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#ipv4 address-pool 10.2.2.24/32
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an IPv6-Prefix
Perform this task to configure an IPv6 prefix.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1135
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
ipv6-prefix address/prefix
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1136
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
ipv6-prefix address/prefix
Configures the IPv6 prefix that is used to convert
destination IPv6 address to an external destination IPv4
address.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#ipv6-prefix 2001:db8::/32
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Portlimit per Subscriber
Perform this task to restrict the number of ports used by an IPv6 address.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
portlimit value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1137
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
portlimit value
Configures a value to restict the number of ports used by an
IPv6 address.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#portlimit 66
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1138
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring the Timeout Value for ICMP, TCP and UDP Sessions
Perform this task to configure the timeout value for ICMP, TCP or UDP sessions for a stateful NAT64
instance:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
protocol tcp session {active | initial} timeout value
protocol {icmp | udp} timeout value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1139
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
protocol tcp session {active | initial} timeout
value
Configures the timeout value, in seconds, for ICMP and
UDP.
or
protocol {icmp | udp} timeout value
Configures the initial and active session timeout values for
TCP.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#protocol tcp session active timeout 90
or
protocol icmp timeout 90
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for ICMP, TCP and UDP Sessions per Address and Port
Perform this task to configure the timeout value for ICMP, TCP or UDP sessions for any given IPv4
address and port.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
protocol {icmp | tcp | udp} address IPv4 address port port number timeout value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1140
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
protocol {icmp | tcp | udp} address IPv4
address port port number timeout value
Configures the timeout value, in seconds, for the specified
address and port.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#protocol icmp address 10.2.2.24 port 66
timeout 777
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1141
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring the Timeout Value for IPv4 Initiated Sessions
Perform this task to configure the timeout value for IPv4 sessions:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
protocol {icmp | tcp | udp} v4-init-timeout value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1142
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
protocol {icmp | tcp | udp} v4-init-timeout
value
Configures the timeout value, in seconds, for IPv4 sessions.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#protocol icmp v4-init-timeout 777
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring TCP Policy
Perform this task to enable or disable IPv4 initiated sessions.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
tcp-policy
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1143
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
Enables or disables IPv4 initiated sessions.
tcp-policy
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#tcp-policy
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Ubit-Reserved
Perform this task to enable reserving ubits in IPv6 addresses.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1144
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
ubit-reserved
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6
Stateful NAT64 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1145
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
ubit-reserved
Enables reserving ubits in IPv6 addresses.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#ubit-reserved
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring External Logging
Perform these tasks to configure external logging for Stateful NAT64 entries.
•
Configuring the Server Address and Port for Netflow Logging, page 3-146
•
Configuring the Path Maximum Transmission Unit for Netflow Logging, page 3-148
•
Configuring the Refresh Rate for Netflow Logging, page 3-150
•
Configuring Session Logging for Netflow Logging, page 3-152
•
Configuring the Timeout for Netflow Logging, page 3-154
Configuring the Server Address and Port for Netflow Logging
Perform this task to configure the server address and port.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
external-logging netflowversion 9
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1146
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
5.
server
6.
address ipv4 address port number
7.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance and enters CGv6 external logging configuration
mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
Step 5
server
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
server
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)#
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow
version 9-based external-logging facility and enters CGv6
external logging server configuration mode.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1147
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
address ipv4 address port number
Configures the IPv4 address and port number to log Netflow
entries.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# address 10.3.20.130 port 45
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Netflow Logging
Perform this task to configure the path maximum transmission unit (MTU).
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
external-logging netflow version 9
5.
server
6.
path-mtu value
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1148
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance and enters CGv6 external logging configuration
mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
Step 5
server
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
server
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)#
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow
version 9-based external-logging facility and enters CGv6
external logging server configuration mode.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1149
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
path-mtu value
Configures the path MTU for the netflow version 9-based
external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# path-mtu 120
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Rate for Netflow Logging
Perform this task to configure the refresh rate.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
external-logging netflow version 9
5.
server
6.
refresh-rate value
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1150
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance and enters CGv6 external logging configuration
mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
Step 5
server
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
server
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)#
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow
version 9-based external-logging facility and enters CGv6
external logging server configuration mode.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1151
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
refresh-rate value
Configures the refresh rate value netflow-based external
logging information.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# refresh-rate 120
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Session Logging for Netflow Logging
Perform this task to configure session logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
external-logging netflow version 9
5.
server
6.
session-logging
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1152
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance and enters CGv6 external logging configuration
mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
Step 5
server
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
server
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)#
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow
version 9-based external-logging facility and enters CGv6
external logging server configuration mode.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1153
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
session-logging
Configures session-logging.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# session-logging
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout for Netflow Logging
Perform this task to configure the frequency in minutes at which the Netflow-version 9 logging templates
are to be sent to the Netflow-v9 logging server.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat64 stateful instance-name
4.
external-logging netflow
5.
server
6.
timeout value
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1154
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat64 stateful instance-name
Configures the service type keyword definition for CGv6.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat64 stateful nat64-inst
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
#
Step 4
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance and enters CGv6 external logging configuration
mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-stateful)
# external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
Step 5
server
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog)#
server
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)#
Configures the logging server information for the IPv4
address and port for the server that is used for the netflow
version 9-based external-logging facility and enters CGv6
external logging server configuration mode.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1155
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 6
Command or Action
Purpose
timeout value
Configures the timeout value in minutes. The range is from
1 to 3600.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# timeout 660
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-nat64-extlog-se
rver)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring MAP-T on ISM
Perform these tasks to configure MAP-T on ISM.
•
Configuring the Application Service Virtual Interface, page 3-156
•
Configuring a MAP-T Instance, page 3-158
•
Configuring the Policy Functions, page 3-159
Configuring the Application Service Virtual Interface
The following section lists guidelines for selecting serviceapp interfaces for MAP-T.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that
the ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with
ServiceApp2 or ServiceApp3 with ServiceApp4
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. However, maintaining a track of these associations can be error prone. For example,
ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10, ServiceApp3 with
ServiceApp8, or ServiceApp3 with ServiceApp12
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1156
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6. Although such
ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and Outside-to-Inside traffic
for the ServiceApp pair is halved.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped becasue traffic flows in the wrong dispatcher and core.
Perform this task to configure the application service virtual interface (SVI) to forward data traffic.
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
service cgn instance-name service-type map-t
4.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI as 1 and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1157
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 3
Command or Action
Purpose
service cgn instance-name service-type map-t
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1 service-type map-t map1
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a MAP-T Instance
Perform this task to configure a MAP-T instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1158
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring Address Family, page 3-160
•
Configuring Contiguous Ports, page 3-170
•
Configuring Customer Premise Equipment Domain Parameters, page 3-171
•
Configuring External Domain Parameters, page 3-173
•
Configuring Port Sharing Ratio, page 3-174
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1159
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring Address Family
Perform these tasks to configure address family.
•
Configuring IPv4 Address Family, page 3-160
•
Configuring IPv6 Address Family, page 3-164
Configuring IPv4 Address Family
Perform these tasks configure IPv4 address family for a MAP-T instance.
•
Configuring an IPv4 Interface, page 3-160
•
Configuring IPv4 TCP Maximum Segment Size (MSS), page 3-161
•
Configuring IPv4 Type of Service (ToS), page 3-162
Configuring an IPv4 Interface
Perform this task to configure an IPv4 interface for a MAP-T instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv4 interface ServiceApp number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1160
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv4 interface ServiceApp number
Configures the IPv4 interface to divert IPv4 map-t traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv4 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv4 TCP Maximum Segment Size (MSS)
Perform this task to configure the MSS for TCP in bytes.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv4 tcp mss value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1161
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
address-family ipv4 tcp mss value
Configures the MSS for TCP in bytes.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv4 tcp mss 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv4 Type of Service (ToS)
Perform this task to configure the configure ToS value to be used when translating a packet from IPv6
to IPv4.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1162
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv4 tos value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1163
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv4 tos value
Configures the ToS value.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv4 tos 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 Address Family
Perform these tasks configure an IPv6 address family.
•
Configuring IPv6 Do not Fragment (DF) Override, page 3-164
•
Configuring an IPv6 Interface, page 3-166
•
Configuring IPv6 TCP Maximum Segment Size (MSS), page 3-167
•
Configuring IPv6 Traffic-Class, page 3-168
Configuring IPv6 Do not Fragment (DF) Override
Perform this task to enable DF override configuration.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv6 df-override
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1164
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
address-family ipv6 df-override
Configures the DF-Override.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv6 df-override
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1165
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring an IPv6 Interface
Perform this task to configure an IPv6 interface.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv6 interface ServiceApp number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1166
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 interface ServiceApp number
Configures the IPv6 interface to divert IPv6 nat64 traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv6 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 TCP Maximum Segment Size (MSS)
Perform this task to configure the MSS for TCP in bytes.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv6 tcp mss value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1167
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
address-family ipv6 tcp mss value
Configures the MSS for TCP in bytes.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv6 tcp mss 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 Traffic-Class
Perform this task to configure a traffic-class.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1168
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
address-family ipv6 traffic-class value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1169
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 traffic-class value
Configures the traffic class to be set.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#address-f
amily ipv6 traffic-class 66
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Contiguous Ports
Perform this task to configure contiguous ports.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
contiguous-ports number
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1170
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
contiguous-ports number
Configures the number of ports and the value is expressed
in powers of 2. The range is from 1 to 65536.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#contiguou
s-ports 14
RP/0/RP0/CPU0:router(config-cgn-mapt)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Customer Premise Equipment Domain Parameters
Perform this task to configure Customer Premise Equipment (CPE) domain parameters.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1171
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
cpe-domain ipv4 prefix ipv4 address/prefix
cpe-domain ipv6 prefix ipv6 address/prefix
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1172
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
cpe-domain ipv4 prefix ipv4 address/prefix
Configures the cpe domain parameters.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#cpe-domai
n ipv4 prefix 10.2.2.24/2
RP/0/RP0/CPU0:router(config-cgn-mapt)
or
cpe-domain ipv6 prefix ipv6 address/prefix
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#cpe-domai
n ipv6 prefix 10:2::2/24
RP/0/RP0/CPU0:router(config-cgn-mapt)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring External Domain Parameters
Perform this task to configure external domain parameters.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
external-domain ipv6 prefix ipv6 address/prefix
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1173
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Step 4
external-domain ipv6 prefix ipv6 address/prefix
Configures the external domain parameters.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#externaldomain ipv6 prefix 10:2::2/24
RP/0/RP0/CPU0:router(config-cgn-mapt)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Port Sharing Ratio
Perform this task to configure port sharing ratio.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1174
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-t instance-name
4.
sharing-ratio number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-t instance-name
Configures the service type keyword definition for CGv6
MAP-T application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-t map-t-inst
RP/0/RP0/CPU0:router(config-cgn-mapt)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1175
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
sharing-ratio number
Configures the port sharing ratio and the value is expressed
in powers of 2. The range is from 1 to 32768.
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)#sharing-r
atio 14
RP/0/RP0/CPU0:router(config-cgn-mapt)
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-mapt)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-mapt)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring 6RD on ISM
Perform these tasks to configure 6RD on ISM.
•
Configuring the Application Service Virtual Interface, page 3-176
•
Configuring a 6RD Instance, page 3-178
•
Configuring the Policy Functions, page 3-179
Configuring the Application Service Virtual Interface
This section lists the guidelines for selecting service application interfaces for 6RD.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that the
ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with ServiceApp2
or ServiceApp3 with ServiceApp4.
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. For example, ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10,
ServiceApp3 with ServiceApp8, or ServiceApp3 with ServiceApp12.
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1176
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Warning
Caution
Although ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and
Outside-to-Inside traffic for the ServiceApp pair is halved.
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped because traffic flows in the incorrect dispatcher and core.
Perform this task to configure the application service virtual interface (SVI) to forward data traffic.
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
service cgn instance-name
4.
service-type tunnel v6rd instance-name
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI to 1, and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Step 3
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application, and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1177
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
service-type tunnel v6rd instance-name
Configures the service-type as tunnel v6rd, and the instance
name as 6rd1.
Example:
RP/0/RSP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RSP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-v6rd)# e
nd
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-v6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a 6RD Instance
Perform this task to configure a 6RD instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1178
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Configures the service type keyword definition for CGv6
6RD application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring Address Family, page 3-180
•
Configuring Border Relay, page 3-182
•
Configuring Maximum Transmission Unit, page 3-188
•
Configuring Reassembly-Enable, page 3-190
•
Configuring Reset-df-bit, page 3-191
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1179
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring Type of Service, page 3-193
•
Configuring Time to Live, page 3-194
Configuring Address Family
Perform these tasks to configure address family for a 6RD instance.
•
Configuring IPv4 Address Family, page 3-180
•
Configuring IPv6 Address Family, page 3-181
Configuring IPv4 Address Family
Perform this task to configure IPv4 address family for a 6RD instance.
•
Configuring IPv4 Interface, page 3-180
Configuring IPv4 Interface
Perform this task to configure an IPv4 interface for a 6RD instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
address-family ipv4 interface ServiceApp number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1180
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv4 interface ServiceApp number
Configures the IPv4 interface to divert IPv4 6RD traffic.
The range is from 1 to 2000.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
address-family ipv4 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 Address Family
Perform this task to configure an IPv6 address family for a 6RD instance.
•
Configuring IPv6 Interface, page 3-181
Configuring IPv6 Interface
Perform this task to configure an IPv6 interface for a 6RD instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
address-family ipv6 interface ServiceApp number
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1181
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
address-family ipv6 interface ServiceApp number
Configures the IPv6 interface to divert IPv4 6RD traffic.
The range is from 1 to 2000.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
address-family ipv6 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Border Relay
Perform these tasks to configure a border relay router for a 6RD instance.
•
Configuring IPv4 Interface, page 3-183
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1182
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring IPv6 Prefix, page 3-184
•
Configuring Source Address, page 3-185
•
Configuring Unicast Address, page 3-187
Configuring IPv4 Interface
Perform this task to configure an IPv4 interface for a border relay router.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
br ipv4 prefix | suffix length value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1183
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
br ipv4 prefix | suffix length value
Configures the IPv4 interface for a border relay router. The
IPv4 prefix or suffix length is used to derive delegated IPv6
prefix.
Example:
Step 5
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
ipv4 prefix length 20
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
The prefix or suffix value range is from 0 to 31.
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 Prefix
Perform this task to configure IPv6 address and prefix for a border relay router.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
br ipv6-prefix address
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1184
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
Configures the IPv6 address and prefix for a border relay
router.
br ipv6-prefix address
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
ipv6-prefix 2001:db8::/32
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Source Address
Perform this task to configure IPv4 source address for a tunnel.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1185
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
br source-address address
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1186
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
br source-address address
Configures the IPv4 source address for a tunnel.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
source-address 22.23.24.26
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Unicast Address
Perform this task to configure IPv6 unicast address.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
br unicast address address
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1187
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
br unicast address address
Configures the IPv6 address that is unicast from the IPv6
network.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# br
unicast address 3001:db8:1617:181a::1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)# en
d
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Maximum Transmission Unit
Perform this task to configure the Maximum Transmission Unit (MTU) of the tunnel for a 6RD instance.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1188
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
path-mtu value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1189
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
path-mtu value
Configures the path mtu of the tunnel. The range is from
1280 to 9216.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
path-mtu 1282
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Reassembly-Enable
Perform this task to assemble the fragmented packets for a 6RD instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
reassembly-enable
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1190
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
Assembles the fragmented packets after forwarding is
complete.
reassembly-enable
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
reassembly-enable
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Reset-df-bit
Perform this task to reset the df bit and enable the anycast feature for a 6RD instance.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1191
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
reset-df-bit
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1192
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
reset-df-bit
Resets the df bit and enables the anycast feature.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
reset-df-bit
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Type of Service
Perform this task to configure the Type of Service (ToS) to be used for the IPv4 tunnel for a 6RD
instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
tos value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1193
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 4
Configures the type of service to be used for the IPv4
tunnel. The range is from 0 to 255.
tos value
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
tos 66
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Time to Live
Perform this task to configure Time to Live (TTL) value to be used for the IPv4 tunnel for a 6RD
instance.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1194
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type tunnel v6rd instance-name
4.
ttl value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application, and enters the
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type tunnel v6rd instance-name
Defines the service type keyword definition for CGv6 6RD
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
tunnel v6rd 6rd1
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1195
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
ttl value
Configures the time-to-live value, in seconds, to be used for
the IPv4 tunnel. The range is from 1 to 255.
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
ttl 220
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-tunnel-6rd)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring MAP-E on ISM
Perform these tasks to configure MAP-E on ISM.
•
Configuring the Application Service Virtual Interface, page 3-196
•
Configuring a MAP-E Instance, page 3-198
•
Configuring the Policy Functions, page 3-199
Configuring the Application Service Virtual Interface
This section lists the guidelines for selecting service application interfaces for MAP-E.
•
Pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an odd integer. This is to ensure that the
ServiceApp pairs works with a maximum throughput. For example, ServiceApp1 with ServiceApp2
or ServiceApp3 with ServiceApp4.
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>, and so on, where <n> is an odd
integer. For example, ServiceApp1 with ServiceApp6, ServiceApp1 with ServiceApp10,
ServiceApp3 with ServiceApp8, or ServiceApp3 with ServiceApp12.
•
Pair ServiceApp<n> with ServiceApp<n+4>, where <n> is an integer (odd or even integer). For
example, ServiceApp1 with ServiceApp5, or ServiceApp2 with ServiceApp6.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1196
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Warning
Caution
Although ServiceApp pairs work, the aggregate throughput for Inside-to-Outside and
Outside-to-Inside traffic for the ServiceApp pair is halved.
Do not pair ServiceApp<n> with ServiceApp<n+1>, where <n> is an even integer. When used,
Outside-to-Inside traffic is dropped because traffic flows in the incorrect dispatcher and core.
Perform this task to configure the application service virtual interface (SVI) to forward data traffic.
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1197
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters the global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI to 1, and enters interface
configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Step 3
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring a MAP-E Instance
Perform this task to configure a MAP-E instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1198
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance for the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Configures the service type keyword definition for CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring Address Family, page 3-200
•
Configuring AFTR Endpoint Address, page 3-206
•
Configuring Contiguous Ports, page 3-207
•
Configuring CPE Domain Parameters, page 3-209
•
Configuring Path MTU of the Tunnel, page 3-210
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1199
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring Port Sharing Ratio, page 3-211
Configuring Address Family
Perform these tasks to configure address family.
•
Configuring IPv4 Address Family, page 3-200
•
Configuring IPv6 Address Family, page 3-202
Configuring IPv4 Address Family
Perform these tasks configure IPv4 address family for a MAP-E instance.
•
Configuring IPv4 Interface, page 3-200
•
Configuring TCP Maximum Segment Size, page 3-201
Configuring IPv4 Interface
Perform this task to configure an IPv4 interface for a MAP-E instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
address-family ipv4 interface ServiceApp number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1200
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv4 interface ServiceApp number
Configures the IPv4 interface to divert IPv4 map-e traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# address
-family ipv4 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring TCP Maximum Segment Size
Perform this task to configure the Maximum Segment Size (MSS) for TCP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
address-family ipv4 tcp mss value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1201
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 4
address-family ipv4 tcp mss value
Configures the MSS to be used, in bytes. The range is from
28 to 1500.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# address
-family ipv4 tcp mss 300
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring IPv6 Address Family
Perform these tasks configure an IPv6 address family.
•
Configuring IPv6 Interface, page 3-203
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1202
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
•
Configuring TCP Maximum Segment Size, page 3-204
Configuring IPv6 Interface
Perform this task to configure an IPv6 interface.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
address-family ipv6 interface ServiceApp number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1203
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
address-family ipv6 interface ServiceApp number
Configures the IPv6 interface to divert IPv6 map-e traffic.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# address
-family ipv6 interface serviceApp 66
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring TCP Maximum Segment Size
Perform this task to configure the Maximum Segment Size (MSS) to be used for TCP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
address-family ipv6 tcp mss value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1204
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 4
address-family ipv6 tcp mss value
Configures the MSS to be used, in bytes. The range is from
28 to 1500.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# address
-family ipv6 tcp mss 300
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1205
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring AFTR Endpoint Address
Perform this task to configure the Address Family Transition Router (AFTR) endpoint address.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
aftr-endpoint-address ipv6 address
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1206
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
aftr-endpoint-address IPv6 address
Configures the AFTR endpoint address.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# aftr-en
dpoint-address 2001:db8::32
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Contiguous Ports
Perform this task to configure the number of contiguous ports for a MAP-E instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
contiguous-ports number
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1207
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 4
contiguous-ports number
Configures the number of contiguous ports. The range is
from 1 to 65536.
Example:
Note
The value is expressed in powers of 2.
RP/0/RP0/CPU0:router(config-cgn-map_e)# contigu
ous-ports 16
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 5
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1208
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Configuring CPE Domain Parameters
Perform this task to configure Customer Premise Equipment (CPE) domain parameters.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
cpe-domain ipv4 prefix ipv4 address/prefix
or
cpe-domain ipv6 prefix ipv6 address/prefix
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1209
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
Step 4
Command or Action
Purpose
cpe-domain ipv4 prefix ipv4 address/prefix
Configures the IPv4 or IPv6 prefixes of the CPE domain.
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# cpe-dom
ain ipv4 prefix 10.2.2.24/2
RP/0/RP0/CPU0:router(config-cgn-map_e)#
or
cpe-domain ipv6 prefix ipv6 address/prefix
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# cpe-dom
ain ipv6 prefix 2001:da8:a464::/48
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Path MTU of the Tunnel
Perform this task to configure the path Maximum Transmission Unit (MTU) of the tunnel.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
path-mtu value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1210
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 4
Configures the path MTU of the tunnel. The range is from
1280 to 9216.
path-mtu value
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)#
path-mtu 1300
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Port Sharing Ratio
Perform this task to configure the sharing ratio of the port.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1211
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring Different CGv6 Applications on ISM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type map-e instance-name
4.
sharing-ratio number
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Creates an instance of the CGv6 application and enters
CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type map-e instance-name
Defines the service type keyword definition for the CGv6
MAP-E application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
map-e m1
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1212
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring High Availability on ISM
Step 4
Command or Action
Purpose
sharing-ratio number
Configures the port sharing ratio. The range is from 1 to
32768.
Example:
Note
The value is expressed in powers of 2.
RP/0/RP0/CPU0:router(config-cgn-map_e)#
sharing-ratio 64
RP/0/RP0/CPU0:router(config-cgn-map_e)#
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-map_e)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-map_e)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring High Availability on ISM
ISM supports high availability or 1:1 redundancy on different CGv6 applications.
Perform these tasks to configure HA on ISM.
•
Configuring Active or Standby ISM, page 3-213
•
Enabling Failure Detection, page 3-215
Configuring Active or Standby ISM
Perform this task to configure active or standby ISM.
SUMMARY STEPS
1.
configure
2.
hw-module service cgn location node-id
3.
interface ServiceInfra value
4.
service-location preferred-active node-id [preferred-standby node-id]
5.
ipv4 address address/mask
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1213
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring High Availability on ISM
6.
end
or
commit
7.
reload
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
hw-module service cgn location node-id
Configures role as CGN on both the ISM locations.
Example:
RP/0/RP0/CPU0:router(config)# hw-module service
cgn location 0/1/CPU0
Step 3
interface ServiceInfra value
Configures the infrastructure service virtual interface (SVI)
for both the ISM locations.
Example:
RP/0/RP0/CPU0:router(config)# interface
ServiceInfra 1
RP/0/RP0/CPU0:router(config-if)#
Step 4
service-location preferred-active node-id
[preferred-standby node-id]
Configures the preferred active and preferred standby
nodes.
Example:
RP/0/RP0/CPU0:router(config-if)#
service-location preferred-active 0/1/CPU0
preferred-standby 0/4/CPU0
Step 5
ipv4 address address/mask
Sets the primary IPv4 address and netmask.
Example:
RP/0/RP0/CPU0:router(config-if)# ipv4 address
1.1.1.1/30
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1214
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring High Availability on ISM
Step 6
Command or Action
Purpose
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Step 7
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Once the configuration is complete, reload both the cards
for changes to take effect and wait till in ‘APP READY’
state.
reload
Example:
RP/0/RP0/CPU0:Router#hw-mod location 0/1/CPU0
reload
Enabling Failure Detection
Perform this task to enable failure detection.
SUMMARY STEPS
1.
configure
2.
service-cgv6-ha location node-id puntpath-test
3.
service-cgv6-ha location node-id datapath-test
4.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1215
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuring High Availability on ISM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service-cgv6-ha location node-id puntpath-test
Configures role as CGv6 and failure detection for puntpath
tests.
Example:
RP/0/RP0/CPU0:router(config)# service-cgv6-ha
location 0/1/CPU0 puntpath-test
Step 3
service-cgv6-ha location node-id datapath-test
Configures role as CGv6 and failure detection for datapath
tests.
Example:
RP/0/RP0/CPU0:router(config)# service-cgv6-ha
location 0/1/CPU0 datapath-test
Step 4
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Note
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
By default, failure detection for punt path, data path is not triggered unless the above commands are
configured.These commands can be configured only when ISM role is CGN and ISM in “App-Ready”
state.
To disable failure detection, use the no form of the commands:
•
no service-cgv6-ha location node-id puntpath-test
•
no service-cgv6-ha location node-id datapath-test
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1216
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
Configuration Examples for Implementing CGv6
This section provides the following configuration examples for CGv6:
•
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44: Example,
page 3-217
•
Configuring Different Inside VRF Maps to Identical Outside VRF maps for NAT44: Example,
page 3-218
•
NAT44 Configuration: Example, page 3-219
•
DS Lite Configuration: Example, page 3-221
•
Stateful NAT64 Configuration: Example, page 3-222
•
MAP-T Configuration: Example, page 3-225
•
DBL Configuration: Example, page 3-226
•
Services Redundancy Configuation (Active/Standby ISM): Example, page 3-226
•
6RD Configuration: Example, page 3-227
•
MAP-E Configuration: Example, page 3-228
•
PPTP ALG Configuration: Example, page 3-229
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44:
Example
This example shows how to configure a different inside VRF map to a different outside VRF and
different outside address pools:
service cgn cgn1
inside-vrf insidevrf1
map outside-vrf outsidevrf1 address-pool 100.1.1.0/24
!
!
inside-vrf insidevrf2
map outside-vrf outsidevrf2 address-pool 100.1.2.0/24
!
service-location preferred-active 0/2/cpu0
!
interface ServiceApp 1
vrf insidevrf1
ipv4 address 210.1.1.1 255.255.255.0
service cgn cgn1
!
router static
vrf insidevrf1
0.0.0.0/0 serviceapp 1
!
!
interface ServiceApp 2
vrf outsidevrf1
ipv4 address 211.1.1.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf outsidevrf1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1217
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
100.1.1.0/24 serviceapp 2
!
!
interface ServiceApp 3
vrf insidevrf2
ipv4 address 1.1.1.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf insidevrf2
0.0.0.0/0 serviceapp 3
!
!
interface ServiceApp 4
vrf outsidevrf2
ipv4 address 2.2.2.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf outsidevrf2
100.1.2.0/24 serviceapp 4
Configuring Different Inside VRF Maps to Identical Outside VRF maps for NAT44:
Example
This example shows how to configure different inside VRF maps to identical outside VRF maps:
Note
Configure outsideServiceApp in the CGN configuration for the following ServiceApp pair:
•
Two different inside vrf
•
Two identical outside vrf
service cgn cgn-service-kykwifi
service-location preferred-active 0/0/CPU0
service-type nat44 kykwifi-nat44
portlimit 512
alg ActiveFTP
alg rtsp
alg pptpAlg
inside-vrf INTERNET_PRIVATE_CGNAT
map outside-vrf INTERNET outsideServiceApp ServiceApp2 address-pool 81.213.32.0/22
external-logging syslog
server
address 10.106.61.20 port 514
!
!
inside-vrf INTERNET_PRIVATE_CGNAT2
map outside-vrf INTERNET outsideServiceApp ServiceApp4 address-pool 81.213.36.0/22
external-logging syslog
server
address 10.106.61.20 port 514
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1218
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
NAT44 Configuration: Example
This example shows a NAT44 sample configuration:
interface Loopback40
description IPv4 Host for NAT44
ipv4 address 40.22.22.22 255.255.0.0
!
interface Loopback41
description IPv4 Host for NAT44
ipv4 address 41.22.22.22 255.255.0.0
!
interface GigabitEthernet0/3/0/0.1
description Connected to P2_ASR9000-8 GE 0/6/5/0.1
ipv4 address 10.222.5.22 255.255.255.0
encapsulation dot1q 1
!
router static
address-family ipv4 unicast
180.1.0.0/16 10.222.5.2
181.1.0.0/16 10.222.5.2
!
!
Hardware Configuration for ISM
!
vrf InsideCustomer1
address-family ipv4 unicast
!
!
vrf OutsideCustomer1
address-family ipv4 unicast
!
!
hw-module service cgn location 0/3/CPU0
!
!
interface GigabitEthernet0/6/5/0.1
vrf InsideCustomer1
ipv4 address 10.222.5.2 255.255.255.0
encapsulation dot1q 1
!
interface GigabitEthernet0/6/5/1.1
vrf OutsideCustomer1
ipv4 address 10.12.13.2 255.255.255.0
encapsulation dot1q 1
!
interface ServiceApp1
vrf InsideCustomer1
ipv4 address 1.1.1.1 255.255.255.252
service cgn cgn1 service-type nat44
!
interface ServiceApp2
vrf OutsideCustomer1
ipv4 address 2.1.1.1 255.255.255.252
service cgn cgn1 service-type nat44
!
interface ServiceInfra1
ipv4 address 75.75.75.75 255.255.255.0
service-location 0/3/CPU0
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1219
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
!
router static
!
vrf InsideCustomer1
address-family ipv4 unicast
0.0.0.0/0 ServiceApp1
40.22.0.0/16 10.222.5.22
41.22.0.0/16 10.222.5.22
181.1.0.0/16 vrf OutsideCustomer1 GigabitEthernet0/6/5/1.1 10.12.13.1
!
!
vrf OutsideCustomer1
address-family ipv4 unicast
40.22.0.0/16 vrf InsideCustomer1 GigabitEthernet0/6/5/0.1 10.222.5.22
41.22.0.0/16 vrf InsideCustomer1 GigabitEthernet0/6/5/0.1 10.222.5.22
100.0.0.0/24 ServiceApp2
180.1.0.0/16 10.12.13.1
181.1.0.0/16 10.12.13.1
!
!
!
ISM Configuration
service cgn cgn1
service-location preferred-active 0/3/CPU0
service-type nat44 nat44
portlimit 200
alg ActiveFTP
inside-vrf InsideCustomer1
map outside-vrf OutsideCustomer1 address-pool 100.0.0.0/24
protocol tcp
static-forward inside
address 41.22.22.22 port 80
!
!
protocol icmp
static-forward inside
address 41.22.22.22 port 80
!
!
external-logging netflow version 9
server
address 172.29.52.68 port 2055
refresh-rate 600
timeout 100 !
!
!
!
!
IPv4: 180.1.1.1/16
!
interface Loopback180
description IPv4 Host for NAT44
ipv4 address 180.1.1.1 255.255.0.0
!
interface Loopback181
description IPv4 Host for NAT44
ipv4 address 181.1.1.1 255.255.0.0
!
interface GigabitEthernet0/6/5/1.1
ipv4 address 10.12.13.1 255.255.255.0
encapsulation dot1q 1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1220
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
!
router static
address-family ipv4 unicast
40.22.0.0/16 10.12.13.2
41.22.0.0/16 10.12.13.2
100.0.0.0/24 10.12.13.2 !
!
Bulk Port Allocation and Syslog Configuration: Example
service cgn cgn2
service-type nat44 natA
inside-vrf broadband
map address-pool 100.1.2.0/24
external-logging syslog
server
address 20.1.1.2 port 514
!
!
bulk-port-alloc size 64
!
!
DS Lite Configuration: Example
IPv6 ServiceApp and Static Route Configuration
conf
int serviceApp61
service cgn cgn1 service-type ds-lite
ipv6 address 2001:202::/32
commit
exit
router static
address-family ipv6 unicast
3001:db8:e0e:e01::/128 ServiceApp61 2001:202::2
commit
exit
end
IPv4 ServiceApp and Static Route Configuration
conf
int serviceApp41
service cgn cgn1 service-type ds-lite
ipv4 add 41.41.41.1/24
commit
exit
router static
address-family ipv4 unicast
52.52.52.0/24 ServiceApp41 41.1.1.2
commit
exit
end
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1221
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
DS Lite Configuration
service cgn cgn1
service-location preferred-active 0/2/CPU0 preferred-standby 0/4/CPU0
service-type ds-lite dsl1
portlimit 200
bulk-port-alloc size 128
map address-pool 52.52.52.0/24
aftr-tunnel-endpoint-address 3001:DB8:E0E:E01::
address-family ipv4
interface ServiceApp41
address-family ipv6
interface ServiceApp61
protocol tcp
session init timeout 300
session active timeout 400
mss 1200
external-logging netflow9
server
address 90.1.1.1 port 99
external-logging syslog
server
address 90.1.1.1 port 514
Stateful NAT64 Configuration: Example
service cgn cgn1
service-type nat64 stateful stful1
!
!
service cgn cgn1
service-type nat64 stateful stful1
ipv6-prefix 2001:db8::/32
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
ipv4 address-pool 200.20.30.0/24
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
ipv4 address-pool 200.20.30.0/24
ipv4 address-pool 300.20.30.0/24
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
Ubit-reserved
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
portlimit 1000
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1222
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
!
!
service cgn cgn1
service-type nat64 stateful stful1
dynamic-port-range start 1010
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol icmp
timeout 900
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol tcp
session active timeout 90
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol tcp
session initial timeout 90
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol udp
timeout 1800
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol udp
timeout 90
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol icmp
address 123.33.4.4
port 1234 timeout 908
port 1235 timeout 1000
!
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol tcp
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1223
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
address 123.33.4.4
timeout 908
timeout 1000
!
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol udp
port 1234 timeout 908
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv4
tcp mss 600
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv6
tcp mss 600
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv4
tos 100
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv6
traffic class 100
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv6
protocol icmp
reset-mtu
!
!
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
address-family ipv6
df-override
!
!
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1224
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
!
service cgn cgn1
service-type nat64 stateful stful1
filtering-policy
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
tcp-policy
!
!
!
service cgn cgn1
service-type nat64 stateful stful1
protocol tcp
v4-init-timeout 20
!
!
!
!
MAP-T Configuration: Example
hw-module service cgn location 0/0/CPU0
interface ServiceApp4
ipv4 address 30.30.30.1 255.255.255.0
service cgn test service-type map-t
!
interface ServiceApp6
ipv4 address 19.1.1.1 255.255.255.252
ipv6 address 2001:101::/32
service cgn test service-type map-t
!
interface ServiceInfra1
ipv4 address 200.1.1.1 255.255.255.0
service-location 0/0/CPU0
!
router static
address-family ipv4 unicast
202.38.102.0/24 ServiceApp4 30.30.30.2
!
address-family ipv6 unicast
2001:da8:a464:ffff::/64 ServiceApp6 2001:101::2
!
service cgn test
service-location preferred-active 0/0/CPU0
service-type map-t xlat1
cpe-domain ipv6 prefix 2001:da8:a464::/48
cpe-domain ipv4 prefix 202.38.102.0/24
external-domain ipv6 prefix 2001:da8:a464:ffff::/64
sharing-ratio 64
contiguous-ports 128
address-family ipv4
interface ServiceApp4
tcp mss 235
tos 100
!
address-family ipv6
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1225
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
interface ServiceApp6
tcp mss 1154
traffic-class 100
df-override
;
!
!
DBL Configuration: Example
NAT44 Instance
service cgn cgn1
service-type nat44 nat1
inside-vrf ivrf
external-logging netflow version 9
server session-logging
DS-Lite Instance
service cgn cgn1
service-type ds-lite ds-lite1
external-logging netflow9
server session-logging
Services Redundancy Configuation (Active/Standby ISM): Example
Active ISM Configuration
conf t
interface ServiceInfra 1
service-location 0/1/CPU0
ipv4 address 50.1.1.1/24
exit
hw-module service cgn location 0/1/CPU0
commit
exit
Stand By ISM Configuration
conf t
interface ServiceInfra 2
service-location 0/2/CPU0
ipv4 address 100.1.1.1/24
exit
hw-module service cgn location 0/2/CPU0
commit
exit
conf t
service cgn <cgn name>
service-location preferred-active 0/1/CPU0 preferred-standby 0/2/CPU0
commit
exit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1226
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
6RD Configuration: Example
This example shows a sample 6RD configuration:
vrf ivrf
!
hw-module service cgn location 0/0/CPU0
hw-module service cgn location 0/2/CPU0
interface ServiceApp41
vrf ivrf
ipv4 address 5.5.5.1 255.255.0.0
service cgn cgn1 service-type tunnel v6rd
!
interface ServiceApp42
ipv4 address 6.6.6.1 255.255.255.0
service cgn cgn1 service-type tunnel v6rd
!
interface ServiceApp61
ipv6 address 2001:db8:1617:1819::2/64
service cgn cgn1 service-type tunnel v6rd
!
interface ServiceApp62
ipv6 address 3001:db8:1617:181a::2/64
service cgn cgn1 service-type tunnel v6rd
!
interface ServiceInfra1
ipv4 address 1.1.1.1 255.255.255.0
service-location 0/0/CPU0
!
interface ServiceInfra2
ipv4 address 2.2.2.2 255.255.255.0
service-location 0/2/CPU0
!
router static
address-family ipv4 unicast
8.37.0.0/16 8.36.0.1
8.42.25.0/24 8.36.5.2
10.1.2.0/24 GigabitEthernet0/3/0/2
10.64.83.49/32 8.36.0.1
22.23.24.26/32 6.6.6.2
102.2.0.0/16 ServiceApp3
192.168.3.0/24 GigabitEthernet0/3/0/3
192.168.3.0/24 GigabitEthernet0/3/0/4
202.153.144.0/24 8.36.0.1
!
address-family ipv6 unicast
2001:db8::/32 ServiceApp61
2001:db8:1617:1819::/64 Null0
2001:db8:1617:1819::/128 ServiceApp61
2001:db8:1617:1819::1/128 ServiceApp61
3001:db8::/32 ServiceApp62
3001:db8:1617:181a::/64 Null0
3001:db8:1617:181a::/64 ServiceApp62
3001:db8:1617:181a::1/128 ServiceApp62
!
vrf ivrf
address-family ipv4 unicast
0.0.0.0/0 5.6.5.2
22.23.24.25/32 5.5.5.2
192.168.3.5/32 10.1.2.3
!
!
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1227
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
service cgn cgn1
service-location preferred-active 0/2/CPU0 preferred-standby 0/0/CPU0
service-type tunnel v6rd 6rd1
ttl 255
path-mtu 1480
br
ipv6-prefix 2001:db8::/32
source-address 22.23.24.25
unicast address 2001:db8:1617:1819::1
!
address-family ipv4
interface ServiceApp41
!
address-family ipv6
interface ServiceApp61
!
!
service-type tunnel v6rd 6rd2
br
ipv6-prefix 3001:db8::/32
source-address 22.23.24.26
unicast address 3001:db8:1617:181a::1
!
address-family ipv4
interface ServiceApp42
!
address-family ipv6
interface ServiceApp62
!
!
!
MAP-E Configuration: Example
This example shows a sample MAP-E configuration:
hw-module service cgn location 0/0/CPU0
interface ServiceApp1
ipv4 address 30.30.30.1 255.255.255.0
service cgn cgn1 service-type map-e m1
!
interface ServiceApp2
ipv4 address 19.1.1.1 255.255.255.252
ipv6 address 2001:101::/32
service cgn cgn1 service-type map-e m1
!
interface ServiceInfra1
ipv4 address 200.1.1.1 255.255.255.0
service-location 0/0/CPU0
!
router static
address-family ipv4 unicast
202.38.102.0/24 ServiceApp1 30.30.30.2
!
address-family ipv6 unicast
2001:da8:a464:ffff::/64 ServiceApp2 2001:101::2
!
service cgn cgn1
service-location preferred-active 0/0/CPU0
service-type map-e m1
cpe-domain ipv6 prefix 2001:da8:a464::/48
cpe-domain ipv4 prefix 202.38.102.0/24
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1228
OL-30392-01
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
aftr-endpoint-address 2001:da8:a464:ffff::/128
sharing-ratio 16
contiguous-ports 32
path-mtu 1300
address-family ipv4
interface ServiceApp1
tcp mss 235
!
address-family ipv6
interface ServiceApp2
tcp mss 1154
!
!
PPTP ALG Configuration: Example
NAT44 Instance
service cgn cgn1
service-location preferred-active 0/1/CPU0
service-type nat44 inst1
alg pptpAlg
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
3-1229
Chapter 3
Carrier Grade IPv6 over Integrated Services Module (ISM)
Configuration Examples for Implementing CGv6
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
3-1230
OL-30392-01
CH A P T E R
4
Carrier Grade IPv6 over Virtualized Services
Module (VSM)
This module describes how to implement the Carrier Grade IPv6 (CGv6) over Virtualized Services
Module (VSM).
Virtualized Services Module (VSM)
VSM is the next generation service card on the Cisco ASR 9000 Series Aggregation Services Router.
The software infrastructure on this card provides a virtual environment and the services run as virtual
machines (VM) in this environment. The VMs simulate individual physical computing environments
over a common hardware. The available hardware resources, like processor, memory, hard disk, and so
on, are virtualized and allocated to individual virtual machines by the hypervisor.
VSM Components
VSM is capable of hosting multiple VMs. It consists of the following components:
•
IOS XR VM: This VM is used for managing the routing functions.
•
System Admin VM: This VM is used for the system administration.
•
Application VM: CGv6 is the application VM running on VSM. In the current release, only one
CGv6 VM can run at a given time.
•
Linux Host and Hypervisor: The routing functions and the system administration functions are run
on separate virtual machines (VMs) over a Linux host operating system. The CGv6 VM, along with
the other VMs, runs on the top of the KVM hypervisor.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-11
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Installing CGv6 on VSM
IOS-XR VM
(Socket 0)
CGv6 VM
(Socket 0-3)
Sysadmin
VM
(Socket 0)
Socket #0
Socket #1
Socket #2
Socket #3
361813
Host Linux + Hypervisor
Features and Considerations
Some of the features and considerations of VSM are:
•
The CGv6 application has to run in a VM environment.
•
The IOS XR Service Enablement CLIs are needed to create, delete, access, and operate on CGv6
VM.
•
The VSM card can co-exist with other LCs including ISM.
•
Each NP has 6 NP ports and can send traffic to 24 CGv6 Application processes.
•
For each VSM card, a ServiceInfra interface needs to be configured.
•
Traffic diversion may be done based on a static route or ACL-based forwarding (ABF).
•
In the current release, VSM does not support multiple CGv6 VMs on the same card.
Installing CGv6 on VSM
The process of installing CGv6 on VSM involves the following:
Note
•
Prerequisites
•
Installing CGv6 OVA Package
•
Activating CGv6 VM
•
Deactivating CGv6 VM
•
Uninstalling CGv6 OVA Package
If you are performing an upgrade or a downgrade of CGv6 VM, it needs to be deactivated first,
uninstalled, installed, and then activated.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-12
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Installing CGv6 on VSM
Note
Before upgrading or downgrading the CGv6 OVA package on the Active VSM card in HA (high
availability) mode, perform a graceful shift of the traffic from Active VSM to Standby VSM. This will
ensure that the CGN-related configuration is replicated into a standby card. To perform graceful shift of
the traffic, run the “service redundancy failover service-type all preferred-active <active-vsm-slot>”
command in EXEC mode.
Prerequisites
Ensure that you have installed the following images:
•
asr9k-mini-px.vm (Base IOS-XR image)
•
asr9k-services-infra.pie (VSM Services Infra package)
•
asr9k-services-px.pie (CGv6 Services package)
•
asr9k-fpd-px.pie (FPGA Image IOS XR package)
•
asr9k-vsm-cgv6-<version>.ova (Linux Open Virtual Alliance or OVA package)
Installing CGv6 OVA Package
The CGv6 Virtual Machine (VM) is provided as an OVA package. Open Virtualization Appliance (OVA)
is a single file distribution of the file package. The CGv6 OVA package consists of the following files:
•
OVA Profile Descriptor file
•
Package version file
•
Linux Image file
The process of installation of CGv6 OVA package consists of the following steps:
Step 1
Copy the OVA file from the remote location to the RP disk.
RP/0/RSP0/CPU0:router# copy <tftp location>/asr9k-vsm-cgv6.ova disk0:/
Note
Step 2
Once the CGv6 OVA package is copied to RP’s disk, you can install it on multiple VSMs on the same
chassis.
Before you run any VM command, enable virtual service.
RP/0/RSP0/CPU0:router(config)#virtual-service enable
RP/0/RSP0/CPU0:router(config)#commit
Step 3
Install CGv6 VM on a specific VSM card.
RP/0/RSP0/CPU0:router#virtual-service install name <service/VM name> package <OVA package
name> node <VSM_location>
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-13
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Installing CGv6 on VSM
Note
Step 4
The service or VM name can contain only alphanumeric characters (A to Z, a to z, or 0 to 9) or an
underscore (_). All other special characters are not allowed. The installation process might take about
7-8 minutes.
Check the progress of the installation process by using the show virtual-service list command. Once the
installation is complete, the status is changed to Installed.
RP/0/RSP0/CPU0:router# show virtual-service list
Virtual Service List:
Name
cgn1
Status
Package Name
Node
Installing asr9k-vsm-cgv6.ova 0/1/CPU0
RP/0/RSP0/CPU0:NAT#sh virtual-service list
Name
Status
Package Name
Node
cgn1
Installed asr9k-vsm-cgv6.ova 0/1/CPU0
Activating CGv6 VM
The steps to activate the CGv6 VM are as follows:
Step 1
Configure the CGv6 VM and the 12 Gigabit Ethernet (GE) interfaces in the global configuration mode.
RP/0/RSP0/CPU0:router(config)# virtual-service cgn123
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# vnic interface
RP/0/RSP0/CPU0:router(config-virt-service)# commit
Step 2
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
tenGigE
0/2/1/0
0/2/1/1
0/2/1/2
0/2/1/3
0/2/1/4
0/2/1/5
0/2/1/6
0/2/1/7
0/2/1/8
0/2/1/9
0/2/1/10
0/2/1/11
Activate the CGv6 VM.
RP/0/RSP0/CPU0:router(config-virt-service)# activate
RP/0/RSP0/CPU0:router(config-virt-service)# commit
Step 3
Check the progress of the activation process by using the show virtual-service list command. Once the
VM is activated, the status changes to Activated.
RP/0/RSP0/CPU0:router# show virtual-service list
Virtual Service List:
Name
cgn123
Note
Step 4
Status
Package Name
Activated asr9k-vsm-cgv6.ova
Once the VM is activated, it takes about 5 minutes for the CGv6 applications to come up.
Configure the ServiceInfra interface.
RP/0/RSP0/CPU0:router# configure terminal
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-14
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Uninstalling CGv6 on VSM
RP/0/RSP0/CPU0:router(config)# interface ServiceInfra 1
RP/0/RSP0/CPU0:router(config-int)# ipv4 address 3.1.1.1 255.255.255.252
RP/0/RSP0/CPU0:router(config-int)# service-location 0/2/CPU0
RP/0/RSP0/CPU0:router(config-int)# commit
Step 5
Before you configure NAT44, ensure that the 12 Gigabit Ethernet (GE) interfaces are up. If they are in
the shutdown mode, then change their mode by using the no shut command.
Note
In IOS-XR, by default, any interface that is not configured is shut down when the associated line card is
reloaded. To prevent this behavior on the VSM TenGigE interface (port), add a minor configuration (such
as, description) on the interface.
RP/0/RSP0/CPU0:router(config)# interface tenGigE 0/2/1/0
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/1
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/2
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/3
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/4
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/5
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/6
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/7
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/8
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/9
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/10
RP/0/RSP0/CPU0:router(config-if)# interface tenGigE 0/2/1/11
RP/0/RSP0/CPU0:router(config-if)# no shut
RP/0/RSP0/CPU0:router(config-if)# commit
Uninstalling CGv6 on VSM
The process of uninstalling CGv6 VSM involves the following processes:
•
Deactivating CGv6 VM
•
Uninstalling CGv6 OVA Package
•
Disabling the Service Enablement Feature
Deactivating CGv6 VM
To de-activate the CGv6 VM, perform the following in the global configuration mode:
RP/0/RP0/CPU0:router(config)# virtual-service cgn123
RP/0/RP0/CPU0:router(config-virt-service)# no activate
RP/0/RP0/CPU0:router(config-virt-service)# commit
To remove the CGv6 instance, perform the following in the global configuration mode:
RP/0/RP0/CPU0:router(config)# no virtual-service cgn123
RP/0/RP0/CPU0:router(config)# commit
Uninstalling CGv6 OVA Package
To uninstall the CGv6 OVA package, run the following commands in the EXEC mode:
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-15
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Uninstalling CGv6 on VSM
RP/0/RSP0/CPU0:router# virtual-service uninstall name cgn123 node 0/2/CPU0
Disabling the Service Enablement Feature
To disable the service enablement feature, run the following commands in the global configuration
mode:
RP/0/RP0/CPU0:router(config)# no virtual-service enable
RP/0/RP0/CPU0:router(config)# commit
VSM scale numbers
ASR9K supports the following VSM scale numbers:
Parameter Name
Value per VSM
Value per ASR9K Chassis
with VSM
Number of CGN or CGv6 Instances
1
4
Number of Service Infra Interfaces
1
4
Number of Service App interfaces
512
Number of NAT44 instances
1
Number of Stateful Translation
80 Millions
Number of NAT session
80 Millions
Number of NAT users
4 Million
Number of Static Port Forwarding Entries
6000
Number of Public IPv4 addresses
65536 or 16
Number of VRF per NAT44 instance
128 (inside) + 128 (outside)
BNG
32k per np
VRF
8000
4
GDOI
15 Groups per Node
(There are 15 Groups per Node. Two nodes
for S2S VPN.)
DS-Lite Sessions
80 Million
NAT64 Sessions
80 Million
6RD
(ASR 9000 Enhanced Ethernet Line Card is
inline with 6RD with an expectation rate of
90 percent.)
Note
Number of VSM cards per chassis can be adjusted based on the type of chassis and traffic
assessment.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-16
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Implementing NAT44 on VSM
This section explains the implementation of NAT44 on VSM.
In this release, VSM supports the following two features on NAT44. The configurations for these
features are explained in the later sections.
•
TCP Sequence Check
•
Address and Port-Dependent Filtering
VSM scale numbers supported in NAT 44
NAT 44 supports the following VSM scale numbers:
Parameter Name
Value per VSM
Value per ASR9K Chassis
with VSM
Number of NAT44 instances
1
6
Number of Stateful Translation
80 Millions
Number of NAT session
80 Millions
Number of NAT users
4 Million
Number of Static Port Forwarding Entries
6000
Number of Public IPv4 addresses
65536 or 16
Number of VRF per NAT44 instance
128 (inside) + 128 (outside)
VSM Scale numbers supported in NAT 64
NAT 64 supports the following VSM scale numbe
Parameter Name
Value per VSM
Value per ASR9K Chassis
with VSM
NAT64 Sessions
80 Millions
6
TCP Sequence Check
In order to overcome security threats to less secure networks, Cisco Virtualized Services Module (VSM)
performs TCP sequence check.
A sequence number is a 32-bit number that is included in a packet in a TCP session. The sequence
numbers of the incoming packets are stored in the translation or session entry. If a packet's sequence
number does not match the expected sequence number, then the packet is dropped . In this way, the
networks can be secured from spoofed packets.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-17
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
You can perform these TCP sequence checks by using the sequence-check command. An optional
keyword, diff-window, has been provided for a user to define and configure the accepted expected range
of sequence numbers. But it is recommended that the user does not specify this range and instead allows
the router to compute the range for each TCP session based on the client-server negotiation.
Two counters are configured for the TCP sequence checks:
•
Out-to-In packets counter: This counter keeps a count of the packets whose sequence numbers did
not match the expected range. But yet these packets are translated and forwarded because TCP
sequence check has not been configured.
•
Dropped packets counter: This counter keeps a count of the packets that were dropped because of
the TCP sequence check.
The counters are displayed by using the show cgn nat44 counters command.
Address and Port-Dependent Filtering
Currently, CGN on VSM implements the following by default:
•
Endpoint-Independent Mapping: This mapping process reuses the port mapping for subsequent
packets that are sent from the same internal IP address and port to any external IP address and port.
•
Endpoint-Independent Filtering: This filtering process filters out only packets that are not destined
to the internal address and port regardless of the external IP address and port source.
In such a configuration, by knowing the translated IP address and the port of a private host, any malicious
host in a public network can initiate packet floods to that private host. In order to prevent such attacks,
the address and port-dependent filtering feature has to be enabled by using the filter-policy command.
The user can disable the filtering based on port by using the ignore-port keyword with this command.
Two counters are configured for the address and port-dependent filtering:
•
Total number of sessions created due to Out2In packets: This counter keeps a count of the sessions
that were created by the packets coming from outside.
•
Number of Out2In drops due to end point filtering: This counter keeps a count of the packets that
were dropped because of the endpoint filtering.
The counters are displayed by using the show cgn nat44 counters command.
Configuring NAT44 on VSM
Perform these tasks to configure NAT44 on VSM.
•
Configuring a NAT44 Instance
•
Configuring the Application Service Virtual Interface
•
Configuring the Policy Functions
•
Configuring One-to-One Mapping for NAT44 over VSM
Configuring a NAT44 Instance
Perform this task to configure a NAT44 instance.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-18
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
service cgn nat44 instance-name
3.
service-location preferred-active node-id
4.
service-type nat44 instance-name
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn nat44 instance-name
Configures the instance named cgn1 for the CGv6 NAT44
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-location preferred-active node-id
Configures the active locations for the CGv6 application.
Note: preferred-standby option is supported in Cisco
IOS XR Release 4.3.0 onwards for redundancy.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-19
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 4
Command or Action
Purpose
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Application Service Virtual Interface
The following section lists guidelines for selecting serviceapp interfaces for NAT44. Here <n> is an odd
integer.
•
Pair ServiceApp<n> with ServiceApp<n+1>. This is to ensure that the ServiceApp pairs works
with a maximum throughput. For example, ServiceApp1 with ServiceApp2 or ServiceApp3 with
ServiceApp4.
•
Pair ServiceApp<n> with ServiceApp<n+5> or ServiceApp<n+9>. However, maintaining a track
of these associations can be error prone. For example, ServiceApp1 with ServiceApp6,
ServiceApp1 with ServiceApp10, ServiceApp3 with ServiceApp8, or ServiceApp3 with
ServiceApp12. Hence it is not recommended.
•
Pair ServiceApp<n> with ServiceApp<n+4>. For example, ServiceApp1 with ServiceApp5, or
ServiceApp2 with ServiceApp6. Although such ServiceApp pairs work, the aggregate throughput
for Inside-to-Outside and Outside-to-Inside traffic for the ServiceApp pair is halved.
•
Do not pair ServiceApp<n> with ServiceApp<n+1>. When used, Outside-to-Inside traffic is
dropped because traffic flows in the wrong dispatcher and core.
One ServiceApp interface pair can be used as inside and the other as outside.
Perform the following tasks to configure the application service virtual interface (SVI) to forward data
traffic.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-110
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
interface ServiceApp value
3.
ipv4 address address/mask
4.
service cgn instance-name service-type nat44
5.
vrf vrf-name
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
interface ServiceApp value
Configures the application SVI as 1 and enters interface
configuration mode.
Example:
RP/0/RP0/C
PU0:router(config)# interface ServiceApp 1
RP/0/RP0/CPU0:router(config-if)#
Step 3
ipv4 address address/mask
Sets the primary IPv4 address for an interface.
Example:
RP/0/RP0/CPU0:router(config-if)# ipv4 address
1.1.1.1/30
Step 4
service cgn instance-name service-type nat44
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config-if)# service cgn
cgn1 service-type nat44
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-111
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
vrf vrf-name
Configures the VPN routing and forwarding (VRF) for the
Service Application interface
Example:
RP/0/RP0/CPU0:router(config-if)# vrf insidevrf1
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-if)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-if)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring an Inside and Outside Address Pool Map
Perform this task to configure an inside and outside address pool map with the following scenarios.
•
The designated address pool is used for CNAT.
•
One inside VRF is mapped to only one outside VRF or a default VRF.
•
Max Outside public pool per VSM/CGv6 instance is 64 K or 65536 addresses. That is, if a /16
address pool is mapped, then we cannot map any other pool to that particular VSM.
•
Multiple inside vrf cannot be mapped to same outside address pool.
•
While Mapping Outside Pool Minimum value for prefix is 16 and maximum value is 27.
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
map [outside-vrf outside-vrf-name] address-pool address/prefix
SUMMARY STEPS
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-112
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures an inside VRF named insidevrf1 and enters
CGv6 inside VRF configuration mode.
inside-vrf vrf-name
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-113
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
map [outside-vrf outside-vrf-name] address-pool
address/prefix
Configures an inside VRF to an outside VRF and address
pool mapping. Sometimes, if 2 inside VRFs are mapped to
a single outside VRF, then use the following:
Example:
map outside-vrf outside vrf1 outsideServiceApp
ServiceApp206 address-pool 10.10.0.0/24
RP/0/RP0/CPU0:router(config-cgn-invrf)# map
outside-vrf outside vrf1 address-pool
10.10.0.0/24
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Policy Functions
Perform these tasks to configure the policy functions.
•
Configuring the Port Limit Per Subscriber, page 4-14
•
Configuring the Timeout Value for the Protocol, page 4-16
•
Configuring FTP ALG, page 4-21
•
Configuring PPTP ALG, page 4-22
•
Configuring RTSP ALG, page 4-23
•
Configuring the TCP Adjustment Value for the Maximum Segment Size, page 4-25
•
Configuring the Refresh Direction for the Network Address Translation, page 4-27
•
Configuring Static Port Forwarding for Port Numbers, page 4-28
•
Configuring the Dynamic Port Ranges, page 4-30
Configuring the Port Limit Per Subscriber
Perform this task to configure the port limit per subscriber for the system that includes TCP, UDP, and
ICMP.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-114
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
portlimit value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-115
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 4
Command or Action
Purpose
portlimit value
Limits the number of entries per address for each subscriber
of the system
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
portlimit 10
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the Protocol
•
Configuring the Timeout Value for the ICMP Protocol, page 4-16
•
Configuring the Timeout Value for the TCP Session, page 4-18
•
Configuring the Timeout Value for the UDP Session, page 4-19
Configuring the Timeout Value for the ICMP Protocol
Perform this task to configure the timeout value for the ICMP type for the CGv6 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol icmp
5.
timeout seconds
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-116
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures the ICMP protocol session. The example shows
how to configure the ICMP protocol for the CGv6 instance
named cgn1.
protocol icmp
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol icmp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Step 5
Configures the timeout value as 908 for the ICMP session
for the CGv6 instance named cgn1.
timeout seconds
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# timeout
908
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-117
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Configuring the Timeout Value for the TCP Session
Perform this task to configure the timeout value for either the active or initial sessions for TCP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol tcp
5.
session {active | initial} timeout seconds
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
protocol tcp
Example:
Configures the TCP protocol session. The example shows
how to configure the TCP protocol for the CGv6 instance
named cgn1.
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-118
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
session {active | initial} timeout seconds
Configures the timeout value as 90 for the TCP session. The
example shows how to configure the initial session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
initial timeout 90
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout Value for the UDP Session
Perform this task to configure the timeout value for either the active or initial sessions for UDP.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
protocol udp
5.
session {active | initial} timeout seconds
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-119
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
protocol udp
Example:
Configures the UDP protocol sessions. The example shows
how to configure the TCP protocol for the CGv6 instance
named cgn1.
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol udp
RP/0/RP0/CPU0:router(config-cgn-proto)#
Step 5
session {active | initial} timeout seconds
Configures the timeout value as 90 for the UDP session. The
example shows how to configure the active session timeout.
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# session
active timeout 90
Step 6
end
or
commit
Saves configuration changes.
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-proto)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-proto)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-120
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Configuring FTP ALG
Perform this task to configure FTP as the ALG for the specified NAT44 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg activeFTP
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-121
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 4
Command or Action
Purpose
alg activeFTP
Configures the FTP ALG on the NAT44 instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
activeFTP
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring PPTP ALG
Perform this task to configure PPTP as the ALG for the specified NAT44 instance.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg pptpAlg
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-122
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures PPTP as the ALG for the NAT44 instance.
alg pptpAlg
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
pptpAlg
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring RTSP ALG
Perform this task to configure RTSP as the ALG for the specified NAT44 instance. RTSP packets are
usually destined to port 554. But this is not always true because RTSP port value can be configured.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-123
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 instance-name
4.
alg rtsp server-port value
5.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGN
application and enters CGN configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for NAT44
application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-124
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 4
Command or Action
Purpose
alg rtsp [server-port] value
Configures the rtsp ALG on the NAT44 instance for server
port 5000. The range is from 1 to 65535. The default port is
554.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)# alg
rtsp server-port 5000
Caution
Step 5
The option of specifying a server
port) is currently not supported. Even
if you configure some port, RTSP
works only on the default port (554).
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the TCP Adjustment Value for the Maximum Segment Size
Perform this task to configure the adjustment value for the maximum segment size (MSS) for the VRF.
You can configure the TCP MSS adjustment value on each VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
protocol tcp
6.
mss size
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-125
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)#
service-location preferred-active 0/1/CPU0
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
protocol tcp
Configures the TCP protocol session and enters CGv6
inside VRF AFI protocol configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-126
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 6
Command or Action
Purpose
mss size
Configures the adjustment MSS value as 1100 for the inside
VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi-proto
)# mss 1100
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)# e
nd
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Direction for the Network Address Translation
Perform this task to configure the NAT mapping refresh direction as outbound for TCP and UDP traffic.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
refresh-direction Outbound
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-127
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
refresh-direction Outbound
Configures the NAT mapping refresh direction as outbound
for the CGv6 instance named cgn1.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-proto)#refreshdirection Outbound
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn)# commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Static Port Forwarding for Port Numbers
Perform this task to configure static port forwarding for reserved or nonreserved port numbers.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-128
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
protocol tcp
6.
static-forward inside
7.
address address port number
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
inside-vrf vrf-name
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
Configures the TCP protocol session and enters CGv6
inside VRF AFI protocol configuration mode.
protocol tcp
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
protocol tcp
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-129
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 6
Command or Action
Purpose
static-forward inside
Configures the CGv6 static port forwarding entries on
reserved or nonreserved ports and enters CGv6 inside static
port inside configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-proto)#
static-forward inside
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)#
Step 7
address address port number
Configures the CGv6 static port forwarding entries for the
inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# address 1.2.3.4 port 90
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Dynamic Port Ranges
Perform this task to configure dynamic port ranges for TCP, UDP, and ICMP ports. The default value
range of 0 to 1023 is preserved and not used for dynamic translations. Therefore, if the value of dynamic
port range start is not configured explicitly, the dynamic port range value starts at 1024.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
dynamic port range start value
5.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-130
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
dynamic port range start value
Example:
Configures the value of dynamic port range start for a
CGv6 NAT 44 instance. The value can range from 1 to
65535.
RP/0/RP0/CPU0:router(config-cgn-nat44)# dynamic
port range start 1024
Step 5
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-insi
de)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring One-to-One Mapping for NAT44 over VSM
Perform this task to configure one-to-one mapping for private addresses in NAT44 over VSM.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-131
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
map ip one-to-one
6.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures an inside VRF named insidevrf1 and enters
CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-132
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
map ip one-to-one
Configures one-to-one mapping for a CGv6 NAT44
instance.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)# map ip
one-to-one
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring TCP Sequence Check
Perform the following steps for checking the sequence numbers of the packets in a TCP session:
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
firewall protocol tcp
6.
sequence-check
7.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-133
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 instance-name
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures an inside VRF named insidevrf1 and enters
CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
firewall protocol tcp
Enters the firewall mode and the protocol tcp submode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
firewall protocol tcp
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-134
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 6
Command or Action
Purpose
sequence-check
Enables checking of the sequence numbers. The optional
diff-window keyword allows user to configure a value
equal to the difference between the expected and received
sequence numbers. The range for this value is 0 to
1,073,725,440.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
firewall protocol tcp
Step 7
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring Address and Port-Dependent Filtering
Perform the following steps to configure address and port-dependent filtering in a NAT44 configuration.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
filter-policy ignore-port
6.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-135
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 instance-name
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures an inside VRF named insidevrf1 and enters
CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-nat44)#
inside-vrf insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-136
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
filter-policy ignore-port
Enables the address and port-dependent filtering. The
optional ignore-port keyword is used to disable the
port-dependent filtering.
Example:
To enable address and port-dependent filtering:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
filter-policy
To enable address and port-dependent filtering when
the port is not checked:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
filter-policy ignore-port
Step 6
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# end
or
– Entering yes saves configuration changes to the
RP/0/RP0/CPU0:router(config-cgn-invrf-afi)#
commit
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring External Logging for the NAT Table Entries
Perform the following to configure external logging for NAT table entries.
Netflow Logging
Perform the following tasks to configure Netflow Logging for NAT table entries.
•
Configuring the Server Address and Port for Netflow Logging, page 4-38
•
Configuring the Path Maximum Transmission Unit for Netflow Logging, page 4-39
•
Configuring the Refresh Rate for Netflow Logging, page 4-41
•
Configuring the Timeout for Netflow Logging, page 4-43
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-137
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Configuring the Server Address and Port for Netflow Logging
Perform this task to configure the server address and port to log network address translation (NAT) table
entries for Netflow logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
address address port number
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-138
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 5
Command or Action
Purpose
external-logging netflow version 9
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Step 7
address address port number
Configures the IPv4 address and port number 45 to log
Netflow entries for the NAT table.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# address 2.3.4.5 port 45
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Netflow Logging
Perform this task to configure the path maximum transmission unit (MTU) for the netflowv9-based
external-logging facility for the inside VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-139
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
path-mtu value
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-140
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 7
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 200 for the
netflowv9-based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# path-mtu 200
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Refresh Rate for Netflow Logging
Perform this task to configure the refresh rate at which the Netflow-v9 logging templates are refreshed
or resent to the Netflow-v9 logging server.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
refresh-rate value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-141
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflow version 9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflow-v9 based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-142
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 7
Command or Action
Purpose
refresh-rate value
Configures the refresh rate value of 50 to log Netflow-based
external logging information for an inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# refresh-rate 50
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Timeout for Netflow Logging
Perform this task to configure the frequency in minutes at which the Netflow-V9 logging templates are
to be sent to the Netflow-v9 logging server.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging netflow version 9
6.
server
7.
timeout value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-143
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging netflowv9
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging netflow version 9
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
netflowv9-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-144
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 7
Command or Action
Purpose
timeout value
Configures the timeout value of 50 for Netflow logging of
NAT table entries for an inside VRF.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# timeout 50
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Syslog Logging
Perform the following tasks to configure Syslog Logging for NAT table entries.
•
Configuring the Server Address and Port for Syslog Logging, page 4-45
•
Configuring the Host-Name for Syslog Logging, page 4-47
•
Configuring the Path Maximum Transmission Unit for Syslog Logging, page 4-49
Configuring the Server Address and Port for Syslog Logging
Perform this task to configure the server address and port to log NAT table entries for Syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
address address port number
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-145
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
8.
end
or
commit
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-146
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 7
Command or Action
Purpose
address address port number
Configures the IPv4 address and port number 45 to log
Netflow entries for the NAT table.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# address 2.3.4.5 port 45
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Host-Name for Syslog Logging
Perform this task to configure the host name to be filled in the Netflow header for the syslog logging.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
host-name name
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-147
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-148
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
Step 7
Command or Action
Purpose
host-name name
Configures the host name for the syslog-based
external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# host-name host1
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuring the Path Maximum Transmission Unit for Syslog Logging
Perform this task to configure the path maximum transmission unit (MTU) for the syslog-based
external-logging facility for the inside VRF.
SUMMARY STEPS
1.
configure
2.
service cgn instance-name
3.
service-type nat44 nat1
4.
inside-vrf vrf-name
5.
external-logging syslog
6.
server
7.
path-mtu value
8.
end
or
commit
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-149
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Implementing NAT44 on VSM
DETAILED STEPS
Step 1
Command or Action
Purpose
configure
Enters global configuration mode.
Example:
RP/0/RP0/CPU0:router# configure
Step 2
service cgn instance-name
Configures the instance named cgn1 for the CGv6
application and enters CGv6 configuration mode.
Example:
RP/0/RP0/CPU0:router(config)# service cgn cgn1
RP/0/RP0/CPU0:router(config-cgn)#
Step 3
service-type nat44 nat1
Configures the service type keyword definition for CGv6
NAT44 application.
Example:
RP/0/RP0/CPU0:router(config-cgn)# service-type
nat44 nat1
Step 4
inside-vrf vrf-name
Configures the inside VRF for the CGv6 instance named
cgn1 and enters CGv6 inside VRF configuration mode.
Example:
RP/0/RP0/CPU0:router(config-cgn)# inside-vrf
insidevrf1
RP/0/RP0/CPU0:router(config-cgn-invrf)#
Step 5
external-logging syslog
Example:
Configures the external-logging facility for the CGv6
instance named cgn1 and enters CGv6 inside VRF address
family external logging configuration mode.
RP/0/RP0/CPU0:router(config-cgn-invrf)#
external-logging syslog
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
)#
Step 6
Configures the logging server information for the IPv4
address and port for the server that is used for the
syslog-based external-logging facility and enters CGv6
Example:
inside VRF address family external logging server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
configuration mode.
)# server
server
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)#
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-150
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
Step 7
Command or Action
Purpose
path-mtu value
Configures the path MTU with the value of 200 for the
syslog-based external-logging facility.
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# path-mtu 200
Step 8
Saves configuration changes.
end
or
commit
•
When you issue the end command, the system prompts
you to commit changes:
Uncommitted changes found, commit them before
exiting (yes/no/cancel)?
[cancel]:
Example:
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# end
or
– Entering yes saves configuration changes to the
running configuration file, exits the configuration
session, and returns the router to EXEC mode.
RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog
-server)# commit
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
•
Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.
Configuration Examples for Implementing CGv6
This section provides the following configuration examples for CGv6:
•
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44: Example
•
NAT44 Configuration: Example
Configuring a Different Inside VRF Map to a Different Outside VRF for NAT44:
Example
This example shows how to configure a different inside VRF map to a different outside VRF and
different outside address pools:
service cgn cgn1
inside-vrf insidevrf1
map outside-vrf outsidevrf1 address-pool 100.1.1.0/24
!
!
inside-vrf insidevrf2
map outside-vrf outsidevrf2 address-pool 100.1.2.0/24
!
service-location preferred-active 0/2/cpu0
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-151
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
interface ServiceApp 1
vrf insidevrf1
ipv4 address 210.1.1.1 255.255.255.0
service cgn cgn1
!
router static
vrf insidevrf1
0.0.0.0/0 serviceapp 1
!
!
interface ServiceApp 2
vrf outsidevrf1
ipv4 address 211.1.1.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf outsidevrf1
100.1.1.0/24 serviceapp 2
!
!
interface ServiceApp 3
vrf insidevrf2
ipv4 address 1.1.1.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf insidevrf2
0.0.0.0/0 serviceapp 3
!
!
interface ServiceApp 4
vrf outsidevrf2
ipv4 address 2.2.2.1 255.255.255.0
service cgn cgn1
service-type nat44 nat1
!
router static
vrf outsidevrf2
100.1.2.0/24 serviceapp 4
NAT44 Configuration: Example
This example shows a NAT44 sample configuration:
interface Loopback40
description IPv4 Host for NAT44
ipv4 address 40.22.22.22 255.255.0.0
!
interface Loopback41
description IPv4 Host for NAT44
ipv4 address 41.22.22.22 255.255.0.0
!
interface GigabitEthernet0/3/0/0.1
description Connected to P2_ASR9000-8 GE 0/6/5/0.1
ipv4 address 10.222.5.22 255.255.255.0
dot1q vlan 1
!
router static
address-family ipv4 unicast
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-152
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
180.1.0.0/16 10.222.5.2
181.1.0.0/16 10.222.5.2
!
!
Hardware Configuration for VSM
!
vrf InsideCustomer1
address-family ipv4 unicast
!
!
vrf OutsideCustomer1
address-family ipv4 unicast
!
!
hw-module service cgn location 0/3/CPU0
!
!
interface GigabitEthernet0/6/5/0.1
vrf InsideCustomer1
ipv4 address 10.222.5.2 255.255.255.0
dot1q vlan 1
!
interface GigabitEthernet0/6/5/1.1
vrf OutsideCustomer1
ipv4 address 10.12.13.2 255.255.255.0
dot1q vlan 1
!
interface ServiceApp1
vrf InsideCustomer1
ipv4 address 1.1.1.1 255.255.255.252
service cgn cgn1 service-type nat44
!
interface ServiceApp2
vrf OutsideCustomer1
ipv4 address 2.1.1.1 255.255.255.252
service cgn cgn1 service-type nat44
!
interface ServiceInfra1
ipv4 address 75.75.75.75 255.255.255.0
service-location 0/3/CPU0
!
!
router static
!
vrf InsideCustomer1
address-family ipv4 unicast
0.0.0.0/0 ServiceApp1
40.22.0.0/16 10.222.5.22
41.22.0.0/16 10.222.5.22
181.1.0.0/16 vrf OutsideCustomer1 GigabitEthernet0/6/5/1.1 10.12.13.1
!
!
vrf OutsideCustomer1
address-family ipv4 unicast
40.22.0.0/16 vrf InsideCustomer1 GigabitEthernet0/6/5/0.1 10.222.5.22
41.22.0.0/16 vrf InsideCustomer1 GigabitEthernet0/6/5/0.1 10.222.5.22
100.0.0.0/24 ServiceApp2
180.1.0.0/16 10.12.13.1
181.1.0.0/16 10.12.13.1
!
!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-153
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
!
VSM Configuration
service cgn cgn1
service-location preferred-active 0/3/CPU0
service-type nat44 nat44
portlimit 200
alg ActiveFTP
inside-vrf InsideCustomer1
map outside-vrf OutsideCustomer1 address-pool 100.0.0.0/24
protocol tcp
static-forward inside
address 41.22.22.22 port 80
!
!
protocol icmp
static-forward inside
address 41.22.22.22 port 80
!
!
external-logging netflow version 9
server
address 172.29.52.68 port 2055
refresh-rate 600
timeout 100 !
!
!
!
!
IPv4: 180.1.1.1/16
!
interface Loopback180
description IPv4 Host for NAT44
ipv4 address 180.1.1.1 255.255.0.0
!
interface Loopback181
description IPv4 Host for NAT44
ipv4 address 181.1.1.1 255.255.0.0
!
interface GigabitEthernet0/6/5/1.1
ipv4 address 10.12.13.1 255.255.255.0
dot1q vlan 1
!
router static
address-family ipv4 unicast
40.22.0.0/16 10.12.13.2
41.22.0.0/16 10.12.13.2
100.0.0.0/24 10.12.13.2 !
!
Configuring TCP Sequence-Check: Example
configure
service cgn cgn1
service-type nat44 nat1
inside-vrf vrf1
firewall protocol tcp
sequence-check
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-154
OL-30392-01
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
Configuring Address and Port-Dependent Filtering: Example
configure
service cgn cgn1
service-type nat44 nat1
inside-vrf vrf1
filter-policy ignore-port
Bulk Port Allocation and Syslog Configuration: Example
service cgn cgn2
service-type nat44 natA
inside-vrf broadband
map address-pool 100.1.2.0/24
external-logging syslog
server
address 20.1.1.2 port 514!!
bulk-port-alloc size 64!!
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
4-155
Chapter 4
Carrier Grade IPv6 over Virtualized Services Module (VSM)
Configuration Examples for Implementing CGv6
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
4-156
OL-30392-01
CH A P T E R
5
External Logging
Many a times, the service providers are asked to identify subscribers based on data such as public source
IP address, port, Layer 4 protocol, and time of usage. In the deployments involving NAPT or NAT, such
identification is possible only if NAT entries are preserved. Only by searching and parsing these NAT
entries, it is possible to identify the subscriber (private IP address) based on the parameters such as post
NAT Source IP Address (public IP address), post NAT source port, protocol and the time of usage.
To make the identification process possible, the external logging is required. The translation information
has to be exported to external collectors. The CGv6 applications export translation information in either
Netflow or Syslog formats.
This chapter provides format details for these logs such as messages, message types and other important
information. The chapter aslo describes few configuration options that affect these logs.
Bulk Port Allocation
The creation and deletion of NAT translations lead to creation of logs. If logs of all such translations are
stored, then a huge volume of data is created. This data is stored on a NetFlow or a Syslog collector. To
reduce the volume of this data, a block of ports is allocated. If bulk port allocation is enabled, as soon
as a subscriber creates the first session, a number of contiguous external ports are allocated. To indicate
this allocation, a bulk allocation message is created in the log.
Note
The bulk allocation message is created only during the first session. Rest of the sessions use one of the
allocated ports. Hence no logs are created for them.
A bulk delete message is created in the log when the subscriber deletes all the sessions that are using the
allocated ports.
Another pool of ports is allocated only if the number of simultaneous sessions is more than N where N
is the size of the bulkk allocation. The size of the pool can be configured from the CLI.
Restrictions for Bulk Port Allocation
The restrictions for bulk port allocation are as follows:
•
The value for the size of bulk allocation can be 16, 32, 64, 128, 256, 512, 1024, 2048 and 4096. For
optimum results, it is recommended that you set this size to half of the port limit.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-13
Chapter 5
External Logging
Session logging
•
If the size of bulk allocation is changed, then all the current dynamic translations will be deleted.
Hence it is advisable to change the bulk port allocation size (only if necessary) during a maintenance
window.
•
The port numbers below the value of dynamic-port-range start value (which is 1024 by default), are
not allocated in bulk.
•
The algorithm that is used to allocate a public address to a user remains the same.
•
When bulk allocation is enabled, session logging is not available.
•
When bulk allocation is enabled, the translation record will not contain information about L4
protocol.
•
Bulk port allocation features is not supported in NAT64 stateful application. Bulk port allocation is
supported in NAT44 and DS Lite applications
Session logging
In general, NAT translation entries contain information about private source IP, port and translated public
IP and port. However, there could be cases when the destination IP address and port may also be needed.
In such cases, session logging has to be enabled so that Netflow or Syslog translation records include
these values as well.
Note
•
Session logging cannot be enabled if bulk port allocation is enabled and vice-versa.
•
Session logging can increase the volume of translation log data significantly. Hence it is advised to
turn on session logging only if it is needed.
Syslog
DS Lite and NAT44 features support Syslog as an alternative to Netflow. Syslog uses ASCII format,
which can be read by users. However, the log data volume is higher in Syslog than Netflow.
Restrictions for Syslog
The restrictions for syslog are as follows:
•
Syslog is supported over UDP only.
•
Syslog is supported in ASCII format only.
•
You cannot log onto multiple collectors or relay agents.
•
All the messages comply to RFC 5425 except for the timestamp format. Timestamp is represented
in a simpler way as explained later in this section.
•
Syslog shall be supported for DS-Lite and NAT444 as of now. Support for NAT64 is not yet
available.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-14
OL-30392-01
Chapter 5
External Logging
Syslog
Syslog Message Format
In general, the syslog message is made up of header, structured data, and msg fields. However, in the
CGv6 applications, the structured data is not used.
Header
The header fields shall be as per the RFC 5424. Fields shall be separated by ' ' (white space) as per the
RFC.
The header consists of the following fields:
Field
Priority
Version
Timestamp
Description
•
The priority value represents both the facility
and severity.
•
Ensure that the severity code is set to
Informational for all the messages at value 6.
•
This field denotes the version of the
specification of the syslog protocol.
•
In CGv6 application, the version value is set
to 1.
•
This field is needed to trace the time of port
usage.
•
The format is <year> <mon> <day>
<hh:mm:ss>.
•
Ensure that the syslog collector converts the
time to local time whenever needed.
Note: The timestamp is always reported in
GMT/UTC irrespective of the time zone
configured on the device.
Hostname
•
This field is used to identify the device that
sent the syslog message. In the deployment, if
there are more than one router having an
ISM/VSM/CGSE/CGSE+, and/or if there are
multiple instances of CGv6 applications
running on different
ISM/VSM/CGSE/CGSE+ slots and/or if
there are multiple NAT/DS Lite instances
configured, this field can be used to identify
the specific Instance of NAT/DS Lite which is
sending the log messages.
•
While configuring the syslog server, ensure
that the host name does not exceed 31
characters.
•
The default value for the host name is '-'.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-15
Chapter 5
External Logging
Syslog
Field
Description
App name and PROC ID
These fields are not included. In ASCII format, '-'
is included for these fields.
MSG ID
•
This field identifies the type of the syslog
message.
•
In the ASCII format, the values for NAT44
and DS Lite messages are NAT44 and DS
LITE respectively.
Structured Data
It is not used.
MSG
This field consists of the information about the NAT44 or DS Lite events. In a single UDP packet, there
could be one or more MSG fields each enclosed in [] brackets. The MSG field has many sub fields as it
has a common structure across different records (for both NAT44 and DS Lite). Note, that, depending
on the event, some of the fields may not be applicable. For example, fields such as 'Original Source IPv6'
address are not applicable for all NAT44 events. In such cases, the inapplicable fields will be replaced
by '-'.
The syntax of the MSG part is as follows:
[EventName <L4> <Original Source IP> <Inside VRF Name> <Original Source IPv6> <
Translated Source IP> <Original Port> <Translated First Source Port> <Translated Last Source
Port> <Destination IP> <Destination Port>]
The descriptions of the fields in this format are as follows:
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-16
OL-30392-01
Chapter 5
External Logging
Syslog
Field
Description
EventName
The CGv6 applications choose any of the values
for EventName from the following based on the
event:
•
UserbasedA: User-based port assignment
Note
•
SessionbasedA: Session-based port
assignment
Note
•
UserbasedA is used only
when bulk port allocation
is configured
SessionBasedA is chosen
when neither the bulk port
allocation nor the session
logging are enabled.
SessionbasedAD: Session-based port
assignment with destination information
Note: SessionbasedAD is used only if session
logging is enabled. Also, session-logging and
bulk port allocation are mutually exclusive.
L4
•
UserbasedW: User-based port withdrawal
•
SessionbasedW: Session-based port
withdrawal
•
SessionbasedWD: Session-based port
withdrawal with destination information
•
Portblockrunout: Ports exhausted
Specifies the identifier for the transport layer
protocol. The values for L4 could be as follows:
•
1 for ICMP
•
6 for TCP
•
17 for UDP
•
47 for GRE
Original Source IP
Specifies the private IPv4 address.
Inside VRF Name
The Inside VRF is the realm in which the private
IP addresses are unique. The private IP addresses
can overlap across two different Inside VRFs.
Hence VRF name is included along with private
source IP address to uniquely identify the
subscriber.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-17
Chapter 5
External Logging
Syslog
Field
Description
Original Source IPv6
Specifies the IPv6 source address of the tunnel in
case of DS Lite.
Translated Source IP
Specifies the public IPv4 address post translation
Original Port
Specifies the source port number before
translation. This is not applicable for the
UserbasedA and UserbasedW events.
Translated First Source Port
Specifies the first source port after translation.
Translated Last Source Port
Specifies the last source port after translation.
This is applicable only for the UserbasedA and
UserbasedW events.
Destination IP
Specifies the destination IP recorded in the
syslogs for the SessionbasedAD and
SessionbasedWD events.
Destination Port
Specifies the destination port recorded in the
syslogs for the SessionbasedAD and
SessionbasedWD events.
Let us look at an example for NAT444 user-based UDP port translation mapping:
[UserbasedA - 10.0.0.1 Broadband - 100.1.1.1 - 2048 3071 - -]
The description for this example is as follows:
Value
Description
UserbasedA
Event Name
10.0.0.1
Original Source IP
Broadband
Inside VRF name
100.1.1.1
Translated Source IP
2048
Translated First Source Port
3071
Translated Last Source Port
Note: Both First and Last source ports are
inclusive.
Note
The number of MSG fields in an UDP packet are determined by the following factors:
•
The space available in the UDP packet depends on MTU.
•
The translation events pertaining to MSG records in a given packet must have happened within a
second (starting from the time at which the first event of that packet happened).
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-18
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Netflow v9 Support
The NAT64 stateful, NAT44, and DS Lite features support Netflow for logging of the translation
records.. The Netflow uses binary format and hence requires software to parse and present the translation
records. However, for the same reason, Netflow requires lesser space than Syslog to preserve the logs
Considerations
The considerations for NetFlow are as follows:
•
NetFlow V9 is supported over UDP.
•
You cannot log onto multiple collectors or relay agents.
•
All the messages comply to RFC 3954.
NetFlow Record Format
As NetFlow V9 is based on templates, the record format contains a packet header and templates or data
records based on templates.
Header
All the fields of the header follow the format prescribed in RFC 3954. The source ID field is composed
of the IPv4 address of ServiceInfra interface (of the card) and specific CPU-core that is generating the
record. The collector device can use the combination of the Source IP address of the UDP packet plus
the Source ID field to associate an incoming NetFlow export packet with a unique instance of NetFlow
on a particular device.
Templates
The templates are defined and used for logging various NAT64 stateful, NAT44 and DS Lite events as
follows. The templates may change in future software releases. Hence it is advised that the Netflow
collector software is designed to understand the templates as distributed by the router and accordingly
parse the records.
Options Templates
The translation entries consist of VRF IDs. The VRF IDs are numbers identifying a VRF configured on
the router. For the users looking at the translation records, these numbers are difficult to comprehend.
To simplify this process, the CGv6 applications send the options templates along with the data templates.
Options template is a special type of data record that indicates the format of option data related to the
process of NetFlow. The options data consist of the mapping between VRF Ids and VRF names. By
parsing and using this data, the NetFlow collectors can modify the translation entries by adding VRF
names instead of VRF IDs.
The value for the Template ID of options template is 1 where as the value of the Template ID for data
template is 0. For more information on Options template, see RFC3954.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-19
Chapter 5
External Logging
Netflow v9 Support
Events
The events and the corresponding template details are described in the following table:
Event
Template
ID
Nat444
256
translation
create event
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
sourceIPv4
Address
(pre-NAT)
8
4
Original
Source IPv4
address
postNATSo
urceIPv4
Address
225
4
Post NAT
(outside)
source
IPV4
address
sourceTrans 7
portPort
(pre NAT)
2
Original
source port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
protocolIde
ntifier
1
L4 protocol
identifier
4
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-110
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
271
Nat444
session
create event
- session
based (with
destination)
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Enabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
sourceIPv4
Address
4
Original
source
IPV4
address
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
sourceTrans 7
portPort
2
Original
Source Port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
destinationI 12
Pv4Address
4
Destination
IP address
destination
TransportP
ort
11
2
Destination
port
protocolIde
ntifier
4
1
L4 protocol
identifier
8
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-111
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
265
Nat444
translation
create event
- user based
Nat444
257
translation
delete event
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Enabled
Disabled
Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
sourceIPv4
Address
4
Original
source
IPV4
address
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
postNATPo
rtBlockStar
t
361
2
Start of Post
NAT
(translated)
source port
block.
postNATPo
rtBlockEnd
362
2
End of Post
NAT source
port block
ingressVRF 234
ID
4
ID of the
Ingress
VRF
sourceIPv4
Address
8
4
Original
source
IPV4
address
sourceTrans 7
portPort
2
Original
source port
protocolIde
ntifier
1
L4 protocol
identifier
8
4
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-112
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
272
Nat444
session
delete event
- session
based (with
destination)
266
Nat444
translation
delete event
- user based
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Enabled
Disabled Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
sourceIPv4
Address
4
Original
source
IPV4
address
destinationI 12
Pv4Address
4
Destination
IP address
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
8
destination
TransportP
ort
11
2
Destination
port
protocolIde
ntifier
4
1
L4 protocol
identifier
ingressVRF 234
ID
4
ID of the
Ingress
VRF
sourceIPv4
Address
8
4
Original
source
IPV4
address
postNATPo
rtBlockStar
t
361
2
Start of Post
NAT
(translated)
source port
block. Note
this is not
defined by
IANA yet.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-113
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
DS-Lite
267
translation
create event
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
Pre NAT
8
Source IPv4
Address
4
Original
source
IPV4
address.
This field is
valid only
when
session-log
ging is
enabled.
Else, it will
be reported
as 0
27
Pre NAT
Source IPv6
Address
16
IPv6
address of
the B4
element
(Tunnel
source)
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
sourceTrans 7
portPort
2
Original
source port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-114
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
273
DS-Lite
session
create event
- session
based (with
destination)
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Enabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
sourceIPv4
Address
8
4
Original
source
IPV4
address
sourceIPv6
Address
27
16
IPv6
address of
the B4
element
(Tunnel
source)
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
sourceTrans 7
portPort
2
Original
source port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
destinationI 12
Pv4Address
4
Destination
IP address
destination
TransportP
ort
11
2
Destination
port
protocolIde
ntifier
4
1
L4 protocol
identifier
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-115
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
269
DS-Lite
translation
create event
- user based
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Enabled
Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ID of the
Ingress
VRF
egressVRFI 235
D
4
ID of the
Egress VRF
sourceIPv4
Address
8
4
Original
source
IPV4
address.
This field is
valid only
when
session-log
ging is
enabled.
Else, it will
be reported
as 0
sourceIPv6
Address
27
16
IPv6
address of
the B4
element
(Tunnel
source)
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
postNATPo
rtBlockStar
t
361
2
Start of Post
NAT
(translated)
source port
block
postNATPo
rtBlockEnd
362
2
End of Post
NAT source
port block
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-116
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Template
ID
Event
DS-Lite
270
translation
delete event
DS-Lite
session
delete event
- session
based (with
destination)
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Disabled
Field Name
IANA
IPFIX
ID
ingressVRF 234
ID
Size
in
byte
s
Description
4
ID of the
Ingress
VRF
sourceIPv4
Address
Original
source
IPV4
address
sourceIPv6
Address
IPv6
address of
the B4
element
(Tunnel
source)
sourceTrans
portPort
Original
source port
protocolIde
ntifier
L4 protocol
identifier
ingressVRF 234
ID
4
ID of the
Ingress
VRF
sourceIPv4
Address
8
4
Original
source
IPV4
address
sourceIPv6
Address
27
16
IPv6
address of
the B4
element
(Tunnel
source)
sourceTrans 7
portPort
2
Original
source port
protocolIde
ntifier
1
L4 protocol
identifier
4
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-117
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
270
DS-Lite
translation
delete event
- user based
258
NAT64
stateful
translation
create event
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Disabled
Disabled Disabled
Field Name
IANA
IPFIX
ID
Size
in
byte
s
Description
ingressVRF 234
ID
4
ingressVRF
ID
sourceIPv4
Address
8
4
Original
source
IPV4
address
sourceIPv6
Address
27
16
IPv6
address of
the B4
element
(Tunnel
source)
postNATPo
rtBlockStar
t
361
2
Start of Post
NAT
(translated)
source port
block
sourceIPv6
Address
27
16
Source IPv6
address
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
sourceTrans 7
portPort
2
Original
source port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
protocolIde
ntifier
1
L4 protocol
identifier
4
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-118
OL-30392-01
Chapter 5
External Logging
Netflow v9 Support
Event
Template
ID
260
NAT64
stateful
session
create event
- session
based (with
destination)
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Enabled
IANA
IPFIX
ID
Size
in
byte
s
Description
27
16
Source IPv6
address (pre
translation)
postNATSo 225
urceIPv4Ad
dress
4
Post NAT
(outside)
source
IPV4
address
destinationI 28
Pv6Address
16
Destination
IPv6
address (pre
translation)
4
Destination
IPv4
address
(post
translation)
sourceTrans 7
portPort
2
Original
source port
postNAPTS 227
ourceTrans
portPort
2
Post NAT
(translated)
source port
Field Name
sourceIPv6
Address
Post
translation
Destination
IP address
NAT64
259
translation
delete event
Disabled Disabled
226
destination
TransportP
ort
11
2
Destination
port
protocolIde
ntifier
4
1
L4 protocol
identifier
sourceIPv6
Address
27
16
IPv6
address of
the B4
element
(Tunnel
source)
sourceTrans 7
portPort
2
Original
source port
protocolIde
ntifier
1
L4 protocol
identifier
4
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-119
Chapter 5
External Logging
Frequently Asked Questions
Event
Template
ID
261
NAT64
stateful
session
delete event
- session
based (with
destination)
Bulk
Port
Allocati
on
Destinatio
n/Session
Logging
Disabled Enabled
IANA
IPFIX
ID
Size
in
byte
s
Description
27
16
IPv6
address of
the B4
element
(Tunnel
source)
destinationI 28
Pv6Address
16
Destination
IPv6
address (pre
translation)
sourceTrans 7
portPort
2
Original
source port
destination
TransportP
ort
11
2
Destination
port
protocolIde
ntifier
4
1
L4 protocol
identifier
Field Name
sourceIPv6
Address
Frequently Asked Questions
This section provides answers to the following frequently asked questions on external logging.
•
Q.How to trace a subscriber by using the NAT logs?
•
Q.The Netflow records provide VRF IDs for ingress and egress VRFs. How will I know the VRF
names?
•
Q.Does the time format in Syslog or Netflow account for Day light saving?
•
Q.Since the Netflow and Syslog use UDP, how can we know if a packet containing translation record
was lost?
•
Q.What is the use of session-logging?
•
Q.How does the bulk port allocation reduce data volume of translation logs?
•
Q.What else can be done to reduce log data volume?
Q. How to trace a subscriber by using the NAT logs?
A. In order to trace a subscriber, you should know the public source IP address (post NAT source
address), post NAT source port, protocol, and the time of usage. With these parameters, the steps to
trace a subscriber are as follows:
a. Search for the create event that has the matching public IP address, post NAT Source IP address
(postNATSourceIPv4Address) and protocol, egress VRF ID/Name and the time of the usage.
Ensure that the time of the create-event is the same or earlier than the time of usage reported.
You may not find the protocol entry or the exact post NAT source port in the logs if bulk
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-120
OL-30392-01
Chapter 5
External Logging
Frequently Asked Questions
allocation is enabled. In such cases, find the create-event whose Post NAT Port Block Start
and Post NAT Port Block End values include the post NAT source port. The Pre NAT source
IP address along with the corresponding ingress VRF ID/Name will identify the subscriber.
b. The corresponding delete record may be found optionally to confirm that the subscriber was
using the specified public IP and port during the time of the reported usage.
Q. The Netflow records provide VRF IDs for ingress and egress VRFs. How will I know the VRF
names?
A. The following are the two ways to find the VRF name from the VRF ID.
a. Use the command show rsi vrf-id <vrf-id> on the Router console to find VRF-ID to
VRF-NAME associations.
b. The CGv6 applications periodically send out option templates containing the VRF-ID to
VRF-NAME mapping. The Netflow collector software presents the information with
VRF-Names rather than VRF IDs.
Q. Does the time format in Syslog or Netflow account for Day light saving?
A. The Syslog and Netflow formats report time corresponding to GMT/UTC. The Netflow header
contains the time in seconds that elapsed since EPOCH whereas the Syslog header contains time in
human readable formats. In both cases, the day light saving is not accounted. The Netflow/Syslog
collectors have to make that adjustments if needed.
Q. Since the Netflow and Syslog use UDP, how can we know if a packet containing translation record
was lost?
A. The Netflow header contains a field called Sequence Number. This number is indicates the count
of the packet coming from each Source ID. The Netflow collector traces the Seqence Number
pertaining to each unique Source ID. The sequence numbers should be increased by one for each
packet sent out by the Source. If the collector ever receives two successive packets with the same
Source ID, but with a Sequence number difference of more than 1, it indicate a packet loss.
However, currently, no such mechanism exists for Syslog.
Q. What is the use of session-logging?
A. Session logging includes destination IP and port number as well. Though this information is not
directly useful in tracing the subscriber, in some cases, this information may be useful or may be
mandated by the legal authorities. There are cases where, legal authorities may not have the post
NAT source 'port', however may know the destination IP address (and optionally destination port,
such as IP address and port of an e-mail server). In the absence of post NAT source port information,
a list of subscribers who used the specified public IP during that time may have to be pruned further
based on the destination IP and port information.
Q. How does the bulk port allocation reduce data volume of translation logs?
A. With bulk port allocation, subscribers are allocated a range of contiguous ports on a public IP. Quite
often, a subscriber will need more ports than just one. Especially AJAX based web pages and other
web applications simultaneously open several ports. In such cases, pre-allocated ports are used and
only one log entry is made that specifies the range of ports allocated to the user. Hence, bulk port
allocation significantly reduces log data volume and hence the demand on storage space needed for
the translation logs.
Q. What else can be done to reduce log data volume?
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
5-121
Chapter 5
External Logging
Frequently Asked Questions
A. Predefined NAT is an option that can be used to eliminate the logging altogether. The Predefined
NAT translates private IP address to public IP address and a certain port range by using an algorithm.
Hence there is no need to keep track of NAT entries.
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
5-122
OL-30392-01
INDEX
C
T
CGv6 Overview
Translation Filtering
2-2
3-12
D
Double NAT 444
2-5
E
External Logging
3-19
I
ICMP Query Session Timeout
2-4
Inside and Outside Address Pool Map
IPv4 Address Completion
3-32, 4-10
2-3
N
NAT
3-5
NAT and NAPT
Overview
3-11
NATwith
ICMP
2-3
P
Policy Functions
Application Gateway
configuring
overview
prerequisites
3-17
3-34, 4-12
3-17
2-3
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
OL-30392-01
IN-11
Index
Cisco ASR 9000 Series Aggregation Services Router Carrier Grade IPv6 (CGv6) Configuration Guide
IN-12
OL-30392-01

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz