Simple IP, the popular dial-up network access model, is the basic access model supported by the PDSN in a CDMA2000 network. In the Simple IP model, an MN cannot maintain data sessions while moving between PDSN coverage areas (inter-PDSN mobility). Only inter-PCF/intra-PDSN mobility is supported. This topic explains the Simple IP access models supported by the CDMA2000 test cases:
In the Simple IP model, a PPP session is established between the MN and the PDSN through the RP interface. The PDSN routes packets to and from the MN to provide end-to-end IP connectivity between the MN and hosts on the Internet.
In the basic Simple IP access model shown above, MNs may be authenticated with a AAA server using CHAP or PAP authentication, or they may be allowed to access the network without authentication. Non-authenticated MNs are admitted based on MSID ranges configured on the PDSN.
IP address management is always performed locally on the PDSN and is accomplished using Internet Protocol Control Protocol (IPCP). The MN's IP address must be unique across the PDSN.
Use the Simple IP test case to test a PDSN with the Simple IP access model.
In this test case, the test system simulates the MNs and PCFs for control plane testing, and can optionally simulate a network host on the IP network side of the PDSN for testing the bearer plane.
The Simple IP VPN access model extends the Simple IP model explained above by adding private network access for the MNs. Access to the private network is accomplished using L2TP between the PDSN and a Security Gateway on the perimeter of the private network. This results in end-to-end PPP connectivity between the MN and the Security Gateway.
In the Simple IP VPN model, PPP termination actually begins on the PDSN and proceeds through the authentication phase in order for MN identification based on the NAI to be accomplished. Once the NAI is known, the AAA server then recognizes the NAI as that of a Simple IP VPN subscriber, and the PPP over L2TP session is initiated. When IPSec is used, bearer plane traffic between the PDSN and the Security Gateway is encrypted.
Since PPP is terminated on the Security Gateway, the gateway is responsible for authentication and IP address assignment and management in the private network. The MN's IP address need not be unique across the PDSN.
Use the Simple IP VPN test case to test a PDSN with the Simple IP VPN access model.
In this test case, the test system simulates the MNs, PCFs, and a security gateway for control plane testing, and can optionally simulate a network host on the private network side of the Security Gateway for testing the bearer plane. Both PPP/L2TP and PPP/L2TP with IPSec are supported.
The Simple IP VPRN access model provides both public and private network access from the PDSN, and allows a provider to control IP address assignment and management of private network access subscribers from within the provider network. Public network access is provided as shown in the Simple IP model. Private network access is provided via a PDSN L2TP Access Concentrator (LAC) that terminates an L2TP tunnel with a Security Gateway at the perimeter of the private network as shown below.
In contrast to the Simple IP VPN model, one PPP session is established between the MN and the PDSN that services it and a second PPP session is established between the PDSN LAC and the Security Gateway. The MN obtains its IP address from the PDSN rather than the Security Gateway, and that address must be unique across the VPRN. IPSec can optionally be used to encrypt L2TP bearer plane traffic.
Use the Simple IP VPN test case to test one or more PDSNs with the Simple IP VPRN access model.
In the VPRN configuration, the test system simulates the MNs, PCFs, and a Security Gateway for control plane testing, and can optionally simulate a network host on the private network side of the Security Gateway for testing the bearer plane. You can test two PDSNs — one to service the MNs and one to provide VPN access — or test one PDSN that performs both functions. Both PPP/L2TP and PPP/L2TP with IPSec are supported.