About GGSN Testing


Use the GGSN Nodal test case to test a GGSN's capability to establish and maintain PDP contexts with an SGSN, to handle bearer plane traffic, and to maintain bearer plane traffic during inter-SGSN mobility. The options available in the test case allow you to configure tests that simulate the access models described below:


Basic GPRS

Upon entering a GPRS network, a MN attempts to attach to an SGSN and the SGSN attempts to obtain authorization for the MN from the GGSN. If the MN is accepted by the GGSN, the SGSN then attempts to establish one or more PDP contexts that will transport user (bearer) plane traffic using IP or PPP through the GTP tunnel (GTP-U) between the SGSN and the GGSN. An MN can utilize up to 11 PDP contexts and when the GGSN supports GTP version 1, a mix of primary and secondary PDP contexts can be used.

In addition to authorization, the GGSN is responsible for assigning IP addresses and Quality of Service (QOS) profiles to the contexts, and routing user plane traffic between the SGSN and the PDN. The GGSN decapsulates GTP-U traffic from the SGSN and forwards the IP packets to the PDN, and then intercepts the response traffic, encapsulates it, and forwards it to the appropriate SGSN.

While MNs may be authenticated with a AAA Server using CHAP or PAP authentication, the MN is authenticated on the GGSN through the use of the International Mobile Subscriber Identifier (IMSI). Non-authenticated access is not allowed.

GPRS supports PDP context IP addresses that can be either pre-provisioned (on the MN) static addresses, or dynamically assigned addresses. When addresses are dynamically assigned, a GGSN may allocate addresses from its own address pools or it may request IP addresses from a DHCP server.

In the GGSN Nodal test case, the test system simulates the MNs and SGSNs for Gn interface testing, and can optionally simulate a Network Host on the Gi interface of the GGSN for testing the bearer plane. Additional SGSNs can be simulated to test mobility handoffs.

^ Back to Top


GPRS Virtual Private Network (VPN)

The GPRS VPN model allows the MN to securely access a private network across the PDN. The GGSN Nodal test case supports an L2TP VPN model and an IPSec VPN model (Dynamic IPSec feature is required for IPSec testing).

L2TP VPN Testing

In the L2TP VPN model, the GGSN attempts to establish an L2TP tunnel with a Security Gateway on the perimeter of the private network when a PDP context is created for a VPN user. The IP packets are transported through the tunnel using PPP, resulting in PPP connectivity between the MN and the Security Gateway. Since PPP is terminated on the Security Gateway, the gateway is responsible for authentication and IP address assignment and management in the private network. IPSec may be used to encrypt the traffic exchanged between the MN and an IPSec peer in the private network.

In the GGSN Nodal test case, the test system simulates the MNs and SGSNs for Gn interface testing and simulates a Security Gateway on the Gi interface to exercise the L2TP control plane. The test can also simulate a Network Host behind the Security Gateway for testing the bearer plane and simulate additional SGSNs to test mobility handoffs.

IPSec VPN Testing

In the IPSec VPN model, the MN attempts to establish an IPSec tunnel with a Security Gateway on the perimeter of the private network. When PPP is used for a PDP context, the PPP session terminates on the GGSN.

In the GGSN Nodal test case, the test system simulates the MNs and SGSNs for Gn interface testing and simulates a Security Gateway on the Gi interface to terminate the IPSec tunnel with the MN. The test can also simulate a Network Host behind the Security Gateway for testing the bearer plane and simulate additional SGSNs to test mobility handoffs. IPSec is used to encrypt bearer plane packets between the GGSN and the Security Gateway.

^ Back to Top


GPRS Virtual Private Routed Network (VPRN)

The GPRS VPRN access model provides both public and private network access from the GGSN. Public network access is provided as shown in the basic GPRS model. Private network access is provided using an L2TP tunnel between another GGSN and a Security Gateway at the perimeter of the private network. In this model, the second GGSN acts as an L2TP Access Concentrator (LAC) and may provide private network access to multiple GGSNs that are servicing MNs.

In contrast to the L2TP VPN model, in which one GGSN terminates the PPP sessions with both the MNs and the Security Gateway, PPP is terminated on the servicing GGSN in the VPRN model and a second GGSN terminates the PPP session with the Security Gateway. Since PPP is ultimately terminated on the Security Gateway, the gateway is responsible for authentication and IP address assignment and management in the private network. IPSec may be used to encrypt the traffic exchanged between the MN and an IPSec peer in the private network.

In the GGSN Nodal test case, the test system simulates the MNs and SGSNs for Gn interface testing on the servicing GGSN, and simulates a Security Gateway on the Gi interface of the GGSN LAC to exercise the L2TP control plane. Both PPP/L2TP and PPP/L2TP with IPSec are supported. The test can also simulate a Network Host behind the Security Gateway for testing the bearer plane and simulate additional SGSNs to test mobility handoffs.

^ Back to Top


Related Topics

  1. About the GPRS Application
  2. Setting Up a GGSN Nodal Test
  3. The GGSN Nodal Test Case