Cisco ASR 5000 Administration Manual
Staros release 21.1
Hide thumbs
Also See for ASR 5000:
- Installation manual (294 pages) ,
- Administration manual (159 pages) ,
- Installation procedure (8 pages)
Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Installation Manual
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Cisco ASR 5000
Summary of Contents for Cisco ASR 5000
- Page 1 ASR 5000 System Administration Guide, StarOS Release 21.1 First Published: 2017-01-26 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883...
- Page 2 Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks . Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.
-
Page 3: Table Of Contents
Context Selection for Context-level Administrative User Sessions Context Selection for Subscriber Sessions Understanding the ASR 5000 Boot Process Understanding Configuration Files IP Address Notation IPv4 Dotted-Decimal Notation IPv6 Colon-Separated-Hexadecimal Notation CIDR Notation Alphanumeric Strings ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 4 Verifying and Saving Your Interface and Port Configuration Configuring System Timing Setting the System Clock and Time Zone Verifying and Saving Your Clock and Time Zone Configuration Configuring Network Time Protocol Support ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 5 Associating an SFTP root Directory with a Local User Associating an SFTP root Directory with an Administrator Associating an SFTP root Directory with a Config Administrator Configuring TACACS+ for System Administrative Users Operation User Account Requirements TACACS+ User Account Requirements ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 6 LAG and Master Port LAG and Port Redundancy LAG and Multiple Switches Multiple Switches without L2 Redundancy Multiple Switches with L2 Redundancy Port States for Auto-Switch Hold Time Preferred Slot Auto-Switch Criteria ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 7 C H A P T E R 5 ORBEM Configuring ORBEM Client and Port Parameters Configuring IIOP Transport Parameters Verifying ORBEM Parameters SNMP MIB Browser SNMP Support Configuring SNMP and Alarm Server Parameters Verifying SNMP Parameters ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 8 Setting the Characteristics of the Channelized Line Card Configuring the Channel Characteristics Binding a DLCI Verifying the Frame Relay Interface Configuration and Status Display Port and DLCI Configuration Details Display Port and DLCI Configuration and Status ASR 5000 System Administration Guide, StarOS Release 21.1 viii...
- Page 9 Understanding the boot.sys File Maintaining the Local File System File System Management Commands Synchronizing the File System Creating Directories Renaming Files and Directories Copying Files Deleting Files Removing Directories Formatting Local Devices ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 10 Stage 2 - Stand-alone Operation Stage 3 - Management Card Upgrade Stage 4 - Reboot All Packet Processing Cards Stage 5 - Return System to Normal Operation Performing an On-line Software Upgrade ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 11 Configuring Local-User Account Management Properties Local-User Account Lockouts Local-User Account Suspensions Changing Local-User Passwords Monitoring the System C H A P T E R 1 0 SNMP Notifications Monitoring System Status and Performance ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 12 Exec Mode Filtering Global Configuration Mode Filtering Configuring syslog Servers Configuring Active Logs Specifying Facilities Configuring Trace Logging Configuring Monitor Logs Enabling Monitor Logs Disabling Monitor Logs Viewing Logging Configuration and Statistics ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 13 Checking the LEDs on the SPIO SPIO Run/Fail LED States SPIO Active LED States SPIO Standby LED States SPIO Interface Link LED States SPIO Interface – Activity LED States Checking the LEDs on Ethernet Line Cards ASR 5000 System Administration Guide, StarOS Release 21.1 xiii...
- Page 14 Using the Protocol Monitor Using the Protocol Monitor for a Specific Subscriber Generating an SSD Configuring and Using the Support Data Collector Access Control Lists C H A P T E R 1 4 Overview ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 15 Applying an ACL to Multiple Subscriber via APNs Verifying the ACL Configuration to APNs Congestion Control C H A P T E R 1 5 Overview Configuring Congestion Control Configuring the Congestion Control Threshold ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 16 Enabling OSPFv3 Routing For a Specific Context Enabling OSPFv6 Over a Specific Interface Redistributing Routes Into OSPFv3 (Optional) Confirming OSPFv3 Configuration Parameters Equal Cost Multiple Path (ECMP) BGP-4 Routing Overview of BGP Support ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 17 Associating BFD Neighbor Groups with the BFD Protocol Enabling BFD on OSPF Interfaces All OSPF Interfaces Specific OSPF Interface Monitoring BFD Connection for ICSR Saving the Configuration Chassis-to-Chassis BFD Monitoring for ICSR ASR 5000 System Administration Guide, StarOS Release 21.1 xvii...
- Page 18 BGP MPLS VPNs C H A P T E R 1 8 Introduction MPLS-CE Connected to PE ASR 5x00 as a PE Overview Sample Configuration IPv6 Support for BGP MPLS VPNs ASR 5000 System Administration Guide, StarOS Release 21.1 xviii...
- Page 19 Additional ASR 5x00 Hardware Requirements Configuring the System to Support Session Recovery Enabling Session Recovery Enabling Session Recovery on an Out-of-Service System Enabling Session Recovery on an In-Service System Disabling the Session Recovery Feature ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 20 Allow Non-VoLTE Traffic During ICSR Switchover Allow All Data Traffic Allow Early Active Transition Graceful Cleanup of ICSR After Audit of Failed Calls Optimization of Switchover Control Outage Time Configuring the SRP Context Interface Parameters ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 21 Updating the Configuration File Verifying the Software Version Saving the Configuration File Completing the Update Process Waiting for Session Synchronization Primary Chassis Initiating an SRP Switchover Checking AAA Monitor Status on the Newly Active Chassis ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 22 ASR 5000 Packet Processing Card Rules Context Rules Subscriber Rules Service Rules Access Control List (ACL) Engineering Rules ECMP Groups StarOS Tasks A P P E N D I X B Overview ASR 5000 System Administration Guide, StarOS Release 21.1 xxii...
- Page 23 Overview of Checkpointing Macro-checkpoints GGSN_APN ID MAPPING INSTANCE LEVEL CHECKPOINT SERVICE_ID MAPPING VPNMGR_ID MAPPING Micro-checkpoints Uncategorized SESS_UCHKPT_CMD_INVALIDATE_CRR SESS_UCKKPT_CMD_UPDATE_CLPSTATS SESS_UCHKPT_CMD_UPDATE_IDLESECS DCCA Category SESS_UCHKPT_CMD_DCCA_SESS_INFO ECS Category SESS_UCHKPT_CMD_ACS_CALL_INFO SESS_UCHKPT_CMD_ACS_GX_LI_INFO SESS_UCHKPT_CMD_ACS_SESS_INFO SESS_UCHKPT_CMD_DEL_ACS_CALL_INFO SESS_UCHKPT_CMD_DEL_ACS_SESS_INFO SESS_UCHKPT_CMD_DYNAMIC_CHRG_CA_INFO SESS_UCHKPT_CMD_DYNAMIC_CHRG_DEL_CA_INFO SESS_UCHKPT_CMD_DYNAMIC_CHRG_DEL_QG_INFO ASR 5000 System Administration Guide, StarOS Release 21.1 xxiii...
- Page 24 Firewall/ECS Category SESS_UCHKPT_CMD_SFW_DEL_RULE_INFO SESS_UCHKPT_CMD_SFW_RULE_INFO GGSN Category SESS_UCHKPT_CMD_GGSN_DELETE_SUB_SESS SESS_UCHKPT_CMD_GGSN_UPDATE_RPR SESS_UCHKPT_CMD_GGSN_UPDATE_SESSION SESS_UCHKPT_CMD_GGSN_UPDATE_STATS SESS_UCHKPT_CMD_UPDATE_COA_PARAMS Gx Interface Category SESS_UCHKPT_CMD_ACS_VOLUME_USAGE SESS_UCHKPT_CMD_UPDATE_SGX_INFO NAT Category SESS_UCHKPT_CMD_GR_UPDATE_NAT_REALM_PORT_INFO1 SESS_UCHKPT_CMD_GR_UPDATE_NAT_REALMS SESS_UCHKPT_CMD_NAT_SIP_ALG_CALL_INFO SESS_UCHKPT_CMD_NAT_SIP_ALG_CONTACT_PH_INFO SESS_UCHKPT_CMD_UPDATE_DSK_FLOW_CHKPT_INFO SESS_UCHKPT_CMD_UPDATE_NAT_BYPASS_FLOW_INFO P-GW Category SESS_UCHKPT_CMD_PGW_DELETE_SUB_SESS SESS_UCHKPT_CMD_PGW_OVRCHRG_PRTCTN_INFO SESS_UCHKPT_CMD_PGW_SGWRESTORATION_INFO SESS_UCHKPT_CMD_PGW_UBR_MBR_INFO SESS_UCHKPT_CMD_PGW_UPDATE_APN_AMBR SESS_UCHKPT_CMD_PGW_UPDATE_INFO ASR 5000 System Administration Guide, StarOS Release 21.1 xxiv...
- Page 25 SESS_UCHKPT_CMD_CGW_UPDATE_UE_PARAM SESS_UCHKPT_CMD_SAMOG_ACCT_INTERIM_INFO SESS_UCHKPT_CMD_SAMOG_ACCT_START_INFO SESS_UCHKPT_CMD_SAMOG_EOGRE_TUNNEL_INFO SESS_UCHKPT_CMD_SAMOG_GTPV1_UPDATE_PDN_INFO SESS_UCHKPT_CMD_SAMOG_HANDOFF_AUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_HANDOFF_INIT_INFO SESS_UCHKPT_CMD_SAMOG_LI_PROV_INFO SESS_UCHKPT_CMD_SAMOG_MIPV6_TIMER_INFO SESS_UCHKPT_CMD_SAMOG_MULTI_ROUND_AUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_REAUTHEN_INFO SESS_UCHKPT_CMD_SAMOG_REAUTHOR_INFO ASR 5000 SDR CLI Strings A P P E N D I X D ASR 5000 SDR CLI Command Strings ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 26 Contents ASR 5000 System Administration Guide, StarOS Release 21.1 xxvi...
-
Page 27: About This Guide
This preface describes the System Administration Guide, how it is organized and its document conventions. The System Administration Guide describes how to generally configure and maintain StarOS running on an ASR 5000 platform. It also includes information on monitoring system performance and troubleshooting. •... -
Page 28: Related Documentation
Use the information in this section to contact customer support. Refer to the support area of http://www.cisco.com for up-to-date product documentation or to submit a service request. A valid username and password are required to access this site. Please contact your Cisco sales or service representative for additional information. -
Page 29: System Management Overview
C H A P T E R System Operation and Configuration The ASR 5000 system provides wireless carriers with a flexible solution that can support a wide variety of services. Before you connect to the command line interface (CLI) and begin system configuration, you must understand how the system supports these services. -
Page 30: Chapter
2 (SNMPv2) for fault management • Authentication via RADIUS/Diameter or TACACS+ The StarOS CLI provides complete Fault, Configuration, Accounting, Performance, and Security (FCAPS) capabilities as described in the remaining chapters of this guide. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 31: Terminology
You can configure each physical port to support multiple logical IP interfaces, each with up to 17 IP addresses (one primary and up to 16 secondaries). For complete information on line cards and port assignments, refer to the ASR 5000 Installation Guide. Logical Interfaces You must associate a port with a StarOS virtual circuit or tunnel called a logical interface before the port can allow the flow of user data.Within StarOS, a logical interface is a named interface associated with a virtual... -
Page 32: Management Interface
• Home Agent (HA) services • Layer 2 Tunneling Protocol Access Concentrator (LAC) services • Dynamic Host Control Protocol (DHCP) services • Packet Data Interworking Function (PDIF) services • Mobility Management Entity (MME) Services ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 33: Aaa Servers
When local subscriber profiles are first created, attributes for that subscriber are set to the system's default settings. The same default settings are applied to all subscriber profiles, including the subscriber ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 34: Trusted Builds
This section describes the process that determines which context to use for context-level administrative users or subscriber sessions. Understanding this process allows you to better plan your configuration in terms of how many contexts and interfaces you need to configure. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 35: Context Selection For Context-Level Administrative User Sessions
If you have configured the user profile on an AAA server, the system must determine how to contact the AAA server to perform authentication. It does this by determining the AAA context for the session. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 36: Asr 5000 System Administration Guide, Staros Release 21.1
The following table and flowchart describe the process that the system uses to select an AAA context for a context-level administrative user. Items in the table correspond to the circled numbers in the flowchart. Figure 2: Context-level Administrative User AAA Context ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 37: Context Selection For Subscriber Sessions
Part of the configuration process requires that you allocate hardware resources for processing and redundancy. Therefore, before you configure the system, it is important to understand the boot process which determines how the hardware components are brought on line. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 38: Asr 5000 System Administration Guide, Staros Release 21.1
SMC CompactFlash. The standby SMC observes the active card startup. If the file on the active card is loads normally, the standby SMC boots from the active card image. If the active ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 39: Understanding Configuration Files
Therefore, the system automatically ignores keywords with pipes during processing. Always save configuration files in UNIX format. Failure to do so can result in errors that prevent Important configuration file processing. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 40: Ip Address Notation
IPv6 address as an alternative. For some configuration commands, the CLI also accepts CIDR notation. Always view the online Help for the CLI command to verify acceptable forms of IP address notation. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 41: Ipv4 Dotted-Decimal Notation
(/) character, and the prefix size expressed as a decimal number. On the ASR 5000, routes with IPv6 prefix lengths less than /12 and between the range of /64 and /128 are Important not supported. -
Page 42: Character Set
• { } (braces) • [ ] (brackets) • $ (dollar sign) [see wildcard exception below] • ! (exclamation point) [see exception below] • ( ) [parentheses] • % (percent) [see exception below] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 43: Quoted Strings
Quoted Strings If descriptive text requires the use of spaces between words, the string must be entered within double quotation marks (" "). For example: interface "Rack 3 Chassis 1 port 5/2" ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 44: Asr 5000 System Administration Guide, Staros Release 21.1
System Operation and Configuration Quoted Strings ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 45: Getting Started
This chapter provides instructions for connecting to the console port and creating the initial local context management configuration. • ASR 5000 Configuration, page 17 • Using the ASR 5000 Quick Setup Wizard, page 17 • Using the CLI for Initial Configuration, page 22 • Configuring the System for Remote Access, page 24 •... -
Page 46: The Quick Setup Wizard
CLI. Enter setup at the command prompt to re-invoke the wizard. Enable a basic configuration. Enter yes to create a basic configuration file. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 47: Asr 5000 System Administration Guide, Staros Release 21.1
The hostname appears in the StarOS CLI prompt. Create a single Dedicated-LI context. Before creating a Dedicated LI context, refer to the Lawful Intercept Configuration Guide. Once created, a Dedicated LI context cannot be undone. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 48: Asr 5000 System Administration Guide, Staros Release 21.1
Note: For maximum security, use only SSH v2. In Release 19.2 and higher, only SSH v2 is supported. Secure File Transfer Protocol (SFTP) uses TCP port number 22 by default, if enabled [subsystem sftp]. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 49: Asr 5000 System Administration Guide, Staros Release 21.1
0.0.0.0 0.0.0.0 spio1 v1_key ssh key v2_rsa_key ssh key v2_dsa_key ssh key server sshd subsystem sftp #exit no server telnetd no server ftpd #exit port ethernet 24/1 bind interface spio1 local no shutdown ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 50: Using The Cli For Initial Configuration
• Configuring the Ethernet interface(s) on the SPIO that is installed behind the primary SMC • Configuring the system for remote CLI access via Telnet, SSH, or FTP (secured or unsecured) In release 20.0 and higher Trusted StarOS builds, telnet and FTP are not supported. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 51: Asr 5000 System Administration Guide, Staros Release 21.1
The following prompt appears as the system enters the Ethernet Interface Configuration mode: host_name [local] (config-if-eth)# c) Configure an IP address for the interface configured in the previous step by entering the following command: { ip address | ipv6 address } ipaddress subnetmask ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 52: Configuring The System For Remote Access
Configure the system for remote access. An administrative user may access the system from a remote location over a local area network (LAN) or wide area network (WAN): • Telnet • Secure Shell (SSH) • File Transfer Protocol (FTP) (secured or unsecured) • Trivial File Transfer Protocol (TFTP) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 53: Asr 5000 System Administration Guide, Staros Release 21.1
For maximum system security, do not enable FTP. In release 20.0 and higher Trusted StarOS builds, FTP is not supported. Step 6 Exit the configuration mode by entering the following command: host_name [local] (config-ctx)# host_name [local] Step 7 Verify the configuration by entering the following command: host_name show configuration [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 54: Asr 5000 System Administration Guide, Staros Release 21.1
Bcast Address: MTU: 1500 Resoln Type: ARP timeout: 3600 secs L3 monitor LC-port switchover: Disabled Number of Secondary Addresses: Step 10 Save your configuration as described in Verifying and Saving Your Configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 55: Configuring Ssh Options
Specify the bit size for SSH keys. host_name ssh key-size { 2048 | 3072 | 4096 | 5120 | 6144 | 7168 | 9216 } [local] (config)# The default bit size for SSH keys is 2048 bits. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 56: Configuring Ssh Key Generation Wait Time
• aes192-ctr – AES, 192-bit key size, CTR • aes256-ctr – AES, 256-bit key size, CTR • aes128-gcm@openssh.com – AES, 128-bit key size, Galois Counter Mode [GCM], OpenSSH • aes256-gcm@openssh.com – AES, 256-bit key size, GCM, OpenSSH ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 57: Generating Ssh Keys
The ssh key command sets the public/private key pair to be used by the system. The v2-dsa keyword is concealed in the ssh key command. Specify the SSH key pair parameters. ssh key data length octets type v2-rsa [local]host_name(config-ctx)# Notes: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 58: Authorized Ssh User Access
Only explicitly allowed users will be able connect to a host via SSH. The user name may optionally include a specific source IP address. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 59: Creating An Allowed Users List
For additional information, see the SSH Configuration Mode Commands chapter in the Command Line Interface Reference. Step 4 Exit the SSH Configuration mode. host_name [local] (config-sshd)# host_name [local] SSH User Login Authentication StarOS authenticates SSH user login attempts via authorized-key/user-account pairings for the following scenarios: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 60: Secure Session Logout
45 seconds (using default parameters). Two SSH Configuration mode CLI commands allow you to disable or modify this default sshd disconnect behavior. For higher security, Cisco recommends at least a client-alive-countmax of 2 and client-alive-interval of Important 5. -
Page 61: Changing Default Sshd Secure Session Logout Parameters
You use commands in the SSH Client Configuration mode to specify a private key and generate the SSH client key pair. Step 1 Enter the SSH client configuration mode. host_name client ssh [local] (config)# host_name [local] (config-ssh)# ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 62: Pushing An Ssh Client Public Key To An External Server
Repeat Step 1 to support SSH/SFTP access on other external servers. Step 3 Test SSH client login to an external server. host_name ssh { hostname | ip_address } user username port port_number local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 63: Configuring The Management Interface With A Second Ip Address
The CLI output should look similar to this example: config context local interface_name interface ipaddress subnetmask ip address ipaddress subnetmask ip address secondary #exit Step 7 Save your configuration as described in Verifying and Saving Your Configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 64: Asr 5000 System Administration Guide, Staros Release 21.1
Getting Started Configuring the Management Interface with a Second IP Address ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 65: System Settings
Configuring Line Card and SPIO Port Redundancy, page 65 • Configuring ASR 5000 Link Aggregation, page 70 • Configuring a Demux Card, page 79 • Configuring Flow Control on XGLCs, page 79 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 66: Configuring A Second Management Interface
Intf Name: mgmt2 Intf Type: Broadcast Description: management2 VRF: None IP State: UP (Bound to 24/2) IP Address: 192.168.100.3 Subnet Mask: 255.255.255.0 Bcast Address: 192.168.100.255 MTU: 1500 Resoln Type: ARP timeout: 60 secs ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 67: Configuring System Timing
• The optional local keyword indicates that the time zone specified is the local timezone. • Daylight Savings Time is automatically adjusted for time zones supporting it. Save your configuration as described in Verifying and Saving Your Configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 68: Verifying And Saving Your Clock And Time Zone Configuration
Do not configure any external NTP servers using the prefer keyword. The NTP clock selection algorithms Important already have the built-in ability to pick the best server. Use of prefer usually results in a poorer choice than NTP can determine for itself. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 69: Configuring Ntp Servers With Local Sources
System Settings Configuring NTP Servers with Local Sources Do not change the maxpoll, minpoll, or version keyword settings unless instructed to do so by Cisco Important TAC. Use the following example to configure the necessary NTP association parameters: configure enable... -
Page 70: Verifying The Ntp Configuration
Polling interval between the system and the NTP server. reach Octal value of the reachability shift register indicating which responses were received for the previous eight polls to this NTP server. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 71: Configuring Transmit Timing Source
To use BITS-timing, the SPIO card must include the optional BITS E1 BNC or T1 (DS1)3-pin timing Important interface. For additional interface information, refer to the ASR 5000 Installation Guide. You can enable and configure up to four timing sources: two BITS-timing and two line-timing sources. Having more than one timing source assures redundancy. -
Page 72: Configure Line-Timing As The Timing Source
Confirming the Timing Source Use the show timing command, documented in the Exec Mode Commands chapter of the Command Line Interface Reference, to confirm that the timing source has been configured correctly. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 73: Enabling Cli Timestamping
Autoconfirm is intended as an "ease-of-use" feature. It presumes that the answer to "Are you sure? [Y/N]" prompts will be "Yes", and skips the prompt. Its use implies that the user is an expert who does not need these "safety-net" prompts. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 74: Requiring Confirmation For Autoconfirm And Configure Commands
• exec-command exec_mode_category specifies one of the following categories of Exec mode configuration commands. ◦ card ◦ clear ◦ copy ◦ debug ◦ delete ◦ filesystem ◦ hd ◦ reload ◦ rename ◦ shutdown ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 75: Configuring System Administrative Users
Config Mode. Configuration instructions are categorized according to the type of administrative user: context-level or local-user. For information on the differences between these user privileges and types, refer to Getting Started. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 76: Configuring Context-Level Administrative Users
When enabled this option prevents someone from using a config-administrator password to gain access to the user account. Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 77: Configuring Context-Level Operators
When enabled this option prevents someone from using an inspector password to gain access to the user account. Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 78: Configuring Li Administrators
AAA based authentication and is not used by the rest of the system. As such, configured local-user accounts are not visible with the rest of the system configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 79: Verifying Local-User Configuration
When upgrading to release 20.0, existing user passwords in the local-user database are not automatically upgraded from MD5 to PBKDF2 hashing (only hashed password values are stored). Since hash functions are ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 80: Provisioning Lawful Intercept
StarOS services that support Lawful Intercept. This guide is not available on www.cisco.com. It can only be obtained by contacting your Cisco account representative. -
Page 81: Restricting User Access To A Specified Root Directory
You must create the SFTP root directory before associating it with local users, administrators and config administrators. You can create multiple SFTP directories; each directory can be assigned to one or more users. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 82: Configuring An Sftp Root Directory
Configuring TACACS+ for System Administrative Users This section describes TACACS+ (Terminal Access Controller Access Control System+) AAA (Authentication Authorization and Accounting) service functionality and configuration on the ASR 5x00. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 83: Operation
TACACS+ is a secure, encrypted protocol. By remotely accessing TACACS+ servers that are provisioned with the administrative user account database, the ASR 5000 can provide TACACS+ AAA services for system administrative users. TACACS+ is an enhanced version of the TACACS protocol that uses TCP instead of UDP. -
Page 84: Staros User Account Requirements
Log in to the system using non-TACACS+ services. Use the example below to configure TACACS+ AAA services on the system: configure tacacs mode server priority priority_number ip-address tacacs+srvr_ip_address ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 85: Configuring Tacacs+ For Non-Local Vpn Authentication
? Verifying the TACACS+ Configuration This section describes how to verify the TACACS+ configuration: Log out of the system CLI, then log back in using TACACS+ services. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 86: Separating Authentication Methods
For example, local-users may have only Console access and AAA (VPN context) users with access only via vty lines. Separating authentication methods (Console versus vty lines) requires disabling Console access for users based on the type of authentication. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 87: Disable Tacacs+ Authentication For Console
You can use the no aaa tacacs+ Context Configuration command to disable TACACS+ services within a context. configure context ctx_name no aaa tacacs+ Use the aaa tacacs+ Context Configuration command to enable TACACS+ services within a context where it has been previously disabled. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 88: Limit Local-User Login On Console/Vty Lines
<username> { encrypted | nopassword | password } noconsole exit The noconsole keyword disables user access to the Console line. By default noconsole is not enabled, thus all AAA-based users can access the Console line. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 89: Verify Configuration Changes
32-byte secure random number. This assures that the chassis key and chassis ID have 32-byte entropy for key security. If a chassis ID is not available encryption and decryption for sensitive data in configuration files will not work. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 90: Configuring A New Chassis Key Value
ID file is lost in both management cards, all existing configuration files become invalid. Entering a new chassis key that is the same as the original value will not resolve the issue because of the new method used to generate the chassis ID. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 91: Quick Setup Wizard
This configuration requires a valid block of unique MAC addresses that are not used anywhere else. The Caution use of non-unique MAC addresses can degrade and impair the operation of your network. Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 92: Verifying Virtual Mac Address Configuration
This command lists the line cards installed in the system by their slot number, their operational status, whether or not the card is a single point of failure (SPOF), and its attachment to a packet processing card or SPC/SMC. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 93: Verifying Packet Processing And Line Card Configurations
Port redundancy for line cards and SPIOs provides an added level of redundancy that minimizes the impact of network failures that occur external to the system. Examples include switch or router port failures, disconnected or cut cables, or other external faults that cause a link down error. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 94: Asr 5000 System Administration Guide, Staros Release 21.1
Port redundancy can be configured to be revertive or non-revertive. With revertive redundancy service is returned to the original port when service is restored. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 95: Asr 5000 System Administration Guide, Staros Release 21.1
33/1 the active port. The switching devices, using some port redundancy scheme, recognizes the failure and enables ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 96: Enabling Line Card And Spio Port Redundancy
You can use any version of the CFE with SPIO port redundancy if the SMCs boot from a local file system (/flash, /pcmcia1, or /pcmcia2). Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 97: Verifying Line Card And Spio Port Redundancy
• If you do not specify a preference, redundancy is non-revertive. If you do specify a preference, redundancy is revertive to the specified card. • Repeat for each additional port that you want to make preferred. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 98: Verifying Line Card And Spio Port Redundancy Auto-Recovery
A LAG can be formed by configuring: • Ports from the same QGLC • Ports from top-bottom QGLCs with port redundancy • Ports from side-by-side XGLCs ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 99: Lag And Master Port
LAG to switch to another XGLC or QGLC when a specified threshold is crossed. This works in a way similar to the auto-switch feature for port redundancy. LACP runs between the ASR 5000 and the Ethernet switch, exchanging relevant pieces on information, such as health status. -
Page 100: Multiple Switches With L2 Redundancy
For example, with two QGLCs connected to two different Ethernet switches configured as a top-bottom pair and all ports in the same LAG, failure of ports would not trigger a LAG switch until the active port number ratio flipped (more ports down than up). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 101: Port States For Auto-Switch
Ports are automatically switched from card x to card y when A(y) ? = 1, at least one port is in aggregated state on card y, and one of the following conditions is true (in order of precedence): • L(x) L(y) Less ports with link Up on card x than card y ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 102: Distribution Option
When XGLC ports are part of a LAG group, failure of a single port in the group will not result in data outage; the data will be rerouted through other available links. An individual port that is part of a LAG group does not constitute a SPOF. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 103: Qglc Link Aggregation
There is additional information on configuring ports and port redundancy in Configuring Line Card and SPIO Port Redundancy. Operation Link aggregation operates as a sublayer between the MAC client and the MAC layer. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 104: Xglc Link Aggregation
N must be in the range of [1...1023]. configure port ethernet slot#/port# link-aggregation master group N exit Link Aggregation Control Protocol (LACP) starts running only when the master port is enabled. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 105: Asr 5000 System Administration Guide, Staros Release 21.1
Corresponding ports on a QGLC or XGLC redundant pair cannot be active at the same time. Redundant ports share the same MAC address, so after a failover is resolved, the original port rejoins the LAG. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 106: Redundancy Options
• slot/port's partner must have an equal or higher in standard mode. • slot/port's partner bundle must have equal or higher bandwidth in standard mode. • Switching to slot/port must not violate preference within hold-time in standard mode. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 107: Link Aggregation Status
It is only supported for a limited number of products. Refer to the product Administration Guide for additional information. On an ASR 5000 one of the packet processing cards must be configured as a demux card in order for Important Bidirecitonal Forwarding Detection (BFD) to function. -
Page 108: Asr 5000 System Administration Guide, Staros Release 21.1
Notes: • slot_number is the location of the XGLC in the ASR 5000 chassis. The XGLC is a one-port card. You should also configure flow control at 6Gbps on the peer ports of all routers in your network that are connected to the ASR 5000. -
Page 109: Config Mode Lock Mechanisms
This is called an exclusive-lock. Once an exclusive-lock is granted to an administrator, no one else can access config mode for the duration of the session while the lock is held. The exclusive-lock is terminated only when the user holding the lock exits to Exec mode. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 110: Requesting An Exclusive-Lock
If configure lock force is successful, all users who have been forced to exit to Exec mode will see a warning message indicating that they were forced to exit from config mode: host_name [local] (config)# Warning: Administrator <username> has forced you to exit from configuration mode host_name [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 111: Effect Of Config Lock On Url Scripts
With -noconfirm enabled, since all the commands are also echoed to the screen, the warning message will likely scroll off the screen and may not be noticed. Important When StarOS first starts up, the Initial Boot Config File is always exclusively locked while loading. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 112: Saving A Configuration File
With this option StarOS displays the appropriate warning message, but does not wait for save configuration operations to complete before initiating the reboot. host_name reload ignore-locks -noconfirm [local] Warning: One or more other administrators are saving configuration Starting software 21.0... ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 113: Show Administrators Command
M Type Start Time ------------------------------ - ------- -------------- ------------------------ admin /dev/pts/2 Tue Mar 29 11:51:15 2016 Alice c admin /dev/pts/1 Mon Mar 28 14:41:15 2016 Carol admin /dev/pts/0 Mon Mar 28 14:40:52 2016 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 114: Asr 5000 System Administration Guide, Staros Release 21.1
Config Mode Lock Mechanisms show administrators Command ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 115: Management Settings
IIOP Transport Parameters, on page 88 Step 3 View your new ORBEM configuration by following the steps in Verifying ORBEM Parameters, on page 89 Step 4 Save the configuration as described in Verifying and Saving Your Configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 116: Configuring Orbem Client And Port Parameters
• If you are using the Secure Sockets Layer (SSL) option, do not enable the IIOP transport parameter. • You configure the ORBEM interface to use SSL by specifying a certificate and private key. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 117: Verifying Orbem Parameters
: 87950 usecs SNMP MIB Browser This section provides instructions to access the latest Cisco Starent MIB files using a MIB Browser. An updated MIB file accompanies every StarOS release. For assistance to set up an account and access files, please contact your Cisco sales or service representative for additional information. -
Page 118: Asr 5000 System Administration Guide, Staros Release 21.1
Use the following procedure to view the SNMP MIBs for a specific StarOS build : Step 1 Contact Cisco sales or a service representative, to obtain access to the MIB files for a specific StarOS release. Step 2 Download the compressed companion file to a folder on your desktop. The file name follows the convention: companion_xx.x.x.tgz... -
Page 119: Asr 5000 System Administration Guide, Staros Release 21.1
Important For information on SNMP MIBs changes for a specific release, refer to the SNMP MIB Changes in Release xx chapter of the appropriate version of the to the Release Change Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 120: Snmp Support
• The system contact is the name of the person to contact when traps are generated that indicate an error condition. • An snmp community string is a password that allows access to system management information bases (MIBs). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 121: Verifying Snmp Parameters
• The snmp user name is for SNMP v3 and is optional. There are numerous keyword options associated with this command. • Use the snmp mib command to enable other industry standard and Cisco MIBs. By default only the STARENT-MIB is enabled. -
Page 122: Controlling Snmp Trap Generation
If at a later time you wish to re-enable a trap that was previously suppressed, use the snmp trap enable command. Step 2 Save the configuration as described in Verifying and Saving Your Configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 123: Chapter 6 Verifying And Saving Your Configuration
|||||| vvvvvv Pool Name Start Address Mask/End Address Used Avail ----- ------------------ --------------- --------------- ---------------- PG00 ipsec 12.12.12.0 255.255.255.0 PG00 pool1 10.10.0.0 255.255.0.0 65534 SG00 vpnpool 192.168.1.250 192.168.1.254 Total Pool Count: 5 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 124: Service Configuration
This command displays errors it finds within the configuration. For example, if you have created a service named "service1", but entered it as "srv1" in another part of the configuration, the system displays this error. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 125: Synchronizing File Systems
Line Interface Reference. Do not use the "/" (forward slash), ":" (colon) or "@" (at sign) characters when entering a string for the Important following URL fields: directory, filename, username, password, host or port#. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 126: Asr 5000 System Administration Guide, Staros Release 21.1
Synchronizing File Systems, on page 97 To save a configuration file called system.cfg to a directory that was previously created called cfgfiles on the CompactFlash in the SMC, enter the following command: save configuration /flash/cfgfiles/system.cfg ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 127: Chapter 7 System Interfaces And Ports
In many cases, other commands and/or keyword options are available. Refer to the Command Line Interface Reference for complete information regarding all commands. To create a context, apply the following example configuration: configure context name ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 128: Viewing And Verifying Contexts
Commands that configure additional interface or port properties are described in the Ethernet Port Configuration Mode Commands and Ethernet Interface Configuration Mode Commands chapters of the Command Line Interface Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 129: Creating An Interface
• Optional: In the Ethernet Port configuration mode, add the preferred slot slot# command if line card port redundancy was enabled at the card level and you want to specify a port preference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 130: Configuring A Static Route For An Interface
UP (Bound to 5/11 untagged, ifIndex 285278209) IP Address: 192.168.100.3 Subnet Mask: 255.255.255.0 Bcast Address: 192.168.100.255 MTU: 1500 Resoln Type: ARP timeout: 3600 secs L3 monitor LC-port switchover: Disabled Number of Secondary Addresses: Total interface count: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 131: Atm Interfaces And Ports
The SS7 link can only be bound to the ATM port after the configuration for the SS7 routing domain has been completed as described in the 3G SGSN Configuration section of the SGSN Administration Guide. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 132: Enabling The Olc (Atm) Line Card
Configuring an ATM Port to Use an IP Interface Use the following example to configure an ATM port to use with an IP interface: configure port atm slot# port# no shutdown pvc vpi vpi_num vci vci_num ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 133: Configuring An Atm Port For An Ss7 Link
The output from these commands should look similar to that displayed in the following example. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 134: Frame Relay Interfaces And Ports
Verify the card, port and link configuration and status with the commands illustrated in the verification examples below. Step 6 Save the configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 135: Setting The Characteristics Of The Channelized Line Card
] ] ] dlci path path_id number_of_connections dlci dlci_id timeslot timeslot# no shutdown Binding a DLCI Use the following procedure to bind the data link connection identifier (DLCI) to the channelized (Frame Relay) port. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 136: Verifying The Frame Relay Interface Configuration And Status
The following display is only a partial output of the show command to illustrate the channelized port and DLCIs. host_name show port table [local] Port Type Admin Oper Link State Redundant With ---- ---------------------- -------- ---- ---- -------- -------------- ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 137: Asr 5000 System Administration Guide, Staros Release 21.1
System Interfaces and Ports Verifying the Frame Relay Interface Configuration and Status 27/1 STM1/OC3 Channelized Enabled None DLCI Enabled Active DLCI Enabled Down Active ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 138: Asr 5000 System Administration Guide, Staros Release 21.1
System Interfaces and Ports Verifying the Frame Relay Interface Configuration and Status ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 139: System Security
C H A P T E R System Security This chapter describes the security features supported on the ASR 5000 platform. • Per-Chassis Key Identifier, page 111 • Protection of Passwords, page 112 • Support for ICSR Configurations, page 114 •... -
Page 140: Chassis Synchronization
SMC. Protection of Passwords Users with privilege levels of Inspector and Operator cannot display decrypted passwords in the configuration file via the ASR 5x00 command line interface (CLI). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 141: Secure Password Encryption
The recommended process for changing the chassis key without causing a "lock-out" state is as follows: • Load the configuration file of the last good configuration using the previous chassis key. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 142: Support For Icsr Configurations
When an active-only intercept is configured, if a matching call is found, a security check is made for the LI address received from the authentication agent and the intercept configuration will be rejected. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 143: Modifying Intercepts
Whenever a user's privilege level is increased or decreased, an SNMP notification will be sent out. A malicious actor may gain access to more privileged commands by somehow promoting" their privileges. Once this is ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 144: User Access To Operating System Shell
CLI test-commands are intended for diagnostic use only. Access to these commands is not required during normal system operation. These commands are intended for use by Cisco TAC personnel only. Some of these commands can slow system performance, drop subscribers, and/or render the system inoperable. -
Page 145: Exec Mode Cli Test-Commands
Global Configuration mode. host_name config [local] host_name cli test-commands [encrypted] password password [local] (config)# Warning: Test commands enables internal testing and debugging commands USE OF THIS MODE MAY CAUSE SIGNIFICANT SERVICE INTERRUPTION ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 146: Asr 5000 System Administration Guide, Staros Release 21.1
System Security Configuration Mode cli test-commands An SNMP trap (starTestModeEntered) is generated whenever a user enters CLI test-commands mode. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 147: Software Management Operations
ASR 5000s. An XFS-formatted RAID disk is mounted on "/mnt/hd-raid". Users can gain access to part of it from either "/hd-raid" or "/mnt/user/hd-raid". Important For this release, local filesystem access is via the master SMC only. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 148: File Types Used By The Local File System
There is no CLI configuration file contained on the local file system. This causes the system to automatically start its CLI-based Quick Setup Wizard upon the first successful boot. Refer to Getting Started for more information on using the Quick Setup Wizard. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 149: Maintaining The Local File System
{ /flash | /pcmcia1 | /hd-raid } /src_filename { /flash | /pcmcia1 | /hd-raid } [local] /dst_filename [ -noconfirm ] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 150: Copying Files
CLI displays a "Directory not empty" message and will not execute. host_name rmdir url /dir_name [local] url specifies the location of the CLI configuration file to be removed. It may refer to a local or a remote file. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 151: Formatting Local Devices
The following command applies a pre-existing CLI configuration file named clearcmds.cfg in the /flash directory. host_name configure /flash/clearcmds.cfg [local] Viewing Files on the Local File System This section describes how to view a variety of files. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 152: Viewing The Contents Of A Local Device
{ /flash | /pcmcia1 | /hd-raid } /[directory]/filename [ all ] [local] The output of this command displays the following information: • Version number • Description • Date • Boot Image • Size • Flags ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 153: Configuring The Boot Stack
Viewing the Current Boot Stack To view the boot stack entries contained in the boot.sys file run the Exec mode show boot command. Important Operator and inspector-level users can execute the show boot command. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 154: Asr 5000 System Administration Guide, Staros Release 21.1
To identify the boot image priority that was loaded at the initial boot time enter: show boot initial-config The example below displays the output: host_name show boot initial-config [local] Initial (boot time) configuration: image_version image tftp://192.168.1.161/tftpboot/ .bin \ config_name config /flash/ .cfg priority 1 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 155: Adding A New Boot Stack Entry
Network Booting Configuration Requirements Configuring the Boot Interface Boot interface parameters define the SPIO management LAN interface that the system will use to communicate with the management network when using the network booting method. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 156: Configuring The Boot Network
The following command configures the boot network to communicate using DHCP, with a static-fallback IP address for SPIO in slot 24 of 192.168.206.101 and a Class C netmask. boot networkconfig dhcp-static-fallback ip address spio24 192.168.206.101 netmask 255.255.255.0 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 157: Configuring Boot Network Delay Time
Save the configuration as described in the Verifying and Saving Your Configuration chapter. Upgrading the Operating System Software The following information is required prior to performing a software upgrade: • Current operating system version • New operating system version • Upgrade method ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 158: Identifying Os Release Version And Build Number
/var/run/storage/flash/part1 31154688 1136352 30018336 /mnt/user/.auto/onboard/flash Note the "Available" blocks in the last line of the display. After displaying the directory information, the CLI returns to root and the following prompt appears: host_name [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 159: Download The Software Image From The Support Site
Download the Software Image from the Support Site Download the Software Image from the Support Site Access to the Cisco support site and download facility is username and password controlled. You must have an active customer account to access the site and download the StarOS image. -
Page 160: Preparing For A Software Downgrade
You must save the configuration prior to upgrading to release 12.2+. The general sequence for a software downgrade in this scenario is as follows: • Develop a downgrade plan with the assistance of Cisco support personnel. • Save the pre-12.2 configuration using the obsolete-encryption keyword in conjunction with the Exec mode save configuration command as shown in the example. -
Page 161: Downgrading From Release 20.0
There are two software upgrade methods used to add features, functionality, and correct known software defects. They are: • On-Line Software Upgrade, on page 134 • Off-line Software Upgrade, on page 140 A brief overview accompanies each upgrade procedure. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 162: On-Line Software Upgrade
• Verifying that an open boot priority is available in the boot stack. • Ensuring that the current local file system is synchronized. • Creating the new boot stack entry using the new operating system image, boot priority, and configuration file information. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 163: Stage 1 - Soft Busy-Out
While in global bypass mode, Line Card (LC) ports will be limited to the following services: • Respond to Ethernet ARP requests • Respond to ICMP echo requests • Session rejections or redirection The following list defines LC features or services that will be unavailable: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 164: Stage 3 - Management Card Upgrade
The overload policies and minimal system tasks continue running on the newly upgraded packet processing cards. The original active packet processing cards are then restarted, all at once, and upgraded to the new operating system software image. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 165: Stage 5 - Return System To Normal Operation
-rwxrwxr-x 1 root root 15534 Aug 2012 test_vlan.cfg -rwxrwxr-x 1 root root 2482 Nov 18 2011 gateway2.cfg 94844 /flash Filesystem 1k-blocks Used Available Use% Mounted on /dev/hda1 124778 94828 29950 76% /flash ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 166: Asr 5000 System Administration Guide, Staros Release 21.1
Enter the Service Configuration mode for the service to be configured by entering the following command: context_name host_name { pdsn-service | ha-service } service_name (config-ctx)# The following prompt appears: context_name host_name service_type (config- -service)# ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 167: Aborting An On-Line Software Upgrade
All system statistical counters will have been reset to zero. Aborting an On-line Software Upgrade Abort the on-line software upgrade process by entering the following command: host_name abort upgrade [-noconfirm] [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 168: Restoring The Previous (Pre-Online Upgrade) Software Image
Newcall policies are created on a per-service basis. If you have multiple services running on the chassis, Important you can configure multiple newcall policies. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 169: Configure A Message Of The Day Banner
This creates a mirror-image of the CLI configuration file linked to the operating system defined in the current boot stack entry. The following command example creates a backup copy of a file called general.cfg located on the /flash device to a file called general_3652.cfg: hcopost_name copy /flash/general.cfg /flash/general_3652.cfg [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 170: Create A New Boot Stack Entry
Reboot the chassis by entering the following command: host_name reload [-noconfirm] [local] As the system reboots, it loads the new operating system software image and its corresponding CLI configuration file using the new boot stack entry configured earlier. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 171: Verify The Running Software Version
A plugin has a name and one or more versions. All plugin names are known to the system at product release. For complete information on the Dynamic Software Update process, refer to the ADC Administration Guide. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 172: Managing License Keys
• Feature use licenses enable specific features/functionality within the system and are distributed based on the total number of sessions supported by the system. Installing New License Keys Use the instructions below to install a new license key. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 173: Cutting And Pasting The Key
Failure to save the new license key configuration in the current CLI configuration file will result in the loss of any of the new features enabled by the license key once the system is reloaded. Adding License Keys to Configuration Files License keys can be added to a new or existing configuration file. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 174: License Expiration Behavior
[local] Requesting License Keys License keys for the system can be obtained through your Cisco account representative. Specific information is required before a license key may be generated: • Sales Order or Purchase Order information • Desired session capacity •... -
Page 175: Viewing License Information
Failure to provide license key redundancy can result in the loss of session capacity and enhanced features should a failover or manual switchover occur. Instructions for the removal and installation of the CompactFlash on SMCs can be found in the ASR 5000 Installation Guide. -
Page 176: Configuring Local-User Password Properties
Local-user administrative user accounts could be configured to enforce or reject lockouts. Refer to the local-user username command in the Global Configuration Mode Commands chapter of the Command Line Interface Reference for details. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 177: Local-User Account Suspensions
All new passwords must adhere to the password properties configured for the system. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 178: Asr 5000 System Administration Guide, Staros Release 21.1
Software Management Operations Changing Local-User Passwords ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 179: Chapter 1 0 Monitoring The System
This section contains commands used to monitor the status of tasks, managers, applications and other software components in the system. Output descriptions for most of the commands are located in the Statistics and Counters Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 180: Asr 5000 System Administration Guide, Staros Release 21.1
Display SNMP Access Statistics View SNMP access statistics show snmp accesses Display SNMP Trap History View SNMP trap history show snmp trap history Display SNMP Trap Statistics View SNMP Trap Statistics show snmp trap statistics ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 181: Clearing Statistics And Counters
For output descriptions for most of the commands, refer to the Statistics and Counters Reference. The commands or keywords and variables are dependent on platform type, product version, and installed Important license(s). Some commands produce different outputs, depending on the platform type. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 182: Asr 5000 System Administration Guide, Staros Release 21.1
View runtime, or real time, information show card info slot_number View the LED Status of All Installed Cards Refer to the descriptions of card-level and system-level LEDs in the ASR 5000 Installation Guide for detailed information. Note View the LED status for all installed cards... -
Page 183: Asr 5000 System Administration Guide, Staros Release 21.1
View CPU usage information show cpu info [ graphs | verbose ] View Component Temperature Information View current component temperatures show temperature View maximum temperatures reached since last timestamp. show maximum-temperatures ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 184: Asr 5000 System Administration Guide, Staros Release 21.1
Monitoring the System Monitoring ASR 5000 Hardware Status ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 185: Bulk Statistics
The configuration example in this section defines basic operation of the bulk statistics feature. Use the following example configuration to set up the system to communicate with the statistic collection server: configure bulkstats mode schema name format format_string sample-interval time_interval transfer-interval xmit_time_interval limit mem_limit exit bulkstats collection ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 186: Configuring Optional Settings
Configuring a Separate Bulkstats Config File You can configure a separate destination file for storing the bulk statistics sub-mode configuration. Run the show configuration bulkstats command to confirm the configuration. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 187: Using Show Bulkstats Commands
Follow the instructions in this section to verify your bulk statistic settings. These instructions assume that you are at the root prompt for the Exec mode. Check your collection server communication and schema settings by entering the following Exec mode command: show bulkstats schemas ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 188: Saving Your Configuration
View pending bulk statistics data per schema by entering the following Exec mode command: show bulkstats data The above command also shows the statistics of remote files, if configured as described in Configuring Optional Settings, on page 158. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 189: Manually Gathering And Transferring Bulk Statistics
• Information: This type of statistic provides information, often intended to differentiate sets of statistics; for example, a VPN name or IP address. The type of information provided depends upon the data type. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 190: Data Types
Contains complete version information that can be used in the Information String header of the bulkstats file uptime The total uptime (in seconds) of the system that created the file. Information Int32 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 191: Asr 5000 System Administration Guide, Staros Release 21.1
The time (adjusted for the local timezone) that the collection file Information String was created in HHMMSS format where HH represents the hours, MM represents the minutes, and SS represents the seconds. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 192: Bulk Statistics Event Log Messages
"Unable to open url filename for storing bulkstats data" Receiver Write Error 31019 Warning "Unable to write to url filename while storing bulkstats data" Receiver Close Error 31020 Warning "Unable to close url filename while storing bulkstats data" ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 193: C H A P T E
There are five types of logs that can be configured and viewed on the system: Not all Event Logs can be configured on all products. Configurability depends on the hardware platform Important and licenses in use. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 194: System Logs
Intercept users (priv-level 15 and 13). Configuring Event Log Filters You can filter the contents of event logs at the Exec mode and Global Configuration mode levels. For additional information, see the Command Line Interface Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 195: Exec Mode Filtering
• enable – Enables logging for a specific instance or all instances. This keyword is only supported for aaamgr, hamgr and sessmgr facilities. By default logging is enabled for all instances of aaamgr, hamgr and sessmgr. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 196: Asr 5000 System Administration Guide, Staros Release 21.1
To restore default behavior you must re-enable logging of all instances (logging filter enable facility facility all). You can display the instance numbers for enabled instances per facility using the Exec mode show instance-logging command. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 197: Global Configuration Mode Filtering
Use the following example to configure syslog servers: configure context local logging syslog ip_address Notes: • ip_address specifies the IP address of a system log server on the network in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 198: Configuring Active Logs
Specifying Facilities The actual facilities available for logging vary by platform type, StarOS version and installed product Important licenses. The following facilities can be configured for logging event data: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 199: Asr 5000 System Administration Guide, Staros Release 21.1
• cli: Command Line Interface (CLI) logging facility • cmp: Certificate Management Protocol (IPSec) logging facility • confdmgr: ConfD Manager proclet (NETCONF) logging facility • connectedapps: SecGW ASR 9000 oneP communication procotol ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 200: Asr 5000 System Administration Guide, Staros Release 21.1
• eap-sta-s6a-s13-s6b-diameter: EAP/STA/S6A/S13/S6B Diameter messages facility • ecs-css: ACSMGR <-> Session Manager Signalling Interface facility • egtpc: eGTP-C logging facility • egtpmgr: enhanced GPRS Tunneling Protocol (eGTP) manager logging facility • egtpu: eGTP-U logging facility ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 201: Asr 5000 System Administration Guide, Staros Release 21.1
• henbgw-pws: HENB-GW Public Warning System logging facility (Do not use this keyword for HENB-GW in Release 20) • henbgw-sctp-acs: HENB-GW access Stream Control Transmission Protocol (SCTP) facility (Do not use this keyword for HENB-GW in Release 20) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 202: Asr 5000 System Administration Guide, Staros Release 21.1
• lcs: Location Services (LCS) logging facility • ldap: Lightweight Directory Access Protocol (LDAP) messages logging facility • li: Refer to the Lawful Intercept Configuration Guide for a description of this command. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 203: Asr 5000 System Administration Guide, Staros Release 21.1
• nas: Non-Access Stratum (NAS) protocol logging facility [MME 4G] • netwstrg: Network Storage facility • npuctrl: Network Processor Unit Control facility • npudrv: Network Processor Unit Driver facility [ASR 5500 only] • npumgr: Network Processor Unit Manager facility ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 204: Asr 5000 System Administration Guide, Staros Release 21.1
• radius-coa: RADIUS change of authorization and radius disconnect • ranap: Radio Access Network Application Part (RANAP) Protocol facility logging info flow between SGSN and RNS (3G) • rct: Recovery Control Task logging facility ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 205: Asr 5000 System Administration Guide, Staros Release 21.1
• sgsn-mbms-bearer: SGSN Multimedia Broadcast/Multicast Service (MBMS) Bearer app (SMGR) logging facility • sgsn-misc: Used by stack manager to log binding and removing between layers • sgsn-system: SGSN System Components logging facility (used infrequently) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 206: Asr 5000 System Administration Guide, Staros Release 21.1
• user-data: User data logging facility • user-l3tunnel: User Layer 3 tunnel logging facility • usertcp-stack: User TCP Stack • vim: Voice Instant Messaging (VIM) logging facility • vinfo: VINFO logging facility ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 207: Configuring Trace Logging
Therefore, they should be terminated immediately after the required monitoring period. This section provides instructions for enabling and disabling monitor logs. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 208: Enabling Monitor Logs
LS L2 filter drop rate Displays the percentage of logging source (LS) layer 2 (L2) event drops. Abnormal Log Source Statistics Displays abnormal logging source (LS) statistics, if any. Runtime Logging Buffer Statistics ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 209: Viewing Event Logs Using The Cli
This information can be maintained in system memory or it can be transferred and stored on a network server. The system supports the generation of the following two types of logs: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 210: Crash Logging Architecture
Additions to the count use the timestamp for the first time the event happened. Configuring Software Crash Log Destinations The system can be configured to store software crash log information to any of the following locations: • On the ASR 5000: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 211: Viewing Abridged Crash Log Information Using The Cli
You can view abridged crash information that is stored as a set of event records in flash memory on management cards (/flash/crashlog2). Each crash event record has an associated dump file (minicore, NPU or kernel) that can also be displayed (/flash/crsh2) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 212: Asr 5000 System Administration Guide, Staros Release 21.1
• Recent heap activity (oldest first) • Recent events (oldest first) • Profile depth The informational content of each crash log entry varies based on the type of crash and the StarOS release. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 213: Reducing Excessive Event Logging
Use the following example to configure syslog servers: configure [ default ] threshold ls-logs-volume upper_percent [ clear lower_percent ] [ default ] threshold poll ls-logs-volume interval duration [ no ] threshold monitoring ls-logs-volume Notes: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 214: Checkpointing Logs
[ until to_date_time ] ] [ | { grep grep_options | more } ] For detailed information on the save logs command, see the Exec Mode Commands chapter in the Command Line Interface Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 215: Event Id Overview
Access Service Network (ASN) Gateway Manager Facility 100000-100499 asnpcmgr ASN Paging/Location-Registry Manager Facility 100500-100999 bcmcs Broadcast/Multicast Service (BCMCS) Facility 109000-109999 Bidirectional Forwarding Detection (BFD) Protocol Facility 170500-170999 Border Gateway Protocol (BGP) Facility 85000-85999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 216: Asr 5000 System Administration Guide, Staros Release 21.1
Diameter Endpoint Facility 92000-92599 diabase Diabase Message Facility 92800-92809 diameter-acct Diameter Accounting Protocol Facility 112000-112999 diameter-auth Diameter Authentication Protocol Facility 111000-111999 diameter-dns Diameter DNS Subsystem Facility 92600-92699 diameter-ecs ECS Diameter Signaling Facility 81990-81999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 217: Asr 5000 System Administration Guide, Staros Release 21.1
GTPP Storage Server GCDR Facility 98000-98099 gtpc GTPC Protocol Facility 47000-47999 gtpcmgr GTPC Signaling Demultiplexer Manager Facility 46000-46999 gtpp GTP-PRIME Protocol Facility 52000-52999 gtpu GTPU Protocol Facility 45000-45999 gtpumgr GTPU Manager Facility 157200-157999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 218: Asr 5000 System Administration Guide, Staros Release 21.1
IPSec Protocol Facility 55000-56998 ipsg IP Services Gateway (IPSG) Facility 128000-128999 ipsgmgr IPSG Manager (IPSGMgr) Facility 99000-99999 ipsp IP Pool Sharing Protocol (IPSP) Facility 68000-68999 kvstore Key/Value Store (KVSTORE) Facility 125000-125999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 219: Asr 5000 System Administration Guide, Staros Release 21.1
Multiprotocol Label Switching (MPLS) Facility 163500-163999 mseg-app Mobile Services Edge Gateway (MSEG) Application Facility 172300-172999 Not supported in this release. mseg-gtpc MSEG GTPC Application Facility 172000-172199 Not supported in this release. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 220: Asr 5000 System Administration Guide, Staros Release 21.1
Open Shortest Path First (OSPF) Protocol Facility 38000-38999 ospfv3 OSPFv3 Protocol Facility [IPv6] 150000-150999 Peer-to-Peer (P2P) Facility 146000-146999 pccmgr Policy Charging and Control (PCC) Manager Facility 159000-159499 Packet Data Gateway (PDG) Facility 152010-152999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 221: Asr 5000 System Administration Guide, Staros Release 21.1
Signalling Connection Control Part (SCCP) Protocol Facility 86700-86899 [SS7] Shared Configuration Task (SCT) Facility 32000-32099 sctp Stream Control Transmission Protocol (SCTP) Protocol Facility 87300-87499 sess-gr SESS-GR Facility 77600-77999 sessctrl Session Controller Facility 8000-8999 sessmgr Session Manager Facility 10000-12999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 222: Asr 5000 System Administration Guide, Staros Release 21.1
SSCFNNI Protocol Facility [ATM] 115500-115599 sscop SSCOP Protocol Facility [ATM] 115400-115499 ssh-ipsec SSH IP Security Facility 56999-56999 SSL Facility (this is a customer-specific facility) 156200-157199 stat Statistics Facility 31000-31999 system System Facility 1000-1999 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 223: Event Severities
• warning: Logs events that may indicate a potential problem. This level also logs events with a higher severity level. • unusual: Logs events that are very unusual and may need to be investigated. This level also logs events with a higher severity level. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 224: Understanding Event Id Information In Logged Output
Indicates that the event was generated because of system operation. CLI session ended for Security Administrator The event's details. Event details may, or may not include admin on device /dev/pts/2 variables that are specific to the occurrence of the event. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 225: Troubleshooting
This chapter provides information and instructions for using the system command line interface (CLI) for troubleshooting any issues that may arise during system operation. Refer to the ASR 5000 Installation Guide for comprehensive descriptions of the hardware components addressed by these troubleshooting procedures. -
Page 226: Using The Cli To View Status Leds
Figure 12: PFU LED Location The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information below to diagnose the problem. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 227: Checking The Leds On The Smc
PFU is not functional. Please contact your service representative. Checking the LEDs on the SMC Each SMC is equipped with the following LEDs as shown in the accompanying figure: • Run/Fail • Active • Standby • Status • Service ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 228: Smc Run/Fail Led States
The SMC Run/Fail LED indicates the overall status of the card. This LED should be green for normal operation. The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 229: Smc Active Led States
Verify that the power source is supplying ample voltage and current to the chassis. Verify that the card is properly installed per the instructions in the ASR 5000 Installation Guide. If all of the above suggestions have been verified, it is possible that the SMC is not functional. -
Page 230: Smc Standby Led States
POST test results are positive. If it is off, the card is not receiving power. Check the state of the Active LED. If it is green, the card is in active mode. Card is in Active Mode. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 231: Smc Status Led States
Monitoring the System for show commands, the outputs of which will assist in PFU outage etc.). further determining the problem. System Logs for information on how to view logs. The SNMP MIB Reference for information on associated status and alarm conditions. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 232: Smc Busy Led States
Checking the LEDs on the Packet Processing Cards The ASR 5000 supports a variety of packet processing cards (PSCn and PPC). For detailed information about the types of cards and their applications, refer to the ASR 5000 Installation Guide. -
Page 233: Packet Processing Card Run/Fail Led States
The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 234: Packet Processing Card Active Led States
Green Card is active. The first time power is applied to the system, all of the packet processing cards should be booted into the standby mode. Therefore, this LED should be off. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 235: Packet Processing Card Standby Led States
POST test results are positive. If it is off, the card is not receiving power. Check the state of the Active LED. If it is green, the card is in active mode. Card in Active Mode. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 236: Checking The Leds On The Spio
The SPIO Run/Fail LED indicates the overall status of the card. This LED should be green for normal operation. The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 237: Spio Active Led States
Verify that the power source is supplying ample voltage and current to the chassis. Verify that the card is properly installed per the instructions in the ASR 5000 Installation Guide. If all of the above suggestions have been verified, it is possible that the SPIO is not functional. -
Page 238: Spio Standby Led States
Color Description Troubleshooting Green Link is up. None needed. NOTE: This LED will not indicate the presence of a network link until the interface parameters are set during the software configuration process. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 239: Spio Interface - Activity Led States
Checking the LEDs on Ethernet Line Cards The ASR 5000 can be equipped with a variety of Ethernet line cards that support subscriber traffic. For detailed information about the types of line cards and their applications, refer to the ASR 5000 Installation Guide The following line cards are currently supported on the ASR 5000: •... -
Page 240: Ethernet Line Card Run/Fail Led States
The Active LEDs on the Ethernet line cards indicate that the operating software is loaded on the card and that the card is ready for operation. QGLCs and XGLCs only work in an ASR 5000 behind specific types of packet processing cards. Refer Important to the ASR 5000 Installation Guide for details. -
Page 241: Ethernet Line Card Standby Led States
If green for line cards installed in slots 17 through 23 and 26 through 32, refer to Monitoring the System for information on determining the status of the line card and system software processes. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 242: Ethernet Line Card Interface - Link Led States
The possible states for this LED are described in the following table. If the LED is not green, use the troubleshooting information in the table to diagnose the problem. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 243: Checking The Leds On The Rcc
The possible states for all of the RCC LEDs are described in the sections that follow. RCC Run/Fail LED States The Run/Fail LED indicates the overall status of the card. This LED should be green for normal operation. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 244: Rcc Active Led States
POST test results are positive. If it is off, the card is not receiving power. Check the state of the Standby LED. If it is green, the card is in standby mode. Card is in Standby Mode. This is the normal operating mode. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 245: Rcc Standby Led States
Taking Corrective Action In the event that an issue was discovered with an installed application or line card, depending on the severity, it may be necessary to take corrective action. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 246: Manually Initiating A Management Card Switchover
Redundancy Crossbar Cards (RCCs) will provide a path for signalling and data traffic between the line card and the now active packet processing card. Therefore, redundant packet processing cards do not require that line cards be installed behind them. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 247: Manually Initiating A Line Card Or Spio Switchover
These instructions assume you are at the root prompt for the Exec mode:. Step 1 Initiate a manual line card or SPIO migration by entering the following command: host_name card switch from slot# to slot# [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 248: Halting Cards
Check the entry in the Oper State column next to the line card that was just halted. Its state should be Offline. If the card was in active mode prior to the execution of this command, the state of the redundant component associated with it should now be Active. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 249: Restoring A Previously Halted Card
| src_host_ipv4_address } ] [ vrf vrf_nam ] ping6 host_ipv6_address [ count num_packets [ flood ][ pattern packet_pattern ] [ size octet_count ] [ src { src_host_name | src_host_ipv6_address } ] [ vrf vrf_nam ] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 250: Troubleshooting
For a complete description of the above command, see the Exec Mode Commands chapter of the Command Line Interface Reference. The following displays a sample output. traceroute to 192.168.250.1 (192.168.250.1), 30 hops max, 40 byte packets 192.168.250.1 (192.168.250.1) 0.446 ms 0.235 ms 0.178 ms ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 251: Traceroute6 - Ipv6 Syntax
However, the NPU still retains all of the ARP entries so that there is no traffic disruption. From a user point of view, show ip arp is broken since this command gathers information from the kernel and not the NPU. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 252: Using The System Diagnostic Utilities
Invoke the protocol monitor from the Exec mode by entering the monitor protocol command. host_name monitor protocol [local] An output listing all the currently available protocols, each with an assigned number, is displayed. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 253: Using The Protocol Monitor For A Specific Subscriber
{ callid | imei | imsi | ipaddr | ipv6addr | msid | msisdn | next-call | pcf | [local] peer-fa | peer-lac | sgsn-address | type | username } ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 254: Asr 5000 System Administration Guide, Staros Release 21.1
PPP Tx PDU (26) IPCP 26: Conf-Rej(1), IP-Comp VJ-Comp, Pri-DNS=0.0.0.0, Sec-DNS=0.0.0.0 INBOUND>>>>> 10:02:35:517 Eventid:25000(0) PPP Rx PDU (12) IPCP 12: Conf-Ack(1), IP-Addr=192.168.250.70 INBOUND>>>>> 10:02:35:518 Eventid:25000(0) PPP Rx PDU (31) LCP 31: Prot-Rej(1), Rejected-Protocol=CCP (0x80fd) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 255: Generating An Ssd
There are optional keywords to the show support details command that can target the SSD to only report specific type of information. These keywords can reduce the amount of time required to generate the SSD/ ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 256: Configuring And Using The Support Data Collector
Technical Assistance Center (TAC) personnel and local administrators can review the SDRs on-line or by transferring them off the system. They may also wish to investigate the collector state information. Refer to the Support Data Collector chapter for a complete description of SDC functionality. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 257: Chapter 1 4 Access Control Lists
Once configured, an ACL can be applied to any of the following: • An individual interface • All traffic facilitated by a context (known as a policy ACL) • An individual subscriber • All subscriber sessions facilitated by a specific context ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 258: Understanding Acls
APN for UMTS subscribers. Criteria Each ACL consists of one or more rules specifying the criteria that packets will be compared against. The following criteria are supported: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 259: Asr 5000 System Administration Guide, Staros Release 21.1
• UDP: The rule applies to any User Datagram Protocol (UDP) traffic and could be filtered on any combination of source/destination IP addresses, a specific port number, or a group of port numbers. UDP port numbers definitions can be found at www.iana.org. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 260: Rule Order
For additional information refer to the Verifying and Saving Your Configuration chapter. Creating ACLs To create an ACL, enter the following command sequence from the Exec mode of the system CLI: configure context acl_ctxt_name [ -noconfirm ] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 261: Configuring Action And Criteria For Subscriber Traffic
The default action is to "permit all". To modify the default behavior for unidentified ACLs, use the following configuration: configure context acl_ctxt_name [-noconfirm] access-list undefined { deny-all | permit-all } Notes: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 262: Verifying The Acl Configuration
ACLs must be configured in the same context in which the subscribers and/or interfaces to which they Important are to be applied. Similarly, ACLs to be applied to a context must be configured in that context. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 263: Asr 5000 System Administration Guide, Staros Release 21.1
A context ACL (policy ACL) configured in the Source Context is applied prior to forwarding. An outbound ACL configured on the interface in the Source Context through which the packet is being forwarded, is applied to the tunneled data (such as the outer IP header). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 264: Applying The Acl To An Interface
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 265: Verifying The Acl Configuration On An Interface
• The context-level ACL is applied to outgoing packets. This applies to incoming packets also if the flow match criteria fails and forwarded again. The in and out keywords are deprecated and are only present for backward compatibility. Context ACL will be applied in the following cases: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 266: Applying An Acl To All Traffic Within A Context
ACL(s) was/were applied. The output of this command displays the configuration of the entire context. Examine the output for the commands pertaining to interface configuration. The commands display the ACL(s) applied using this procedure. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 267: Applying An Acl To A Radius-Based Subscriber
Save your configuration to flash memory, an external memory device, and/or a network location using the Exec mode save configuration command. For additional information refer to the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 268: Applying An Acl To An Individual Subscriber
ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 269: Applying An Acl To The Subscriber Named Default
{ ip | ipv6 } access-group acl_list_name [ in | out ] Notes: • The context name is the name of the ACL context containing the interface to which the ACL is to be applied. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 270: Verifying The Acl Configuration To The Subscriber Named Default
Applying an ACL to Service-specified Default Subscriber This section provides information and instructions for applying an ACL to the subscriber to be used as the "default" profile by various system services. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 271: Applying An Acl To Service-Specified Default Subscriber
Verifying the ACL Configuration to Service-specified Default Subscriber To verify the ACL configuration. Verify that your ACL lists were applied properly by entering the following command in Exec Mode: host_name show configuration context context_name [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 272: Applying A Single Acl To Multiple Subscribers
NOTE: The profile for the subscriber named default is not used to provide missing information for subscribers configured locally. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 273: Applying An Acl To Multiple Subscriber Via Apns
To reduce configuration time, ACLs can alternatively be applied to APN templates for GGSN subscribers. When configured, any subscriber packets facilitated by the APN template would then have the associated ACL applied. This section provides information and instructions for applying an ACL to an APN template. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 274: Verifying The Acl Configuration To Apns
ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 275: Chapter 1 5 Congestion Control
• Service Congestion Policies: Congestion policies are configurable for each service. These policies dictate how services respond when the system detects that a congestion condition threshold has been crossed. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 276: Configuring Congestion Control
If a threshold level is not specified, the default is critical. Currently, major and minor thresholds are only supported for the MME. The congestion-action-profile command under lte-policy defines the action to be taken when thresholds are exceeded. See Global Configuration ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 277: Configuring Service Congestion Policies
To create a congestion control policy with overload reporting, apply the following example configuration: configure congestion-control policy mme-service action report-overload reject-new-sessions enodeb-percentage percentage Notes: • Other overload actions include permit-emergency-sessions and reject-non-emergency-sessions. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 278: Enabling Congestion Control Redirect Overload Policy
During periods of heavy system load, it may be necessary to disconnect subscribers in order to maintain an acceptable level of system performance. You can establish thresholds to select subscribers to disconnect based on the length of time that a call has been connected or inactive. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 279: Asr 5000 System Administration Guide, Staros Release 21.1
To disable the overload disconnect feature for this subscriber, use the following configuration example: configure context context_name subscriber subscriber_name no overload-disconnect { [threshold inactivity-time] | [threshold connect-time] } ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 280: Asr 5000 System Administration Guide, Staros Release 21.1
Congestion Control Enabling Congestion Control Redirect Overload Policy ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 281: Chapter 1 6 Routing
Autonomous System (AS) paths. • Route Maps – Route-maps provide detailed control over routes during route selection or route advertisement by a routing protocol, and in route redistribution between routing protocols. For this level ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 282: Creating Ip Prefix Lists
Use the following procedure to create an AS Path Access List: config context context_name ip as-path access-list list_name [ { deny | permit } reg_expr ] Notes: • Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 283: Creating Route Maps
• Name of the interface in the current context that the route must use • Next hop IP address On the ASR 5000, static routes with IPv6 prefix lengths less than /12 and between the range of /64 and Important /128 are not supported. -
Page 284: Adding Static Routes To A Context
It also describes how to enable the base OSPF functionality and lists the commands that are available for more complex configurations. You must purchase and install a license key before you can use this feature. Contact your Cisco account representative for more information on licenses. -
Page 285: Ospf Version 2 Overview
On the ASR 5000, OPSF routes with IPv6 prefix lengths less than /12 and between the range of /64 and Important /128 are not supported. -
Page 286: Basic Ospfv2 Configuration
OSPF areas. This is an optional configuration. config context context_name router ospf redistribute { connected | static } Notes: • Save your configuration as described in the Verifying and Saving Your Configuration chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 287: Confirming Ospf Configuration Parameters
It also describes how to enable the base OSPFv3 functionality and lists the commands that are available for more complex configurations. Important On the ASR 5000, OPSFv3 routes with IPv6 prefix lengths less than /12 and between the range of /64 and /128 are not supported. OSPFv3 Overview Much of OSPF version 3 is the same as OSPF version 2. -
Page 288: Enabling Ospfv6 Over A Specific Interface
ECMP can be used in conjunction with most routing protocols, since it is a per-hop decision that is limited to a single router. It potentially offers substantial increases in bandwidth by load-balancing traffic over multiple paths ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 289: Bgp-4 Routing
BGP. BGP-4 also allows the aggregation of routes, including the aggregation of AS paths. On the ASR 5000, BGP routes with IPv6 prefix lengths less than /12 and between the range of /64 and Important /128 are not supported. -
Page 290: Configuring Bgp
{ bgp | connected | static } [ metric metric_value ] [ metric-type { 1 | 2 } ] [ route-map route_map_name ] Notes: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 291: Bgp Communities And Extended Communities
Command Line Interface Reference. Multiple community-list entries can be attached to a community-list by adding multiple permit or deny clauses for various community strings. Up to 64 community-lists can be configured in a context. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 292: Setting The Community Attribute
Multiple extended community-list entries can be attached to an extended community-list by adding multiple permit or deny clauses for various extended community strings. Up to 64 extended community-lists can be configured in a context. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 293: Setting The Extended Community Attribute
An SRP Configuration mode command enables advertising BGP routes from an ICSR chassis in standby state. This command and its keywords allow an operator to take advantage of faster network convergence accrued ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 294: Configurable Bgp Route Advertisement Interval For Icsr
The following table lists the BGP Configuration mode CLI commands that support the configuration of various BGP parameters. For additional information, refer to the BGP Configuration Mode Commands chapter of the Command Line Interface Reference ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 295: Asr 5000 System Administration Guide, Staros Release 21.1
VRF. This maximum-paths { ebgp max_num | ibgp max_num Enables forwarding packets over multiple paths and specifies the maximum number of external BGP (eBGP) or internal BGP (iBGP) paths between neighbors. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 296: Confirming Bgp Configuration Parameters
BFD establishes a session between two endpoints over a particular link. If more than one link exists between two systems, multiple BFD sessions may be established to monitor each one of ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 297: Overview Of Bfd Support
This function is used to test the forwarding path on the remote system. The system supports BFD in asynchronous mode with optional Echo capability via static or BGP routing. On an ASR 5000 one of the packet processing cards must be configured as a demux card in order for BFD Important to function. -
Page 298: Configuring A Bfd Context
[ bfd echo ] exit Configure BFD static route. ipv6 route static bfd if_name ipv6_gw_address Add static routes. ipv6 route ipv6_address ipv6_mask ipv6 route ipv6_address ipv6_mask ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 299: Configuring Bfd For Single Hop
Enable BFD on an OSPF Neighbor. For additional information, see Associating OSPF Neighbors with the Context, on page 272. On the ASR 5000, routes with IPv6 prefix lengths less than /12 and between the range of /64 and /128 are Important not supported. Configuring Multihop BFD Enable BFD on an interface. -
Page 300: Scaling Of Bfd
Notes: • Repeat the sequence to add neighbors. Associating BFD Neighbor Groups with the BFD Protocol config context context_name bfd-protocol bfd nbr-group-name grp_name active-if-name if_name nexthop_address bfd nbr-group-name grp_name passive-if-name if_name nexthop_address ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 301: Enabling Bfd On Ospf Interfaces
BGP routes from a Standby ICSR chassis. The overall goal is to support more aggressive failure detection and recovery in an ICSR configuration when implementing of VoLTE. You must configure the following features for chassis-to-chassis BFD monitoring in ICSR configurations: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 302: Enable Primary Chassis Bfd Monitoring
(post ICSR switchover) while the network is still converging. ◦damping-period – configures a delay time to trigger an ICSR switchover due to a monitoring failure within the guard-period. ◦guard-period – configures the local-failure-recovery network-convergence timer. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 303: Enable Bfd Multihop Fall-Over
] [ precedence precedence ] [ vrf vrf_name [ cost value ] [ fall-over bfd multihop mhsess_name ] [ precedence precedence ] + The ip route command now also allows you to add a static multihop BFD route. ip route static multihop bfd mhbfd_sess_name local_endpt_ipaddr remote_endpt_ipaddr ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 304: Ip Routev6 Command
BFD Support for Link Aggregation Member Links Member-link based BFD detects individual link failures faster than LACP and reduces the overall session/traffic down period as a result of single member link failure. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 305: Overview
Important with RFC 7130. Configuring Support for BFD Linkagg Member-links The bfd linkagg-peer command enables member-link BFD and configures the BFD link aggregation (linkagg) session values [RFC 7130]. configure context context_name bfd-protocol ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 306: Saving The Configuration
[local] "*" indicates the Best or Used route. Destination Nexthop Protocol Prec Cost Interface *44.44.44.0/24 208.230.231.50 static local1 *192.168.82.0/24 0.0.0.0 connected *192.168.83.0/24 0.0.0.0 connected 208.230.231.0/24 0.0.0.0 ospf local1 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 307: Asr 5000 System Administration Guide, Staros Release 21.1
Routing Viewing Routing Information *208.230.231.0/24 0.0.0.0 connected local1 Total route count: 5 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 308: Asr 5000 System Administration Guide, Staros Release 21.1
Routing Viewing Routing Information ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 309: Vlans
VLANs. You should select the configuration example that best meets your service model before using the procedures described below. VLAN – Layer 2 Traffic Management is a Cisco feature that requires a separate license. Contact your Important Cisco account representative for detailed information on specific licensing requirements. -
Page 310: Overlapping Ip Address Pool Support - Ggsn
APN Support – PDN Gateway (P-GW) P-GW Access Point Name (APN) supports extensive parameter configuration flexibility for the APN. VLAN tagging may be selected by the APN, but are configured in the P-GW independently from the APN. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 311: Creating Vlan Tags
Logical ifIndex : 285278209 Operational State : Up, Active Tagged VLAN: VID 10 Logical ifIndex : 285278210 VLAN Type : Subscriber VLAN Priority Administrative State : Enabled Operational State : Up, Active ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 312: Configuring Subscriber Vlan Associations
These instructions assume that you have already configured subscriber-type VLAN tags according to the Important instructions provided in Creating VLAN Tags, on page 283 config context context_name subscriber name user_name ip vlan vlan_id ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 313: Verify The Subscriber Profile Configuration
Context Configuration Mode Advertises overlap-pool addresses in ip routing overlap-pool dynamic routing protocols when overlap pools are configured using VLAN IDs. When enabled, the overlap addresses are added as interface addresses and advertised. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 314: Asr 5000 System Administration Guide, Staros Release 21.1
ID with a context. Table 41: VLAN-Related Monitoring Commands CLI Mode Command Description Exec Mode clear port slot/port vlan vlan_id Clears NPU statistics for the port that has a previously configured VLAN ID. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 315: Asr 5000 System Administration Guide, Staros Release 21.1
Exec Mode show logical-port utilization table vlan Displays VLAN utilization for a specified {5-minute|hourly} collection interval. Exec Mode show port info slot/port vlan vlan_id Displays NPU counters for a previously configured VLAN ID. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 316: Asr 5000 System Administration Guide, Staros Release 21.1
VLANs VLAN-Related CLI Commands ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 317: Bgp Mpls Vpns
Multi-Protocol Label Switching (MPLS) Virtual Private Networks (VPNs). Important MPLS is a licensed Cisco feature that requires a separate license. Contact your Cisco account representative for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of Software Management Operations. -
Page 318: Mpls-Ce Connected To Pe
Label Distribution Protocol (LDP) and Resource Reservation Protocol (RSVP) are not required because of direct-connect EBGP peering. The MPLS-CE in this scenario pushes/pops a single label (learned over the MP-eBGP connection) to/from the PE. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 319: Asr 5X00 As A Pe
In this example, VRFs are configured on the ASR 5x00 PE and pools are associated with VRFs. The ASR 5x00 exchanges VPN routes with its IBGP peers (PE routers) and learns the MPLS paths to reach PEs via ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 320: Asr 5000 System Administration Guide, Staros Release 21.1
192.168.107.20 send-community both neighbor 192.168.107.20 next-hop-self exit address-family ipv4 vrf vrf1 redistribute connected exit address-family ipv4 vrf vrf2 redistribute connected exit interface interface_to_internet ip address 192.168.109.65/24 mpls ip exit router ospf ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 321: Ipv6 Support For Bgp Mpls Vpns
Support for VPN-IPv6 assumes the following: • Dual Stack (IPv4/IPv6) routing • IPv6 pools in VRFs • BGP peering over a directly connected IPv4 interface See the figure below. Figure 22: IPv6-RD Support for VPNv6 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 322: Sample Configuration
1.52.53.54 255.255.255.255 exit interface vrf2-loop loopback ip vrf forwarding vrf2 ip address 2.52.53.54 255.255.255.255 exit interface vrf2-v6loop loopback ip vrf forwarding vrf2 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 323: Asr 5000 System Administration Guide, Staros Release 21.1
1 chap 2 allow-noauth ip context-name Gi_ce ip address pool name vrf2-pool ipv6 address prefix-pool vrf2-v6pool exit apn apple51.com selection-mode sent-by-ms ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 324: Vpn-Related Cli Commands
This command enables sending of BGP routes with extended community to a neighbor. BGP Address-Family (VRF) neighbor ip_address activate Enables the exchange of routing Configuration Mode information with a peer router. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 325: Asr 5000 System Administration Guide, Staros Release 21.1
MPLS labels to be added to packets sent for subscribers from this pool. Context Configuration Mode ip vrf vrf_name Creates a VRF and assigns a VRF-ID. A VRF is created in the router. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 326: Asr 5000 System Administration Guide, Staros Release 21.1
Clears BGP sessions. Exec Mode lsp-ping ip_prefix_FEC Checks MPLS Label-Switched Path (LSP) connectivity for the specified forwarding equivalence class (FEC). It must be followed by an IPv4 or IPv6 FEC prefix. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 327: Asr 5000 System Administration Guide, Staros Release 21.1
Enables Label Distribution Protocol (LDP). MPLS-LDP Configuration Mode router-id ip_address Configures the LDP Router ID. MPLS-LDP Configuration Mode Configures the LDP session session timers { hold-interval seconds | keepalive-interval parameters. seconds } ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 328: Asr 5000 System Administration Guide, Staros Release 21.1
Map (ILM) table information. Exec Mode show Commands show mpls ldp Displays the MPLS LDP information. Exec Mode show Commands show mpls Displays MPLS Next-Hop Label nexthop-label-forwarding-entry Forwarding Entry (NHLFE) table information. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 329: Chapter 1 9 Content Service Steering
Internal CSS is a generic feature, if an ECSv2 license is installed on your system, internal CSS can be Important enabled. A separate license is not required to enable internal CSS. Contact your local Cisco account representative for information on how to obtain a license. -
Page 330: Configuring Internal Content Service Steering
• service_name must be an ACL service name. • For information on the keywords and options available with the redirect css service command, see the ACL Configuration Mode Commands chapter in the Command Line Interface Reference. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 331: Applying An Acl To An Individual Subscriber (Optional)
For information on how to apply an ACL to multiple subscribers via APNs, refer to the Applying a Single ACL to Multiple Subscribers via APNs section in the Access Control Lists chapter. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 332: Asr 5000 System Administration Guide, Staros Release 21.1
Content Service Steering Applying an ACL to Multiple Subscribers via APNs (Optional) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 333: Chapter 2 0 System Recovery
The boot recovery command line interface allows you to specify from which boot image you would like to boot the system. If the system failed to reload following a software update, you can initiate a boot from a previously stored image. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 334: Accessing The Boot Cli
.bin config: /flash/system.cfg Entry at 0x000000000cba45e0 Press CTRL+C at this point in the sequence. A message similar to the following appears after the boot process has been interrupted: *******9/0 Ctrl-C Pressed------------------------------------------------------- Failed. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 335: Enter Cli Mode
Starting program at 0x0000000000100000 Starent Networks ASR5x00 Intelligent Mobile Gateway management_card is starting up......image_version_number Starting software No configuration found, press enter to continue. 1. Do you wish to continue with the Quick Setup Wizard[yes/no]: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 336: Boot Using A Specified Configuration File
8/0:cli>boot -config=/flash/system.cfg /flash/image_filename.bin The boot sequence ends with the appearance of the CLI prompt. host_name [local] Confirm that the desired configuration has loaded by running the Exec mode show configuration command. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 337: Chapter 2 1 Session Recovery
This chapter describes the Session Recovery feature that provides seamless failover and reconstruction of subscriber session information in the event of a hardware or software fault. Session Recovery is a licensed Cisco feature. A separate feature license may be required. Contact your Important Cisco account representative for detailed information on specific licensing requirements. -
Page 338: Asr 5000 System Administration Guide, Staros Release 21.1
• Any session needing L2TP LAC support (excluding regenerated PPP on top of an HA or GGSN session) • ASR 5000 only – Closed RP PDSN services supporting simple IP, Mobile IP, and Proxy Mobile IP • ASR 5000 only – eHRPD service (evolved High Rate Packet Data) •... -
Page 339: Asr 5000 System Administration Guide, Staros Release 21.1
• SaMOG (S2a Mobility over GTP) Gateway (CGW and MRME) • ASR 5000 only – SAE-GW (System Architecture Evolution Gateway) • ASR 5000 only – SGSN services (3G and 2.5G services) for IPv4 and PPP PDP contexts Session recovery is not supported for the following functions: •... -
Page 340: Additional Asr 5X00 Hardware Requirements
(able to accept incoming calls) or a system that is out-of-service (not part of your production network and, therefore, not processing any live subscriber/customer data). The session recovery feature, even when the feature use key is present, is disabled by default on the system. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 341: Enabling Session Recovery
If the current status of the Session Recovery feature is Disabled, You cannot enable this feature until a license key is installed in the system. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 342: Disabling The Session Recovery Feature
Overall Status SESSMGR Not Ready For Recovery Last Status Update 1 second ago host_name show session recovery status [local] Session Recovery Status: Overall Status Ready For Recovery Last Status Update 8 seconds ago ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 343: Viewing Recovered Session Information
Failure (no buffers): 0 Failure (other reasons): 0 Redirected Session Entries: Allowed: 2000 Current: Added: Deleted: Revoked for use by different subscriber: 0 Peer callline: Redundancy Status: Recovered Session Checkpoints Attempts Success Last-Attempt Last-Success ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 344: Recovery Control Task Statistics
• Recovery action status – Success or failure reason • If recovery action failed, failure time stamp • If recovery action failed, failure task facility name • If recovery action failed, failure instance number ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 345: Show Rct Stats Command
Instance : N.A Stats 3: Action : Migration From : 11 Start Time : 2013-Aug-30+03:03:40.120 Duration : 003.423 sec Is Card Usable : Yes Failure Reason : N.A. Failure Device : N.A ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 346: Asr 5000 System Administration Guide, Staros Release 21.1
: Yes Failure Reason : N.A. Failure Device : N.A Recovery Status : TASK_MIGRATION_FAIL_RENAME Facility : sessmgr Instance : 63 RCT stats Summary ----------------- Migrations 3, Average time = 4.260 sec Switchovers = ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 347: Chapter 2 2 Interchassis Session Recovery
Administration Guide, before using the procedures described below. ICSR is a licensed Cisco feature that requires a separate license. Contact your Cisco account representative Important for detailed information on specific licensing requirements. For information on installing and verifying licenses, refer to the Managing License Keys section of Software Management Operations. -
Page 348: Asr 5000 System Administration Guide, Staros Release 21.1
ICSR support for LAC requires a separate LAC license, as well as an Inter-Chassis Session Recovery Important license. Contact your Cisco account representative to verify whether a specific service supports ICSR as an option. Important ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 349: Interchassis Communication
Initiates a forced audit between ICSR chassis. This audit ensures that two ICSR peers are synchronized and identifies any discrepancies prior to scheduled or unscheduled switchover events. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 350: Show Commands
Displays Service Redundancy Protocol information (context, chassis state, peer, connection state, etc.). show srp monitor Displays SRP monitor information. show srp statistics Displays SRP statistics (hello messages sent, configuration validation, resource messages, switchovers, etc.). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 351: Aaa Monitor
The route modifier is incremented as switchover events occur. A threshold determines when the route modifier should be reset to its initial value to avoid rollover. Requirements ICSR configurations require the following: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 352: Asr 5000 System Administration Guide, Staros Release 21.1
• AAA RADIUS server • Border Gateway Protocol (BGP) – ICSR uses the route modifier to determine the chassis priority. ICSR is a licensed Cisco feature. Verify that each chassis has the appropriate license before using these Important procedures. To do this, log in to both chassis and execute a show license information command. Look for "Inter-Chassis Session Recovery". -
Page 353: Icsr Operation
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR network. Figure 24: ASR 5000 ICSR Network ICSR Operation This section shows operational flows for ICSR. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 354: Asr 5000 System Administration Guide, Staros Release 21.1
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR process flow due to a primary failure. Figure 25: ICSR Process Flow (Primary Failure) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 355: Asr 5000 System Administration Guide, Staros Release 21.1
Interchassis Session Recovery ICSR Operation The following figure shows an ICSR process flow due to a manual switchover. Figure 26: ICSR Process Flow (Manual Switchover) ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 356: Chassis Initialization
If the active chassis goes out of service, the standby chassis continues to send Hello messages. If the standby chassis does not receive a response to the Hello messages within the dead interval, the standby chassis initiates ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 357: Configuring Interchassis Session Recovery (Icsr)
• AAA server is installed, configured and accessible by both chassis. For more information on configuring the AAA server, refer to the AAA Interface Administration and Reference. • BGP router installed and configured. See Routing for more information on configuring BGP services. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 358: Configuring The Service Redundancy Protocol (Srp) Context
Save your configuration as described in Verifying and Saving Your Configuration. Creating and Binding the SRP Context Use the example below to create the SRP context and bind it to primary chassis IP address: ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 359: Configuring Srp Context Parameters
Checkpoints can be set for IMS (VoLTE) and/or non-IMS sessions. The checkpoint is a snapshot of the current application state that can be used to restart its execution in case of failure. The default setting is 60 seconds. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 360: Srp Redundancy, Aaa And Diameter Guard Timers
◦aaa – local failure followed by AAA monitoring failure ◦bgp – local failure followed by BGP monitoring failure ◦diam – local failure followed by Diameter monitoring failure ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 361: Dscp Marking Of Srp Messages
◦ef – Expedited Forwarding PHB, for low latency traffic Optimizing Switchover Transitions There are several SRP configuration options that reduce transition time from the active to standby gateways (primarily P-GW) in support of VoLTE traffic. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 362: Allow Non-Volte Traffic During Icsr Switchover
Interchassis Session Recovery Configuring the Service Redundancy Protocol (SRP) Context These features require an updated ICSR license to support the enhancements. Contact your Cisco account Important representative for additional information. Allow Non-VoLTE Traffic During ICSR Switchover The ICSR framework reduces switchover disruption for VoLTE traffic by enabling VoLTE traffic on the newly active gateway prior to reconciling the billing information and enabling communication with the newly active gateway when accounting is not deemed critical. -
Page 363: Asr 5000 System Administration Guide, Staros Release 21.1
The switchover allow-all-data-traffic command must be run on both chassis to enable this feature. Important The switchover allow-volte-data-traffic SRP Configuration mode CLI command allows VoLTE data traffic during ICSR switchover transition. configure context context_name ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 364: Allow All Data Traffic
External nodes to the local gateway include S-GW, P-GW, SGSN, MME, AAA, PCRF and IMSA. Audit failure can occur because of missing or incomplete session information. Therefore, only the peers for which the information is available will be notified. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 365: Optimization Of Switchover Control Outage Time
CLI commands must be executed on both chassis. Log onto both chassis before continuing. Always make Important configuration changes on the primary chassis first. configure context vpn_ctxt_name -noconfirm interface srp_if_name ip_address ip_address mask ip-address exit exit port ethernet slot_num port_num description des_string ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 366: Configuring Nack Generation For Srp Checkpoint Messaging Failures
(FCs) between the active and standby chassis. The periodic-interval keyword will only appear if a special ICSR optimization feature license has been Important purchased and installed. Contact your Cisco account representative for assistance. configure context context_name... -
Page 367: Selective Disabling Of Nack Messaging
Save your configuration as described in Verifying and Saving Your Configuration. Configuring BGP Router and Gateway Address Use the following example to create the BGP context and network addresses. configure context source_ctxt_name router bgp AS_num ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 368: Configuring The Srp Context For Bgp
Service Redundancy Protocol Configuration Mode Commands chapter of the Command Line Interface Reference. Verifying BGP Configuration Verify your BGP configuration by entering the show srp monitor bgp command (Exec Mode). ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 369: Modifying The Destination Context For Icsr
Use the following example to configure the BGP context and IP addresses in the SRP context. configure context srp_ctxt_name service-redundancy-protocol monitor bgp context dest_ctxt_name neighbor_ip_address Setting Subscriber to Default Mode Use the following example to set the subscriber mode to default. configure context dest_ctxt_name subscriber default ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 370: Verifying Bgp Configuration In Destination Context
192.168.82.0/24 spi-number 256 encrypted secret 1088bdd6817f64df bind address 172.17.1.1 #exit #exit context destination ip pool dynamic 172.18.0.0 255.255.0.0 public 0 srp-activate ip pool static 172.19.0.0 255.255.240.0 static srp-activate #exit context srp service-redundancy-protocol #end ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 371: Configuring Subscriber State Management Audit Process
• show srp checkpoint statistics debug-info • show srp checkpoint statistics sessmgr all • show srp checkpoint statistics sessmgr all debug-info • show srp checkpoint statistics ipsecmgr all • show srp checkpoint statistics sessmgr all write-list-stats ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 372: Updating The Operating System
• Initiate an SRP switchover from the active primary chassis to make the standby backup chassis active. • Update the standby primary chassis. • Initiate an SRP switchover from the active backup chassis to make the standby primary chassis active. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 373: Asr 5000 System Administration Guide, Staros Release 21.1
Updating the Operating System The four-part flowchart below shows a more complete view of all the procedures required to complete the StarOS upgrade process. Figure 28: ICSR Software Upgrade – Part 1 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 374: Asr 5000 System Administration Guide, Staros Release 21.1
Interchassis Session Recovery Updating the Operating System Figure 29: ICSR Software Upgrade – Part 2 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 375: Asr 5000 System Administration Guide, Staros Release 21.1
Interchassis Session Recovery Updating the Operating System Figure 30: ICSR Software Upgrade – Part 3 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 376: Asr 5000 System Administration Guide, Staros Release 21.1
Interchassis Session Recovery Updating the Operating System Figure 31: ICSR Software Upgrade – Part 4 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 377: Both Icsr Chassis
[local] Step 2 Access to the Cisco support site and download facility is username and password controlled. Download the software image to a network location or physical device (PCMCIA card) from which it can be uploaded to the /flash device. -
Page 378: Standby Backup Chassis
Service Redundancy Protocol (SRP) checks verify that the mechanism for monitoring ICSR system status is operational. Step 1 Run show srp monitor all. Step 2 Review the output for any issues that may preclude performing the software update. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 379: Performing Bgp Checks
For information on using the boot system priority command, refer to the Adding a New Boot Stack Entry section in this guide Synchronizing File Systems Synchronize the local file systems by entering the following Exec mode command: host_name filesystem synchronize all [local] ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 380: Reloading The Chassis
Features in the new operating system may require changes tot he configuration file. These changes can be done manually or facilitated by custom scripts prepared by Cisco TAC. Make whatever changes are necessary prior to saving the updated configuration file. -
Page 381: Waiting For Session Synchronization
There should be no output for this command, or no very recent SNMP trap notifications (based on the event timestamp). Step 3 If the active chassis cannot communicate with one or more AAA servers, refer to AAA Monitor for additional information. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 382: Completing The Software Update
On the primary chassis, confirm the switchover is complete by running the show srp info command. Chassis State should indicate Active when switchover is complete. Making Test Calls Once the chassis state is verified and subscribers are migrated, perform new call testing to make sure calls are successful. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 383: Fallback Procedure
[local] Step 3 Reboot the system to load its previous configuration. host_name reload [local] Step 4 Perform health checks as described in Performing Health Checks, on page 350. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 384 Interchassis Session Recovery Fallback Procedure ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 385: Overview
Technical Assistance Center (TAC) personnel and local administrators can review the SDRs on-line or by transferring them off the system. They may also wish to investigate the collector state information. The figure ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 386: Chapter 2 3 Support Data Collector
If the user has configured support record sections, then the show configuration command displays user-configured support record sections. The support collection schedule configuration also appears in the show configuration output under the Global Configuration section. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 387: Collecting And Storing The Sdr Information
The SDRs are stored together in a self-relative set. This self-relative set is called a Support Record Collection. Each individual SDR is identified with a record-id. The record-id of the most recent SDR is always 0 (zero). ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 388 This is because the interval specifies the idle time between scheduled collection runs. Since the actual overhead of the collecting process is not included in the scheduled intervals, the time differences between collections includes this non-deterministic amount of time. ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 389: Using Sdrs To Diagnose Problems
The administrator may decide to transfer the SDRs off the system to be analyzed remotely, for example, by Cisco TAC. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 390: Configuration Commands (Global Configuration Mode)
The max-records keyword specifies the number of SDRs to store as an integer from 1 to 65535. When this value is exceeded, the new SDR overwrites the oldest SDR. The default value is 168. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 391: Exec Mode Commands
Last Collection Start Time : Monday October 21 06:29:05 PDT 2013 Last Collection End Time : Monday October 21 06:29:09 PDT 2013 Est. Collection Next Start : Monday October 21 07:29:13 PDT 2013 (40 minutes) Support Data Records at /var/tmp/support-records/ ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 392 The output of this command reflects the sequence in which record sections will be output, regardless of the sequence in which they may have been entered by the user. Refer to the SDR CLI Command Strings appendix for additional information. ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 393: Appendix A Engineering Rules
This appendix provides engineering guidelines for configuring the system to meet network deployment requirements. • CLI Session Rules, page 365 • ASR 5000 Interface and Port Rules, page 365 • ASR 5000 Packet Processing Card Rules, page 367 • Context Rules, page 367 •... -
Page 394: Line Card Rules
(including the IP address) is transferred to the standby line card. • Half-height line cards must installed in the upper and lower chassis slots behind a sa packet processor card must be of the same type: FELC/FLC2,GELC/GLC2, or QGLC line cards. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 395: Packet Data Network (Pdn) Interface Rules
• A line card will not handle subscriber traffic unless the packet processing card directly in front of it is made active. Context Rules • A maximum of 63 contexts may be configured per chassis. • Interfaces per Context ◦ 512 Ethernet+PPP+tunnel interfaces ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 396 ◦ Releases prior to 18.5: 5,000 pool explicit host routes per context (6,000 per chassis) ◦ Release 18.5 and higher: 24,000 pool explicit host routes per context (24,000 per chassis) ◦ 64 route maps per context • BGP ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 397 ◦ 1,600 servers per context in AAA Server group mode (accounting, authentication, charging server, or any combination thereof) ◦ 800 NAS-IP address/NAS identifier (one primary and one secondary per server group) per context ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 398: Subscriber Rules
• If the first two cases fail, the default subscriber template in the AAA context is used. Service Rules The following engineering rules apply to services configured within the system: • Configure a maximum of 256 services (regardless of type) per system. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 399: Access Control List (Acl) Engineering Rules
Caution affect overall system performance. Therefore, you should not configure a large number of services unless your application absolutely requires it. Please contact your Cisco service representative for more information. • The total number of entries per table and per chassis is limited to 256. - Page 400 Engineering Rules ECMP Groups ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 401: Appendix B Staros Tasks
Command Line Interface Reference and Statistics and Counters Reference. The following sections describe the primary tasks that are implemented by StarOS: • Primary Task Subsystems, on page 374 • Controllers and Managers, on page 375 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 402: Primary Task Subsystems
All IP operations within StarOS are done within specific VPN contexts. In general, packets are not forwarded across different VPN contexts. The only exception currently is the Session subsystem. • Network Processing Unit (npuctrl/npumgr on ASR 5000; npusim on ASR 5500, and knpusim on VPC-DI and VPC-SI): This subsystem is responsible for the following: •... -
Page 403: Controllers And Managers
Managers manage resources and mappings between resources. In addition, some managers are directly responsible for call processing. For information about the primary subsystems that are composed of critical, controller, and /or manager tasks, Subsystem Tasks, on page 376. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 404: Subsystem Tasks
Starts management cards in either active or standby mode. Registers tasks with HAT task. Notifies CSP task of CPU startup completion. Brings up packet processing cards in standby mode. SITREAP SIT Reap Sub-function Shuts down tasks as required. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 405: High Availability Subsystem
Monitors system components such as fans for state changes. Triggers actions for redundancy in the event of fault detection. The HAT subsystem on the redundant management card mirrors the HAT subsystem on the active management card. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 406: Resource Manager Subsystem
Only one Session Controller operates at any time. Routes context specific operation information to the appropriate VPN Manager. Performs VPN Manager recovery and saves all VPN-related configuration information in SCT. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 407 Configuration mode CLI command) Responsible for learning and redistributing routing information via the OSPFv3 protocol. Maintains the OSPFv3 neighboring relationship. Maintains the LSA database. Performs OSPFv3 SPF calculations. Applies any defined OSPFv3 routing policy. ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 408: Network Processing Unit Subsystem
[VPC-DI, VPC-SI] Provides interface binding and forwarding services to the VPN Manager. Provides flow insertion and removal services to Session Manager and AAA Manager tasks. Provides recovery services to the NPU Controller. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 409 Provides port configuration services to the CSP task Provides interface binding and forwarding services to the VPN Manager. Provides flow insertion and removal services to Session Manager and AAA Manager tasks. Provides recovery services to the NPU Controller. ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 410: Session Subsystem
A11 Managers, and from multiple contexts. Processes protocols for A10/A11, GRE, R3, R4, R6, GTPU/GTPC, PPP, and Mobile IP. Manages Enhanced Charging Service, Content Filtering and URL Blacklisting services. Session Managers are paired with AAA Managers. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 411 Writes CDRs to a file in its VRAM-disk. The enqueued CDRs are then periodically synchronized with a HDD for transfer. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 412 Handles the Gmb interface over a Diameter connection to a BMSC Server for MBMS bearer sessions. dgmbmgr recovers by polling all sessmgrs for MBMS session states and recreating the MBMS UE and MBMS bearer context information. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 413 Maintains list of current Session Manager tasks which aids in session recovery. Handles GTP Echo messaging. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 414 Serves as the Default GTPU listener. GTPUMGR will process GTPU packets with invalid TEID. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 415 Maintains Home-NodeB databases. Provides nodal functions for Iuh interface on SCTP protocol. With session recovery (SR) enabled, this manager is usually established on one of the CPUs on the first active packet processing card. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 416 Created by the Session Controller. Manager In Server mode, acts as a RADIUS server, and supports Proxy functionality. In Snoop mode supports snooping RADIUS Accounting messages. Load balances requests among different SessMgrs. Activates and deactivates sessions. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 417 (routing domain) is activated. Multi-instanced for redundancy and scaling purposes. Provides SS7 and Gb connectivity to the platform. Routes per subscriber signalling across the SS7 (including Iu) and Gb interfaces to the SessMgr. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 418 Remains aware of all the active MME services in the system. With session recovery (SR) enabled, this demux manager is usually established on one of the CPUs on the first active packet processing card. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 419 Handles all PCRF service sessions. Manager Interfaces with PCC-Core while processing different events associated with individual subscriber sessions. Maintains subscriber information while applying business logic. Creates calline and corresponding APN session for each subscriber. ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 420: Platform Processes
Responsible for the overall management of the system fabric. Controller Manages the pool of Rendezvous Destinations and coordinates fabric recovery by the afmgr proclets after a fault. A single afctrl instance runs on the active MIO/UMIO only. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 421 Spawns daughter card managers during system initialization Controller and monitors daughter card managers during system steady state execution. It also spawns daughter card managers [ASR 5x00 only] whenever a daughter card manager task fails. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 422 IP Access Lists, IP pools, interface addresses, and interface state notifications. ipsecmgr IPSec Manager Created by the Session Controller, establishes and manages secure IKEv1, IKEv2 and IPSec data tunnels. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 423 (referred to as the Target Facility). One msgproxy task runs on each CPU complex on the SMC (ASR 5000), DPCs (ASR 5500) and SF Virtual Machine (VPC-DI). Processes incoming broadcast messages from the Client...
-
Page 424: Management Processes
It uploads trace files to the Trace Collection Entity as needed. snmp Simple Network Handles inboard SNMP operations if configured, and sends Management Protocol SNMP notifications (traps) if enabled. ASR 5000 System Administration Guide, StarOS Release 21.1... - Page 425 StarOS Tasks Management Processes Task Description Function threshold Threshold Server Handles monitoring of threshold crossing alerts, if configured. Polls the needed statistics/variables, maintains state, and generates log messages/SNMP notification of threshold crossings. ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 426 StarOS Tasks Management Processes ASR 5000 System Administration Guide, StarOS Release 21.1...
-
Page 427: Icsr Checkpointing
To conserve processing cycles and memory, dynamic and periodic updates from an active chassis to a standby chassis are done using micro-checkpoints. The output of the Exec mode show srp info command displays a complete list of SRP checkpoints. Macro-checkpoints This section lists and briefly describes ICSR macro-checkpoints. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 428: Ggsn_Apn Id Mapping
This macro-checkpoint is sent from the active to the standby chassis to map Service IDs on the standby chassis. • Time based: No • Frequency: N/A • Event based: Yes • Events: Occurs whenever a TCP connection is established between the sessmgrs and they move to READY_STATE. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 429: Vpnmgr_Id Mapping
• NAT Category, on page 412 • P-GW Category, on page 415 • Rf Interface Category, on page 417 • S6b Interface Category, on page 419 • SaMOG Category, on page 419 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 430: Uncategorized
• Related CLI command: None SESS_UCHKPT_CMD_UPDATE_IDLESECS This micro-checkpoint sends remaining number of seconds before idle timeout. • Time based: Yes • Frequency: — • Event based: No • Events: Occurs during ICSR background checkpointing. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 431: Dcca Category
• Frequency: — • Event based: Yes • Events: Occurs whenever ECS call level information is created or modified. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 179 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 432: Sess_Uchkpt_Cmd_Acs_Gx_Li_Info
• Frequency: N/A • Event based: Yes • Events: Occurs whenever an ECS Release Call message is processed. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 188 • Related CLI command: — ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 433: Sess_Uchkpt_Cmd_Del_Acs_Sess_Info
• Frequency: N/A • Event based: Yes • Events: Occurs whenever a dynamic charging action has been deleted. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 183 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 434: Sess_Uchkpt_Cmd_Dynamic_Chrg_Del_Qg_Info
• Time based: No • Frequency: — • Event based: Yes • Events: Occurs whenever a dynamic rule has been deleted. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 178 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 435: Sess_Uchkpt_Cmd_Dynamic_Rule_Info
SESS_UCHKPT_CMD_UPDATE_EPDG_BEARER This micro-checkpoint synchronizes ePDG bearers between the active and standby chassis. • Time based: No • Frequency: N/A • Event based: No • Events: N/A • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 436: Sess_Uchkpt_Cmd_Update_Epdg_Peer_Addr
• Related CLI command: show srp micro-checkpoint statistics debug-info SESS_UCHKPT_CMD_UPDATE_EPDG_STATS This micro-checkpoint synchronizes session statistics between the active and standby chassis. • Time based: Yes • Frequency: 30 seconds • Event based: No • Events: N/A • Accounting: Yes ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 437: Firewall/Ecs Category
• Event based: Yes • Events: Occurs whenever PCRF sends a command to enable the predefined SFW access rules. • Accounting: Yes • Delta/Cumulative: Cumulative • CMD-ID: 185 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 438: Ggsn Category
This micro-checkpoint is sent in a Network or UE initiated update procedure except for updates that result in the following scenarios: • Creation or deletion of the beare • TFT change or inter-RAT handovers • Gn-Gp handoff Parameters associated with this micro-checkpoint are shown below. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 439: Sess_Uchkpt_Cmd_Ggsn_Update_Stats
• Time based: — • Frequency: — • Event based: Yes • Events: COA (Change of Authorization) response • Accounting: — • Delta/Cumulative: — • CMD-ID: 83 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 440: Gx Interface Category
This micro-checkpoint is sent when a port chunk is allocated or deallocated for a subscriber sharing a NAT IP address with other subscribers. The port chunk is allocated or deallocated while data is being received for that subscriber. • Time based: No • Frequency: N/A ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 441: Sess_Uchkpt_Cmd_Gr_Update_Nat_Realms
• Frequency: N/A • Event based: Yes • Events: Triggered when a new SIP flow is created or deleted. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 98 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 442: Sess_Uchkpt_Cmd_Nat_Sip_Alg_Contact_Ph_Info
(based on a rule-match), and a new bypass flow is created. This checkpoint is sent when the flow is both added and deleted. • Time based: No • Frequency: N/A • Event based: Yes ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 443: P-Gw Category
• Time based: No • Frequency: N/A • Event based: Yes • Events: Triggered when the S-GW goes into Restoration mode. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 158 • Related CLI command: None ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 444: Sess_Uchkpt_Cmd_Pgw_Ubr_Mbr_Info
• Time based: No • Frequency: N/A • Event based: Yes • Events: Triggered when there is a change in the LI state for this call. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 151 ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 445: Sess_Uchkpt_Cmd_Pgw_Update_Pdn_Common_Param
This micro-checkpoint indicates a change in the SDF+QCI-based Rf accounting buckets. • Time based: Yes • Frequency: 4 seconds for aamgr checkpoint and 18 seconds for GR checkpoint • Event based: No • Events: N/A • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 446: Sess_Uchkpt_Cmd_Acs_Accounting_Type_Qci_Rf_With_Fc
• Time based: Yes • Frequency: 4 seconds for aamgr checkpoint and 18 seconds for GR checkpoint; • Event based: No • Events: Sent along with macro-checkpoint. • Accounting: Yes • Delta/Cumulative: Cumulative ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 447: S6B Interface Category
• Event based: Yes • Events: Occurs whenever SaMOG sends a Delete-Session-Req or upon receiving a Delete-Bearer-Request. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 169 • Related CLI command: show subscriber samog-only full ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 448: Sess_Uchkpt_Cmd_Cgw_Update_Bearer_Qos
• Related CLI command: show subscriber samog-only full SESS_UCHKPT_CMD_CGW_UPDATE_STATS Reserved for future use. SESS_UCHKPT_CMD_CGW_UPDATE_UE_PARAM Reserved for future use. SESS_UCHKPT_CMD_SAMOG_ACCT_INTERIM_INFO This micro-checkpoint is sent for a SaMOG session on receipt of an Accounting Req (INTERIM-UPDATE) from the WLC ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 449: Sess_Uchkpt_Cmd_Samog_Acct_Start_Info
• Event based: Yes • Events: Occurs whenever a DHCP-Discover message is received over a different EoGRE tunnel. • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 201 • Related CLI command: show subscriber samog-only full ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 450: Sess_Uchkpt_Cmd_Samog_Gtpv1_Update_Pdn_Info
SaMOG will delay handoff as it expects an Accounting Req (START) from the subscriber. • Time based: No • Frequency: N/A • Event based: Yes • Events: Occurs when a Account Req (STOP) request is received from the WLC. ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 451: Sess_Uchkpt_Cmd_Samog_Li_Prov_Info
This micro-checkpoint is sent for a SaMOG session when SaMOG is waiting on the UE after sending an Access-Challenge while Re-authenticating the subscriber session. • Time based: No • Frequency: N/A • Event based: Yes ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 452: Sess_Uchkpt_Cmd_Samog_Reauthen_Info
• Events: Occurs on receiving and successfully processing AAR from the AAA Server to re-authorize the subscriber • Accounting: No • Delta/Cumulative: N/A • CMD-ID: 173 • Related CLI command: show subscriber samog-only full ASR 5000 System Administration Guide, StarOS Release 21.1... -
Page 453: Asr 5000 Sdr Cli Strings
A P P E N D I X ASR 5000 SDR CLI Strings • ASR 5000 SDR CLI Command Strings, page 425 ASR 5000 SDR CLI Command Strings This appendix identifies the CLI command strings that can be entered for a record section via the support record section command in the Global Configuration Mode. - Page 454 "show npu details" Disabled "show lagmgr details" Enabled "show fans" Disabled "show hardware version fans" Enabled "show power chassis" Enabled "show temperature" Disabled "show timing" Disabled "show alarm audible" Disabled "show alarm central-office" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 455 "Standby SMC Ophir Mac counters" Disabled "show messenger settings" Enabled "show messenger nameservice" Enabled "show messenger statistics" Enabled "show messenger bounces" Disabled "debug limits checkup detailed" Disabled "show plugin" Disabled "show module" Disabled "show ppp statistics" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 456 Disabled "show iups-service all" Disabled "show sgtp-service all" Disabled "show map-service all" Disabled "show gs-service all" Disabled "show ggsn-service all" Disabled "show ggsn-service sgsn-table" Disabled "show lac-service all" Disabled "show lns-service all" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 457 "show srp monitor diameter debug" Enabled "show srp statistics" Disabled "show srp call-loss statistics" Disabled "show srp audit-statistics" Disabled "show gtpc statistics verbose" Enabled "show gtpu statistics verbose" Enabled "show gtpu debug-info" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 458 "show egtpc statistics interface cgw-egress" Enabled "show egtpc statistics interface epdg-egress" Disabled "show egtp-service all" Disabled "show gtpu-service all" Disabled "show pgw-service all" Disabled "show sgw-service all" Disabled "show saegw-service all" Disabled "show henbgw-access-service statistics" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 459 "show hnbgw statistics" Disabled "show hnbgw counters" Disabled "show demux-mgr statistics hnbmgr full" Disabled "show demuxmgr statistics bngmgr all" Disabled "show alcap statistics" Disabled "show pdg-service statistics micro-tunnel" Disabled "show pdg-service statistics transport" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 460 "show gtpp group all" Enabled "show hd-storage-policy statistics all verbose" Enabled "show hd-storage-policy counters all verbose" Disabled "show dhcp statistics verbose" Disabled "show npu table" Disabled "show npu sf hw-info" Disabled "show l2tp statistics" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 461 "show active-charging analyzer statistics name ipv6 verbose" Disabled "show active-charging analyzer statistics name tcp verbose" Disabled "show active-charging analyzer statistics name http verbose" Disabled "show active-charging charging-action statistics" Disabled "show active-charging rulebase statistics" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 462 "debug acsmgr show memory usage" Disabled "debug aaamgr show memory usage" Disabled "show active-charging credit-control statistics debug-info" Disabled "show active-charging credit-control session-states" Disabled "show active-charging credit-control statistics" Disabled "show diameter endpoints all" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 463 "show phsgw-service statistics verbose" Disabled "show demuxmgr statistics phspcmgr all" Disabled "show phspc-service all" Disabled "show phspc-service statistics verbose" Disabled "show demuxmgr statistics magmgr all" Disabled "show active-charging content-filtering category policy-id all" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 464 "show kvstore kvclient" Disabled "show kvstore kvmgr" Disabled "show pcc-service all" Disabled "show pcc-service statistics all" Disabled "show pcc-policy service all" Disabled "show pcc-policy service statistics all" Disabled "show pcc-quota service all" ASR 5000 System Administration Guide, StarOS Release 21.1...
- Page 465 Disabled "show congestion-control statistics imsimgr all full" Enabled "show ge-switch counters (second sample)" Enabled "ethtool -S cpeth" Enabled "Standby SMC Ophir Mac counters (second sample)" [ASR 5000 only] Disabled "show cli history" Disabled "card-cpu boxer summary" Disabled "show sls-service all"...
- Page 466 ASR 5000 SDR CLI Strings ASR 5000 SDR CLI Command Strings ASR 5000 System Administration Guide, StarOS Release 21.1...