Appendix B SSG Implementation Notes

Table B-1 SSG Implementation Notes for the Cisco 10000 Router (continued)

SSG Feature

Implementation Notes

Local Forwarding

Cannot be enabled or disabled through the CLI.

 

Only seven services (network sets) can be bound to an uplink interface. If a

 

service cannot be created on the toaster, then no connection is created.

 

A service cannot be bound by interface to a broadcast interface. If such a service

 

is configured, the toaster does not see this network in the VRF and might drop

 

traffic to the service. Binding to a next-hop on a broadcast interface is allowed.

 

If two users are connected to services on the same uplink interface, traffic

 

between the users is allowed and all host features are applied (which are the “in”

 

features of the first user and the “out” features of the second user).

 

If an ACL contains more than eight ACEs, the toaster does not apply the ACL;

 

however, the segment continues to exist.

 

 

MPLS

Disabled on SSG interfaces.

 

 

Open Garden

Service bindings not required for services directly connected to the router.

 

Service bindings are required for any services routed through a next-hop address.

 

RADIUS accounting records not created for Open Garden services.

 

Open Garden services must be created through local profiles, RADIUS profiles

 

are not supported.

 

Overlapping of Open Garden networks is not supported.

 

 

Per Service

Connection-level statistics are not collected for the default network or for Open

Statistics

Garden networks.

 

You cannot display aggregate statistics for a user.

 

For PPP-based users, any link-level control traffic (such as keepalives) are

 

counted separately from the data traffic to support idle timeouts.

 

 

Port-Bundle

The router supports this feature for Cisco SESM Release 3.1(1) or later. The

Host Key

feature is disabled by default.

 

A default network must be configured and routable from SSG.

 

To enable this feature, you must reload SSG and restart SESM.

 

You must separately enable this feature at SESM and at all connected SSG nodes.

 

For each SESM server, all connected SSG nodes must have the same port-bundle

 

length. When you change the port-bundle length, the change does not take effect

 

until after the router reloads.

 

All SSG source IP addresses configured using the ssg port-map source ip

 

command must be routable in the management network where SESM resides.

 

See the “Restrictions for SSG Port-Bundle Host Key” section on page 6-7for

 

additional implementation notes.

 

 

PPPoA

The router supports only one host per interface.

Connections

The customer premises equipment (CPE) must be configured for PAT.

 

 

 

Prepaid Services

Only time-based quotas are supported. Quotas are always measured in seconds.

 

Quotas based on data volume are not supported. If configured, traffic might exceed

 

the quota.

 

 

Cisco 10000 Series Router Service Selection Gateway Configuration Guide

 

B-2

OL-4387-02

 

 

 

Page 94
Image 94
Cisco Systems OL-4387-02 manual Mpls