Cisco Cisco Packet Data Gateway (PDG) Documentation Roadmaps
Peer-to-Peer Overview
How P2P Works ▀
Cisco ASR 5000 Series Product Overview ▄
OL-22937-01
Some protocols like BitTorrent and Orb use HTTP traffic for initial setup. If P2P analysis is done after HTTP, it
is possible that these protocols may go undetected.
Protocols like Skype use well known ports (like 80 & 443). In these scenarios, the HTTP engine reports these as
invalid packets. For protocol detection, it is desirable to have P2P detection before Deep Packet Inspection
(DPI).
(DPI).
Stateless detection of protocols based on signature will be easier when the P2P analysis is done before DPI.
P2P Session Recovery
Intra-chassis session recovery is coupled with SessMgr recovery procedures.
Intra-chassis session recovery support is achieved by mirroring the SessMgr and AAAMgr processes. The SessMgrs are
paired one-to-one with the AAAMgrs. The SessMgr sends checkpointed session information to the AAAMgr. ACS
recovery is accomplished using this checkpointed information.
paired one-to-one with the AAAMgrs. The SessMgr sends checkpointed session information to the AAAMgr. ACS
recovery is accomplished using this checkpointed information.
Important:
In order for session recovery to work there should be at least four packet processing cards
(PSCs/PSC2s), one standby and three active. Per active CPU with active SessMgrs, there is one standby SessMgr, and
on the standby CPU, the same number of standby SessMgrs as the active SessMgrs in the active CPU.
on the standby CPU, the same number of standby SessMgrs as the active SessMgrs in the active CPU.
There are two modes of session recovery, one from task failure and another on failure of CPU or PSC/PSC2.
Recovery from Task Failure
When a SessMgr failure occurs, recovery is performed using the mirrored ―standby-mode‖ SessMgr task running on the
active packet processing card. The ―standby-mode‖ task is renamed, made active, and is then populated using
checkpointed session information from the AAAMgr task. A new ―standby-mode‖ SessMgr is created.
active packet processing card. The ―standby-mode‖ task is renamed, made active, and is then populated using
checkpointed session information from the AAAMgr task. A new ―standby-mode‖ SessMgr is created.
Recovery from CPU or PSC/PSC2 Failure
When a packet processing card hardware failure occurs, or when a planned packet processing card migration fails, the
standby packet processing card is made active and the ―standby-mode‖ SessMgr and AAAMgr tasks on the newly
activated packet processing card perform session recovery.
standby packet processing card is made active and the ―standby-mode‖ SessMgr and AAAMgr tasks on the newly
activated packet processing card perform session recovery.
Limitations
This section lists the limitations of P2P detection in this release.