Testing Cisco's Mobile Core, Data Center & Business Services

Summary: In a GGSN role, the ASR 5000 was able to maintain a total of 1 million attached subscribers. It forwarded a total of 20 Gbit/s across 380,000 of these emulated subscribers without any packet or session loss. 18,000 subscriber contexts were activated per second. The results confirm very robust scalability of the ASR 5000 in a 3G, GGSN role.

In our test, Cisco’s ASR 5000 played the roles of GGSN, SGSN, P-GW, S-GW, and MME one by one. This multi-role function should be an operational advantage to streamline requirements to size, power, management, and serviceability. At least it was in our test – when one of the ASR 5000 cards’ hardware failed, the Cisco support team could quickly pull a spare module from the joint pool. In this test the focus was on the ASR 5000’s role as a Gateway GPRS Support Node (GGSN).

The GGSN is a crucial element in the Mobile Core infrastructure. It serves as the gatekeeper to the IP world and is, in many ways, a VPN router. Managing GTP (GPRS Tunneling Protocol) tunnels to each connected mobile terminal, it sets up and tears down packet data protocol (PDP) contexts, extracts tunneled IP data arriving from the SGSN to routed IP and routes Internet traffic into the appropriate contexts on the return path. The GGSN has to manage subscribers and their IP addresses as well as enforce policies.

We started off by performing essential baseline tests, aiming to answer the questions:

  • How many sessions can the GGSN activate per second? In other words, how large a cloud of active mobile broadband data users can an operator sensibly manage using a single Cisco ASR 5000?
  • How many mobile users will be supported simultaneously – i.e. what is a suitable operational ceiling for the number of mobile terminals under supervision of a single GGSN?
  • How much data can the GGSN process? In the high-speed packet access (HSPA) times, an operator selling multi-megabit downlink speeds to their customer base should have accountable planning numbers in their hands.

The test logic had to follow the order of questions above: First users have to be authenticated and activated by the system; once they have been admitted to the mobile network and are allowed to use the data services, they can send and receive data. This meant that within one test we aimed to test both the control plane and data plane capabilities of the ASR 5000.

The test was set up such that a couple of Spirent Landslides emulated a total of four Serving Gateway Support Nodes (SGSN) on one side of the GGSN user test. (We did not use real ASR 5000 SGSNs because this would have required more SGSN hardware to scale than we had available.) Behind those SGSNs, Landslide emulated the appropriate control protocols to represent RNCs, 16 base stations, and 1,060,000 subscribers, which were split up:

  • 380,000 sessions actively sending data all the time
  • 620,000 sessions attached and idle
  • 60,000 sessions in a make/break scenario, set up and disconnected at a rate of 1,000 sessions per second with a lifetime of one minute each.

The parameters were developed by EANTC based on discussions with Heavy Reading analysts and service providers. Since it is only logical that not all attached users are going to be using data services at the same time, we defined 38 percent of the users as actively sending and receiving.

On the upstream side of the GGSN, the Landslide emulated Internet servers and hosts (for example, Web servers). We started the test by activating all the 1,000,000 permanently active PDP contexts. We configured the farm of Spirent Landslides to activate a total of 18,000 PDPs per second and started the test. The ASR 5000 was able to support this rate and scale up to our configured number of users, 1 million. Once the number of expected PDP contexts was reached, the Landslide started sending data traffic for the predefined 38 percent fraction of the users.

At this stage, we started the make/break sessions with the additional pool of 60,000 users that were making new data calls and terminating them after 60 seconds. Context activations/deactivations are commonly seen in mobile networks; they increased the realism and challenge of the test.

Our active users were configured with an array of representative applications. These included HTTP and VoIP, as well as plain TCP and UDP. The total amount of data traffic that the ASR 5000 had to process was 20.086 Gbit/s. The traffic was roughly broken down to 6 Gbit/s being sent from the users and 14 Gbit/s being sent to the users. We let the traffic flow for 15 minutes while cycling through our make/break users. We also monitored the CPU utilization on the ASR 5000 and recorded at most 69 percent at any time.

Through the duration of the test we did not lose any user session. The ASR 5000 was able to maintain all user sessions while processing a total of 20 Gbit/s worth of data traffic and performing 1,000 data call activations and terminations per second.

Since GGSNs tend to be cost intensive, service providers have a vested interest in minimizing their numbers. The test results validated Cisco’s claims that the ASR 5000 is a robust and scalable GGSN.

Page 4: Results: ASR 5000 GGSN Performance With DPI

Previous Page
3 of 14
Next Page
Page 1 / 2   >   >>
srikrishnak 12/5/2012 | 4:24:27 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Great continuation. Used to get much more from LR, so still waiting for PDF :)

DCITDave 12/5/2012 | 4:24:21 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

We'll have the PDFs available soon. Want to make sure all corrections and copy editing are complete with both reports first. Hang in there.

JeddChen 12/5/2012 | 4:24:21 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Informative Reports. waiting for PDF, too.

bigpicture 12/5/2012 | 4:24:17 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

I have a question about the throughput vs. the DPI tests.  In the throughput test you stated you had 60,000 make / break sessions activating at 1,000 sessions per second.  In the DPI test you stated the rate was "reduced" to 5.000 sessions per second.  

I'm not sure how you "reduced" from 1,000 to 5,000.  Is one of the numbers a typo or am I just confused?



tohhwee72 12/5/2012 | 4:24:17 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Possible to share more detail on the firewall performance, e.g.

1. The packet size used for the test, i.e. large or small packet?

2. Traffic profile, e.g. % of http, % of ftp etc

3. How is the NAT being done? i.e. how many public IP address are used to get 1 mil concurrent session?

4. What was the throughput, CPU load etc?

cross 12/5/2012 | 4:24:16 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Hi Bigpicture,

I thought I was confused, but it was only a typo :-)

Thanks for pointing out the issue.  We will fix it.  In short:

<li>GGSN test with DPI: 18,000 attachments per second</li>
<li>GGSN test without DPI: 18,000 attachments per second</li>
<li>EPC test: 5,000 attachments per second.</li>

Once all sessions were established, the make/break attachment rate was 1,000 new sessions plus 1,000 terminated sessions per second for all three tests (in a constant way, constantly making and breaking over the whole remaining test duration of 15 minutes).

Thanks, Carsten

JeddChen 12/5/2012 | 4:24:09 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Emulator is a very important and supplementary means for functionality and performance test. But real networks are quite different and much more complicated and there are a lot of potential and unpredicted factors. That a lot of emulators were used in this test solution has&nbsp; arose the worry mentioned above. so some of the results will be expected to be verified in live networks(trial office).

2skhatri 12/5/2012 | 4:24:04 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Are we to surmise that the upper limit for number of simultaneously attached users is around 1 million?&nbsp;

cross 12/5/2012 | 4:24:03 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Hi tohhwee72,

The primary focus of the ASR1000 Firewall/NAT test was the scale of the stateful network address translations. We did not mean to test the ASR1000 for throughput performance here.&nbsp; Also, the Avalanche emulator is an application-layer device; it sent HTTP requests and received responses on layer 7 - this was not a packet-layer test.&nbsp; To answer your questions:

1. The HTTP requests were for pretty short URLs so the packet sizes were in the order of 150 Bytes.&nbsp;&nbsp; Responses were sent for mid-size objects of a couple of kilobytes; MTU was set to 1470 bytes so there was an average packet size north of 1,000 bytes.&nbsp;

2. Three quarters of the traffic was HTTP, one quarter FTP.

3. The purpose of this test was to validate business security aspects of NAT.&nbsp; Enterprises typically want to hide their internal IP addresses from the Internet.&nbsp; NAT was therefore configured in a 1:1 scenario.&nbsp; 80,000 IP addresses from the network were mapped into another 80,000 IP addresses in the (supposedly public) network of

4. CPU load was not monitored. The Spirent Avalanche controller reported downstream throughput of 1.09 Gbit/s and upstream throughput of 0.154 Gbit/s. This was not a throughput test - we focused on stateful NAT mapping scalability.

Thanks Carsten

cross 12/5/2012 | 4:24:02 PM
re: Testing Cisco's Mobile Core, Data Center & Business Services

Hi JeddChen,

Network emulations and trials both have their reason for existence I believe.&nbsp; I disagree with your point that trials are better - they just answer different questions at a different time.

First and foremost, the goal of our test was to provide true, real, independent data of a vendor solution publicly.&nbsp; I have not heard of any serious operator trial where results have been made available publicly to the level of detail of this test.&nbsp; I hope our results will be helpful to gauge Cisco's solution for anybody worldwide.&nbsp; It does not take a site visit or good relationships with the trialling operator or vendor to read our article.

Second, it is dangerous to design trials to answer scalability questions. After all, customers are meant to use the trial as a service to some extent. To get to a level where one million users would simultaneously use LTE data connections, one would need to have at least a subscriber base of 10 million hyperactive data users because they are never going to use the network all at once.&nbsp; Few operators will be adventurous enough - or even able, given their customer base - to answer these scalability questions in a trial. TeliaSonera has not disclosed the number of subscribers in its production grade LTE network (not a trial!) - TeliaSonera has just said it has "thousands of subscribers" on its Swedish LTE network, and a total of around 500,000 mobile broadband subscribers nationwide for LTE and 3G together.

On the other hand, our test was unable to answer typical trial questions such as: How do subscribers perceive the service? What happens in the interaction with base stations when a large number of users are on the move, fast or slow, or do not have perfect coverage? How will charging work?&nbsp; So I definitely see the viability of trials once scalability emulations have been completed so it will be safe to deploy a trial network for real customers.

Apologies for the long post.

Thanks Carsten


Page 1 / 2   >   >>
Sign In