3G Theory

Today I would like to discuss about 3G theory part and would like to correlate with data communication and connectivity options for Routers.

3G is third generation in mobile communication standards. Right now 3G is in launching phase in India. 3G is as comparatively superb than 2G. 3G, everybody knows we will get more downloading speed and fast access to internet.

What is use for 3G ? What a normal person can get benefit ? The simple answers everybody know are –

Video calling , watching youtube on phone,  good speed for downloading and using apps on phone..

Here you are.. When you are watching youtube on your phone, that means you are access internet at good speed. That means I can say, I can connect  my phone to my pc using nokia pc suite or any other software and access internet. Yes we can access internet using phone  as connectivity option with our laptop/PC.

                Here the idea comes in for one more connectivity option for ISP, Right now many of service provider are planning 3G as connectivity option and majorly , those ISP who have good coverage in metro cities are deployed  this as backup connectivity option for current customer to provide good SLAs.

I think , now it’s more clear that we can use 3G as media , it can anything USB or Simcard for connectivity.  As vendors saw this as new growing market, everybody came out with 3G products like SOHO routers, CPE routers, etc.

                These routers are compatible for 3G as connectivity option. In my previous post, I explained about 3G configurations. But I think I was suppose to write this theory part first , to make everyone understand about 3G configurations. It just a dialup media , same as you connect a USB to your laptop and dial it to ISP cloud and you get a IP and surf internet.Same process for router, Router also Dial first and get IP and access internet. Routers helps to share internet to local LAN users and can enable standard function using 3G as connectivity option.  

I can say, Now a days Router uses 3G as connectivity option like SIM card or USB to provide high speed internet connectivity for multiple
users over the 3G mobile phone networks. The widespread availability
of 3G networks and the reduced cost of mobile broadband has led to a revolution in the way that businesses and consumers connect to the internet. Many of ISP are using this as 3G as backup for MPLS customer also. Here using cellular media concern customer connect to ISP cloud in respective vrf and it can access other sites. ( we will discuss this in later posts)

Router uses a single 3G SIM card or USB and provides wired and wireless Wi-Fi connectivity as well as providing additional services such as IPsec VPN and VOIP over 3G network.One case study I already shared.

Some important facts –

3G has many flavours , WCDMA and CDMA 2000 is majorly used.

CDMA 2000 includes - 1xRTT-only, EVDO-only and hybrid.

WCDMA – its majorly gsm media.

Before doing configuration confirm the flavour, Then it will be easy to configure in routers. Since both has bit configuration difference. You can check in configurations examples –

I can brief you –

• WCDMA needs correct APN name, majorly no need of username and password. Authentication happens based on APN.
• CDMA2000 needs username and password must for authentication.

Here I want share some important information about 3 G interfaces  and its communication process, –

             

             The 3G interface consists of an external modem  that you plug into the router. The card provides two logical components from a routers point of view.First, there is a control channel used by the router to talk to the modem for device setup and call control. It appears as line x in IOS. You use a chat script and AT commands to talk to the modem.

           Second, there is the data interface, Cellular X. After a connection has been established, all IP-related information and data flow goes via this interface. Its is designed like a dial on demand interface (BrI, for example), so you can put dial related stuff directly there, or use a Dialer interface that gets bound to the Cellular interface. The latter provides the advantage of an always-on setup through dialer persistent.

            The modem itself acts as a ppp server to the router (there is no PPP between the modem and the 3G cloud). It attaches via a profile to the ISP, and the APN of the ISP assigns you the information required for Internet access. The router will talk to the modem via ppp and the modem supplies the information received from the ISP (IP address, gateway, name servers etc.).

You can check coverage with sh cellular 0 all

This explanation is about 3G connectivity process.  

I hope this post will help for beginners, who are new to 3G and want to setup 3G as connectivity option in Router.  Respective configuration examples are already posted in 3G label.

For any query and feedback, Plz comment using your Name and mail id.. for easy way use Name/URL option.. 

WCDMA Installation

Hi In this section, I want to focus on 3G - WCDMA deployments. In  these days I tested many WCDMA connectivity options using mobile sim cards. I want to share some important things which will be helpful for any engineer for WCDMA installations. 

Important things to remember in WCDMA configuration –

In WCDMA we need to configure proper APN name for connectivity.

You can check apn from – show cellular 0 all

I would like to explain you full process of testing -

Check the router and other components received with router for WCDMA testing.I will give example for Maipu 1800-22-AC router. I used that one for testing.You will get external module – RM2 – 3G- GSM. In which you can insert simcard.Then insert that module in 3/0 slot of Router.  Power on router , you can see the after booting …

It will show you like below -

 Cellular 3/0 is loading,please wait...

 %LINEPROTO-5-UPDOWN: Line protocol on Interface cellular3/0, changed state to up

 Cellular 3/0 Load OK

 %LINK-5-UPDOWN: Interface cellular3/0, changed state to up

Then you can see one cellular interface in router…

Then you can do below configuration to connect internet –

First configure APN name –

You need to configure this command in privilege mode

Router#cellular 3/0 wcdma apnconfig xxxxxx (eg.- airtelgprs)

Then do below configuration -

Router#

Router#conf t

Router(config)# ip access-list standard 1

permit any

exit

Router(config)# dialer-list 1 protocol ip permit

Router(config)# chat-script g3dia ATDT

Router(config)# int celluar 3/0

interface cellular3/0

 encapsulation ppp

 ppp chap password ^QVW

 ## you can configure any password like 123,no need to wait for any password from ISP###

 ppp ipcp dns request

 ip address negotiated

 bandwidth 384

 dialer in-band

 dialer idle-timeout 0

 dialer-group 1

 dialer string *99#

 script dialer g3dia

ui-control inaccessible telnet http

 exit

Router(config)# ip route 0.0.0.0 0.0.0.0 cell 3/0

Then for testing, you can ping 4.2.2.2 , it is global dns IP. Easy to remember 

As you will get ping response. Check cellular interface it will get some ip address from ISP. Since this is a dialup connection. As you will send request to LAC , it will forward to LNS and LNS will authenticate you using APN name. So apn name is important.

In this testing troubleshooting is very important part – As it is dialup connection, Need to know where exactly is problem. I think many of you remember ISDN installations. Many times we need to do debug to find exact issue.

Here also its same. But in this case it will be easy. Since we all know PPP well. Before doing ping again, you have to do shutdown and no shutdown under cellular interface.

Then under privilege mode

Router# debug ppp negotiation

Router# debug ppp packets cellular

### Make sure that your terminal monitor is enable or you are using console. ###

Then ping again 

Router# ping 4.2.2.2 

You can see some logs.

Check the process which is the wrong

PPP negotiation process is easy for you.

LCP-- authentication-- IPCP

Be careful about magic number , compare the sent and received magic numbers, It should be same and authentication is right or wrong.Then the very important is at least should be got local IP address with 32 bit network mask.

              And most of all ISP for the WCDMA not require the username and password . but why we need configure it ? Because they need the authentication process. So any password is ok like 123. To check the sim card is which type of the 3G technology, only confirm with ISP. Or check the brand on the USB .

For more detailed information about simcard  signal strength – you can check

Show cellular 0 all

In that you can check RSSI under radio information. The range of signal is from -11 dbm to -135 dbm.(-11 is best and -135 is worst).

Now I hope you are very clear with this WCDMA process. 

I done above configuration, Here are result outputs-

Before Pinging

router#sh ip int brief

Interface                   IP-Address      Status                Protocol Description

fastethernet0               unassigned      down                  down   

fastethernet1               unassigned      down                  down   

vlan1                       192.168.1.1       down                  down   

cellular3/0                 unassigned          up                      up     

null0                         unassigned          up                      up     

Pinging

router#ping 4.2.2.2

Press key (ctrl + shift + 6) interrupt it.

Sending 5, 76-byte ICMP Echos to 4.2.2.2 , timeout is 2 seconds:

!!!!!

Success rate is 100% (5/5). Round-trip min/avg/max = 283/303/366 ms.

router#

show cellular 0 all Output

router#sh cellular 3/0 all

Hardware Information

====================

Modem device name = EM770W

Modem manufacturer = huawei

Modem Firmware Version = 531.11.00.14.113

Hardware Version = MD32TCPU

International Mobile Subscriber Identity (IMSI) = 405801170048287

International Mobile Equipment Identity (IMEI) = 357030021728958

Modem Status = online(full functionality)

Profile Information

====================

Profile 1 = ACTIVE

--------

PDP Type = IP, Header Compression = OFF Data Compression = OFF

PDP address = 0.0.0.0

Access Point Name (APN) = xxxxxxgprs

Network Information

====================

Current Service Status = Normal, Service Error = None

Current Service = Combined

Packet Service = WCDMA(Attached)

Packet Session Status = active

Current Roaming Status = Home

Network Selection Mode = Manual

Location Area Code (LAC) = 196676

Cell ID = 65690823

Registered PLMN = , Abbreviated = , numeric  = 405801

Radio Information

====================

Current RSSI = -93dBm

Security Information

===================

Card Holder Verification (PIN) Disabled

SIM Status = OK

SIM Protection = Disabled

SIM User Operation Required = None

Number of Retries remaining = 3

router#

Extended ping 

router#ping

Protocol [ip]:

Target IP address or hostname: 4.2.2.2

Repeat count [5]: 500

Datagram size [76]:

Timeout in seconds [2]:

Extended commands [no]:

Sweep range of sizes [no]:

Press key (ctrl + shift + 6) interrupt it.

Sending 500, 76-byte ICMP Echos to 4.2.2.2 , timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!

Success rate is 100% (500/500). Round-trip min/avg/max = 249/286/1883 ms.

After pinging –  you can see now we got IP from ISP by ppp negotiation process.

router#sh ip int brief

Interface                   IP-Address      Status                Protocol Description

fastethernet0               unassigned      down                  down   

fastethernet1               unassigned      down                  down   

vlan1                         192.168.1.1     down                  down   

cellular3/0                 59.137.26.203   up                    up     

null0                            unassigned      up                    up     

router#

For internet sharing, we can configure NAT and share internet to local users. This I already explained in previous 3G post – http://startnetworks.blogspot.com/2011/04/maipu-1800-case-study-for.html

In previous  3G posts I shared CDMA2000 configuration details, But not much focused on WCDMA. This time I tried my best to explain you about WCDMA.

  

Hope this post will be helpful for you.

For any feedback and queries, Plz comment with your name and Mail Id. You can use Name/URL option for same.

Maipu 3G configurations

Now a days, Many customers are looking for cheap backup solution for primary link, so many ISP are offering 3G link (inform of USB or sim card) as backup link.

In mean time they can restore primary, customer can use 3G as backup for continuation in operations.

Maipu has MP 1800 series dedicated for 3G CPE routers.

This is tested configuration for one of case.But here we are using 2 cellular media, one is 3G from SIM card and other is from USB. This is quite intresting , Both can be used same time. One as primary and other as backup.

Many customer requires this kind of solution.

Testing description

MP1800 router as the CPE in the customer life network, interface cellular 3/0 as the primary link , link type is GPRS (3G) and USB interface as the backup link also via the GPRS network  cellular0.

When the master link was down, router will automatically change to the backup link.

Totally customer has two link, one for primary and other one for link backup.

Maipu 1800 key configuration:

ip mef

ip load-sharing per-destination

ip access-list standard 1

 10 permit any

 exit

dialer-list 1 protocol ip permit

dialer-list 2 protocol ip permit

chat-script g3dia ATDT

interface fastethernet0

 ip address 172.29.1.1 255.255.255.252

 exit

interface tunnel1

 tunnel source 10.203.176.22        ## IP address are received from SP after authentication ##

 tunnel destination 172.29.5.210     ## IP address are received from SP after authentication ##

 ip address 192.211.1.2 255.255.255.252

 exit

interface tunnel2

 tunnel source 10.111.20.32           ## IP address are received from SP after authentication ##

 tunnel destination 172.30.233.15     ## IP address are received from SP after authentication ##

 ip address 192.212.1.2 255.255.255.252

 ip ospf cost 30000

 exit

!hsc_if_cellular0

interface cellular0                              ### USB Cellular ###

 encapsulation ppp

 ppp chap password ow

 ppp ipcp dns request

 ip address negotiated

 bandwidth 384

 dialer in-band

 dialer idle-timeout 0

 dialer-group 1

 dialer string *99#

 script dialer g3dia

 ui-control inaccessible telnet http

 exit

!end

!hsc_if_cellular3/0

interface cellular3/0                  ### SIM card used for connectivity ###

 encapsulation ppp

 ppp chap password ow

 ppp ipcp dns request

 ip address negotiated

 bandwidth 384

 dialer in-band

 dialer idle-timeout 0

 dialer-group 2

 dialer string *99#

 script dialer g3dia

 ui-control inaccessible telnet http

 exit       

                                  

router ospf 100

 network 172.29.1.0 0.0.0.255 area 0

 network 192.211.1.0 0.0.0.255 area 0

 network 192.212.1.0 0.0.0.255 area 0

 exit

ip route 0.0.0.0 0.0.0.0 cellular0

ip route 0.0.0.0 0.0.0.0 cellular3/0

Hope this configuration will be helpful for you.

For feedback and queries, Plz comment with your name and mail id..

MAIPU 1800 Case study for Roaming/Mobility

Requirement: Here Company require immediate solution to setup a roaming office for promotional events with all major services as in branch office.Many time we come across with this kind of requirement and limitation of physical wired uplink immediately.  The innovation of the 3G technology provides the good chances for enterprise networking and 3G-based applications, becomes one ideal choice for the enterprise network.

Compared with the fixed  wired line access it provides us more benefits-

Reduce access cost per user

Improve mobility and flexibility, enable mobile/roaming service and transaction Simplify and fasten deployment and maintaining.

Here you can see a live tested scenario for one company for same requirement.

Topology : 

Included Function

3G interface as the uplink.                                     

  --3G USB will be connected to router.

    Compatible models: HUAWEI EC1260 /1261 (dated May- 2011)

  --USB 3G interface will act as WAN and all LAN network devices can access the internet.

IPSEC tunnel

  --MP1800 is using certificate from HQ VPN gateway.

  -- IPSEC tunnel is established between MP1800 and HQ VPN gateway.

  --VOIP calls/data is going form VPN tunnel.

VOIP communication

  -- VOIP call , both way communication from MP1800 fxs to HQ fxs.

 

WIFI

  --PC/Laptop is using wireless network to access the internet resource via the MP1800 router.

  --PC/Laptop and wireless printer are in the same LAN network, so Laptop can print by that printer without any wired connection.

Configuration Template

3G wan link configuration template 

ip access-list standard 1

 10 permit any

 exit

dialer-list 1 protocol ip permit

chat-script g3dia ATDT

chat-script g3cdma2000connection AT^PPPCFG="9323863248","9323863248"

interface cellular0

 encapsulation ppp

 ppp pap sent-username 9323863248 password 9323863248

 ip address negotiated

 bandwidth 384

 load-interval 30

 dialer in-band

 dialer idle-timeout 0            ### interface should not time out ###

 dialer-group 1

 dialer string #777

 script connection g3cdma2000connection

 script dialer g3dia

 ip nat outside

 exit

ip route 0.0.0.0 0.0.0.0 cellular0  ### this routes must be configured, otherwise the 3G interface will not dial-up ###

For dialing – ping to some IP

Router# ping 4.2.2.2 –t

IPSEC certification template

Get the certification from HQ VPN gateway certification server:

crypto ca identity XXXX

 enrollment url 221.10.X.X

 exit  ###define the identity profile XXXX which is the IP address: 221.10.x.x ###

crypto ca authenticate xxxx  ### after this command you will get the root certification by following###

    % The Root CA Certificate has the following attributes:

  Serial Number: C1661E12562D1DBFBE41

  Subject: CN=maipu, OU=maipu communication, O=maipu, ST=sichuan, L=chengdu, C=china

  Issuer : CN=maipu, OU=maipu communication, O=maipu, ST=sichuan, L=chengdu, C=china

  Validity

    Start date: 2004-12-14 10:23:25

    End   date: 2014-12-13 10:23:25

  Usage: Sign

  Fingerprint(sha1):xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

% Do you accept this certificate(Yes|No)?Y

% PKI: Get CA certificate success.

crypto ca enroll maipu 512 partner_ind_test   ### Certification request from remote server###

   

% Please input request password:****      ### Input password xxxx ####

    % The Certificate DN will be: CN= partner_ind_test

    % Waiting,Generate private key now,Key length 512!

    % Generating .. Done.

% PKI: Certificate enroll success.

IPSEC tunnel+ NAT template

ip access-list extended 1001

 10 deny ip 192.168.91.0 0.0.0.255 192.168.0.0 0.0.255.255

 20 permit ip any any

 exit

interface fastethernet0

 ip address 192.168.91.86 255.255.255.248

 ip nat inside

 exit

## LAN Network###

ip nat inside source list 1001 interface cellular0 overload

crypto tunnel delhi

 local interface cellular0

 peer address x.x.x.x

 set authentication rsa-sig

 set sec-level basic

 set auto-up

 exit

crypto policy p1

 flow 192.168.91.80 255.255.255.248 192.168.91.80 255.255.255.248 ip permit

 exit

### this flow will permit 192.168.91.80 local network communicate with each other ###

crypto policy p2

 flow 192.168.91.80 255.255.255.248 x.x.x.x 255.255.255.0 ip tunnel delhi

 exit

##In Maipu we define Flow and map the interesting traffic to crypto tunnel ###

## this flow is permit from LAN 192.168.91.80 to HQ core network ##

VOIP Configuration Template

callrouting-conf  ### type this command in Global configuration to enter in VOIP config mode ##

 dial-peer 1 pots

  destination-pattern 00911081

  port 1/0

  exit

 dial-peer 2 voip

  destination-pattern xx.

  session-target  sip-server

  exit      

 exit       

 fxs-card 1 

  channel 0 0 payload 4

  channel 0 0 enable

 exit       

voicesrv-conf

 black-white-list

  exit      

 code-mode mode1

 h323 start slow

 h323 send-dtmf h245-string

 h323 call-diversion default

 h323 h245Tunnel off

 h323 bearer-cap 3100hz

 h323 fill-send-complete enable

 h323 grq_interval 40

 h323 call-thrust-ttl 10

 call-transfer disable

 call-transfer consultation

 user-config enable

 exit

interface loopback0

 exit

interface fastethernet0

 sip-gateway voip interface

 sip-gateway voip proxy x.x.x.x

 sip-gateway voip registrar x.x.x.x

 sip-gateway voip password 123456

 exit

 sip-gateway

WIFI Configuration template:

ssid-security-profile wpa2

 secpol wpa2

 authpol psk ascii password

 ciphpol aes

exit

interface dot11radio0

 antenna rx left

 antenna tx right

 beacon period 100

 channel auto

 ssid MAIPU_MP1800_CPE_ROUTER

  security wpa2

  clientlimit 3

  fragment 2000

  vlan 1

  exit      

 exit

interface dot11radio0.1

 ip address 192.168.91.86 255.255.255.248

 encapsulation dot1q 1

 exit

ip dhcp pool wlan

 range 192.168.91.81 192.168.91.83 255.255.255.248

 dns-server 61.139.2.69 4.2.2.2 202.56.215.54

 default-router 192.168.91.86

 exit

Show Outputs :

Show int cellular 0   ### After generating the traffic, Cellular interface got IP ###

cellular0:

     line protocol is up

     Flags: (0xc0080f1) POINT-TO-POINT MULTICAST RUNNING

     Type: PPP

     Internet address: 115.240.57.192/32

     Destination Internet address: 220.224.141.129

     Metric: 0, MTU: 1500, BW: 384 Kbps, DLY: 100000 usec, VRF: global

     Reliability 255/255, Txload 30/255, Rxload 30/255

     Last clearing of "show interface" counters never

     30 seconds input rate 46000 bits/sec, 50 packets/sec

     30 seconds output rate 46000 bits/sec, 50 packets/sec

     17645 packets received; 18108 packets sent

     0 multicast packets received

     0 multicast packets sent

     0 input errors; 0 output errors

     0 collisions; 1 dropped

      LCP:OPENED

      IPCP:OPENED   NDSPCP:STOPPED

      encap-type: simply PPP

      Rx chars: 2043875, Tx chars 2002050

      Rx overrun 0, Tx underrun 0

### IPSEC status ###

#sh crypto ike sa   

localaddr                 peeraddr                 peer-identity         negotiation-state                          sa-id

115.240.57.192    221.10.5.195      CN=zongbu.maipu.com        STATE_QUICK_I2            10

115.240.57.192    221.10.5.195      CN=zongbu.maipu.com        STATE_MAIN_I4             9

#sh crypto ipsec sa

policy name : p2

  f (src, dst, protocol, src port, dst port) :  192.168.91.80/29  192.168.0.0/22  ip  any  any

  local tunnel endpoint : 115.240.57.192 remote tunnel endpoint : 221.10.5.195

  the pairs of ESP ipsec sa : id : 10, algorithm : DES HMAC-SHA1-96

    inbound esp ipsec sa :  spi : 0Xd3380201(3543663105)

                current input 16326 packets, 1173 kbytes

                encapsulation mode : Tunnel

                replay protection : ON

                remaining lifetime (seconds/kbytes) : 27533/4606826

                uptime is 0 hour 21 minute 7 second

    outbound esp ipsec sa :  spi : 0Xeae10ed0(3940617936)

                current output 16719 packets, 1057 kbytes

                encapsulation mode : Tunnel

                replay protection : ON

                remaining lifetime (seconds/kbytes) : 27533/4606942

                uptime is 0 hour 21 minute 7 second

VOIP:

#sh sip call detail

   sid       aid   cid    did    callingNum        calledNum        state            connTime

   c         34    17     18     8888888888        0289756          ST_CONNECT       00:00:05   

   Total active sip call: 1, connected: 1

IOS Details :

show ver

               MyPower (R) Operating System Software

MP1800 system image file (flash0: /flash/rp10-i-6.2.8.pck), version 6.2.8(integrity), Compiled on Ju

n 12 2010, 15:59:42

Copyright (C) 2010 Maipu Communication Technology Co., Ltd. All Rights Reserved.

MP1800 Version Information

                System ID           : 00017ab5dc4c

                Hardware Model                    : RM1800-31W with 256 MBytes SDRAM, 32 MBytes flash

                Hardware Version    : 002(Hotswap Unsupported)

                MPU CPLD Version    : 003

                Monitor Version     : 1.17

                Software Version    : 6.2.8(integrity)

                Software Image File : flash0: /flash/rp10-i-6.2.8.pck

                Compiled                  : Jun 12 2010, 15:59:42

System Uptime is 1 hour 51 minutes 21 seconds

This document is explained about the configuration of above solution using Maipu MP1800 router.

Plz provide your feedback on same…